- tbb-commits - lists.torproject.org

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.11.0esr-13.0-1] 5 commits: Bug 1870579 - Use PK11_GenerateRandom to generate random number, r=necko-reviewers, valentin
by richard (＠richard) 10 May '24

10 May '24

richard pushed to branch mullvad-browser-115.11.0esr-13.0-1 at The Tor Project / Applications / Mullvad Browser Commits: a87825b0 by Kershaw Chang at 2024-05-10T22:07:35+00:00 Bug 1870579 - Use PK11_GenerateRandom to generate random number, r=necko-reviewers,valentin Differential Revision: https://phabricator.services.mozilla.com/D204755 - - - - - f98bc25e by Kershaw Chang at 2024-05-10T22:07:35+00:00 Bug 1892449 - Set network.http.digest_auth_cnonce_length to 16, a=dmeehan Apparently, setting this value to 64 breaks some sites. We should use the same length as Chrome. Original Revision: https://phabricator.services.mozilla.com/D208103 Differential Revision: https://phabricator.services.mozilla.com/D208119 - - - - - e1f9025e by Nika Layzell at 2024-05-10T22:07:35+00:00 Bug 1875248 - Check for network error preventing ExternalHelperAppService before DONT_RETARGET, r=smaug This reverts the change from 30cde47f9364e5c7da78fd08fa8ab21737d22399, and instead re-orders the NS_ERROR_FILE_NOT_FOUND check before DONT_RETARGET. Testing suggests that a-download-click-404.html behaviour isn't impacted, and this improves the handling of this edge-case when doing process switching. Differential Revision: https://phabricator.services.mozilla.com/D202007 - - - - - a04f2066 by Jonathan Kew at 2024-05-10T22:07:35+00:00 Bug 1886598 - Struct with Pointer member may not be memmove-able. r=gfx-reviewers,lsalzman Differential Revision: https://phabricator.services.mozilla.com/D206633 - - - - - 0d13381c by alwu at 2024-05-10T22:07:36+00:00 Bug 1644383 - add mutexs to avoid data race. r=media-playback-reviewers,padenot Differential Revision: https://phabricator.services.mozilla.com/D206943 - - - - - 8 changed files: - dom/media/ipc/RemoteMediaDataDecoder.cpp - dom/media/ipc/RemoteMediaDataDecoder.h - dom/media/platforms/wrappers/MediaChangeMonitor.cpp - dom/media/platforms/wrappers/MediaChangeMonitor.h - gfx/thebes/gfxPlatformFontList.h - modules/libpref/init/StaticPrefList.yaml - netwerk/protocol/http/nsHttpDigestAuth.cpp - uriloader/base/nsURILoader.cpp Changes: ===================================== dom/media/ipc/RemoteMediaDataDecoder.cpp ===================================== @@ -18,7 +18,12 @@ namespace mozilla { ##__VA_ARGS__) RemoteMediaDataDecoder::RemoteMediaDataDecoder(RemoteDecoderChild* aChild) - : mChild(aChild) { + : mChild(aChild), + mDescription("RemoteMediaDataDecoder"_ns), + mProcessName("unknown"_ns), + mCodecName("unknown"_ns), + mIsHardwareAccelerated(false), + mConversion(ConversionRequired::kNeedNone) { LOG("%p is created", this); } @@ -48,6 +53,7 @@ RefPtr<MediaDataDecoder::InitPromise> RemoteMediaDataDecoder::Init() { ->Then( RemoteDecoderManagerChild::GetManagerThread(), __func__, [self, this](TrackType aTrack) { + MutexAutoLock lock(mMutex); // If shutdown has started in the meantime shutdown promise may // be resloved before this task. In this case mChild will be null // and the init promise has to be canceled. @@ -127,6 +133,7 @@ RefPtr<ShutdownPromise> RemoteMediaDataDecoder::Shutdown() { bool RemoteMediaDataDecoder::IsHardwareAccelerated( nsACString& aFailureReason) const { + MutexAutoLock lock(mMutex); aFailureReason = mHardwareAcceleratedReason; return mIsHardwareAccelerated; } @@ -145,18 +152,24 @@ void RemoteMediaDataDecoder::SetSeekThreshold(const media::TimeUnit& aTime) { MediaDataDecoder::ConversionRequired RemoteMediaDataDecoder::NeedsConversion() const { + MutexAutoLock lock(mMutex); return mConversion; } nsCString RemoteMediaDataDecoder::GetDescriptionName() const { + MutexAutoLock lock(mMutex); return mDescription; } nsCString RemoteMediaDataDecoder::GetProcessName() const { + MutexAutoLock lock(mMutex); return mProcessName; } -nsCString RemoteMediaDataDecoder::GetCodecName() const { return mCodecName; } +nsCString RemoteMediaDataDecoder::GetCodecName() const { + MutexAutoLock lock(mMutex); + return mCodecName; +} #undef LOG ===================================== dom/media/ipc/RemoteMediaDataDecoder.h ===================================== @@ -53,14 +53,16 @@ class RemoteMediaDataDecoder final // destructor when we can guarantee no other threads are accessing it). Only // read from the manager thread. RefPtr<RemoteDecoderChild> mChild; + + mutable Mutex mMutex{"RemoteMediaDataDecoder"}; + // Only ever written/modified during decoder initialisation. - // As such can be accessed from any threads after that. - nsCString mDescription = "RemoteMediaDataDecoder"_ns; - nsCString mProcessName = "unknown"_ns; - nsCString mCodecName = "unknown"_ns; - bool mIsHardwareAccelerated = false; - nsCString mHardwareAcceleratedReason; - ConversionRequired mConversion = ConversionRequired::kNeedNone; + nsCString mDescription MOZ_GUARDED_BY(mMutex); + nsCString mProcessName MOZ_GUARDED_BY(mMutex); + nsCString mCodecName MOZ_GUARDED_BY(mMutex); + bool mIsHardwareAccelerated MOZ_GUARDED_BY(mMutex); + nsCString mHardwareAcceleratedReason MOZ_GUARDED_BY(mMutex); + ConversionRequired mConversion MOZ_GUARDED_BY(mMutex); }; } // namespace mozilla ===================================== dom/media/platforms/wrappers/MediaChangeMonitor.cpp ===================================== @@ -668,6 +668,7 @@ RefPtr<ShutdownPromise> MediaChangeMonitor::ShutdownDecoder() { AssertOnThread(); mConversionRequired.reset(); if (mDecoder) { + MutexAutoLock lock(mMutex); RefPtr<MediaDataDecoder> decoder = std::move(mDecoder); return decoder->Shutdown(); } @@ -715,6 +716,7 @@ MediaChangeMonitor::CreateDecoder() { ->Then( GetCurrentSerialEventTarget(), __func__, [self = RefPtr{this}, this](RefPtr<MediaDataDecoder>&& aDecoder) { + MutexAutoLock lock(mMutex); mDecoder = std::move(aDecoder); DDLINKCHILD("decoder", mDecoder.get()); return CreateDecoderPromise::CreateAndResolve(true, __func__); @@ -963,6 +965,11 @@ void MediaChangeMonitor::FlushThenShutdownDecoder( ->Track(mFlushRequest); } +MediaDataDecoder* MediaChangeMonitor::GetDecoderOnNonOwnerThread() const { + MutexAutoLock lock(mMutex); + return mDecoder; +} + #undef LOG } // namespace mozilla ===================================== dom/media/platforms/wrappers/MediaChangeMonitor.h ===================================== @@ -41,34 +41,34 @@ class MediaChangeMonitor final RefPtr<ShutdownPromise> Shutdown() override; bool IsHardwareAccelerated(nsACString& aFailureReason) const override; nsCString GetDescriptionName() const override { - if (mDecoder) { - return mDecoder->GetDescriptionName(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->GetDescriptionName(); } return "MediaChangeMonitor decoder (pending)"_ns; } nsCString GetProcessName() const override { - if (mDecoder) { - return mDecoder->GetProcessName(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->GetProcessName(); } return "MediaChangeMonitor"_ns; } nsCString GetCodecName() const override { - if (mDecoder) { - return mDecoder->GetCodecName(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->GetCodecName(); } return "MediaChangeMonitor"_ns; } void SetSeekThreshold(const media::TimeUnit& aTime) override; bool SupportDecoderRecycling() const override { - if (mDecoder) { - return mDecoder->SupportDecoderRecycling(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->SupportDecoderRecycling(); } return false; } ConversionRequired NeedsConversion() const override { - if (mDecoder) { - return mDecoder->NeedsConversion(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->NeedsConversion(); } // Default so no conversion is performed. return ConversionRequired::kNeedNone; @@ -97,6 +97,9 @@ class MediaChangeMonitor final MOZ_ASSERT(!mThread || mThread->IsOnCurrentThread()); } + // This is used for getting decoder debug info on other threads. Thread-safe. + MediaDataDecoder* GetDecoderOnNonOwnerThread() const; + bool CanRecycleDecoder() const; typedef MozPromise<bool, MediaResult, true /* exclusive */> @@ -137,6 +140,13 @@ class MediaChangeMonitor final const CreateDecoderParamsForAsync mParams; // Keep any seek threshold set for after decoder creation and initialization. Maybe<media::TimeUnit> mPendingSeekThreshold; + + // This lock is used for mDecoder specifically, but it doens't need to be used + // for every places accessing mDecoder which is mostly on the owner thread. + // However, when requesting decoder debug info, it can happen on other + // threads, so we need this mutex to avoid the data race of + // creating/destroying decoder and accessing decoder's debug info. + mutable Mutex MOZ_ANNOTATED mMutex{"MediaChangeMonitor"}; }; } // namespace mozilla ===================================== gfx/thebes/gfxPlatformFontList.h ===================================== @@ -124,7 +124,7 @@ class ShmemCharMapHashEntry final : public PLDHashEntryHdr { return aCharMap->GetChecksum(); } - enum { ALLOW_MEMMOVE = true }; + enum { ALLOW_MEMMOVE = false }; // because of the Pointer member private: // charMaps are stored in the shared memory that FontList objects point to, ===================================== modules/libpref/init/StaticPrefList.yaml ===================================== @@ -12779,6 +12779,18 @@ value: true mirror: always + # The length of cnonce string used in HTTP digest auth. +- name: network.http.digest_auth_cnonce_length + type: uint32_t + value: 16 + mirror: always + + # If true, HTTP response content-type headers will be parsed using the standards-compliant MimeType parser +- name: network.standard_content_type_parsing.response_headers + type: RelaxedAtomicBool + value: true + mirror: always + # The maximum count that we allow socket prrocess to crash. If this count is # reached, we won't use networking over socket process. - name: network.max_socket_process_failed_count ===================================== netwerk/protocol/http/nsHttpDigestAuth.cpp ===================================== @@ -9,6 +9,7 @@ #include "mozilla/ClearOnShutdown.h" #include "mozilla/Sprintf.h" +#include "mozilla/StaticPrefs_network.h" #include "mozilla/Unused.h" #include "nsHttp.h" @@ -22,6 +23,7 @@ #include "nsCRT.h" #include "nsICryptoHash.h" #include "nsComponentManagerUtils.h" +#include "pk11pub.h" constexpr uint16_t DigestLength(uint16_t aAlgorithm) { if (aAlgorithm & (ALGO_SHA256 | ALGO_SHA256_SESS)) { @@ -321,9 +323,13 @@ nsHttpDigestAuth::GenerateCredentials( // returned Authentication-Info header). also used for session info. // nsAutoCString cnonce; - static const char hexChar[] = "0123456789abcdef"; - for (int i = 0; i < 16; ++i) { - cnonce.Append(hexChar[(int)(15.0 * rand() / (RAND_MAX + 1.0))]); + nsTArray<uint8_t> cnonceBuf; + cnonceBuf.SetLength(StaticPrefs::network_http_digest_auth_cnonce_length() / + 2); + PK11_GenerateRandom(reinterpret_cast<unsigned char*>(cnonceBuf.Elements()), + cnonceBuf.Length()); + for (auto byte : cnonceBuf) { + cnonce.AppendPrintf("%02x", byte); } LOG((" cnonce=%s\n", cnonce.get())); ===================================== uriloader/base/nsURILoader.cpp ===================================== @@ -414,28 +414,28 @@ nsresult nsDocumentOpenInfo::DispatchContent(nsIRequest* request) { NS_ASSERTION(!m_targetStreamListener, "If we found a listener, why are we not using it?"); - if (mFlags & nsIURILoader::DONT_RETARGET) { - LOG( - (" External handling forced or (listener not interested and no " - "stream converter exists), and retargeting disallowed -> aborting")); - return NS_ERROR_WONT_HANDLE_CONTENT; - } - // Before dispatching to the external helper app service, check for an HTTP // error page. If we got one, we don't want to handle it with a helper app, // really. - // The WPT a-download-click-404.html requires us to silently handle this - // without displaying an error page, so we just return early here. - // See bug 1604308 for discussion around what the ideal behaviour is. nsCOMPtr<nsIHttpChannel> httpChannel(do_QueryInterface(request)); if (httpChannel) { bool requestSucceeded; rv = httpChannel->GetRequestSucceeded(&requestSucceeded); if (NS_FAILED(rv) || !requestSucceeded) { - return NS_OK; + LOG( + (" Returning NS_ERROR_FILE_NOT_FOUND from " + "nsDocumentOpenInfo::DispatchContent due to failed HTTP response")); + return NS_ERROR_FILE_NOT_FOUND; } } + if (mFlags & nsIURILoader::DONT_RETARGET) { + LOG( + (" External handling forced or (listener not interested and no " + "stream converter exists), and retargeting disallowed -> aborting")); + return NS_ERROR_WONT_HANDLE_CONTENT; + } + // Fifth step: // // All attempts to dispatch this content have failed. Just pass it off to View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/b4… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/b4… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-115.11.0esr-13.0-1] 5 commits: Bug 1870579 - Use PK11_GenerateRandom to generate random number, r=necko-reviewers, valentin
by richard (＠richard) 10 May '24

10 May '24

richard pushed to branch base-browser-115.11.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: f7e4ecc5 by Kershaw Chang at 2024-05-10T22:02:56+00:00 Bug 1870579 - Use PK11_GenerateRandom to generate random number, r=necko-reviewers,valentin Differential Revision: https://phabricator.services.mozilla.com/D204755 - - - - - 950e0948 by Kershaw Chang at 2024-05-10T22:02:56+00:00 Bug 1892449 - Set network.http.digest_auth_cnonce_length to 16, a=dmeehan Apparently, setting this value to 64 breaks some sites. We should use the same length as Chrome. Original Revision: https://phabricator.services.mozilla.com/D208103 Differential Revision: https://phabricator.services.mozilla.com/D208119 - - - - - e774ee7b by Nika Layzell at 2024-05-10T22:02:56+00:00 Bug 1875248 - Check for network error preventing ExternalHelperAppService before DONT_RETARGET, r=smaug This reverts the change from 30cde47f9364e5c7da78fd08fa8ab21737d22399, and instead re-orders the NS_ERROR_FILE_NOT_FOUND check before DONT_RETARGET. Testing suggests that a-download-click-404.html behaviour isn't impacted, and this improves the handling of this edge-case when doing process switching. Differential Revision: https://phabricator.services.mozilla.com/D202007 - - - - - 6b293703 by Jonathan Kew at 2024-05-10T22:02:57+00:00 Bug 1886598 - Struct with Pointer member may not be memmove-able. r=gfx-reviewers,lsalzman Differential Revision: https://phabricator.services.mozilla.com/D206633 - - - - - 8eb85f10 by alwu at 2024-05-10T22:02:57+00:00 Bug 1644383 - add mutexs to avoid data race. r=media-playback-reviewers,padenot Differential Revision: https://phabricator.services.mozilla.com/D206943 - - - - - 8 changed files: - dom/media/ipc/RemoteMediaDataDecoder.cpp - dom/media/ipc/RemoteMediaDataDecoder.h - dom/media/platforms/wrappers/MediaChangeMonitor.cpp - dom/media/platforms/wrappers/MediaChangeMonitor.h - gfx/thebes/gfxPlatformFontList.h - modules/libpref/init/StaticPrefList.yaml - netwerk/protocol/http/nsHttpDigestAuth.cpp - uriloader/base/nsURILoader.cpp Changes: ===================================== dom/media/ipc/RemoteMediaDataDecoder.cpp ===================================== @@ -18,7 +18,12 @@ namespace mozilla { ##__VA_ARGS__) RemoteMediaDataDecoder::RemoteMediaDataDecoder(RemoteDecoderChild* aChild) - : mChild(aChild) { + : mChild(aChild), + mDescription("RemoteMediaDataDecoder"_ns), + mProcessName("unknown"_ns), + mCodecName("unknown"_ns), + mIsHardwareAccelerated(false), + mConversion(ConversionRequired::kNeedNone) { LOG("%p is created", this); } @@ -48,6 +53,7 @@ RefPtr<MediaDataDecoder::InitPromise> RemoteMediaDataDecoder::Init() { ->Then( RemoteDecoderManagerChild::GetManagerThread(), __func__, [self, this](TrackType aTrack) { + MutexAutoLock lock(mMutex); // If shutdown has started in the meantime shutdown promise may // be resloved before this task. In this case mChild will be null // and the init promise has to be canceled. @@ -127,6 +133,7 @@ RefPtr<ShutdownPromise> RemoteMediaDataDecoder::Shutdown() { bool RemoteMediaDataDecoder::IsHardwareAccelerated( nsACString& aFailureReason) const { + MutexAutoLock lock(mMutex); aFailureReason = mHardwareAcceleratedReason; return mIsHardwareAccelerated; } @@ -145,18 +152,24 @@ void RemoteMediaDataDecoder::SetSeekThreshold(const media::TimeUnit& aTime) { MediaDataDecoder::ConversionRequired RemoteMediaDataDecoder::NeedsConversion() const { + MutexAutoLock lock(mMutex); return mConversion; } nsCString RemoteMediaDataDecoder::GetDescriptionName() const { + MutexAutoLock lock(mMutex); return mDescription; } nsCString RemoteMediaDataDecoder::GetProcessName() const { + MutexAutoLock lock(mMutex); return mProcessName; } -nsCString RemoteMediaDataDecoder::GetCodecName() const { return mCodecName; } +nsCString RemoteMediaDataDecoder::GetCodecName() const { + MutexAutoLock lock(mMutex); + return mCodecName; +} #undef LOG ===================================== dom/media/ipc/RemoteMediaDataDecoder.h ===================================== @@ -53,14 +53,16 @@ class RemoteMediaDataDecoder final // destructor when we can guarantee no other threads are accessing it). Only // read from the manager thread. RefPtr<RemoteDecoderChild> mChild; + + mutable Mutex mMutex{"RemoteMediaDataDecoder"}; + // Only ever written/modified during decoder initialisation. - // As such can be accessed from any threads after that. - nsCString mDescription = "RemoteMediaDataDecoder"_ns; - nsCString mProcessName = "unknown"_ns; - nsCString mCodecName = "unknown"_ns; - bool mIsHardwareAccelerated = false; - nsCString mHardwareAcceleratedReason; - ConversionRequired mConversion = ConversionRequired::kNeedNone; + nsCString mDescription MOZ_GUARDED_BY(mMutex); + nsCString mProcessName MOZ_GUARDED_BY(mMutex); + nsCString mCodecName MOZ_GUARDED_BY(mMutex); + bool mIsHardwareAccelerated MOZ_GUARDED_BY(mMutex); + nsCString mHardwareAcceleratedReason MOZ_GUARDED_BY(mMutex); + ConversionRequired mConversion MOZ_GUARDED_BY(mMutex); }; } // namespace mozilla ===================================== dom/media/platforms/wrappers/MediaChangeMonitor.cpp ===================================== @@ -668,6 +668,7 @@ RefPtr<ShutdownPromise> MediaChangeMonitor::ShutdownDecoder() { AssertOnThread(); mConversionRequired.reset(); if (mDecoder) { + MutexAutoLock lock(mMutex); RefPtr<MediaDataDecoder> decoder = std::move(mDecoder); return decoder->Shutdown(); } @@ -715,6 +716,7 @@ MediaChangeMonitor::CreateDecoder() { ->Then( GetCurrentSerialEventTarget(), __func__, [self = RefPtr{this}, this](RefPtr<MediaDataDecoder>&& aDecoder) { + MutexAutoLock lock(mMutex); mDecoder = std::move(aDecoder); DDLINKCHILD("decoder", mDecoder.get()); return CreateDecoderPromise::CreateAndResolve(true, __func__); @@ -963,6 +965,11 @@ void MediaChangeMonitor::FlushThenShutdownDecoder( ->Track(mFlushRequest); } +MediaDataDecoder* MediaChangeMonitor::GetDecoderOnNonOwnerThread() const { + MutexAutoLock lock(mMutex); + return mDecoder; +} + #undef LOG } // namespace mozilla ===================================== dom/media/platforms/wrappers/MediaChangeMonitor.h ===================================== @@ -41,34 +41,34 @@ class MediaChangeMonitor final RefPtr<ShutdownPromise> Shutdown() override; bool IsHardwareAccelerated(nsACString& aFailureReason) const override; nsCString GetDescriptionName() const override { - if (mDecoder) { - return mDecoder->GetDescriptionName(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->GetDescriptionName(); } return "MediaChangeMonitor decoder (pending)"_ns; } nsCString GetProcessName() const override { - if (mDecoder) { - return mDecoder->GetProcessName(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->GetProcessName(); } return "MediaChangeMonitor"_ns; } nsCString GetCodecName() const override { - if (mDecoder) { - return mDecoder->GetCodecName(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->GetCodecName(); } return "MediaChangeMonitor"_ns; } void SetSeekThreshold(const media::TimeUnit& aTime) override; bool SupportDecoderRecycling() const override { - if (mDecoder) { - return mDecoder->SupportDecoderRecycling(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->SupportDecoderRecycling(); } return false; } ConversionRequired NeedsConversion() const override { - if (mDecoder) { - return mDecoder->NeedsConversion(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->NeedsConversion(); } // Default so no conversion is performed. return ConversionRequired::kNeedNone; @@ -97,6 +97,9 @@ class MediaChangeMonitor final MOZ_ASSERT(!mThread || mThread->IsOnCurrentThread()); } + // This is used for getting decoder debug info on other threads. Thread-safe. + MediaDataDecoder* GetDecoderOnNonOwnerThread() const; + bool CanRecycleDecoder() const; typedef MozPromise<bool, MediaResult, true /* exclusive */> @@ -137,6 +140,13 @@ class MediaChangeMonitor final const CreateDecoderParamsForAsync mParams; // Keep any seek threshold set for after decoder creation and initialization. Maybe<media::TimeUnit> mPendingSeekThreshold; + + // This lock is used for mDecoder specifically, but it doens't need to be used + // for every places accessing mDecoder which is mostly on the owner thread. + // However, when requesting decoder debug info, it can happen on other + // threads, so we need this mutex to avoid the data race of + // creating/destroying decoder and accessing decoder's debug info. + mutable Mutex MOZ_ANNOTATED mMutex{"MediaChangeMonitor"}; }; } // namespace mozilla ===================================== gfx/thebes/gfxPlatformFontList.h ===================================== @@ -124,7 +124,7 @@ class ShmemCharMapHashEntry final : public PLDHashEntryHdr { return aCharMap->GetChecksum(); } - enum { ALLOW_MEMMOVE = true }; + enum { ALLOW_MEMMOVE = false }; // because of the Pointer member private: // charMaps are stored in the shared memory that FontList objects point to, ===================================== modules/libpref/init/StaticPrefList.yaml ===================================== @@ -12779,6 +12779,18 @@ value: true mirror: always + # The length of cnonce string used in HTTP digest auth. +- name: network.http.digest_auth_cnonce_length + type: uint32_t + value: 16 + mirror: always + + # If true, HTTP response content-type headers will be parsed using the standards-compliant MimeType parser +- name: network.standard_content_type_parsing.response_headers + type: RelaxedAtomicBool + value: true + mirror: always + # The maximum count that we allow socket prrocess to crash. If this count is # reached, we won't use networking over socket process. - name: network.max_socket_process_failed_count ===================================== netwerk/protocol/http/nsHttpDigestAuth.cpp ===================================== @@ -9,6 +9,7 @@ #include "mozilla/ClearOnShutdown.h" #include "mozilla/Sprintf.h" +#include "mozilla/StaticPrefs_network.h" #include "mozilla/Unused.h" #include "nsHttp.h" @@ -22,6 +23,7 @@ #include "nsCRT.h" #include "nsICryptoHash.h" #include "nsComponentManagerUtils.h" +#include "pk11pub.h" constexpr uint16_t DigestLength(uint16_t aAlgorithm) { if (aAlgorithm & (ALGO_SHA256 | ALGO_SHA256_SESS)) { @@ -321,9 +323,13 @@ nsHttpDigestAuth::GenerateCredentials( // returned Authentication-Info header). also used for session info. // nsAutoCString cnonce; - static const char hexChar[] = "0123456789abcdef"; - for (int i = 0; i < 16; ++i) { - cnonce.Append(hexChar[(int)(15.0 * rand() / (RAND_MAX + 1.0))]); + nsTArray<uint8_t> cnonceBuf; + cnonceBuf.SetLength(StaticPrefs::network_http_digest_auth_cnonce_length() / + 2); + PK11_GenerateRandom(reinterpret_cast<unsigned char*>(cnonceBuf.Elements()), + cnonceBuf.Length()); + for (auto byte : cnonceBuf) { + cnonce.AppendPrintf("%02x", byte); } LOG((" cnonce=%s\n", cnonce.get())); ===================================== uriloader/base/nsURILoader.cpp ===================================== @@ -414,28 +414,28 @@ nsresult nsDocumentOpenInfo::DispatchContent(nsIRequest* request) { NS_ASSERTION(!m_targetStreamListener, "If we found a listener, why are we not using it?"); - if (mFlags & nsIURILoader::DONT_RETARGET) { - LOG( - (" External handling forced or (listener not interested and no " - "stream converter exists), and retargeting disallowed -> aborting")); - return NS_ERROR_WONT_HANDLE_CONTENT; - } - // Before dispatching to the external helper app service, check for an HTTP // error page. If we got one, we don't want to handle it with a helper app, // really. - // The WPT a-download-click-404.html requires us to silently handle this - // without displaying an error page, so we just return early here. - // See bug 1604308 for discussion around what the ideal behaviour is. nsCOMPtr<nsIHttpChannel> httpChannel(do_QueryInterface(request)); if (httpChannel) { bool requestSucceeded; rv = httpChannel->GetRequestSucceeded(&requestSucceeded); if (NS_FAILED(rv) || !requestSucceeded) { - return NS_OK; + LOG( + (" Returning NS_ERROR_FILE_NOT_FOUND from " + "nsDocumentOpenInfo::DispatchContent due to failed HTTP response")); + return NS_ERROR_FILE_NOT_FOUND; } } + if (mFlags & nsIURILoader::DONT_RETARGET) { + LOG( + (" External handling forced or (listener not interested and no " + "stream converter exists), and retargeting disallowed -> aborting")); + return NS_ERROR_WONT_HANDLE_CONTENT; + } + // Fifth step: // // All attempts to dispatch this content have failed. Just pass it off to View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/8a728a… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/8a728a… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.11.0esr-13.0-1] 5 commits: Bug 1870579 - Use PK11_GenerateRandom to generate random number, r=necko-reviewers, valentin
by richard (＠richard) 10 May '24

10 May '24

richard pushed to branch tor-browser-115.11.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: 51f80eb6 by Kershaw Chang at 2024-05-10T22:22:15+02:00 Bug 1870579 - Use PK11_GenerateRandom to generate random number, r=necko-reviewers,valentin Differential Revision: https://phabricator.services.mozilla.com/D204755 - - - - - cb7f8ec0 by Kershaw Chang at 2024-05-10T22:22:56+02:00 Bug 1892449 - Set network.http.digest_auth_cnonce_length to 16, a=dmeehan Apparently, setting this value to 64 breaks some sites. We should use the same length as Chrome. Original Revision: https://phabricator.services.mozilla.com/D208103 Differential Revision: https://phabricator.services.mozilla.com/D208119 - - - - - 2e33d3b5 by Nika Layzell at 2024-05-10T22:37:57+02:00 Bug 1875248 - Check for network error preventing ExternalHelperAppService before DONT_RETARGET, r=smaug This reverts the change from 30cde47f9364e5c7da78fd08fa8ab21737d22399, and instead re-orders the NS_ERROR_FILE_NOT_FOUND check before DONT_RETARGET. Testing suggests that a-download-click-404.html behaviour isn't impacted, and this improves the handling of this edge-case when doing process switching. Differential Revision: https://phabricator.services.mozilla.com/D202007 - - - - - bbb3af71 by Jonathan Kew at 2024-05-10T23:19:01+02:00 Bug 1886598 - Struct with Pointer member may not be memmove-able. r=gfx-reviewers,lsalzman Differential Revision: https://phabricator.services.mozilla.com/D206633 - - - - - f87ae3f1 by alwu at 2024-05-10T23:34:34+02:00 Bug 1644383 - add mutexs to avoid data race. r=media-playback-reviewers,padenot Differential Revision: https://phabricator.services.mozilla.com/D206943 - - - - - 8 changed files: - dom/media/ipc/RemoteMediaDataDecoder.cpp - dom/media/ipc/RemoteMediaDataDecoder.h - dom/media/platforms/wrappers/MediaChangeMonitor.cpp - dom/media/platforms/wrappers/MediaChangeMonitor.h - gfx/thebes/gfxPlatformFontList.h - modules/libpref/init/StaticPrefList.yaml - netwerk/protocol/http/nsHttpDigestAuth.cpp - uriloader/base/nsURILoader.cpp Changes: ===================================== dom/media/ipc/RemoteMediaDataDecoder.cpp ===================================== @@ -18,7 +18,12 @@ namespace mozilla { ##__VA_ARGS__) RemoteMediaDataDecoder::RemoteMediaDataDecoder(RemoteDecoderChild* aChild) - : mChild(aChild) { + : mChild(aChild), + mDescription("RemoteMediaDataDecoder"_ns), + mProcessName("unknown"_ns), + mCodecName("unknown"_ns), + mIsHardwareAccelerated(false), + mConversion(ConversionRequired::kNeedNone) { LOG("%p is created", this); } @@ -48,6 +53,7 @@ RefPtr<MediaDataDecoder::InitPromise> RemoteMediaDataDecoder::Init() { ->Then( RemoteDecoderManagerChild::GetManagerThread(), __func__, [self, this](TrackType aTrack) { + MutexAutoLock lock(mMutex); // If shutdown has started in the meantime shutdown promise may // be resloved before this task. In this case mChild will be null // and the init promise has to be canceled. @@ -127,6 +133,7 @@ RefPtr<ShutdownPromise> RemoteMediaDataDecoder::Shutdown() { bool RemoteMediaDataDecoder::IsHardwareAccelerated( nsACString& aFailureReason) const { + MutexAutoLock lock(mMutex); aFailureReason = mHardwareAcceleratedReason; return mIsHardwareAccelerated; } @@ -145,18 +152,24 @@ void RemoteMediaDataDecoder::SetSeekThreshold(const media::TimeUnit& aTime) { MediaDataDecoder::ConversionRequired RemoteMediaDataDecoder::NeedsConversion() const { + MutexAutoLock lock(mMutex); return mConversion; } nsCString RemoteMediaDataDecoder::GetDescriptionName() const { + MutexAutoLock lock(mMutex); return mDescription; } nsCString RemoteMediaDataDecoder::GetProcessName() const { + MutexAutoLock lock(mMutex); return mProcessName; } -nsCString RemoteMediaDataDecoder::GetCodecName() const { return mCodecName; } +nsCString RemoteMediaDataDecoder::GetCodecName() const { + MutexAutoLock lock(mMutex); + return mCodecName; +} #undef LOG ===================================== dom/media/ipc/RemoteMediaDataDecoder.h ===================================== @@ -53,14 +53,16 @@ class RemoteMediaDataDecoder final // destructor when we can guarantee no other threads are accessing it). Only // read from the manager thread. RefPtr<RemoteDecoderChild> mChild; + + mutable Mutex mMutex{"RemoteMediaDataDecoder"}; + // Only ever written/modified during decoder initialisation. - // As such can be accessed from any threads after that. - nsCString mDescription = "RemoteMediaDataDecoder"_ns; - nsCString mProcessName = "unknown"_ns; - nsCString mCodecName = "unknown"_ns; - bool mIsHardwareAccelerated = false; - nsCString mHardwareAcceleratedReason; - ConversionRequired mConversion = ConversionRequired::kNeedNone; + nsCString mDescription MOZ_GUARDED_BY(mMutex); + nsCString mProcessName MOZ_GUARDED_BY(mMutex); + nsCString mCodecName MOZ_GUARDED_BY(mMutex); + bool mIsHardwareAccelerated MOZ_GUARDED_BY(mMutex); + nsCString mHardwareAcceleratedReason MOZ_GUARDED_BY(mMutex); + ConversionRequired mConversion MOZ_GUARDED_BY(mMutex); }; } // namespace mozilla ===================================== dom/media/platforms/wrappers/MediaChangeMonitor.cpp ===================================== @@ -668,6 +668,7 @@ RefPtr<ShutdownPromise> MediaChangeMonitor::ShutdownDecoder() { AssertOnThread(); mConversionRequired.reset(); if (mDecoder) { + MutexAutoLock lock(mMutex); RefPtr<MediaDataDecoder> decoder = std::move(mDecoder); return decoder->Shutdown(); } @@ -715,6 +716,7 @@ MediaChangeMonitor::CreateDecoder() { ->Then( GetCurrentSerialEventTarget(), __func__, [self = RefPtr{this}, this](RefPtr<MediaDataDecoder>&& aDecoder) { + MutexAutoLock lock(mMutex); mDecoder = std::move(aDecoder); DDLINKCHILD("decoder", mDecoder.get()); return CreateDecoderPromise::CreateAndResolve(true, __func__); @@ -963,6 +965,11 @@ void MediaChangeMonitor::FlushThenShutdownDecoder( ->Track(mFlushRequest); } +MediaDataDecoder* MediaChangeMonitor::GetDecoderOnNonOwnerThread() const { + MutexAutoLock lock(mMutex); + return mDecoder; +} + #undef LOG } // namespace mozilla ===================================== dom/media/platforms/wrappers/MediaChangeMonitor.h ===================================== @@ -41,34 +41,34 @@ class MediaChangeMonitor final RefPtr<ShutdownPromise> Shutdown() override; bool IsHardwareAccelerated(nsACString& aFailureReason) const override; nsCString GetDescriptionName() const override { - if (mDecoder) { - return mDecoder->GetDescriptionName(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->GetDescriptionName(); } return "MediaChangeMonitor decoder (pending)"_ns; } nsCString GetProcessName() const override { - if (mDecoder) { - return mDecoder->GetProcessName(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->GetProcessName(); } return "MediaChangeMonitor"_ns; } nsCString GetCodecName() const override { - if (mDecoder) { - return mDecoder->GetCodecName(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->GetCodecName(); } return "MediaChangeMonitor"_ns; } void SetSeekThreshold(const media::TimeUnit& aTime) override; bool SupportDecoderRecycling() const override { - if (mDecoder) { - return mDecoder->SupportDecoderRecycling(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->SupportDecoderRecycling(); } return false; } ConversionRequired NeedsConversion() const override { - if (mDecoder) { - return mDecoder->NeedsConversion(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->NeedsConversion(); } // Default so no conversion is performed. return ConversionRequired::kNeedNone; @@ -97,6 +97,9 @@ class MediaChangeMonitor final MOZ_ASSERT(!mThread || mThread->IsOnCurrentThread()); } + // This is used for getting decoder debug info on other threads. Thread-safe. + MediaDataDecoder* GetDecoderOnNonOwnerThread() const; + bool CanRecycleDecoder() const; typedef MozPromise<bool, MediaResult, true /* exclusive */> @@ -137,6 +140,13 @@ class MediaChangeMonitor final const CreateDecoderParamsForAsync mParams; // Keep any seek threshold set for after decoder creation and initialization. Maybe<media::TimeUnit> mPendingSeekThreshold; + + // This lock is used for mDecoder specifically, but it doens't need to be used + // for every places accessing mDecoder which is mostly on the owner thread. + // However, when requesting decoder debug info, it can happen on other + // threads, so we need this mutex to avoid the data race of + // creating/destroying decoder and accessing decoder's debug info. + mutable Mutex MOZ_ANNOTATED mMutex{"MediaChangeMonitor"}; }; } // namespace mozilla ===================================== gfx/thebes/gfxPlatformFontList.h ===================================== @@ -124,7 +124,7 @@ class ShmemCharMapHashEntry final : public PLDHashEntryHdr { return aCharMap->GetChecksum(); } - enum { ALLOW_MEMMOVE = true }; + enum { ALLOW_MEMMOVE = false }; // because of the Pointer member private: // charMaps are stored in the shared memory that FontList objects point to, ===================================== modules/libpref/init/StaticPrefList.yaml ===================================== @@ -12787,6 +12787,18 @@ value: true mirror: always + # The length of cnonce string used in HTTP digest auth. +- name: network.http.digest_auth_cnonce_length + type: uint32_t + value: 16 + mirror: always + + # If true, HTTP response content-type headers will be parsed using the standards-compliant MimeType parser +- name: network.standard_content_type_parsing.response_headers + type: RelaxedAtomicBool + value: true + mirror: always + # The maximum count that we allow socket prrocess to crash. If this count is # reached, we won't use networking over socket process. - name: network.max_socket_process_failed_count ===================================== netwerk/protocol/http/nsHttpDigestAuth.cpp ===================================== @@ -9,6 +9,7 @@ #include "mozilla/ClearOnShutdown.h" #include "mozilla/Sprintf.h" +#include "mozilla/StaticPrefs_network.h" #include "mozilla/Unused.h" #include "nsHttp.h" @@ -22,6 +23,7 @@ #include "nsCRT.h" #include "nsICryptoHash.h" #include "nsComponentManagerUtils.h" +#include "pk11pub.h" constexpr uint16_t DigestLength(uint16_t aAlgorithm) { if (aAlgorithm & (ALGO_SHA256 | ALGO_SHA256_SESS)) { @@ -321,9 +323,13 @@ nsHttpDigestAuth::GenerateCredentials( // returned Authentication-Info header). also used for session info. // nsAutoCString cnonce; - static const char hexChar[] = "0123456789abcdef"; - for (int i = 0; i < 16; ++i) { - cnonce.Append(hexChar[(int)(15.0 * rand() / (RAND_MAX + 1.0))]); + nsTArray<uint8_t> cnonceBuf; + cnonceBuf.SetLength(StaticPrefs::network_http_digest_auth_cnonce_length() / + 2); + PK11_GenerateRandom(reinterpret_cast<unsigned char*>(cnonceBuf.Elements()), + cnonceBuf.Length()); + for (auto byte : cnonceBuf) { + cnonce.AppendPrintf("%02x", byte); } LOG((" cnonce=%s\n", cnonce.get())); ===================================== uriloader/base/nsURILoader.cpp ===================================== @@ -414,28 +414,28 @@ nsresult nsDocumentOpenInfo::DispatchContent(nsIRequest* request) { NS_ASSERTION(!m_targetStreamListener, "If we found a listener, why are we not using it?"); - if (mFlags & nsIURILoader::DONT_RETARGET) { - LOG( - (" External handling forced or (listener not interested and no " - "stream converter exists), and retargeting disallowed -> aborting")); - return NS_ERROR_WONT_HANDLE_CONTENT; - } - // Before dispatching to the external helper app service, check for an HTTP // error page. If we got one, we don't want to handle it with a helper app, // really. - // The WPT a-download-click-404.html requires us to silently handle this - // without displaying an error page, so we just return early here. - // See bug 1604308 for discussion around what the ideal behaviour is. nsCOMPtr<nsIHttpChannel> httpChannel(do_QueryInterface(request)); if (httpChannel) { bool requestSucceeded; rv = httpChannel->GetRequestSucceeded(&requestSucceeded); if (NS_FAILED(rv) || !requestSucceeded) { - return NS_OK; + LOG( + (" Returning NS_ERROR_FILE_NOT_FOUND from " + "nsDocumentOpenInfo::DispatchContent due to failed HTTP response")); + return NS_ERROR_FILE_NOT_FOUND; } } + if (mFlags & nsIURILoader::DONT_RETARGET) { + LOG( + (" External handling forced or (listener not interested and no " + "stream converter exists), and retargeting disallowed -> aborting")); + return NS_ERROR_WONT_HANDLE_CONTENT; + } + // Fifth step: // // All attempts to dispatch this content have failed. Just pass it off to View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/e4ed3f… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/e4ed3f… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/firefox-android][firefox-android-115.2.1-13.5-1] fixup! Bug 40009: Change the default search engines
by richard (＠richard) 10 May '24

10 May '24

richard pushed to branch firefox-android-115.2.1-13.5-1 at The Tor Project / Applications / firefox-android Commits: 2cde370f by Dan Ballard at 2024-05-10T21:15:26+00:00 fixup! Bug 40009: Change the default search engines Bug 42290: update Duckduckgoonion to duckduckgo onion and startpage - - - - - 3 changed files: - android-components/components/feature/search/src/main/assets/search/list.json - android-components/components/feature/search/src/main/assets/searchplugins/ddg-onion.xml - android-components/components/feature/search/src/main/assets/searchplugins/startpage-onion.xml Changes: ===================================== android-components/components/feature/search/src/main/assets/search/list.json ===================================== @@ -1,7 +1,7 @@ { "default": { "searchDefault": "DuckDuckGo", - "searchOrder": ["DuckDuckGo", "DuckDuckGoOnion", "Startpage", "StartpageOnion","Wikipedia"], + "searchOrder": ["DuckDuckGo", "DuckDuckGo Onion", "Startpage", "Startpage Onion","Wikipedia"], "visibleDefaultEngines": [ "ddg", "ddg-onion", "startpage", "startpage-onion", "wikipedia" ] ===================================== android-components/components/feature/search/src/main/assets/searchplugins/ddg-onion.xml ===================================== @@ -1,5 +1,5 @@ <SearchPlugin xmlns="http://www.mozilla.org/2006/browser/search/"> -<ShortName>DuckDuckGoOnion</ShortName> +<ShortName>DuckDuckGo Onion</ShortName> <Description>Duck Duck Go Onion</Description> <InputEncoding>UTF-8</InputEncoding> <Image height="16" width="16">data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAABGdBTUEAALGPC/xhBQAAACBjSFJNAAB6JgAAgIQAAPoAAACA6AAAdTAAAOpgAAA6mAAAF3CculE8AAAB8lBMVEUAAADkRQzjPwPjQQXkRQ3iPwTiQQXgPQPeQgrcOwPVNgDVNQDWOgbTMwDRMgDQMwDSMwDRNwTQLgDRJgDSJwDSLgDSNwTjOgDiOADjOQDkPADhQAXzs5v+/fv////0vKbiRQvgPQHpdUr85NzuknPdKgDcIwDnZzj2w7HqeU/gPQLsimb/+PftjWn97Obpb0LdJQDeLQDtjmvsi2jgSBDnbULgOQD/39HgLQDeMgDpeFLgSBH0v670uqbaJQD2qImWvP/G1Ob5+/3u//+fvvXyp47dMwDaLwD0u6v0v6/aNQDiXi/aKQD3qozU7/8gSY2vvtg0ZK/OqLDaKQHYKgLgWTfaNADZMgDZMADZLADzqpD7//+xwdz//9H/5Bn/7Bn//ADofADYMADYMQDZOgPXLgDiZDj//97/0AD3tQDvlgHZOgbXLATXMADWMgDfXjLVLQD///z+0AD/3Rn/yRnwnQDcVjbVMQDyv67wuKTSJwDRHQD+8O/tg3/iQQDwhAHnawHWMADvtKfyva7XQxHga0bQGQD2vbH/u8LXIQCmPQzja07XQxLliGn99fPkcVHvhnGZ5VguvUU5wktBwCcAgxzydVv/8/XmiGngdlL+ysi3+I8LtCE80V6P3YmX4sDleljSNQLzr6D7sKPXNQTSIwAEAbMrAAAAF3RSTlMARqSkRvPz80PTpKRG3fPe3hio9/eoGP50jNsAAAABYktHRB5yCiArAAAAyElEQVQYGQXBvUqCYRiA4fu2V9Tn+UQddI3aCpxaOoU6iU4gcqqpoYbALXBuCuoYmttamqJDiEoh4YP+MOi6BNCh+uYKEGiOVNCXXxA2XDVV/UyfKbRCXTLQWAxbP2vt8Ue/uYDvfim91615sb2um6rqtrr/NFb1cUf1Ybd06areU6lSlYpK79jzK1SyJOkfhOl8JGEcqV5zoKrTRqO6yUzIzNu46ijdM1VV9bhuUJ/nZURExLRzUiPQm3kKXHi4BAEGOmOi78A/L1QoU/VHoTsAAAAldEVYdGRhdGU6Y3JlYXRlADIwMTQtMDEtMTlUMjA6MDE6MTEtMDU6MDAuET6cAAAAJXRFWHRkYXRlOm1vZGlmeQAyMDE0LTAxLTE5VDIwOjAxOjExLTA1OjAwX0yGIAAAAABJRU5ErkJggg==</Image> ===================================== android-components/components/feature/search/src/main/assets/searchplugins/startpage-onion.xml ===================================== @@ -1,5 +1,5 @@ <SearchPlugin xmlns="http://www.mozilla.org/2006/browser/search/"> -<ShortName>StartpageOnion</ShortName> +<ShortName>Startpage Onion</ShortName> <Description>Start Page Onion</Description> <InputEncoding>UTF-8</InputEncoding> <Image width="16" height="16">data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAGAAAABgCAYAAADimHc4AAASsUlEQVR42qSXXWoCQRCElzxKTiOeSMBLhuAZgscQAR/dXU2aBfnggykaIpTTU9aU3fO3OtXro7C1y/LcFY7zvH4Xbsuy/lZ/wzwTgxWIG2rpqxXy+L4u51+89G2soe/vft6rPRdO6/r6fM/3hndQHx5K+IORk9yM3sUoebSMYTLQo8EPrvoFPODXOIH4AHjGhlg52ROu4AUd1EMsr0thzyLUqwT7Iq8qhsJVcNgNWhgVKA06ChfgKdq8NZ4QeBYZvTSatKQJ34V24HMtHLYFeDxen/XBxRP+HlwIhVmjogQKt6fjcVs69RlPzoAxWUMtLDy8a8BLebj+MHa7bXZTdU7hDvUJsMY8eiF4tjR4DxEW2SfMnj6VQHXJX2jw8jxO9XYOiScT0DqSGXnX+JnSf3ZYj681juUvfS//AYfn11TB3XeWJ9JHzn34NRz3yNPCA1090vmaCt72NWfPkW94FihP8Z7n2+RdTCuT/NNS0A7KC5fAjst5mnfuLt65CT1PanHN8PYyPw0mV6tMrCNtTXpgd+KwCI77z5LC6GpreMKHuttXkjFx/FKy8P04JIPGY80L0sJ3Y+Mf9dlTdcf/EGzwqXNcQG/HEftEdTzQ3/94NQsey2EYCPfHHjMzMzMzMzMzMzMzM1HsOyvqKoo+PW+PJFnPTbPJBjyZcfou6JNnQe89DHrzzi+7HfT+Qyuzd9ReIIZDRmKsIpup0T+zLqxbgAJ0pDxQu5yj88GEB3xa/+6DoDv2BZ2+QLT3cNF2vUWbdRZt2F60gVk7860svus1TNTq7tof9N4D3OEwaT+A1QSqD9HnQo/7Po+mAk5+EmPOhAL7gPYofJ+/DLphW9Dew0SbdLJJjlZOesP4HBcg95OFsb/tO0J04/agL16FPNQdRsT/Mws8H9o4QpgZFbUPM/8g4br+e9ux0xaUO1zrrIH9/olZhHQRnbNU9MGjAJTQ27EY3b4+YshyWVXBGJ51Ds/McHy28uZt0KVr4iQ1bFc3+eWONj+Wt4tl+bsYBeSr5uUtuor1ZX3CjgQm5pIDWKg/PMwLDp28w6wcfumUz9s7fzlojyEZlJRw0y61EnrA2gMEpX8Hz10Hip67mOM/CsMMSsj3oYi1D58thRNClK10cuKsBdZtDdrU4KadDyMMSXFn+3W5vvW9ZnPQr19rwoVzsFKmt0LikSGIGmfOy8KkrM/Zws+fg85eInFnlvCSQA1ObgYl7GvFOuaLTpoj+ukzirT6wocjQtnnqEhoKHcCUIP2A2Hn06egMxfahLjwYZPO5clzUk7PXB/aHTdD9MNHTE/TJGZ1kOl5rNGMUuiQimCYYeNbsLjzvwSdu1Q8ePgPxsxq8hzRj59C1WtRj/H5Io2FGB2edP3IORHKpm7aEcrBI7yk0FBCk/1GS+qY385ftNiG+Va/9MmkDgaXrBE+E6LhbvYXgJgVlpcLkIUgYppPzdL3F6+GUlT9qSWUlNkRl2tZhvXLhWzUQfTw8aB8fuFuBtjxoKt8Zis4xPyQ4nvgmKMx2ldBWGU7Pv4ahx88TnTBCtEtu4LuPRR03+Ggm3cGnb9cdMBo0eZd0ogQiBAf5lr3EH36HFiKn1rwYco3oqGcH/EvpqO/dK3HcJLJycptRw4cI7rnUEwn5JGZ+0+f2YKYtoC+KvgTZwv3xT7Dj79gWF5kDaO48G/6Y/nDx0FbdkvDXDn8gf10HiB65GSwwxvZCV/GR3v3Pi5Eq+65MmaxZpZS3cYdRC9c9oQk53KYFdX71i5NR3up55Tzkx907jJh9tGuNiuZOEv05eua4W/mvIvZ1J5Ds2hz/Vjf4O7rV0wdcyqG56nSTZtZ4Sk4Fh15hxEODLdzAcQwJBoXQWzRTKxB+Hqsg9+9fhPsfLBJTvqGhW9nJnV+446il6/57TNT+n2/AMWbVCIRxtCwYXsAeGH2UtLF6Qts8pN2mNK6H0Tl59TLV8HuE0DUKfrlppg+XxzqmZW7F/e+cC2q5UX42bh0v5HiCqDU+gwXw273do3f+f6tu3YmVBN7bXqKRRDMh8cQ/4gFBWVhFQj3acXt8DUG47AOKf1fdVWvXPcv25l1oGbBOhujGIyRaL8JNKZ+Ckknz1K/3L4v0DwDCHJui9JFKMvsSjANdVcEjZ8pGI7R5wVhsZjVy8Lckm49BmcCDZhYujlMd/gQYv0hbFY/A/zP6PikT/3pC6qF+oUr3F/1jwJ8ArH7YHD/nzQS7ACP6QnOhrJeqgRXeSqCuS03wrdkvYaWOyoNccrViHYbFJNgHMKQWUU4oPcYHXbOGDvjSU9yTZEwmDKOmVL6+jrf/f5OT/6GP3nML+V/eFicQ5OxGEsJ2GCcmy57VouWfJKIWSEL4sHVVqpmk2aX8JOkPtLUdZa+KFMTDD98PvlwxYtWMLTQd/gMSc+eB+PQJY56Zoq1FuxAH39u2/eGShB57eaf5Hf81H46pwVdMnNalS9rbt+LDCiKK/tlAVaWHz6RsS341DHzcedxOde3BOGVG/W3SI/99pmRVRdimFb2GUn8u+u34gKkjMIwt1M/UdMGY6eLzlosumiV6Ir1P5s7B5hLliyOdzbevNh+tm3btm3btm3btm1LY+OzdCe1de5MZTv5Tf1zUuPkbJ+tru66X3fX/wivniqSSOTlYE1PyjeuwXheiykoCsH9wMu8pEoYYC4aEQ0e8yY+9+q08NnX01MIp0ydZoLWYcSR95OEsrJrdT0arhHz3GtXdCJxIrcXHHSZr1DXDNCVkKsdA2E9PQ7eoSryA9GZgCIzW3hYkRmX9f1wu6qCC5BOZxTrymv1uK4VK78n749cV/d4hcRcfAWebamznI10bZa37pc8DbAMD2I6DpHAVx+n19K/IUEQ3A0+oZItzMgE8LXxxPmMzOn8HdYv9/cPhocffznc99DzLvrks+/d9+ccV+DKCAUa+GKFcaS2OBYQBpfY5i4DR8JhOn7z3W9hwSU3/T8ttVk8GtX+f42/6bZHZfql1mzgtJSyz6gSW0uVn2KcQovnBwaG4hc5ZEeupbWlIrI1Tz/nOnuwbnrz7U+dmd/ZsldVvI5rKiaqqtLMhswM7unpD1OmtIU//xoR3nzns3D/wy+ES668Mxx3ymVhrwNPC9vtekzYfLtDw/GnXj7jJeisPPKqfIrz/x0+Jiy54jbp4aavPcsvscLWYeSo8bi/r8CwUcRXOf96Im4dZkm8Eb+avQ88PWy01UFhmVW3T9u89scl2rR5XGSZLcIPP/3JFwCVUkGTjel8nBNOuyLBS1ofVP+tW+14RPRtDQAedUW+zv3RcoJpKQ4PKOHmsy9+dGzv2tcWae+DTrdd4NCusAsSyTov24GLLrdldv36eDp3xbX3qixoVahd2DkAFTIiDCh8LT29/fHrP5B/bOKXrPPTzy209Gbh3gefUxnFAo40/++wMWG19fYA1Ch+kWW3DN/98EfhuuV8lSu71BXsNN5uu+sJbPMZfyQgKG37JSI+v/Xu5zLVUfth+PLGjp0UNtv20Pp6aU1AkfGJdtj92LQjeX+qoq48KkKkESDImwGtgyITJ7WEldfeNVDgaThaZpXtw2tvfCyEWm6c5v8//46OQv4wrOehx596TbhecohgBNvJrVEmLYg3oBvaVRt1wy0PA1cJSaTFltsqXHPDA6GjozvdU6m3GLcv99U3PgprbLBn0cNfd5N9Q2dnj1cbEy0PRF8j3AdaEOFFGxEMuU2OKui6m+6XtnWiuvED7ah+tK/3hZffM03E7Sf6/Y9h4egTL4kYvsXMNBwX/+CjL2r4peVv5PNr6TFHgQZ4Pefl1z4IC0c1068VcXesE7/Ii6+4M3z48TfRtd0eY7R9sdpmIPTGF9Pd3dfU1Z9+7q1w4OHnmPDE9Xo9rtXV1ev4u43g/3Jfk3P5VMq6TbzOXKPFe9LpV+XwX42Dt6O9TNNoNtrywKadsdJau8w4J65z8kZPPvNGifYieuGBpMOxypRrQtDQ7503OFpaOurCMEEPtCBqJ+DTXEAH5lPzktfacdtdjrYdBYjw18NhTLZ8I8+AjMiIloYGzv3598iw6nq7Kwjg+Owntaa5Rkzwy0igf5y8vo6GGIuYyatSTfBffPVTWGGNnYofuh9SyiHonAtvgkUu3PCe5n1FlfJYIOukI58rRDCylwDcNoKfSGJ68+iHsaU4x4jzzSLfPDz74jsCKlRigoJoldOEgIzcWunmaivJ63/7fVjYYIsDhDD2jGP3SM2K44l4zbKr7RB+/f1fqQkRkksiYezMWClJrRtw4GVIN+74CVPCwUeeaz4gPDDBzzXacocjwtSWDpEOqcbLqRLuUxXxSnPFeW7R3ui0e+jRl0wu5CJU1GyW0scmUdvCXMynhhVOOuMqC2ESZgkxSivU7ZV1qwIjfv0MNfKYiPUGXHjU6Anh5DOvNheEgJG5TwtFeuCRFx2FIcXBevBITcw06cBXLnpEO9PyGuHnX/4OZ553fdwRO88WLWj51XdsWtBX33C/CdfcLpHjS628ncWRXUaZTl/UXSKpBdFVSmjSEt9hzBG6knx49MlXw0FHnGMaE2AEcFTj7YHtvNcJ4a77ngmjx0y0+zV9SSeefmWaU6ckzDFWW8sUBvNrAT5EwoKI0tGDUB+vdDWkL/9Fa0j+fv/JirYv0FJJLrv6rhg/vqIpvPc95MxwyFHnxfjy5eGiy28P9zzwbPjgo6/DxIkthtv4LS2tHdHQOrrYCDziuAvjixwU8V+k9Od6XUvNsYJ7OePnAP5jYeNL++eoOeX8sOFjw6rr7lYCZwZhFmTyuKYBv+R1UJ7SWTfqED4RGmNaZcs7+HROjj/V0Tyqiy+/FbQtusrJW8Tuo0++FXBcUiNmvxVBeboZSMiMwLgPhijg+VKyaY8Y5xg9liYf6vYHKckVGnRrb7yPyRZHdjXX5zh/byXaxIu8HPq3Ne47Glxwjib/fBPKpuMXq6f7HnyGxSPU+p4SWxWU123jncaa7p/DOSKQzW1NaOQHoRyLbW1dFnifadSMWhENtmtufAAQ44BDPAcVlHcGxlU3cu4m3WNI3F82T2XuDs/z9w8fOc7ixgUu8k0t8mYZHFifMezcruZvNb6iDeDpuY86L4dA4rieXwo7es7Hn34XFl9ha48qijkWmbOcIynj/BVA6QXMVL8FEZ5YcOB/4JxDyJKalS6Q0AaUJYTBhV2DIuE23zTsus9JseivB+s7C0EAs5Wjr40YU5oOrhUE2CCv0wKFLUIIMMPt1LOvhbvaa6hdeNntdj+t6fh7RyOoLoUaH65uAa9lhCPcV0wajtrau8Iue51Q5rSzIM4L78yu1ERZjCAgiEV1frVMQIvISypIB5S5TiOiUF5ro73toaqEACOMr7jmzpYyI7S4hlML0lADnpR7AfpFcA7y8OXa2gDzw6qVJC250rYlLnFLy+ffR/iRNRYVBB21IglPumM4eKTtOQS00/gp15osM441DTo0anTnvU/L6hz+Nn6oFaFE14SRz5UrqRqwEkNGV63r++sIlmVFnHHu9ZmcosQz7+jaGx8ocEcrCNK8hgU97pzbKLi3V/PS45YfZComv/ichpTqG8QajvHK0ZI3TRaYjmt1hTphhu3RtJMP17pc3BoqLOfUckUJP9wRzeqbP/4cAYPV7YpOL0D4LIQhJoPzYq4ytvBScOR53T+O62Mc8z/74ocklKU8OOv8G+EJSCQgHOOV16ynAC3QOvQc/zh3jfY16XvCs/vamx+HpVfZvp7oVU/2ssicQZa7pZtu1qG3rTMArb9I8mK+XsvbxxpqL8bltVZnNjqcFmuMLR5giVvmBzrmpEvDl1//LFzw0AJVR10644x02zDhHqafSLqu6W4WvEoP1B+FKHvFHKyZqm9a2zpDX/8g1hJQU9IvqMz092swLqGkzpH3+2Kc/1lDrCnWKno+oEpbr9qq1V3FBa+/fCGDClRl37Ug/bJ1VxnhX8Muq0QQvGDbN9yQItb19CzSc8rHC3jRrAP//TGOVwUuaDWuoUT3IHUeRTQO6xWOk/BVS9jTBS9oXdzi8Pkrw0s9GKG9ZHNQFSarB6ITx7QM0vP9YVPhmsF8O3bYC3gv0y8IhPPC8ICsUBBDEvgpHYRcQ8ooDaVaNdYRQ8I15tp9PrAXcHBBt0RvDpBf8PnTGP3ndUazKrSQvHhenKv5w80X9N/4Rn4CbMgsOUCJ2w2tx3lfrdU452i+/P4U5qKdDhLPfmk0pi1Q2b84edVIU7C1RNW4q5EHYU3BE+fwmtnEGznm6Plunw+P9qwbK1f1f3Fw5Ui/iC0+G6kxr++pr/HbCCXX/WQffFVV/2lS+h/7F/vmLxBPHh7pg0gdiOpo3ki4kItly3zL+w3NRkukd+ILONgg3551eu7/AxK2F7WQPNQ+AAAAAElFTkSuQmCC</Image> View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/2cd… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/2cd… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/firefox-android][firefox-android-115.2.1-13.5-1] fixup! Enable the connect assist experiments on alpha
by Dan Ballard (＠dan) 09 May '24

09 May '24

Dan Ballard pushed to branch firefox-android-115.2.1-13.5-1 at The Tor Project / Applications / firefox-android Commits: 50c4fb9d by clairehurst at 2024-05-09T14:51:05-06:00 fixup! Enable the connect assist experiments on alpha - - - - - 13 changed files: - fenix/app/src/main/java/org/mozilla/fenix/HomeActivity.kt - fenix/app/src/main/java/org/mozilla/fenix/browser/BaseBrowserFragment.kt - fenix/app/src/main/java/org/mozilla/fenix/components/Components.kt - fenix/app/src/main/java/org/mozilla/fenix/components/Core.kt - fenix/app/src/main/java/org/mozilla/fenix/settings/SettingsFragment.kt - − fenix/app/src/main/java/org/mozilla/fenix/tor/TorBetaConnectionFeaturesFragment.kt - fenix/app/src/main/java/org/mozilla/fenix/tor/TorBootstrapFragment.kt - fenix/app/src/main/java/org/mozilla/fenix/tor/TorConnectionAssistViewModel.kt - fenix/app/src/main/java/org/mozilla/fenix/utils/Settings.kt - − fenix/app/src/main/res/layout/tor_network_settings_beta_connection_features.xml - fenix/app/src/main/res/navigation/nav_graph.xml - fenix/app/src/main/res/values/preference_keys.xml - fenix/app/src/main/res/xml/preferences.xml Changes: ===================================== fenix/app/src/main/java/org/mozilla/fenix/HomeActivity.kt ===================================== @@ -1186,19 +1186,15 @@ open class HomeActivity : LocaleAwareAppCompatActivity(), NavHostActivity, TorIn } open fun navigateToHome() { - if (settings().useNewBootstrap) { - if (settings().useNewBootstrapNativeUi) { - navHost.navController.navigate(NavGraphDirections.actionStartupTorConnectionAssist()) - } else { - navHost.navController.navigate(NavGraphDirections.actionStartupHome()) - openToBrowserAndLoad( - searchTermOrURL = "about:torconnect", - newTab = true, - from = BrowserDirection.FromHome, - ) - } + if (!settings().useHtmlConnectionUi) { + navHost.navController.navigate(NavGraphDirections.actionStartupTorConnectionAssist()) } else { - navHost.navController.navigate(NavGraphDirections.actionStartupTorbootstrap()) + navHost.navController.navigate(NavGraphDirections.actionStartupHome()) + openToBrowserAndLoad( + searchTermOrURL = "about:torconnect", + newTab = true, + from = BrowserDirection.FromHome, + ) } } ===================================== fenix/app/src/main/java/org/mozilla/fenix/browser/BaseBrowserFragment.kt ===================================== @@ -1217,12 +1217,7 @@ abstract class BaseBrowserFragment : private fun handleBetaHtmlTorConnect() { val currentTab = getCurrentTab() ?: return if (currentTab.content.url == "about:torconnect") { - if (!requireActivity().settings().useNewBootstrap) { - requireContext().components.useCases.tabsUseCases.removeTab(currentTab.id) - (requireActivity() as HomeActivity).navHost.navController.navigate( - NavGraphDirections.actionStartupTorbootstrap(), - ) - } else if (!requireActivity().settings().useNewBootstrapHtmlUi) { + if (!requireActivity().settings().useHtmlConnectionUi) { requireContext().components.useCases.tabsUseCases.removeTab(currentTab.id) (requireActivity() as HomeActivity).navigateToHome() } else { ===================================== fenix/app/src/main/java/org/mozilla/fenix/components/Components.kt ===================================== @@ -202,7 +202,7 @@ class Components(private val context: Context) { ), ) } - val torController by lazyMonitored { if (settings.useNewBootstrap) TorControllerGV(context) else TorControllerTAS(context) } + val torController by lazyMonitored { TorControllerGV(context) } } /** ===================================== fenix/app/src/main/java/org/mozilla/fenix/components/Core.kt ===================================== @@ -145,7 +145,6 @@ class Core( .shouldShowCookieBannerReEngagementDialog(), torSecurityLevel = context.settings().torSecurityLevel().intRepresentation, spoofEnglish = context.settings().spoofEnglish, - useNewBootstrap = context.settings().useNewBootstrap, ) GeckoEngine( ===================================== fenix/app/src/main/java/org/mozilla/fenix/settings/SettingsFragment.kt ===================================== @@ -40,6 +40,7 @@ import mozilla.components.concept.sync.Profile import mozilla.components.service.glean.private.NoExtras import mozilla.components.support.ktx.android.view.showKeyboard import org.mozilla.fenix.BrowserDirection +import org.mozilla.fenix.BuildConfig import org.mozilla.fenix.Config import org.mozilla.fenix.FeatureFlags import org.mozilla.fenix.GleanMetrics.Addons @@ -738,13 +739,9 @@ class SettingsFragment : PreferenceFragmentCompat() { } } - requirePreference<Preference>(R.string.pref_key_use_new_bootstrap).apply { - setOnPreferenceClickListener { - val directions = - SettingsFragmentDirections.actionSettingsFragmentToBetaConnectionFeaturesFragment() - requireView().findNavController().navigate(directions) - true - } + requirePreference<Preference>(R.string.pref_key_use_html_connection_ui).apply { + onPreferenceChangeListener = object : SharedPreferenceUpdater() {} + isVisible = BuildConfig.DEBUG } requirePreference<Preference>(R.string.pref_key_tor_logs).apply { ===================================== fenix/app/src/main/java/org/mozilla/fenix/tor/TorBetaConnectionFeaturesFragment.kt deleted ===================================== @@ -1,66 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -package org.mozilla.fenix.tor - -import android.os.Bundle -import android.view.LayoutInflater -import android.view.View -import android.view.ViewGroup -import androidx.core.view.children -import androidx.fragment.app.Fragment -import org.mozilla.fenix.databinding.TorNetworkSettingsBetaConnectionFeaturesBinding -import org.mozilla.fenix.ext.components -import org.mozilla.fenix.ext.settings - -/** - * Lets the user customize beta connection features mode. - */ -class TorBetaConnectionFeaturesFragment : Fragment() { - override fun onCreateView( - inflater: LayoutInflater, - container: ViewGroup?, - savedInstanceState: Bundle?, - ): View { - val binding = TorNetworkSettingsBetaConnectionFeaturesBinding.inflate(inflater) - - binding.enableBetaConnectionFeaturesSwitch.run { - isChecked = context.settings().useNewBootstrap - setConnectionAssistUI(binding, isChecked) - - setOnCheckedChangeListener { _, isConnectionAssistEnabled -> - context.settings().useNewBootstrap = isConnectionAssistEnabled - setConnectionAssistUI(binding, isConnectionAssistEnabled) - updateEngineConnectionAssistMode() - } - } - - // Since the beta connection features modes are in a RadioGroup we only need one listener to know of all their changes. - binding.useNewBootstrapWithNativeUiRadioButton.setOnCheckedChangeListener { _, _ -> - updateEngineConnectionAssistMode() - } - - return binding.root - } - - private fun setConnectionAssistUI( - binding: TorNetworkSettingsBetaConnectionFeaturesBinding, - isBetaConnectionAssistEnabled: Boolean, - ) { - if (!isBetaConnectionAssistEnabled) { - binding.enableBetaConnectionFeaturesModes.apply { - clearCheck() - children.forEach { it.isEnabled = false } - } - } else { - binding.enableBetaConnectionFeaturesModes.children.forEach { it.isEnabled = true } - } - } - - private fun updateEngineConnectionAssistMode() { - requireContext().components.core.engine.settings.useNewBootstrap = - requireContext().settings().useNewBootstrap - } - -} ===================================== fenix/app/src/main/java/org/mozilla/fenix/tor/TorBootstrapFragment.kt ===================================== @@ -164,9 +164,7 @@ class TorBootstrapFragment : Fragment() { // triggered to cause an automatic update on warm start (no tab selection occurs). So we // update it manually here. requireComponents.useCases.sessionUseCases.updateLastAccess() - if (requireContext().settings().useNewBootstrap){ - (requireActivity() as HomeActivity).navigateToHome() - } + (requireActivity() as HomeActivity).navigateToHome() } private fun handleTorBootstrapConnect() { ===================================== fenix/app/src/main/java/org/mozilla/fenix/tor/TorConnectionAssistViewModel.kt ===================================== @@ -21,7 +21,7 @@ class TorConnectionAssistViewModel( private val TAG = "torConnectionAssistVM" private val components = getApplication<Application>().components - private val _torController: TorControllerGV = components.torController as TorControllerGV + private val _torController: TorControllerGV = components.torController private val _torConnectScreen = MutableStateFlow(ConnectAssistUiState.Splash) internal val torConnectScreen: StateFlow<ConnectAssistUiState> = _torConnectScreen ===================================== fenix/app/src/main/java/org/mozilla/fenix/utils/Settings.kt ===================================== @@ -1855,18 +1855,8 @@ class Settings(private val appContext: Context) : PreferencesHolder { */ var enableUnifiedSearchSettingsUI: Boolean = showUnifiedSearchFeature && FeatureFlags.unifiedSearchSettings - var useNewBootstrap by booleanPreference( - appContext.getPreferenceKey(R.string.pref_key_use_new_bootstrap), - default = true, - ) - - var useNewBootstrapNativeUi by booleanPreference( - appContext.getPreferenceKey(R.string.pref_key_use_new_bootstrap_with_android_native), - default = true, - ) - - var useNewBootstrapHtmlUi by booleanPreference( - appContext.getPreferenceKey(R.string.pref_key_use_new_bootstrap_with_html), - default = false + var useHtmlConnectionUi by booleanPreference( + appContext.getPreferenceKey(R.string.pref_key_use_html_connection_ui), + default = false, ) } ===================================== fenix/app/src/main/res/layout/tor_network_settings_beta_connection_features.xml deleted ===================================== @@ -1,99 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?> -<androidx.constraintlayout.widget.ConstraintLayout xmlns:android="http://schemas.android.com/apk/res/android" - xmlns:app="http://schemas.android.com/apk/res-auto" - android:layout_width="match_parent" - android:layout_height="wrap_content"> - - <TextView - android:id="@+id/enable_beta_connection_features_title" - android:layout_width="0dp" - android:layout_height="wrap_content" - android:layout_marginStart="16dp" - android:layout_marginTop="16dp" - android:layout_marginBottom="2dp" - android:clickable="false" - android:text="Enable beta connection features" - android:textAppearance="@style/ListItemTextStyle" - android:textSize="16sp" - app:layout_constraintBottom_toTopOf="@id/enable_beta_connection_features_summary" - app:layout_constraintEnd_toStartOf="@id/enable_beta_connection_features_switch" - app:layout_constraintStart_toStartOf="parent" - app:layout_constraintTop_toTopOf="parent" - app:lineHeight="24.sp" /> - - <TextView - android:id="@+id/enable_beta_connection_features_summary" - android:layout_width="0dp" - android:layout_height="wrap_content" - android:text="Help us test our new connection assist features which focuses on a streamlined connection with better integration with bridges" - android:textColor="?attr/textSecondary" - android:textColorLink="?attr/textSecondary" - android:textSize="12sp" - app:layout_constraintBottom_toTopOf="@id/enable_beta_connection_features_modes" - app:layout_constraintEnd_toEndOf="@id/enable_beta_connection_features_title" - app:layout_constraintStart_toStartOf="@id/enable_beta_connection_features_title" - app:layout_constraintTop_toBottomOf="@id/enable_beta_connection_features_title" - app:lineHeight="16.sp" /> - - <androidx.appcompat.widget.SwitchCompat - android:id="@+id/enable_beta_connection_features_switch" - android:layout_width="wrap_content" - android:layout_height="wrap_content" - android:minHeight="48dp" - android:paddingStart="18dp" - android:paddingEnd="18dp" - android:textColor="@color/state_list_text_color" - android:textOff="@string/studies_off" - android:textOn="@string/studies_on" - app:layout_constraintEnd_toEndOf="parent" - app:layout_constraintTop_toTopOf="@id/enable_beta_connection_features_title" /> - - <RadioGroup - android:id="@+id/enable_beta_connection_features_modes" - android:layout_width="match_parent" - android:layout_height="wrap_content" - android:layout_marginTop="10dp" - app:layout_constraintEnd_toEndOf="parent" - app:layout_constraintStart_toStartOf="parent" - app:layout_constraintTop_toBottomOf="@id/enable_beta_connection_features_summary"> - - <org.mozilla.fenix.settings.PreferenceBackedRadioButton - android:id="@+id/use_new_bootstrap_with_native_ui_radio_button" - android:layout_width="match_parent" - android:layout_height="wrap_content" - android:background="?android:attr/selectableItemBackground" - android:button="@null" - android:drawablePadding="@dimen/radio_button_preference_drawable_padding" - android:paddingStart="@dimen/radio_button_preference_horizontal" - android:paddingTop="@dimen/radio_button_preference_vertical" - android:paddingEnd="@dimen/radio_button_preference_horizontal" - android:paddingBottom="@dimen/radio_button_preference_vertical" - android:text="Native Android UI" - android:textAppearance="?android:attr/textAppearanceListItem" - android:textSize="16sp" - app:drawableStartCompat="?android:attr/listChoiceIndicatorSingle" - app:preferenceKey="@string/pref_key_use_new_bootstrap_with_android_native" - app:preferenceKeyDefaultValue="true" /> - - <org.mozilla.fenix.settings.PreferenceBackedRadioButton - android:id="@+id/use_new_bootstrap_with_html_ui_radio_button" - android:layout_width="match_parent" - android:layout_height="48dp" - android:background="?android:attr/selectableItemBackground" - android:button="@null" - android:drawablePadding="@dimen/radio_button_preference_drawable_padding" - android:paddingStart="@dimen/radio_button_preference_horizontal" - android:paddingTop="@dimen/radio_button_preference_vertical" - android:paddingEnd="@dimen/radio_button_preference_horizontal" - android:paddingBottom="@dimen/radio_button_preference_vertical" - android:text="HTML UI" - android:textAppearance="?android:attr/textAppearanceListItem" - android:textSize="16sp" - app:drawableStartCompat="?android:attr/listChoiceIndicatorSingle" - app:preferenceKey="@string/pref_key_use_new_bootstrap_with_html" - app:preferenceKeyDefaultValue="false" /> - </RadioGroup> - -</androidx.constraintlayout.widget.ConstraintLayout> ===================================== fenix/app/src/main/res/navigation/nav_graph.xml ===================================== @@ -977,11 +977,6 @@ android:id="@+id/torBridgeConfigFragment" android:name="org.mozilla.fenix.settings.TorBridgeConfigFragment" android:label="@string/preferences_tor_network_settings_bridge_config" /> - <fragment - android:id="@+id/torBetaConnectionFeaturesFragment" - android:name="org.mozilla.fenix.tor.TorBetaConnectionFeaturesFragment" - android:label="Enable beta connection features" - tools:layout="@layout/tor_network_settings_beta_connection_features" /> <fragment android:id="@+id/torLogsFragment" android:name="org.mozilla.fenix.tor.TorLogsComposeFragment" ===================================== fenix/app/src/main/res/values/preference_keys.xml ===================================== @@ -378,10 +378,8 @@ <string name="pref_key_tor_network_settings_explanation" translatable="false">pref_key_tor_network_settings_explanation</string> <string name="pref_key_tor_network_settings_bridge_config" translatable="false">pref_key_tor_network_settings_bridge_config</string> - <string name="pref_key_use_new_bootstrap" translatable="false">pref_key_use_new_bootstrap</string> <string name="pref_key_tor_logs" translatable="false">pref_key_tor_logs</string> - <string name="pref_key_use_new_bootstrap_with_android_native" translatable="false">pref_key_use_new_bootstrap_with_android_native</string> - <string name="pref_key_use_new_bootstrap_with_html" translatable="false">pref_key_use_new_bootstrap_with_html</string> + <string name="pref_key_use_html_connection_ui" translatable="false">pref_key_use_html_connection_ui</string>  <string name="pref_key_tor_network_settings_bridge_config_explanation" translatable="false">pref_key_tor_network_settings_bridge_config_explanation</string> <string name="pref_key_tor_network_settings_bridge_config_toggle" translatable="false">pref_key_tor_network_settings_bridge_config_toggle</string> <string name="pref_key_tor_network_settings_bridge_config_builtin_bridge_obfs4" translatable="false">pref_key_tor_network_settings_bridge_config_builtin_bridge_obfs4</string> ===================================== fenix/app/src/main/res/xml/preferences.xml ===================================== @@ -176,10 +176,12 @@ android:title="@string/tor_bootstrap_quick_start_label" app:iconSpaceReserved="false" /> - <Preference - android:key="@string/pref_key_use_new_bootstrap" - app:iconSpaceReserved="false" - android:title="Enable beta connection features" /> + <SwitchPreference + android:defaultValue="false" + android:key="@string/pref_key_use_html_connection_ui" + android:summary="Recommended only for debugging" + android:title="Enable HTML connection UI" + app:iconSpaceReserved="false" /> <Preference android:key="@string/pref_key_tor_logs" View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/50c… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/50c… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/firefox-android][firefox-android-115.2.1-13.5-1] fixup! Implement Android-native Connection Assist UI
by Dan Ballard (＠dan) 09 May '24

09 May '24

Dan Ballard pushed to branch firefox-android-115.2.1-13.5-1 at The Tor Project / Applications / firefox-android Commits: a00861a6 by clairehurst at 2024-05-09T14:47:16-06:00 fixup! Implement Android-native Connection Assist UI - - - - - 4 changed files: - fenix/app/src/main/java/org/mozilla/fenix/tor/ConnectAssistUiState.kt - fenix/app/src/main/java/org/mozilla/fenix/tor/TorConnectionAssistFragment.kt - fenix/app/src/main/java/org/mozilla/fenix/tor/TorConnectionAssistViewModel.kt - fenix/app/src/main/res/layout/fragment_tor_connection_assist.xml Changes: ===================================== fenix/app/src/main/java/org/mozilla/fenix/tor/ConnectAssistUiState.kt ===================================== @@ -31,7 +31,8 @@ enum class ConnectAssistUiState( val torBootstrapButton2Visible: Boolean, @StringRes val torBootstrapButton2TextStringResource: Int? = R.string.connection_assist_configure_connection_button, val torBootstrapButton2ShouldOpenSettings: Boolean = true, - val wordmarkLogoVisible: Boolean, + val wordmarkLogoVisible: Boolean = false, + val torBootstrapButton2ShouldRestartApp: Boolean = false, ) { Splash( progressBarVisible = false, @@ -65,9 +66,8 @@ enum class ConnectAssistUiState( torBootstrapButton2Visible = true, torBootstrapButton2TextStringResource = R.string.connection_assist_configure_connection_button, torBootstrapButton2ShouldOpenSettings = true, - wordmarkLogoVisible = false, ), - Bootstrapping( + Connecting( progressBarVisible = true, progress = 0, backButtonVisible = false, @@ -85,7 +85,6 @@ enum class ConnectAssistUiState( torBootstrapButton2Visible = true, torBootstrapButton2TextStringResource = R.string.btn_cancel, torBootstrapButton2ShouldOpenSettings = false, - wordmarkLogoVisible = false, ), InternetError( progressBarVisible = true, @@ -109,7 +108,6 @@ enum class ConnectAssistUiState( torBootstrapButton2Visible = true, torBootstrapButton2TextStringResource = R.string.connection_assist_configure_connection_button, torBootstrapButton2ShouldOpenSettings = true, - wordmarkLogoVisible = false, ), TryingAgain( progressBarVisible = true, @@ -132,9 +130,8 @@ enum class ConnectAssistUiState( torBootstrapButton2Visible = true, torBootstrapButton2TextStringResource = R.string.btn_cancel, torBootstrapButton2ShouldOpenSettings = false, - wordmarkLogoVisible = false, ), - TryABridge( + ConnectionAssist( progressBarVisible = true, progress = 100, progressTintColorResource = R.color.warning_yellow, @@ -157,7 +154,6 @@ enum class ConnectAssistUiState( torBootstrapButton2Visible = false, torBootstrapButton2TextStringResource = null, torBootstrapButton2ShouldOpenSettings = true, - wordmarkLogoVisible = false, ), TryingABridge( progressBarVisible = true, @@ -180,7 +176,6 @@ enum class ConnectAssistUiState( torBootstrapButton2Visible = true, torBootstrapButton2TextStringResource = R.string.btn_cancel, torBootstrapButton2ShouldOpenSettings = false, - wordmarkLogoVisible = false, ), LocationError( progressBarVisible = true, @@ -207,7 +202,6 @@ enum class ConnectAssistUiState( torBootstrapButton2Visible = false, torBootstrapButton2TextStringResource = null, torBootstrapButton2ShouldOpenSettings = true, - wordmarkLogoVisible = false, ), LocationCheck( progressBarVisible = true, @@ -234,7 +228,6 @@ enum class ConnectAssistUiState( torBootstrapButton2Visible = false, torBootstrapButton2TextStringResource = null, torBootstrapButton2ShouldOpenSettings = true, - wordmarkLogoVisible = false, ), LastTry( progressBarVisible = true, @@ -258,7 +251,6 @@ enum class ConnectAssistUiState( torBootstrapButton2Visible = true, torBootstrapButton2TextStringResource = R.string.btn_cancel, torBootstrapButton2ShouldOpenSettings = false, - wordmarkLogoVisible = false, ), FinalError( progressBarVisible = true, @@ -279,10 +271,10 @@ enum class ConnectAssistUiState( unblockTheInternetInCountryDescriptionVisible = false, countryDropDownVisible = false, torBootstrapButton1Visible = true, - torBootstrapButton1TextStringResource = R.string.connection_assist_internet_error_try_again, + torBootstrapButton1TextStringResource = R.string.connection_assist_configure_connection_button, torBootstrapButton2Visible = true, - torBootstrapButton2TextStringResource = R.string.connection_assist_configure_connection_button, - torBootstrapButton2ShouldOpenSettings = true, - wordmarkLogoVisible = false, + torBootstrapButton2TextStringResource = R.string.mozac_lib_crash_dialog_button_restart, + torBootstrapButton2ShouldOpenSettings = false, + torBootstrapButton2ShouldRestartApp = true, ) } ===================================== fenix/app/src/main/java/org/mozilla/fenix/tor/TorConnectionAssistFragment.kt ===================================== @@ -4,6 +4,7 @@ package org.mozilla.fenix.tor +import android.content.Intent import android.graphics.Color import android.os.Build import android.os.Bundle @@ -25,6 +26,7 @@ import androidx.lifecycle.repeatOnLifecycle import androidx.navigation.fragment.findNavController import kotlinx.coroutines.launch import mozilla.components.support.base.feature.UserInteractionHandler +import org.mozilla.fenix.HomeActivity import org.mozilla.fenix.R import org.mozilla.fenix.databinding.FragmentTorConnectionAssistBinding import org.mozilla.fenix.ext.hideToolbar @@ -33,14 +35,15 @@ class TorConnectionAssistFragment : Fragment(), UserInteractionHandler { private val TAG = "TorConnectionAssistFrag" private val viewModel: TorConnectionAssistViewModel by viewModels() - private lateinit var binding: FragmentTorConnectionAssistBinding + private var _binding: FragmentTorConnectionAssistBinding? = null + private val binding get() = _binding!! override fun onCreateView( inflater: LayoutInflater, container: ViewGroup?, savedInstanceState: Bundle?, ): View { - binding = FragmentTorConnectionAssistBinding.inflate( + _binding = FragmentTorConnectionAssistBinding.inflate( inflater, container, false, ) @@ -90,96 +93,148 @@ class TorConnectionAssistFragment : Fragment(), UserInteractionHandler { } - override fun onDestroyView() { - super.onDestroyView() - } - private fun showScreen(screen: ConnectAssistUiState) { - binding.apply { - torBootstrapProgressBar.visibility = if (screen.progressBarVisible) View.VISIBLE else View.GONE - torBootstrapProgressBar.progress = screen.progress - torBootstrapProgressBar.progressTintList = - screen.progressTintColorResource?.let { - AppCompatResources.getColorStateList(requireContext(), - it - ) - } - - settingsButton.visibility = if (screen.settingsButtonVisible) View.VISIBLE else View.GONE - settingsButton.setOnClickListener { - viewModel.cancelTorBootstrap() - openSettings() - } + setProgressBar(screen) + setSettingsButton(screen) + setBackButton(screen) + setTorConnectImage(screen) + setTitle(screen) + setQuickStart(screen) + setCountryDropDown(screen) + setButton1(screen) + setButton2(screen) + setSplashLogo(screen) + } - backButton.visibility = if (screen.backButtonVisible) View.VISIBLE else View.INVISIBLE - backButton.setOnClickListener { - viewModel.handleBackButtonPressed() + private fun setProgressBar(screen: ConnectAssistUiState) { + binding.torBootstrapProgressBar.visibility = + if (screen.progressBarVisible) View.VISIBLE else View.GONE + binding.torBootstrapProgressBar.progress = screen.progress + binding.torBootstrapProgressBar.progressTintList = + screen.progressTintColorResource?.let { + AppCompatResources.getColorStateList( + requireContext(), + it, + ) } + } - torConnectImage.visibility = if (screen.torConnectImageVisible) View.VISIBLE else View.GONE - torConnectImage.setImageResource(screen.torConnectImageResource) - - titleLargeTextView.visibility = if (screen.titleLargeTextViewVisible) View.VISIBLE else View.GONE - titleLargeTextView.text = getString(screen.titleLargeTextViewTextStringResource) - titleDescription.visibility = if (screen.titleDescriptionVisible) View.VISIBLE else View.GONE - if (screen.learnMoreStringResource != null && screen.internetErrorDescription != null) { - val learnMore: String = getString(screen.learnMoreStringResource) - val internetErrorDescription: String = - if (screen.internetErrorDescription1 == null) { - getString( - screen.internetErrorDescription, - learnMore, - ) - } else if (screen.internetErrorDescription2 == null) { - getString( - screen.internetErrorDescription, - getString(screen.internetErrorDescription1), - learnMore, - ) - } else { - getString( - screen.internetErrorDescription, - getString(screen.internetErrorDescription1), - getString(screen.internetErrorDescription2), - learnMore, - ) - } - handleDescriptionWithClickable(internetErrorDescription, learnMore) - } else if (screen.titleDescriptionTextStringResource != null) { - titleDescription.text = getString(screen.titleDescriptionTextStringResource) - } - quickstartSwitch.visibility = if (screen.quickstartSwitchVisible) View.VISIBLE else View.GONE - quickstartSwitch.isChecked = viewModel.quickstartToggle().value == true - quickstartSwitch.setOnCheckedChangeListener { _, isChecked -> - viewModel.handleQuickstartChecked(isChecked) - } + private fun setSettingsButton(screen: ConnectAssistUiState) { + binding.settingsButton.visibility = if (screen.settingsButtonVisible) View.VISIBLE else View.GONE + binding.settingsButton.setOnClickListener { + viewModel.cancelTorBootstrap() + openSettings() + } + } - unblockTheInternetInCountryDescription.visibility = if (screen.unblockTheInternetInCountryDescriptionVisible) View.VISIBLE else View.GONE - countryDropDown.visibility = if (screen.countryDropDownVisible) View.VISIBLE else View.GONE + private fun setBackButton(screen: ConnectAssistUiState) { + binding.backButton.visibility = if (screen.backButtonVisible) View.VISIBLE else View.INVISIBLE + binding.backButton.setOnClickListener { + viewModel.handleBackButtonPressed() + } + } - torBootstrapButton1.visibility = if (screen.torBootstrapButton1Visible) View.VISIBLE else View.GONE - torBootstrapButton1.text = getString(screen.torBootstrapButton1TextStringResource) - torBootstrapButton1.setOnClickListener { viewModel.handleButton1Pressed(screen, lifecycleScope) } + private fun setTorConnectImage(screen: ConnectAssistUiState) { + binding.torConnectImage.visibility = if (screen.torConnectImageVisible) View.VISIBLE else View.GONE + binding.torConnectImage.setImageResource(screen.torConnectImageResource) + } - torBootstrapButton2.visibility = if (screen.torBootstrapButton2Visible) View.VISIBLE else View.GONE - torBootstrapButton2.text = screen.torBootstrapButton2TextStringResource?.let { - getString( - it - ) - } - torBootstrapButton2.setOnClickListener { - viewModel.cancelTorBootstrap() - if (screen.torBootstrapButton2ShouldOpenSettings){ - openTorConnectionSettings() + private fun setTitle(screen: ConnectAssistUiState) { + binding.titleLargeTextView.visibility = + if (screen.titleLargeTextViewVisible) View.VISIBLE else View.GONE + binding.titleLargeTextView.text = getString(screen.titleLargeTextViewTextStringResource) + binding.titleDescription.visibility = + if (screen.titleDescriptionVisible) View.VISIBLE else View.GONE + if (screen.learnMoreStringResource != null && screen.internetErrorDescription != null) { + val learnMore: String = getString(screen.learnMoreStringResource) + val internetErrorDescription: String = + if (screen.internetErrorDescription1 == null) { + getString( + screen.internetErrorDescription, + learnMore, + ) + } else if (screen.internetErrorDescription2 == null) { + getString( + screen.internetErrorDescription, + getString(screen.internetErrorDescription1), + learnMore, + ) } else { - showScreen(ConnectAssistUiState.Configuring) + getString( + screen.internetErrorDescription, + getString(screen.internetErrorDescription1), + getString(screen.internetErrorDescription2), + learnMore, + ) } - } + handleDescriptionWithClickable(internetErrorDescription, learnMore) + } else if (screen.titleDescriptionTextStringResource != null) { + binding.titleDescription.text = getString(screen.titleDescriptionTextStringResource) + } + } + + private fun setQuickStart(screen: ConnectAssistUiState) { + binding.quickstartSwitch.visibility = + if (screen.quickstartSwitchVisible) View.VISIBLE else View.GONE + binding.quickstartSwitch.isChecked = viewModel.quickstartToggle().value == true + binding.quickstartSwitch.setOnCheckedChangeListener { _, isChecked -> + viewModel.handleQuickstartChecked(isChecked) + } + } + + private fun setCountryDropDown(screen: ConnectAssistUiState) { + binding.unblockTheInternetInCountryDescription.visibility = + if (screen.unblockTheInternetInCountryDescriptionVisible) View.VISIBLE else View.GONE + binding.countryDropDown.visibility = if (screen.countryDropDownVisible) View.VISIBLE else View.GONE + } - wordmarkLogo.visibility = if(screen.wordmarkLogoVisible) View.VISIBLE else View.GONE + private fun setButton1(screen: ConnectAssistUiState) { + binding.torBootstrapButton1.visibility = + if (screen.torBootstrapButton1Visible) View.VISIBLE else View.GONE + binding.torBootstrapButton1.text = getString(screen.torBootstrapButton1TextStringResource) + binding.torBootstrapButton1.setOnClickListener { + viewModel.handleButton1Pressed( + screen, + lifecycleScope, + ) + } + } + + private fun setButton2(screen: ConnectAssistUiState) { + binding.torBootstrapButton2.visibility = + if (screen.torBootstrapButton2Visible) View.VISIBLE else View.GONE + if (screen.torBootstrapButton2ShouldRestartApp) { + binding.torBootstrapButton2.text = + screen.torBootstrapButton2TextStringResource?.let { + getString( + it, + getString(R.string.app_name), + ) + } + } else { + binding.torBootstrapButton2.text = + screen.torBootstrapButton2TextStringResource?.let { + getString( + it, + ) + } + } + binding.torBootstrapButton2.setOnClickListener { + viewModel.cancelTorBootstrap() + if (screen.torBootstrapButton2ShouldOpenSettings) { + openTorConnectionSettings() + } else if (screen.torBootstrapButton2ShouldRestartApp) { + restartApplication() + } else { + showScreen(ConnectAssistUiState.Configuring) + } } } + private fun setSplashLogo(screen: ConnectAssistUiState) { + binding.wordmarkLogo.visibility = if (screen.wordmarkLogoVisible) View.VISIBLE else View.GONE + } + /** * from https://stackoverflow.com/questions/10696986/how-to-set-the-part-of-the-tex… */ @@ -207,6 +262,7 @@ class TorConnectionAssistFragment : Fragment(), UserInteractionHandler { } private fun showLearnMore() { + Log.d(TAG, "showLearnMore() tapped") //TODO("Not yet implemented") } @@ -231,6 +287,15 @@ class TorConnectionAssistFragment : Fragment(), UserInteractionHandler { ) } + private fun restartApplication() { + startActivity( + Intent(requireContext(), HomeActivity::class.java).addFlags( + Intent.FLAG_ACTIVITY_NEW_TASK or Intent.FLAG_ACTIVITY_CLEAR_TASK, + ), + ) + Runtime.getRuntime().exit(0) + } + override fun onBackPressed(): Boolean { return viewModel.handleBackButtonPressed() } ===================================== fenix/app/src/main/java/org/mozilla/fenix/tor/TorConnectionAssistViewModel.kt ===================================== @@ -124,7 +124,7 @@ class TorConnectionAssistViewModel( /** stay here */ } - ConnectAssistUiState.TryABridge -> { + ConnectAssistUiState.ConnectionAssist -> { _torConnectScreen.value = ConnectAssistUiState.TryingABridge } @@ -144,7 +144,7 @@ class TorConnectionAssistViewModel( /** stay here */ } - else -> _torConnectScreen.value = ConnectAssistUiState.Bootstrapping + else -> _torConnectScreen.value = ConnectAssistUiState.Connecting } } @@ -155,28 +155,58 @@ class TorConnectionAssistViewModel( "TorError(message = $message, details = $details, phase = $phase, reason = $reason", ) // TODO better error handling - _torConnectScreen.value = ConnectAssistUiState.InternetError + when (reason) { +// "noroute" -> handleNoRoute() TODO re-add when working better + else -> handleUnknownError() + } + } + } + + private fun handleNoRoute() { + Log.d(TAG, "handleNoRoute(), _torConnectScreen.value = ${_torConnectScreen.value}") + when (_torConnectScreen.value) { + ConnectAssistUiState.Connecting -> _torConnectScreen.value = ConnectAssistUiState.ConnectionAssist + ConnectAssistUiState.ConnectionAssist -> {/** no op, likely a duplicate error */} + ConnectAssistUiState.TryingABridge -> _torConnectScreen.value = ConnectAssistUiState.LocationCheck + ConnectAssistUiState.LocationCheck -> {/** no op, likely a duplicate error */} + ConnectAssistUiState.LastTry -> _torConnectScreen.value = ConnectAssistUiState.FinalError + ConnectAssistUiState.FinalError -> {/** no op, likely a duplicate error */} + else -> _torConnectScreen.value = ConnectAssistUiState.InternetError } } + private fun handleUnknownError() { + // TODO should we have a dedicated screen for unknown errors? + _torConnectScreen.value = ConnectAssistUiState.InternetError + } + override fun onTorStopped() { Log.d(TAG, "onTorStopped()") } private fun tryABridge() { + if (!locationFound()) { + _torConnectScreen.value = ConnectAssistUiState.LocationError + return + } if (!_torController.bridgesEnabled) { _torController.bridgesEnabled = true _torController.bridgeTransport = - TorBridgeTransportConfig.BUILTIN_OBFS4 // TODO select based on country + TorBridgeTransportConfig.BUILTIN_SNOWFLAKE // TODO select based on country } handleConnect(withDebugLogging = true) } + private fun locationFound(): Boolean { + // TODO try to find location + return true + } + fun handleBackButtonPressed(): Boolean { when (torConnectScreen.value) { ConnectAssistUiState.Splash -> return false ConnectAssistUiState.Configuring -> return false - ConnectAssistUiState.Bootstrapping -> cancelTorBootstrap() + ConnectAssistUiState.Connecting -> cancelTorBootstrap() ConnectAssistUiState.InternetError -> { _torController.lastKnownError = null _torConnectScreen.value = ConnectAssistUiState.Configuring @@ -186,18 +216,18 @@ class TorConnectionAssistViewModel( cancelTorBootstrap() } - ConnectAssistUiState.TryABridge -> { + ConnectAssistUiState.ConnectionAssist -> { _torController.lastKnownError = null _torConnectScreen.value = ConnectAssistUiState.Configuring } ConnectAssistUiState.TryingABridge -> { _torController.stopTor() - _torConnectScreen.value = ConnectAssistUiState.TryABridge + _torConnectScreen.value = ConnectAssistUiState.ConnectionAssist } ConnectAssistUiState.LocationError -> { - _torConnectScreen.value = ConnectAssistUiState.TryABridge + _torConnectScreen.value = ConnectAssistUiState.ConnectionAssist } ConnectAssistUiState.LocationCheck -> { ===================================== fenix/app/src/main/res/layout/fragment_tor_connection_assist.xml ===================================== @@ -126,7 +126,6 @@ android:layout_marginTop="8dp" android:layout_marginEnd="24dp" android:textColor="@color/photonLightGrey05" - android:tooltipText="@string/connection_assist_share_my_location_country_or_region" android:visibility="gone" app:layout_constraintEnd_toEndOf="parent" app:layout_constraintStart_toStartOf="parent" View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/a00… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/a00… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.11.0esr-13.5-1] 2 commits: fixup! Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView
by Pier Angelo Vendrame (＠pierov) 09 May '24

09 May '24

Pier Angelo Vendrame pushed to branch mullvad-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser Commits: 489664d9 by Pier Angelo Vendrame at 2024-05-09T18:12:51+02:00 fixup! Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView Revert "Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView" This reverts commit ff97b6fb06850784785e6993c256bef315b2525f. - - - - - daf16c70 by Pier Angelo Vendrame at 2024-05-09T18:12:52+02:00 Bug 42562: Normalized the Accepted Languages on Android. The OS language might be outside the list of actually supported languages and it might leak the user's region. Therefore, we force the locale reported in Accept-Language to match one we support with translations, even when it means using a not exact region tag. - - - - - 1 changed file: - mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java Changes: ===================================== mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java ===================================== @@ -22,7 +22,8 @@ import androidx.annotation.NonNull; import androidx.annotation.Nullable; import java.lang.annotation.Retention; import java.lang.annotation.RetentionPolicy; -import java.util.ArrayList; +import java.util.Collection; +import java.util.HashMap; import java.util.Locale; import org.mozilla.gecko.EventDispatcher; import org.mozilla.gecko.GeckoSystemStateListener; @@ -455,6 +456,16 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { return this; } + public @NonNull Builder supportedLocales(final Collection<String> locales) { + getSettings().mSupportedLocales.clear(); + for (String tag : locales) { + Locale locale = Locale.forLanguageTag(tag); + getSettings().mSupportedLocales.put(locale, locale); + getSettings().mSupportedLocales.put(new Locale(locale.getLanguage()), locale); + } + return this; + } + /** * Sets whether we should spoof locale to English for webpages. * @@ -539,6 +550,7 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { /* package */ int mScreenHeightOverride; /* package */ Class<? extends Service> mCrashHandler; /* package */ String[] mRequestedLocales; + /* package */ HashMap<Locale, Locale> mSupportedLocales = new HashMap<>(); /* package */ RuntimeTelemetry.Proxy mTelemetryProxy; /** @@ -595,6 +607,7 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { mRequestedLocales = settings.mRequestedLocales; mConfigFilePath = settings.mConfigFilePath; mTelemetryProxy = settings.mTelemetryProxy; + mSupportedLocales = settings.mSupportedLocales; } /* package */ void commit() { @@ -803,30 +816,39 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { EventDispatcher.getInstance().dispatch("GeckoView:SetLocale", data); } + private Locale getLocaleIfSupported(String tag) { + Locale exact = Locale.forLanguageTag(tag); + if (mSupportedLocales.containsKey(exact)) { + return exact; + } + Locale fallback = new Locale(exact.getLanguage()); + return mSupportedLocales.get(fallback); + } + private String computeAcceptLanguages() { - final ArrayList<String> locales = new ArrayList<String>(); - - // In Desktop, these are defined in the `intl.accept_languages` localized property. - // At some point we should probably use the same values here, but for now we use a simple - // strategy which will hopefully result in reasonable acceptLanguage values. - if (mRequestedLocales != null && mRequestedLocales.length > 0) { - String locale = mRequestedLocales[0].toLowerCase(Locale.ROOT); - // No need to include `en-us` twice. - if (!locale.equals("en-us")) { - locales.add(locale); - if (locale.contains("-")) { - String lang = locale.split("-")[0]; - // No need to include `en` twice. - if (!lang.equals("en")) { - locales.add(lang); - } + Locale locale = null; + if (mRequestedLocales != null) { + for (String tag : mRequestedLocales) { + locale = getLocaleIfSupported(tag); + if (locale != null) { + break; } } } - locales.add("en-us"); - locales.add("en"); - - return TextUtils.join(",", locales); + if (locale == null) { + for (final String tag : getDefaultLocales()) { + locale = getLocaleIfSupported(tag); + if (locale != null) { + break; + } + } + } + String acceptLanguages = locale != null ? locale.toString().replace('_', '-') : "en-US"; + if (acceptLanguages.equals("en-US")) { + // For consistency with spoof English. + acceptLanguages += ", en"; + } + return acceptLanguages; } private static String[] getDefaultLocales() { View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/29… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/29… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-115.11.0esr-13.5-1] 2 commits: fixup! Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView
by Pier Angelo Vendrame (＠pierov) 09 May '24

09 May '24

Pier Angelo Vendrame pushed to branch base-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: df723884 by Pier Angelo Vendrame at 2024-05-09T18:12:13+02:00 fixup! Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView Revert "Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView" This reverts commit ff97b6fb06850784785e6993c256bef315b2525f. - - - - - d6987499 by Pier Angelo Vendrame at 2024-05-09T18:12:14+02:00 Bug 42562: Normalized the Accepted Languages on Android. The OS language might be outside the list of actually supported languages and it might leak the user's region. Therefore, we force the locale reported in Accept-Language to match one we support with translations, even when it means using a not exact region tag. - - - - - 1 changed file: - mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java Changes: ===================================== mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java ===================================== @@ -22,7 +22,8 @@ import androidx.annotation.NonNull; import androidx.annotation.Nullable; import java.lang.annotation.Retention; import java.lang.annotation.RetentionPolicy; -import java.util.ArrayList; +import java.util.Collection; +import java.util.HashMap; import java.util.Locale; import org.mozilla.gecko.EventDispatcher; import org.mozilla.gecko.GeckoSystemStateListener; @@ -455,6 +456,16 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { return this; } + public @NonNull Builder supportedLocales(final Collection<String> locales) { + getSettings().mSupportedLocales.clear(); + for (String tag : locales) { + Locale locale = Locale.forLanguageTag(tag); + getSettings().mSupportedLocales.put(locale, locale); + getSettings().mSupportedLocales.put(new Locale(locale.getLanguage()), locale); + } + return this; + } + /** * Sets whether we should spoof locale to English for webpages. * @@ -539,6 +550,7 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { /* package */ int mScreenHeightOverride; /* package */ Class<? extends Service> mCrashHandler; /* package */ String[] mRequestedLocales; + /* package */ HashMap<Locale, Locale> mSupportedLocales = new HashMap<>(); /* package */ RuntimeTelemetry.Proxy mTelemetryProxy; /** @@ -595,6 +607,7 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { mRequestedLocales = settings.mRequestedLocales; mConfigFilePath = settings.mConfigFilePath; mTelemetryProxy = settings.mTelemetryProxy; + mSupportedLocales = settings.mSupportedLocales; } /* package */ void commit() { @@ -803,30 +816,39 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { EventDispatcher.getInstance().dispatch("GeckoView:SetLocale", data); } + private Locale getLocaleIfSupported(String tag) { + Locale exact = Locale.forLanguageTag(tag); + if (mSupportedLocales.containsKey(exact)) { + return exact; + } + Locale fallback = new Locale(exact.getLanguage()); + return mSupportedLocales.get(fallback); + } + private String computeAcceptLanguages() { - final ArrayList<String> locales = new ArrayList<String>(); - - // In Desktop, these are defined in the `intl.accept_languages` localized property. - // At some point we should probably use the same values here, but for now we use a simple - // strategy which will hopefully result in reasonable acceptLanguage values. - if (mRequestedLocales != null && mRequestedLocales.length > 0) { - String locale = mRequestedLocales[0].toLowerCase(Locale.ROOT); - // No need to include `en-us` twice. - if (!locale.equals("en-us")) { - locales.add(locale); - if (locale.contains("-")) { - String lang = locale.split("-")[0]; - // No need to include `en` twice. - if (!lang.equals("en")) { - locales.add(lang); - } + Locale locale = null; + if (mRequestedLocales != null) { + for (String tag : mRequestedLocales) { + locale = getLocaleIfSupported(tag); + if (locale != null) { + break; } } } - locales.add("en-us"); - locales.add("en"); - - return TextUtils.join(",", locales); + if (locale == null) { + for (final String tag : getDefaultLocales()) { + locale = getLocaleIfSupported(tag); + if (locale != null) { + break; + } + } + } + String acceptLanguages = locale != null ? locale.toString().replace('_', '-') : "en-US"; + if (acceptLanguages.equals("en-US")) { + // For consistency with spoof English. + acceptLanguages += ", en"; + } + return acceptLanguages; } private static String[] getDefaultLocales() { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/e74305… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/e74305… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/firefox-android][firefox-android-115.2.1-13.5-1] Bug 42652: Pass the list of supported languages to GeckoView.
by Pier Angelo Vendrame (＠pierov) 09 May '24

09 May '24

Pier Angelo Vendrame pushed to branch firefox-android-115.2.1-13.5-1 at The Tor Project / Applications / firefox-android Commits: c11e7b38 by Pier Angelo Vendrame at 2024-05-09T18:06:03+02:00 Bug 42652: Pass the list of supported languages to GeckoView. It will be used to prevent leaks about regional preferences. - - - - - 1 changed file: - fenix/app/src/main/java/org/mozilla/fenix/gecko/GeckoProvider.kt Changes: ===================================== fenix/app/src/main/java/org/mozilla/fenix/gecko/GeckoProvider.kt ===================================== @@ -14,6 +14,7 @@ import mozilla.components.concept.storage.LoginsStorage import mozilla.components.lib.crash.handler.CrashHandlerService import mozilla.components.service.sync.autofill.GeckoCreditCardsAddressesStorageDelegate import mozilla.components.service.sync.logins.GeckoLoginStorageDelegate +import org.mozilla.fenix.BuildConfig import org.mozilla.fenix.Config import org.mozilla.fenix.ext.components import org.mozilla.fenix.ext.settings @@ -58,6 +59,7 @@ object GeckoProvider { .contentBlocking(policy.toContentBlockingSetting()) .debugLogging(Config.channel.isDebug || context.components.settings.enableGeckoLogs) .aboutConfigEnabled(Config.channel.isBeta || Config.channel.isNightlyOrDebug) + .supportedLocales(BuildConfig.SUPPORTED_LOCALE_ARRAY.toList()) .build() val settings = context.components.settings View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/c11… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/c11… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.11.0esr-13.5-1] 2 commits: fixup! Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView
by Pier Angelo Vendrame (＠pierov) 09 May '24

09 May '24

Pier Angelo Vendrame pushed to branch tor-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 83a3762f by Pier Angelo Vendrame at 2024-05-09T18:04:04+02:00 fixup! Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView Revert "Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView" This reverts commit ff97b6fb06850784785e6993c256bef315b2525f. - - - - - e6f7f151 by Pier Angelo Vendrame at 2024-05-09T18:04:07+02:00 Bug 42562: Normalized the Accepted Languages on Android. The OS language might be outside the list of actually supported languages and it might leak the user's region. Therefore, we force the locale reported in Accept-Language to match one we support with translations, even when it means using a not exact region tag. - - - - - 1 changed file: - mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java Changes: ===================================== mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java ===================================== @@ -22,7 +22,8 @@ import androidx.annotation.NonNull; import androidx.annotation.Nullable; import java.lang.annotation.Retention; import java.lang.annotation.RetentionPolicy; -import java.util.ArrayList; +import java.util.Collection; +import java.util.HashMap; import java.util.Locale; import org.mozilla.gecko.EventDispatcher; import org.mozilla.gecko.GeckoSystemStateListener; @@ -455,6 +456,16 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { return this; } + public @NonNull Builder supportedLocales(final Collection<String> locales) { + getSettings().mSupportedLocales.clear(); + for (String tag : locales) { + Locale locale = Locale.forLanguageTag(tag); + getSettings().mSupportedLocales.put(locale, locale); + getSettings().mSupportedLocales.put(new Locale(locale.getLanguage()), locale); + } + return this; + } + /** * Sets whether we should spoof locale to English for webpages. * @@ -546,6 +557,7 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { /* package */ int mScreenHeightOverride; /* package */ Class<? extends Service> mCrashHandler; /* package */ String[] mRequestedLocales; + /* package */ HashMap<Locale, Locale> mSupportedLocales = new HashMap<>(); /* package */ RuntimeTelemetry.Proxy mTelemetryProxy; /** @@ -602,6 +614,7 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { mRequestedLocales = settings.mRequestedLocales; mConfigFilePath = settings.mConfigFilePath; mTelemetryProxy = settings.mTelemetryProxy; + mSupportedLocales = settings.mSupportedLocales; } /* package */ void commit() { @@ -810,30 +823,39 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { EventDispatcher.getInstance().dispatch("GeckoView:SetLocale", data); } + private Locale getLocaleIfSupported(String tag) { + Locale exact = Locale.forLanguageTag(tag); + if (mSupportedLocales.containsKey(exact)) { + return exact; + } + Locale fallback = new Locale(exact.getLanguage()); + return mSupportedLocales.get(fallback); + } + private String computeAcceptLanguages() { - final ArrayList<String> locales = new ArrayList<String>(); - - // In Desktop, these are defined in the `intl.accept_languages` localized property. - // At some point we should probably use the same values here, but for now we use a simple - // strategy which will hopefully result in reasonable acceptLanguage values. - if (mRequestedLocales != null && mRequestedLocales.length > 0) { - String locale = mRequestedLocales[0].toLowerCase(Locale.ROOT); - // No need to include `en-us` twice. - if (!locale.equals("en-us")) { - locales.add(locale); - if (locale.contains("-")) { - String lang = locale.split("-")[0]; - // No need to include `en` twice. - if (!lang.equals("en")) { - locales.add(lang); - } + Locale locale = null; + if (mRequestedLocales != null) { + for (String tag : mRequestedLocales) { + locale = getLocaleIfSupported(tag); + if (locale != null) { + break; } } } - locales.add("en-us"); - locales.add("en"); - - return TextUtils.join(",", locales); + if (locale == null) { + for (final String tag : getDefaultLocales()) { + locale = getLocaleIfSupported(tag); + if (locale != null) { + break; + } + } + } + String acceptLanguages = locale != null ? locale.toString().replace('_', '-') : "en-US"; + if (acceptLanguages.equals("en-US")) { + // For consistency with spoof English. + acceptLanguages += ", en"; + } + return acceptLanguages; } private static String[] getDefaultLocales() { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/66e2e3… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/66e2e3… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.11.0esr-13.0-1] fixup! Bug 30237: Add v3 onion services client authentication prompt
by ma1 (＠ma1) 09 May '24

09 May '24

ma1 pushed to branch tor-browser-115.11.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: e4ed3f35 by hackademix at 2024-05-09T17:49:50+02:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 42557: Fix regression in Onion Services authentication prompt focus - - - - - 1 changed file: - browser/components/onionservices/content/authPrompt.js Changes: ===================================== browser/components/onionservices/content/authPrompt.js ===================================== @@ -81,8 +81,18 @@ const OnionAuthPrompt = (function () { ); }, + _autoFocus(event) { + event.target.ownerGlobal.focus(); + }, + _onPromptShowing(aWarningMessage) { let xulDoc = this._browser.ownerDocument; + + // Force back focus: tor-browser#41856 + (this._popupElem = xulDoc.getElementById( + "tor-clientauth-notification" + ))?.addEventListener("click", this._autoFocus); + let descElem = xulDoc.getElementById("tor-clientauth-notification-desc"); if (descElem) { // Handle replacement of the onion name within the localized @@ -153,6 +163,7 @@ const OnionAuthPrompt = (function () { this._boundOnKeyFieldInput = undefined; } } + this._popupElem?.removeEventListener("click", this._autoFocus); }, _onKeyFieldKeyPress(aEvent) { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/e4ed3f3… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/e4ed3f3… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/firefox-android][firefox-android-115.2.1-13.5-1] 3 commits: Bug 1846306 - Do not throw IllegalStateException when unable to find a session...
by ma1 (＠ma1) 09 May '24

09 May '24

ma1 pushed to branch firefox-android-115.2.1-13.5-1 at The Tor Project / Applications / firefox-android Commits: ccabd9ad by Arturo Mejia at 2024-05-09T15:58:16+02:00 Bug 1846306 - Do not throw IllegalStateException when unable to find a session for given prompt request in onContentPermissionRequested - - - - - 40cae60d by hackademix at 2024-05-09T15:58:20+02:00 Bug 1871217: Improve permission handling in Fullscreen - BP, tor-browser#42656 - - - - - 46475c73 by hackademix at 2024-05-09T15:58:20+02:00 Bug 1892296 - improve webauthn experience - BP, tor-browser#42656 - - - - - 5 changed files: - android-components/components/feature/sitepermissions/src/main/java/mozilla/components/feature/sitepermissions/SitePermissionsFeature.kt - android-components/components/feature/sitepermissions/src/test/java/mozilla/components/feature/sitepermissions/SitePermissionsFeatureTest.kt - android-components/components/feature/webauthn/src/main/java/mozilla/components/feature/webauthn/WebAuthnFeature.kt - android-components/components/feature/webauthn/src/test/java/mozilla/components/feature/webauthn/WebAuthnFeatureTest.kt - fenix/app/src/main/java/org/mozilla/fenix/browser/BaseBrowserFragment.kt Changes: ===================================== android-components/components/feature/sitepermissions/src/main/java/mozilla/components/feature/sitepermissions/SitePermissionsFeature.kt ===================================== @@ -56,12 +56,14 @@ import mozilla.components.concept.engine.permission.SitePermissions import mozilla.components.concept.engine.permission.SitePermissions.Status.ALLOWED import mozilla.components.concept.engine.permission.SitePermissions.Status.BLOCKED import mozilla.components.concept.engine.permission.SitePermissionsStorage +import mozilla.components.feature.session.SessionUseCases import mozilla.components.feature.sitepermissions.SitePermissionsFeature.DialogConfig import mozilla.components.feature.tabs.TabsUseCases.SelectOrAddUseCase import mozilla.components.lib.state.ext.flowScoped import mozilla.components.support.base.feature.LifecycleAwareFeature import mozilla.components.support.base.feature.OnNeedToRequestPermissions import mozilla.components.support.base.feature.PermissionsFeature +import mozilla.components.support.base.log.logger.Logger import mozilla.components.support.ktx.android.content.isPermissionGranted import mozilla.components.support.ktx.kotlin.getOrigin import mozilla.components.support.ktx.kotlin.stripDefaultPort @@ -72,8 +74,6 @@ import mozilla.components.ui.icons.R as iconsR internal const val PROMPT_FRAGMENT_TAG = "mozac_feature_sitepermissions_prompt_dialog" -private const val FULL_SCREEN_NOTIFICATION_TAG = "mozac_feature_prompts_full_screen_notification_dialog" - @VisibleForTesting internal const val STORAGE_ACCESS_DOCUMENTATION_URL = "https://developer.mozilla.org/en-US/docs/Web/API/Storage_Access_API" @@ -94,13 +94,15 @@ internal const val STORAGE_ACCESS_DOCUMENTATION_URL = * need to be requested. Once the request is completed, [onPermissionsResult] needs to be invoked. * @property onShouldShowRequestPermissionRationale a callback that allows the feature to query * the ActivityCompat.shouldShowRequestPermissionRationale or the Fragment.shouldShowRequestPermissionRationale values. + * @property exitFullscreenUseCase optional the use case in charge of exiting fullscreen * @property shouldShowDoNotAskAgainCheckBox optional Visibility for Do not ask again Checkbox **/ @Suppress("TooManyFunctions", "LargeClass", "LongParameterList") class SitePermissionsFeature( private val context: Context, - private var sessionId: String? = null, + @set:VisibleForTesting + internal var sessionId: String? = null, private val storage: SitePermissionsStorage = OnDiskSitePermissionsStorage(context), var sitePermissionsRules: SitePermissionsRules? = null, private val fragmentManager: FragmentManager, @@ -109,6 +111,7 @@ class SitePermissionsFeature( override val onNeedToRequestPermissions: OnNeedToRequestPermissions, val onShouldShowRequestPermissionRationale: (permission: String) -> Boolean, private val store: BrowserStore, + private val exitFullscreenUseCase: SessionUseCases.ExitFullScreenUseCase = SessionUseCases(store).exitFullscreen, private val shouldShowDoNotAskAgainCheckBox: Boolean = true, ) : LifecycleAwareFeature, PermissionsFeature { @VisibleForTesting @@ -116,6 +119,8 @@ class SitePermissionsFeature( SelectOrAddUseCase(store) } + private val logger = Logger("SitePermissionsFeature") + internal val ioCoroutineScope by lazy { coroutineScopeInitializer() } internal var coroutineScopeInitializer = { @@ -428,26 +433,29 @@ class SitePermissionsFeature( consumePermissionRequest(permissionRequest) return null } - - val private: Boolean = store.state.findTabOrCustomTabOrSelectedTab(sessionId)?.content?.private - ?: throw IllegalStateException("Unable to find session for $sessionId or selected session") + val tab = store.state.findTabOrCustomTabOrSelectedTab(sessionId) + if (tab == null) { + logger.error("Unable to find a tab for $sessionId rejecting the prompt request") + permissionRequest.reject() + consumePermissionRequest(permissionRequest) + return null + } val permissionFromStorage = withContext(coroutineScope.coroutineContext) { - storage.findSitePermissionsBy(origin, private = private) + storage.findSitePermissionsBy(origin, private = tab.content.private) } - val prompt = if (shouldApplyRules(permissionFromStorage)) { handleRuledFlow(permissionRequest, origin) } else { handleNoRuledFlow(permissionFromStorage, permissionRequest, origin) } - val fullScreenNotificationDisplayed = - fragmentManager.fragments.any { fragment -> fragment.tag == FULL_SCREEN_NOTIFICATION_TAG } - - return if (fullScreenNotificationDisplayed || prompt == null) { + return if (prompt == null) { null } else { + // If we are in fullscreen, then exit to show the permission prompt. + // This won't have any effect if we are not in fullscreen. + exitFullscreenUseCase.invoke(tab.id) prompt.show(fragmentManager, PROMPT_FRAGMENT_TAG) prompt } ===================================== android-components/components/feature/sitepermissions/src/test/java/mozilla/components/feature/sitepermissions/SitePermissionsFeatureTest.kt ===================================== @@ -600,6 +600,24 @@ class SitePermissionsFeatureTest { verify(sitePermissionFeature).consumePermissionRequest(mockPermissionRequest) } + @Test + fun `GIVEN sessionId which does not match a selected or custom tab WHEN onContentPermissionRequested() THEN reject, consumePermissionRequest are called `() { + val mockPermissionRequest: PermissionRequest = mock { + whenever(permissions).thenReturn(listOf(ContentVideoCamera(id = "permission"))) + } + + doNothing().`when`(mockPermissionRequest).reject() + + sitePermissionFeature.sessionId = null + + runTestOnMain { + sitePermissionFeature.onContentPermissionRequested(mockPermissionRequest, URL) + } + + verify(mockPermissionRequest).reject() + verify(sitePermissionFeature).consumePermissionRequest(mockPermissionRequest) + } + @Test fun `GIVEN location permissionRequest and shouldApplyRules is true WHEN onContentPermissionRequested() THEN handleRuledFlow is called`() = runTestOnMain { // given ===================================== android-components/components/feature/webauthn/src/main/java/mozilla/components/feature/webauthn/WebAuthnFeature.kt ===================================== @@ -20,6 +20,8 @@ import mozilla.components.support.base.log.logger.Logger class WebAuthnFeature( private val engine: Engine, private val activity: Activity, + private val exitFullScreen: (String?) -> Unit, + private val currentTab: () -> String?, ) : LifecycleAwareFeature, ActivityResultHandler, ActivityDelegate { private val logger = Logger("WebAuthnFeature") private var requestCodeCounter = ACTIVITY_REQUEST_CODE @@ -53,6 +55,7 @@ class WebAuthnFeature( override fun startIntentSenderForResult(intent: IntentSender, onResult: (Intent?) -> Unit) { logger.info("Received activity delegate request with code: $requestCodeCounter") + exitFullScreen(currentTab()) activity.startIntentSenderForResult(intent, requestCodeCounter, null, 0, 0, 0) callbackRef = onResult } ===================================== android-components/components/feature/webauthn/src/test/java/mozilla/components/feature/webauthn/WebAuthnFeatureTest.kt ===================================== @@ -22,6 +22,8 @@ import org.mockito.Mockito.verify class WebAuthnFeatureTest { private lateinit var engine: Engine private lateinit var activity: Activity + private val exitFullScreen: (String?) -> Unit = { _ -> exitFullScreenUseCaseCalled = true } + private var exitFullScreenUseCaseCalled = false @Before fun setup() { @@ -31,7 +33,7 @@ class WebAuthnFeatureTest { @Test fun `feature registers itself on start`() { - val feature = WebAuthnFeature(engine, activity) + val feature = webAuthnFeature() feature.start() @@ -40,7 +42,7 @@ class WebAuthnFeatureTest { @Test fun `feature unregisters itself on stop`() { - val feature = WebAuthnFeature(engine, activity) + val feature = webAuthnFeature() feature.stop() @@ -49,7 +51,7 @@ class WebAuthnFeatureTest { @Test fun `activity delegate starts intent sender`() { - val feature = WebAuthnFeature(engine, activity) + val feature = webAuthnFeature() val callback: ((Intent?) -> Unit) = { } val intentSender: IntentSender = mock() @@ -60,7 +62,7 @@ class WebAuthnFeatureTest { @Test fun `callback is invoked`() { - val feature = WebAuthnFeature(engine, activity) + val feature = webAuthnFeature() var callbackInvoked = false val callback: ((Intent?) -> Unit) = { callbackInvoked = true } val intentSender: IntentSender = mock() @@ -77,10 +79,14 @@ class WebAuthnFeatureTest { @Test fun `feature won't process results with the wrong request code`() { - val feature = WebAuthnFeature(engine, activity) + val feature = webAuthnFeature() val result = feature.onActivityResult(ACTIVITY_REQUEST_CODE - 5, Intent(), 0) assertFalse(result) } + + private fun webAuthnFeature(): WebAuthnFeature { + return WebAuthnFeature(engine, activity, { exitFullScreen("") }) { "" } + } } ===================================== fenix/app/src/main/java/org/mozilla/fenix/browser/BaseBrowserFragment.kt ===================================== @@ -830,6 +830,8 @@ abstract class BaseBrowserFragment : feature = WebAuthnFeature( engine = requireComponents.core.engine, activity = requireActivity(), + exitFullScreen = requireComponents.useCases.sessionUseCases.exitFullscreen::invoke, + currentTab = { store.state.selectedTabId }, ), owner = this, view = view, View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/compare/fe… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/compare/fe… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-115.11.0esr-13.5-1] 3 commits: Bug 1871109 - generateHash in Manifest.sys.mjs should use sha256 r=peterv, a=dmeehan
by ma1 (＠ma1) 09 May '24

09 May '24

ma1 pushed to branch base-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 6d5a0677 by Nuohan Li at 2024-05-09T13:38:19+02:00 Bug 1871109 - generateHash in Manifest.sys.mjs should use sha256 r=peterv, a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D204928 - - - - - 58dc31a0 by Jonathan Kew at 2024-05-09T13:38:20+02:00 Bug 1890204 - Ensure font entry's unitsPerEm and font extents are initialized when gfxFont is created. r=gfx-reviewers,lsalzman This means that by the time we potentially call GetFontExtents() when drawing, the extents fields are guaranteed to have been been initialized, and there's no risk of the (read-only) access here racing with setting them in UnitsPerEm(). Differential Revision: https://phabricator.services.mozilla.com/D206920 - - - - - e7430547 by Jonathan Kew at 2024-05-09T13:38:21+02:00 Bug 1893891 - Clear mSharedBlobData if blob creation failed. a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D208983 Differential Revision: https://phabricator.services.mozilla.com/D209209 - - - - - 5 changed files: - dom/manifest/Manifest.sys.mjs - dom/manifest/test/browser_Manifest_install.js - gfx/thebes/gfxFont.cpp - gfx/thebes/gfxFontEntry.cpp - gfx/thebes/gfxFontEntry.h Changes: ===================================== dom/manifest/Manifest.sys.mjs ===================================== @@ -29,11 +29,11 @@ ChromeUtils.defineESModuleGetters(lazy, { * @note The generated hash is returned in base64 form. Mind the fact base64 * is case-sensitive if you are going to reuse this code. */ -function generateHash(aString) { +function generateHash(aString, hashAlg) { const cryptoHash = Cc["@mozilla.org/security/hash;1"].createInstance( Ci.nsICryptoHash ); - cryptoHash.init(Ci.nsICryptoHash.MD5); + cryptoHash.init(hashAlg); const stringStream = Cc[ "@mozilla.org/io/string-input-stream;1" ].createInstance(Ci.nsIStringInputStream); @@ -66,11 +66,39 @@ class Manifest { this._manifestUrl = manifestUrl; // The key for this is the manifests URL that is required to be unique. // However arbitrary urls are not safe file paths so lets hash it. - const fileName = generateHash(manifestUrl) + ".json"; - this._path = PathUtils.join(MANIFESTS_DIR, fileName); + const filename = + generateHash(manifestUrl, Ci.nsICryptoHash.SHA256) + ".json"; + this._path = PathUtils.join(MANIFESTS_DIR, filename); this.browser = browser; } + /** + * See Bug 1871109 + * This function is called at the beginning of initialize() to check if a given + * manifest has MD5 based filename, if so we remove it and migrate the content to + * a new file with SHA256 based name. + * This is done due to security concern, as MD5 is an outdated hashing algorithm and + * shouldn't be used anymore + */ + async removeMD5BasedFilename() { + const filenameMD5 = + generateHash(this._manifestUrl, Ci.nsICryptoHash.MD5) + ".json"; + const MD5Path = PathUtils.join(MANIFESTS_DIR, filenameMD5); + try { + await IOUtils.copy(MD5Path, this._path, { noOverwrite: true }); + } catch (error) { + // we are ignoring the failures returned from copy as it should not stop us from + // installing a new manifest + } + + // Remove the old MD5 based file unconditionally to ensure it's no longer used + try { + await IOUtils.remove(MD5Path); + } catch { + // ignore the error in case MD5 based file does not exist + } + } + get browser() { return this._browser; } @@ -80,6 +108,7 @@ class Manifest { } async initialize() { + await this.removeMD5BasedFilename(); this._store = new lazy.JSONFile({ path: this._path, saveDelayMs: 100 }); await this._store.load(); } ===================================== dom/manifest/test/browser_Manifest_install.js ===================================== @@ -23,18 +23,59 @@ function makeTestURL() { return url.href; } +function generateHash(aString, hashAlg) { + const cryptoHash = Cc["@mozilla.org/security/hash;1"].createInstance( + Ci.nsICryptoHash + ); + cryptoHash.init(hashAlg); + const stringStream = Cc[ + "@mozilla.org/io/string-input-stream;1" + ].createInstance(Ci.nsIStringInputStream); + stringStream.data = aString; + cryptoHash.updateFromStream(stringStream, -1); + // base64 allows the '/' char, but we can't use it for filenames. + return cryptoHash.finish(true).replace(/\//g, "-"); +} + +const MANIFESTS_DIR = PathUtils.join(PathUtils.profileDir, "manifests"); + add_task(async function () { const tabOptions = { gBrowser, url: makeTestURL() }; + const filenameMD5 = generateHash(manifestUrl, Ci.nsICryptoHash.MD5) + ".json"; + const filenameSHA = + generateHash(manifestUrl, Ci.nsICryptoHash.SHA256) + ".json"; + const manifestMD5Path = PathUtils.join(MANIFESTS_DIR, filenameMD5); + const manifestSHAPath = PathUtils.join(MANIFESTS_DIR, filenameSHA); + await BrowserTestUtils.withNewTab(tabOptions, async function (browser) { - let manifest = await Manifests.getManifest(browser, manifestUrl); - is(manifest.installed, false, "We haven't installed this manifest yet"); + let tmpManifest = await Manifests.getManifest(browser, manifestUrl); + is(tmpManifest.installed, false, "We haven't installed this manifest yet"); + + await tmpManifest.install(); + // making sure the manifest is actually installed before proceeding + await tmpManifest._store._save(); + await IOUtils.move(tmpManifest.path, manifestMD5Path); + + let exists = await IOUtils.exists(tmpManifest.path); + is( + exists, + false, + "Manually moved manifest from SHA256 based path to MD5 based path" + ); + Manifests.manifestObjs.delete(manifestUrl); + + let manifest = await Manifests.getManifest(browser, manifestUrl); await manifest.install(browser); is(manifest.name, "hello World", "Manifest has correct name"); is(manifest.installed, true, "Manifest is installed"); is(manifest.url, manifestUrl, "has correct url"); is(manifest.browser, browser, "has correct browser"); + is(manifest.path, manifestSHAPath, "has correct path"); + + exists = await IOUtils.exists(manifestMD5Path); + is(exists, false, "MD5 based manifest removed"); manifest = await Manifests.getManifest(browser, manifestUrl); is(manifest.installed, true, "New instances are installed"); ===================================== gfx/thebes/gfxFont.cpp ===================================== @@ -952,6 +952,10 @@ gfxFont::gfxFont(const RefPtr<UnscaledFont>& aUnscaledFont, } mKerningSet = HasFeatureSet(HB_TAG('k', 'e', 'r', 'n'), mKerningEnabled); + + // Ensure the gfxFontEntry's unitsPerEm and extents fields are initialized, + // so that GetFontExtents can use them without risk of races. + Unused << mFontEntry->UnitsPerEm(); } gfxFont::~gfxFont() { ===================================== gfx/thebes/gfxFontEntry.cpp ===================================== @@ -262,14 +262,22 @@ already_AddRefed<gfxFont> gfxFontEntry::FindOrMakeFont( } uint16_t gfxFontEntry::UnitsPerEm() { + { + AutoReadLock lock(mLock); + if (mUnitsPerEm) { + return mUnitsPerEm; + } + } + + AutoTable headTable(this, TRUETYPE_TAG('h', 'e', 'a', 'd')); + AutoWriteLock lock(mLock); + if (!mUnitsPerEm) { - AutoTable headTable(this, TRUETYPE_TAG('h', 'e', 'a', 'd')); if (headTable) { uint32_t len; const HeadTable* head = reinterpret_cast<const HeadTable*>(hb_blob_get_data(headTable, &len)); if (len >= sizeof(HeadTable)) { - mUnitsPerEm = head->unitsPerEm; if (int16_t(head->xMax) > int16_t(head->xMin) && int16_t(head->yMax) > int16_t(head->yMin)) { mXMin = head->xMin; @@ -277,6 +285,7 @@ uint16_t gfxFontEntry::UnitsPerEm() { mXMax = head->xMax; mYMax = head->yMax; } + mUnitsPerEm = head->unitsPerEm; } } @@ -286,12 +295,13 @@ uint16_t gfxFontEntry::UnitsPerEm() { mUnitsPerEm = kInvalidUPEM; } } + return mUnitsPerEm; } bool gfxFontEntry::HasSVGGlyph(uint32_t aGlyphId) { - NS_ASSERTION(mSVGInitialized, - "SVG data has not yet been loaded. TryGetSVGData() first."); + MOZ_ASSERT(mSVGInitialized, + "SVG data has not yet been loaded. TryGetSVGData() first."); return GetSVGGlyphs()->HasSVGGlyph(aGlyphId); } @@ -309,8 +319,8 @@ bool gfxFontEntry::GetSVGGlyphExtents(DrawTarget* aDrawTarget, void gfxFontEntry::RenderSVGGlyph(gfxContext* aContext, uint32_t aGlyphId, SVGContextPaint* aContextPaint) { - NS_ASSERTION(mSVGInitialized, - "SVG data has not yet been loaded. TryGetSVGData() first."); + MOZ_ASSERT(mSVGInitialized, + "SVG data has not yet been loaded. TryGetSVGData() first."); GetSVGGlyphs()->RenderGlyph(aContext, aGlyphId, aContextPaint); } @@ -467,8 +477,9 @@ hb_blob_t* gfxFontEntry::FontTableHashEntry::ShareTableAndGetBlob( HB_MEMORY_MODE_READONLY, mSharedBlobData, DeleteFontTableBlobData); if (mBlob == hb_blob_get_empty()) { // The FontTableBlobData was destroyed during hb_blob_create(). - // The (empty) blob is still be held in the hashtable with a strong + // The (empty) blob will still be held in the hashtable with a strong // reference. + mSharedBlobData = nullptr; return hb_blob_reference(mBlob); } ===================================== gfx/thebes/gfxFontEntry.h ===================================== @@ -538,6 +538,9 @@ class gfxFontEntry { mozilla::gfx::Rect GetFontExtents(float aFUnitScaleFactor) const { // Flip the y-axis here to match the orientation of Gecko's coordinates. + // We don't need to take a lock here because the min/max fields are inert + // after initialization, and we make sure to initialize them at gfxFont- + // creation time. return mozilla::gfx::Rect(float(mXMin) * aFUnitScaleFactor, float(-mYMax) * aFUnitScaleFactor, float(mXMax - mXMin) * aFUnitScaleFactor, View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/98625d… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/98625d… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.11.0esr-13.5-1] 3 commits: Bug 1871109 - generateHash in Manifest.sys.mjs should use sha256 r=peterv, a=dmeehan
by ma1 (＠ma1) 09 May '24

09 May '24

ma1 pushed to branch tor-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 62619558 by Nuohan Li at 2024-05-09T13:37:32+02:00 Bug 1871109 - generateHash in Manifest.sys.mjs should use sha256 r=peterv, a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D204928 - - - - - 4846c1da by Jonathan Kew at 2024-05-09T13:37:33+02:00 Bug 1890204 - Ensure font entry's unitsPerEm and font extents are initialized when gfxFont is created. r=gfx-reviewers,lsalzman This means that by the time we potentially call GetFontExtents() when drawing, the extents fields are guaranteed to have been been initialized, and there's no risk of the (read-only) access here racing with setting them in UnitsPerEm(). Differential Revision: https://phabricator.services.mozilla.com/D206920 - - - - - 66e2e3ef by Jonathan Kew at 2024-05-09T13:37:34+02:00 Bug 1893891 - Clear mSharedBlobData if blob creation failed. a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D208983 Differential Revision: https://phabricator.services.mozilla.com/D209209 - - - - - 5 changed files: - dom/manifest/Manifest.sys.mjs - dom/manifest/test/browser_Manifest_install.js - gfx/thebes/gfxFont.cpp - gfx/thebes/gfxFontEntry.cpp - gfx/thebes/gfxFontEntry.h Changes: ===================================== dom/manifest/Manifest.sys.mjs ===================================== @@ -29,11 +29,11 @@ ChromeUtils.defineESModuleGetters(lazy, { * @note The generated hash is returned in base64 form. Mind the fact base64 * is case-sensitive if you are going to reuse this code. */ -function generateHash(aString) { +function generateHash(aString, hashAlg) { const cryptoHash = Cc["@mozilla.org/security/hash;1"].createInstance( Ci.nsICryptoHash ); - cryptoHash.init(Ci.nsICryptoHash.MD5); + cryptoHash.init(hashAlg); const stringStream = Cc[ "@mozilla.org/io/string-input-stream;1" ].createInstance(Ci.nsIStringInputStream); @@ -66,11 +66,39 @@ class Manifest { this._manifestUrl = manifestUrl; // The key for this is the manifests URL that is required to be unique. // However arbitrary urls are not safe file paths so lets hash it. - const fileName = generateHash(manifestUrl) + ".json"; - this._path = PathUtils.join(MANIFESTS_DIR, fileName); + const filename = + generateHash(manifestUrl, Ci.nsICryptoHash.SHA256) + ".json"; + this._path = PathUtils.join(MANIFESTS_DIR, filename); this.browser = browser; } + /** + * See Bug 1871109 + * This function is called at the beginning of initialize() to check if a given + * manifest has MD5 based filename, if so we remove it and migrate the content to + * a new file with SHA256 based name. + * This is done due to security concern, as MD5 is an outdated hashing algorithm and + * shouldn't be used anymore + */ + async removeMD5BasedFilename() { + const filenameMD5 = + generateHash(this._manifestUrl, Ci.nsICryptoHash.MD5) + ".json"; + const MD5Path = PathUtils.join(MANIFESTS_DIR, filenameMD5); + try { + await IOUtils.copy(MD5Path, this._path, { noOverwrite: true }); + } catch (error) { + // we are ignoring the failures returned from copy as it should not stop us from + // installing a new manifest + } + + // Remove the old MD5 based file unconditionally to ensure it's no longer used + try { + await IOUtils.remove(MD5Path); + } catch { + // ignore the error in case MD5 based file does not exist + } + } + get browser() { return this._browser; } @@ -80,6 +108,7 @@ class Manifest { } async initialize() { + await this.removeMD5BasedFilename(); this._store = new lazy.JSONFile({ path: this._path, saveDelayMs: 100 }); await this._store.load(); } ===================================== dom/manifest/test/browser_Manifest_install.js ===================================== @@ -23,18 +23,59 @@ function makeTestURL() { return url.href; } +function generateHash(aString, hashAlg) { + const cryptoHash = Cc["@mozilla.org/security/hash;1"].createInstance( + Ci.nsICryptoHash + ); + cryptoHash.init(hashAlg); + const stringStream = Cc[ + "@mozilla.org/io/string-input-stream;1" + ].createInstance(Ci.nsIStringInputStream); + stringStream.data = aString; + cryptoHash.updateFromStream(stringStream, -1); + // base64 allows the '/' char, but we can't use it for filenames. + return cryptoHash.finish(true).replace(/\//g, "-"); +} + +const MANIFESTS_DIR = PathUtils.join(PathUtils.profileDir, "manifests"); + add_task(async function () { const tabOptions = { gBrowser, url: makeTestURL() }; + const filenameMD5 = generateHash(manifestUrl, Ci.nsICryptoHash.MD5) + ".json"; + const filenameSHA = + generateHash(manifestUrl, Ci.nsICryptoHash.SHA256) + ".json"; + const manifestMD5Path = PathUtils.join(MANIFESTS_DIR, filenameMD5); + const manifestSHAPath = PathUtils.join(MANIFESTS_DIR, filenameSHA); + await BrowserTestUtils.withNewTab(tabOptions, async function (browser) { - let manifest = await Manifests.getManifest(browser, manifestUrl); - is(manifest.installed, false, "We haven't installed this manifest yet"); + let tmpManifest = await Manifests.getManifest(browser, manifestUrl); + is(tmpManifest.installed, false, "We haven't installed this manifest yet"); + + await tmpManifest.install(); + // making sure the manifest is actually installed before proceeding + await tmpManifest._store._save(); + await IOUtils.move(tmpManifest.path, manifestMD5Path); + + let exists = await IOUtils.exists(tmpManifest.path); + is( + exists, + false, + "Manually moved manifest from SHA256 based path to MD5 based path" + ); + Manifests.manifestObjs.delete(manifestUrl); + + let manifest = await Manifests.getManifest(browser, manifestUrl); await manifest.install(browser); is(manifest.name, "hello World", "Manifest has correct name"); is(manifest.installed, true, "Manifest is installed"); is(manifest.url, manifestUrl, "has correct url"); is(manifest.browser, browser, "has correct browser"); + is(manifest.path, manifestSHAPath, "has correct path"); + + exists = await IOUtils.exists(manifestMD5Path); + is(exists, false, "MD5 based manifest removed"); manifest = await Manifests.getManifest(browser, manifestUrl); is(manifest.installed, true, "New instances are installed"); ===================================== gfx/thebes/gfxFont.cpp ===================================== @@ -952,6 +952,10 @@ gfxFont::gfxFont(const RefPtr<UnscaledFont>& aUnscaledFont, } mKerningSet = HasFeatureSet(HB_TAG('k', 'e', 'r', 'n'), mKerningEnabled); + + // Ensure the gfxFontEntry's unitsPerEm and extents fields are initialized, + // so that GetFontExtents can use them without risk of races. + Unused << mFontEntry->UnitsPerEm(); } gfxFont::~gfxFont() { ===================================== gfx/thebes/gfxFontEntry.cpp ===================================== @@ -262,14 +262,22 @@ already_AddRefed<gfxFont> gfxFontEntry::FindOrMakeFont( } uint16_t gfxFontEntry::UnitsPerEm() { + { + AutoReadLock lock(mLock); + if (mUnitsPerEm) { + return mUnitsPerEm; + } + } + + AutoTable headTable(this, TRUETYPE_TAG('h', 'e', 'a', 'd')); + AutoWriteLock lock(mLock); + if (!mUnitsPerEm) { - AutoTable headTable(this, TRUETYPE_TAG('h', 'e', 'a', 'd')); if (headTable) { uint32_t len; const HeadTable* head = reinterpret_cast<const HeadTable*>(hb_blob_get_data(headTable, &len)); if (len >= sizeof(HeadTable)) { - mUnitsPerEm = head->unitsPerEm; if (int16_t(head->xMax) > int16_t(head->xMin) && int16_t(head->yMax) > int16_t(head->yMin)) { mXMin = head->xMin; @@ -277,6 +285,7 @@ uint16_t gfxFontEntry::UnitsPerEm() { mXMax = head->xMax; mYMax = head->yMax; } + mUnitsPerEm = head->unitsPerEm; } } @@ -286,12 +295,13 @@ uint16_t gfxFontEntry::UnitsPerEm() { mUnitsPerEm = kInvalidUPEM; } } + return mUnitsPerEm; } bool gfxFontEntry::HasSVGGlyph(uint32_t aGlyphId) { - NS_ASSERTION(mSVGInitialized, - "SVG data has not yet been loaded. TryGetSVGData() first."); + MOZ_ASSERT(mSVGInitialized, + "SVG data has not yet been loaded. TryGetSVGData() first."); return GetSVGGlyphs()->HasSVGGlyph(aGlyphId); } @@ -309,8 +319,8 @@ bool gfxFontEntry::GetSVGGlyphExtents(DrawTarget* aDrawTarget, void gfxFontEntry::RenderSVGGlyph(gfxContext* aContext, uint32_t aGlyphId, SVGContextPaint* aContextPaint) { - NS_ASSERTION(mSVGInitialized, - "SVG data has not yet been loaded. TryGetSVGData() first."); + MOZ_ASSERT(mSVGInitialized, + "SVG data has not yet been loaded. TryGetSVGData() first."); GetSVGGlyphs()->RenderGlyph(aContext, aGlyphId, aContextPaint); } @@ -467,8 +477,9 @@ hb_blob_t* gfxFontEntry::FontTableHashEntry::ShareTableAndGetBlob( HB_MEMORY_MODE_READONLY, mSharedBlobData, DeleteFontTableBlobData); if (mBlob == hb_blob_get_empty()) { // The FontTableBlobData was destroyed during hb_blob_create(). - // The (empty) blob is still be held in the hashtable with a strong + // The (empty) blob will still be held in the hashtable with a strong // reference. + mSharedBlobData = nullptr; return hb_blob_reference(mBlob); } ===================================== gfx/thebes/gfxFontEntry.h ===================================== @@ -538,6 +538,9 @@ class gfxFontEntry { mozilla::gfx::Rect GetFontExtents(float aFUnitScaleFactor) const { // Flip the y-axis here to match the orientation of Gecko's coordinates. + // We don't need to take a lock here because the min/max fields are inert + // after initialization, and we make sure to initialize them at gfxFont- + // creation time. return mozilla::gfx::Rect(float(mXMin) * aFUnitScaleFactor, float(-mYMax) * aFUnitScaleFactor, float(mXMax - mXMin) * aFUnitScaleFactor, View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/410bb2… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/410bb2… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.11.0esr-13.5-1] 3 commits: Bug 1871109 - generateHash in Manifest.sys.mjs should use sha256 r=peterv, a=dmeehan
by ma1 (＠ma1) 09 May '24

09 May '24

ma1 pushed to branch mullvad-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser Commits: ac1e73ce by Nuohan Li at 2024-05-09T13:36:35+02:00 Bug 1871109 - generateHash in Manifest.sys.mjs should use sha256 r=peterv, a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D204928 - - - - - f0b17745 by Jonathan Kew at 2024-05-09T13:36:36+02:00 Bug 1890204 - Ensure font entry's unitsPerEm and font extents are initialized when gfxFont is created. r=gfx-reviewers,lsalzman This means that by the time we potentially call GetFontExtents() when drawing, the extents fields are guaranteed to have been been initialized, and there's no risk of the (read-only) access here racing with setting them in UnitsPerEm(). Differential Revision: https://phabricator.services.mozilla.com/D206920 - - - - - 29322606 by Jonathan Kew at 2024-05-09T13:36:37+02:00 Bug 1893891 - Clear mSharedBlobData if blob creation failed. a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D208983 Differential Revision: https://phabricator.services.mozilla.com/D209209 - - - - - 5 changed files: - dom/manifest/Manifest.sys.mjs - dom/manifest/test/browser_Manifest_install.js - gfx/thebes/gfxFont.cpp - gfx/thebes/gfxFontEntry.cpp - gfx/thebes/gfxFontEntry.h Changes: ===================================== dom/manifest/Manifest.sys.mjs ===================================== @@ -29,11 +29,11 @@ ChromeUtils.defineESModuleGetters(lazy, { * @note The generated hash is returned in base64 form. Mind the fact base64 * is case-sensitive if you are going to reuse this code. */ -function generateHash(aString) { +function generateHash(aString, hashAlg) { const cryptoHash = Cc["@mozilla.org/security/hash;1"].createInstance( Ci.nsICryptoHash ); - cryptoHash.init(Ci.nsICryptoHash.MD5); + cryptoHash.init(hashAlg); const stringStream = Cc[ "@mozilla.org/io/string-input-stream;1" ].createInstance(Ci.nsIStringInputStream); @@ -66,11 +66,39 @@ class Manifest { this._manifestUrl = manifestUrl; // The key for this is the manifests URL that is required to be unique. // However arbitrary urls are not safe file paths so lets hash it. - const fileName = generateHash(manifestUrl) + ".json"; - this._path = PathUtils.join(MANIFESTS_DIR, fileName); + const filename = + generateHash(manifestUrl, Ci.nsICryptoHash.SHA256) + ".json"; + this._path = PathUtils.join(MANIFESTS_DIR, filename); this.browser = browser; } + /** + * See Bug 1871109 + * This function is called at the beginning of initialize() to check if a given + * manifest has MD5 based filename, if so we remove it and migrate the content to + * a new file with SHA256 based name. + * This is done due to security concern, as MD5 is an outdated hashing algorithm and + * shouldn't be used anymore + */ + async removeMD5BasedFilename() { + const filenameMD5 = + generateHash(this._manifestUrl, Ci.nsICryptoHash.MD5) + ".json"; + const MD5Path = PathUtils.join(MANIFESTS_DIR, filenameMD5); + try { + await IOUtils.copy(MD5Path, this._path, { noOverwrite: true }); + } catch (error) { + // we are ignoring the failures returned from copy as it should not stop us from + // installing a new manifest + } + + // Remove the old MD5 based file unconditionally to ensure it's no longer used + try { + await IOUtils.remove(MD5Path); + } catch { + // ignore the error in case MD5 based file does not exist + } + } + get browser() { return this._browser; } @@ -80,6 +108,7 @@ class Manifest { } async initialize() { + await this.removeMD5BasedFilename(); this._store = new lazy.JSONFile({ path: this._path, saveDelayMs: 100 }); await this._store.load(); } ===================================== dom/manifest/test/browser_Manifest_install.js ===================================== @@ -23,18 +23,59 @@ function makeTestURL() { return url.href; } +function generateHash(aString, hashAlg) { + const cryptoHash = Cc["@mozilla.org/security/hash;1"].createInstance( + Ci.nsICryptoHash + ); + cryptoHash.init(hashAlg); + const stringStream = Cc[ + "@mozilla.org/io/string-input-stream;1" + ].createInstance(Ci.nsIStringInputStream); + stringStream.data = aString; + cryptoHash.updateFromStream(stringStream, -1); + // base64 allows the '/' char, but we can't use it for filenames. + return cryptoHash.finish(true).replace(/\//g, "-"); +} + +const MANIFESTS_DIR = PathUtils.join(PathUtils.profileDir, "manifests"); + add_task(async function () { const tabOptions = { gBrowser, url: makeTestURL() }; + const filenameMD5 = generateHash(manifestUrl, Ci.nsICryptoHash.MD5) + ".json"; + const filenameSHA = + generateHash(manifestUrl, Ci.nsICryptoHash.SHA256) + ".json"; + const manifestMD5Path = PathUtils.join(MANIFESTS_DIR, filenameMD5); + const manifestSHAPath = PathUtils.join(MANIFESTS_DIR, filenameSHA); + await BrowserTestUtils.withNewTab(tabOptions, async function (browser) { - let manifest = await Manifests.getManifest(browser, manifestUrl); - is(manifest.installed, false, "We haven't installed this manifest yet"); + let tmpManifest = await Manifests.getManifest(browser, manifestUrl); + is(tmpManifest.installed, false, "We haven't installed this manifest yet"); + + await tmpManifest.install(); + // making sure the manifest is actually installed before proceeding + await tmpManifest._store._save(); + await IOUtils.move(tmpManifest.path, manifestMD5Path); + + let exists = await IOUtils.exists(tmpManifest.path); + is( + exists, + false, + "Manually moved manifest from SHA256 based path to MD5 based path" + ); + Manifests.manifestObjs.delete(manifestUrl); + + let manifest = await Manifests.getManifest(browser, manifestUrl); await manifest.install(browser); is(manifest.name, "hello World", "Manifest has correct name"); is(manifest.installed, true, "Manifest is installed"); is(manifest.url, manifestUrl, "has correct url"); is(manifest.browser, browser, "has correct browser"); + is(manifest.path, manifestSHAPath, "has correct path"); + + exists = await IOUtils.exists(manifestMD5Path); + is(exists, false, "MD5 based manifest removed"); manifest = await Manifests.getManifest(browser, manifestUrl); is(manifest.installed, true, "New instances are installed"); ===================================== gfx/thebes/gfxFont.cpp ===================================== @@ -952,6 +952,10 @@ gfxFont::gfxFont(const RefPtr<UnscaledFont>& aUnscaledFont, } mKerningSet = HasFeatureSet(HB_TAG('k', 'e', 'r', 'n'), mKerningEnabled); + + // Ensure the gfxFontEntry's unitsPerEm and extents fields are initialized, + // so that GetFontExtents can use them without risk of races. + Unused << mFontEntry->UnitsPerEm(); } gfxFont::~gfxFont() { ===================================== gfx/thebes/gfxFontEntry.cpp ===================================== @@ -262,14 +262,22 @@ already_AddRefed<gfxFont> gfxFontEntry::FindOrMakeFont( } uint16_t gfxFontEntry::UnitsPerEm() { + { + AutoReadLock lock(mLock); + if (mUnitsPerEm) { + return mUnitsPerEm; + } + } + + AutoTable headTable(this, TRUETYPE_TAG('h', 'e', 'a', 'd')); + AutoWriteLock lock(mLock); + if (!mUnitsPerEm) { - AutoTable headTable(this, TRUETYPE_TAG('h', 'e', 'a', 'd')); if (headTable) { uint32_t len; const HeadTable* head = reinterpret_cast<const HeadTable*>(hb_blob_get_data(headTable, &len)); if (len >= sizeof(HeadTable)) { - mUnitsPerEm = head->unitsPerEm; if (int16_t(head->xMax) > int16_t(head->xMin) && int16_t(head->yMax) > int16_t(head->yMin)) { mXMin = head->xMin; @@ -277,6 +285,7 @@ uint16_t gfxFontEntry::UnitsPerEm() { mXMax = head->xMax; mYMax = head->yMax; } + mUnitsPerEm = head->unitsPerEm; } } @@ -286,12 +295,13 @@ uint16_t gfxFontEntry::UnitsPerEm() { mUnitsPerEm = kInvalidUPEM; } } + return mUnitsPerEm; } bool gfxFontEntry::HasSVGGlyph(uint32_t aGlyphId) { - NS_ASSERTION(mSVGInitialized, - "SVG data has not yet been loaded. TryGetSVGData() first."); + MOZ_ASSERT(mSVGInitialized, + "SVG data has not yet been loaded. TryGetSVGData() first."); return GetSVGGlyphs()->HasSVGGlyph(aGlyphId); } @@ -309,8 +319,8 @@ bool gfxFontEntry::GetSVGGlyphExtents(DrawTarget* aDrawTarget, void gfxFontEntry::RenderSVGGlyph(gfxContext* aContext, uint32_t aGlyphId, SVGContextPaint* aContextPaint) { - NS_ASSERTION(mSVGInitialized, - "SVG data has not yet been loaded. TryGetSVGData() first."); + MOZ_ASSERT(mSVGInitialized, + "SVG data has not yet been loaded. TryGetSVGData() first."); GetSVGGlyphs()->RenderGlyph(aContext, aGlyphId, aContextPaint); } @@ -467,8 +477,9 @@ hb_blob_t* gfxFontEntry::FontTableHashEntry::ShareTableAndGetBlob( HB_MEMORY_MODE_READONLY, mSharedBlobData, DeleteFontTableBlobData); if (mBlob == hb_blob_get_empty()) { // The FontTableBlobData was destroyed during hb_blob_create(). - // The (empty) blob is still be held in the hashtable with a strong + // The (empty) blob will still be held in the hashtable with a strong // reference. + mSharedBlobData = nullptr; return hb_blob_reference(mBlob); } ===================================== gfx/thebes/gfxFontEntry.h ===================================== @@ -538,6 +538,9 @@ class gfxFontEntry { mozilla::gfx::Rect GetFontExtents(float aFUnitScaleFactor) const { // Flip the y-axis here to match the orientation of Gecko's coordinates. + // We don't need to take a lock here because the min/max fields are inert + // after initialization, and we make sure to initialize them at gfxFont- + // creation time. return mozilla::gfx::Rect(float(mXMin) * aFUnitScaleFactor, float(-mYMax) * aFUnitScaleFactor, float(mXMax - mXMin) * aFUnitScaleFactor, View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/d5… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/d5… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.11.0esr-13.0-1] 3 commits: Bug 1871109 - generateHash in Manifest.sys.mjs should use sha256 r=peterv, a=dmeehan
by ma1 (＠ma1) 09 May '24

09 May '24

ma1 pushed to branch mullvad-browser-115.11.0esr-13.0-1 at The Tor Project / Applications / Mullvad Browser Commits: 50b53983 by Nuohan Li at 2024-05-09T13:04:13+02:00 Bug 1871109 - generateHash in Manifest.sys.mjs should use sha256 r=peterv, a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D204928 - - - - - 7269657b by Jonathan Kew at 2024-05-09T13:04:14+02:00 Bug 1890204 - Ensure font entry's unitsPerEm and font extents are initialized when gfxFont is created. r=gfx-reviewers,lsalzman This means that by the time we potentially call GetFontExtents() when drawing, the extents fields are guaranteed to have been been initialized, and there's no risk of the (read-only) access here racing with setting them in UnitsPerEm(). Differential Revision: https://phabricator.services.mozilla.com/D206920 - - - - - b4147595 by Jonathan Kew at 2024-05-09T13:04:15+02:00 Bug 1893891 - Clear mSharedBlobData if blob creation failed. a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D208983 Differential Revision: https://phabricator.services.mozilla.com/D209209 - - - - - 5 changed files: - dom/manifest/Manifest.sys.mjs - dom/manifest/test/browser_Manifest_install.js - gfx/thebes/gfxFont.cpp - gfx/thebes/gfxFontEntry.cpp - gfx/thebes/gfxFontEntry.h Changes: ===================================== dom/manifest/Manifest.sys.mjs ===================================== @@ -29,11 +29,11 @@ ChromeUtils.defineESModuleGetters(lazy, { * @note The generated hash is returned in base64 form. Mind the fact base64 * is case-sensitive if you are going to reuse this code. */ -function generateHash(aString) { +function generateHash(aString, hashAlg) { const cryptoHash = Cc["@mozilla.org/security/hash;1"].createInstance( Ci.nsICryptoHash ); - cryptoHash.init(Ci.nsICryptoHash.MD5); + cryptoHash.init(hashAlg); const stringStream = Cc[ "@mozilla.org/io/string-input-stream;1" ].createInstance(Ci.nsIStringInputStream); @@ -66,11 +66,39 @@ class Manifest { this._manifestUrl = manifestUrl; // The key for this is the manifests URL that is required to be unique. // However arbitrary urls are not safe file paths so lets hash it. - const fileName = generateHash(manifestUrl) + ".json"; - this._path = PathUtils.join(MANIFESTS_DIR, fileName); + const filename = + generateHash(manifestUrl, Ci.nsICryptoHash.SHA256) + ".json"; + this._path = PathUtils.join(MANIFESTS_DIR, filename); this.browser = browser; } + /** + * See Bug 1871109 + * This function is called at the beginning of initialize() to check if a given + * manifest has MD5 based filename, if so we remove it and migrate the content to + * a new file with SHA256 based name. + * This is done due to security concern, as MD5 is an outdated hashing algorithm and + * shouldn't be used anymore + */ + async removeMD5BasedFilename() { + const filenameMD5 = + generateHash(this._manifestUrl, Ci.nsICryptoHash.MD5) + ".json"; + const MD5Path = PathUtils.join(MANIFESTS_DIR, filenameMD5); + try { + await IOUtils.copy(MD5Path, this._path, { noOverwrite: true }); + } catch (error) { + // we are ignoring the failures returned from copy as it should not stop us from + // installing a new manifest + } + + // Remove the old MD5 based file unconditionally to ensure it's no longer used + try { + await IOUtils.remove(MD5Path); + } catch { + // ignore the error in case MD5 based file does not exist + } + } + get browser() { return this._browser; } @@ -80,6 +108,7 @@ class Manifest { } async initialize() { + await this.removeMD5BasedFilename(); this._store = new lazy.JSONFile({ path: this._path, saveDelayMs: 100 }); await this._store.load(); } ===================================== dom/manifest/test/browser_Manifest_install.js ===================================== @@ -23,18 +23,59 @@ function makeTestURL() { return url.href; } +function generateHash(aString, hashAlg) { + const cryptoHash = Cc["@mozilla.org/security/hash;1"].createInstance( + Ci.nsICryptoHash + ); + cryptoHash.init(hashAlg); + const stringStream = Cc[ + "@mozilla.org/io/string-input-stream;1" + ].createInstance(Ci.nsIStringInputStream); + stringStream.data = aString; + cryptoHash.updateFromStream(stringStream, -1); + // base64 allows the '/' char, but we can't use it for filenames. + return cryptoHash.finish(true).replace(/\//g, "-"); +} + +const MANIFESTS_DIR = PathUtils.join(PathUtils.profileDir, "manifests"); + add_task(async function () { const tabOptions = { gBrowser, url: makeTestURL() }; + const filenameMD5 = generateHash(manifestUrl, Ci.nsICryptoHash.MD5) + ".json"; + const filenameSHA = + generateHash(manifestUrl, Ci.nsICryptoHash.SHA256) + ".json"; + const manifestMD5Path = PathUtils.join(MANIFESTS_DIR, filenameMD5); + const manifestSHAPath = PathUtils.join(MANIFESTS_DIR, filenameSHA); + await BrowserTestUtils.withNewTab(tabOptions, async function (browser) { - let manifest = await Manifests.getManifest(browser, manifestUrl); - is(manifest.installed, false, "We haven't installed this manifest yet"); + let tmpManifest = await Manifests.getManifest(browser, manifestUrl); + is(tmpManifest.installed, false, "We haven't installed this manifest yet"); + + await tmpManifest.install(); + // making sure the manifest is actually installed before proceeding + await tmpManifest._store._save(); + await IOUtils.move(tmpManifest.path, manifestMD5Path); + + let exists = await IOUtils.exists(tmpManifest.path); + is( + exists, + false, + "Manually moved manifest from SHA256 based path to MD5 based path" + ); + Manifests.manifestObjs.delete(manifestUrl); + + let manifest = await Manifests.getManifest(browser, manifestUrl); await manifest.install(browser); is(manifest.name, "hello World", "Manifest has correct name"); is(manifest.installed, true, "Manifest is installed"); is(manifest.url, manifestUrl, "has correct url"); is(manifest.browser, browser, "has correct browser"); + is(manifest.path, manifestSHAPath, "has correct path"); + + exists = await IOUtils.exists(manifestMD5Path); + is(exists, false, "MD5 based manifest removed"); manifest = await Manifests.getManifest(browser, manifestUrl); is(manifest.installed, true, "New instances are installed"); ===================================== gfx/thebes/gfxFont.cpp ===================================== @@ -952,6 +952,10 @@ gfxFont::gfxFont(const RefPtr<UnscaledFont>& aUnscaledFont, } mKerningSet = HasFeatureSet(HB_TAG('k', 'e', 'r', 'n'), mKerningEnabled); + + // Ensure the gfxFontEntry's unitsPerEm and extents fields are initialized, + // so that GetFontExtents can use them without risk of races. + Unused << mFontEntry->UnitsPerEm(); } gfxFont::~gfxFont() { ===================================== gfx/thebes/gfxFontEntry.cpp ===================================== @@ -262,14 +262,22 @@ already_AddRefed<gfxFont> gfxFontEntry::FindOrMakeFont( } uint16_t gfxFontEntry::UnitsPerEm() { + { + AutoReadLock lock(mLock); + if (mUnitsPerEm) { + return mUnitsPerEm; + } + } + + AutoTable headTable(this, TRUETYPE_TAG('h', 'e', 'a', 'd')); + AutoWriteLock lock(mLock); + if (!mUnitsPerEm) { - AutoTable headTable(this, TRUETYPE_TAG('h', 'e', 'a', 'd')); if (headTable) { uint32_t len; const HeadTable* head = reinterpret_cast<const HeadTable*>(hb_blob_get_data(headTable, &len)); if (len >= sizeof(HeadTable)) { - mUnitsPerEm = head->unitsPerEm; if (int16_t(head->xMax) > int16_t(head->xMin) && int16_t(head->yMax) > int16_t(head->yMin)) { mXMin = head->xMin; @@ -277,6 +285,7 @@ uint16_t gfxFontEntry::UnitsPerEm() { mXMax = head->xMax; mYMax = head->yMax; } + mUnitsPerEm = head->unitsPerEm; } } @@ -286,12 +295,13 @@ uint16_t gfxFontEntry::UnitsPerEm() { mUnitsPerEm = kInvalidUPEM; } } + return mUnitsPerEm; } bool gfxFontEntry::HasSVGGlyph(uint32_t aGlyphId) { - NS_ASSERTION(mSVGInitialized, - "SVG data has not yet been loaded. TryGetSVGData() first."); + MOZ_ASSERT(mSVGInitialized, + "SVG data has not yet been loaded. TryGetSVGData() first."); return GetSVGGlyphs()->HasSVGGlyph(aGlyphId); } @@ -309,8 +319,8 @@ bool gfxFontEntry::GetSVGGlyphExtents(DrawTarget* aDrawTarget, void gfxFontEntry::RenderSVGGlyph(gfxContext* aContext, uint32_t aGlyphId, SVGContextPaint* aContextPaint) { - NS_ASSERTION(mSVGInitialized, - "SVG data has not yet been loaded. TryGetSVGData() first."); + MOZ_ASSERT(mSVGInitialized, + "SVG data has not yet been loaded. TryGetSVGData() first."); GetSVGGlyphs()->RenderGlyph(aContext, aGlyphId, aContextPaint); } @@ -467,8 +477,9 @@ hb_blob_t* gfxFontEntry::FontTableHashEntry::ShareTableAndGetBlob( HB_MEMORY_MODE_READONLY, mSharedBlobData, DeleteFontTableBlobData); if (mBlob == hb_blob_get_empty()) { // The FontTableBlobData was destroyed during hb_blob_create(). - // The (empty) blob is still be held in the hashtable with a strong + // The (empty) blob will still be held in the hashtable with a strong // reference. + mSharedBlobData = nullptr; return hb_blob_reference(mBlob); } ===================================== gfx/thebes/gfxFontEntry.h ===================================== @@ -538,6 +538,9 @@ class gfxFontEntry { mozilla::gfx::Rect GetFontExtents(float aFUnitScaleFactor) const { // Flip the y-axis here to match the orientation of Gecko's coordinates. + // We don't need to take a lock here because the min/max fields are inert + // after initialization, and we make sure to initialize them at gfxFont- + // creation time. return mozilla::gfx::Rect(float(mXMin) * aFUnitScaleFactor, float(-mYMax) * aFUnitScaleFactor, float(mXMax - mXMin) * aFUnitScaleFactor, View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/d3… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/d3… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-115.11.0esr-13.0-1] 3 commits: Bug 1871109 - generateHash in Manifest.sys.mjs should use sha256 r=peterv, a=dmeehan
by ma1 (＠ma1) 09 May '24

09 May '24

ma1 pushed to branch base-browser-115.11.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: ac2c9355 by Nuohan Li at 2024-05-09T13:01:34+02:00 Bug 1871109 - generateHash in Manifest.sys.mjs should use sha256 r=peterv, a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D204928 - - - - - 9d85032c by Jonathan Kew at 2024-05-09T13:01:39+02:00 Bug 1890204 - Ensure font entry's unitsPerEm and font extents are initialized when gfxFont is created. r=gfx-reviewers,lsalzman This means that by the time we potentially call GetFontExtents() when drawing, the extents fields are guaranteed to have been been initialized, and there's no risk of the (read-only) access here racing with setting them in UnitsPerEm(). Differential Revision: https://phabricator.services.mozilla.com/D206920 - - - - - 8a728aa8 by Jonathan Kew at 2024-05-09T13:01:40+02:00 Bug 1893891 - Clear mSharedBlobData if blob creation failed. a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D208983 Differential Revision: https://phabricator.services.mozilla.com/D209209 - - - - - 5 changed files: - dom/manifest/Manifest.sys.mjs - dom/manifest/test/browser_Manifest_install.js - gfx/thebes/gfxFont.cpp - gfx/thebes/gfxFontEntry.cpp - gfx/thebes/gfxFontEntry.h Changes: ===================================== dom/manifest/Manifest.sys.mjs ===================================== @@ -29,11 +29,11 @@ ChromeUtils.defineESModuleGetters(lazy, { * @note The generated hash is returned in base64 form. Mind the fact base64 * is case-sensitive if you are going to reuse this code. */ -function generateHash(aString) { +function generateHash(aString, hashAlg) { const cryptoHash = Cc["@mozilla.org/security/hash;1"].createInstance( Ci.nsICryptoHash ); - cryptoHash.init(Ci.nsICryptoHash.MD5); + cryptoHash.init(hashAlg); const stringStream = Cc[ "@mozilla.org/io/string-input-stream;1" ].createInstance(Ci.nsIStringInputStream); @@ -66,11 +66,39 @@ class Manifest { this._manifestUrl = manifestUrl; // The key for this is the manifests URL that is required to be unique. // However arbitrary urls are not safe file paths so lets hash it. - const fileName = generateHash(manifestUrl) + ".json"; - this._path = PathUtils.join(MANIFESTS_DIR, fileName); + const filename = + generateHash(manifestUrl, Ci.nsICryptoHash.SHA256) + ".json"; + this._path = PathUtils.join(MANIFESTS_DIR, filename); this.browser = browser; } + /** + * See Bug 1871109 + * This function is called at the beginning of initialize() to check if a given + * manifest has MD5 based filename, if so we remove it and migrate the content to + * a new file with SHA256 based name. + * This is done due to security concern, as MD5 is an outdated hashing algorithm and + * shouldn't be used anymore + */ + async removeMD5BasedFilename() { + const filenameMD5 = + generateHash(this._manifestUrl, Ci.nsICryptoHash.MD5) + ".json"; + const MD5Path = PathUtils.join(MANIFESTS_DIR, filenameMD5); + try { + await IOUtils.copy(MD5Path, this._path, { noOverwrite: true }); + } catch (error) { + // we are ignoring the failures returned from copy as it should not stop us from + // installing a new manifest + } + + // Remove the old MD5 based file unconditionally to ensure it's no longer used + try { + await IOUtils.remove(MD5Path); + } catch { + // ignore the error in case MD5 based file does not exist + } + } + get browser() { return this._browser; } @@ -80,6 +108,7 @@ class Manifest { } async initialize() { + await this.removeMD5BasedFilename(); this._store = new lazy.JSONFile({ path: this._path, saveDelayMs: 100 }); await this._store.load(); } ===================================== dom/manifest/test/browser_Manifest_install.js ===================================== @@ -23,18 +23,59 @@ function makeTestURL() { return url.href; } +function generateHash(aString, hashAlg) { + const cryptoHash = Cc["@mozilla.org/security/hash;1"].createInstance( + Ci.nsICryptoHash + ); + cryptoHash.init(hashAlg); + const stringStream = Cc[ + "@mozilla.org/io/string-input-stream;1" + ].createInstance(Ci.nsIStringInputStream); + stringStream.data = aString; + cryptoHash.updateFromStream(stringStream, -1); + // base64 allows the '/' char, but we can't use it for filenames. + return cryptoHash.finish(true).replace(/\//g, "-"); +} + +const MANIFESTS_DIR = PathUtils.join(PathUtils.profileDir, "manifests"); + add_task(async function () { const tabOptions = { gBrowser, url: makeTestURL() }; + const filenameMD5 = generateHash(manifestUrl, Ci.nsICryptoHash.MD5) + ".json"; + const filenameSHA = + generateHash(manifestUrl, Ci.nsICryptoHash.SHA256) + ".json"; + const manifestMD5Path = PathUtils.join(MANIFESTS_DIR, filenameMD5); + const manifestSHAPath = PathUtils.join(MANIFESTS_DIR, filenameSHA); + await BrowserTestUtils.withNewTab(tabOptions, async function (browser) { - let manifest = await Manifests.getManifest(browser, manifestUrl); - is(manifest.installed, false, "We haven't installed this manifest yet"); + let tmpManifest = await Manifests.getManifest(browser, manifestUrl); + is(tmpManifest.installed, false, "We haven't installed this manifest yet"); + + await tmpManifest.install(); + // making sure the manifest is actually installed before proceeding + await tmpManifest._store._save(); + await IOUtils.move(tmpManifest.path, manifestMD5Path); + + let exists = await IOUtils.exists(tmpManifest.path); + is( + exists, + false, + "Manually moved manifest from SHA256 based path to MD5 based path" + ); + Manifests.manifestObjs.delete(manifestUrl); + + let manifest = await Manifests.getManifest(browser, manifestUrl); await manifest.install(browser); is(manifest.name, "hello World", "Manifest has correct name"); is(manifest.installed, true, "Manifest is installed"); is(manifest.url, manifestUrl, "has correct url"); is(manifest.browser, browser, "has correct browser"); + is(manifest.path, manifestSHAPath, "has correct path"); + + exists = await IOUtils.exists(manifestMD5Path); + is(exists, false, "MD5 based manifest removed"); manifest = await Manifests.getManifest(browser, manifestUrl); is(manifest.installed, true, "New instances are installed"); ===================================== gfx/thebes/gfxFont.cpp ===================================== @@ -952,6 +952,10 @@ gfxFont::gfxFont(const RefPtr<UnscaledFont>& aUnscaledFont, } mKerningSet = HasFeatureSet(HB_TAG('k', 'e', 'r', 'n'), mKerningEnabled); + + // Ensure the gfxFontEntry's unitsPerEm and extents fields are initialized, + // so that GetFontExtents can use them without risk of races. + Unused << mFontEntry->UnitsPerEm(); } gfxFont::~gfxFont() { ===================================== gfx/thebes/gfxFontEntry.cpp ===================================== @@ -262,14 +262,22 @@ already_AddRefed<gfxFont> gfxFontEntry::FindOrMakeFont( } uint16_t gfxFontEntry::UnitsPerEm() { + { + AutoReadLock lock(mLock); + if (mUnitsPerEm) { + return mUnitsPerEm; + } + } + + AutoTable headTable(this, TRUETYPE_TAG('h', 'e', 'a', 'd')); + AutoWriteLock lock(mLock); + if (!mUnitsPerEm) { - AutoTable headTable(this, TRUETYPE_TAG('h', 'e', 'a', 'd')); if (headTable) { uint32_t len; const HeadTable* head = reinterpret_cast<const HeadTable*>(hb_blob_get_data(headTable, &len)); if (len >= sizeof(HeadTable)) { - mUnitsPerEm = head->unitsPerEm; if (int16_t(head->xMax) > int16_t(head->xMin) && int16_t(head->yMax) > int16_t(head->yMin)) { mXMin = head->xMin; @@ -277,6 +285,7 @@ uint16_t gfxFontEntry::UnitsPerEm() { mXMax = head->xMax; mYMax = head->yMax; } + mUnitsPerEm = head->unitsPerEm; } } @@ -286,12 +295,13 @@ uint16_t gfxFontEntry::UnitsPerEm() { mUnitsPerEm = kInvalidUPEM; } } + return mUnitsPerEm; } bool gfxFontEntry::HasSVGGlyph(uint32_t aGlyphId) { - NS_ASSERTION(mSVGInitialized, - "SVG data has not yet been loaded. TryGetSVGData() first."); + MOZ_ASSERT(mSVGInitialized, + "SVG data has not yet been loaded. TryGetSVGData() first."); return GetSVGGlyphs()->HasSVGGlyph(aGlyphId); } @@ -309,8 +319,8 @@ bool gfxFontEntry::GetSVGGlyphExtents(DrawTarget* aDrawTarget, void gfxFontEntry::RenderSVGGlyph(gfxContext* aContext, uint32_t aGlyphId, SVGContextPaint* aContextPaint) { - NS_ASSERTION(mSVGInitialized, - "SVG data has not yet been loaded. TryGetSVGData() first."); + MOZ_ASSERT(mSVGInitialized, + "SVG data has not yet been loaded. TryGetSVGData() first."); GetSVGGlyphs()->RenderGlyph(aContext, aGlyphId, aContextPaint); } @@ -467,8 +477,9 @@ hb_blob_t* gfxFontEntry::FontTableHashEntry::ShareTableAndGetBlob( HB_MEMORY_MODE_READONLY, mSharedBlobData, DeleteFontTableBlobData); if (mBlob == hb_blob_get_empty()) { // The FontTableBlobData was destroyed during hb_blob_create(). - // The (empty) blob is still be held in the hashtable with a strong + // The (empty) blob will still be held in the hashtable with a strong // reference. + mSharedBlobData = nullptr; return hb_blob_reference(mBlob); } ===================================== gfx/thebes/gfxFontEntry.h ===================================== @@ -538,6 +538,9 @@ class gfxFontEntry { mozilla::gfx::Rect GetFontExtents(float aFUnitScaleFactor) const { // Flip the y-axis here to match the orientation of Gecko's coordinates. + // We don't need to take a lock here because the min/max fields are inert + // after initialization, and we make sure to initialize them at gfxFont- + // creation time. return mozilla::gfx::Rect(float(mXMin) * aFUnitScaleFactor, float(-mYMax) * aFUnitScaleFactor, float(mXMax - mXMin) * aFUnitScaleFactor, View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/5cc512… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/5cc512… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.11.0esr-13.0-1] 3 commits: Bug 1871109 - generateHash in Manifest.sys.mjs should use sha256 r=peterv, a=dmeehan
by ma1 (＠ma1) 09 May '24

09 May '24

ma1 pushed to branch tor-browser-115.11.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: a52dc31b by Nuohan Li at 2024-05-09T10:55:04+00:00 Bug 1871109 - generateHash in Manifest.sys.mjs should use sha256 r=peterv, a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D204928 - - - - - 88affd4a by Jonathan Kew at 2024-05-09T10:55:04+00:00 Bug 1890204 - Ensure font entry's unitsPerEm and font extents are initialized when gfxFont is created. r=gfx-reviewers,lsalzman This means that by the time we potentially call GetFontExtents() when drawing, the extents fields are guaranteed to have been been initialized, and there's no risk of the (read-only) access here racing with setting them in UnitsPerEm(). Differential Revision: https://phabricator.services.mozilla.com/D206920 - - - - - fc0ee191 by Jonathan Kew at 2024-05-09T10:55:04+00:00 Bug 1893891 - Clear mSharedBlobData if blob creation failed. a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D208983 Differential Revision: https://phabricator.services.mozilla.com/D209209 - - - - - 5 changed files: - dom/manifest/Manifest.sys.mjs - dom/manifest/test/browser_Manifest_install.js - gfx/thebes/gfxFont.cpp - gfx/thebes/gfxFontEntry.cpp - gfx/thebes/gfxFontEntry.h Changes: ===================================== dom/manifest/Manifest.sys.mjs ===================================== @@ -29,11 +29,11 @@ ChromeUtils.defineESModuleGetters(lazy, { * @note The generated hash is returned in base64 form. Mind the fact base64 * is case-sensitive if you are going to reuse this code. */ -function generateHash(aString) { +function generateHash(aString, hashAlg) { const cryptoHash = Cc["@mozilla.org/security/hash;1"].createInstance( Ci.nsICryptoHash ); - cryptoHash.init(Ci.nsICryptoHash.MD5); + cryptoHash.init(hashAlg); const stringStream = Cc[ "@mozilla.org/io/string-input-stream;1" ].createInstance(Ci.nsIStringInputStream); @@ -66,11 +66,39 @@ class Manifest { this._manifestUrl = manifestUrl; // The key for this is the manifests URL that is required to be unique. // However arbitrary urls are not safe file paths so lets hash it. - const fileName = generateHash(manifestUrl) + ".json"; - this._path = PathUtils.join(MANIFESTS_DIR, fileName); + const filename = + generateHash(manifestUrl, Ci.nsICryptoHash.SHA256) + ".json"; + this._path = PathUtils.join(MANIFESTS_DIR, filename); this.browser = browser; } + /** + * See Bug 1871109 + * This function is called at the beginning of initialize() to check if a given + * manifest has MD5 based filename, if so we remove it and migrate the content to + * a new file with SHA256 based name. + * This is done due to security concern, as MD5 is an outdated hashing algorithm and + * shouldn't be used anymore + */ + async removeMD5BasedFilename() { + const filenameMD5 = + generateHash(this._manifestUrl, Ci.nsICryptoHash.MD5) + ".json"; + const MD5Path = PathUtils.join(MANIFESTS_DIR, filenameMD5); + try { + await IOUtils.copy(MD5Path, this._path, { noOverwrite: true }); + } catch (error) { + // we are ignoring the failures returned from copy as it should not stop us from + // installing a new manifest + } + + // Remove the old MD5 based file unconditionally to ensure it's no longer used + try { + await IOUtils.remove(MD5Path); + } catch { + // ignore the error in case MD5 based file does not exist + } + } + get browser() { return this._browser; } @@ -80,6 +108,7 @@ class Manifest { } async initialize() { + await this.removeMD5BasedFilename(); this._store = new lazy.JSONFile({ path: this._path, saveDelayMs: 100 }); await this._store.load(); } ===================================== dom/manifest/test/browser_Manifest_install.js ===================================== @@ -23,18 +23,59 @@ function makeTestURL() { return url.href; } +function generateHash(aString, hashAlg) { + const cryptoHash = Cc["@mozilla.org/security/hash;1"].createInstance( + Ci.nsICryptoHash + ); + cryptoHash.init(hashAlg); + const stringStream = Cc[ + "@mozilla.org/io/string-input-stream;1" + ].createInstance(Ci.nsIStringInputStream); + stringStream.data = aString; + cryptoHash.updateFromStream(stringStream, -1); + // base64 allows the '/' char, but we can't use it for filenames. + return cryptoHash.finish(true).replace(/\//g, "-"); +} + +const MANIFESTS_DIR = PathUtils.join(PathUtils.profileDir, "manifests"); + add_task(async function () { const tabOptions = { gBrowser, url: makeTestURL() }; + const filenameMD5 = generateHash(manifestUrl, Ci.nsICryptoHash.MD5) + ".json"; + const filenameSHA = + generateHash(manifestUrl, Ci.nsICryptoHash.SHA256) + ".json"; + const manifestMD5Path = PathUtils.join(MANIFESTS_DIR, filenameMD5); + const manifestSHAPath = PathUtils.join(MANIFESTS_DIR, filenameSHA); + await BrowserTestUtils.withNewTab(tabOptions, async function (browser) { - let manifest = await Manifests.getManifest(browser, manifestUrl); - is(manifest.installed, false, "We haven't installed this manifest yet"); + let tmpManifest = await Manifests.getManifest(browser, manifestUrl); + is(tmpManifest.installed, false, "We haven't installed this manifest yet"); + + await tmpManifest.install(); + // making sure the manifest is actually installed before proceeding + await tmpManifest._store._save(); + await IOUtils.move(tmpManifest.path, manifestMD5Path); + + let exists = await IOUtils.exists(tmpManifest.path); + is( + exists, + false, + "Manually moved manifest from SHA256 based path to MD5 based path" + ); + Manifests.manifestObjs.delete(manifestUrl); + + let manifest = await Manifests.getManifest(browser, manifestUrl); await manifest.install(browser); is(manifest.name, "hello World", "Manifest has correct name"); is(manifest.installed, true, "Manifest is installed"); is(manifest.url, manifestUrl, "has correct url"); is(manifest.browser, browser, "has correct browser"); + is(manifest.path, manifestSHAPath, "has correct path"); + + exists = await IOUtils.exists(manifestMD5Path); + is(exists, false, "MD5 based manifest removed"); manifest = await Manifests.getManifest(browser, manifestUrl); is(manifest.installed, true, "New instances are installed"); ===================================== gfx/thebes/gfxFont.cpp ===================================== @@ -952,6 +952,10 @@ gfxFont::gfxFont(const RefPtr<UnscaledFont>& aUnscaledFont, } mKerningSet = HasFeatureSet(HB_TAG('k', 'e', 'r', 'n'), mKerningEnabled); + + // Ensure the gfxFontEntry's unitsPerEm and extents fields are initialized, + // so that GetFontExtents can use them without risk of races. + Unused << mFontEntry->UnitsPerEm(); } gfxFont::~gfxFont() { ===================================== gfx/thebes/gfxFontEntry.cpp ===================================== @@ -262,14 +262,22 @@ already_AddRefed<gfxFont> gfxFontEntry::FindOrMakeFont( } uint16_t gfxFontEntry::UnitsPerEm() { + { + AutoReadLock lock(mLock); + if (mUnitsPerEm) { + return mUnitsPerEm; + } + } + + AutoTable headTable(this, TRUETYPE_TAG('h', 'e', 'a', 'd')); + AutoWriteLock lock(mLock); + if (!mUnitsPerEm) { - AutoTable headTable(this, TRUETYPE_TAG('h', 'e', 'a', 'd')); if (headTable) { uint32_t len; const HeadTable* head = reinterpret_cast<const HeadTable*>(hb_blob_get_data(headTable, &len)); if (len >= sizeof(HeadTable)) { - mUnitsPerEm = head->unitsPerEm; if (int16_t(head->xMax) > int16_t(head->xMin) && int16_t(head->yMax) > int16_t(head->yMin)) { mXMin = head->xMin; @@ -277,6 +285,7 @@ uint16_t gfxFontEntry::UnitsPerEm() { mXMax = head->xMax; mYMax = head->yMax; } + mUnitsPerEm = head->unitsPerEm; } } @@ -286,12 +295,13 @@ uint16_t gfxFontEntry::UnitsPerEm() { mUnitsPerEm = kInvalidUPEM; } } + return mUnitsPerEm; } bool gfxFontEntry::HasSVGGlyph(uint32_t aGlyphId) { - NS_ASSERTION(mSVGInitialized, - "SVG data has not yet been loaded. TryGetSVGData() first."); + MOZ_ASSERT(mSVGInitialized, + "SVG data has not yet been loaded. TryGetSVGData() first."); return GetSVGGlyphs()->HasSVGGlyph(aGlyphId); } @@ -309,8 +319,8 @@ bool gfxFontEntry::GetSVGGlyphExtents(DrawTarget* aDrawTarget, void gfxFontEntry::RenderSVGGlyph(gfxContext* aContext, uint32_t aGlyphId, SVGContextPaint* aContextPaint) { - NS_ASSERTION(mSVGInitialized, - "SVG data has not yet been loaded. TryGetSVGData() first."); + MOZ_ASSERT(mSVGInitialized, + "SVG data has not yet been loaded. TryGetSVGData() first."); GetSVGGlyphs()->RenderGlyph(aContext, aGlyphId, aContextPaint); } @@ -467,8 +477,9 @@ hb_blob_t* gfxFontEntry::FontTableHashEntry::ShareTableAndGetBlob( HB_MEMORY_MODE_READONLY, mSharedBlobData, DeleteFontTableBlobData); if (mBlob == hb_blob_get_empty()) { // The FontTableBlobData was destroyed during hb_blob_create(). - // The (empty) blob is still be held in the hashtable with a strong + // The (empty) blob will still be held in the hashtable with a strong // reference. + mSharedBlobData = nullptr; return hb_blob_reference(mBlob); } ===================================== gfx/thebes/gfxFontEntry.h ===================================== @@ -538,6 +538,9 @@ class gfxFontEntry { mozilla::gfx::Rect GetFontExtents(float aFUnitScaleFactor) const { // Flip the y-axis here to match the orientation of Gecko's coordinates. + // We don't need to take a lock here because the min/max fields are inert + // after initialization, and we make sure to initialize them at gfxFont- + // creation time. return mozilla::gfx::Rect(float(mXMin) * aFUnitScaleFactor, float(-mYMax) * aFUnitScaleFactor, float(mXMax - mXMin) * aFUnitScaleFactor, View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/10474e… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/10474e… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/firefox-android][firefox-android-115.2.1-13.0-1] 4 commits: Bug 1871214 - improve share interaction with fullscreen - BP, tor-browser#42656
by ma1 (＠ma1) 09 May '24

09 May '24

ma1 pushed to branch firefox-android-115.2.1-13.0-1 at The Tor Project / Applications / firefox-android Commits: d3aa11b9 by hackademix at 2024-05-08T18:01:13+02:00 Bug 1871214 - improve share interaction with fullscreen - BP, tor-browser#42656 - - - - - 43756a25 by Arturo Mejia at 2024-05-08T19:23:07+02:00 Bug 1846306 - Do not throw IllegalStateException when unable to find a session for given prompt request in onContentPermissionRequested - - - - - 44c271d8 by hackademix at 2024-05-08T19:29:05+02:00 Bug 1871217: Improve permission handling in Fullscreen - BP, tor-browser#42656 - - - - - f72ebb33 by hackademix at 2024-05-08T20:40:25+02:00 Bug 1892296 - improve webauthn experience - BP, tor-browser#42656 - - - - - 6 changed files: - android-components/components/feature/sitepermissions/src/main/java/mozilla/components/feature/sitepermissions/SitePermissionsFeature.kt - android-components/components/feature/sitepermissions/src/test/java/mozilla/components/feature/sitepermissions/SitePermissionsFeatureTest.kt - android-components/components/feature/webauthn/src/main/java/mozilla/components/feature/webauthn/WebAuthnFeature.kt - android-components/components/feature/webauthn/src/test/java/mozilla/components/feature/webauthn/WebAuthnFeatureTest.kt - fenix/app/src/main/java/org/mozilla/fenix/browser/BaseBrowserFragment.kt - fenix/app/src/main/java/org/mozilla/fenix/share/ShareFragment.kt Changes: ===================================== android-components/components/feature/sitepermissions/src/main/java/mozilla/components/feature/sitepermissions/SitePermissionsFeature.kt ===================================== @@ -56,12 +56,14 @@ import mozilla.components.concept.engine.permission.SitePermissions import mozilla.components.concept.engine.permission.SitePermissions.Status.ALLOWED import mozilla.components.concept.engine.permission.SitePermissions.Status.BLOCKED import mozilla.components.concept.engine.permission.SitePermissionsStorage +import mozilla.components.feature.session.SessionUseCases import mozilla.components.feature.sitepermissions.SitePermissionsFeature.DialogConfig import mozilla.components.feature.tabs.TabsUseCases.SelectOrAddUseCase import mozilla.components.lib.state.ext.flowScoped import mozilla.components.support.base.feature.LifecycleAwareFeature import mozilla.components.support.base.feature.OnNeedToRequestPermissions import mozilla.components.support.base.feature.PermissionsFeature +import mozilla.components.support.base.log.logger.Logger import mozilla.components.support.ktx.android.content.isPermissionGranted import mozilla.components.support.ktx.kotlin.getOrigin import mozilla.components.support.ktx.kotlin.stripDefaultPort @@ -72,8 +74,6 @@ import mozilla.components.ui.icons.R as iconsR internal const val PROMPT_FRAGMENT_TAG = "mozac_feature_sitepermissions_prompt_dialog" -private const val FULL_SCREEN_NOTIFICATION_TAG = "mozac_feature_prompts_full_screen_notification_dialog" - @VisibleForTesting internal const val STORAGE_ACCESS_DOCUMENTATION_URL = "https://developer.mozilla.org/en-US/docs/Web/API/Storage_Access_API" @@ -94,13 +94,15 @@ internal const val STORAGE_ACCESS_DOCUMENTATION_URL = * need to be requested. Once the request is completed, [onPermissionsResult] needs to be invoked. * @property onShouldShowRequestPermissionRationale a callback that allows the feature to query * the ActivityCompat.shouldShowRequestPermissionRationale or the Fragment.shouldShowRequestPermissionRationale values. + * @property exitFullscreenUseCase optional the use case in charge of exiting fullscreen * @property shouldShowDoNotAskAgainCheckBox optional Visibility for Do not ask again Checkbox **/ @Suppress("TooManyFunctions", "LargeClass", "LongParameterList") class SitePermissionsFeature( private val context: Context, - private var sessionId: String? = null, + @set:VisibleForTesting + internal var sessionId: String? = null, private val storage: SitePermissionsStorage = OnDiskSitePermissionsStorage(context), var sitePermissionsRules: SitePermissionsRules? = null, private val fragmentManager: FragmentManager, @@ -109,6 +111,7 @@ class SitePermissionsFeature( override val onNeedToRequestPermissions: OnNeedToRequestPermissions, val onShouldShowRequestPermissionRationale: (permission: String) -> Boolean, private val store: BrowserStore, + private val exitFullscreenUseCase: SessionUseCases.ExitFullScreenUseCase = SessionUseCases(store).exitFullscreen, private val shouldShowDoNotAskAgainCheckBox: Boolean = true, ) : LifecycleAwareFeature, PermissionsFeature { @VisibleForTesting @@ -116,6 +119,8 @@ class SitePermissionsFeature( SelectOrAddUseCase(store) } + private val logger = Logger("SitePermissionsFeature") + internal val ioCoroutineScope by lazy { coroutineScopeInitializer() } internal var coroutineScopeInitializer = { @@ -428,26 +433,29 @@ class SitePermissionsFeature( consumePermissionRequest(permissionRequest) return null } - - val private: Boolean = store.state.findTabOrCustomTabOrSelectedTab(sessionId)?.content?.private - ?: throw IllegalStateException("Unable to find session for $sessionId or selected session") + val tab = store.state.findTabOrCustomTabOrSelectedTab(sessionId) + if (tab == null) { + logger.error("Unable to find a tab for $sessionId rejecting the prompt request") + permissionRequest.reject() + consumePermissionRequest(permissionRequest) + return null + } val permissionFromStorage = withContext(coroutineScope.coroutineContext) { - storage.findSitePermissionsBy(origin, private = private) + storage.findSitePermissionsBy(origin, private = tab.content.private) } - val prompt = if (shouldApplyRules(permissionFromStorage)) { handleRuledFlow(permissionRequest, origin) } else { handleNoRuledFlow(permissionFromStorage, permissionRequest, origin) } - val fullScreenNotificationDisplayed = - fragmentManager.fragments.any { fragment -> fragment.tag == FULL_SCREEN_NOTIFICATION_TAG } - - return if (fullScreenNotificationDisplayed || prompt == null) { + return if (prompt == null) { null } else { + // If we are in fullscreen, then exit to show the permission prompt. + // This won't have any effect if we are not in fullscreen. + exitFullscreenUseCase.invoke(tab.id) prompt.show(fragmentManager, PROMPT_FRAGMENT_TAG) prompt } ===================================== android-components/components/feature/sitepermissions/src/test/java/mozilla/components/feature/sitepermissions/SitePermissionsFeatureTest.kt ===================================== @@ -600,6 +600,24 @@ class SitePermissionsFeatureTest { verify(sitePermissionFeature).consumePermissionRequest(mockPermissionRequest) } + @Test + fun `GIVEN sessionId which does not match a selected or custom tab WHEN onContentPermissionRequested() THEN reject, consumePermissionRequest are called `() { + val mockPermissionRequest: PermissionRequest = mock { + whenever(permissions).thenReturn(listOf(ContentVideoCamera(id = "permission"))) + } + + doNothing().`when`(mockPermissionRequest).reject() + + sitePermissionFeature.sessionId = null + + runTestOnMain { + sitePermissionFeature.onContentPermissionRequested(mockPermissionRequest, URL) + } + + verify(mockPermissionRequest).reject() + verify(sitePermissionFeature).consumePermissionRequest(mockPermissionRequest) + } + @Test fun `GIVEN location permissionRequest and shouldApplyRules is true WHEN onContentPermissionRequested() THEN handleRuledFlow is called`() = runTestOnMain { // given ===================================== android-components/components/feature/webauthn/src/main/java/mozilla/components/feature/webauthn/WebAuthnFeature.kt ===================================== @@ -20,6 +20,8 @@ import mozilla.components.support.base.log.logger.Logger class WebAuthnFeature( private val engine: Engine, private val activity: Activity, + private val exitFullScreen: (String?) -> Unit, + private val currentTab: () -> String?, ) : LifecycleAwareFeature, ActivityResultHandler, ActivityDelegate { private val logger = Logger("WebAuthnFeature") private var requestCodeCounter = ACTIVITY_REQUEST_CODE @@ -53,6 +55,7 @@ class WebAuthnFeature( override fun startIntentSenderForResult(intent: IntentSender, onResult: (Intent?) -> Unit) { logger.info("Received activity delegate request with code: $requestCodeCounter") + exitFullScreen(currentTab()) activity.startIntentSenderForResult(intent, requestCodeCounter, null, 0, 0, 0) callbackRef = onResult } ===================================== android-components/components/feature/webauthn/src/test/java/mozilla/components/feature/webauthn/WebAuthnFeatureTest.kt ===================================== @@ -22,6 +22,8 @@ import org.mockito.Mockito.verify class WebAuthnFeatureTest { private lateinit var engine: Engine private lateinit var activity: Activity + private val exitFullScreen: (String?) -> Unit = { _ -> exitFullScreenUseCaseCalled = true } + private var exitFullScreenUseCaseCalled = false @Before fun setup() { @@ -31,7 +33,7 @@ class WebAuthnFeatureTest { @Test fun `feature registers itself on start`() { - val feature = WebAuthnFeature(engine, activity) + val feature = webAuthnFeature() feature.start() @@ -40,7 +42,7 @@ class WebAuthnFeatureTest { @Test fun `feature unregisters itself on stop`() { - val feature = WebAuthnFeature(engine, activity) + val feature = webAuthnFeature() feature.stop() @@ -49,7 +51,7 @@ class WebAuthnFeatureTest { @Test fun `activity delegate starts intent sender`() { - val feature = WebAuthnFeature(engine, activity) + val feature = webAuthnFeature() val callback: ((Intent?) -> Unit) = { } val intentSender: IntentSender = mock() @@ -60,7 +62,7 @@ class WebAuthnFeatureTest { @Test fun `callback is invoked`() { - val feature = WebAuthnFeature(engine, activity) + val feature = webAuthnFeature() var callbackInvoked = false val callback: ((Intent?) -> Unit) = { callbackInvoked = true } val intentSender: IntentSender = mock() @@ -77,10 +79,14 @@ class WebAuthnFeatureTest { @Test fun `feature won't process results with the wrong request code`() { - val feature = WebAuthnFeature(engine, activity) + val feature = webAuthnFeature() val result = feature.onActivityResult(ACTIVITY_REQUEST_CODE - 5, Intent(), 0) assertFalse(result) } + + private fun webAuthnFeature(): WebAuthnFeature { + return WebAuthnFeature(engine, activity, { exitFullScreen("") }) { "" } + } } ===================================== fenix/app/src/main/java/org/mozilla/fenix/browser/BaseBrowserFragment.kt ===================================== @@ -830,6 +830,8 @@ abstract class BaseBrowserFragment : feature = WebAuthnFeature( engine = requireComponents.core.engine, activity = requireActivity(), + exitFullScreen = requireComponents.useCases.sessionUseCases.exitFullscreen::invoke, + currentTab = { store.state.selectedTabId }, ), owner = this, view = view, ===================================== fenix/app/src/main/java/org/mozilla/fenix/share/ShareFragment.kt ===================================== @@ -71,6 +71,7 @@ class ShareFragment : AppCompatDialogFragment() { container: ViewGroup?, savedInstanceState: Bundle?, ): View { + requireComponents.useCases.sessionUseCases.exitFullscreen.invoke() val binding = FragmentShareBinding.inflate( inflater, container, View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/compare/f9… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/compare/f9… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.11.0esr-13.0-1] fixup! Bug 40926: Implemented the New Identity feature
by Pier Angelo Vendrame (＠pierov) 09 May '24

09 May '24

Pier Angelo Vendrame pushed to branch mullvad-browser-115.11.0esr-13.0-1 at The Tor Project / Applications / Mullvad Browser Commits: d383e377 by hackademix at 2024-05-09T12:22:08+02:00 fixup! Bug 40926: Implemented the New Identity feature Bug 42532: Use the HomePage module for new identity checks. - - - - - 1 changed file: - browser/components/newidentity/content/newidentity.js Changes: ===================================== browser/components/newidentity/content/newidentity.js ===================================== @@ -429,15 +429,12 @@ XPCOMUtils.defineLazyGetter(this, "NewIdentityButton", () => { return new Promise(resolve => { // Open a new window forcing the about:privatebrowsing page (tor-browser#41765) // unless user explicitly overrides this policy (tor-browser #42236) - const homePref = "browser.startup.homepage"; const trustedHomePref = "browser.startup.homepage.new_identity"; - const homeURL = Services.prefs.getStringPref(homePref, ""); - const defaultHomeURL = Services.prefs - .getDefaultBranch("") - .getStringPref(homePref, ""); + const homeURL = HomePage.get(); + const defaultHomeURL = HomePage.getDefault(); const isTrustedHome = homeURL === defaultHomeURL || - homeURL.startsWith("chrome://") || // about:blank and other built-ins + homeURL === "chrome://browser/content/blanktab.html" || // about:blank homeURL === Services.prefs.getStringPref(trustedHomePref, ""); const isCustomHome = Services.prefs.getIntPref("browser.startup.page") === 1; View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/d38… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/d38… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.11.0esr-13.0-1] fixup! Bug 40926: Implemented the New Identity feature
by Pier Angelo Vendrame (＠pierov) 09 May '24

09 May '24

Pier Angelo Vendrame pushed to branch tor-browser-115.11.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: 10474e51 by hackademix at 2024-05-09T12:21:45+02:00 fixup! Bug 40926: Implemented the New Identity feature Bug 42532: Use the HomePage module for new identity checks. - - - - - 1 changed file: - browser/components/newidentity/content/newidentity.js Changes: ===================================== browser/components/newidentity/content/newidentity.js ===================================== @@ -429,15 +429,12 @@ XPCOMUtils.defineLazyGetter(this, "NewIdentityButton", () => { return new Promise(resolve => { // Open a new window forcing the about:privatebrowsing page (tor-browser#41765) // unless user explicitly overrides this policy (tor-browser #42236) - const homePref = "browser.startup.homepage"; const trustedHomePref = "browser.startup.homepage.new_identity"; - const homeURL = Services.prefs.getStringPref(homePref, ""); - const defaultHomeURL = Services.prefs - .getDefaultBranch("") - .getStringPref(homePref, ""); + const homeURL = HomePage.get(); + const defaultHomeURL = HomePage.getDefault(); const isTrustedHome = homeURL === defaultHomeURL || - homeURL.startsWith("chrome://") || // about:blank and other built-ins + homeURL === "chrome://browser/content/blanktab.html" || // about:blank homeURL === Services.prefs.getStringPref(trustedHomePref, ""); const isCustomHome = Services.prefs.getIntPref("browser.startup.page") === 1; View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/10474e5… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/10474e5… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-115.11.0esr-13.0-1] fixup! Bug 40926: Implemented the New Identity feature
by Pier Angelo Vendrame (＠pierov) 09 May '24

09 May '24

Pier Angelo Vendrame pushed to branch base-browser-115.11.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: 5cc51272 by hackademix at 2024-05-09T12:21:19+02:00 fixup! Bug 40926: Implemented the New Identity feature Bug 42532: Use the HomePage module for new identity checks. - - - - - 1 changed file: - browser/components/newidentity/content/newidentity.js Changes: ===================================== browser/components/newidentity/content/newidentity.js ===================================== @@ -429,15 +429,12 @@ XPCOMUtils.defineLazyGetter(this, "NewIdentityButton", () => { return new Promise(resolve => { // Open a new window forcing the about:privatebrowsing page (tor-browser#41765) // unless user explicitly overrides this policy (tor-browser #42236) - const homePref = "browser.startup.homepage"; const trustedHomePref = "browser.startup.homepage.new_identity"; - const homeURL = Services.prefs.getStringPref(homePref, ""); - const defaultHomeURL = Services.prefs - .getDefaultBranch("") - .getStringPref(homePref, ""); + const homeURL = HomePage.get(); + const defaultHomeURL = HomePage.getDefault(); const isTrustedHome = homeURL === defaultHomeURL || - homeURL.startsWith("chrome://") || // about:blank and other built-ins + homeURL === "chrome://browser/content/blanktab.html" || // about:blank homeURL === Services.prefs.getStringPref(trustedHomePref, ""); const isCustomHome = Services.prefs.getIntPref("browser.startup.page") === 1; View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/5cc5127… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/5cc5127… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] 7 commits: Bug 41137: add the linux-aarch64 targets and improve linux-cross
by Pier Angelo Vendrame (＠pierov) 09 May '24

09 May '24

Pier Angelo Vendrame pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 08c95509 by NoisyCoil at 2024-05-08T15:40:26+02:00 Bug 41137: add the linux-aarch64 targets and improve linux-cross - - - - - 9c8ed4d1 by NoisyCoil at 2024-05-08T15:43:49+02:00 Bug 41137: '--add-architecture' in containers only when actually cross-compiling Mainly so that the container's id, which is also determined by 'pre', does not change if we call the project with 'linux-cross' but don't actually need to cross-compile. - - - - - e53ab0d3 by NoisyCoil at 2024-05-08T15:44:51+02:00 Bug 41137: Define distdir and filename for cross-binutils - - - - - af937966 by NoisyCoil at 2024-05-08T15:46:09+02:00 Bug 41137: Separate gcc and gcc-cross Use stretch's glibc and stretch-security's linux to maintain compatibility with Debian stretch, add linux-aarch64 glibc patches to avoid build failures - - - - - db06f569 by NoisyCoil at 2024-05-08T15:49:12+02:00 Bug 41137: Add the linux-aarch64 target to OpenSSL - - - - - da1663bd by NoisyCoil at 2024-05-09T11:17:19+02:00 Bug 41137: Add the linux-{aarch64,arm} targets to Tor - - - - - 06de89a5 by NoisyCoil at 2024-05-09T11:17:19+02:00 Bug 41137: Add the linux-{aarch64,arm} targets to Go - - - - - 16 changed files: - projects/binutils/build - projects/binutils/config - projects/container-image/config - + projects/gcc-cross/build - + projects/gcc-cross/config - + projects/gcc-cross/gcc-cross.patch - + projects/gcc-cross/glibc-cross-linux-aarch64-2.patch - + projects/gcc-cross/glibc-cross-linux-aarch64.patch - projects/gcc/build - projects/gcc/config - projects/go-bootstrap/config - projects/go/config - projects/openssl/config - projects/tor/build - projects/tor/config - rbm.conf Changes: ===================================== projects/binutils/build ===================================== @@ -1,7 +1,7 @@ #!/bin/bash [% c("var/set_default_env") -%] mkdir /var/tmp/dist -distdir=/var/tmp/dist/binutils +distdir=/var/tmp/dist/[% c("var/distdir") %] [% IF c("var/linux"); GET c("var/set_hardened_build_flags"); END %] tar xf [% project %]-[% c("version") %].tar.xz @@ -15,6 +15,6 @@ make install MAKEINFO=true cd /var/tmp/dist [% c('tar', { - tar_src => [ project ], + tar_src => [ c('var/distdir') ], tar_args => '-caf ' _ dest_dir _ '/' _ c('filename'), }) %] ===================================== projects/binutils/config ===================================== @@ -1,9 +1,10 @@ # vim: filetype=yaml sw=2 version: 2.39 -filename: '[% project %]-[% c("version") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' +filename: '[% project %]-[% c("version") %]-[% IF c("var/linux-cross") %]cross-[% c("arch") %]-[% END %][% c("var/build_id") %].tar.[% c("compress_tar") %]' container: use_container: 1 var: + distdir: binutils configure_opt: '--disable-multilib --enable-gold --enable-deterministic-archives --enable-plugins' targets: @@ -12,6 +13,7 @@ targets: configure_opt: '--target=[% c("arch") %]-w64-mingw32 --disable-multilib --enable-deterministic-archives' linux-cross: var: + distdir: 'binutils-cross-[% c("arch") %]' # gold is disabled on cross-compiles until we upgrade to glibc 2.26 and # binutils 2.28 configure_opt: '--target=[% c("var/crosstarget") %] --disable-multilib --enable-deterministic-archives --enable-plugins' ===================================== projects/container-image/config ===================================== @@ -34,7 +34,7 @@ pre: | apt-get update -y -q [% IF pc(c('origin_project'), 'var/pre_pkginst', { step => c('origin_step') }) -%] [% pc(c('origin_project'), 'var/pre_pkginst', { step => c('origin_step') }) %] - [% IF c("var/linux-cross") -%] + [% IF c("var/linux-cross") && ! pc(c('origin_project'), 'var/no_crosscompile', { step => c('origin_step') }) -%] dpkg --add-architecture [% c("var/arch_debian") %] [% END -%] # Update the package cache again because `pre_pkginst` may change the ===================================== projects/gcc-cross/build ===================================== @@ -0,0 +1,96 @@ +#!/bin/sh +[% c("var/set_default_env") -%] +mkdir -p /var/tmp/build +distdir=/var/tmp/dist/[% c("var/distdir") %] + +# Install native gcc +mkdir /var/tmp/dist +cd /var/tmp/dist +tar xf $rootdir/[% c('input_files_by_name/gcc-native') %] +export PATH="$distdir/bin:$PATH" + +# Install cross binutils (needed for cross-compiling) +cd /var/tmp/dist +tar xf $rootdir/[% c('input_files_by_name/binutils') %] +rsync -a binutils-cross-[% c("arch") %]/* $distdir +rm -rf binutils-cross-[% c("arch") %] + +# Install Linux headers, see Step 2 of +# https://preshing.com/20141119/how-to-build-a-gcc-cross-compiler/ +# Doing this before gcc configure is intended to solve a limits.h issue +cd /var/tmp/build +mkdir linux +cd linux +tar -xJf $rootdir/linux-[% c("var/linux_version") %].tar.xz +cd linux-[% c("var/linux_version") %] +make ARCH=[% IF c("arch") == "aarch64" %]arm64[% ELSE %][% c("arch") %][% END %] INSTALL_HDR_PATH=$distdir/[% c("var/crosstarget") %] headers_install + +cd /var/tmp/build +mkdir gcc-cross +cd gcc-cross +tar -xJf $rootdir/[% c('input_files_by_name/gcc') %] +cd gcc-[% c("version") %] +patch -p1 <$rootdir/gcc-cross.patch + +cd /var/tmp/build/gcc-cross +gcc-[% c("version") %]/configure --prefix=$distdir --includedir=$distdir/[% c("var/crosstarget") %]/include [% c("var/configure_opt") %] + +# For cross-compiling to work, we need to partially build GCC, then build +# glibc, then come back to finish GCC. + +# Build only the components of GCC that don't need glibc, see Step 3 of +# https://preshing.com/20141119/how-to-build-a-gcc-cross-compiler/ +cd /var/tmp/build/gcc-cross +make -j[% c("num_procs") %] all-gcc +make install-gcc + +# Build glibc headers and startup files, see Step 4 of +# https://preshing.com/20141119/how-to-build-a-gcc-cross-compiler/ +cd /var/tmp/build +mkdir glibc +cd glibc +tar -xJf $rootdir/glibc-[% c("var/glibc_version") %].tar.xz +[% IF c("var/linux-aarch64") -%] + # Avoid linking issues by backporting glibc patches + cd glibc-[% c("var/glibc_version") %] + patch -p1 <$rootdir/glibc-cross-linux-aarch64.patch + patch -p1 <$rootdir/glibc-cross-linux-aarch64-2.patch + cd /var/tmp/build/glibc +[% END -%] + +# TODO: Remove --disable-werror once glibc is upgraded to a version that's +# designed to work with the GCC version we're using. +glibc-[% c("var/glibc_version") %]/configure --prefix=$distdir/[% c("var/crosstarget") %] --build=$MACHTYPE --host=[% c("var/crosstarget") %] --target=[% c("var/crosstarget") %] --with-headers=$distdir/[% c("var/crosstarget") %]/include --disable-multilib --disable-werror libc_cv_forced_unwind=yes +make install-bootstrap-headers=yes install-headers +make -j[% c("num_procs") %] csu/subdir_lib +install csu/crt1.o csu/crti.o csu/crtn.o $distdir/[% c("var/crosstarget") %]/lib +[% c("var/crosstarget") %]-gcc -nostdlib -nostartfiles -shared -x c /dev/null -o $distdir/[% c("var/crosstarget") %]/lib/libc.so +# stdio_lim.h is intended to solve a limits.h issue +touch $distdir/[% c("var/crosstarget") %]/include/gnu/stubs.h $distdir/[% c("var/crosstarget") %]/include/bits/stdio_lim.h + +# Build compiler support library, see Step 5 of +# https://preshing.com/20141119/how-to-build-a-gcc-cross-compiler/ +cd /var/tmp/build/gcc-cross +make -j[% c("num_procs") %] all-target-libgcc +make install-target-libgcc + +# finish building glibc, see Step 6 of +# https://preshing.com/20141119/how-to-build-a-gcc-cross-compiler/ +cd /var/tmp/build/glibc +make -j[% c("num_procs") %] +make install + +# We're done with glibc, we can now finish building gcc... +cd /var/tmp/build/gcc-cross +make -j[% c("num_procs") %] +make install + +# Include a working version of limits.h +cd gcc-[% c("version") %] +cat gcc/limitx.h gcc/glimits.h gcc/limity.h >$distdir/lib/gcc/[% c("var/crosstarget") %]/[% c("version") %]/include/limits.h + +cd /var/tmp/dist +[% c('tar', { + tar_src => [ c('var/distdir') ], + tar_args => '-caf ' _ dest_dir _ '/' _ c('filename'), + }) %] ===================================== projects/gcc-cross/config ===================================== @@ -0,0 +1,53 @@ +# vim: filetype=yaml sw=2 +filename: '[% project %]-[% c("version") %]-[% c("arch") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' +# Note: When updating the gcc version, if this includes a libstdc++ +# ABI change we should also update projects/firefox/abicheck.cc to +# require the new version. +version: '[% pc("gcc-source", "version") %]' +container: + use_container: 1 +hardened_gcc: 1 +var: + distdir: gcc + deps: + - build-essential + - libmpc-dev + setup: | + mkdir -p /var/tmp/dist + tar -C /var/tmp/dist -xf $rootdir/[% c("compiler_tarfile") %] + export PATH="/var/tmp/dist/[% c("var/distdir") %]/bin:$PATH" + export LD_LIBRARY_PATH=/var/tmp/dist/[% c("var/distdir") %]/lib64:/var/tmp/dist/[% c("var/distdir") %]/lib32 + [% IF c("hardened_gcc"); GET c("var/set_hardened_build_flags"); END %] + configure_opt: '--target=[% c("var/crosstarget") %] --disable-multilib --enable-languages=c,c++ --with-glibc-version=[% c("var/glibc_version") %]' + # Use stretch's glibc and stretch-security's linux + glibc_version: 2.24 + linux_version: 4.19.232 + arch_deps: + - libc6-dev-i386 + - gawk + - rsync + +targets: + linux-arm: + var: + configure_opt: '--target=[% c("var/crosstarget") %] --disable-multilib --enable-languages=c,c++ --with-glibc-version=[% c("var/glibc_version") %] --with-arch=armv7-a --with-fpu=vfpv3-d16 --with-float=hard --with-mode=thumb' + +input_files: + - project: container-image + - project: gcc-source + name: gcc + - name: binutils + project: binutils + target_prepend: + - linux-cross + - name: gcc-native + project: gcc + - URL: 'https://ftp.gnu.org/gnu/glibc/glibc-[% c("var/glibc_version") %].tar.xz' + sha256sum: 99d4a3e8efd144d71488e478f62587578c0f4e1fa0b4eed47ee3d4975ebeb5d3 + - URL: 'https://www.kernel.org/pub/linux/kernel/v4.x/linux-[% c("var/linux_version") %].tar.xz' + sha256sum: 4fcfe814780d63dc56e907bf41596ff162e9601978bdc1a60eab64cc3903a22c + - filename: 'gcc-cross.patch' + - filename: 'glibc-cross-linux-aarch64.patch' + enable: '[% c("var/linux-aarch64") -%]' + - filename: 'glibc-cross-linux-aarch64-2.patch' + enable: '[% c("var/linux-aarch64") -%]' ===================================== projects/gcc-cross/gcc-cross.patch ===================================== @@ -0,0 +1,18 @@ +Avoids "../../../gcc-10.3.0/libsanitizer/asan/asan_linux.cpp:217:21: error: +'PATH_MAX' was not declared in this scope". PATH_MAX is in /include/linux/limits.h, +which is usually included by /include/limits.h (indirectly, through posix headers, +etc.). For some reason, when cross-compiling, this inclusion chain is broken and +we must include <linux/limits.h> by hand. + +Index: gcc-10.3.0/libsanitizer/asan/asan_linux.cpp +=================================================================== +--- gcc-10.3.0.orig/libsanitizer/asan/asan_linux.cpp ++++ gcc-10.3.0/libsanitizer/asan/asan_linux.cpp +@@ -32,6 +32,7 @@ + #include <dlfcn.h> + #include <fcntl.h> + #include <limits.h> ++#include <linux/limits.h> + #include <pthread.h> + #include <stdio.h> + #include <unistd.h> ===================================== projects/gcc-cross/glibc-cross-linux-aarch64-2.patch ===================================== @@ -0,0 +1,30 @@ +From e9177fba13549a8e2a6232f46080e5c6d3e467b1 Mon Sep 17 00:00:00 2001 +From: Szabolcs Nagy <szabolcs.nagy(a)arm.com> +Date: Wed, 21 Jun 2017 13:47:07 +0100 +Subject: [PATCH] [AArch64] Use hidden __GI__dl_argv in rtld startup code + +We rely on the symbol being locally defined so using extern symbol +is not correct and the linker may complain about the relocations. +--- + ChangeLog | 5 +++++ + sysdeps/aarch64/dl-machine.h | 4 ++-- + 2 files changed, 7 insertions(+), 2 deletions(-) + +Index: glibc/sysdeps/aarch64/dl-machine.h +=================================================================== +--- glibc.orig/sysdeps/aarch64/dl-machine.h ++++ glibc/sysdeps/aarch64/dl-machine.h +@@ -172,8 +172,8 @@ _dl_start_user: \n\ + cmp x0, #0 \n\ + bne 1b \n\ + // Update _dl_argv \n\ +- adrp x3, _dl_argv \n\ +- str x2, [x3, #:lo12:_dl_argv] \n\ ++ adrp x3, __GI__dl_argv \n\ ++ str x2, [x3, #:lo12:__GI__dl_argv] \n\ + .L_done_stack_adjust: \n\ + // compute envp \n\ + add x3, x2, x1, lsl #3 \n\ +-- +2.43.2 + ===================================== projects/gcc-cross/glibc-cross-linux-aarch64.patch ===================================== @@ -0,0 +1,63 @@ +From a68ba2f3cd3cbe32c1f31e13c20ed13487727b32 Mon Sep 17 00:00:00 2001 +From: Szabolcs Nagy <szabolcs.nagy(a)arm.com> +Date: Wed, 18 Oct 2017 17:26:23 +0100 +Subject: [PATCH] [AARCH64] Rewrite elf_machine_load_address using _DYNAMIC + symbol + +This patch rewrites aarch64 elf_machine_load_address to use special _DYNAMIC +symbol instead of _dl_start. + +The static address of _DYNAMIC symbol is stored in the first GOT entry. +Here is the change which makes this solution work (part of binutils 2.24): +https://sourceware.org/ml/binutils/2013-06/msg00248.html + +i386, x86_64 targets use the same method to do this as well. + +The original implementation relies on a trick that R_AARCH64_ABS32 relocation +being resolved at link time and the static address fits in the 32bits. +However, in LP64, normally, the address is defined to be 64 bit. + +Here is the C version one which should be portable in all cases. + + * sysdeps/aarch64/dl-machine.h (elf_machine_load_address): Use + _DYNAMIC symbol to calculate load address. +--- + ChangeLog | 5 +++++ + sysdeps/aarch64/dl-machine.h | 39 +++++------------------------------- + 2 files changed, 10 insertions(+), 34 deletions(-) + +Index: glibc-2.26/sysdeps/aarch64/dl-machine.h +=================================================================== +--- glibc-2.26.orig/sysdeps/aarch64/dl-machine.h ++++ glibc-2.26/sysdeps/aarch64/dl-machine.h +@@ -51,26 +51,11 @@ elf_machine_load_address (void) + /* To figure out the load address we use the definition that for any symbol: + dynamic_addr(symbol) = static_addr(symbol) + load_addr + +- The choice of symbol is arbitrary. The static address we obtain +- by constructing a non GOT reference to the symbol, the dynamic +- address of the symbol we compute using adrp/add to compute the +- symbol's address relative to the PC. +- This depends on 32bit relocations being resolved at link time +- and that the static address fits in the 32bits. */ ++ _DYNAMIC sysmbol is used here as its link-time address stored in ++ the special unrelocated first GOT entry. */ + +- ElfW(Addr) static_addr; +- ElfW(Addr) dynamic_addr; +- +- asm (" \n" +-" adrp %1, _dl_start; \n" +-" add %1, %1, #:lo12:_dl_start \n" +-" ldr %w0, 1f \n" +-" b 2f \n" +-"1: \n" +-" .word _dl_start \n" +-"2: \n" +- : "=r" (static_addr), "=r" (dynamic_addr)); +- return dynamic_addr - static_addr; ++ extern ElfW(Dyn) _DYNAMIC[] attribute_hidden; ++ return (ElfW(Addr)) &_DYNAMIC - elf_machine_dynamic (); + } + + /* Set up the loaded object described by L so its unrelocated PLT ===================================== projects/gcc/build ===================================== @@ -1,7 +1,8 @@ #!/bin/sh [% c("var/set_default_env") -%] mkdir -p /var/tmp/build -[% IF c("var/linux") && ! c("var/linux-cross") -%] + +[% IF c("var/linux") -%] # Config options for hardening export DEB_BUILD_HARDENING=1 # Since r223796 landed on GCC master enforcing PIE breaks GCC compilation. @@ -19,81 +20,9 @@ mkdir -p /var/tmp/build [% END -%] distdir=/var/tmp/dist/[% c("var/distdir") %] -[% IF c("var/linux-cross") -%] - - # Install binutils (needed for cross-compiling) - mkdir /var/tmp/dist - cd /var/tmp/dist - tar xf $rootdir/[% c('input_files_by_name/binutils') %] - mv binutils $distdir - export PATH="$distdir/bin:$PATH" - - # Install Linux headers, see Step 2 of - # https://preshing.com/20141119/how-to-build-a-gcc-cross-compiler/ - # Doing this before gcc configure is intended to solve a limits.h issue - cd /var/tmp/build - mkdir linux - cd linux - tar -xJf $rootdir/linux-[% c("var/linux_version") %].tar.xz - cd linux-[% c("var/linux_version") %] - make ARCH=[% c("arch") %] INSTALL_HDR_PATH=$distdir/[% c("var/crosstarget") %] headers_install - - cd /var/tmp/build - mkdir gcc - cd gcc - tar -xJf $rootdir/[% c('input_files_by_name/gcc') %] - # --with-headers is intended to solve a limits.h issue - [% project %]-[% c("version") %]/configure --prefix=$distdir --with-headers=$distdir/[% c("var/crosstarget") %]/include/linux [% c("var/configure_opt") %] - - # For cross-compiling to work, we need to partially build GCC, then build - # glibc, then come back to finish GCC. - - # Build only the components of GCC that don't need glibc, see Step 3 of - # https://preshing.com/20141119/how-to-build-a-gcc-cross-compiler/ - cd /var/tmp/build/gcc - make -j[% c("num_procs") %] all-gcc - make install-gcc - # Removing sys-include is intended to solve a limits.h issue - rm --recursive --force $distdir/[% c("var/crosstarget") %]/sys-include - - # Build glibc headers and startup files, see Step 4 of - # https://preshing.com/20141119/how-to-build-a-gcc-cross-compiler/ - cd /var/tmp/build - mkdir glibc - cd glibc - tar -xJf $rootdir/glibc-[% c("var/glibc_version") %].tar.xz - # TODO: Remove --disable-werror once glibc is upgraded to a version that's - # designed to work with the GCC version we're using. - glibc-[% c("var/glibc_version") %]/configure --prefix=$distdir/[% c("var/crosstarget") %] --build=$MACHTYPE --host=[% c("var/crosstarget") %] --target=[% c("var/crosstarget") %] --with-headers=$distdir/[% c("var/crosstarget") %]/include --disable-multilib --disable-werror libc_cv_forced_unwind=yes - make install-bootstrap-headers=yes install-headers - make -j[% c("num_procs") %] csu/subdir_lib - install csu/crt1.o csu/crti.o csu/crtn.o $distdir/[% c("var/crosstarget") %]/lib - [% c("var/crosstarget") %]-gcc -nostdlib -nostartfiles -shared -x c /dev/null -o $distdir/[% c("var/crosstarget") %]/lib/libc.so - # stdio_lim.h is intended to solve a limits.h issue - touch $distdir/[% c("var/crosstarget") %]/include/gnu/stubs.h $distdir/[% c("var/crosstarget") %]/include/bits/stdio_lim.h - - # Build compiler support library, see Step 5 of - # https://preshing.com/20141119/how-to-build-a-gcc-cross-compiler/ - cd /var/tmp/build/gcc - make -j[% c("num_procs") %] all-target-libgcc - make install-target-libgcc - - # finish building glibc, see Step 6 of - # https://preshing.com/20141119/how-to-build-a-gcc-cross-compiler/ - cd /var/tmp/build/glibc - make -j[% c("num_procs") %] - make install - - # We're done with glibc, we can now finish building gcc... - cd /var/tmp/build/gcc - -[% ELSE -%] - - tar -C /var/tmp/build -xf $rootdir/[% c('input_files_by_name/gcc') %] - cd /var/tmp/build/[% project %]-[% c("version") %] - ./configure --prefix=$distdir [% c("var/configure_opt") %] - -[% END -%] +tar -C /var/tmp/build -xf $rootdir/[% c('input_files_by_name/gcc') %] +cd /var/tmp/build/[% project %]-[% c("version") %] +./configure --prefix=$distdir [% c("var/configure_opt") %] make -j[% c("num_procs") %] make install ===================================== projects/gcc/config ===================================== @@ -1,5 +1,5 @@ # vim: filetype=yaml sw=2 -filename: '[% project %]-[% c("version") %]-[% IF c("var/linux-cross") %][% c("var/osname") %][% ELSE %]x86[% END %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' +filename: '[% project %]-[% c("version") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' # Note: When updating the gcc version, if this includes a libstdc++ # ABI change we should also update projects/firefox/abicheck.cc to # require the new version. @@ -7,6 +7,7 @@ version: '[% pc("gcc-source", "version") %]' container: use_container: 1 var: + no_crosscompile: 1 distdir: gcc deps: - build-essential @@ -15,9 +16,7 @@ var: mkdir -p /var/tmp/dist tar -C /var/tmp/dist -xf $rootdir/[% c("compiler_tarfile") %] export PATH="/var/tmp/dist/[% c("var/distdir") %]/bin:$PATH" - [% IF ! c("var/linux-cross") -%] - export LD_LIBRARY_PATH=/var/tmp/dist/[% c("var/distdir") %]/lib64:/var/tmp/dist/[% c("var/distdir") %]/lib32 - [% END -%] + export LD_LIBRARY_PATH=/var/tmp/dist/[% c("var/distdir") %]/lib64:/var/tmp/dist/[% c("var/distdir") %]/lib32 [% IF c("hardened_gcc"); GET c("var/set_hardened_build_flags"); END %] targets: @@ -33,33 +32,8 @@ targets: configure_opt: --enable-multilib --enable-languages=c,c++ --with-arch_32=i686 arch_deps: - libc6-dev-i386 - linux-cross: - var: - target_prefix: '[% c("var/crosstarget") %]-' - distdir: gcc-cross - # TODO: Consider upgrading to a glibc that works out of the box with the - # GCC version we use. However, removing our glibc version workarounds may - # not be desirable since we want to be able to easily bump the GCC - # version without worrying about linux-cross breakage. - glibc_version: 2.26 - linux_version: 4.10.1 - arch_deps: - - libc6-dev-i386 - - gawk - linux-arm: - var: - configure_opt: --disable-multilib --enable-languages=c,c++ --target=arm-linux-gnueabihf --with-arch=armv7-a --with-fpu=vfpv3-d16 --with-float=hard --with-mode=thumb input_files: - project: container-image - project: gcc-source name: gcc - - name: binutils - project: binutils - enable: '[% c("var/linux-cross") -%]' - - URL: 'https://ftp.gnu.org/gnu/glibc/glibc-[% c("var/glibc_version") %].tar.xz' - sha256sum: e54e0a934cd2bc94429be79da5e9385898d2306b9eaf3c92d5a77af96190f6bd - enable: '[% c("var/linux-cross") -%]' - - URL: 'https://www.kernel.org/pub/linux/kernel/v4.x/linux-[% c("var/linux_version") %].tar.xz' - sha256sum: 6ca06bb5faf5f83600d7388bb623dae41df2a257de85ad5d1792e03302bc3543 - enable: '[% c("var/linux-cross") -%]' ===================================== projects/go-bootstrap/config ===================================== @@ -4,6 +4,9 @@ filename: '[% project %]-[% c("version") %]-[% c("var/build_id") %].tar.[% c("co container: use_container: 1 +var: + no_crosscompile: 1 + input_files: - project: container-image - URL: 'https://golang.org/dl/go[% c("version") %].src.tar.gz' ===================================== projects/go/config ===================================== @@ -9,6 +9,7 @@ var: use_go_1_20: 0 go_1_21: 1.21.9 go_1_20: 1.20.14 + no_crosscompile: 1 setup: | mkdir -p /var/tmp/dist tar -C /var/tmp/dist -xf $rootdir/[% c("go_tarfile") %] @@ -101,6 +102,12 @@ targets: linux-i686: var: GOARCH: 386 + linux-aarch64: + var: + GOARCH: arm64 + linux-arm: + var: + GOARCH: arm android: var: GOOS: android ===================================== projects/openssl/config ===================================== @@ -14,6 +14,9 @@ targets: linux-i686: var: configure_opts: -shared linux-x86 + linux-aarch64: + var: + configure_opts: -shared --cross-compile-prefix=[% c("var/crosstarget") %]- enable-ec_nistp_64_gcc_128 linux-aarch64 linux-arm: var: configure_opts: -shared --cross-compile-prefix=[% c("var/crosstarget") %]- linux-armv4 ===================================== projects/tor/build ===================================== @@ -21,6 +21,20 @@ mkdir $TORBINDIR [% IF c("var/windows") || c("var/android") %] tar -C /var/tmp/dist -xf [% c('input_files_by_name/zlib') %] zlibdir=/var/tmp/dist/zlib +[% ELSIF c("var/linux-cross") %] + # Since 1. we are using Debian's zlib1g-dev:$arch_debian, 2. our + # cross-toolchain's default paths (i.e. -I and -L) are not the same + # as those of Debian's cross-toolchain, and 3. tor's configure does + # not support separate header and library directories for zlib, we + # need to make the headers and $arch_debian library available to + # configure manually. + # DO NOT use CPPFLAGS="-I/usr/include" to include the headers, the + # build will fail (probably because some of our cross-$arch_debian + # headers get masked by the native ones). + CROSS_INCLUDEDIR=/var/tmp/dist/gcc/[% c("var/crosstarget") %]/include + ln -s /usr/include/zconf.h $CROSS_INCLUDEDIR + ln -s /usr/include/zlib.h $CROSS_INCLUDEDIR + export LDFLAGS="-L/usr/lib/[% c("var/crosstarget") %] $LDFLAGS" [% END %] [% IF c("var/android") %] tar -C /var/tmp/dist -xf [% c('input_files_by_name/zstd') %] @@ -44,10 +58,14 @@ openssldir=/var/tmp/dist/openssl # LD_LIBRARY_PATH value to the Tor Browser with the newer one. Thus, we copy # the libstdc++ into the directory with the libs tor depends on, too. See bug # 13359 for further details. - cp /var/tmp/dist/gcc/[% c("var/libdir") %]/libstdc++.so.6 "$TORBINDIR" + libdir=[% c("var/libdir") %] + [% IF c("var/linux-cross") -%] + libdir="[% c("var/crosstarget") %]/$libdir" + [% END -%] + cp "/var/tmp/dist/gcc/$libdir/libstdc++.so.6" "$TORBINDIR" [% IF c("var/asan") -%] - cp /var/tmp/dist/gcc/[% c("var/libdir") %]/libasan.so.6 "$TORBINDIR" - cp /var/tmp/dist/gcc/[% c("var/libdir") %]/libubsan.so.1 "$TORBINDIR" + cp "/var/tmp/dist/gcc/$libdir/libasan.so.6" "$TORBINDIR" + cp "/var/tmp/dist/gcc/$libdir/libubsan.so.1" "$TORBINDIR" [% END -%] chmod 700 "$TORBINDIR"/*.so* # This is needed to make RPATH unavailable. See bug 9150. @@ -73,6 +91,7 @@ find -type f -print0 | xargs -0 [% c("touch") %] [% IF c("var/windows") || c("var/android") %]--with-zlib-dir="$zlibdir"[% END %] \ [% IF c("var/macos") %]--enable-static-openssl[% END %] \ [% IF c("var/windows") %]--enable-static-libevent --enable-static-openssl --enable-static-zlib[% END %] \ + [% IF c("var/linux-cross") %]--build=x86_64-linux-gnu[% END %] \ --enable-gpl --prefix="$distdir" [% c("var/configure_opt") %] [% IF c("var/macos") -%] export LD_PRELOAD=[% c("var/faketime_path") %] @@ -103,10 +122,17 @@ cd $distdir [% END %] [% IF c("var/linux") %] + [% IF c("var/linux-cross") -%] + CROSS_PREFIX=[% c("var/crosstarget") %]- + [% END -%] + + OBJCOPY="${CROSS_PREFIX}objcopy" + STRIP="${CROSS_PREFIX}strip" + # Strip and generate debuginfo for libs - objcopy --only-keep-debug $distdir/bin/tor "$TORDEBUGDIR/tor" - install -s $distdir/bin/tor "$TORBINDIR" - objcopy --add-gnu-debuglink="$TORDEBUGDIR/tor" "$TORBINDIR/tor" + "$OBJCOPY" --only-keep-debug $distdir/bin/tor "$TORDEBUGDIR/tor" + install -s --strip-program="$STRIP" $distdir/bin/tor "$TORBINDIR" + "$OBJCOPY" --add-gnu-debuglink="$TORDEBUGDIR/tor" "$TORBINDIR/tor" for i in "$TORBINDIR"/*so* do LIB=`basename $i` @@ -116,11 +142,11 @@ cd $distdir # treat this the same as the rest (though it seems libstdc++ doesn't come with # any useful debug symbols since we don't build it, so maybe we should figure # out how to package them - strip "$TORBINDIR/$LIB" + "$STRIP" "$TORBINDIR/$LIB" else - objcopy --only-keep-debug "$TORBINDIR/$LIB" "$TORDEBUGDIR/$LIB" - strip "$TORBINDIR/$LIB" - objcopy --add-gnu-debuglink="$TORDEBUGDIR/$LIB" "$TORBINDIR/$LIB" + "$OBJCOPY" --only-keep-debug "$TORBINDIR/$LIB" "$TORDEBUGDIR/$LIB" + "$STRIP" "$TORBINDIR/$LIB" + "$OBJCOPY" --add-gnu-debuglink="$TORDEBUGDIR/$LIB" "$TORBINDIR/$LIB" fi done [% END %] ===================================== projects/tor/config ===================================== @@ -30,6 +30,17 @@ targets: libdir: lib64 arch_deps: - zlib1g-dev + linux-aarch64: + var: + libdir: lib64 + arch_deps: + - zlib1g-dev:arm64 + linux-arm: + var: + libdir: lib + arch_deps: + - zlib1g-dev:armhf + android: var: configure_opt_project: '--enable-android --enable-static-openssl --enable-static-libevent --enable-zstd --disable-tool-name-check --disable-system-torrc' ===================================== rbm.conf ===================================== @@ -468,14 +468,29 @@ targets: - linux-i686 - linux - basebrowser + torbrowser-linux-aarch64: + - linux-cross + - linux-aarch64 + - linux + - torbrowser + basebrowser-linux-aarch64: + - linux-cross + - linux-aarch64 + - linux + - basebrowser + mullvadbrowser-linux-aarch64: + - linux-cross + - linux-aarch64 + - linux + - mullvadbrowser torbrowser-linux-arm: - - linux-arm - linux-cross + - linux-arm - linux - torbrowser basebrowser-linux-arm: - - linux-arm - linux-cross + - linux-arm - linux - basebrowser linux-x86_64: @@ -493,18 +508,26 @@ targets: linux-cross: 0 configure_opt: '--host=i686-linux-gnu CFLAGS=-m32 CXXFLAGS=-m32 LDFLAGS=-m32 [% c("var/configure_opt_project") %]' arch_debian: i386 + linux-aarch64: + arch: aarch64 + var: + linux-aarch64: 1 + osname: linux-aarch64 + linux-cross: 1 + arch_debian: arm64 + crosstarget: aarch64-linux-gnu linux-arm: arch: arm var: linux-arm: 1 osname: linux-arm - crosstarget: arm-linux-gnueabihf + linux-cross: 1 arch_debian: armhf + crosstarget: arm-linux-gnueabihf linux-cross: var: linux-cross: 1 - container: - arch: amd64 + compiler: 'gcc[% IF ! c("var/no_crosscompile") %]-cross[% END %]' configure_opt: '--host=[% c("var/crosstarget") %] [% c("var/configure_opt_project") %]' linux: # tar in strech does not know how to extract tar.zst files View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.11.0esr-13.5-1] Bug 42574: Letterboxing, exempt pdf.js.
by ma1 (＠ma1) 09 May '24

09 May '24

ma1 pushed to branch mullvad-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser Commits: d53848c0 by hackademix at 2024-05-09T10:52:58+02:00 Bug 42574: Letterboxing, exempt pdf.js. - - - - - 1 changed file: - toolkit/components/resistfingerprinting/RFPHelper.sys.mjs Changes: ===================================== toolkit/components/resistfingerprinting/RFPHelper.sys.mjs ===================================== @@ -475,6 +475,8 @@ class _RFPHelper { return ( // ... privileged pages contentPrincipal.isSystemPrincipal || + // pdf.js + contentPrincipal.origin.startsWith("resource://pdf.js") || // ... about: URIs EXCEPT about:blank (currentURI.schemeIs("about") && currentURI.filePath !== "blank") || // ... source code View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/d53… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/d53… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-115.11.0esr-13.5-1] Bug 42574: Letterboxing, exempt pdf.js.
by ma1 (＠ma1) 09 May '24

09 May '24

ma1 pushed to branch base-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 98625d72 by hackademix at 2024-05-09T10:50:26+02:00 Bug 42574: Letterboxing, exempt pdf.js. - - - - - 1 changed file: - toolkit/components/resistfingerprinting/RFPHelper.sys.mjs Changes: ===================================== toolkit/components/resistfingerprinting/RFPHelper.sys.mjs ===================================== @@ -475,6 +475,8 @@ class _RFPHelper { return ( // ... privileged pages contentPrincipal.isSystemPrincipal || + // pdf.js + contentPrincipal.origin.startsWith("resource://pdf.js") || // ... about: URIs EXCEPT about:blank (currentURI.schemeIs("about") && currentURI.filePath !== "blank") || // ... source code View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/98625d7… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/98625d7… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.11.0esr-13.5-1] Bug 42574: Letterboxing, exempt pdf.js.
by ma1 (＠ma1) 09 May '24

09 May '24

ma1 pushed to branch tor-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 410bb24f by hackademix at 2024-05-08T22:26:45+02:00 Bug 42574: Letterboxing, exempt pdf.js. - - - - - 1 changed file: - toolkit/components/resistfingerprinting/RFPHelper.sys.mjs Changes: ===================================== toolkit/components/resistfingerprinting/RFPHelper.sys.mjs ===================================== @@ -475,6 +475,8 @@ class _RFPHelper { return ( // ... privileged pages contentPrincipal.isSystemPrincipal || + // pdf.js + contentPrincipal.origin.startsWith("resource://pdf.js") || // ... about: URIs EXCEPT about:blank (currentURI.schemeIs("about") && currentURI.filePath !== "blank") || // ... source code View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/410bb24… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/410bb24… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/firefox-android][firefox-android-115.2.1-13.5-1] fixup! Implement Android-native Connection Assist UI
by Dan Ballard (＠dan) 09 May '24

09 May '24

Dan Ballard pushed to branch firefox-android-115.2.1-13.5-1 at The Tor Project / Applications / firefox-android Commits: fe6b5622 by clairehurst at 2024-05-08T15:01:58-06:00 fixup! Implement Android-native Connection Assist UI - - - - - 2 changed files: - fenix/app/src/main/java/org/mozilla/fenix/tor/TorConnectionAssistFragment.kt - fenix/app/src/main/java/org/mozilla/fenix/tor/TorConnectionAssistViewModel.kt Changes: ===================================== fenix/app/src/main/java/org/mozilla/fenix/tor/TorConnectionAssistFragment.kt ===================================== @@ -27,7 +27,6 @@ import kotlinx.coroutines.launch import mozilla.components.support.base.feature.UserInteractionHandler import org.mozilla.fenix.R import org.mozilla.fenix.databinding.FragmentTorConnectionAssistBinding -import org.mozilla.fenix.ext.components import org.mozilla.fenix.ext.hideToolbar class TorConnectionAssistFragment : Fragment(), UserInteractionHandler { @@ -75,6 +74,20 @@ class TorConnectionAssistFragment : Fragment(), UserInteractionHandler { } } + viewModel.quickstartToggle().observe( + viewLifecycleOwner, + ) { + binding.quickstartSwitch.isChecked = it == true + } + + viewModel.shouldOpenHome().observe( + viewLifecycleOwner, + ) { + if (it) { + openHome() + } + } + } override fun onDestroyView() { @@ -136,7 +149,7 @@ class TorConnectionAssistFragment : Fragment(), UserInteractionHandler { titleDescription.text = getString(screen.titleDescriptionTextStringResource) } quickstartSwitch.visibility = if (screen.quickstartSwitchVisible) View.VISIBLE else View.GONE - quickstartSwitch.isChecked = requireContext().components.torController.quickstart + quickstartSwitch.isChecked = viewModel.quickstartToggle().value == true quickstartSwitch.setOnCheckedChangeListener { _, isChecked -> viewModel.handleQuickstartChecked(isChecked) } @@ -198,7 +211,7 @@ class TorConnectionAssistFragment : Fragment(), UserInteractionHandler { } private fun openHome() { - Log.d(TAG, "openHome()") //This doesn't seem to be ever called + Log.d(TAG, "openHome()") findNavController().navigate(TorConnectionAssistFragmentDirections.actionStartupHome()) } ===================================== fenix/app/src/main/java/org/mozilla/fenix/tor/TorConnectionAssistViewModel.kt ===================================== @@ -26,6 +26,18 @@ class TorConnectionAssistViewModel( private val _torConnectScreen = MutableStateFlow(ConnectAssistUiState.Splash) internal val torConnectScreen: StateFlow<ConnectAssistUiState> = _torConnectScreen + private val _quickStartToggle = MutableLiveData<Boolean>() // don't initialize with quickstart off the bat + fun quickstartToggle(): LiveData<Boolean?> { + _quickStartToggle.value = _torController.quickstart // quickstart isn't ready until torSettings is ready + return _quickStartToggle + } + + + private val _shouldOpenHome = MutableLiveData(false) + fun shouldOpenHome(): LiveData<Boolean> { + return _shouldOpenHome + } + private val _progress = MutableLiveData(0) fun progress(): LiveData<Int> { return _progress @@ -49,6 +61,7 @@ class TorConnectionAssistViewModel( fun handleQuickstartChecked(checked: Boolean) { _torController.quickstart = checked + _quickStartToggle.value = checked } fun handleButton1Pressed( @@ -87,8 +100,9 @@ class TorConnectionAssistViewModel( TorConnectState.Configuring -> handleConfiguring() TorConnectState.AutoBootstrapping -> handleBootstrap() TorConnectState.Bootstrapping -> handleBootstrap() + TorConnectState.Bootstrapped -> _shouldOpenHome.value = true + TorConnectState.Disabled -> _shouldOpenHome.value = true TorConnectState.Error -> handleError() - else -> {} } } View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/fe6… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/fe6… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/firefox-android][firefox-android-115.2.1-13.5-1] fixup! Implement Android-native Connection Assist UI
by Dan Ballard (＠dan) 08 May '24

08 May '24

Dan Ballard pushed to branch firefox-android-115.2.1-13.5-1 at The Tor Project / Applications / firefox-android Commits: 3e6fa4e6 by clairehurst at 2024-05-07T17:54:07-06:00 fixup! Implement Android-native Connection Assist UI - - - - - 7 changed files: - fenix/app/src/main/java/org/mozilla/fenix/settings/SettingsFragment.kt - + fenix/app/src/main/java/org/mozilla/fenix/tor/QuickStartPreference.kt - fenix/app/src/main/java/org/mozilla/fenix/tor/TorConnectionAssistFragment.kt - fenix/app/src/main/java/org/mozilla/fenix/tor/TorConnectionAssistViewModel.kt - + fenix/app/src/main/res/layout/preference_quick_start.xml - fenix/app/src/main/res/values/preference_keys.xml - fenix/app/src/main/res/xml/preferences.xml Changes: ===================================== fenix/app/src/main/java/org/mozilla/fenix/settings/SettingsFragment.kt ===================================== @@ -61,6 +61,7 @@ import org.mozilla.fenix.ext.showToolbar import org.mozilla.fenix.nimbus.FxNimbus import org.mozilla.fenix.perf.ProfilerViewModel import org.mozilla.fenix.settings.account.AccountUiView +import org.mozilla.fenix.tor.QuickStartPreference import org.mozilla.fenix.tor.TorBridgeTransportConfig import org.mozilla.fenix.tor.TorEvents import org.mozilla.fenix.utils.Settings @@ -729,6 +730,14 @@ class SettingsFragment : PreferenceFragmentCompat() { } } + requirePreference<QuickStartPreference>(R.string.pref_key_quick_start).apply { + setOnPreferenceClickListener { + context.components.torController.quickstart = !context.components.torController.quickstart + updateSwitch() + true + } + } + requirePreference<Preference>(R.string.pref_key_use_new_bootstrap).apply { setOnPreferenceClickListener { val directions = ===================================== fenix/app/src/main/java/org/mozilla/fenix/tor/QuickStartPreference.kt ===================================== @@ -0,0 +1,32 @@ +package org.mozilla.fenix.tor + +import android.content.Context +import android.util.AttributeSet +import androidx.preference.PreferenceViewHolder +import androidx.preference.SwitchPreference +import com.google.android.material.switchmaterial.SwitchMaterial +import org.mozilla.fenix.R +import org.mozilla.fenix.ext.components + +class QuickStartPreference @JvmOverloads constructor( + context: Context, + attrs: AttributeSet? = null, +) : SwitchPreference(context, attrs) { + + private var switchView: SwitchMaterial? = null + + init { + widgetLayoutResource = R.layout.preference_quick_start + } + + override fun onBindViewHolder(holder: PreferenceViewHolder) { + super.onBindViewHolder(holder) + switchView = holder.findViewById(R.id.switch_widget) as SwitchMaterial + + updateSwitch() + } + + fun updateSwitch() { + switchView?.isChecked = context.components.torController.quickstart + } +} ===================================== fenix/app/src/main/java/org/mozilla/fenix/tor/TorConnectionAssistFragment.kt ===================================== @@ -27,6 +27,7 @@ import kotlinx.coroutines.launch import mozilla.components.support.base.feature.UserInteractionHandler import org.mozilla.fenix.R import org.mozilla.fenix.databinding.FragmentTorConnectionAssistBinding +import org.mozilla.fenix.ext.components import org.mozilla.fenix.ext.hideToolbar class TorConnectionAssistFragment : Fragment(), UserInteractionHandler { @@ -74,11 +75,6 @@ class TorConnectionAssistFragment : Fragment(), UserInteractionHandler { } } - viewModel.quickstartToggle().observe( - viewLifecycleOwner, - ) { - binding.quickstartSwitch.isChecked = it == true - } } override fun onDestroyView() { @@ -140,7 +136,7 @@ class TorConnectionAssistFragment : Fragment(), UserInteractionHandler { titleDescription.text = getString(screen.titleDescriptionTextStringResource) } quickstartSwitch.visibility = if (screen.quickstartSwitchVisible) View.VISIBLE else View.GONE - quickstartSwitch.isChecked = viewModel.quickstartToggle().value == true + quickstartSwitch.isChecked = requireContext().components.torController.quickstart quickstartSwitch.setOnCheckedChangeListener { _, isChecked -> viewModel.handleQuickstartChecked(isChecked) } ===================================== fenix/app/src/main/java/org/mozilla/fenix/tor/TorConnectionAssistViewModel.kt ===================================== @@ -31,12 +31,6 @@ class TorConnectionAssistViewModel( return _progress } - private val _quickStartToggle = MutableLiveData<Boolean>() // don't initialize with quickstart off the bat - fun quickstartToggle(): LiveData<Boolean?> { - _quickStartToggle.value = _torController.quickstart // quickstart isn't ready until torSettings is ready - return _quickStartToggle - } - init { Log.d(TAG, "initiating TorConnectionAssistViewModel") _torController.registerTorListener(this) @@ -55,7 +49,6 @@ class TorConnectionAssistViewModel( fun handleQuickstartChecked(checked: Boolean) { _torController.quickstart = checked - _quickStartToggle.value = checked } fun handleButton1Pressed( ===================================== fenix/app/src/main/res/layout/preference_quick_start.xml ===================================== @@ -0,0 +1,13 @@ +<?xml version="1.0" encoding="utf-8"?> + + +<com.google.android.material.switchmaterial.SwitchMaterial xmlns:android="http://schemas.android.com/apk/res/android" + android:id="@+id/switch_widget" + android:layout_width="wrap_content" + android:layout_height="match_parent" + android:clickable="false" + android:focusable="false" + android:gravity="center_vertical" + android:orientation="vertical" /> ===================================== fenix/app/src/main/res/values/preference_keys.xml ===================================== @@ -16,6 +16,7 @@ <string name="pref_key_accessibility_font_scale" translatable="false">pref_key_accessibility_font_scale</string> <string name="pref_key_privacy" translatable="false">pref_key_privacy</string> <string name="pref_key_connection" translatable="false">pref_key_connection</string> + <string name="pref_key_quick_start" translatable="false">pref_key_quick_start</string> <string name="pref_key_accessibility_force_enable_zoom" translatable="false">pref_key_accessibility_force_enable_zoom</string> <string name="pref_key_advanced" translatable="false">pref_key_advanced</string> <string name="pref_key_language" translatable="false">pref_key_language</string> ===================================== fenix/app/src/main/res/xml/preferences.xml ===================================== @@ -170,6 +170,12 @@ android:title="@string/preferences_tor_network_settings_bridge_config" android:summary="@string/preferences_tor_network_settings_bridge_config_description" /> + <org.mozilla.fenix.tor.QuickStartPreference + android:key="@string/pref_key_quick_start" + android:summary="@string/connection_assist_always_connect_automatically_toggle_description" + android:title="@string/tor_bootstrap_quick_start_label" + app:iconSpaceReserved="false" /> + <Preference android:key="@string/pref_key_use_new_bootstrap" app:iconSpaceReserved="false" View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/3e6… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/3e6… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.11.0esr-13.5-1] fixup! Bug 41369: Improve Firefox language settings for multi-lingual packages
by Pier Angelo Vendrame (＠pierov) 08 May '24

08 May '24

Pier Angelo Vendrame pushed to branch tor-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 75ac830c by Henry Wilkes at 2024-05-08T16:05:56+01:00 fixup! Bug 41369: Improve Firefox language settings for multi-lingual packages Bug 42573: Avoid async l10n.formatValue. - - - - - 1 changed file: - browser/base/content/languageNotification.js Changes: ===================================== browser/base/content/languageNotification.js ===================================== @@ -2,7 +2,7 @@ // Show a prompt to suggest to the user that they can change the UI language. // Show it only the first time, and then do not show it anymore -window.addEventListener("load", async () => { +window.addEventListener("load", () => { const PREF_NAME = "intl.language_notification.shown"; if (Services.prefs.getBoolPref(PREF_NAME, false)) { @@ -35,12 +35,12 @@ window.addEventListener("load", async () => { Services.locale.requestedLocales, Services.locale.availableLocales ).length; - const label = await document.l10n.formatValue( - matchingSystem + const label = { + "l10n-id": matchingSystem ? "language-notification-label-system" : "language-notification-label", - { language } - ); + "l10n-args": { language }, + }; const buttons = [ { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/75ac830… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/75ac830… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.11.0esr-13.5-1] fixup! Bug 30237: Add v3 onion services client authentication prompt
by ma1 (＠ma1) 08 May '24

08 May '24

ma1 pushed to branch tor-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 02b5bf73 by hackademix at 2024-05-08T12:48:22+02:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 42557: Fix regression in Onion Services authentication prompt focus - - - - - 1 changed file: - browser/components/onionservices/content/authPrompt.js Changes: ===================================== browser/components/onionservices/content/authPrompt.js ===================================== @@ -356,6 +356,13 @@ var OnionAuthPrompt = { this._showWarning(undefined); }); + // Force back focus on click: tor-browser#41856 + document + .getElementById("tor-clientauth-notification") + .addEventListener("click", () => { + window.focus(); + }); + Services.obs.addObserver(this, this._topics.clientAuthMissing); Services.obs.addObserver(this, this._topics.clientAuthIncorrect); }, View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/02b5bf7… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/02b5bf7… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new tag mullvad-browser-115.11.0esr-13.0-1-build1
by Pier Angelo Vendrame (＠pierov) 08 May '24

08 May '24

Pier Angelo Vendrame pushed new tag mullvad-browser-115.11.0esr-13.0-1-build1 at The Tor Project / Applications / Mullvad Browser -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag base-browser-115.11.0esr-13.0-1-build1
by Pier Angelo Vendrame (＠pierov) 08 May '24

08 May '24

Pier Angelo Vendrame pushed new tag base-browser-115.11.0esr-13.0-1-build1 at The Tor Project / Applications / Tor Browser -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/base-brow… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-115.11.0esr-13.5-1-build1
by Pier Angelo Vendrame (＠pierov) 08 May '24

08 May '24

Pier Angelo Vendrame pushed new tag tor-browser-115.11.0esr-13.5-1-build1 at The Tor Project / Applications / Tor Browser -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/firefox-android][firefox-android-115.2.1-13.5-1] fixup! Add Tor integration and UI
by Dan Ballard (＠dan) 07 May '24

07 May '24

Dan Ballard pushed to branch firefox-android-115.2.1-13.5-1 at The Tor Project / Applications / firefox-android Commits: 737cb590 by clairehurst at 2024-05-06T15:30:26-06:00 fixup! Add Tor integration and UI - - - - - 2 changed files: - fenix/app/src/main/java/org/mozilla/fenix/tor/TorLogsComposeFragment.kt - fenix/app/src/main/java/org/mozilla/fenix/tor/TorLogsViewModel.kt Changes: ===================================== fenix/app/src/main/java/org/mozilla/fenix/tor/TorLogsComposeFragment.kt ===================================== @@ -8,7 +8,9 @@ import android.os.Bundle import android.view.LayoutInflater import android.view.View import android.view.ViewGroup +import androidx.compose.foundation.background import androidx.compose.foundation.layout.Column +import androidx.compose.foundation.layout.PaddingValues import androidx.compose.foundation.layout.fillMaxSize import androidx.compose.foundation.layout.fillMaxWidth import androidx.compose.foundation.layout.padding @@ -16,15 +18,20 @@ import androidx.compose.foundation.rememberScrollState import androidx.compose.foundation.text.selection.DisableSelection import androidx.compose.foundation.text.selection.SelectionContainer import androidx.compose.foundation.verticalScroll +import androidx.compose.material.FloatingActionButton +import androidx.compose.material.Icon +import androidx.compose.material.Scaffold import androidx.compose.material.Text import androidx.compose.runtime.Composable import androidx.compose.runtime.Stable import androidx.compose.ui.Modifier import androidx.compose.ui.platform.ComposeView +import androidx.compose.ui.res.painterResource import androidx.compose.ui.unit.dp import androidx.fragment.app.Fragment import androidx.fragment.app.viewModels import mozilla.components.ui.colors.PhotonColors +import org.mozilla.fenix.R class TorLogsComposeFragment : Fragment() { private val viewModel: TorLogsViewModel by viewModels() @@ -36,47 +43,72 @@ class TorLogsComposeFragment : Fragment() { ): View { return ComposeView(requireContext()).apply { setContent { - SelectionContainer { - Column( - // Column instead of LazyColumn so that you can select all the logs, and not just one "screen" at a time - // The logs won't be too big so loading them all instead of just whats visible shouldn't be a big deal - modifier = Modifier - .fillMaxSize() - .verticalScroll(state = rememberScrollState(), reverseScrolling = true), - ) { - for (log in viewModel.torLogs) { - LogRow(log = log) - } - } + Scaffold( + floatingActionButton = { CopyLogsButton() }, + content = { TorLogs(paddingValues = it) }, + ) + } + } + } + + @Composable + private fun TorLogs(paddingValues: PaddingValues) { + SelectionContainer { + Column( + // Column instead of LazyColumn so that you can select all the logs, and not just one "screen" at a time + // The logs won't be too big so loading them all instead of just whats visible shouldn't be a big deal + modifier = Modifier + .fillMaxSize() + .verticalScroll(state = rememberScrollState(), reverseScrolling = true) + .padding(paddingValues) + .background(PhotonColors.Ink50), // Standard background color + ) { + for (log in viewModel.torLogs) { + LogRow(log = log) } } } } -} -@Composable -@Stable -fun LogRow(log: TorLog, modifier: Modifier = Modifier) { - Column( - modifier - .fillMaxWidth() - .padding( - start = 16.dp, - end = 16.dp, - bottom = 16.dp, - ), - ) { - DisableSelection { + @Composable + @Stable + private fun LogRow(log: TorLog, modifier: Modifier = Modifier) { + Column( + modifier + .fillMaxWidth() + .padding( + start = 16.dp, + end = 16.dp, + bottom = 16.dp, + ), + ) { + DisableSelection { + Text( + text = log.timestamp.toString(), + color = PhotonColors.LightGrey40, + modifier = modifier + .padding(bottom = 4.dp), + ) + } Text( - text = log.timestamp.toString(), - color = PhotonColors.LightGrey40, - modifier = modifier - .padding(bottom = 4.dp), + text = log.text, + color = PhotonColors.LightGrey05, ) } - Text( - text = log.text, - color = PhotonColors.LightGrey05, + } + + @Composable + private fun CopyLogsButton() { + FloatingActionButton( + onClick = { viewModel.copyAllLogsToClipboard() }, + content = { + Icon( + painter = painterResource(id = R.drawable.ic_copy), + contentDescription = getString(R.string.share_copy_link_to_clipboard), + ) + }, + backgroundColor = PhotonColors.Violet50, // Same color as connect button + contentColor = PhotonColors.LightGrey05, ) } } ===================================== fenix/app/src/main/java/org/mozilla/fenix/tor/TorLogsViewModel.kt ===================================== @@ -63,10 +63,10 @@ class TorLogsViewModel(application: Application) : AndroidViewModel(application) } } - fun copyAllLogsToClipboard() { // TODO add kebab menu in top right corner which includes option to "Copy all logs" + fun copyAllLogsToClipboard() { clipboardManager.setPrimaryClip( ClipData.newPlainText( - "Copied Text", + getApplication<Application>().getString(R.string.preferences_tor_logs), getAllTorLogs(), ), ) View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/737… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/737… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-115.11.0esr-13.5-1] Bug 41930: Remove the UI to customize accept_languages.
by Pier Angelo Vendrame (＠pierov) 07 May '24

07 May '24

Pier Angelo Vendrame pushed to branch base-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 220844d2 by Pier Angelo Vendrame at 2024-05-07T18:38:25+02:00 Bug 41930: Remove the UI to customize accept_languages. - - - - - 3 changed files: - browser/components/preferences/main.inc.xhtml - browser/components/preferences/main.js - toolkit/components/resistfingerprinting/RFPHelper.sys.mjs Changes: ===================================== browser/components/preferences/main.inc.xhtml ===================================== @@ -337,6 +337,7 @@ </hbox> <hbox id="languagesBox" align="center"> +  + <checkbox id="spoofEnglish" + data-l10n-id="languages-customize-spoof-english"/> </hbox> <checkbox id="useSystemLocale" hidden="true" ===================================== browser/components/preferences/main.js ===================================== @@ -438,7 +438,23 @@ var gMainPane = { "command", makeDisableControllingExtension(PREF_SETTING_TYPE, CONTAINERS_KEY) ); - setEventListener("chooseLanguage", "command", gMainPane.showLanguages); + // setEventListener("chooseLanguage", "command", gMainPane.showLanguages); + { + const spoofEnglish = document.getElementById("spoofEnglish"); + const kPrefSpoofEnglish = "privacy.spoof_english"; + const preference = Preferences.add({ + id: kPrefSpoofEnglish, + type: "int", + }); + const spoofEnglishChanged = () => { + spoofEnglish.checked = preference.value == 2; + }; + spoofEnglishChanged(); + preference.on("change", spoofEnglishChanged); + setEventListener("spoofEnglish", "command", () => { + preference.value = spoofEnglish.checked ? 2 : 1; + }); + } setEventListener( "translationAttributionImage", "click", ===================================== toolkit/components/resistfingerprinting/RFPHelper.sys.mjs ===================================== @@ -291,9 +291,13 @@ class _RFPHelper { ) { Services.prefs.clearUserPref("javascript.use_us_english_locale"); } - // We don't reset intl.accept_languages. Instead, setting - // privacy.spoof_english to 1 allows user to change preferred language - // settings through Preferences UI. + if (this.rfpEnabled) { + // When RFP is enabled, we force intl.accept_languages to be the + // default, or en-US, en when spoof English is enabled. + // See tor-browser#41930. + Services.prefs.clearUserPref("intl.accept_languages"); + Services.prefs.addObserver("intl.accept_languages", this); + } break; case 2: // spoof Services.prefs.setCharPref("intl.accept_languages", "en-US, en"); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/220844d… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/220844d… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.11.0esr-13.5-1] Bug 41930: Remove the UI to customize accept_languages.
by Pier Angelo Vendrame (＠pierov) 07 May '24

07 May '24

Pier Angelo Vendrame pushed to branch mullvad-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser Commits: f5bb3351 by Pier Angelo Vendrame at 2024-05-07T18:37:07+02:00 Bug 41930: Remove the UI to customize accept_languages. - - - - - 3 changed files: - browser/components/preferences/main.inc.xhtml - browser/components/preferences/main.js - toolkit/components/resistfingerprinting/RFPHelper.sys.mjs Changes: ===================================== browser/components/preferences/main.inc.xhtml ===================================== @@ -337,6 +337,7 @@ </hbox> <hbox id="languagesBox" align="center"> +  + <checkbox id="spoofEnglish" + data-l10n-id="languages-customize-spoof-english"/> </hbox> <checkbox id="useSystemLocale" hidden="true" ===================================== browser/components/preferences/main.js ===================================== @@ -438,7 +438,23 @@ var gMainPane = { "command", makeDisableControllingExtension(PREF_SETTING_TYPE, CONTAINERS_KEY) ); - setEventListener("chooseLanguage", "command", gMainPane.showLanguages); + // setEventListener("chooseLanguage", "command", gMainPane.showLanguages); + { + const spoofEnglish = document.getElementById("spoofEnglish"); + const kPrefSpoofEnglish = "privacy.spoof_english"; + const preference = Preferences.add({ + id: kPrefSpoofEnglish, + type: "int", + }); + const spoofEnglishChanged = () => { + spoofEnglish.checked = preference.value == 2; + }; + spoofEnglishChanged(); + preference.on("change", spoofEnglishChanged); + setEventListener("spoofEnglish", "command", () => { + preference.value = spoofEnglish.checked ? 2 : 1; + }); + } setEventListener( "translationAttributionImage", "click", ===================================== toolkit/components/resistfingerprinting/RFPHelper.sys.mjs ===================================== @@ -291,9 +291,13 @@ class _RFPHelper { ) { Services.prefs.clearUserPref("javascript.use_us_english_locale"); } - // We don't reset intl.accept_languages. Instead, setting - // privacy.spoof_english to 1 allows user to change preferred language - // settings through Preferences UI. + if (this.rfpEnabled) { + // When RFP is enabled, we force intl.accept_languages to be the + // default, or en-US, en when spoof English is enabled. + // See tor-browser#41930. + Services.prefs.clearUserPref("intl.accept_languages"); + Services.prefs.addObserver("intl.accept_languages", this); + } break; case 2: // spoof Services.prefs.setCharPref("intl.accept_languages", "en-US, en"); View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/f5b… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/f5b… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.11.0esr-13.5-1] Bug 41930: Remove the UI to customize accept_languages.
by Pier Angelo Vendrame (＠pierov) 07 May '24

07 May '24

Pier Angelo Vendrame pushed to branch tor-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: e90710d0 by Pier Angelo Vendrame at 2024-05-07T17:51:02+02:00 Bug 41930: Remove the UI to customize accept_languages. - - - - - 3 changed files: - browser/components/preferences/main.inc.xhtml - browser/components/preferences/main.js - toolkit/components/resistfingerprinting/RFPHelper.sys.mjs Changes: ===================================== browser/components/preferences/main.inc.xhtml ===================================== @@ -337,6 +337,7 @@ </hbox> <hbox id="languagesBox" align="center"> +  + <checkbox id="spoofEnglish" + data-l10n-id="languages-customize-spoof-english"/> </hbox> <checkbox id="useSystemLocale" hidden="true" ===================================== browser/components/preferences/main.js ===================================== @@ -436,7 +436,23 @@ var gMainPane = { "command", makeDisableControllingExtension(PREF_SETTING_TYPE, CONTAINERS_KEY) ); - setEventListener("chooseLanguage", "command", gMainPane.showLanguages); + // setEventListener("chooseLanguage", "command", gMainPane.showLanguages); + { + const spoofEnglish = document.getElementById("spoofEnglish"); + const kPrefSpoofEnglish = "privacy.spoof_english"; + const preference = Preferences.add({ + id: kPrefSpoofEnglish, + type: "int", + }); + const spoofEnglishChanged = () => { + spoofEnglish.checked = preference.value == 2; + }; + spoofEnglishChanged(); + preference.on("change", spoofEnglishChanged); + setEventListener("spoofEnglish", "command", () => { + preference.value = spoofEnglish.checked ? 2 : 1; + }); + } setEventListener( "translationAttributionImage", "click", ===================================== toolkit/components/resistfingerprinting/RFPHelper.sys.mjs ===================================== @@ -291,9 +291,13 @@ class _RFPHelper { ) { Services.prefs.clearUserPref("javascript.use_us_english_locale"); } - // We don't reset intl.accept_languages. Instead, setting - // privacy.spoof_english to 1 allows user to change preferred language - // settings through Preferences UI. + if (this.rfpEnabled) { + // When RFP is enabled, we force intl.accept_languages to be the + // default, or en-US, en when spoof English is enabled. + // See tor-browser#41930. + Services.prefs.clearUserPref("intl.accept_languages"); + Services.prefs.addObserver("intl.accept_languages", this); + } break; case 2: // spoof Services.prefs.setCharPref("intl.accept_languages", "en-US, en"); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/e90710d… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/e90710d… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-android-service][main] Bug 41111: Use Lyrebird to provide WebTunnel PT Client
by richard (＠richard) 07 May '24

07 May '24

richard pushed to branch main at The Tor Project / Applications / tor-android-service Commits: de1e85a0 by Richard Pospesel at 2024-04-22T19:11:38+00:00 Bug 41111: Use Lyrebird to provide WebTunnel PT Client Revert "Bug 40800: Add WebTunnel support" This reverts commit 0438a9a4ce1548be08dd2df891a38987bb313d22. - - - - - 1 changed file: - service/src/main/java/org/torproject/android/service/TorService.java Changes: ===================================== service/src/main/java/org/torproject/android/service/TorService.java ===================================== @@ -379,10 +379,8 @@ public final class TorService extends Service implements TorServiceConstants, Or if(!pluggableTransportSnow.canExecute()) pluggableTransportSnow.setExecutable(true); File pluggableTransportConjure = new File(nativeDir, "libConjure.so"); if(!pluggableTransportConjure.canExecute()) pluggableTransportConjure.setExecutable(true); - File pluggableTransportWebtunnel = new File(nativeDir, "libWebtunnel.so"); - if(!pluggableTransportWebtunnel.canExecute()) pluggableTransportWebtunnel.setExecutable(true); - builder.configurePluggableTransportsFromSettings(pluggableTransportObfs, pluggableTransportSnow, pluggableTransportConjure, pluggableTransportWebtunnel); + builder.configurePluggableTransportsFromSettings(pluggableTransportObfs, pluggableTransportSnow, pluggableTransportConjure); mDataService.updateConfigBuilder(builder); onionProxyManager.getTorInstaller().updateTorConfigCustom (builder.asString()); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-android-service/-/commit… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-android-service/-/commit… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-115.11.0esr-13.5-1] fixup! Bug 32308: Use direct browser sizing for letterboxing.
by Pier Angelo Vendrame (＠pierov) 07 May '24

07 May '24

Pier Angelo Vendrame pushed to branch base-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 36897c9e by hackademix at 2024-05-07T15:49:09+02:00 fixup! Bug 32308: Use direct browser sizing for letterboxing. Bug 42405: Fix betterboxing + findbar horizontal bounce if the scrollbar is not an overlay. - - - - - 1 changed file: - browser/base/content/browser.css Changes: ===================================== browser/base/content/browser.css ===================================== @@ -137,8 +137,9 @@ body { From Firefox 115 on, .browserContainer layout is flex / column, and without this trick the .browserStack's resize observer doesn't get notified on horizontal shrinking. + See also tor-browser#42405. */ - overflow-x: hidden; + overflow: hidden; background: var(--letterboxing-bgcolor); } View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/36897c9… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/36897c9… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bump Firefox version to 115.11.0esr for nightly builds.
by Pier Angelo Vendrame (＠pierov) 07 May '24

07 May '24

Pier Angelo Vendrame pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 6a0180ae by Pier Angelo Vendrame at 2024-05-07T15:38:26+02:00 Bump Firefox version to 115.11.0esr for nightly builds. - - - - - 2 changed files: - projects/firefox/config - projects/geckoview/config Changes: ===================================== projects/firefox/config ===================================== @@ -14,12 +14,12 @@ container: use_container: 1 var: - firefox_platform_version: 115.10.0 + firefox_platform_version: 115.11.0 firefox_version: '[% c("var/firefox_platform_version") %]esr' browser_series: '13.5' browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' - browser_build: 2 + browser_build: 1 branding_directory_prefix: 'tb' copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-[% c("var/osname") %]' ===================================== projects/geckoview/config ===================================== @@ -14,9 +14,9 @@ container: use_container: 1 var: - geckoview_version: 115.10.0esr + geckoview_version: 115.11.0esr browser_branch: 13.5-1 - browser_build: 2 + browser_build: 1 copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' gitlab_project: https://gitlab.torproject.org/tpo/applications/tor-browser git_commit: '[% exec("git rev-parse HEAD") %]' View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.11.0esr-13.5-1] fixup! Bug 32308: Use direct browser sizing for letterboxing.
by Pier Angelo Vendrame (＠pierov) 07 May '24

07 May '24

Pier Angelo Vendrame pushed to branch mullvad-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser Commits: fa7415c5 by hackademix at 2024-05-07T15:36:24+02:00 fixup! Bug 32308: Use direct browser sizing for letterboxing. Bug 42405: Fix betterboxing + findbar horizontal bounce if the scrollbar is not an overlay. - - - - - 1 changed file: - browser/base/content/browser.css Changes: ===================================== browser/base/content/browser.css ===================================== @@ -137,8 +137,9 @@ body { From Firefox 115 on, .browserContainer layout is flex / column, and without this trick the .browserStack's resize observer doesn't get notified on horizontal shrinking. + See also tor-browser#42405. */ - overflow-x: hidden; + overflow: hidden; background: var(--letterboxing-bgcolor); } View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/fa7… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/fa7… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new tag mullvad-browser-115.11.0esr-13.5-1-build1
by Pier Angelo Vendrame (＠pierov) 07 May '24

07 May '24

Pier Angelo Vendrame pushed new tag mullvad-browser-115.11.0esr-13.5-1-build1 at The Tor Project / Applications / Mullvad Browser -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag base-browser-115.11.0esr-13.5-1-build1
by Pier Angelo Vendrame (＠pierov) 07 May '24

07 May '24

Pier Angelo Vendrame pushed new tag base-browser-115.11.0esr-13.5-1-build1 at The Tor Project / Applications / Tor Browser -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/base-brow… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new branch base-browser-115.11.0esr-13.5-1
by Pier Angelo Vendrame (＠pierov) 07 May '24

07 May '24

Pier Angelo Vendrame pushed new branch base-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/base-brow… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new branch base-browser-115.11.0esr-13.0-1
by Pier Angelo Vendrame (＠pierov) 07 May '24

07 May '24

Pier Angelo Vendrame pushed new branch base-browser-115.11.0esr-13.0-1 at The Tor Project / Applications / Tor Browser -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/base-brow… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-115.11.0esr-13.0-1-build1
by Pier Angelo Vendrame (＠pierov) 07 May '24

07 May '24

Pier Angelo Vendrame pushed new tag tor-browser-115.11.0esr-13.0-1-build1 at The Tor Project / Applications / Tor Browser -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] 2 commits: MB 200: Update the Mullvad Browser Windows installer.
by richard (＠richard) 07 May '24

07 May '24

richard pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: f1d5ceae by Pier Angelo Vendrame at 2024-05-07T12:17:19+00:00 MB 200: Update the Mullvad Browser Windows installer. Changed the installation page to look like NSIS's welcome page, as requested in the issue. - - - - - 7bc292e1 by Pier Angelo Vendrame at 2024-05-07T12:17:19+00:00 MB 200: Update the Mullvad Browser Windows installer. Change "Custom" with "Advanced", and "Portable" with "Standalone". - - - - - 4 changed files: - projects/browser/windows-installer/browser-install.nsi - projects/browser/windows-installer/common.nsh - projects/browser/windows-installer/defines.nsh.in - + projects/browser/windows-installer/mullvadbrowser.bmp Changes: ===================================== projects/browser/windows-installer/browser-install.nsi ===================================== @@ -10,20 +10,27 @@ !define DEFAULT_INSTALL_DIR "$LocalAppdata\${APP_DIR}\${NAME_NO_SPACES}\${UPDATE_CHANNEL}" InstallDir "${DEFAULT_INSTALL_DIR}" + AutoCloseWindow true + ;-------------------------------- ; Pages Page custom SetupType SetupTypeLeave - Page custom CustomSetup CustomSetupLeave + Page custom AdvancedSetup AdvancedSetupLeave ; Disable the directory selection when updating - !define MUI_PAGE_CUSTOMFUNCTION_PRE CustomPageDirectory + !define MUI_PAGE_CUSTOMFUNCTION_PRE PageDirectoryPre + !define MUI_PAGE_CUSTOMFUNCTION_SHOW PageDirectoryShow !define MUI_PAGE_CUSTOMFUNCTION_LEAVE CheckIfTargetDirectoryExists + !define MUI_PAGE_HEADER_SUBTEXT "" !insertmacro MUI_PAGE_DIRECTORY + !define MUI_PAGE_CUSTOMFUNCTION_LEAVE StartBrowser !insertmacro MUI_PAGE_INSTFILES - !insertmacro MUI_PAGE_FINISH !insertmacro MUI_UNPAGE_CONFIRM !insertmacro MUI_UNPAGE_INSTFILES - !insertmacro MUI_UNPAGE_FINISH + ; If we want to restore the finish page in the uninstaller, we have to enable + ; it also for the installer (but we can still skip it by adding Quit in + ; StartBrowser). + ; !insertmacro MUI_UNPAGE_FINISH ; Languages must be defined after pages !include "languages.nsh" @@ -35,57 +42,86 @@ var existingInstall ; Installation settings -var isCustomMode -var isPortableMode +var isAdvancedMode +var isStandaloneMode var createDesktopShortcut ; Variable used by the setup type page var typeRadioStandard -var typeRadioCustom +var typeRadioAdvanced var typeRadioClicked var typeNextButton -; Variables used in the custom setup page -var customCheckboxPortable -var customCheckboxDesktop +; Variables used in the advanced setup page +var advancedCheckboxDesktop +var advancedCheckboxStandalone + +ReserveFile ${WELCOME_IMAGE} Function .onInit Call CheckRequirements - !insertmacro MUI_LANGDLL_DISPLAY + ; Skip NSIS's language selection prompt and try to use the OS language without + ; further confirmations. + + File /oname=$PLUGINSDIR\${WELCOME_IMAGE} "${WELCOME_IMAGE}" ReadRegStr $existingInstall HKCU "${UNINST_KEY}" "InstallLocation" StrCpy $createDesktopShortcut "true" FunctionEnd Function SetupType - !insertmacro MUI_HEADER_TEXT "Setup Type" "Choose setup options" - nsDialogs::Create 1018 + ; Freely inspired by the built-in page implemented in + ; Contrib/Modern UI 2/Pages/Welcome.nsh. + ; The problem with the built-in page is that the description label fills all + ; the vertical space, preventing the addition of other widgets (they will be + ; hidden, will become visible when using Tab, but it will not be possible to + ; interact with them with the mouse. + nsDialogs::Create 1044 Pop $0 ${If} $0 == error Abort ${EndIf} + SetCtlColors $0 "" "${MUI_BGCOLOR}" + + ${NSD_CreateBitmap} 0 0 100% 100% "" + Pop $0 + ${NSD_SetBitmap} $0 $PLUGINSDIR\${WELCOME_IMAGE} $1 + + ${NSD_CreateLabel} 120u 10u 195u 28u "Welcome to the ${DISPLAY_NAME} Installer" + Pop $0 + SetCtlColors $0 "${MUI_TEXTCOLOR}" "${MUI_BGCOLOR}" + CreateFont $2 "$(^Font)" "12" "700" + SendMessage $0 ${WM_SETFONT} $2 0 + + ${NSD_CreateLabel} 120u 45u 195u 60u "${INTRO_TEXT}" + Pop $0 + SetCtlColors $0 "${MUI_TEXTCOLOR}" "${MUI_BGCOLOR}" + + ${NSD_CreateLabel} 120u 105u 195u 12u "Installation Type" + Pop $0 + SetCtlColors $0 "" ${MUI_BGCOLOR} - ${NSD_CreateLabel} 0 0 100% 18% "Choose the type of setup you prefer." ${If} $existingInstall == "" - ${NSD_CreateRadioButton} 0 18% 100% 6% "Standard" + ${NSD_CreateRadioButton} 120u 117u 160u 12u "Standard" Pop $typeRadioStandard - ${NSD_CreateRadioButton} 0 30% 100% 6% "Custom" - Pop $typeRadioCustom ${Else} - ${NSD_CreateRadioButton} 0 18% 100% 6% "Update your existing installation" + ${NSD_CreateRadioButton} 120u 117u 160u 12u "Update current installation" Pop $typeRadioStandard - ${NSD_CreateRadioButton} 0 30% 100% 6% "Portable installation" - Pop $typeRadioCustom ${EndIf} + ${NSD_CreateRadioButton} 120u 129u 160u 12u "Advanced" + Pop $typeRadioAdvanced + + SetCtlColors $typeRadioStandard "" ${MUI_BGCOLOR} ${NSD_OnClick} $typeRadioStandard SetupTypeRadioClick - ${NSD_OnClick} $typeRadioCustom SetupTypeRadioClick + SetCtlColors $typeRadioAdvanced "" ${MUI_BGCOLOR} + ${NSD_OnClick} $typeRadioAdvanced SetupTypeRadioClick GetDlgItem $typeNextButton $HWNDPARENT 1 ; Re-check radios if the user presses back - ${If} $isCustomMode == "true" - StrCpy $typeRadioClicked $typeRadioCustom + ${If} $isAdvancedMode == "true" + StrCpy $typeRadioClicked $typeRadioAdvanced ${Else} StrCpy $typeRadioClicked $typeRadioStandard ${EndIf} @@ -93,6 +129,8 @@ Function SetupType Call SetupTypeUpdate nsDialogs::Show + + ${NSD_FreeBitmap} $1 FunctionEnd Function SetupTypeRadioClick @@ -101,12 +139,12 @@ Function SetupTypeRadioClick FunctionEnd Function SetupTypeUpdate - ${If} $typeRadioClicked == $typeRadioCustom - StrCpy $isCustomMode "true" + ${If} $typeRadioClicked == $typeRadioAdvanced + StrCpy $isAdvancedMode "true" SendMessage $typeNextButton ${WM_SETTEXT} 0 "STR:$(^NextBtn)" ${ElseIf} $typeRadioClicked == $typeRadioStandard - StrCpy $isCustomMode "false" - StrCpy $isPortableMode "false" + StrCpy $isAdvancedMode "false" + StrCpy $isStandaloneMode "false" ${If} $existingInstall == "" SendMessage $typeNextButton ${WM_SETTEXT} 0 "STR:$(^InstallBtn)" ${Else} @@ -116,79 +154,81 @@ Function SetupTypeUpdate FunctionEnd Function SetupTypeLeave - ${If} $typeRadioClicked == $typeRadioCustom - StrCpy $isCustomMode "true" + ${If} $typeRadioClicked == $typeRadioAdvanced + StrCpy $isAdvancedMode "true" ${ElseIf} $typeRadioClicked == $typeRadioStandard - StrCpy $isCustomMode "false" - StrCpy $isPortableMode "false" + StrCpy $isAdvancedMode "false" + StrCpy $isStandaloneMode "false" ${Else} Abort ${EndIf} FunctionEnd -Function CustomSetup - ${If} $isCustomMode != "true" +Function AdvancedSetup + ${If} $isAdvancedMode != "true" Return ${EndIf} - !insertmacro MUI_HEADER_TEXT "Custom Setup" "Customize your setup options" + !insertmacro MUI_HEADER_TEXT "Advanced setup" "" nsDialogs::Create 1018 Pop $0 ${If} $0 == error Abort ${EndIf} - ${NSD_CreateCheckbox} 0 18% 100% 6% "Portable installation" - Pop $customCheckboxPortable - ${NSD_CreateCheckbox} 0 30% 100% 6% "Create a desktop shortcut" - Pop $customCheckboxDesktop - ${NSD_OnClick} $customCheckboxPortable CustomSetupCheckboxClick - ${NSD_OnClick} $customCheckboxDesktop CustomSetupCheckboxClick + ${NSD_CreateCheckbox} 0 18% 100% 6% "Create a desktop shortcut" + Pop $advancedCheckboxDesktop + ${NSD_CreateCheckbox} 0 30% 100% 6% "Standalone installation" + Pop $advancedCheckboxStandalone + ${NSD_CreateLabel} 4% 37% 95% 50% "Choose the standalone installation if you want to install Mullvad Browser in its own dedicated folder, without adding it to the Start menu and to the list of applications." + Pop $0 + ${NSD_OnClick} $advancedCheckboxStandalone AdvancedSetupCheckboxClick + ${NSD_OnClick} $advancedCheckboxDesktop AdvancedSetupCheckboxClick - ${If} $existingInstall != "" - ; If we already have an installation, this is already portable mode. - StrCpy $isPortableMode "true" - ${NSD_Check} $customCheckboxPortable - EnableWindow $customCheckboxPortable 0 - ${ElseIf} $isPortableMode == "true" - ${NSD_Check} $customCheckboxPortable - ${EndIf} ${If} $createDesktopShortcut == "true" - ${NSD_Check} $customCheckboxDesktop + ${NSD_Check} $advancedCheckboxDesktop + ${EndIf} + ${If} $existingInstall != "" + ; If we already have an installation, this is already standalone mode. + StrCpy $isStandaloneMode "true" + ${NSD_Check} $advancedCheckboxStandalone + EnableWindow $advancedCheckboxStandalone 0 + ${ElseIf} $isStandaloneMode == "true" + ${NSD_Check} $advancedCheckboxStandalone ${EndIf} nsDialogs::Show FunctionEnd -Function CustomSetupUpdate - ${NSD_GetState} $customCheckboxPortable $0 +Function AdvancedSetupUpdate + ${NSD_GetState} $advancedCheckboxDesktop $0 ${If} $0 == "${BST_CHECKED}" - StrCpy $isPortableMode "true" + StrCpy $createDesktopShortcut "true" ${Else} - StrCpy $isPortableMode "false" + StrCpy $createDesktopShortcut "false" ${EndIf} - ${NSD_GetState} $customCheckboxDesktop $0 + ${NSD_GetState} $advancedCheckboxStandalone $0 ${If} $0 == "${BST_CHECKED}" - StrCpy $createDesktopShortcut "true" + StrCpy $isStandaloneMode "true" ${Else} - StrCpy $createDesktopShortcut "false" + StrCpy $isStandaloneMode "false" ${EndIf} FunctionEnd -Function CustomSetupCheckboxClick +Function AdvancedSetupCheckboxClick Pop $0 - Call CustomSetupUpdate + Call AdvancedSetupUpdate FunctionEnd -Function CustomSetupLeave - Call CustomSetupUpdate +Function AdvancedSetupLeave + Call AdvancedSetupUpdate FunctionEnd -Function CustomPageDirectory - ${If} $isPortableMode == "true" +Function PageDirectoryPre + ${If} $isStandaloneMode == "true" StrCpy $INSTDIR "${DEFAULT_PORTABLE_DIR}" - ; Always go through this page in portable mode. + ; Always go through this page in standalone mode. Return ${ElseIf} $existingInstall != "" ; When updating, force the old directory and skip the page. @@ -198,23 +238,29 @@ Function CustomPageDirectory StrCpy $INSTDIR "${DEFAULT_INSTALL_DIR}" ${EndIf} - ${If} $isCustomMode != "true" + ${If} $isAdvancedMode != "true" ; Standard install, use the default directory and skip the page. Abort ${EndIf} FunctionEnd +Function PageDirectoryShow + ShowWindow $mui.DirectoryPage.Text ${SW_HIDE} + ShowWindow $mui.DirectoryPage.SpaceRequired ${SW_HIDE} + ShowWindow $mui.DirectoryPage.SpaceAvailable ${SW_HIDE} +FunctionEnd + Section "Browser" SecBrowser SetOutPath "$INSTDIR" - ${If} $isPortableMode == "true" + ${If} $isStandaloneMode == "true" File /r "${PROGRAM_SOURCE}\*.*" CreateShortCut "$INSTDIR\${DISPLAY_NAME}.lnk" "$INSTDIR\Browser\${EXE_NAME}" ${Else} ; Do not use a Browser directory for installs. File /r "${PROGRAM_SOURCE}\Browser\*.*" - ; Tell the browser we are not in portable mode anymore. + ; Tell the browser we are not in standalone mode anymore. FileOpen $0 "$INSTDIR\system-install" w FileClose $0 @@ -231,7 +277,7 @@ Section "Browser" SecBrowser SectionEnd Function StartBrowser - ${If} $isPortableMode == "true" + ${If} $isStandaloneMode == "true" ExecShell "open" "$INSTDIR\${DISPLAY_NAME}.lnk" ${Else} ExecShell "open" "$INSTDIR\${EXE_NAME}" ===================================== projects/browser/windows-installer/common.nsh ===================================== @@ -28,6 +28,9 @@ ; Support HiDPI displays ManifestDPIAware true + ; Do not show "Nullsoft Install System vX.XX" + BrandingText " " + ;-------------------------------- ; Version information VIProductVersion "${VERSION_WINDOWS}" ===================================== projects/browser/windows-installer/defines.nsh.in ===================================== @@ -22,6 +22,7 @@ [% ELSE -%] !define ICON_NAME "[% c('var/projectname') %].ico" [% END -%] + !define WELCOME_IMAGE "[% c('var/projectname') %].bmp" [% IF c('var/mullvad-browser') -%] ; Firefox's --with-user-appdir @@ -33,6 +34,9 @@ !define URL_ABOUT "https://mullvad.net/en/browser" !define URL_UPDATE "https://github.com/mullvad/mullvad-browser/releases/[% c('var/torbrowser_version') %]" !define URL_HELP "https://mullvad.net/help/tag/browser/" + + ; TODO: This will likely be localized in the future. + !define INTRO_TEXT "Mullvad Browser is a privacy-focused web browser designed to minimize tracking and fingerprinting." [% ELSE -%] ; Not defined for Tor Browser !define APP_DIR "TorProject" @@ -43,4 +47,6 @@ !define URL_ABOUT "https://www.torproject.org/" !define URL_UPDATE "https://blog.torproject.org/new[% IF c('var/alpha') %]-alpha[% END %]-release-tor-browser-[% c('var/torbrowser_version') FILTER remove('\.') %]" !define URL_HELP "https://tb-manual.torproject.org/" + + !define INTRO_TEXT "Tor Browser. Protect yourself against tracking, surveillance, and censorship." [% END -%] ===================================== projects/browser/windows-installer/mullvadbrowser.bmp ===================================== Binary files /dev/null and b/projects/browser/windows-installer/mullvadbrowser.bmp differ View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.11.0esr-13.5-1] 146 commits: Bug 1819160 - Map Android ids to doc/accessible id pairs. r=Jamie
by richard (＠richard) 07 May '24

07 May '24

richard pushed to branch mullvad-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser Commits: 24d59315 by Eitan Isaacson at 2024-05-06T19:17:14+02:00 Bug 1819160 - Map Android ids to doc/accessible id pairs. r=Jamie Differential Revision: https://phabricator.services.mozilla.com/D179737 - - - - - 14d4144b by Pier Angelo Vendrame at 2024-05-06T19:17:14+02:00 Bug 1832523 - Allow using NSS to sign and verify MAR signatures. r=application-update-reviewers,glandium,bytesized Allow using NSS for checking MAR signatures also in platforms where OS-native APIs are used by default, i.e., macOS and Windows. Differential Revision: https://phabricator.services.mozilla.com/D177743 - - - - - 364259d0 by Pier Angelo Vendrame at 2024-05-06T19:17:14+02:00 Bug 1849129: Prevent exceptions caused by extensions from interrupting the SearchService initialization. r=search-reviewers,Standard8 Differential Revision: https://phabricator.services.mozilla.com/D186456 - - - - - 0e9cd199 by Emilio Cobos Álvarez at 2024-05-06T19:17:14+02:00 Bug 1853731 - Use html:img for message-bar-icon. r=Gijs,dao,settings-reviewers,desktop-theme-reviewers,sfoster Differential Revision: https://phabricator.services.mozilla.com/D188521 - - - - - 8d046102 by Pier Angelo Vendrame at 2024-05-06T19:17:14+02:00 Bug 1854117 - Sort the DLL blocklist flags. r=mossop,win-reviewers,gstoll Differential Revision: https://phabricator.services.mozilla.com/D188716 - - - - - ba11b9cf by Eden Chuang at 2024-05-06T19:17:15+02:00 Bug 1738426 - Ignoring status 206 and vary header checking for opaque response in Cache API. r=asuth Differential Revision: https://phabricator.services.mozilla.com/D186431 - - - - - 1f5271f2 by edgul at 2024-05-06T19:17:15+02:00 Bug 1802057 - Block the following characters from use in the cookie name in the cookie string: 0x3B (semi-colon), 0x3D (equals), and 0x7F (del) r=dveditz,cookie-reviewers Differential Revision: https://phabricator.services.mozilla.com/D182373 - - - - - db9afe8b by Kelsey Gilbert at 2024-05-06T19:17:15+02:00 Bug 1819497 - Don't race on static bool for initialization. r=gfx-reviewers,aosmond We could do non-racy static init here (e.g. with a static initializer self-calling-closure), but there doesn't seem to be a strong reason for this. Let's just use a switch and get robustness from -Werror=switch. Differential Revision: https://phabricator.services.mozilla.com/D188054 - - - - - 222b4585 by Mark Banner at 2024-05-06T19:17:15+02:00 Bug 1845752. r=ckerschb Differential Revision: https://phabricator.services.mozilla.com/D186676 - - - - - c96c6b21 by Pier Angelo Vendrame at 2024-05-06T19:17:16+02:00 Bug 1849186 - Add a preference not to expose the content title in the window title. r=Gijs,tabbrowser-reviewers,dao Differential Revision: https://phabricator.services.mozilla.com/D190496 - - - - - 80c22ab6 by Bob Owen at 2024-05-06T19:17:16+02:00 Bug 1850072: Initialize RecordedDrawTargetCreation::mHasExistingData. r=jrmuizel This also specializes ElementStreamFormat for bool. Differential Revision: https://phabricator.services.mozilla.com/D187794 - - - - - 3b1c9885 by Malte Juergens at 2024-05-06T19:17:16+02:00 Bug 1850200 - Add delay to HTTPS-Only "Continue to HTTPS Site" button r=freddyb Differential Revision: https://phabricator.services.mozilla.com/D187887 - - - - - d8e484c6 by Andreas Pehrson at 2024-05-06T19:17:16+02:00 Bug 1851803 - Introduce SourceMediaTrack::mDirectDisabledMode. r=karlt Similar to MediaTrack::mDisabledMode, but this is for uses on the SourceMediaTrack producer thread. It is still signaled via a control message from the control thread to maintain order of operations, and is protected by the SourceMediaTrack mutex. Differential Revision: https://phabricator.services.mozilla.com/D187554 - - - - - 74384bad by Pier Angelo Vendrame at 2024-05-06T19:17:16+02:00 Bug 1860020 - Remove the assertion on the value of toolkit.telemetry.enabled. r=KrisWright,chutten Bug 1444275 introduced an assertion on the parent process to check that the value of toolkit.telemetry.enabled is the expected one. However, this expected value could be different from the one set and locked e.g. in some forks. Therefore, the assertion prevented debug builds from working in these cases. Differential Revision: https://phabricator.services.mozilla.com/D195080 - - - - - f9f2ddb9 by Kagami Sascha Rosylight at 2024-05-06T19:17:17+02:00 Bug 1865238 - Use One UI Sans KR VF for Korean sans-serif font on Android r=jfkthame Per /etc/fonts.xml, there are now only two `<family lang="ko">` nodes there: * OneUISansKRVF series * SECCJK series (but no KR postfix anymore?) This patch uses One UI Sans KR VF as the replacement as this is newer and is a variable font (tested with https://codepen.io/SaschaNaz/pen/ExrdYXJ) Differential Revision: https://phabricator.services.mozilla.com/D195078 - - - - - 2adf53c9 by Tom Ritter at 2024-05-06T19:17:17+02:00 Bug 1873526: Refactor the restriction override list from a big if statement to a list r=KrisWright Differential Revision: https://phabricator.services.mozilla.com/D198081 - - - - - 3a806225 by Pier Angelo Vendrame at 2024-05-06T19:17:17+02:00 Bug 1875306 - Localize numbers in the underflow and overflow error messages. r=emilio Differential Revision: https://phabricator.services.mozilla.com/D198965 - - - - - 295b677d by Pier Angelo Vendrame at 2024-05-06T19:17:17+02:00 Bug 1875313 - Use en-US as a fallback when spoof English is enabled in ICUUtils. r=timhuang,tjr Differential Revision: https://phabricator.services.mozilla.com/D198967 - - - - - 7c73b13f by Pier Angelo Vendrame at 2024-05-06T19:17:17+02:00 Bug 1880988 - Apply spoof English to the default detail summary. r=emilio Differential Revision: https://phabricator.services.mozilla.com/D202203 - - - - - 7e25ac51 by Tom Ritter at 2024-05-06T19:17:18+02:00 Bug 1885258: Hidden fonts should obey the allow list r=jfkthame Differential Revision: https://phabricator.services.mozilla.com/D204571 - - - - - 101bdd89 by Henry Wilkes at 2024-05-06T19:17:18+02:00 Bug 41454: Move focus after calling openPreferences for a sub-category. Temporary fix until mozilla bug 1799153 gets a patch upstream. - - - - - bd66f5b2 by hackademix at 2024-05-06T19:17:18+02:00 Bug 42194: Fix blank net error page on failed DNS resolution with active proxy. - - - - - 5682c66a by Henry Wilkes at 2024-05-06T19:17:18+02:00 Bug 41483: Remove the firefox override for appstrings.properties Remove this patch after upstream bugzilla bug 1790187 - - - - - df3f350e by Pier Angelo Vendrame at 2024-05-06T19:17:19+02:00 Bug 41116: Normalize system fonts. System fonts are an enormous fingerprinting vector. Even with font allow lists and with our custom configuration on Linux, which counter metrics measurements, getComputedStyle leaks several details. This patch counters both these kinds of attacks. - - - - - 2c1a8f52 by Pier Angelo Vendrame at 2024-05-06T19:17:19+02:00 fixup! Bug 41116: Normalize system fonts. Bug 42529: Fix the breakage of this patch on Android. Also, improve the patch hoping I can finally uplift it. - - - - - dd754ead by Marco Simonelli at 2024-05-06T19:17:19+02:00 Bug 41459: WebRTC fails to build under mingw (Part 1) - properly define NOMINMAX for just MSVC builds - - - - - d6aa1817 by Marco Simonelli at 2024-05-06T19:17:19+02:00 Bug 41459: WebRTC fails to build under mingw (Part 2) - fixes required to build third_party/libwebrtc - - - - - bf40638a by Marco Simonelli at 2024-05-06T19:17:19+02:00 Bug 41459: WebRTC fails to build under mingw (Part 3) - fixes required to build third_party/sipcc - - - - - 7828fc2b by Marco Simonelli at 2024-05-06T19:17:20+02:00 Bug 41459: WebRTC fails to build under mingw (Part 4) - fixes requried to build netwerk/sctp - - - - - ae7fe81a by Marco Simonelli at 2024-05-06T19:17:20+02:00 Bug 41459: WebRTC fails to build under mingw (Part 5) - fixes required to build dom/media/webrtc - - - - - 0c4a8026 by Marco Simonelli at 2024-05-06T19:17:20+02:00 Bug 41459: WebRTC fails to build under mingw (Part 6) - fixes required to build dom/media/systemservices - - - - - 83336896 by hackademix at 2024-05-06T19:17:20+02:00 Bug 41854: Allow overriding download spam protection. - - - - - 8b111d92 by Gaba at 2024-05-06T19:17:20+02:00 Adding issue and merge request templates - - - - - 675c814a by Pier Angelo Vendrame at 2024-05-06T19:17:21+02:00 Base Browser's .mozconfigs. Bug 17858: Cannot create incremental MARs for hardened builds. Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff (which is part of mar-tools and is not distributed to end-users) with ASan. Bug 21849: Don't allow SSL key logging. Bug 25741 - TBA: Disable features at compile-time Define MOZ_ANDROID_NETWORK_STATE and MOZ_ANDROID_LOCATION Bug 27623 - Export MOZILLA_OFFICIAL during desktop builds This fixes a problem where some preferences had the wrong default value. Also see bug 27472 where we made a similar fix for Android. Bug 29859: Disable HLS support for now Bug 30463: Explicitly disable MOZ_TELEMETRY_REPORTING Bug 32493: Disable MOZ_SERVICES_HEALTHREPORT Bug 33734: Set MOZ_NORMANDY to False Bug 33851: Omit Parental Controls. Bug 40252: Add --enable-rust-simd to our tor-browser mozconfig files Bug 41584: Move some configuration options to base-browser level - - - - - 0073ee59 by Pier Angelo Vendrame at 2024-05-06T19:17:21+02:00 Tweaks to the build system Bug 40857: Modified the fat .aar creation file This is a workaround to build fat .aars with the compiling enviornment disabled. Mozilla does not use a similar configuration, but either runs a Firefox build and discards its output, or uses artifacts build. We might switch to artifact builds too, and drop this patch, or write a better one to upstream. But until then we need this patch. See also https://bugzilla.mozilla.org/show_bug.cgi?id=1763770. Bug 41458: Prevent `mach package-multi-locale` from actually creating a package macOS builds need some files to be moved around with ./mach package-multi-locale to create multi-locale packages. The required command isn't exposed through any other mach command. So, we patch package-multi-locale both to prevent it from failing when doing official builds and to detect any future changes on it. - - - - - 627a96c7 by Pier Angelo Vendrame at 2024-05-06T19:17:21+02:00 Bug 41108: Remove privileged macOS installation from 102 - - - - - a358d88b by Dan Ballard at 2024-05-06T19:17:21+02:00 Bug 41149: Re-enable DLL injection protection in all builds not just nightlies - - - - - 5f490168 by Matthew Finkel at 2024-05-06T19:17:22+02:00 Bug 24796: Comment out excess permissions from GeckoView The GeckoView AndroidManifest.xml is not preprocessed unlike Fennec's manifest, so we can't use the ifdef preprocessor guards around the permissions we do not want. Commenting the permissions is the next-best-thing. - - - - - 05e47204 by Matthew Finkel at 2024-05-06T19:17:22+02:00 Bug 28125: Prevent non-Necko network connections - - - - - 43395966 by Mike Perry at 2024-05-06T19:17:22+02:00 Bug 12974: Disable NTLM and Negotiate HTTP Auth The Mozilla bugs: https://bugzilla.mozilla.org/show_bug.cgi?id=1046421, https://bugzilla.mozilla.org/show_bug.cgi?id=1261591, tor-browser#27602 - - - - - 90383d3d by Alex Catarineu at 2024-05-06T19:17:22+02:00 Bug 40166: Disable security.certerrors.mitm.auto_enable_enterprise_roots Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1768899 - - - - - b25fb8a6 by Georg Koppen at 2024-05-06T19:17:22+02:00 Bug 16285: Exclude ClearKey system for now In the past the ClearKey system had not been compiled when specifying --disable-eme. But that changed and it is even bundled nowadays (see: Mozilla's bug 1300654). We don't want to ship it right now as the use case for it is not really visible while the code had security vulnerabilities in the past. - - - - - ec7c48b4 by Kathy Brade at 2024-05-06T19:17:23+02:00 Bug 21431: Clean-up system extensions shipped in Firefox Only ship the pdfjs extension. - - - - - a0b61292 by Kathy Brade at 2024-05-06T19:17:23+02:00 Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc. Hide elements on about:logins that mention sync, "Firefox LockWise", and Mozilla's LockWise mobile apps. Disable the "Create New Login" button when security.nocertdb is true. - - - - - 5d7765f9 by Alex Catarineu at 2024-05-06T19:17:23+02:00 Bug 41457: Remove Mozilla permissions Bug 40025: Remove Mozilla add-on install permissions - - - - - 69943e4e by Kathy Brade at 2024-05-06T19:17:23+02:00 Bug 40002: Remove about:ion Firefox Ion (previously Firefox Pioneer) is an opt-in program in which people volunteer to participate in studies that collect detailed, sensitive data about how they use their browser. Bug 41662: Disable about:sync-logs Even though we disable sync by default with `identity.fxaccounts.enabled`, this about: page is still avilable. We could throw an exception on the constructor of the related component, but it would result only in an error in the console, without a visible "this address does not look right" error page. If we fix the issues with MOZ_SERVICES_SYNC, we can restore the component. - - - - - dd3891f7 by Arthur Edelstein at 2024-05-06T19:17:23+02:00 Bug 26353: Prevent speculative connect that violated FPI. Connections were observed in the catch-all circuit when the user entered an https or http URL in the URL bar, or typed a search term. - - - - - a923ebc8 by Alex Catarineu at 2024-05-06T19:17:24+02:00 Bug 31740: Remove some unnecessary RemoteSettings instances More concretely, SearchService.jsm 'hijack-blocklists' and url-classifier-skip-urls. Avoid creating instance for 'anti-tracking-url-decoration'. If prefs are disabling their usage, avoid creating instances for 'cert-revocations' and 'intermediates'. Do not ship JSON dumps for collections we do not expect to need. For the ones in the 'main' bucket, this prevents them from being synced unnecessarily (the code in remote-settings does so for collections in the main bucket for which a dump or local data exists). For the collections in the other buckets, we just save some size by not shipping their dumps. We also clear the collections database on the v2 -> v3 migration. - - - - - 8785339c by cypherpunks1 at 2024-05-06T19:17:24+02:00 Bug 41092: Add a RemoteSettings JSON dump for query-stripping - - - - - 7ba23f31 by Pier Angelo Vendrame at 2024-05-06T19:17:24+02:00 Bug 41635: Disable the Normandy component Do not include Normandy at all whenever MOZ_NORMANDY is False. - - - - - 3e47257c by Georg Koppen at 2024-05-06T19:17:24+02:00 Bug 30541: Disable WebGL readPixel() for web content Related Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1428034 - - - - - 1f8cb9c0 by Alex Catarineu at 2024-05-06T19:17:25+02:00 Bug 28369: Stop shipping pingsender executable - - - - - a5a31db5 by cypherpunks1 at 2024-05-06T19:17:25+02:00 Bug 41568: Disable LaterRun - - - - - abfd56a0 by cypherpunks1 at 2024-05-06T19:17:25+02:00 Bug 40717: Hide Windows SSO in settings - - - - - 077311e6 by Pier Angelo Vendrame at 2024-05-06T19:17:25+02:00 Bug 41599: Always return an empty string as network ID Firefox computes an internal network ID used to detect network changes and act consequently (e.g., to improve WebSocket UX). However, there are a few ways to get this internal network ID, so we patch them out, to be sure any new code will not be able to use them and possibly link users. We also sent a patch to Mozilla to seed the internal network ID, to prevent any accidental leak in the future. Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1817756 - - - - - 2718a926 by cypherpunks1 at 2024-05-06T19:17:25+02:00 Bug 40175: Add origin attributes to about:reader top-level requests - - - - - 50700227 by Richard Pospesel at 2024-05-06T19:17:26+02:00 Bug 41327: Disable UrlbarProviderInterventions - - - - - 64c3e7c2 by Richard Pospesel at 2024-05-06T19:17:26+02:00 Bug 42037: Disable about:firefoxview page - - - - - 70b9eac7 by Mike Perry at 2024-05-06T19:17:26+02:00 Firefox preference overrides. This hack directly includes our preference changes in omni.ja. Bug 18292: Staged updates fail on Windows Temporarily disable staged updates on Windows. Bug 18297: Use separate Noto JP,KR,SC,TC fonts Bug 23404: Add Noto Sans Buginese to the macOS whitelist Bug 23745: Set dom.indexedDB.enabled = true Bug 13575: Disable randomised Firefox HTTP cache decay user tests. (Fernando Fernandez Mancera <ffmancera(a)riseup.net>) Bug 17252: Enable session identifiers with FPI Session tickets and session identifiers were isolated by OriginAttributes, so we can re-enable them by allowing the default value (true) of "security.ssl.disable_session_identifiers". The pref "security.enable_tls_session_tickets" is obsolete (removed in https://bugzilla.mozilla.org/917049) Bug 14952: Enable http/2 and AltSvc In Firefox, SPDY/HTTP2 now uses Origin Attributes for isolation of connections, push streams, origin frames, etc. That means we get first-party isolation provided "privacy.firstparty.isolate" is true. So in this patch, we stop overriding "network.http.spdy.enabled" and "network.http.spdy.enabled.http2". Alternate Services also use Origin Attributes for isolation. So we stop overriding "network.http.altsvc.enabled" and "network.http.altsvc.oe" as well. (All 4 of the abovementioned "network.http.*" prefs adopt Firefox 60ESR's default value of true.) However, we want to disable HTTP/2 push for now, so we set "network.http.spdy.allow-push" to false. "network.http.spdy.enabled.http2draft" was removed in Bug 1132357. "network.http.sped.enabled.v2" was removed in Bug 912550. "network.http.sped.enabled.v3" was removed in Bug 1097944. "network.http.sped.enabled.v3-1" was removed in Bug 1248197. Bug 26114: addons.mozilla.org is not special * Don't expose navigator.mozAddonManager on any site * Don't block NoScript from modifying addons.mozilla.org or other sites Enable ReaderView mode again (#27281). Bug 29916: Make sure enterprise policies are disabled Bug 2874: Block Components.interfaces from content Bug 26146: Spoof HTTP User-Agent header for desktop platforms In Tor Browser 8.0, the OS was revealed in both the HTTP User-Agent header and to JavaScript code via navigator.userAgent. To avoid leaking the OS inside each HTTP request (which many web servers log), always use the Windows 7 OS value in the desktop User-Agent header. We continue to allow access to the actual OS via JavaScript, since doing so improves compatibility with web applications such as GitHub and Google Docs. Bug 12885: Windows Jump Lists fail for Tor Browser Jumplist entries are stored in a binary file in: %APPDATA%\\Microsoft\Windows\Recent\CustomDestinations\ and has a name in the form [a-f0-9]+.customDestinations-ms The hex at the front is unique per app, and is ultimately derived from something called the 'App User Model ID' (AUMID) via some unknown hashing method. The AUMID is provided as a key when programmatically creating, updating, and deleting a jumplist. The default behaviour in firefox is for the installer to define an AUMID for an app, and save it in the registry so that the jumplist data can be removed by the uninstaller. However, the Tor Browser does not set this (or any other) regkey during installation, so this codepath fails and the app's AUMID is left undefined. As a result the app's AUMID ends up being defined by windows, but unknowable by Tor Browser. This unknown AUMID is used to create and modify the jumplist, but the delete API requires that we provide the app's AUMID explicitly. Since we don't know what the AUMID is (since the expected regkey where it is normally stored does not exist) jumplist deletion will fail and we will leave behind a mostly empty customDestinations-ms file. The name of the file is derived from the binary path, so an enterprising person could reverse engineer how that hex name is calculated, and generate the name for Tor Browser's default Desktop installation path to determine whether a person had used Tor Browser in the past. The 'taskbar.grouping.useprofile' option that is enabled by this patch works around this AUMID problem by having firefox.exe create it's own AUMID based on the profile path (rather than looking for a regkey). This way, if a user goes in and enables and disables jumplist entries, the backing store is properly deleted. Unfortunately, all windows users currently have this file lurking in the above mentioned directory and this patch will not remove it since it was created with an unknown AUMID. However, another patch could be written which goes to that directory and deletes any item containing the 'Tor Browser' string. See bug 28996. Bug 30845: Make sure default themes and other internal extensions are enabled Bug 28896: Enable extensions in private browsing by default Bug 31065: Explicitly allow proxying localhost Bug 31598: Enable letterboxing Disable Presentation API everywhere Bug 21549 - Use Firefox's WASM default pref. It is disabled at safer security levels. Bug 32321: Disable Mozilla's MitM pings Bug 19890: Disable installation of system addons By setting the URL to "" we make sure that already installed system addons get deleted as well. Bug 22548: Firefox downgrades VP9 videos to VP8. On systems where H.264 is not available or no HWA, VP9 is preferred. But in Tor Browser 7.0 all youtube videos are degraded to VP8. This behaviour can be turned off by setting media.benchmark.vp9.threshold to 0. All clients will get better experience and lower traffic, beause TBB doesn't use "Use hardware acceleration when available". Bug 25741 - TBA: Add mobile-override of 000-tor-browser prefs Bug 16441: Suppress "Reset Tor Browser" prompt. Bug 29120: Use the in-memory media cache and increase its maximum size. Bug 33697: use old search config based on list.json Bug 33855: Ensure that site-specific browser mode is disabled. Bug 30682: Disable Intermediate CA Preloading. Bug 40061: Omit the Windows default browser agent from the build Bug 40322: Consider disabling network.connectivity-service.enabled Bug 40408: Disallow SVG Context Paint in all web content Bug 40308: Disable network partitioning until we evaluate dFPI Bug 40322: Consider disabling network.connectivity-service.enabled Bug 40383: Disable dom.enable_event_timing Bug 40423: Disable http/3 Bug 40177: Update prefs for Fx91esr Bug 40700: Disable addons and features recommendations Bug 40682: Disable network.proxy.allow_bypass Bug 40736: Disable third-party cookies in PBM Bug 19850: Enabled HTTPS-Only by default Bug 40912: Hide the screenshot menu Bug 41292: Disable moreFromMozilla in preferences page Bug 40057: Ensure the CSS4 system colors are not a fingerprinting vector Bug 24686: Set network.http.tailing.enabled to true Bug 40183: Disable TLS ciphersuites using SHA-1 Bug 40783: Review 000-tor-browser.js and 001-base-profile.js for 102 We reviewed all the preferences we set for 102, and remove a few old ones. See the description of that issue to see all the preferences we believed were still valid for 102, and some brief description for the reasons to keep them. - - - - - 36961f59 by Pier Angelo Vendrame at 2024-05-06T19:17:26+02:00 fixup! Firefox preference overrides. Bug 42315: Drop dom.enable_event_timing. It is already protected by RFP. - - - - - b8c066f5 by Pier Angelo Vendrame at 2024-05-06T19:17:26+02:00 Bug 41043: Hardcode the UI font on Linux The mechanism to choose the UI font does not play well with our fontconfig configuration. As a result, the final criterion to choose the font for the UI was its version. Since we hardcode Arimo as a default sans-serif on preferences, we use it also for the UI. FontConfig will fall back to some other font for scripts Arimo does not cover as expected (we tested with Japanese). - - - - - 51a17779 by Pier Angelo Vendrame at 2024-05-06T19:17:27+02:00 Bug 41901: Hardcode normalized FontSubstitutes. Windows has a system to set font aliases through the registry. This allows some customization that could be used as a fingerprinting vector. Moreover, this mechanism is used by Windows itself, and different SKUs might have different default FontSubstitutes. - - - - - 17e5614a by Alex Catarineu at 2024-05-06T19:17:27+02:00 Bug 30605: Honor privacy.spoof_english in Android This checks `privacy.spoof_english` whenever `setLocales` is called from Fenix side and sets `intl.accept_languages` accordingly. Bug 40198: Expose privacy.spoof_english pref in GeckoView - - - - - ff97b6fb by Alex Catarineu at 2024-05-06T19:17:27+02:00 Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView - - - - - 496e767e by Alex Catarineu at 2024-05-06T19:17:27+02:00 Bug 40171: Make WebRequest and GeckoWebExecutor First-Party aware - - - - - 4865faf0 by Alex Catarineu at 2024-05-06T19:17:27+02:00 Bug 26345: Hide tracking protection UI - - - - - c0196c55 by Pier Angelo Vendrame at 2024-05-06T19:17:28+02:00 Bug 9173: Change the default Firefox profile directory to be relative. This commit makes Firefox look for the default profile directory in a directory relative to the binary path. The directory can be specified through the --with-relative-data-dir. This is relative to the same directory as the firefox main binary for Linux and Windows. On macOS, we remove Contents/MacOS from it. Or, in other words, the directory is relative to the application bundle. This behavior can be overriden at runtime, by placing a file called system-install adjacent to the firefox main binary (also on macOS). - - - - - 79767805 by Pier Angelo Vendrame at 2024-05-06T19:17:28+02:00 fixup! Bug 9173: Change the default Firefox profile directory to be relative. Bug 42519: Disable portable mode also if is-packaged-app is present. That is the file Firefox uses for .deb packages. - - - - - 05306334 by Pier Angelo Vendrame at 2024-05-06T19:17:28+02:00 fixup! Bug 9173: Change the default Firefox profile directory to be relative. Bug 42536: Fix !985 on macOS. - - - - - 26fc1a91 by Alex Catarineu at 2024-05-06T19:17:28+02:00 Bug 27604: Fix addon issues when moving the profile directory Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1429838 - - - - - 67e7a1ce by Mike Perry at 2024-05-06T19:17:29+02:00 Bug 13028: Prevent potential proxy bypass cases. It looks like these cases should only be invoked in the NSS command line tools, and not the browser, but I decided to patch them anyway because there literally is a maze of network function pointers being passed around, and it's very hard to tell if some random code might not pass in the proper proxied versions of the networking code here by accident. Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1433509 - - - - - 7e01e403 by Pier Angelo Vendrame at 2024-05-07T10:10:47+02:00 Bug 40309: Avoid using regional OS locales Avoid regional OS locales if the pref `intl.regional_prefs.use_os_locales` is false but RFP is enabled. - - - - - 66c42a70 by Matthew Finkel at 2024-05-07T10:10:48+02:00 Bug 40432: Prevent probing installed applications Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1711084 - - - - - dc7800f1 by cypherpunks1 at 2024-05-07T10:10:48+02:00 Bug 33955: When copying an image only copy the image contents to the clipboard - - - - - b8a79a9e by cypherpunks1 at 2024-05-07T10:10:48+02:00 Bug 41791: Omit the source URL when copying page contents to the clipboard - - - - - e457b7be by hackademix at 2024-05-07T10:10:48+02:00 Bug 42288: Allow language spoofing in status messages. - - - - - 756c4eef by Richard Pospesel at 2024-05-07T10:10:48+02:00 Bug 41659: Add canonical color definitions to base-browser - - - - - 2c46198a by Pier Angelo Vendrame at 2024-05-07T10:10:49+02:00 Base Browser strings This commit adds all the strings needed by following Base Browser patches. - - - - - d082c8d6 by hackademix at 2024-05-07T10:10:49+02:00 fixup! Base Browser strings MB 288: Standardize capitalization in Letterboxing preferences - - - - - ec6d4102 by Henry Wilkes at 2024-05-07T10:10:49+02:00 fixup! Base Browser strings Bug 42537: Move base-browser.ftl to toolkit. - - - - - c632ffc3 by Pier Angelo Vendrame at 2024-05-07T10:10:49+02:00 Bug 41369: Improve Firefox language settings for multi-lingual packages Change the language selector to be sorted by language code, rather than name, and to display the language code to the user. Bug 41372: Handle Japanese as a special case in preferences on macOS Japanese is treated in a special way on macOS. However, seeing the Japanese language tag could be confusing for users, and moreover the language name is not localized correctly like other langs. Bug 41378: Tell users that they can change their language at the first start With multi-lingual builds, Tor Browser matches the user's system language, but some users might want to change it. So, we tell them that it is possible, but only once. - - - - - bba294a4 by Henry Wilkes at 2024-05-07T10:10:49+02:00 Bug 41966: Allow removing locales from the locale alternatives list. - - - - - 6f89852c by p13dz at 2024-05-07T10:10:50+02:00 Bug 40283: Workaround for the file upload bug - - - - - b6084098 by Arthur Edelstein at 2024-05-07T10:10:50+02:00 Bug 18905: Hide unwanted items from help menu Bug 25660: Remove the "New Private Window" option - - - - - 94c39de6 by cypherpunks1 at 2024-05-07T10:10:50+02:00 Bug 41740: Change the RFP value of devicePixelRatio to 2 - - - - - a66667cf by Pier Angelo Vendrame at 2024-05-07T10:10:50+02:00 Bug 41739: Remove "Website appearance" from about:preferences. It is ignored because of RFP and it is confusing for users. - - - - - 6450a4e6 by cypherpunks1 at 2024-05-07T10:10:50+02:00 Bug 41881: Don't persist custom network requests on private windows - - - - - 27371abc by hackademix at 2024-05-07T10:10:51+02:00 Bug 42019: Empty browser's clipboard on browser shutdown - - - - - 8db75841 by hackademix at 2024-05-07T10:10:51+02:00 Bug 42084: Ensure English spoofing works even if preferences are set out of order. - - - - - 9a859355 by Pier Angelo Vendrame at 2024-05-07T10:10:51+02:00 Bug 42376: Pass the locale list when constructing l10n in datetimebox The datetime input is inconsistent with other inputs when using spoof English: its placeholder is not translated, unlike the default values and texts of all the other inputs. - - - - - 6d9095b1 by hackademix at 2024-05-07T10:10:51+02:00 Bug 42397: Change RFP-spoofed TZ to Atlantic/Reykjavik. - - - - - cbb1bc71 by Pier Angelo Vendrame at 2024-05-07T10:10:52+02:00 Bug 42428: Make RFP spoof the timezone of document.lastModified. - - - - - 1bc19a40 by Pier Angelo Vendrame at 2024-05-07T10:10:52+02:00 Bug 42472: Spoof timezone in XSLT. - - - - - 739023d4 by hackademix at 2024-05-07T10:10:52+02:00 Bug 41434: Letterboxing, preemptively apply margins in a global CSS rule to mitigate race conditions on newly created windows and tabs. - - - - - 6dc41436 by hackademix at 2024-05-07T10:10:52+02:00 Bug 41434: Letterboxing, improve logging. - - - - - 6e9033c1 by hackademix at 2024-05-07T10:10:52+02:00 Bug 31064: Letterboxing, exempt browser extensions. - - - - - 54428ba4 by hackademix at 2024-05-07T10:10:53+02:00 Bug 32411: Letterboxing, exempt view-source: URIs. - - - - - 1ee14db7 by hackademix at 2024-05-07T10:10:53+02:00 Bug 32308: Use direct browser sizing for letterboxing. Bug 30556: align letterboxing with 200x100 new win width stepping - - - - - a22dea6e by hackademix at 2024-05-07T10:10:53+02:00 Bug 41631: Prevent weird initial window dimensions caused by subpixel computations - - - - - ef367ce6 by hackademix at 2024-05-07T10:10:53+02:00 fixup! Bug 41631: Prevent weird initial window dimensions caused by subpixel computations Bug 42520: Correctly record new initial window size after auto-shrinking - - - - - 7f71a6e8 by hackademix at 2024-05-07T10:10:53+02:00 Bug 41918: Option to reuse last window size when letterboxing is enabled. - - - - - b2081b52 by hackademix at 2024-05-07T10:10:54+02:00 fixup! Bug 41918: Option to reuse last window size when letterboxing is enabled. Bug 42500: Fix restored window size after startup maximization - - - - - a394e1f5 by hackademix at 2024-05-07T10:10:54+02:00 Bug 41916: Letterboxing preferences UI - - - - - c3baeaa2 by hackademix at 2024-05-07T10:10:54+02:00 Bug 41695: Warn on window maximization without letterboxing in RFPHelper module - - - - - 069adb0b by hackademix at 2024-05-07T10:10:54+02:00 Bug 42443: Shrink window to match letterboxing size when the emtpy area is clicked. - - - - - 5f7b4e1f by Henry Wilkes at 2024-05-07T10:10:55+02:00 Bug 42528: Don't leak system scrollbar size on windows. - - - - - f527559f by Henry Wilkes at 2024-05-07T10:10:55+02:00 Bug 31575: Disable Firefox Home (Activity Stream) Treat about:blank as the default home page and new tab page. Avoid loading AboutNewTab in BrowserGlue.sys.mjs in order to avoid several network requests that we do not need. Bug 41624: Disable about:pocket-* pages. Bug 40144: Redirect about:privatebrowsing to the user's home - - - - - 0ce7b580 by Kathy Brade at 2024-05-07T10:10:55+02:00 Bug 4234: Use the Firefox Update Process for Base Browser. Windows: disable "runas" code path in updater (15201). Windows: avoid writing to the registry (16236). Also includes fixes for tickets 13047, 13301, 13356, 13594, 15406, 16014, 16909, 24476, and 25909. Also fix bug 27221: purge the startup cache if the Base Browser version changed (even if the Firefox version and build ID did not change), e.g., after a minor Base Browser update. Also fix 32616: Disable GetSecureOutputDirectoryPath() functionality. Bug 26048: potentially confusing "restart to update" message Within the update doorhanger, remove the misleading message that mentions that windows will be restored after an update is applied, and replace the "Restart and Restore" button label with an existing "Restart to update Tor Browser" string. Bug 28885: notify users that update is downloading Add a "Downloading Base Browser update" item which appears in the hamburger (app) menu while the update service is downloading a MAR file. Before this change, the browser did not indicate to the user that an update was in progress, which is especially confusing in Tor Browser because downloads often take some time. If the user clicks on the new menu item, the about dialog is opened to allow the user to see download progress. As part of this fix, the update service was changed to always show update-related messages in the hamburger menu, even if the update was started in the foreground via the about dialog or via the "Check for Tor Browser Update" toolbar menu item. This change is consistent with the Tor Browser goal of making sure users are informed about the update process. Removed #28885 parts of this patch which have been uplifted to Firefox. - - - - - e90729f6 by Henry Wilkes at 2024-05-07T10:10:55+02:00 fixup! Bug 4234: Use the Firefox Update Process for Base Browser. Bug 42537: Move base-browser.ftl to toolkit. - - - - - 57dcd27c by Pier Angelo Vendrame at 2024-05-07T10:10:55+02:00 Bug 42061: Create an alpha update channel. - - - - - f172b0d2 by Nicolas Vigier at 2024-05-07T10:10:56+02:00 Bug 41682: Add base-browser nightly mar signing key - - - - - 48051f5d by Pier Angelo Vendrame at 2024-05-07T10:10:56+02:00 Bug 41603: Customize the creation of MOZ_SOURCE_URL MOZ_SOURCE_URL is created by combining MOZ_SOURCE_REPO and MOZ_SOURCE_CHANGESET. But the code takes for granted that it refers to a Hg instance, so it combines them as `$MOZ_SOURCE_REPO/rev/$MOZ_SOURCE_CHANGESET`. With this commit, we change this logic to combine them to create a URL that is valid for GitLab. $MOZ_SOURCE_CHANGESET needs to be a commit hash, not a branch or a tag. If that is needed, we could use /-/tree/, instead of /-/commit/. - - - - - 5c1b9911 by Pier Angelo Vendrame at 2024-05-07T10:10:56+02:00 Bug 41698: Reword the recommendation badges in about:addons Firefox strings use { -brand-product-name }. As a result, it seems that the fork is recommending extensions, whereas AMO curators are doing that. So, we replace the strings with custom ones that clarify that Mozilla is recommending them. We assign the strings with JS because our translation backend does not support Fluent attributes, yet, but once it does, we should switch to them, instead. Upstream bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1825033 - - - - - 4cb7c4e1 by Henry Wilkes at 2024-05-07T10:10:56+02:00 fixup! Bug 41698: Reword the recommendation badges in about:addons Bug 42537: Move base-browser.ftl to toolkit. - - - - - 4eac5d49 by Pier Angelo Vendrame at 2024-05-07T10:10:56+02:00 Bug 42438: Tweaks to the migration wizard. Remove the items not compatible with our features (such as history) from the migration wizard. On Linux, allow to specify an alternative home directory, since we usually change $HOME in our startup script. - - - - - bdf37b16 by Alex Catarineu at 2024-05-07T10:10:57+02:00 Bug 40069: Add helpers for message passing with extensions - - - - - b4d96f04 by Matthew Finkel at 2024-05-07T10:10:57+02:00 Bug 41598: Prevent NoScript from being removed/disabled. Bug 40253: Explicitly allow NoScript in Private Browsing mode. - - - - - 60c08d8f by Henry Wilkes at 2024-05-07T10:10:57+02:00 Bug 41736: Hide NoScript extension's toolbar button by default. This hides it from both the toolbar and the unified extensions panel. We also hide the unified-extension-button if the panel would be empty: not including the NoScript button when it is hidden. As a result, this will be hidden by default until a user installs another extension (or shows the NoScript button and unpins it). - - - - - cd5ab951 by hackademix at 2024-05-07T10:10:57+02:00 Bug 41834: Hide "Can't Be Removed - learn more" menu line for uninstallable add-ons - - - - - 1db0dcdf by Pier Angelo Vendrame at 2024-05-07T10:10:57+02:00 Bug 40925: Implemented the Security Level component This component adds a new Security Level toolbar button which visually indicates the current global security level via icon (as defined by the extensions.torbutton.security_slider pref), a drop-down hanger with a short description of the current security level, and a new section in the about:preferences#privacy page where users can change their current security level. In addition, the hanger and the preferences page will show a visual warning when the user has modified prefs associated with the security level and provide a one-click 'Restore Defaults' button to get the user back on recommended settings. Bug 40125: Expose Security Level pref in GeckoView - - - - - 3c667bf9 by Pier Angelo Vendrame at 2024-05-07T10:10:58+02:00 Bug 40926: Implemented the New Identity feature - - - - - e4223979 by hackademix at 2024-05-07T10:10:58+02:00 fixup! Bug 40926: Implemented the New Identity feature Bug 42532: Use the HomePage module for new identity checks. - - - - - 396abb8c by Henry Wilkes at 2024-05-07T10:10:58+02:00 fixup! Bug 40926: Implemented the New Identity feature Bug 42537: Move base-browser.ftl to toolkit. - - - - - f8848955 by Henry Wilkes at 2024-05-07T10:10:58+02:00 Bug 41736: Customize toolbar for base-browser. - - - - - b544e52c by Pier Angelo Vendrame at 2024-05-07T10:10:59+02:00 Bug 42027: Base Browser migration procedures. This commit implmenents the the Base Browser's version of _migrateUI. - - - - - 38f96069 by Pier Angelo Vendrame at 2024-05-07T10:16:41+02:00 MB 38: Mullvad Browser configuration - - - - - fbf8a5da by Pier Angelo Vendrame at 2024-05-07T10:16:41+02:00 MB 1: Mullvad Browser branding See also: mullvad-browser#5: Product name and directory customization mullvad-browser#12: Create new branding directories and integrate Mullvad icons+branding mullvad-browser#14: Remove Default Built-in bookmarks mullvad-browser#35: Add custom PDF icons for Windows builds mullvad-browser#48: Replace Mozilla copyright and legal trademarks in mullvadbrowser.exe metadata mullvad-browser#51: Update trademark string mullvad-browser#104: Update shipped dll metadata copyright/licensing info mullvad-browser#107: Add alpha and nightly icons - - - - - 4c5fb0aa by Pier Angelo Vendrame at 2024-05-07T10:16:41+02:00 fixup! MB 1: Mullvad Browser branding MB 284: Customize logs in about:debugging. - - - - - 8b307f7d by Pier Angelo Vendrame at 2024-05-07T10:16:41+02:00 MB 20: Allow packaged-addons in PBM. We install a few addons from the distribution directory, but they are not automatically enabled for PBM mode. This commit modifies the code that installs them to also add the PBM permission to the known ones. - - - - - 01080c39 by Pier Angelo Vendrame at 2024-05-07T10:16:42+02:00 MB 63: Customize some about pages for Mullvad Browser Also: mullvad-browser#57: Purge unneeded about: pages - - - - - 4dc715ff by Pier Angelo Vendrame at 2024-05-07T10:16:42+02:00 MB 37: Customization for the about dialog - - - - - 464c4b5b by Henry Wilkes at 2024-05-07T10:16:42+02:00 MB 39: Add home page about:mullvad-browser - - - - - ad2fe712 by hackademix at 2024-05-07T10:16:42+02:00 MB 97: Remove UI cues to install new extensions. - - - - - 684b7434 by hackademix at 2024-05-07T10:16:42+02:00 MB 47: uBlock Origin customization - - - - - bb38af62 by Pier Angelo Vendrame at 2024-05-07T10:16:43+02:00 MB 21: Disable the password manager This commit disables the about:login page and removes the "Login and Password" section of about:preferences. We do not do anything to the real password manager of Firefox, that is in toolkit: it contains C++ parts that make it difficult to actually prevent it from being built.. Finally, we modify the the function that opens about:login to report an error in the console so that we can quickly get a backtrace to the code that tries to use it. - - - - - 9565e938 by Pier Angelo Vendrame at 2024-05-07T10:16:43+02:00 MB 112: Updater customization for Mullvad Browser MB 71: Set the updater base URL to Mullvad domain - - - - - b1a45c22 by Nicolas Vigier at 2024-05-07T10:16:43+02:00 MB 79: Add Mullvad Browser MAR signing keys MB 256: Add mullvad-browser nightly mar signing key - - - - - 436c3183 by Pier Angelo Vendrame at 2024-05-07T10:16:43+02:00 MB 34: Hide unsafe and unwanted preferences UI about:preferences allow to override some of our defaults, that could be fingeprintable or have some other unwanted consequences. - - - - - 26135684 by Pier Angelo Vendrame at 2024-05-07T10:16:44+02:00 MB 160: Disable the cookie exceptions button Besides disabling the "Delete on close checkbox", disable also the "Manage Exceptions" button when always using PBM. - - - - - cf0d53c4 by hackademix at 2024-05-07T10:16:44+02:00 MB 163: prevent uBlock Origin from being uninstalled/disabled - - - - - d5dd91f4 by Richard Pospesel at 2024-05-07T10:16:44+02:00 MB 188: Customize Gitlab Issue and Merge templates - - - - - 4e1e3bde by Richard Pospesel at 2024-05-07T10:16:44+02:00 fixup! MB 188: Customize Gitlab Issue and Merge templates emergency security issue for mullvad browser - - - - - fb34f268 by rui hildt at 2024-05-07T10:16:44+02:00 MB 213: Customize the search engines list - - - - - cf051987 by hackademix at 2024-05-07T10:16:45+02:00 MB 214: Enable cross-tab identity leak protection in "quiet" mode - - - - - a9f26ba2 by Pier Angelo Vendrame at 2024-05-07T10:16:45+02:00 MB 234: Disable OS spoofing in HTTP User-Agent. This commits makes it possible to disable OS spoofing in the HTTP User-Agent header, to see if matching header and JS property improve usability. - - - - - bef7d3ba by Pier Angelo Vendrame at 2024-05-07T10:16:45+02:00 MB 80: Enable Mullvad Browser as a default browser - - - - - 30 changed files: - .eslintignore - + .gitlab/issue_templates/Emergency Security Issue.md - + .gitlab/issue_templates/Rebase Browser - Alpha.md - + .gitlab/issue_templates/Rebase Browser - Stable.md - + .gitlab/issue_templates/bug.md - + .gitlab/merge_request_templates/default.md - accessible/android/SessionAccessibility.cpp - accessible/android/SessionAccessibility.h - accessible/ipc/DocAccessibleParent.cpp - accessible/ipc/DocAccessibleParent.h - accessible/ipc/moz.build - − browser/actors/RFPHelperChild.sys.mjs - − browser/actors/RFPHelperParent.sys.mjs - browser/actors/moz.build - browser/app/Makefile.in - browser/app/macbuild/Contents/Info.plist.in - browser/app/macbuild/Contents/MacOS-files.in - browser/app/module.ver - browser/app/moz.build - browser/app/firefox.exe.manifest → browser/app/mullvadbrowser.exe.manifest - browser/app/permissions - + browser/app/profile/000-mullvad-browser.js - + browser/app/profile/001-base-profile.js - browser/app/profile/firefox.js - browser/base/content/aboutDialog-appUpdater.js - browser/base/content/aboutDialog.js - browser/base/content/aboutDialog.xhtml - browser/base/content/appmenu-viewcache.inc.xhtml - browser/base/content/browser-addons.js - browser/base/content/browser-context.inc The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/3e… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/3e… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.11.0esr-13.0-1] 150 commits: Bug 1819160 - Map Android ids to doc/accessible id pairs. r=Jamie
by richard (＠richard) 07 May '24

07 May '24

richard pushed to branch tor-browser-115.11.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: 4b3eb5ba by Eitan Isaacson at 2024-05-06T19:16:16+02:00 Bug 1819160 - Map Android ids to doc/accessible id pairs. r=Jamie Differential Revision: https://phabricator.services.mozilla.com/D179737 - - - - - e27667f2 by Pier Angelo Vendrame at 2024-05-06T19:16:16+02:00 Bug 1832523 - Allow using NSS to sign and verify MAR signatures. r=application-update-reviewers,glandium,bytesized Allow using NSS for checking MAR signatures also in platforms where OS-native APIs are used by default, i.e., macOS and Windows. Differential Revision: https://phabricator.services.mozilla.com/D177743 - - - - - ba5a77ae by Pier Angelo Vendrame at 2024-05-06T19:16:16+02:00 Bug 1849129: Prevent exceptions caused by extensions from interrupting the SearchService initialization. r=search-reviewers,Standard8 Differential Revision: https://phabricator.services.mozilla.com/D186456 - - - - - 9f698d4a by Emilio Cobos Álvarez at 2024-05-06T19:16:16+02:00 Bug 1853731 - Use html:img for message-bar-icon. r=Gijs,dao,settings-reviewers,desktop-theme-reviewers,sfoster Differential Revision: https://phabricator.services.mozilla.com/D188521 - - - - - d302c6b9 by Pier Angelo Vendrame at 2024-05-06T19:16:17+02:00 Bug 1854117 - Sort the DLL blocklist flags. r=mossop,win-reviewers,gstoll Differential Revision: https://phabricator.services.mozilla.com/D188716 - - - - - 19464f68 by Eden Chuang at 2024-05-06T19:16:17+02:00 Bug 1738426 - Ignoring status 206 and vary header checking for opaque response in Cache API. r=asuth Differential Revision: https://phabricator.services.mozilla.com/D186431 - - - - - c12c4da8 by edgul at 2024-05-06T19:16:17+02:00 Bug 1802057 - Block the following characters from use in the cookie name in the cookie string: 0x3B (semi-colon), 0x3D (equals), and 0x7F (del) r=dveditz,cookie-reviewers Differential Revision: https://phabricator.services.mozilla.com/D182373 - - - - - 6bc5c20a by Kelsey Gilbert at 2024-05-06T19:16:17+02:00 Bug 1819497 - Don't race on static bool for initialization. r=gfx-reviewers,aosmond We could do non-racy static init here (e.g. with a static initializer self-calling-closure), but there doesn't seem to be a strong reason for this. Let's just use a switch and get robustness from -Werror=switch. Differential Revision: https://phabricator.services.mozilla.com/D188054 - - - - - 4e645984 by Mark Banner at 2024-05-06T19:16:17+02:00 Bug 1845752. r=ckerschb Differential Revision: https://phabricator.services.mozilla.com/D186676 - - - - - 8085f31b by Bob Owen at 2024-05-06T19:16:18+02:00 Bug 1850072: Initialize RecordedDrawTargetCreation::mHasExistingData. r=jrmuizel This also specializes ElementStreamFormat for bool. Differential Revision: https://phabricator.services.mozilla.com/D187794 - - - - - e679f319 by Malte Juergens at 2024-05-06T19:16:18+02:00 Bug 1850200 - Add delay to HTTPS-Only "Continue to HTTPS Site" button r=freddyb Differential Revision: https://phabricator.services.mozilla.com/D187887 - - - - - 7247d356 by Andreas Pehrson at 2024-05-06T19:16:18+02:00 Bug 1851803 - Introduce SourceMediaTrack::mDirectDisabledMode. r=karlt Similar to MediaTrack::mDisabledMode, but this is for uses on the SourceMediaTrack producer thread. It is still signaled via a control message from the control thread to maintain order of operations, and is protected by the SourceMediaTrack mutex. Differential Revision: https://phabricator.services.mozilla.com/D187554 - - - - - 4936b50a by Pier Angelo Vendrame at 2024-05-06T19:16:18+02:00 Bug 1860020 - Remove the assertion on the value of toolkit.telemetry.enabled. r=KrisWright,chutten Bug 1444275 introduced an assertion on the parent process to check that the value of toolkit.telemetry.enabled is the expected one. However, this expected value could be different from the one set and locked e.g. in some forks. Therefore, the assertion prevented debug builds from working in these cases. Differential Revision: https://phabricator.services.mozilla.com/D195080 - - - - - db3286f5 by Kagami Sascha Rosylight at 2024-05-06T19:16:18+02:00 Bug 1865238 - Use One UI Sans KR VF for Korean sans-serif font on Android r=jfkthame Per /etc/fonts.xml, there are now only two `<family lang="ko">` nodes there: * OneUISansKRVF series * SECCJK series (but no KR postfix anymore?) This patch uses One UI Sans KR VF as the replacement as this is newer and is a variable font (tested with https://codepen.io/SaschaNaz/pen/ExrdYXJ) Differential Revision: https://phabricator.services.mozilla.com/D195078 - - - - - b9adce3d by Pier Angelo Vendrame at 2024-05-06T19:16:19+02:00 Bug 1875306 - Localize numbers in the underflow and overflow error messages. r=emilio Differential Revision: https://phabricator.services.mozilla.com/D198965 - - - - - bb142806 by Pier Angelo Vendrame at 2024-05-06T19:16:19+02:00 Bug 1875313 - Use en-US as a fallback when spoof English is enabled in ICUUtils. r=timhuang,tjr Differential Revision: https://phabricator.services.mozilla.com/D198967 - - - - - 73d3bc88 by Pier Angelo Vendrame at 2024-05-06T19:16:19+02:00 Bug 1880988 - Apply spoof English to the default detail summary. r=emilio Differential Revision: https://phabricator.services.mozilla.com/D202203 - - - - - efa03ba4 by Tom Ritter at 2024-05-06T19:16:19+02:00 Bug 1885258: Hidden fonts should obey the allow list r=jfkthame Differential Revision: https://phabricator.services.mozilla.com/D204571 - - - - - 5c373804 by Henry Wilkes at 2024-05-06T19:16:20+02:00 Bug 41454: Move focus after calling openPreferences for a sub-category. Temporary fix until mozilla bug 1799153 gets a patch upstream. - - - - - 0d73ec6c by hackademix at 2024-05-06T19:16:20+02:00 Bug 42194: Fix blank net error page on failed DNS resolution with active proxy. - - - - - 93dc210f by Henry Wilkes at 2024-05-06T19:16:20+02:00 Bug 41483: Remove the firefox override for appstrings.properties Remove this patch after upstream bugzilla bug 1790187 - - - - - 3d661fd3 by Pier Angelo Vendrame at 2024-05-06T19:16:20+02:00 Bug 41116: Normalize system fonts. System fonts are an enormous fingerprinting vector. Even with font allow lists and with our custom configuration on Linux, which counter metrics measurements, getComputedStyle leaks several details. This patch counters both these kinds of attacks. - - - - - c366e7ff by Marco Simonelli at 2024-05-06T19:16:20+02:00 Bug 41459: WebRTC fails to build under mingw (Part 1) - properly define NOMINMAX for just MSVC builds - - - - - 0f320327 by Marco Simonelli at 2024-05-06T19:16:21+02:00 Bug 41459: WebRTC fails to build under mingw (Part 2) - fixes required to build third_party/libwebrtc - - - - - d498f3bb by Marco Simonelli at 2024-05-06T19:16:21+02:00 Bug 41459: WebRTC fails to build under mingw (Part 3) - fixes required to build third_party/sipcc - - - - - d1f5b500 by Marco Simonelli at 2024-05-06T19:16:21+02:00 Bug 41459: WebRTC fails to build under mingw (Part 4) - fixes requried to build netwerk/sctp - - - - - 5e0e3f39 by Marco Simonelli at 2024-05-06T19:16:21+02:00 Bug 41459: WebRTC fails to build under mingw (Part 5) - fixes required to build dom/media/webrtc - - - - - 81470d2a by Marco Simonelli at 2024-05-06T19:16:21+02:00 Bug 41459: WebRTC fails to build under mingw (Part 6) - fixes required to build dom/media/systemservices - - - - - b5d546b9 by hackademix at 2024-05-06T19:16:22+02:00 Bug 41854: Allow overriding download spam protection. - - - - - e6cf6117 by Gaba at 2024-05-06T19:16:22+02:00 Adding issue and merge request templates - - - - - cafc8106 by Pier Angelo Vendrame at 2024-05-06T19:16:22+02:00 Base Browser's .mozconfigs. Bug 17858: Cannot create incremental MARs for hardened builds. Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff (which is part of mar-tools and is not distributed to end-users) with ASan. Bug 21849: Don't allow SSL key logging. Bug 25741 - TBA: Disable features at compile-time Define MOZ_ANDROID_NETWORK_STATE and MOZ_ANDROID_LOCATION Bug 27623 - Export MOZILLA_OFFICIAL during desktop builds This fixes a problem where some preferences had the wrong default value. Also see bug 27472 where we made a similar fix for Android. Bug 29859: Disable HLS support for now Bug 30463: Explicitly disable MOZ_TELEMETRY_REPORTING Bug 32493: Disable MOZ_SERVICES_HEALTHREPORT Bug 33734: Set MOZ_NORMANDY to False Bug 33851: Omit Parental Controls. Bug 40252: Add --enable-rust-simd to our tor-browser mozconfig files Bug 41584: Move some configuration options to base-browser level - - - - - 8da531f0 by Pier Angelo Vendrame at 2024-05-06T19:16:22+02:00 Tweaks to the build system Bug 40857: Modified the fat .aar creation file This is a workaround to build fat .aars with the compiling enviornment disabled. Mozilla does not use a similar configuration, but either runs a Firefox build and discards its output, or uses artifacts build. We might switch to artifact builds too, and drop this patch, or write a better one to upstream. But until then we need this patch. See also https://bugzilla.mozilla.org/show_bug.cgi?id=1763770. Bug 41458: Prevent `mach package-multi-locale` from actually creating a package macOS builds need some files to be moved around with ./mach package-multi-locale to create multi-locale packages. The required command isn't exposed through any other mach command. So, we patch package-multi-locale both to prevent it from failing when doing official builds and to detect any future changes on it. - - - - - 2a235d2c by Pier Angelo Vendrame at 2024-05-06T19:16:23+02:00 Bug 41108: Remove privileged macOS installation from 102 - - - - - 4d3a4ab8 by Dan Ballard at 2024-05-06T19:16:23+02:00 Bug 41149: Re-enable DLL injection protection in all builds not just nightlies - - - - - 9546d154 by Matthew Finkel at 2024-05-06T19:16:23+02:00 Bug 24796: Comment out excess permissions from GeckoView The GeckoView AndroidManifest.xml is not preprocessed unlike Fennec's manifest, so we can't use the ifdef preprocessor guards around the permissions we do not want. Commenting the permissions is the next-best-thing. - - - - - 3fc58dcb by Matthew Finkel at 2024-05-06T19:16:23+02:00 Bug 28125: Prevent non-Necko network connections - - - - - e4470186 by Mike Perry at 2024-05-06T19:16:23+02:00 Bug 12974: Disable NTLM and Negotiate HTTP Auth The Mozilla bugs: https://bugzilla.mozilla.org/show_bug.cgi?id=1046421, https://bugzilla.mozilla.org/show_bug.cgi?id=1261591, tor-browser#27602 - - - - - 13f6a34b by Alex Catarineu at 2024-05-06T19:16:24+02:00 Bug 40166: Disable security.certerrors.mitm.auto_enable_enterprise_roots Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1768899 - - - - - 55dcec00 by Georg Koppen at 2024-05-06T19:16:24+02:00 Bug 16285: Exclude ClearKey system for now In the past the ClearKey system had not been compiled when specifying --disable-eme. But that changed and it is even bundled nowadays (see: Mozilla's bug 1300654). We don't want to ship it right now as the use case for it is not really visible while the code had security vulnerabilities in the past. - - - - - 9066bcdb by Kathy Brade at 2024-05-06T19:16:24+02:00 Bug 21431: Clean-up system extensions shipped in Firefox Only ship the pdfjs extension. - - - - - 6eafb463 by Kathy Brade at 2024-05-06T19:16:24+02:00 Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc. Hide elements on about:logins that mention sync, "Firefox LockWise", and Mozilla's LockWise mobile apps. Disable the "Create New Login" button when security.nocertdb is true. - - - - - 8ca63855 by Alex Catarineu at 2024-05-06T19:16:24+02:00 Bug 41457: Remove Mozilla permissions Bug 40025: Remove Mozilla add-on install permissions - - - - - 5bc66b65 by Kathy Brade at 2024-05-06T19:16:25+02:00 Bug 40002: Remove about:ion Firefox Ion (previously Firefox Pioneer) is an opt-in program in which people volunteer to participate in studies that collect detailed, sensitive data about how they use their browser. Bug 41662: Disable about:sync-logs Even though we disable sync by default with `identity.fxaccounts.enabled`, this about: page is still avilable. We could throw an exception on the constructor of the related component, but it would result only in an error in the console, without a visible "this address does not look right" error page. If we fix the issues with MOZ_SERVICES_SYNC, we can restore the component. - - - - - 3333f4f5 by Arthur Edelstein at 2024-05-06T19:16:25+02:00 Bug 26353: Prevent speculative connect that violated FPI. Connections were observed in the catch-all circuit when the user entered an https or http URL in the URL bar, or typed a search term. - - - - - a1a9d1c3 by Alex Catarineu at 2024-05-06T19:16:25+02:00 Bug 31740: Remove some unnecessary RemoteSettings instances More concretely, SearchService.jsm 'hijack-blocklists' and url-classifier-skip-urls. Avoid creating instance for 'anti-tracking-url-decoration'. If prefs are disabling their usage, avoid creating instances for 'cert-revocations' and 'intermediates'. Do not ship JSON dumps for collections we do not expect to need. For the ones in the 'main' bucket, this prevents them from being synced unnecessarily (the code in remote-settings does so for collections in the main bucket for which a dump or local data exists). For the collections in the other buckets, we just save some size by not shipping their dumps. We also clear the collections database on the v2 -> v3 migration. - - - - - b5b6e613 by cypherpunks1 at 2024-05-06T19:16:25+02:00 Bug 41092: Add a RemoteSettings JSON dump for query-stripping - - - - - 4af763e3 by Pier Angelo Vendrame at 2024-05-06T19:16:26+02:00 Bug 41635: Disable the Normandy component Do not include Normandy at all whenever MOZ_NORMANDY is False. - - - - - 9a20416a by Georg Koppen at 2024-05-06T19:16:26+02:00 Bug 30541: Disable WebGL readPixel() for web content Related Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1428034 - - - - - 357e60b7 by Alex Catarineu at 2024-05-06T19:16:26+02:00 Bug 28369: Stop shipping pingsender executable - - - - - 937c10c0 by cypherpunks1 at 2024-05-06T19:16:26+02:00 Bug 41568: Disable LaterRun - - - - - c6948dd4 by cypherpunks1 at 2024-05-06T19:16:26+02:00 Bug 40717: Hide Windows SSO in settings - - - - - 812ee58c by Pier Angelo Vendrame at 2024-05-06T19:16:27+02:00 Bug 41599: Always return an empty string as network ID Firefox computes an internal network ID used to detect network changes and act consequently (e.g., to improve WebSocket UX). However, there are a few ways to get this internal network ID, so we patch them out, to be sure any new code will not be able to use them and possibly link users. We also sent a patch to Mozilla to seed the internal network ID, to prevent any accidental leak in the future. Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1817756 - - - - - 4fec182f by cypherpunks1 at 2024-05-06T19:16:27+02:00 Bug 40175: Add origin attributes to about:reader top-level requests - - - - - 3eea3491 by Richard Pospesel at 2024-05-06T19:16:27+02:00 Bug 41327: Disable UrlbarProviderInterventions - - - - - 318b14e4 by Richard Pospesel at 2024-05-06T19:16:27+02:00 Bug 42037: Disable about:firefoxview page - - - - - bb3a774c by Mike Perry at 2024-05-07T10:24:08+02:00 Firefox preference overrides. This hack directly includes our preference changes in omni.ja. Bug 18292: Staged updates fail on Windows Temporarily disable staged updates on Windows. Bug 18297: Use separate Noto JP,KR,SC,TC fonts Bug 23404: Add Noto Sans Buginese to the macOS whitelist Bug 23745: Set dom.indexedDB.enabled = true Bug 13575: Disable randomised Firefox HTTP cache decay user tests. (Fernando Fernandez Mancera <ffmancera(a)riseup.net>) Bug 17252: Enable session identifiers with FPI Session tickets and session identifiers were isolated by OriginAttributes, so we can re-enable them by allowing the default value (true) of "security.ssl.disable_session_identifiers". The pref "security.enable_tls_session_tickets" is obsolete (removed in https://bugzilla.mozilla.org/917049) Bug 14952: Enable http/2 and AltSvc In Firefox, SPDY/HTTP2 now uses Origin Attributes for isolation of connections, push streams, origin frames, etc. That means we get first-party isolation provided "privacy.firstparty.isolate" is true. So in this patch, we stop overriding "network.http.spdy.enabled" and "network.http.spdy.enabled.http2". Alternate Services also use Origin Attributes for isolation. So we stop overriding "network.http.altsvc.enabled" and "network.http.altsvc.oe" as well. (All 4 of the abovementioned "network.http.*" prefs adopt Firefox 60ESR's default value of true.) However, we want to disable HTTP/2 push for now, so we set "network.http.spdy.allow-push" to false. "network.http.spdy.enabled.http2draft" was removed in Bug 1132357. "network.http.sped.enabled.v2" was removed in Bug 912550. "network.http.sped.enabled.v3" was removed in Bug 1097944. "network.http.sped.enabled.v3-1" was removed in Bug 1248197. Bug 26114: addons.mozilla.org is not special * Don't expose navigator.mozAddonManager on any site * Don't block NoScript from modifying addons.mozilla.org or other sites Enable ReaderView mode again (#27281). Bug 29916: Make sure enterprise policies are disabled Bug 2874: Block Components.interfaces from content Bug 26146: Spoof HTTP User-Agent header for desktop platforms In Tor Browser 8.0, the OS was revealed in both the HTTP User-Agent header and to JavaScript code via navigator.userAgent. To avoid leaking the OS inside each HTTP request (which many web servers log), always use the Windows 7 OS value in the desktop User-Agent header. We continue to allow access to the actual OS via JavaScript, since doing so improves compatibility with web applications such as GitHub and Google Docs. Bug 12885: Windows Jump Lists fail for Tor Browser Jumplist entries are stored in a binary file in: %APPDATA%\\Microsoft\Windows\Recent\CustomDestinations\ and has a name in the form [a-f0-9]+.customDestinations-ms The hex at the front is unique per app, and is ultimately derived from something called the 'App User Model ID' (AUMID) via some unknown hashing method. The AUMID is provided as a key when programmatically creating, updating, and deleting a jumplist. The default behaviour in firefox is for the installer to define an AUMID for an app, and save it in the registry so that the jumplist data can be removed by the uninstaller. However, the Tor Browser does not set this (or any other) regkey during installation, so this codepath fails and the app's AUMID is left undefined. As a result the app's AUMID ends up being defined by windows, but unknowable by Tor Browser. This unknown AUMID is used to create and modify the jumplist, but the delete API requires that we provide the app's AUMID explicitly. Since we don't know what the AUMID is (since the expected regkey where it is normally stored does not exist) jumplist deletion will fail and we will leave behind a mostly empty customDestinations-ms file. The name of the file is derived from the binary path, so an enterprising person could reverse engineer how that hex name is calculated, and generate the name for Tor Browser's default Desktop installation path to determine whether a person had used Tor Browser in the past. The 'taskbar.grouping.useprofile' option that is enabled by this patch works around this AUMID problem by having firefox.exe create it's own AUMID based on the profile path (rather than looking for a regkey). This way, if a user goes in and enables and disables jumplist entries, the backing store is properly deleted. Unfortunately, all windows users currently have this file lurking in the above mentioned directory and this patch will not remove it since it was created with an unknown AUMID. However, another patch could be written which goes to that directory and deletes any item containing the 'Tor Browser' string. See bug 28996. Bug 30845: Make sure default themes and other internal extensions are enabled Bug 28896: Enable extensions in private browsing by default Bug 31065: Explicitly allow proxying localhost Bug 31598: Enable letterboxing Disable Presentation API everywhere Bug 21549 - Use Firefox's WASM default pref. It is disabled at safer security levels. Bug 32321: Disable Mozilla's MitM pings Bug 19890: Disable installation of system addons By setting the URL to "" we make sure that already installed system addons get deleted as well. Bug 22548: Firefox downgrades VP9 videos to VP8. On systems where H.264 is not available or no HWA, VP9 is preferred. But in Tor Browser 7.0 all youtube videos are degraded to VP8. This behaviour can be turned off by setting media.benchmark.vp9.threshold to 0. All clients will get better experience and lower traffic, beause TBB doesn't use "Use hardware acceleration when available". Bug 25741 - TBA: Add mobile-override of 000-tor-browser prefs Bug 16441: Suppress "Reset Tor Browser" prompt. Bug 29120: Use the in-memory media cache and increase its maximum size. Bug 33697: use old search config based on list.json Bug 33855: Ensure that site-specific browser mode is disabled. Bug 30682: Disable Intermediate CA Preloading. Bug 40061: Omit the Windows default browser agent from the build Bug 40322: Consider disabling network.connectivity-service.enabled Bug 40408: Disallow SVG Context Paint in all web content Bug 40308: Disable network partitioning until we evaluate dFPI Bug 40322: Consider disabling network.connectivity-service.enabled Bug 40383: Disable dom.enable_event_timing Bug 40423: Disable http/3 Bug 40177: Update prefs for Fx91esr Bug 40700: Disable addons and features recommendations Bug 40682: Disable network.proxy.allow_bypass Bug 40736: Disable third-party cookies in PBM Bug 19850: Enabled HTTPS-Only by default Bug 40912: Hide the screenshot menu Bug 41292: Disable moreFromMozilla in preferences page Bug 40057: Ensure the CSS4 system colors are not a fingerprinting vector Bug 24686: Set network.http.tailing.enabled to true Bug 40183: Disable TLS ciphersuites using SHA-1 Bug 40783: Review 000-tor-browser.js and 001-base-profile.js for 102 We reviewed all the preferences we set for 102, and remove a few old ones. See the description of that issue to see all the preferences we believed were still valid for 102, and some brief description for the reasons to keep them. - - - - - b891995a by Richard Pospesel at 2024-05-07T10:24:10+02:00 Bug 41659: Add canonical color definitions to base-browser - - - - - 9fa61a44 by Pier Angelo Vendrame at 2024-05-07T10:24:11+02:00 Bug 41043: Hardcode the UI font on Linux The mechanism to choose the UI font does not play well with our fontconfig configuration. As a result, the final criterion to choose the font for the UI was its version. Since we hardcode Arimo as a default sans-serif on preferences, we use it also for the UI. FontConfig will fall back to some other font for scripts Arimo does not cover as expected (we tested with Japanese). - - - - - e04928b7 by Alex Catarineu at 2024-05-07T10:24:11+02:00 Bug 30605: Honor privacy.spoof_english in Android This checks `privacy.spoof_english` whenever `setLocales` is called from Fenix side and sets `intl.accept_languages` accordingly. Bug 40198: Expose privacy.spoof_english pref in GeckoView - - - - - 726a6a9d by Alex Catarineu at 2024-05-07T10:24:11+02:00 Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView - - - - - 53b3a4e1 by Alex Catarineu at 2024-05-07T10:24:12+02:00 Bug 40171: Make WebRequest and GeckoWebExecutor First-Party aware - - - - - 413a6788 by Alex Catarineu at 2024-05-07T10:24:12+02:00 Bug 26345: Hide tracking protection UI - - - - - a0eefdb5 by Pier Angelo Vendrame at 2024-05-07T10:24:12+02:00 Bug 9173: Change the default Firefox profile directory to be relative. This commit makes Firefox look for the default profile directory in a directory relative to the binary path. The directory can be specified through the --with-relative-data-dir. This is relative to the same directory as the firefox main binary for Linux and Windows. On macOS, we remove Contents/MacOS from it. Or, in other words, the directory is relative to the application bundle. This behavior can be overriden at runtime, by placing a file called system-install adjacent to the firefox main binary (also on macOS). - - - - - b0c75061 by Alex Catarineu at 2024-05-07T10:24:13+02:00 Bug 27604: Fix addon issues when moving the profile directory Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1429838 - - - - - 753ce7a3 by Mike Perry at 2024-05-07T10:24:13+02:00 Bug 13028: Prevent potential proxy bypass cases. It looks like these cases should only be invoked in the NSS command line tools, and not the browser, but I decided to patch them anyway because there literally is a maze of network function pointers being passed around, and it's very hard to tell if some random code might not pass in the proper proxied versions of the networking code here by accident. Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1433509 - - - - - 050a0f29 by Igor Oliveira at 2024-05-07T10:24:13+02:00 Bug 23104: Add a default line height compensation Many fonts have issues with their vertical metrics. they are used to influence the height of ascenders and depth of descenders. Gecko uses it to calculate the line height (font height + ascender + descender), however because of that idiosyncratic behavior across multiple operating systems, it can be used to identify the user's OS. The solution proposed in the patch uses a default factor to be multiplied with the font size, simulating the concept of ascender and descender. This way all operating systems will have the same line height. - - - - - b3184074 by Pier Angelo Vendrame at 2024-05-07T10:24:14+02:00 Bug 40309: Avoid using regional OS locales Avoid regional OS locales if the pref `intl.regional_prefs.use_os_locales` is false but RFP is enabled. - - - - - a4bf8cca by Matthew Finkel at 2024-05-07T10:24:14+02:00 Bug 40432: Prevent probing installed applications Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1711084 - - - - - 21ad23ee by cypherpunks1 at 2024-05-07T10:24:14+02:00 Bug 33955: When copying an image only copy the image contents to the clipboard - - - - - a37e54bd by cypherpunks1 at 2024-05-07T10:24:15+02:00 Bug 41791: Omit the source URL when copying page contents to the clipboard - - - - - 7640c2bd by hackademix at 2024-05-07T10:24:15+02:00 Bug 42288: Allow language spoofing in status messages. - - - - - 4c6cebd2 by Pier Angelo Vendrame at 2024-05-07T10:24:15+02:00 Base Browser strings This commit adds all the strings needed by following Base Browser patches. - - - - - 501d6b53 by hackademix at 2024-05-07T10:24:16+02:00 Bug 41434: Letterboxing, preemptively apply margins in a global CSS rule to mitigate race conditions on newly created windows and tabs. - - - - - c856353c by hackademix at 2024-05-07T10:24:16+02:00 Bug 41434: Letterboxing, improve logging. - - - - - 8b9c23ba by hackademix at 2024-05-07T10:24:16+02:00 Bug 31064: Letterboxing, exempt browser extensions. - - - - - 682f6418 by hackademix at 2024-05-07T10:24:17+02:00 Bug 32411: Letterboxing, exempt view-source: URIs. - - - - - fbadf297 by hackademix at 2024-05-07T10:24:17+02:00 Bug 32308: use direct browser sizing for letterboxing. Bug 30556: align letterboxing with 200x100 new win width stepping - - - - - 93c3577b by hackademix at 2024-05-07T10:24:17+02:00 Bug 41631: Prevent weird initial window dimensions caused by subpixel computations - - - - - 76a66acf by Pier Angelo Vendrame at 2024-05-07T10:24:18+02:00 Bug 41369: Improve Firefox language settings for multi-lingual packages Change the language selector to be sorted by language code, rather than name, and to display the language code to the user. Bug 41372: Handle Japanese as a special case in preferences on macOS Japanese is treated in a special way on macOS. However, seeing the Japanese language tag could be confusing for users, and moreover the language name is not localized correctly like other langs. Bug 41378: Tell users that they can change their language at the first start With multi-lingual builds, Tor Browser matches the user's system language, but some users might want to change it. So, we tell them that it is possible, but only once. - - - - - 72303e67 by p13dz at 2024-05-07T10:24:18+02:00 Bug 40283: Workaround for the file upload bug - - - - - 68e3794a by Arthur Edelstein at 2024-05-07T10:24:19+02:00 Bug 18905: Hide unwanted items from help menu Bug 25660: Remove the "New Private Window" option - - - - - 9d4207a8 by cypherpunks1 at 2024-05-07T10:24:19+02:00 Bug 41740: Change the RFP value of devicePixelRatio to 2 - - - - - 18ec0e54 by Pier Angelo Vendrame at 2024-05-07T10:24:19+02:00 Bug 41739: Remove "Website appearance" from about:preferences. It is ignored because of RFP and it is confusing for users. - - - - - 3307f4e7 by cypherpunks1 at 2024-05-07T10:24:20+02:00 Bug 41881: Don't persist custom network requests on private windows - - - - - 144d8f99 by hackademix at 2024-05-07T10:24:20+02:00 Bug 42019: Empty browser's clipboard on browser shutdown - - - - - 6d0dfddc by hackademix at 2024-05-07T10:24:20+02:00 Bug 42084: Ensure English spoofing works even if preferences are set out of order. - - - - - 1712c87d by Pier Angelo Vendrame at 2024-05-07T10:24:21+02:00 Bug 42376: Pass the locale list when constructing l10n in datetimebox The datetime input is inconsistent with other inputs when using spoof English: its placeholder is not translated, unlike the default values and texts of all the other inputs. - - - - - f9225213 by Pier Angelo Vendrame at 2024-05-07T10:24:21+02:00 Bug 42428: Make RFP spoof the timezone of document.lastModified. - - - - - 3e284d8d by Pier Angelo Vendrame at 2024-05-07T10:24:21+02:00 Bug 42472: Spoof timezone in XSLT. - - - - - 4ed66315 by Pier Angelo Vendrame at 2024-05-07T10:24:22+02:00 Bug 41603: Customize the creation of MOZ_SOURCE_URL MOZ_SOURCE_URL is created by combining MOZ_SOURCE_REPO and MOZ_SOURCE_CHANGESET. But the code takes for granted that it refers to a Hg instance, so it combines them as `$MOZ_SOURCE_REPO/rev/$MOZ_SOURCE_CHANGESET`. With this commit, we change this logic to combine them to create a URL that is valid for GitLab. $MOZ_SOURCE_CHANGESET needs to be a commit hash, not a branch or a tag. If that is needed, we could use /-/tree/, instead of /-/commit/. - - - - - 24ca4a57 by Henry Wilkes at 2024-05-07T10:24:22+02:00 Bug 31575: Disable Firefox Home (Activity Stream) Treat about:blank as the default home page and new tab page. Avoid loading AboutNewTab in BrowserGlue.sys.mjs in order to avoid several network requests that we do not need. Bug 41624: Disable about:pocket-* pages. Bug 40144: Redirect about:privatebrowsing to the user's home - - - - - 0ea5590a by Kathy Brade at 2024-05-07T10:24:22+02:00 Bug 4234: Use the Firefox Update Process for Base Browser. Windows: disable "runas" code path in updater (15201). Windows: avoid writing to the registry (16236). Also includes fixes for tickets 13047, 13301, 13356, 13594, 15406, 16014, 16909, 24476, and 25909. Also fix bug 27221: purge the startup cache if the Base Browser version changed (even if the Firefox version and build ID did not change), e.g., after a minor Base Browser update. Also fix 32616: Disable GetSecureOutputDirectoryPath() functionality. Bug 26048: potentially confusing "restart to update" message Within the update doorhanger, remove the misleading message that mentions that windows will be restored after an update is applied, and replace the "Restart and Restore" button label with an existing "Restart to update Tor Browser" string. Bug 28885: notify users that update is downloading Add a "Downloading Base Browser update" item which appears in the hamburger (app) menu while the update service is downloading a MAR file. Before this change, the browser did not indicate to the user that an update was in progress, which is especially confusing in Tor Browser because downloads often take some time. If the user clicks on the new menu item, the about dialog is opened to allow the user to see download progress. As part of this fix, the update service was changed to always show update-related messages in the hamburger menu, even if the update was started in the foreground via the about dialog or via the "Check for Tor Browser Update" toolbar menu item. This change is consistent with the Tor Browser goal of making sure users are informed about the update process. Removed #28885 parts of this patch which have been uplifted to Firefox. - - - - - 1b8661f4 by Pier Angelo Vendrame at 2024-05-07T10:24:23+02:00 Bug 42061: Create an alpha update channel. - - - - - 0362fdbd by Nicolas Vigier at 2024-05-07T10:24:23+02:00 Bug 41682: Add base-browser nightly mar signing key - - - - - 5f50c2f4 by hackademix at 2024-05-07T10:24:23+02:00 Bug 41695: Warn on window maximization without letterboxing in RFPHelper module - - - - - a9abc589 by Pier Angelo Vendrame at 2024-05-07T10:24:24+02:00 Bug 41698: Reword the recommendation badges in about:addons Firefox strings use { -brand-product-name }. As a result, it seems that the fork is recommending extensions, whereas AMO curators are doing that. So, we replace the strings with custom ones that clarify that Mozilla is recommending them. We assign the strings with JS because our translation backend does not support Fluent attributes, yet, but once it does, we should switch to them, instead. Upstream bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1825033 - - - - - 82a13eae by Alex Catarineu at 2024-05-07T10:24:24+02:00 Bug 40069: Add helpers for message passing with extensions - - - - - 458b42c2 by Matthew Finkel at 2024-05-07T10:24:24+02:00 Bug 41598: Prevent NoScript from being removed/disabled. Bug 40253: Explicitly allow NoScript in Private Browsing mode. - - - - - 81a09573 by Henry Wilkes at 2024-05-07T10:24:25+02:00 Bug 41736: Hide NoScript extension's toolbar button by default. This hides it from both the toolbar and the unified extensions panel. We also hide the unified-extension-button if the panel would be empty: not including the NoScript button when it is hidden. As a result, this will be hidden by default until a user installs another extension (or shows the NoScript button and unpins it). - - - - - c313e865 by hackademix at 2024-05-07T10:24:27+02:00 Bug 41834: Hide "Can't Be Removed - learn more" menu line for uninstallable add-ons - - - - - f8f2fd31 by Pier Angelo Vendrame at 2024-05-07T10:24:27+02:00 Bug 40925: Implemented the Security Level component This component adds a new Security Level toolbar button which visually indicates the current global security level via icon (as defined by the extensions.torbutton.security_slider pref), a drop-down hanger with a short description of the current security level, and a new section in the about:preferences#privacy page where users can change their current security level. In addition, the hanger and the preferences page will show a visual warning when the user has modified prefs associated with the security level and provide a one-click 'Restore Defaults' button to get the user back on recommended settings. Bug 40125: Expose Security Level pref in GeckoView - - - - - ea88dda4 by Pier Angelo Vendrame at 2024-05-07T10:24:28+02:00 Bug 40926: Implemented the New Identity feature - - - - - 02e5f2aa by Henry Wilkes at 2024-05-07T10:24:28+02:00 Bug 41736: Customize toolbar for base-browser. - - - - - 02667c83 by Pier Angelo Vendrame at 2024-05-07T10:24:29+02:00 Bug 42027: Base Browser migration procedures. This commit implmenents the the Base Browser's version of _migrateUI. - - - - - 866c1b2c by Richard Pospesel at 2024-05-07T10:24:29+02:00 Bug 41649: Create rebase and security backport gitlab issue templates - - - - - 45e6d71d by Richard Pospesel at 2024-05-07T10:24:29+02:00 Bug 41089: Add tor-browser build scripts + Makefile to tor-browser - - - - - d02af404 by Henry Wilkes at 2024-05-07T10:24:30+02:00 Bug 41803: Add some developer tools for working on tor-browser. - - - - - 567aacef by Kathy Brade at 2024-05-07T10:24:30+02:00 Bug 11641: Disable remoting by default. Unless the -osint command line flag is used, the browser now defaults to the equivalent of -no-remote. There is a new -allow-remote flag that may be used to restore the original (Firefox-like) default behavior. - - - - - 10effdf4 by Alex Catarineu at 2024-05-07T10:24:30+02:00 Add TorStrings module for localization - - - - - 9534825f by Henry Wilkes at 2024-05-07T10:24:31+02:00 Tor Browser strings This commit adds all the strings needed for Tor Browser patches. - - - - - 69173a77 by Henry Wilkes at 2024-05-07T10:24:31+02:00 Tor Browser localization migration scripts. - - - - - e47c1ea4 by Mike Perry at 2024-05-07T10:24:31+02:00 Bug 2176: Rebrand Firefox to TorBrowser See also Bugs #5194, #7187, #8115, #8219. This patch does some basic renaming of Firefox to TorBrowser. The rest of the branding is done by images and icons. Also fix bug 27905. Bug 25702: Update Tor Browser icon to follow design guidelines - Updated all of the branding in /browser/branding/official with new 'stable' icon series. - Updated /extensions/onboarding/content/img/tor-watermark.png with new icon and add the source svg in the same directory - Copied /browser/branding/official over /browser/branding/nightly and the new /browser/branding/alpha directories. Replaced content with 'nightly' and 'alpha' icon series. Updated VisualElements_70.png and VisualElements_150.png with updated icons in each branding directory (fixes #22654) - Updated firefox.VisualElementsManfiest.xml with updated colors in each branding directory - Added firefox.svg to each branding directory from which all the other icons are derived (apart from document.icns and document.ico) - Added default256.png and default512.png icons - Updated aboutTBUpdate.css to point to branding-aware icon128.png and removed original icon - Use the Tor Browser icon within devtools/client/themes/images/. Bug 30631: Blurry Tor Browser icon on macOS app switcher It would seem the png2icns tool does not generate correct icns files and so on macOS the larger icons were missing resulting in blurry icons in the OS chrome. Regenerated the padded icons in a macOS VM using iconutil. Bug 28196: preparations for using torbutton tor-browser-brand.ftl A small change to Fluent FileSource class is required so that we can register a new source without its supported locales being counted as available locales for the browser. Bug 31803: Replaced about:debugging logo with flat version Bug 21724: Make Firefox and Tor Browser distinct macOS apps When macOS opens a document or selects a default browser, it sometimes uses the CFBundleSignature. Changing from the Firefox MOZB signature to a different signature TORB allows macOS to distinguish between Firefox and Tor Browser. Bug 32092: Fix Tor Browser Support link in preferences For bug 40562, we moved onionPattern* from bug 27476 to here, as about:tor needs these files but it is included earlier. Bug 41278: Create Tor Browser styled pdf logo similar to the vanilla Firefox one Bug 42088: New application icons (used in-app and on linux). Bug 42087: New application icons (windows). - - - - - 25447672 by sanketh at 2024-05-07T10:24:32+02:00 Bug 40209: Implement Basic Crypto Safety Adds a CryptoSafety actor which detects when you've copied a crypto address from a HTTP webpage and shows a warning. Closes #40209. Bug 40428: Fix string attribute names - - - - - c333f536 by Mike Perry at 2024-05-07T10:24:32+02:00 TB3: Tor Browser's official .mozconfigs. Also: Add an --enable-tor-browser-data-outside-app-dir configure option Add --with-tor-browser-version configure option Bug 31457: disable per-installation profiles The dedicated profiles (per-installation) feature does not interact well with our bundled profiles on Linux and Windows, and it also causes multiple profiles to be created on macOS under TorBrowser-Data. Bug 31935: Disable profile downgrade protection. Since Tor Browser does not support more than one profile, disable the prompt and associated code that offers to create one when a version downgrade situation is detected. Add --enable-tor-browser-update build option Bug 40793: moved Tor configuration options from old-configure.in to moz.configure Bug 41584: Move some configuration options to base-browser level - - - - - e922473e by Henry Wilkes at 2024-05-07T10:24:32+02:00 Bug 41340: Enable TOR_BROWSER_NIGHTLY_BUILD features for dev and nightly builds tor-browser#41285: Enable fluent warnings. - - - - - 671ba4f5 by Pier Angelo Vendrame at 2024-05-07T10:24:33+02:00 Bug 40562: Added Tor Browser preferences to 000-tor-browser.js Before reordering patches, we used to keep the Tor-related patches (torbutton and tor-launcher) at the beginning. After that issue, we decided to move them towards the end. In addition to that, we have decided to move Tor Browser-only preferences there, too, to make Base Browser-only fixups easier to apply. - - - - - a45af9a9 by Pier Angelo Vendrame at 2024-05-07T10:24:33+02:00 Bug 13252: Customize profile management on macOS On macOS we allow both portable mode and system installation. However, in the latter case, we customize Firefox's directories to match the hierarchy we use for the portable mode. Also, display an informative error message if the TorBrowser-Data directory cannot be created due to an "access denied" or a "read only volume" error. - - - - - 6e2d9670 by Pier Angelo Vendrame at 2024-05-07T10:24:33+02:00 Bug 40933: Add tor-launcher functionality Bug 41926: Reimplement the control port - - - - - 404b6d97 by Richard Pospesel at 2024-05-07T10:24:34+02:00 Bug 40597: Implement TorSettings module - migrated in-page settings read/write implementation from about:preferences#tor to the TorSettings module - TorSettings initially loads settings from the tor daemon, and saves them to firefox prefs - TorSettings notifies observers when a setting has changed; currently only QuickStart notification is implemented for parity with previous preference notify logic in about:torconnect and about:preferences#tor - about:preferences#tor, and about:torconnect now read and write settings thorugh the TorSettings module - all tor settings live in the torbrowser.settings.* preference branch - removed unused pref modify permission for about:torconnect content page from AsyncPrefs.jsm Bug 40645: Migrate Moat APIs to Moat.jsm module - - - - - a2ee9a65 by Arthur Edelstein at 2024-05-07T10:24:34+02:00 Bug 3455: Add DomainIsolator, for isolating circuit by domain. Add an XPCOM component that registers a ProtocolProxyChannelFilter which sets the username/password for each web request according to url bar domain. Bug 9442: Add New Circuit button Bug 13766: Set a 10 minute circuit dirty timeout for the catch-all circ. Bug 19206: Include a 128 bit random tag as part of the domain isolator nonce. Bug 19206: Clear out the domain isolator state on `New Identity`. Bug 21201.2: Isolate by firstPartyDomain from OriginAttributes Bug 21745: Fix handling of catch-all circuit Bug 41741: Refactor the domain isolator and new circuit - - - - - 8b7c5dd1 by Henry Wilkes at 2024-05-07T10:24:34+02:00 Bug 41600: Add a tor circuit display panel. - - - - - 062a4b3a by hackademix at 2024-05-07T10:24:35+02:00 Bug 8324: Prevent DNS proxy bypasses caused by Drag&Drop Bug 41613: Skip Drang & Drop filtering for DNS-safe URLs - - - - - 1c6ed9ff by Amogh Pradeep at 2024-05-07T10:24:35+02:00 Orfox: Centralized proxy applied to AbstractCommunicator and BaseResources. See Bug 1357997 for partial uplift. Also: Bug 28051 - Use our Orbot for proxying our connections Bug 31144 - ESR68 Network Code Review - - - - - 424a9fa6 by Matthew Finkel at 2024-05-07T10:24:35+02:00 Bug 25741: TBA: Disable GeckoNetworkManager The browser should not need information related to the network interface or network state, tor should take care of that. - - - - - 98417167 by Kathy Brade at 2024-05-07T10:24:36+02:00 Bug 14631: Improve profile access error messages. Instead of always reporting that the profile is locked, display specific messages for "access denied" and "read-only file system". To allow for localization, get profile-related error strings from Torbutton. Use app display name ("Tor Browser") in profile-related error alerts. - - - - - 8c4519f6 by Pier Angelo Vendrame at 2024-05-07T10:24:36+02:00 Bug 40807: Added QRCode.js to toolkit/modules - - - - - d66034de by Richard Pospesel at 2024-05-07T10:24:36+02:00 Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection This patch adds a new about:preferences#connection page which allows modifying bridge, proxy, and firewall settings from within Tor Browser. All of the functionality present in tor-launcher's Network Configuration panel is present: - Setting built-in bridges - Requesting bridges from BridgeDB via moat - Using user-provided bridges - Configuring SOCKS4, SOCKS5, and HTTP/HTTPS proxies - Setting firewall ports - Viewing and Copying Tor's logs - The Networking Settings in General preferences has been removed Bug 40774: Update about:preferences page to match new UI designs - - - - - ec425244 by Richard Pospesel at 2024-05-07T10:24:37+02:00 Bug 27476: Implement about:torconnect captive portal within Tor Browser - implements new about:torconnect page as tor-launcher replacement - adds new torconnect component to browser - tor process management functionality remains implemented in tor-launcher through the TorProtocolService module - adds warning/error box to about:preferences#tor when not connected to tor Bug 40773: Update the about:torconnect frontend page to match additional UI flows. Bug 41608: Add a toolbar status button and a urlbar "Connect" button. - - - - - d7db9e01 by Henry Wilkes at 2024-05-07T10:24:37+02:00 Bug 7494: Create local home page for TBB. Bug 41333: Update about:tor to new design. Including: + make the favicon match the branding icon. + make the location bar show a search icon. - - - - - d625fd1a by Arthur Edelstein at 2024-05-07T10:24:37+02:00 Bug 12620: TorBrowser regression tests Regression tests for Bug #2950: Make Permissions Manager memory-only Regression tests for TB4: Tor Browser's Firefox preference overrides. Note: many more functional tests could be made here Regression tests for #2874: Block Components.interfaces from content Bug 18923: Add a script to run all Tor Browser specific tests Regression tests for Bug #16441: Suppress "Reset Tor Browser" prompt. - - - - - 383f1df8 by Pier Angelo Vendrame at 2024-05-07T10:24:38+02:00 Bug 41668: Tweaks to the Base Browser updater for Tor Browser This commit was once part of "Bug 4234: Use the Firefox Update Process for Tor Browser.". However, some parts of it were not needed for Base Browser and some derivative browsers. Therefore, we extracted from that commit the parts for Tor Browser legacy, and we add them back to the patch set with this commit. - - - - - f60252f9 by Kathy Brade at 2024-05-07T10:24:38+02:00 Bug 12647: Support symlinks in the updater. - - - - - f6435749 by Kathy Brade at 2024-05-07T10:24:38+02:00 Bug 19121: reinstate the update.xml hash check This is a partial revert of commit f1241db6986e4b54473a1ed870f7584c75d51122. Revert most changes from Mozilla Bug 862173 "don't verify mar file hash when using mar signing to verify the mar file (lessens main thread I/O)." We kept the addition to the AppConstants API in case other JS code references it in the future. - - - - - 136736bf by Kathy Brade at 2024-05-07T10:24:39+02:00 Bug 16940: After update, load local change notes. Add an about:tbupdate page that displays the first section from TorBrowser/Docs/ChangeLog.txt and includes a link to the remote post-update page (typically our blog entry for the release). Always load about:tbupdate in a content process, but implement the code that reads the file system (changelog) in the chrome process for compatibility with future sandboxing efforts. Also fix bug 29440. Now about:tbupdate is styled as a fairly simple changelog page that is designed to be displayed via a link that is on about:tor. - - - - - bcaf8fd6 by Georg Koppen at 2024-05-07T10:24:39+02:00 Bug 32658: Create a new MAR signing key It's time for our rotation again: Move the backup key in the front position and add a new backup key. Bug 33803: Move our primary nightly MAR signing key to tor-browser Bug 33803: Add a secondary nightly MAR signing key - - - - - 03380d10 by Mike Perry at 2024-05-07T10:24:39+02:00 Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing eBay and Amazon don't treat Tor users very well. Accounts often get locked and payments reversed. Also: Bug 16322: Update DuckDuckGo search engine We are replacing the clearnet URL with an onion service one (thanks to a patch by a cypherpunk) and are removing the duplicated DDG search engine. Duplicating DDG happend due to bug 1061736 where Mozilla included DDG itself into Firefox. Interestingly, this caused breaking the DDG search if JavaScript is disabled as the Mozilla engine, which gets loaded earlier, does not use the html version of the search page. Moreover, the Mozilla engine tracked where the users were searching from by adding a respective parameter to the search query. We got rid of that feature as well. Also: This fixes bug 20809: the DuckDuckGo team has changed its server-side code in a way that lets users with JavaScript enabled use the default landing page while those without JavaScript available get redirected directly to the non-JS page. We adapt the search engine URLs accordingly. Also fixes bug 29798 by making sure we only specify the Google search engine we actually ship an .xml file for. Also regression tests. squash! Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing Bug 40494: Update Startpage search provider squash! Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing Bug 40438: Add Blockchair as a search engine Bug 33342: Avoid disconnect search addon error after removal. We removed the addon in #32767, but it was still being loaded from addonStartup.json.lz4 and throwing an error on startup because its resource: location is not available anymore. - - - - - 86a68643 by Alex Catarineu at 2024-05-07T10:24:40+02:00 Bug 40073: Disable remote Public Suffix List fetching In https://bugzilla.mozilla.org/show_bug.cgi?id=1563246 Firefox implemented fetching the Public Suffix List via RemoteSettings and replacing the default one at runtime, which we do not want. - - - - - 1b60d37e by Henry Wilkes at 2024-05-07T10:24:40+02:00 Bug 41906: Hide DNS over HTTPS preferences. - - - - - ba9b8073 by Richard Pospesel at 2024-05-07T10:24:40+02:00 Bug 23247: Communicating security expectations for .onion Encrypting pages hosted on Onion Services with SSL/TLS is redundant (in terms of hiding content) as all traffic within the Tor network is already fully encrypted. Therefore, serving HTTP pages from an Onion Service is more or less fine. Prior to this patch, Tor Browser would mostly treat pages delivered via Onion Services as well as pages delivered in the ordinary fashion over the internet in the same way. This created some inconsistencies in behaviour and misinformation presented to the user relating to the security of pages delivered via Onion Services: - HTTP Onion Service pages did not have any 'lock' icon indicating the site was secure - HTTP Onion Service pages would be marked as unencrypted in the Page Info screen - Mixed-mode content restrictions did not apply to HTTP Onion Service pages embedding Non-Onion HTTP content This patch fixes the above issues, and also adds several new 'Onion' icons to the mix to indicate all of the various permutations of Onion Services hosted HTTP or HTTPS pages with HTTP or HTTPS content. Strings for Onion Service Page Info page are pulled from Torbutton's localization strings. - - - - - 49f22778 by Kathy Brade at 2024-05-07T10:24:41+02:00 Bug 30237: Add v3 onion services client authentication prompt When Tor informs the browser that client authentication is needed, temporarily load about:blank instead of about:neterror and prompt for the user's key. If a correctly formatted key is entered, use Tor's ONION_CLIENT_AUTH_ADD control port command to add the key (via Torbutton's control port module) and reload the page. If the user cancels the prompt, display the standard about:neterror "Unable to connect" page. This requires a small change to browser/actors/NetErrorChild.jsm to account for the fact that the docShell no longer has the failedChannel information. The failedChannel is used to extract TLS-related error info, which is not applicable in the case of a canceled .onion authentication prompt. Add a leaveOpen option to PopupNotifications.show so we can display error messages within the popup notification doorhanger without closing the prompt. Add support for onion services strings to the TorStrings module. Add support for Tor extended SOCKS errors (Tor proposal 304) to the socket transport and SOCKS layers. Improved display of all of these errors will be implemented as part of bug 30025. Also fixes bug 19757: Add a "Remember this key" checkbox to the client auth prompt. Add an "Onion Services Authentication" section within the about:preferences "Privacy & Security section" to allow viewing and removal of v3 onion client auth keys that have been stored on disk. Also fixes bug 19251: use enhanced error pages for onion service errors. - - - - - 6a6ca07b by Alex Catarineu at 2024-05-07T10:24:41+02:00 Bug 21952: Implement Onion-Location Whenever a valid Onion-Location HTTP header (or corresponding HTML <meta> http-equiv attribute) is found in a document load, we either redirect to it (if the user opted-in via preference) or notify the presence of an onionsite alternative with a badge in the urlbar. - - - - - 842f94b6 by Pier Angelo Vendrame at 2024-05-07T10:24:43+02:00 Bug 40458: Implement .tor.onion aliases We have enabled HTTPS-Only mode, therefore we do not need HTTPS-Everywhere anymore. However, we want to keep supporting .tor.onion aliases (especially for securedrop). Therefore, in this patch we implemented the parsing of HTTPS-Everywhere rulesets, and the redirect of .tor.onion domains. Actually, Tor Browser believes they are actual domains. We change them on the fly on the SOCKS proxy requests to resolve the domain, and on the code that verifies HTTPS certificates. - - - - - 2b2a1a0e by Pier Angelo Vendrame at 2024-05-07T10:24:44+02:00 Bug 11698: Incorporate Tor Browser Manual pages into Tor Browser This patch associates the about:manual page to a translated page that must be injected to browser/omni.ja after the build. The content must be placed in chrome/browser/content/browser/manual/, so that is then available at chrome://browser/content/manual/. We preferred giving absolute freedom to the web team, rather than having to change the patch in case of changes on the documentation. - - - - - 3aef35e1 by Pier Angelo Vendrame at 2024-05-07T10:24:44+02:00 Bug 41435: Add a Tor Browser migration function For now this function only deletes old language packs for which we are already packaging the strings with the application. - - - - - 2e640547 by Henry Wilkes at 2024-05-07T10:24:44+02:00 Bug 42110: Add TorUIUtils module for common tor component methods. - - - - - a63c90b7 by Dan Ballard at 2024-05-07T10:24:45+02:00 Bug 40701: Add security warning when downloading a file Shown in the downloads panel, about:downloads and places.xhtml. - - - - - 56bb7bfb by Henry Wilkes at 2024-05-07T10:24:45+02:00 Bug 41736: Customize toolbar for tor-browser. - - - - - bfb4c2e5 by hackademix at 2024-05-07T10:24:45+02:00 Bug 41728: Pin bridges.torproject.org domains to Let's Encrypt's root cert public key - - - - - 805b90b7 by Henry Wilkes at 2024-05-07T10:24:46+02:00 Customize moz-toggle for tor-browser. - - - - - 5f609d18 by Richard Pospesel at 2024-05-07T10:24:46+02:00 Bug 41822: Unconditionally disable default browser UX in about:preferences - - - - - 30 changed files: - .eslintignore - .gitignore - + .gitlab/issue_templates/Backport Android Security Fixes.md - + .gitlab/issue_templates/Rebase Browser - Alpha.md - + .gitlab/issue_templates/Rebase Browser - Stable.md - + .gitlab/issue_templates/bug.md - + .gitlab/merge_request_templates/default.md - accessible/android/SessionAccessibility.cpp - accessible/android/SessionAccessibility.h - accessible/ipc/DocAccessibleParent.cpp - accessible/ipc/DocAccessibleParent.h - accessible/ipc/moz.build - + browser/actors/AboutTBUpdateChild.jsm - + browser/actors/AboutTBUpdateParent.jsm - + browser/actors/CryptoSafetyChild.jsm - + browser/actors/CryptoSafetyParent.jsm - − browser/actors/RFPHelperChild.sys.mjs - − browser/actors/RFPHelperParent.sys.mjs - browser/actors/moz.build - browser/app/Makefile.in - browser/app/macbuild/Contents/Info.plist.in - browser/app/macbuild/Contents/MacOS-files.in - browser/app/moz.build - browser/app/permissions - + browser/app/profile/000-tor-browser.js - + browser/app/profile/001-base-profile.js - browser/app/profile/firefox.js - browser/base/content/aboutDialog-appUpdater.js - browser/base/content/aboutDialog.js - browser/base/content/aboutDialog.xhtml The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/3e25f5… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/3e25f5… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.11.0esr-13.0-1] 122 commits: Bug 1819160 - Map Android ids to doc/accessible id pairs. r=Jamie
by richard (＠richard) 07 May '24

07 May '24

richard pushed to branch mullvad-browser-115.11.0esr-13.0-1 at The Tor Project / Applications / Mullvad Browser Commits: 4b3eb5ba by Eitan Isaacson at 2024-05-06T19:16:16+02:00 Bug 1819160 - Map Android ids to doc/accessible id pairs. r=Jamie Differential Revision: https://phabricator.services.mozilla.com/D179737 - - - - - e27667f2 by Pier Angelo Vendrame at 2024-05-06T19:16:16+02:00 Bug 1832523 - Allow using NSS to sign and verify MAR signatures. r=application-update-reviewers,glandium,bytesized Allow using NSS for checking MAR signatures also in platforms where OS-native APIs are used by default, i.e., macOS and Windows. Differential Revision: https://phabricator.services.mozilla.com/D177743 - - - - - ba5a77ae by Pier Angelo Vendrame at 2024-05-06T19:16:16+02:00 Bug 1849129: Prevent exceptions caused by extensions from interrupting the SearchService initialization. r=search-reviewers,Standard8 Differential Revision: https://phabricator.services.mozilla.com/D186456 - - - - - 9f698d4a by Emilio Cobos Álvarez at 2024-05-06T19:16:16+02:00 Bug 1853731 - Use html:img for message-bar-icon. r=Gijs,dao,settings-reviewers,desktop-theme-reviewers,sfoster Differential Revision: https://phabricator.services.mozilla.com/D188521 - - - - - d302c6b9 by Pier Angelo Vendrame at 2024-05-06T19:16:17+02:00 Bug 1854117 - Sort the DLL blocklist flags. r=mossop,win-reviewers,gstoll Differential Revision: https://phabricator.services.mozilla.com/D188716 - - - - - 19464f68 by Eden Chuang at 2024-05-06T19:16:17+02:00 Bug 1738426 - Ignoring status 206 and vary header checking for opaque response in Cache API. r=asuth Differential Revision: https://phabricator.services.mozilla.com/D186431 - - - - - c12c4da8 by edgul at 2024-05-06T19:16:17+02:00 Bug 1802057 - Block the following characters from use in the cookie name in the cookie string: 0x3B (semi-colon), 0x3D (equals), and 0x7F (del) r=dveditz,cookie-reviewers Differential Revision: https://phabricator.services.mozilla.com/D182373 - - - - - 6bc5c20a by Kelsey Gilbert at 2024-05-06T19:16:17+02:00 Bug 1819497 - Don't race on static bool for initialization. r=gfx-reviewers,aosmond We could do non-racy static init here (e.g. with a static initializer self-calling-closure), but there doesn't seem to be a strong reason for this. Let's just use a switch and get robustness from -Werror=switch. Differential Revision: https://phabricator.services.mozilla.com/D188054 - - - - - 4e645984 by Mark Banner at 2024-05-06T19:16:17+02:00 Bug 1845752. r=ckerschb Differential Revision: https://phabricator.services.mozilla.com/D186676 - - - - - 8085f31b by Bob Owen at 2024-05-06T19:16:18+02:00 Bug 1850072: Initialize RecordedDrawTargetCreation::mHasExistingData. r=jrmuizel This also specializes ElementStreamFormat for bool. Differential Revision: https://phabricator.services.mozilla.com/D187794 - - - - - e679f319 by Malte Juergens at 2024-05-06T19:16:18+02:00 Bug 1850200 - Add delay to HTTPS-Only "Continue to HTTPS Site" button r=freddyb Differential Revision: https://phabricator.services.mozilla.com/D187887 - - - - - 7247d356 by Andreas Pehrson at 2024-05-06T19:16:18+02:00 Bug 1851803 - Introduce SourceMediaTrack::mDirectDisabledMode. r=karlt Similar to MediaTrack::mDisabledMode, but this is for uses on the SourceMediaTrack producer thread. It is still signaled via a control message from the control thread to maintain order of operations, and is protected by the SourceMediaTrack mutex. Differential Revision: https://phabricator.services.mozilla.com/D187554 - - - - - 4936b50a by Pier Angelo Vendrame at 2024-05-06T19:16:18+02:00 Bug 1860020 - Remove the assertion on the value of toolkit.telemetry.enabled. r=KrisWright,chutten Bug 1444275 introduced an assertion on the parent process to check that the value of toolkit.telemetry.enabled is the expected one. However, this expected value could be different from the one set and locked e.g. in some forks. Therefore, the assertion prevented debug builds from working in these cases. Differential Revision: https://phabricator.services.mozilla.com/D195080 - - - - - db3286f5 by Kagami Sascha Rosylight at 2024-05-06T19:16:18+02:00 Bug 1865238 - Use One UI Sans KR VF for Korean sans-serif font on Android r=jfkthame Per /etc/fonts.xml, there are now only two `<family lang="ko">` nodes there: * OneUISansKRVF series * SECCJK series (but no KR postfix anymore?) This patch uses One UI Sans KR VF as the replacement as this is newer and is a variable font (tested with https://codepen.io/SaschaNaz/pen/ExrdYXJ) Differential Revision: https://phabricator.services.mozilla.com/D195078 - - - - - b9adce3d by Pier Angelo Vendrame at 2024-05-06T19:16:19+02:00 Bug 1875306 - Localize numbers in the underflow and overflow error messages. r=emilio Differential Revision: https://phabricator.services.mozilla.com/D198965 - - - - - bb142806 by Pier Angelo Vendrame at 2024-05-06T19:16:19+02:00 Bug 1875313 - Use en-US as a fallback when spoof English is enabled in ICUUtils. r=timhuang,tjr Differential Revision: https://phabricator.services.mozilla.com/D198967 - - - - - 73d3bc88 by Pier Angelo Vendrame at 2024-05-06T19:16:19+02:00 Bug 1880988 - Apply spoof English to the default detail summary. r=emilio Differential Revision: https://phabricator.services.mozilla.com/D202203 - - - - - efa03ba4 by Tom Ritter at 2024-05-06T19:16:19+02:00 Bug 1885258: Hidden fonts should obey the allow list r=jfkthame Differential Revision: https://phabricator.services.mozilla.com/D204571 - - - - - 5c373804 by Henry Wilkes at 2024-05-06T19:16:20+02:00 Bug 41454: Move focus after calling openPreferences for a sub-category. Temporary fix until mozilla bug 1799153 gets a patch upstream. - - - - - 0d73ec6c by hackademix at 2024-05-06T19:16:20+02:00 Bug 42194: Fix blank net error page on failed DNS resolution with active proxy. - - - - - 93dc210f by Henry Wilkes at 2024-05-06T19:16:20+02:00 Bug 41483: Remove the firefox override for appstrings.properties Remove this patch after upstream bugzilla bug 1790187 - - - - - 3d661fd3 by Pier Angelo Vendrame at 2024-05-06T19:16:20+02:00 Bug 41116: Normalize system fonts. System fonts are an enormous fingerprinting vector. Even with font allow lists and with our custom configuration on Linux, which counter metrics measurements, getComputedStyle leaks several details. This patch counters both these kinds of attacks. - - - - - c366e7ff by Marco Simonelli at 2024-05-06T19:16:20+02:00 Bug 41459: WebRTC fails to build under mingw (Part 1) - properly define NOMINMAX for just MSVC builds - - - - - 0f320327 by Marco Simonelli at 2024-05-06T19:16:21+02:00 Bug 41459: WebRTC fails to build under mingw (Part 2) - fixes required to build third_party/libwebrtc - - - - - d498f3bb by Marco Simonelli at 2024-05-06T19:16:21+02:00 Bug 41459: WebRTC fails to build under mingw (Part 3) - fixes required to build third_party/sipcc - - - - - d1f5b500 by Marco Simonelli at 2024-05-06T19:16:21+02:00 Bug 41459: WebRTC fails to build under mingw (Part 4) - fixes requried to build netwerk/sctp - - - - - 5e0e3f39 by Marco Simonelli at 2024-05-06T19:16:21+02:00 Bug 41459: WebRTC fails to build under mingw (Part 5) - fixes required to build dom/media/webrtc - - - - - 81470d2a by Marco Simonelli at 2024-05-06T19:16:21+02:00 Bug 41459: WebRTC fails to build under mingw (Part 6) - fixes required to build dom/media/systemservices - - - - - b5d546b9 by hackademix at 2024-05-06T19:16:22+02:00 Bug 41854: Allow overriding download spam protection. - - - - - e6cf6117 by Gaba at 2024-05-06T19:16:22+02:00 Adding issue and merge request templates - - - - - cafc8106 by Pier Angelo Vendrame at 2024-05-06T19:16:22+02:00 Base Browser's .mozconfigs. Bug 17858: Cannot create incremental MARs for hardened builds. Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff (which is part of mar-tools and is not distributed to end-users) with ASan. Bug 21849: Don't allow SSL key logging. Bug 25741 - TBA: Disable features at compile-time Define MOZ_ANDROID_NETWORK_STATE and MOZ_ANDROID_LOCATION Bug 27623 - Export MOZILLA_OFFICIAL during desktop builds This fixes a problem where some preferences had the wrong default value. Also see bug 27472 where we made a similar fix for Android. Bug 29859: Disable HLS support for now Bug 30463: Explicitly disable MOZ_TELEMETRY_REPORTING Bug 32493: Disable MOZ_SERVICES_HEALTHREPORT Bug 33734: Set MOZ_NORMANDY to False Bug 33851: Omit Parental Controls. Bug 40252: Add --enable-rust-simd to our tor-browser mozconfig files Bug 41584: Move some configuration options to base-browser level - - - - - 8da531f0 by Pier Angelo Vendrame at 2024-05-06T19:16:22+02:00 Tweaks to the build system Bug 40857: Modified the fat .aar creation file This is a workaround to build fat .aars with the compiling enviornment disabled. Mozilla does not use a similar configuration, but either runs a Firefox build and discards its output, or uses artifacts build. We might switch to artifact builds too, and drop this patch, or write a better one to upstream. But until then we need this patch. See also https://bugzilla.mozilla.org/show_bug.cgi?id=1763770. Bug 41458: Prevent `mach package-multi-locale` from actually creating a package macOS builds need some files to be moved around with ./mach package-multi-locale to create multi-locale packages. The required command isn't exposed through any other mach command. So, we patch package-multi-locale both to prevent it from failing when doing official builds and to detect any future changes on it. - - - - - 2a235d2c by Pier Angelo Vendrame at 2024-05-06T19:16:23+02:00 Bug 41108: Remove privileged macOS installation from 102 - - - - - 4d3a4ab8 by Dan Ballard at 2024-05-06T19:16:23+02:00 Bug 41149: Re-enable DLL injection protection in all builds not just nightlies - - - - - 9546d154 by Matthew Finkel at 2024-05-06T19:16:23+02:00 Bug 24796: Comment out excess permissions from GeckoView The GeckoView AndroidManifest.xml is not preprocessed unlike Fennec's manifest, so we can't use the ifdef preprocessor guards around the permissions we do not want. Commenting the permissions is the next-best-thing. - - - - - 3fc58dcb by Matthew Finkel at 2024-05-06T19:16:23+02:00 Bug 28125: Prevent non-Necko network connections - - - - - e4470186 by Mike Perry at 2024-05-06T19:16:23+02:00 Bug 12974: Disable NTLM and Negotiate HTTP Auth The Mozilla bugs: https://bugzilla.mozilla.org/show_bug.cgi?id=1046421, https://bugzilla.mozilla.org/show_bug.cgi?id=1261591, tor-browser#27602 - - - - - 13f6a34b by Alex Catarineu at 2024-05-06T19:16:24+02:00 Bug 40166: Disable security.certerrors.mitm.auto_enable_enterprise_roots Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1768899 - - - - - 55dcec00 by Georg Koppen at 2024-05-06T19:16:24+02:00 Bug 16285: Exclude ClearKey system for now In the past the ClearKey system had not been compiled when specifying --disable-eme. But that changed and it is even bundled nowadays (see: Mozilla's bug 1300654). We don't want to ship it right now as the use case for it is not really visible while the code had security vulnerabilities in the past. - - - - - 9066bcdb by Kathy Brade at 2024-05-06T19:16:24+02:00 Bug 21431: Clean-up system extensions shipped in Firefox Only ship the pdfjs extension. - - - - - 6eafb463 by Kathy Brade at 2024-05-06T19:16:24+02:00 Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc. Hide elements on about:logins that mention sync, "Firefox LockWise", and Mozilla's LockWise mobile apps. Disable the "Create New Login" button when security.nocertdb is true. - - - - - 8ca63855 by Alex Catarineu at 2024-05-06T19:16:24+02:00 Bug 41457: Remove Mozilla permissions Bug 40025: Remove Mozilla add-on install permissions - - - - - 5bc66b65 by Kathy Brade at 2024-05-06T19:16:25+02:00 Bug 40002: Remove about:ion Firefox Ion (previously Firefox Pioneer) is an opt-in program in which people volunteer to participate in studies that collect detailed, sensitive data about how they use their browser. Bug 41662: Disable about:sync-logs Even though we disable sync by default with `identity.fxaccounts.enabled`, this about: page is still avilable. We could throw an exception on the constructor of the related component, but it would result only in an error in the console, without a visible "this address does not look right" error page. If we fix the issues with MOZ_SERVICES_SYNC, we can restore the component. - - - - - 3333f4f5 by Arthur Edelstein at 2024-05-06T19:16:25+02:00 Bug 26353: Prevent speculative connect that violated FPI. Connections were observed in the catch-all circuit when the user entered an https or http URL in the URL bar, or typed a search term. - - - - - a1a9d1c3 by Alex Catarineu at 2024-05-06T19:16:25+02:00 Bug 31740: Remove some unnecessary RemoteSettings instances More concretely, SearchService.jsm 'hijack-blocklists' and url-classifier-skip-urls. Avoid creating instance for 'anti-tracking-url-decoration'. If prefs are disabling their usage, avoid creating instances for 'cert-revocations' and 'intermediates'. Do not ship JSON dumps for collections we do not expect to need. For the ones in the 'main' bucket, this prevents them from being synced unnecessarily (the code in remote-settings does so for collections in the main bucket for which a dump or local data exists). For the collections in the other buckets, we just save some size by not shipping their dumps. We also clear the collections database on the v2 -> v3 migration. - - - - - b5b6e613 by cypherpunks1 at 2024-05-06T19:16:25+02:00 Bug 41092: Add a RemoteSettings JSON dump for query-stripping - - - - - 4af763e3 by Pier Angelo Vendrame at 2024-05-06T19:16:26+02:00 Bug 41635: Disable the Normandy component Do not include Normandy at all whenever MOZ_NORMANDY is False. - - - - - 9a20416a by Georg Koppen at 2024-05-06T19:16:26+02:00 Bug 30541: Disable WebGL readPixel() for web content Related Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1428034 - - - - - 357e60b7 by Alex Catarineu at 2024-05-06T19:16:26+02:00 Bug 28369: Stop shipping pingsender executable - - - - - 937c10c0 by cypherpunks1 at 2024-05-06T19:16:26+02:00 Bug 41568: Disable LaterRun - - - - - c6948dd4 by cypherpunks1 at 2024-05-06T19:16:26+02:00 Bug 40717: Hide Windows SSO in settings - - - - - 812ee58c by Pier Angelo Vendrame at 2024-05-06T19:16:27+02:00 Bug 41599: Always return an empty string as network ID Firefox computes an internal network ID used to detect network changes and act consequently (e.g., to improve WebSocket UX). However, there are a few ways to get this internal network ID, so we patch them out, to be sure any new code will not be able to use them and possibly link users. We also sent a patch to Mozilla to seed the internal network ID, to prevent any accidental leak in the future. Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1817756 - - - - - 4fec182f by cypherpunks1 at 2024-05-06T19:16:27+02:00 Bug 40175: Add origin attributes to about:reader top-level requests - - - - - 3eea3491 by Richard Pospesel at 2024-05-06T19:16:27+02:00 Bug 41327: Disable UrlbarProviderInterventions - - - - - 318b14e4 by Richard Pospesel at 2024-05-06T19:16:27+02:00 Bug 42037: Disable about:firefoxview page - - - - - bb3a774c by Mike Perry at 2024-05-07T10:24:08+02:00 Firefox preference overrides. This hack directly includes our preference changes in omni.ja. Bug 18292: Staged updates fail on Windows Temporarily disable staged updates on Windows. Bug 18297: Use separate Noto JP,KR,SC,TC fonts Bug 23404: Add Noto Sans Buginese to the macOS whitelist Bug 23745: Set dom.indexedDB.enabled = true Bug 13575: Disable randomised Firefox HTTP cache decay user tests. (Fernando Fernandez Mancera <ffmancera(a)riseup.net>) Bug 17252: Enable session identifiers with FPI Session tickets and session identifiers were isolated by OriginAttributes, so we can re-enable them by allowing the default value (true) of "security.ssl.disable_session_identifiers". The pref "security.enable_tls_session_tickets" is obsolete (removed in https://bugzilla.mozilla.org/917049) Bug 14952: Enable http/2 and AltSvc In Firefox, SPDY/HTTP2 now uses Origin Attributes for isolation of connections, push streams, origin frames, etc. That means we get first-party isolation provided "privacy.firstparty.isolate" is true. So in this patch, we stop overriding "network.http.spdy.enabled" and "network.http.spdy.enabled.http2". Alternate Services also use Origin Attributes for isolation. So we stop overriding "network.http.altsvc.enabled" and "network.http.altsvc.oe" as well. (All 4 of the abovementioned "network.http.*" prefs adopt Firefox 60ESR's default value of true.) However, we want to disable HTTP/2 push for now, so we set "network.http.spdy.allow-push" to false. "network.http.spdy.enabled.http2draft" was removed in Bug 1132357. "network.http.sped.enabled.v2" was removed in Bug 912550. "network.http.sped.enabled.v3" was removed in Bug 1097944. "network.http.sped.enabled.v3-1" was removed in Bug 1248197. Bug 26114: addons.mozilla.org is not special * Don't expose navigator.mozAddonManager on any site * Don't block NoScript from modifying addons.mozilla.org or other sites Enable ReaderView mode again (#27281). Bug 29916: Make sure enterprise policies are disabled Bug 2874: Block Components.interfaces from content Bug 26146: Spoof HTTP User-Agent header for desktop platforms In Tor Browser 8.0, the OS was revealed in both the HTTP User-Agent header and to JavaScript code via navigator.userAgent. To avoid leaking the OS inside each HTTP request (which many web servers log), always use the Windows 7 OS value in the desktop User-Agent header. We continue to allow access to the actual OS via JavaScript, since doing so improves compatibility with web applications such as GitHub and Google Docs. Bug 12885: Windows Jump Lists fail for Tor Browser Jumplist entries are stored in a binary file in: %APPDATA%\\Microsoft\Windows\Recent\CustomDestinations\ and has a name in the form [a-f0-9]+.customDestinations-ms The hex at the front is unique per app, and is ultimately derived from something called the 'App User Model ID' (AUMID) via some unknown hashing method. The AUMID is provided as a key when programmatically creating, updating, and deleting a jumplist. The default behaviour in firefox is for the installer to define an AUMID for an app, and save it in the registry so that the jumplist data can be removed by the uninstaller. However, the Tor Browser does not set this (or any other) regkey during installation, so this codepath fails and the app's AUMID is left undefined. As a result the app's AUMID ends up being defined by windows, but unknowable by Tor Browser. This unknown AUMID is used to create and modify the jumplist, but the delete API requires that we provide the app's AUMID explicitly. Since we don't know what the AUMID is (since the expected regkey where it is normally stored does not exist) jumplist deletion will fail and we will leave behind a mostly empty customDestinations-ms file. The name of the file is derived from the binary path, so an enterprising person could reverse engineer how that hex name is calculated, and generate the name for Tor Browser's default Desktop installation path to determine whether a person had used Tor Browser in the past. The 'taskbar.grouping.useprofile' option that is enabled by this patch works around this AUMID problem by having firefox.exe create it's own AUMID based on the profile path (rather than looking for a regkey). This way, if a user goes in and enables and disables jumplist entries, the backing store is properly deleted. Unfortunately, all windows users currently have this file lurking in the above mentioned directory and this patch will not remove it since it was created with an unknown AUMID. However, another patch could be written which goes to that directory and deletes any item containing the 'Tor Browser' string. See bug 28996. Bug 30845: Make sure default themes and other internal extensions are enabled Bug 28896: Enable extensions in private browsing by default Bug 31065: Explicitly allow proxying localhost Bug 31598: Enable letterboxing Disable Presentation API everywhere Bug 21549 - Use Firefox's WASM default pref. It is disabled at safer security levels. Bug 32321: Disable Mozilla's MitM pings Bug 19890: Disable installation of system addons By setting the URL to "" we make sure that already installed system addons get deleted as well. Bug 22548: Firefox downgrades VP9 videos to VP8. On systems where H.264 is not available or no HWA, VP9 is preferred. But in Tor Browser 7.0 all youtube videos are degraded to VP8. This behaviour can be turned off by setting media.benchmark.vp9.threshold to 0. All clients will get better experience and lower traffic, beause TBB doesn't use "Use hardware acceleration when available". Bug 25741 - TBA: Add mobile-override of 000-tor-browser prefs Bug 16441: Suppress "Reset Tor Browser" prompt. Bug 29120: Use the in-memory media cache and increase its maximum size. Bug 33697: use old search config based on list.json Bug 33855: Ensure that site-specific browser mode is disabled. Bug 30682: Disable Intermediate CA Preloading. Bug 40061: Omit the Windows default browser agent from the build Bug 40322: Consider disabling network.connectivity-service.enabled Bug 40408: Disallow SVG Context Paint in all web content Bug 40308: Disable network partitioning until we evaluate dFPI Bug 40322: Consider disabling network.connectivity-service.enabled Bug 40383: Disable dom.enable_event_timing Bug 40423: Disable http/3 Bug 40177: Update prefs for Fx91esr Bug 40700: Disable addons and features recommendations Bug 40682: Disable network.proxy.allow_bypass Bug 40736: Disable third-party cookies in PBM Bug 19850: Enabled HTTPS-Only by default Bug 40912: Hide the screenshot menu Bug 41292: Disable moreFromMozilla in preferences page Bug 40057: Ensure the CSS4 system colors are not a fingerprinting vector Bug 24686: Set network.http.tailing.enabled to true Bug 40183: Disable TLS ciphersuites using SHA-1 Bug 40783: Review 000-tor-browser.js and 001-base-profile.js for 102 We reviewed all the preferences we set for 102, and remove a few old ones. See the description of that issue to see all the preferences we believed were still valid for 102, and some brief description for the reasons to keep them. - - - - - b891995a by Richard Pospesel at 2024-05-07T10:24:10+02:00 Bug 41659: Add canonical color definitions to base-browser - - - - - 9fa61a44 by Pier Angelo Vendrame at 2024-05-07T10:24:11+02:00 Bug 41043: Hardcode the UI font on Linux The mechanism to choose the UI font does not play well with our fontconfig configuration. As a result, the final criterion to choose the font for the UI was its version. Since we hardcode Arimo as a default sans-serif on preferences, we use it also for the UI. FontConfig will fall back to some other font for scripts Arimo does not cover as expected (we tested with Japanese). - - - - - e04928b7 by Alex Catarineu at 2024-05-07T10:24:11+02:00 Bug 30605: Honor privacy.spoof_english in Android This checks `privacy.spoof_english` whenever `setLocales` is called from Fenix side and sets `intl.accept_languages` accordingly. Bug 40198: Expose privacy.spoof_english pref in GeckoView - - - - - 726a6a9d by Alex Catarineu at 2024-05-07T10:24:11+02:00 Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView - - - - - 53b3a4e1 by Alex Catarineu at 2024-05-07T10:24:12+02:00 Bug 40171: Make WebRequest and GeckoWebExecutor First-Party aware - - - - - 413a6788 by Alex Catarineu at 2024-05-07T10:24:12+02:00 Bug 26345: Hide tracking protection UI - - - - - a0eefdb5 by Pier Angelo Vendrame at 2024-05-07T10:24:12+02:00 Bug 9173: Change the default Firefox profile directory to be relative. This commit makes Firefox look for the default profile directory in a directory relative to the binary path. The directory can be specified through the --with-relative-data-dir. This is relative to the same directory as the firefox main binary for Linux and Windows. On macOS, we remove Contents/MacOS from it. Or, in other words, the directory is relative to the application bundle. This behavior can be overriden at runtime, by placing a file called system-install adjacent to the firefox main binary (also on macOS). - - - - - b0c75061 by Alex Catarineu at 2024-05-07T10:24:13+02:00 Bug 27604: Fix addon issues when moving the profile directory Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1429838 - - - - - 753ce7a3 by Mike Perry at 2024-05-07T10:24:13+02:00 Bug 13028: Prevent potential proxy bypass cases. It looks like these cases should only be invoked in the NSS command line tools, and not the browser, but I decided to patch them anyway because there literally is a maze of network function pointers being passed around, and it's very hard to tell if some random code might not pass in the proper proxied versions of the networking code here by accident. Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1433509 - - - - - 050a0f29 by Igor Oliveira at 2024-05-07T10:24:13+02:00 Bug 23104: Add a default line height compensation Many fonts have issues with their vertical metrics. they are used to influence the height of ascenders and depth of descenders. Gecko uses it to calculate the line height (font height + ascender + descender), however because of that idiosyncratic behavior across multiple operating systems, it can be used to identify the user's OS. The solution proposed in the patch uses a default factor to be multiplied with the font size, simulating the concept of ascender and descender. This way all operating systems will have the same line height. - - - - - b3184074 by Pier Angelo Vendrame at 2024-05-07T10:24:14+02:00 Bug 40309: Avoid using regional OS locales Avoid regional OS locales if the pref `intl.regional_prefs.use_os_locales` is false but RFP is enabled. - - - - - a4bf8cca by Matthew Finkel at 2024-05-07T10:24:14+02:00 Bug 40432: Prevent probing installed applications Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1711084 - - - - - 21ad23ee by cypherpunks1 at 2024-05-07T10:24:14+02:00 Bug 33955: When copying an image only copy the image contents to the clipboard - - - - - a37e54bd by cypherpunks1 at 2024-05-07T10:24:15+02:00 Bug 41791: Omit the source URL when copying page contents to the clipboard - - - - - 7640c2bd by hackademix at 2024-05-07T10:24:15+02:00 Bug 42288: Allow language spoofing in status messages. - - - - - 4c6cebd2 by Pier Angelo Vendrame at 2024-05-07T10:24:15+02:00 Base Browser strings This commit adds all the strings needed by following Base Browser patches. - - - - - 501d6b53 by hackademix at 2024-05-07T10:24:16+02:00 Bug 41434: Letterboxing, preemptively apply margins in a global CSS rule to mitigate race conditions on newly created windows and tabs. - - - - - c856353c by hackademix at 2024-05-07T10:24:16+02:00 Bug 41434: Letterboxing, improve logging. - - - - - 8b9c23ba by hackademix at 2024-05-07T10:24:16+02:00 Bug 31064: Letterboxing, exempt browser extensions. - - - - - 682f6418 by hackademix at 2024-05-07T10:24:17+02:00 Bug 32411: Letterboxing, exempt view-source: URIs. - - - - - fbadf297 by hackademix at 2024-05-07T10:24:17+02:00 Bug 32308: use direct browser sizing for letterboxing. Bug 30556: align letterboxing with 200x100 new win width stepping - - - - - 93c3577b by hackademix at 2024-05-07T10:24:17+02:00 Bug 41631: Prevent weird initial window dimensions caused by subpixel computations - - - - - 76a66acf by Pier Angelo Vendrame at 2024-05-07T10:24:18+02:00 Bug 41369: Improve Firefox language settings for multi-lingual packages Change the language selector to be sorted by language code, rather than name, and to display the language code to the user. Bug 41372: Handle Japanese as a special case in preferences on macOS Japanese is treated in a special way on macOS. However, seeing the Japanese language tag could be confusing for users, and moreover the language name is not localized correctly like other langs. Bug 41378: Tell users that they can change their language at the first start With multi-lingual builds, Tor Browser matches the user's system language, but some users might want to change it. So, we tell them that it is possible, but only once. - - - - - 72303e67 by p13dz at 2024-05-07T10:24:18+02:00 Bug 40283: Workaround for the file upload bug - - - - - 68e3794a by Arthur Edelstein at 2024-05-07T10:24:19+02:00 Bug 18905: Hide unwanted items from help menu Bug 25660: Remove the "New Private Window" option - - - - - 9d4207a8 by cypherpunks1 at 2024-05-07T10:24:19+02:00 Bug 41740: Change the RFP value of devicePixelRatio to 2 - - - - - 18ec0e54 by Pier Angelo Vendrame at 2024-05-07T10:24:19+02:00 Bug 41739: Remove "Website appearance" from about:preferences. It is ignored because of RFP and it is confusing for users. - - - - - 3307f4e7 by cypherpunks1 at 2024-05-07T10:24:20+02:00 Bug 41881: Don't persist custom network requests on private windows - - - - - 144d8f99 by hackademix at 2024-05-07T10:24:20+02:00 Bug 42019: Empty browser's clipboard on browser shutdown - - - - - 6d0dfddc by hackademix at 2024-05-07T10:24:20+02:00 Bug 42084: Ensure English spoofing works even if preferences are set out of order. - - - - - 1712c87d by Pier Angelo Vendrame at 2024-05-07T10:24:21+02:00 Bug 42376: Pass the locale list when constructing l10n in datetimebox The datetime input is inconsistent with other inputs when using spoof English: its placeholder is not translated, unlike the default values and texts of all the other inputs. - - - - - f9225213 by Pier Angelo Vendrame at 2024-05-07T10:24:21+02:00 Bug 42428: Make RFP spoof the timezone of document.lastModified. - - - - - 3e284d8d by Pier Angelo Vendrame at 2024-05-07T10:24:21+02:00 Bug 42472: Spoof timezone in XSLT. - - - - - 4ed66315 by Pier Angelo Vendrame at 2024-05-07T10:24:22+02:00 Bug 41603: Customize the creation of MOZ_SOURCE_URL MOZ_SOURCE_URL is created by combining MOZ_SOURCE_REPO and MOZ_SOURCE_CHANGESET. But the code takes for granted that it refers to a Hg instance, so it combines them as `$MOZ_SOURCE_REPO/rev/$MOZ_SOURCE_CHANGESET`. With this commit, we change this logic to combine them to create a URL that is valid for GitLab. $MOZ_SOURCE_CHANGESET needs to be a commit hash, not a branch or a tag. If that is needed, we could use /-/tree/, instead of /-/commit/. - - - - - 24ca4a57 by Henry Wilkes at 2024-05-07T10:24:22+02:00 Bug 31575: Disable Firefox Home (Activity Stream) Treat about:blank as the default home page and new tab page. Avoid loading AboutNewTab in BrowserGlue.sys.mjs in order to avoid several network requests that we do not need. Bug 41624: Disable about:pocket-* pages. Bug 40144: Redirect about:privatebrowsing to the user's home - - - - - 0ea5590a by Kathy Brade at 2024-05-07T10:24:22+02:00 Bug 4234: Use the Firefox Update Process for Base Browser. Windows: disable "runas" code path in updater (15201). Windows: avoid writing to the registry (16236). Also includes fixes for tickets 13047, 13301, 13356, 13594, 15406, 16014, 16909, 24476, and 25909. Also fix bug 27221: purge the startup cache if the Base Browser version changed (even if the Firefox version and build ID did not change), e.g., after a minor Base Browser update. Also fix 32616: Disable GetSecureOutputDirectoryPath() functionality. Bug 26048: potentially confusing "restart to update" message Within the update doorhanger, remove the misleading message that mentions that windows will be restored after an update is applied, and replace the "Restart and Restore" button label with an existing "Restart to update Tor Browser" string. Bug 28885: notify users that update is downloading Add a "Downloading Base Browser update" item which appears in the hamburger (app) menu while the update service is downloading a MAR file. Before this change, the browser did not indicate to the user that an update was in progress, which is especially confusing in Tor Browser because downloads often take some time. If the user clicks on the new menu item, the about dialog is opened to allow the user to see download progress. As part of this fix, the update service was changed to always show update-related messages in the hamburger menu, even if the update was started in the foreground via the about dialog or via the "Check for Tor Browser Update" toolbar menu item. This change is consistent with the Tor Browser goal of making sure users are informed about the update process. Removed #28885 parts of this patch which have been uplifted to Firefox. - - - - - 1b8661f4 by Pier Angelo Vendrame at 2024-05-07T10:24:23+02:00 Bug 42061: Create an alpha update channel. - - - - - 0362fdbd by Nicolas Vigier at 2024-05-07T10:24:23+02:00 Bug 41682: Add base-browser nightly mar signing key - - - - - 5f50c2f4 by hackademix at 2024-05-07T10:24:23+02:00 Bug 41695: Warn on window maximization without letterboxing in RFPHelper module - - - - - a9abc589 by Pier Angelo Vendrame at 2024-05-07T10:24:24+02:00 Bug 41698: Reword the recommendation badges in about:addons Firefox strings use { -brand-product-name }. As a result, it seems that the fork is recommending extensions, whereas AMO curators are doing that. So, we replace the strings with custom ones that clarify that Mozilla is recommending them. We assign the strings with JS because our translation backend does not support Fluent attributes, yet, but once it does, we should switch to them, instead. Upstream bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1825033 - - - - - 82a13eae by Alex Catarineu at 2024-05-07T10:24:24+02:00 Bug 40069: Add helpers for message passing with extensions - - - - - 458b42c2 by Matthew Finkel at 2024-05-07T10:24:24+02:00 Bug 41598: Prevent NoScript from being removed/disabled. Bug 40253: Explicitly allow NoScript in Private Browsing mode. - - - - - 81a09573 by Henry Wilkes at 2024-05-07T10:24:25+02:00 Bug 41736: Hide NoScript extension's toolbar button by default. This hides it from both the toolbar and the unified extensions panel. We also hide the unified-extension-button if the panel would be empty: not including the NoScript button when it is hidden. As a result, this will be hidden by default until a user installs another extension (or shows the NoScript button and unpins it). - - - - - c313e865 by hackademix at 2024-05-07T10:24:27+02:00 Bug 41834: Hide "Can't Be Removed - learn more" menu line for uninstallable add-ons - - - - - f8f2fd31 by Pier Angelo Vendrame at 2024-05-07T10:24:27+02:00 Bug 40925: Implemented the Security Level component This component adds a new Security Level toolbar button which visually indicates the current global security level via icon (as defined by the extensions.torbutton.security_slider pref), a drop-down hanger with a short description of the current security level, and a new section in the about:preferences#privacy page where users can change their current security level. In addition, the hanger and the preferences page will show a visual warning when the user has modified prefs associated with the security level and provide a one-click 'Restore Defaults' button to get the user back on recommended settings. Bug 40125: Expose Security Level pref in GeckoView - - - - - ea88dda4 by Pier Angelo Vendrame at 2024-05-07T10:24:28+02:00 Bug 40926: Implemented the New Identity feature - - - - - 02e5f2aa by Henry Wilkes at 2024-05-07T10:24:28+02:00 Bug 41736: Customize toolbar for base-browser. - - - - - 02667c83 by Pier Angelo Vendrame at 2024-05-07T10:24:29+02:00 Bug 42027: Base Browser migration procedures. This commit implmenents the the Base Browser's version of _migrateUI. - - - - - 0531e759 by Pier Angelo Vendrame at 2024-05-07T10:27:08+02:00 MB 38: Mullvad Browser configuration - - - - - 74864068 by Pier Angelo Vendrame at 2024-05-07T10:27:08+02:00 MB 1: Mullvad Browser branding See also: mullvad-browser#5: Product name and directory customization mullvad-browser#12: Create new branding directories and integrate Mullvad icons+branding mullvad-browser#14: Remove Default Built-in bookmarks mullvad-browser#35: Add custom PDF icons for Windows builds mullvad-browser#48: Replace Mozilla copyright and legal trademarks in mullvadbrowser.exe metadata mullvad-browser#51: Update trademark string mullvad-browser#104: Update shipped dll metadata copyright/licensing info mullvad-browser#107: Add alpha and nightly icons - - - - - 52c19013 by Pier Angelo Vendrame at 2024-05-07T10:27:09+02:00 MB 20: Allow packaged-addons in PBM. We install a few addons from the distribution directory, but they are not automatically enabled for PBM mode. This commit modifies the code that installs them to also add the PBM permission to the known ones. - - - - - 1263cb1f by Pier Angelo Vendrame at 2024-05-07T10:27:09+02:00 MB 63: Customize some about pages for Mullvad Browser Also: mullvad-browser#57: Purge unneeded about: pages - - - - - 4df32bf4 by Pier Angelo Vendrame at 2024-05-07T10:27:09+02:00 MB 37: Customization for the about dialog - - - - - afdbdf2e by Henry Wilkes at 2024-05-07T10:28:39+02:00 MB 39: Add home page about:mullvad-browser - - - - - 8389f14c by hackademix at 2024-05-07T10:28:41+02:00 MB 97: Remove UI cues to install new extensions. - - - - - 8c50d3f3 by hackademix at 2024-05-07T10:28:41+02:00 MB 47: uBlock Origin customization - - - - - 05accb21 by Pier Angelo Vendrame at 2024-05-07T10:28:41+02:00 MB 21: Disable the password manager This commit disables the about:login page and removes the "Login and Password" section of about:preferences. We do not do anything to the real password manager of Firefox, that is in toolkit: it contains C++ parts that make it difficult to actually prevent it from being built.. Finally, we modify the the function that opens about:login to report an error in the console so that we can quickly get a backtrace to the code that tries to use it. - - - - - feca3ef1 by Pier Angelo Vendrame at 2024-05-07T10:28:42+02:00 MB 87: Disable the default browser box on Windows and Linux Windows and Linux will be distributed only as portable apps at the beginning, so they should not be settable as default browsers. We will need to improve the logic once we decide to ship system-wide installers, too. - - - - - b3ee33ef by Pier Angelo Vendrame at 2024-05-07T10:28:42+02:00 MB 112: Updater customization for Mullvad Browser MB 71: Set the updater base URL to Mullvad domain - - - - - de31dda5 by Nicolas Vigier at 2024-05-07T10:28:43+02:00 MB 79: Add Mullvad Browser MAR signing keys MB 256: Add mullvad-browser nightly mar signing key - - - - - f4b8ffc8 by Pier Angelo Vendrame at 2024-05-07T10:28:43+02:00 MB 34: Hide unsafe and unwanted preferences UI about:preferences allow to override some of our defaults, that could be fingeprintable or have some other unwanted consequences. - - - - - 577d6874 by Pier Angelo Vendrame at 2024-05-07T10:28:43+02:00 MB 160: Disable the cookie exceptions button Besides disabling the "Delete on close checkbox", disable also the "Manage Exceptions" button when always using PBM. - - - - - ab69ee47 by hackademix at 2024-05-07T10:28:44+02:00 MB 163: prevent uBlock Origin from being uninstalled/disabled - - - - - 3300f911 by Richard Pospesel at 2024-05-07T10:28:44+02:00 MB 188: Customize Gitlab Issue and Merge templates - - - - - 9d7e6c67 by rui hildt at 2024-05-07T10:28:44+02:00 MB 213: Customize the search engines list - - - - - 76898b4f by hackademix at 2024-05-07T10:28:45+02:00 MB 214: Enable cross-tab identity leak protection in "quiet" mode - - - - - 30 changed files: - .eslintignore - + .gitlab/issue_templates/Rebase Browser - Alpha.md - + .gitlab/issue_templates/Rebase Browser - Stable.md - + .gitlab/issue_templates/bug.md - + .gitlab/merge_request_templates/default.md - accessible/android/SessionAccessibility.cpp - accessible/android/SessionAccessibility.h - accessible/ipc/DocAccessibleParent.cpp - accessible/ipc/DocAccessibleParent.h - accessible/ipc/moz.build - − browser/actors/RFPHelperChild.sys.mjs - − browser/actors/RFPHelperParent.sys.mjs - browser/actors/moz.build - browser/app/Makefile.in - browser/app/macbuild/Contents/Info.plist.in - browser/app/macbuild/Contents/MacOS-files.in - browser/app/module.ver - browser/app/moz.build - browser/app/firefox.exe.manifest → browser/app/mullvadbrowser.exe.manifest - browser/app/permissions - + browser/app/profile/000-mullvad-browser.js - + browser/app/profile/001-base-profile.js - browser/app/profile/firefox.js - browser/base/content/aboutDialog-appUpdater.js - browser/base/content/aboutDialog.js - browser/base/content/aboutDialog.xhtml - browser/base/content/appmenu-viewcache.inc.xhtml - browser/base/content/browser-addons.js - browser/base/content/browser-context.inc - browser/base/content/browser-menubar.inc The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/3e… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/3e… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.11.0esr-13.5-1] fixup! Bug 32308: Use direct browser sizing for letterboxing.
by richard (＠richard) 07 May '24

07 May '24

richard pushed to branch tor-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 5c861650 by hackademix at 2024-05-07T11:45:07+00:00 fixup! Bug 32308: Use direct browser sizing for letterboxing. Bug 42405: Fix betterboxing + findbar horizontal bounce if the scrollbar is not an overlay. - - - - - 1 changed file: - browser/base/content/browser.css Changes: ===================================== browser/base/content/browser.css ===================================== @@ -137,8 +137,9 @@ body { From Firefox 115 on, .browserContainer layout is flex / column, and without this trick the .browserStack's resize observer doesn't get notified on horizontal shrinking. + See also tor-browser#42405. */ - overflow-x: hidden; + overflow: hidden; background: var(--letterboxing-bgcolor); } View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/5c86165… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/5c86165… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.11.0esr-13.5-1] 250 commits: Bug 1819160 - Map Android ids to doc/accessible id pairs. r=Jamie
by richard (＠richard) 07 May '24

07 May '24

richard pushed to branch tor-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 24d59315 by Eitan Isaacson at 2024-05-06T19:17:14+02:00 Bug 1819160 - Map Android ids to doc/accessible id pairs. r=Jamie Differential Revision: https://phabricator.services.mozilla.com/D179737 - - - - - 14d4144b by Pier Angelo Vendrame at 2024-05-06T19:17:14+02:00 Bug 1832523 - Allow using NSS to sign and verify MAR signatures. r=application-update-reviewers,glandium,bytesized Allow using NSS for checking MAR signatures also in platforms where OS-native APIs are used by default, i.e., macOS and Windows. Differential Revision: https://phabricator.services.mozilla.com/D177743 - - - - - 364259d0 by Pier Angelo Vendrame at 2024-05-06T19:17:14+02:00 Bug 1849129: Prevent exceptions caused by extensions from interrupting the SearchService initialization. r=search-reviewers,Standard8 Differential Revision: https://phabricator.services.mozilla.com/D186456 - - - - - 0e9cd199 by Emilio Cobos Álvarez at 2024-05-06T19:17:14+02:00 Bug 1853731 - Use html:img for message-bar-icon. r=Gijs,dao,settings-reviewers,desktop-theme-reviewers,sfoster Differential Revision: https://phabricator.services.mozilla.com/D188521 - - - - - 8d046102 by Pier Angelo Vendrame at 2024-05-06T19:17:14+02:00 Bug 1854117 - Sort the DLL blocklist flags. r=mossop,win-reviewers,gstoll Differential Revision: https://phabricator.services.mozilla.com/D188716 - - - - - ba11b9cf by Eden Chuang at 2024-05-06T19:17:15+02:00 Bug 1738426 - Ignoring status 206 and vary header checking for opaque response in Cache API. r=asuth Differential Revision: https://phabricator.services.mozilla.com/D186431 - - - - - 1f5271f2 by edgul at 2024-05-06T19:17:15+02:00 Bug 1802057 - Block the following characters from use in the cookie name in the cookie string: 0x3B (semi-colon), 0x3D (equals), and 0x7F (del) r=dveditz,cookie-reviewers Differential Revision: https://phabricator.services.mozilla.com/D182373 - - - - - db9afe8b by Kelsey Gilbert at 2024-05-06T19:17:15+02:00 Bug 1819497 - Don't race on static bool for initialization. r=gfx-reviewers,aosmond We could do non-racy static init here (e.g. with a static initializer self-calling-closure), but there doesn't seem to be a strong reason for this. Let's just use a switch and get robustness from -Werror=switch. Differential Revision: https://phabricator.services.mozilla.com/D188054 - - - - - 222b4585 by Mark Banner at 2024-05-06T19:17:15+02:00 Bug 1845752. r=ckerschb Differential Revision: https://phabricator.services.mozilla.com/D186676 - - - - - c96c6b21 by Pier Angelo Vendrame at 2024-05-06T19:17:16+02:00 Bug 1849186 - Add a preference not to expose the content title in the window title. r=Gijs,tabbrowser-reviewers,dao Differential Revision: https://phabricator.services.mozilla.com/D190496 - - - - - 80c22ab6 by Bob Owen at 2024-05-06T19:17:16+02:00 Bug 1850072: Initialize RecordedDrawTargetCreation::mHasExistingData. r=jrmuizel This also specializes ElementStreamFormat for bool. Differential Revision: https://phabricator.services.mozilla.com/D187794 - - - - - 3b1c9885 by Malte Juergens at 2024-05-06T19:17:16+02:00 Bug 1850200 - Add delay to HTTPS-Only "Continue to HTTPS Site" button r=freddyb Differential Revision: https://phabricator.services.mozilla.com/D187887 - - - - - d8e484c6 by Andreas Pehrson at 2024-05-06T19:17:16+02:00 Bug 1851803 - Introduce SourceMediaTrack::mDirectDisabledMode. r=karlt Similar to MediaTrack::mDisabledMode, but this is for uses on the SourceMediaTrack producer thread. It is still signaled via a control message from the control thread to maintain order of operations, and is protected by the SourceMediaTrack mutex. Differential Revision: https://phabricator.services.mozilla.com/D187554 - - - - - 74384bad by Pier Angelo Vendrame at 2024-05-06T19:17:16+02:00 Bug 1860020 - Remove the assertion on the value of toolkit.telemetry.enabled. r=KrisWright,chutten Bug 1444275 introduced an assertion on the parent process to check that the value of toolkit.telemetry.enabled is the expected one. However, this expected value could be different from the one set and locked e.g. in some forks. Therefore, the assertion prevented debug builds from working in these cases. Differential Revision: https://phabricator.services.mozilla.com/D195080 - - - - - f9f2ddb9 by Kagami Sascha Rosylight at 2024-05-06T19:17:17+02:00 Bug 1865238 - Use One UI Sans KR VF for Korean sans-serif font on Android r=jfkthame Per /etc/fonts.xml, there are now only two `<family lang="ko">` nodes there: * OneUISansKRVF series * SECCJK series (but no KR postfix anymore?) This patch uses One UI Sans KR VF as the replacement as this is newer and is a variable font (tested with https://codepen.io/SaschaNaz/pen/ExrdYXJ) Differential Revision: https://phabricator.services.mozilla.com/D195078 - - - - - 2adf53c9 by Tom Ritter at 2024-05-06T19:17:17+02:00 Bug 1873526: Refactor the restriction override list from a big if statement to a list r=KrisWright Differential Revision: https://phabricator.services.mozilla.com/D198081 - - - - - 3a806225 by Pier Angelo Vendrame at 2024-05-06T19:17:17+02:00 Bug 1875306 - Localize numbers in the underflow and overflow error messages. r=emilio Differential Revision: https://phabricator.services.mozilla.com/D198965 - - - - - 295b677d by Pier Angelo Vendrame at 2024-05-06T19:17:17+02:00 Bug 1875313 - Use en-US as a fallback when spoof English is enabled in ICUUtils. r=timhuang,tjr Differential Revision: https://phabricator.services.mozilla.com/D198967 - - - - - 7c73b13f by Pier Angelo Vendrame at 2024-05-06T19:17:17+02:00 Bug 1880988 - Apply spoof English to the default detail summary. r=emilio Differential Revision: https://phabricator.services.mozilla.com/D202203 - - - - - 7e25ac51 by Tom Ritter at 2024-05-06T19:17:18+02:00 Bug 1885258: Hidden fonts should obey the allow list r=jfkthame Differential Revision: https://phabricator.services.mozilla.com/D204571 - - - - - 101bdd89 by Henry Wilkes at 2024-05-06T19:17:18+02:00 Bug 41454: Move focus after calling openPreferences for a sub-category. Temporary fix until mozilla bug 1799153 gets a patch upstream. - - - - - bd66f5b2 by hackademix at 2024-05-06T19:17:18+02:00 Bug 42194: Fix blank net error page on failed DNS resolution with active proxy. - - - - - 5682c66a by Henry Wilkes at 2024-05-06T19:17:18+02:00 Bug 41483: Remove the firefox override for appstrings.properties Remove this patch after upstream bugzilla bug 1790187 - - - - - df3f350e by Pier Angelo Vendrame at 2024-05-06T19:17:19+02:00 Bug 41116: Normalize system fonts. System fonts are an enormous fingerprinting vector. Even with font allow lists and with our custom configuration on Linux, which counter metrics measurements, getComputedStyle leaks several details. This patch counters both these kinds of attacks. - - - - - 2c1a8f52 by Pier Angelo Vendrame at 2024-05-06T19:17:19+02:00 fixup! Bug 41116: Normalize system fonts. Bug 42529: Fix the breakage of this patch on Android. Also, improve the patch hoping I can finally uplift it. - - - - - dd754ead by Marco Simonelli at 2024-05-06T19:17:19+02:00 Bug 41459: WebRTC fails to build under mingw (Part 1) - properly define NOMINMAX for just MSVC builds - - - - - d6aa1817 by Marco Simonelli at 2024-05-06T19:17:19+02:00 Bug 41459: WebRTC fails to build under mingw (Part 2) - fixes required to build third_party/libwebrtc - - - - - bf40638a by Marco Simonelli at 2024-05-06T19:17:19+02:00 Bug 41459: WebRTC fails to build under mingw (Part 3) - fixes required to build third_party/sipcc - - - - - 7828fc2b by Marco Simonelli at 2024-05-06T19:17:20+02:00 Bug 41459: WebRTC fails to build under mingw (Part 4) - fixes requried to build netwerk/sctp - - - - - ae7fe81a by Marco Simonelli at 2024-05-06T19:17:20+02:00 Bug 41459: WebRTC fails to build under mingw (Part 5) - fixes required to build dom/media/webrtc - - - - - 0c4a8026 by Marco Simonelli at 2024-05-06T19:17:20+02:00 Bug 41459: WebRTC fails to build under mingw (Part 6) - fixes required to build dom/media/systemservices - - - - - 83336896 by hackademix at 2024-05-06T19:17:20+02:00 Bug 41854: Allow overriding download spam protection. - - - - - 8b111d92 by Gaba at 2024-05-06T19:17:20+02:00 Adding issue and merge request templates - - - - - 675c814a by Pier Angelo Vendrame at 2024-05-06T19:17:21+02:00 Base Browser's .mozconfigs. Bug 17858: Cannot create incremental MARs for hardened builds. Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff (which is part of mar-tools and is not distributed to end-users) with ASan. Bug 21849: Don't allow SSL key logging. Bug 25741 - TBA: Disable features at compile-time Define MOZ_ANDROID_NETWORK_STATE and MOZ_ANDROID_LOCATION Bug 27623 - Export MOZILLA_OFFICIAL during desktop builds This fixes a problem where some preferences had the wrong default value. Also see bug 27472 where we made a similar fix for Android. Bug 29859: Disable HLS support for now Bug 30463: Explicitly disable MOZ_TELEMETRY_REPORTING Bug 32493: Disable MOZ_SERVICES_HEALTHREPORT Bug 33734: Set MOZ_NORMANDY to False Bug 33851: Omit Parental Controls. Bug 40252: Add --enable-rust-simd to our tor-browser mozconfig files Bug 41584: Move some configuration options to base-browser level - - - - - 0073ee59 by Pier Angelo Vendrame at 2024-05-06T19:17:21+02:00 Tweaks to the build system Bug 40857: Modified the fat .aar creation file This is a workaround to build fat .aars with the compiling enviornment disabled. Mozilla does not use a similar configuration, but either runs a Firefox build and discards its output, or uses artifacts build. We might switch to artifact builds too, and drop this patch, or write a better one to upstream. But until then we need this patch. See also https://bugzilla.mozilla.org/show_bug.cgi?id=1763770. Bug 41458: Prevent `mach package-multi-locale` from actually creating a package macOS builds need some files to be moved around with ./mach package-multi-locale to create multi-locale packages. The required command isn't exposed through any other mach command. So, we patch package-multi-locale both to prevent it from failing when doing official builds and to detect any future changes on it. - - - - - 627a96c7 by Pier Angelo Vendrame at 2024-05-06T19:17:21+02:00 Bug 41108: Remove privileged macOS installation from 102 - - - - - a358d88b by Dan Ballard at 2024-05-06T19:17:21+02:00 Bug 41149: Re-enable DLL injection protection in all builds not just nightlies - - - - - 5f490168 by Matthew Finkel at 2024-05-06T19:17:22+02:00 Bug 24796: Comment out excess permissions from GeckoView The GeckoView AndroidManifest.xml is not preprocessed unlike Fennec's manifest, so we can't use the ifdef preprocessor guards around the permissions we do not want. Commenting the permissions is the next-best-thing. - - - - - 05e47204 by Matthew Finkel at 2024-05-06T19:17:22+02:00 Bug 28125: Prevent non-Necko network connections - - - - - 43395966 by Mike Perry at 2024-05-06T19:17:22+02:00 Bug 12974: Disable NTLM and Negotiate HTTP Auth The Mozilla bugs: https://bugzilla.mozilla.org/show_bug.cgi?id=1046421, https://bugzilla.mozilla.org/show_bug.cgi?id=1261591, tor-browser#27602 - - - - - 90383d3d by Alex Catarineu at 2024-05-06T19:17:22+02:00 Bug 40166: Disable security.certerrors.mitm.auto_enable_enterprise_roots Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1768899 - - - - - b25fb8a6 by Georg Koppen at 2024-05-06T19:17:22+02:00 Bug 16285: Exclude ClearKey system for now In the past the ClearKey system had not been compiled when specifying --disable-eme. But that changed and it is even bundled nowadays (see: Mozilla's bug 1300654). We don't want to ship it right now as the use case for it is not really visible while the code had security vulnerabilities in the past. - - - - - ec7c48b4 by Kathy Brade at 2024-05-06T19:17:23+02:00 Bug 21431: Clean-up system extensions shipped in Firefox Only ship the pdfjs extension. - - - - - a0b61292 by Kathy Brade at 2024-05-06T19:17:23+02:00 Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc. Hide elements on about:logins that mention sync, "Firefox LockWise", and Mozilla's LockWise mobile apps. Disable the "Create New Login" button when security.nocertdb is true. - - - - - 5d7765f9 by Alex Catarineu at 2024-05-06T19:17:23+02:00 Bug 41457: Remove Mozilla permissions Bug 40025: Remove Mozilla add-on install permissions - - - - - 69943e4e by Kathy Brade at 2024-05-06T19:17:23+02:00 Bug 40002: Remove about:ion Firefox Ion (previously Firefox Pioneer) is an opt-in program in which people volunteer to participate in studies that collect detailed, sensitive data about how they use their browser. Bug 41662: Disable about:sync-logs Even though we disable sync by default with `identity.fxaccounts.enabled`, this about: page is still avilable. We could throw an exception on the constructor of the related component, but it would result only in an error in the console, without a visible "this address does not look right" error page. If we fix the issues with MOZ_SERVICES_SYNC, we can restore the component. - - - - - dd3891f7 by Arthur Edelstein at 2024-05-06T19:17:23+02:00 Bug 26353: Prevent speculative connect that violated FPI. Connections were observed in the catch-all circuit when the user entered an https or http URL in the URL bar, or typed a search term. - - - - - a923ebc8 by Alex Catarineu at 2024-05-06T19:17:24+02:00 Bug 31740: Remove some unnecessary RemoteSettings instances More concretely, SearchService.jsm 'hijack-blocklists' and url-classifier-skip-urls. Avoid creating instance for 'anti-tracking-url-decoration'. If prefs are disabling their usage, avoid creating instances for 'cert-revocations' and 'intermediates'. Do not ship JSON dumps for collections we do not expect to need. For the ones in the 'main' bucket, this prevents them from being synced unnecessarily (the code in remote-settings does so for collections in the main bucket for which a dump or local data exists). For the collections in the other buckets, we just save some size by not shipping their dumps. We also clear the collections database on the v2 -> v3 migration. - - - - - 8785339c by cypherpunks1 at 2024-05-06T19:17:24+02:00 Bug 41092: Add a RemoteSettings JSON dump for query-stripping - - - - - 7ba23f31 by Pier Angelo Vendrame at 2024-05-06T19:17:24+02:00 Bug 41635: Disable the Normandy component Do not include Normandy at all whenever MOZ_NORMANDY is False. - - - - - 3e47257c by Georg Koppen at 2024-05-06T19:17:24+02:00 Bug 30541: Disable WebGL readPixel() for web content Related Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1428034 - - - - - 1f8cb9c0 by Alex Catarineu at 2024-05-06T19:17:25+02:00 Bug 28369: Stop shipping pingsender executable - - - - - a5a31db5 by cypherpunks1 at 2024-05-06T19:17:25+02:00 Bug 41568: Disable LaterRun - - - - - abfd56a0 by cypherpunks1 at 2024-05-06T19:17:25+02:00 Bug 40717: Hide Windows SSO in settings - - - - - 077311e6 by Pier Angelo Vendrame at 2024-05-06T19:17:25+02:00 Bug 41599: Always return an empty string as network ID Firefox computes an internal network ID used to detect network changes and act consequently (e.g., to improve WebSocket UX). However, there are a few ways to get this internal network ID, so we patch them out, to be sure any new code will not be able to use them and possibly link users. We also sent a patch to Mozilla to seed the internal network ID, to prevent any accidental leak in the future. Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1817756 - - - - - 2718a926 by cypherpunks1 at 2024-05-06T19:17:25+02:00 Bug 40175: Add origin attributes to about:reader top-level requests - - - - - 50700227 by Richard Pospesel at 2024-05-06T19:17:26+02:00 Bug 41327: Disable UrlbarProviderInterventions - - - - - 64c3e7c2 by Richard Pospesel at 2024-05-06T19:17:26+02:00 Bug 42037: Disable about:firefoxview page - - - - - 70b9eac7 by Mike Perry at 2024-05-06T19:17:26+02:00 Firefox preference overrides. This hack directly includes our preference changes in omni.ja. Bug 18292: Staged updates fail on Windows Temporarily disable staged updates on Windows. Bug 18297: Use separate Noto JP,KR,SC,TC fonts Bug 23404: Add Noto Sans Buginese to the macOS whitelist Bug 23745: Set dom.indexedDB.enabled = true Bug 13575: Disable randomised Firefox HTTP cache decay user tests. (Fernando Fernandez Mancera <ffmancera(a)riseup.net>) Bug 17252: Enable session identifiers with FPI Session tickets and session identifiers were isolated by OriginAttributes, so we can re-enable them by allowing the default value (true) of "security.ssl.disable_session_identifiers". The pref "security.enable_tls_session_tickets" is obsolete (removed in https://bugzilla.mozilla.org/917049) Bug 14952: Enable http/2 and AltSvc In Firefox, SPDY/HTTP2 now uses Origin Attributes for isolation of connections, push streams, origin frames, etc. That means we get first-party isolation provided "privacy.firstparty.isolate" is true. So in this patch, we stop overriding "network.http.spdy.enabled" and "network.http.spdy.enabled.http2". Alternate Services also use Origin Attributes for isolation. So we stop overriding "network.http.altsvc.enabled" and "network.http.altsvc.oe" as well. (All 4 of the abovementioned "network.http.*" prefs adopt Firefox 60ESR's default value of true.) However, we want to disable HTTP/2 push for now, so we set "network.http.spdy.allow-push" to false. "network.http.spdy.enabled.http2draft" was removed in Bug 1132357. "network.http.sped.enabled.v2" was removed in Bug 912550. "network.http.sped.enabled.v3" was removed in Bug 1097944. "network.http.sped.enabled.v3-1" was removed in Bug 1248197. Bug 26114: addons.mozilla.org is not special * Don't expose navigator.mozAddonManager on any site * Don't block NoScript from modifying addons.mozilla.org or other sites Enable ReaderView mode again (#27281). Bug 29916: Make sure enterprise policies are disabled Bug 2874: Block Components.interfaces from content Bug 26146: Spoof HTTP User-Agent header for desktop platforms In Tor Browser 8.0, the OS was revealed in both the HTTP User-Agent header and to JavaScript code via navigator.userAgent. To avoid leaking the OS inside each HTTP request (which many web servers log), always use the Windows 7 OS value in the desktop User-Agent header. We continue to allow access to the actual OS via JavaScript, since doing so improves compatibility with web applications such as GitHub and Google Docs. Bug 12885: Windows Jump Lists fail for Tor Browser Jumplist entries are stored in a binary file in: %APPDATA%\\Microsoft\Windows\Recent\CustomDestinations\ and has a name in the form [a-f0-9]+.customDestinations-ms The hex at the front is unique per app, and is ultimately derived from something called the 'App User Model ID' (AUMID) via some unknown hashing method. The AUMID is provided as a key when programmatically creating, updating, and deleting a jumplist. The default behaviour in firefox is for the installer to define an AUMID for an app, and save it in the registry so that the jumplist data can be removed by the uninstaller. However, the Tor Browser does not set this (or any other) regkey during installation, so this codepath fails and the app's AUMID is left undefined. As a result the app's AUMID ends up being defined by windows, but unknowable by Tor Browser. This unknown AUMID is used to create and modify the jumplist, but the delete API requires that we provide the app's AUMID explicitly. Since we don't know what the AUMID is (since the expected regkey where it is normally stored does not exist) jumplist deletion will fail and we will leave behind a mostly empty customDestinations-ms file. The name of the file is derived from the binary path, so an enterprising person could reverse engineer how that hex name is calculated, and generate the name for Tor Browser's default Desktop installation path to determine whether a person had used Tor Browser in the past. The 'taskbar.grouping.useprofile' option that is enabled by this patch works around this AUMID problem by having firefox.exe create it's own AUMID based on the profile path (rather than looking for a regkey). This way, if a user goes in and enables and disables jumplist entries, the backing store is properly deleted. Unfortunately, all windows users currently have this file lurking in the above mentioned directory and this patch will not remove it since it was created with an unknown AUMID. However, another patch could be written which goes to that directory and deletes any item containing the 'Tor Browser' string. See bug 28996. Bug 30845: Make sure default themes and other internal extensions are enabled Bug 28896: Enable extensions in private browsing by default Bug 31065: Explicitly allow proxying localhost Bug 31598: Enable letterboxing Disable Presentation API everywhere Bug 21549 - Use Firefox's WASM default pref. It is disabled at safer security levels. Bug 32321: Disable Mozilla's MitM pings Bug 19890: Disable installation of system addons By setting the URL to "" we make sure that already installed system addons get deleted as well. Bug 22548: Firefox downgrades VP9 videos to VP8. On systems where H.264 is not available or no HWA, VP9 is preferred. But in Tor Browser 7.0 all youtube videos are degraded to VP8. This behaviour can be turned off by setting media.benchmark.vp9.threshold to 0. All clients will get better experience and lower traffic, beause TBB doesn't use "Use hardware acceleration when available". Bug 25741 - TBA: Add mobile-override of 000-tor-browser prefs Bug 16441: Suppress "Reset Tor Browser" prompt. Bug 29120: Use the in-memory media cache and increase its maximum size. Bug 33697: use old search config based on list.json Bug 33855: Ensure that site-specific browser mode is disabled. Bug 30682: Disable Intermediate CA Preloading. Bug 40061: Omit the Windows default browser agent from the build Bug 40322: Consider disabling network.connectivity-service.enabled Bug 40408: Disallow SVG Context Paint in all web content Bug 40308: Disable network partitioning until we evaluate dFPI Bug 40322: Consider disabling network.connectivity-service.enabled Bug 40383: Disable dom.enable_event_timing Bug 40423: Disable http/3 Bug 40177: Update prefs for Fx91esr Bug 40700: Disable addons and features recommendations Bug 40682: Disable network.proxy.allow_bypass Bug 40736: Disable third-party cookies in PBM Bug 19850: Enabled HTTPS-Only by default Bug 40912: Hide the screenshot menu Bug 41292: Disable moreFromMozilla in preferences page Bug 40057: Ensure the CSS4 system colors are not a fingerprinting vector Bug 24686: Set network.http.tailing.enabled to true Bug 40183: Disable TLS ciphersuites using SHA-1 Bug 40783: Review 000-tor-browser.js and 001-base-profile.js for 102 We reviewed all the preferences we set for 102, and remove a few old ones. See the description of that issue to see all the preferences we believed were still valid for 102, and some brief description for the reasons to keep them. - - - - - 36961f59 by Pier Angelo Vendrame at 2024-05-06T19:17:26+02:00 fixup! Firefox preference overrides. Bug 42315: Drop dom.enable_event_timing. It is already protected by RFP. - - - - - b8c066f5 by Pier Angelo Vendrame at 2024-05-06T19:17:26+02:00 Bug 41043: Hardcode the UI font on Linux The mechanism to choose the UI font does not play well with our fontconfig configuration. As a result, the final criterion to choose the font for the UI was its version. Since we hardcode Arimo as a default sans-serif on preferences, we use it also for the UI. FontConfig will fall back to some other font for scripts Arimo does not cover as expected (we tested with Japanese). - - - - - 51a17779 by Pier Angelo Vendrame at 2024-05-06T19:17:27+02:00 Bug 41901: Hardcode normalized FontSubstitutes. Windows has a system to set font aliases through the registry. This allows some customization that could be used as a fingerprinting vector. Moreover, this mechanism is used by Windows itself, and different SKUs might have different default FontSubstitutes. - - - - - 17e5614a by Alex Catarineu at 2024-05-06T19:17:27+02:00 Bug 30605: Honor privacy.spoof_english in Android This checks `privacy.spoof_english` whenever `setLocales` is called from Fenix side and sets `intl.accept_languages` accordingly. Bug 40198: Expose privacy.spoof_english pref in GeckoView - - - - - ff97b6fb by Alex Catarineu at 2024-05-06T19:17:27+02:00 Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView - - - - - 496e767e by Alex Catarineu at 2024-05-06T19:17:27+02:00 Bug 40171: Make WebRequest and GeckoWebExecutor First-Party aware - - - - - 4865faf0 by Alex Catarineu at 2024-05-06T19:17:27+02:00 Bug 26345: Hide tracking protection UI - - - - - c0196c55 by Pier Angelo Vendrame at 2024-05-06T19:17:28+02:00 Bug 9173: Change the default Firefox profile directory to be relative. This commit makes Firefox look for the default profile directory in a directory relative to the binary path. The directory can be specified through the --with-relative-data-dir. This is relative to the same directory as the firefox main binary for Linux and Windows. On macOS, we remove Contents/MacOS from it. Or, in other words, the directory is relative to the application bundle. This behavior can be overriden at runtime, by placing a file called system-install adjacent to the firefox main binary (also on macOS). - - - - - 79767805 by Pier Angelo Vendrame at 2024-05-06T19:17:28+02:00 fixup! Bug 9173: Change the default Firefox profile directory to be relative. Bug 42519: Disable portable mode also if is-packaged-app is present. That is the file Firefox uses for .deb packages. - - - - - 05306334 by Pier Angelo Vendrame at 2024-05-06T19:17:28+02:00 fixup! Bug 9173: Change the default Firefox profile directory to be relative. Bug 42536: Fix !985 on macOS. - - - - - 26fc1a91 by Alex Catarineu at 2024-05-06T19:17:28+02:00 Bug 27604: Fix addon issues when moving the profile directory Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1429838 - - - - - 67e7a1ce by Mike Perry at 2024-05-06T19:17:29+02:00 Bug 13028: Prevent potential proxy bypass cases. It looks like these cases should only be invoked in the NSS command line tools, and not the browser, but I decided to patch them anyway because there literally is a maze of network function pointers being passed around, and it's very hard to tell if some random code might not pass in the proper proxied versions of the networking code here by accident. Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1433509 - - - - - 7e01e403 by Pier Angelo Vendrame at 2024-05-07T10:10:47+02:00 Bug 40309: Avoid using regional OS locales Avoid regional OS locales if the pref `intl.regional_prefs.use_os_locales` is false but RFP is enabled. - - - - - 66c42a70 by Matthew Finkel at 2024-05-07T10:10:48+02:00 Bug 40432: Prevent probing installed applications Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1711084 - - - - - dc7800f1 by cypherpunks1 at 2024-05-07T10:10:48+02:00 Bug 33955: When copying an image only copy the image contents to the clipboard - - - - - b8a79a9e by cypherpunks1 at 2024-05-07T10:10:48+02:00 Bug 41791: Omit the source URL when copying page contents to the clipboard - - - - - e457b7be by hackademix at 2024-05-07T10:10:48+02:00 Bug 42288: Allow language spoofing in status messages. - - - - - 756c4eef by Richard Pospesel at 2024-05-07T10:10:48+02:00 Bug 41659: Add canonical color definitions to base-browser - - - - - 2c46198a by Pier Angelo Vendrame at 2024-05-07T10:10:49+02:00 Base Browser strings This commit adds all the strings needed by following Base Browser patches. - - - - - d082c8d6 by hackademix at 2024-05-07T10:10:49+02:00 fixup! Base Browser strings MB 288: Standardize capitalization in Letterboxing preferences - - - - - ec6d4102 by Henry Wilkes at 2024-05-07T10:10:49+02:00 fixup! Base Browser strings Bug 42537: Move base-browser.ftl to toolkit. - - - - - c632ffc3 by Pier Angelo Vendrame at 2024-05-07T10:10:49+02:00 Bug 41369: Improve Firefox language settings for multi-lingual packages Change the language selector to be sorted by language code, rather than name, and to display the language code to the user. Bug 41372: Handle Japanese as a special case in preferences on macOS Japanese is treated in a special way on macOS. However, seeing the Japanese language tag could be confusing for users, and moreover the language name is not localized correctly like other langs. Bug 41378: Tell users that they can change their language at the first start With multi-lingual builds, Tor Browser matches the user's system language, but some users might want to change it. So, we tell them that it is possible, but only once. - - - - - bba294a4 by Henry Wilkes at 2024-05-07T10:10:49+02:00 Bug 41966: Allow removing locales from the locale alternatives list. - - - - - 6f89852c by p13dz at 2024-05-07T10:10:50+02:00 Bug 40283: Workaround for the file upload bug - - - - - b6084098 by Arthur Edelstein at 2024-05-07T10:10:50+02:00 Bug 18905: Hide unwanted items from help menu Bug 25660: Remove the "New Private Window" option - - - - - 94c39de6 by cypherpunks1 at 2024-05-07T10:10:50+02:00 Bug 41740: Change the RFP value of devicePixelRatio to 2 - - - - - a66667cf by Pier Angelo Vendrame at 2024-05-07T10:10:50+02:00 Bug 41739: Remove "Website appearance" from about:preferences. It is ignored because of RFP and it is confusing for users. - - - - - 6450a4e6 by cypherpunks1 at 2024-05-07T10:10:50+02:00 Bug 41881: Don't persist custom network requests on private windows - - - - - 27371abc by hackademix at 2024-05-07T10:10:51+02:00 Bug 42019: Empty browser's clipboard on browser shutdown - - - - - 8db75841 by hackademix at 2024-05-07T10:10:51+02:00 Bug 42084: Ensure English spoofing works even if preferences are set out of order. - - - - - 9a859355 by Pier Angelo Vendrame at 2024-05-07T10:10:51+02:00 Bug 42376: Pass the locale list when constructing l10n in datetimebox The datetime input is inconsistent with other inputs when using spoof English: its placeholder is not translated, unlike the default values and texts of all the other inputs. - - - - - 6d9095b1 by hackademix at 2024-05-07T10:10:51+02:00 Bug 42397: Change RFP-spoofed TZ to Atlantic/Reykjavik. - - - - - cbb1bc71 by Pier Angelo Vendrame at 2024-05-07T10:10:52+02:00 Bug 42428: Make RFP spoof the timezone of document.lastModified. - - - - - 1bc19a40 by Pier Angelo Vendrame at 2024-05-07T10:10:52+02:00 Bug 42472: Spoof timezone in XSLT. - - - - - 739023d4 by hackademix at 2024-05-07T10:10:52+02:00 Bug 41434: Letterboxing, preemptively apply margins in a global CSS rule to mitigate race conditions on newly created windows and tabs. - - - - - 6dc41436 by hackademix at 2024-05-07T10:10:52+02:00 Bug 41434: Letterboxing, improve logging. - - - - - 6e9033c1 by hackademix at 2024-05-07T10:10:52+02:00 Bug 31064: Letterboxing, exempt browser extensions. - - - - - 54428ba4 by hackademix at 2024-05-07T10:10:53+02:00 Bug 32411: Letterboxing, exempt view-source: URIs. - - - - - 1ee14db7 by hackademix at 2024-05-07T10:10:53+02:00 Bug 32308: Use direct browser sizing for letterboxing. Bug 30556: align letterboxing with 200x100 new win width stepping - - - - - a22dea6e by hackademix at 2024-05-07T10:10:53+02:00 Bug 41631: Prevent weird initial window dimensions caused by subpixel computations - - - - - ef367ce6 by hackademix at 2024-05-07T10:10:53+02:00 fixup! Bug 41631: Prevent weird initial window dimensions caused by subpixel computations Bug 42520: Correctly record new initial window size after auto-shrinking - - - - - 7f71a6e8 by hackademix at 2024-05-07T10:10:53+02:00 Bug 41918: Option to reuse last window size when letterboxing is enabled. - - - - - b2081b52 by hackademix at 2024-05-07T10:10:54+02:00 fixup! Bug 41918: Option to reuse last window size when letterboxing is enabled. Bug 42500: Fix restored window size after startup maximization - - - - - a394e1f5 by hackademix at 2024-05-07T10:10:54+02:00 Bug 41916: Letterboxing preferences UI - - - - - c3baeaa2 by hackademix at 2024-05-07T10:10:54+02:00 Bug 41695: Warn on window maximization without letterboxing in RFPHelper module - - - - - 069adb0b by hackademix at 2024-05-07T10:10:54+02:00 Bug 42443: Shrink window to match letterboxing size when the emtpy area is clicked. - - - - - 5f7b4e1f by Henry Wilkes at 2024-05-07T10:10:55+02:00 Bug 42528: Don't leak system scrollbar size on windows. - - - - - f527559f by Henry Wilkes at 2024-05-07T10:10:55+02:00 Bug 31575: Disable Firefox Home (Activity Stream) Treat about:blank as the default home page and new tab page. Avoid loading AboutNewTab in BrowserGlue.sys.mjs in order to avoid several network requests that we do not need. Bug 41624: Disable about:pocket-* pages. Bug 40144: Redirect about:privatebrowsing to the user's home - - - - - 0ce7b580 by Kathy Brade at 2024-05-07T10:10:55+02:00 Bug 4234: Use the Firefox Update Process for Base Browser. Windows: disable "runas" code path in updater (15201). Windows: avoid writing to the registry (16236). Also includes fixes for tickets 13047, 13301, 13356, 13594, 15406, 16014, 16909, 24476, and 25909. Also fix bug 27221: purge the startup cache if the Base Browser version changed (even if the Firefox version and build ID did not change), e.g., after a minor Base Browser update. Also fix 32616: Disable GetSecureOutputDirectoryPath() functionality. Bug 26048: potentially confusing "restart to update" message Within the update doorhanger, remove the misleading message that mentions that windows will be restored after an update is applied, and replace the "Restart and Restore" button label with an existing "Restart to update Tor Browser" string. Bug 28885: notify users that update is downloading Add a "Downloading Base Browser update" item which appears in the hamburger (app) menu while the update service is downloading a MAR file. Before this change, the browser did not indicate to the user that an update was in progress, which is especially confusing in Tor Browser because downloads often take some time. If the user clicks on the new menu item, the about dialog is opened to allow the user to see download progress. As part of this fix, the update service was changed to always show update-related messages in the hamburger menu, even if the update was started in the foreground via the about dialog or via the "Check for Tor Browser Update" toolbar menu item. This change is consistent with the Tor Browser goal of making sure users are informed about the update process. Removed #28885 parts of this patch which have been uplifted to Firefox. - - - - - e90729f6 by Henry Wilkes at 2024-05-07T10:10:55+02:00 fixup! Bug 4234: Use the Firefox Update Process for Base Browser. Bug 42537: Move base-browser.ftl to toolkit. - - - - - 57dcd27c by Pier Angelo Vendrame at 2024-05-07T10:10:55+02:00 Bug 42061: Create an alpha update channel. - - - - - f172b0d2 by Nicolas Vigier at 2024-05-07T10:10:56+02:00 Bug 41682: Add base-browser nightly mar signing key - - - - - 48051f5d by Pier Angelo Vendrame at 2024-05-07T10:10:56+02:00 Bug 41603: Customize the creation of MOZ_SOURCE_URL MOZ_SOURCE_URL is created by combining MOZ_SOURCE_REPO and MOZ_SOURCE_CHANGESET. But the code takes for granted that it refers to a Hg instance, so it combines them as `$MOZ_SOURCE_REPO/rev/$MOZ_SOURCE_CHANGESET`. With this commit, we change this logic to combine them to create a URL that is valid for GitLab. $MOZ_SOURCE_CHANGESET needs to be a commit hash, not a branch or a tag. If that is needed, we could use /-/tree/, instead of /-/commit/. - - - - - 5c1b9911 by Pier Angelo Vendrame at 2024-05-07T10:10:56+02:00 Bug 41698: Reword the recommendation badges in about:addons Firefox strings use { -brand-product-name }. As a result, it seems that the fork is recommending extensions, whereas AMO curators are doing that. So, we replace the strings with custom ones that clarify that Mozilla is recommending them. We assign the strings with JS because our translation backend does not support Fluent attributes, yet, but once it does, we should switch to them, instead. Upstream bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1825033 - - - - - 4cb7c4e1 by Henry Wilkes at 2024-05-07T10:10:56+02:00 fixup! Bug 41698: Reword the recommendation badges in about:addons Bug 42537: Move base-browser.ftl to toolkit. - - - - - 4eac5d49 by Pier Angelo Vendrame at 2024-05-07T10:10:56+02:00 Bug 42438: Tweaks to the migration wizard. Remove the items not compatible with our features (such as history) from the migration wizard. On Linux, allow to specify an alternative home directory, since we usually change $HOME in our startup script. - - - - - bdf37b16 by Alex Catarineu at 2024-05-07T10:10:57+02:00 Bug 40069: Add helpers for message passing with extensions - - - - - b4d96f04 by Matthew Finkel at 2024-05-07T10:10:57+02:00 Bug 41598: Prevent NoScript from being removed/disabled. Bug 40253: Explicitly allow NoScript in Private Browsing mode. - - - - - 60c08d8f by Henry Wilkes at 2024-05-07T10:10:57+02:00 Bug 41736: Hide NoScript extension's toolbar button by default. This hides it from both the toolbar and the unified extensions panel. We also hide the unified-extension-button if the panel would be empty: not including the NoScript button when it is hidden. As a result, this will be hidden by default until a user installs another extension (or shows the NoScript button and unpins it). - - - - - cd5ab951 by hackademix at 2024-05-07T10:10:57+02:00 Bug 41834: Hide "Can't Be Removed - learn more" menu line for uninstallable add-ons - - - - - 1db0dcdf by Pier Angelo Vendrame at 2024-05-07T10:10:57+02:00 Bug 40925: Implemented the Security Level component This component adds a new Security Level toolbar button which visually indicates the current global security level via icon (as defined by the extensions.torbutton.security_slider pref), a drop-down hanger with a short description of the current security level, and a new section in the about:preferences#privacy page where users can change their current security level. In addition, the hanger and the preferences page will show a visual warning when the user has modified prefs associated with the security level and provide a one-click 'Restore Defaults' button to get the user back on recommended settings. Bug 40125: Expose Security Level pref in GeckoView - - - - - 3c667bf9 by Pier Angelo Vendrame at 2024-05-07T10:10:58+02:00 Bug 40926: Implemented the New Identity feature - - - - - e4223979 by hackademix at 2024-05-07T10:10:58+02:00 fixup! Bug 40926: Implemented the New Identity feature Bug 42532: Use the HomePage module for new identity checks. - - - - - 396abb8c by Henry Wilkes at 2024-05-07T10:10:58+02:00 fixup! Bug 40926: Implemented the New Identity feature Bug 42537: Move base-browser.ftl to toolkit. - - - - - f8848955 by Henry Wilkes at 2024-05-07T10:10:58+02:00 Bug 41736: Customize toolbar for base-browser. - - - - - b544e52c by Pier Angelo Vendrame at 2024-05-07T10:10:59+02:00 Bug 42027: Base Browser migration procedures. This commit implmenents the the Base Browser's version of _migrateUI. - - - - - d89354ad by Henry Wilkes at 2024-05-07T10:10:59+02:00 Bug 42308: Create README for tor-browser. We drop the README.txt that comes from Mozilla Firefox and add README.md for tor-browser. - - - - - 6b17134e by Richard Pospesel at 2024-05-07T10:10:59+02:00 Bug 41649: Create rebase and security backport gitlab issue templates - - - - - 42bf3535 by Henry Wilkes at 2024-05-07T10:10:59+02:00 Add CI for Tor Browser - - - - - e77d7305 by Richard Pospesel at 2024-05-07T10:10:59+02:00 Bug 41089: Add tor-browser build scripts + Makefile to tor-browser - - - - - e87b6821 by Dan Ballard at 2024-05-07T10:11:00+02:00 fixup! Bug 41089: Add tor-browser build scripts + Makefile to tor-browser fix typo in new geckoview build scripts - - - - - 9a6f0b75 by Henry Wilkes at 2024-05-07T10:11:00+02:00 Bug 41803: Add some developer tools for working on tor-browser. - - - - - a0f7e5dd by hackademix at 2024-05-07T10:11:00+02:00 fixup! Bug 41803: Add some developer tools for working on tor-browser. Bug 42516: Make tb-dev worktree-compatible - - - - - 1648bc1e by Kathy Brade at 2024-05-07T10:11:00+02:00 Bug 11641: Disable remoting by default. Unless the -osint command line flag is used, the browser now defaults to the equivalent of -no-remote. There is a new -allow-remote flag that may be used to restore the original (Firefox-like) default behavior. - - - - - 4d2ee604 by Alex Catarineu at 2024-05-07T10:11:00+02:00 Add TorStrings module for localization - - - - - 66bde4c8 by Pier Angelo Vendrame at 2024-05-07T10:11:01+02:00 fixup! Add TorStrings module for localization Load some torlauncher strings to show in about:torconnect in TorStrings.sys.mjs. We could move them to torConnect.properties, but maybe we are still in time for moving all of them to Fluent, so I preferred reducing the number of migrations. Also, remove unused strings from torlauncher.properties. - - - - - f69b5e59 by henry at 2024-05-07T10:11:01+02:00 fixup! Add TorStrings module for localization Drop unused strings. - - - - - 7c2a7e70 by Henry Wilkes at 2024-05-07T10:11:01+02:00 fixup! Add TorStrings module for localization Bug 42221: Migrate downloads warning strings to Fluent. - - - - - 780fa784 by Henry Wilkes at 2024-05-07T10:11:01+02:00 fixup! Add TorStrings module for localization Bug 42521: Drop unused onboarding strings. - - - - - fcb89e69 by Henry Wilkes at 2024-05-07T10:11:02+02:00 fixup! Add TorStrings module for localization Bug 42206: Migrate ruleset strings to Fluent. - - - - - dda70987 by Henry Wilkes at 2024-05-07T10:11:02+02:00 fixup! Add TorStrings module for localization Bug 41622: Move the onion net error strings to Fluent. - - - - - d1caab81 by Henry Wilkes at 2024-05-07T10:11:02+02:00 fixup! Add TorStrings module for localization Bug 42549: Remove brand.dtd - - - - - 1319b992 by Henry Wilkes at 2024-05-07T10:11:02+02:00 Tor Browser strings This commit adds all the strings needed for Tor Browser patches. - - - - - 8527f2dc by Henry Wilkes at 2024-05-07T10:11:02+02:00 fixup! Tor Browser strings Bug 42221: Migrate downloads warning strings to Fluent. - - - - - f5f08043 by Henry Wilkes at 2024-05-07T10:11:03+02:00 fixup! Tor Browser strings Bug 42206: Migrate ruleset strings to Fluent. - - - - - 6a076013 by Henry Wilkes at 2024-05-07T10:11:03+02:00 fixup! Tor Browser strings Bug 41622: Move net error page strings to Fluent. - - - - - e3b65713 by Henry Wilkes at 2024-05-07T10:11:03+02:00 fixup! Tor Browser strings Bug 42457: Add a "testing" state to the internet status area. - - - - - 0e807eb9 by Henry Wilkes at 2024-05-07T10:11:03+02:00 fixup! Tor Browser strings Bug 42537: Move tor-browser.ftl to toolkit. - - - - - 7c6d63fb by Henry Wilkes at 2024-05-07T10:11:03+02:00 fixup! Tor Browser strings Bug 42545: Rename "onionsite" to "onion site" in Fluent. - - - - - 755c14aa by Henry Wilkes at 2024-05-07T10:11:04+02:00 Tor Browser localization migration scripts. - - - - - bc2a51dc by Henry Wilkes at 2024-05-07T10:11:04+02:00 fixup! Tor Browser localization migration scripts. Bug 42221: Migrate downloads warning strings to Fluent. - - - - - 697e6207 by Henry Wilkes at 2024-05-07T10:11:04+02:00 fixup! Tor Browser localization migration scripts. Bug 42206: Migrate ruleset strings to Fluent. - - - - - 49da6bb0 by Henry Wilkes at 2024-05-07T10:11:04+02:00 fixup! Tor Browser localization migration scripts. Bug 41622: Migrate onion net error strings to Fluent. - - - - - 165ea068 by Henry Wilkes at 2024-05-07T10:11:05+02:00 Bug 42305: Add script to combine translation files across versions. - - - - - 1ebca8e6 by Mike Perry at 2024-05-07T10:11:05+02:00 Bug 2176: Rebrand Firefox to TorBrowser See also Bugs #5194, #7187, #8115, #8219. This patch does some basic renaming of Firefox to TorBrowser. The rest of the branding is done by images and icons. Also fix bug 27905. Bug 25702: Update Tor Browser icon to follow design guidelines - Updated all of the branding in /browser/branding/official with new 'stable' icon series. - Updated /extensions/onboarding/content/img/tor-watermark.png with new icon and add the source svg in the same directory - Copied /browser/branding/official over /browser/branding/nightly and the new /browser/branding/alpha directories. Replaced content with 'nightly' and 'alpha' icon series. Updated VisualElements_70.png and VisualElements_150.png with updated icons in each branding directory (fixes #22654) - Updated firefox.VisualElementsManfiest.xml with updated colors in each branding directory - Added firefox.svg to each branding directory from which all the other icons are derived (apart from document.icns and document.ico) - Added default256.png and default512.png icons - Updated aboutTBUpdate.css to point to branding-aware icon128.png and removed original icon - Use the Tor Browser icon within devtools/client/themes/images/. Bug 30631: Blurry Tor Browser icon on macOS app switcher It would seem the png2icns tool does not generate correct icns files and so on macOS the larger icons were missing resulting in blurry icons in the OS chrome. Regenerated the padded icons in a macOS VM using iconutil. Bug 28196: preparations for using torbutton tor-browser-brand.ftl A small change to Fluent FileSource class is required so that we can register a new source without its supported locales being counted as available locales for the browser. Bug 31803: Replaced about:debugging logo with flat version Bug 21724: Make Firefox and Tor Browser distinct macOS apps When macOS opens a document or selects a default browser, it sometimes uses the CFBundleSignature. Changing from the Firefox MOZB signature to a different signature TORB allows macOS to distinguish between Firefox and Tor Browser. Bug 32092: Fix Tor Browser Support link in preferences For bug 40562, we moved onionPattern* from bug 27476 to here, as about:tor needs these files but it is included earlier. Bug 41278: Create Tor Browser styled pdf logo similar to the vanilla Firefox one Bug 42088: New application icons (used in-app and on linux). Bug 42087: New application icons (windows). - - - - - c378b0c9 by Henry Wilkes at 2024-05-07T10:11:05+02:00 fixup! Bug 2176: Rebrand Firefox to TorBrowser Bug 41622: Add context-stroke to onion-warning.svg. Also drop the unnecessary clip path. - - - - - 51cfe78a by Dan Ballard at 2024-05-07T10:11:05+02:00 fixup! Bug 2176: Rebrand Firefox to TorBrowser bug 42504: Add tor project forums to bookmarks - - - - - 056e722b by Henry Wilkes at 2024-05-07T10:11:05+02:00 fixup! Bug 2176: Rebrand Firefox to TorBrowser Bug 42538: Move onion icons to toolkit. - - - - - f71a2522 by Henry Wilkes at 2024-05-07T10:11:06+02:00 fixup! Bug 2176: Rebrand Firefox to TorBrowser Bug 42537: Move tor-browser.ftl to toolkit. - - - - - 20305c51 by hackademix at 2024-05-07T10:11:06+02:00 Bug 41917: Tor brand-specific styles. - - - - - e72eb564 by Henry Wilkes at 2024-05-07T10:11:56+02:00 Add purple tor version of the loading APNG. - - - - - bd08e017 by sanketh at 2024-05-07T10:11:59+02:00 Bug 40209: Implement Basic Crypto Safety Adds a CryptoSafety actor which detects when you've copied a crypto address from a HTTP webpage and shows a warning. Closes #40209. Bug 40428: Fix string attribute names - - - - - 1d2d6d73 by Henry Wilkes at 2024-05-07T10:12:00+02:00 fixup! Bug 40209: Implement Basic Crypto Safety Bug 42537: Move tor-browser.ftl to toolkit. - - - - - 522adf7b by Mike Perry at 2024-05-07T10:12:00+02:00 TB3: Tor Browser's official .mozconfigs. Also: Add an --enable-tor-browser-data-outside-app-dir configure option Add --with-tor-browser-version configure option Bug 31457: disable per-installation profiles The dedicated profiles (per-installation) feature does not interact well with our bundled profiles on Linux and Windows, and it also causes multiple profiles to be created on macOS under TorBrowser-Data. Bug 31935: Disable profile downgrade protection. Since Tor Browser does not support more than one profile, disable the prompt and associated code that offers to create one when a version downgrade situation is detected. Add --enable-tor-browser-update build option Bug 40793: moved Tor configuration options from old-configure.in to moz.configure Bug 41584: Move some configuration options to base-browser level - - - - - 6b03c19f by Henry Wilkes at 2024-05-07T10:12:00+02:00 Bug 41340: Enable TOR_BROWSER_NIGHTLY_BUILD features for dev and nightly builds tor-browser#41285: Enable fluent warnings. - - - - - b9e9bbad by Pier Angelo Vendrame at 2024-05-07T10:12:00+02:00 Bug 40562: Added Tor Browser preferences to 000-tor-browser.js Before reordering patches, we used to keep the Tor-related patches (torbutton and tor-launcher) at the beginning. After that issue, we decided to move them towards the end. In addition to that, we have decided to move Tor Browser-only preferences there, too, to make Base Browser-only fixups easier to apply. - - - - - bc2eab13 by Pier Angelo Vendrame at 2024-05-07T10:12:01+02:00 Bug 13252: Customize profile management on macOS On macOS we allow both portable mode and system installation. However, in the latter case, we customize Firefox's directories to match the hierarchy we use for the portable mode. Also, display an informative error message if the TorBrowser-Data directory cannot be created due to an "access denied" or a "read only volume" error. - - - - - 263ae405 by Pier Angelo Vendrame at 2024-05-07T10:12:01+02:00 Bug 40933: Add tor-launcher functionality Bug 41926: Reimplement the control port - - - - - 2713c4fa by Pier Angelo Vendrame at 2024-05-07T10:12:01+02:00 fixup! Bug 40933: Add tor-launcher functionality Rename TorControlPort.sys.mjs's `TorError` to a less generic `TorProtocolError`. - - - - - 61e502b6 by Pier Angelo Vendrame at 2024-05-07T10:12:01+02:00 fixup! Bug 40933: Add tor-launcher functionality Do not localize errors in TorProcess, but keep it only as a pure backend file. Moreover, the localized errors would be only shown in the console. Instead, report an error code to let them bubble up to the TorProviderBuilder, where we show them in the "Restart Tor" prompt. - - - - - 729fa88e by Pier Angelo Vendrame at 2024-05-07T10:12:01+02:00 fixup! Bug 40933: Add tor-launcher functionality Bug 42479: Remove localization from the backend files. Also, use an Error object when the bootstrap fail, in preparation to the removal of TorBootstrapRequest. - - - - - c1050095 by Pier Angelo Vendrame at 2024-05-07T10:12:02+02:00 fixup! Bug 40933: Add tor-launcher functionality This partially reverts commit 34f7e83335cde6653d897717741c9c8d41f858b7. It removes the errorCode logic, and throws non-localized error messages. Also, it removes the no-longer used getFormattedLocalizedString. - - - - - c19fec3a by Pier Angelo Vendrame at 2024-05-07T10:12:02+02:00 fixup! Bug 40933: Add tor-launcher functionality Changed a few calls to #stop since this method now expects an Erro object. Do not redefine topics, import them from TorProviderBuilder.sys.mjs. Use lazy imports for our code. - - - - - f9e3c6c6 by Pier Angelo Vendrame at 2024-05-07T10:12:02+02:00 fixup! Bug 40933: Add tor-launcher functionality Bug 42541: Bridges without fingerprint break the circuit display. The circuit display backend relies on GETCONF bridges because we want to know the pluggable transport for the circuit display and, as far as I can tell, no GETINFO command includes this information. However, when we get a circuit from tor, we get its fingerprint, which is optional on the bridge lines. Therefore, in some cases we did not have the data to display, and we just hid the circuit display button. With this commit, when we miss the fingerprint of a bridge, we try to get it in another way. It might produce incorrect results (we rely on the IP address the user passes on the bridge line), but at least it will show the circuit display. - - - - - a4a8cb70 by Cecylia Bocovich at 2024-05-07T10:12:02+02:00 Lox integration - - - - - 1eadde4d by Henry Wilkes at 2024-05-07T10:12:02+02:00 fixup! Lox integration Bug 42533: Add notification for when the activeLoxId changes. - - - - - 45ffb507 by Henry Wilkes at 2024-05-07T10:12:03+02:00 fixup! Lox integration Bug 42476: Drop unnecessary #window property. - - - - - e031d61f by Henry Wilkes at 2024-05-07T10:12:03+02:00 fixup! Lox integration Bug 42476: Disable the Lox module for the stable release. - - - - - 46aa6402 by Henry Wilkes at 2024-05-07T10:12:03+02:00 fixup! Lox integration Bug 42543: Demote the validateInvitation console message to "info". - - - - - 0901f2ac by Richard Pospesel at 2024-05-07T10:12:03+02:00 Bug 40597: Implement TorSettings module - migrated in-page settings read/write implementation from about:preferences#tor to the TorSettings module - TorSettings initially loads settings from the tor daemon, and saves them to firefox prefs - TorSettings notifies observers when a setting has changed; currently only QuickStart notification is implemented for parity with previous preference notify logic in about:torconnect and about:preferences#tor - about:preferences#tor, and about:torconnect now read and write settings thorugh the TorSettings module - all tor settings live in the torbrowser.settings.* preference branch - removed unused pref modify permission for about:torconnect content page from AsyncPrefs.jsm Bug 40645: Migrate Moat APIs to Moat.jsm module - - - - - 793d57db by Pier Angelo Vendrame at 2024-05-07T10:12:03+02:00 fixup! Bug 40597: Implement TorSettings module Move TorSettings and TorLauncherUtil to lazy imnports. Also removed XPCOMUtils in favor of ChromeUtils. - - - - - 7f3ffcee by Pier Angelo Vendrame at 2024-05-07T10:12:04+02:00 fixup! Bug 40597: Implement TorSettings module Bug 42479: Improve TorConnect error handling. To do so, also remove localized error messages. Use error codes, and let the frontend use the localized messages. - - - - - 801fc692 by Pier Angelo Vendrame at 2024-05-07T10:12:04+02:00 fixup! Bug 40597: Implement TorSettings module Various fixes to address tor-browser!968. - - - - - f9c7e0a3 by henry at 2024-05-07T10:12:04+02:00 fixup! Bug 40597: Implement TorSettings module Remove an outdated comment. - - - - - aa6cbd87 by Arthur Edelstein at 2024-05-07T10:12:04+02:00 Bug 3455: Add DomainIsolator, for isolating circuit by domain. Add an XPCOM component that registers a ProtocolProxyChannelFilter which sets the username/password for each web request according to url bar domain. Bug 9442: Add New Circuit button Bug 13766: Set a 10 minute circuit dirty timeout for the catch-all circ. Bug 19206: Include a 128 bit random tag as part of the domain isolator nonce. Bug 19206: Clear out the domain isolator state on `New Identity`. Bug 21201.2: Isolate by firstPartyDomain from OriginAttributes Bug 21745: Fix handling of catch-all circuit Bug 41741: Refactor the domain isolator and new circuit - - - - - d958e647 by Henry Wilkes at 2024-05-07T10:12:05+02:00 Bug 41600: Add a tor circuit display panel. - - - - - d1eaafa8 by Pier Angelo Vendrame at 2024-05-07T10:12:05+02:00 Bug 42247: Android helpers for the TorProvider GeckoView is missing some API we use on desktop for the integration with the tor daemon, such as subprocess. Therefore, we need to implement them in Java and plumb the data back and forth between JS and Java. - - - - - 3d7af094 by Pier Angelo Vendrame at 2024-05-07T10:12:05+02:00 fixup! Bug 42247: Android helpers for the TorProvider Bug 42479: Improve TorConnect error handling. Pass the new TorConnect error codes to Android. - - - - - 88401d6c by Pier Angelo Vendrame at 2024-05-07T10:12:05+02:00 fixup! Bug 42247: Android helpers for the TorProvider TorConnectTopics.BootstrapError is now just Error, and it passes directly the Error object. - - - - - d061649c by hackademix at 2024-05-07T10:12:05+02:00 Bug 8324: Prevent DNS proxy bypasses caused by Drag&Drop Bug 41613: Skip Drang & Drop filtering for DNS-safe URLs - - - - - d395b67b by Amogh Pradeep at 2024-05-07T10:12:06+02:00 Orfox: Centralized proxy applied to AbstractCommunicator and BaseResources. See Bug 1357997 for partial uplift. Also: Bug 28051 - Use our Orbot for proxying our connections Bug 31144 - ESR68 Network Code Review - - - - - d9ac1c85 by Matthew Finkel at 2024-05-07T10:12:06+02:00 Bug 25741: TBA: Disable GeckoNetworkManager The browser should not need information related to the network interface or network state, tor should take care of that. - - - - - b4bc4a2d by Kathy Brade at 2024-05-07T10:12:06+02:00 Bug 14631: Improve profile access error messages. Instead of always reporting that the profile is locked, display specific messages for "access denied" and "read-only file system". To allow for localization, get profile-related error strings from Torbutton. Use app display name ("Tor Browser") in profile-related error alerts. - - - - - d3ed4667 by Pier Angelo Vendrame at 2024-05-07T10:12:06+02:00 Bug 40807: Added QRCode.js to toolkit/modules - - - - - 6642536b by Richard Pospesel at 2024-05-07T10:12:06+02:00 Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection This patch adds a new about:preferences#connection page which allows modifying bridge, proxy, and firewall settings from within Tor Browser. All of the functionality present in tor-launcher's Network Configuration panel is present: - Setting built-in bridges - Requesting bridges from BridgeDB via moat - Using user-provided bridges - Configuring SOCKS4, SOCKS5, and HTTP/HTTPS proxies - Setting firewall ports - Viewing and Copying Tor's logs - The Networking Settings in General preferences has been removed Bug 40774: Update about:preferences page to match new UI designs - - - - - 2e28c345 by Henry Wilkes at 2024-05-07T10:12:07+02:00 fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection Bug 42496: Fix the refresh captcha button's command. - - - - - 4008cd1e by Henry Wilkes at 2024-05-07T10:12:07+02:00 fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection Bug 40843: Add a "testing" state to the internet status. Bug 41383: Improved accessibility of the network status areas by managing focus and making the status an aria-live area so that changes are announced without requiring focus. Also re-arranged the markup to ensure the "Connection" overview and network status areas are not part of search results. Also moved the "Tor network" status onto a new line: 1. This improved navigation with a screen reader. 2. Ensures that the "Tor network" status does not jump horizontally during a test. 3. Ensures that each status area does not take up too much horizontal space so that the minimum page width can reduce. E.g. the "Tor network" area regularly took up more than 50% of the available width, and these may be wider depending on the locale. - - - - - 5246ae68 by Henry Wilkes at 2024-05-07T10:12:07+02:00 fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection Bug 42457: Add a loading icon for Lox invites. Also reduce the amount of focus-jumping by keeping the focus on the disabled button. Also change the focus of the last provideBridgeDialog page to be the table of bridges. NVDA did not announce the focus when it was set to the dialog itself. - - - - - 8c14f2b7 by Henry Wilkes at 2024-05-07T10:12:07+02:00 fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection Bug 42533: Only update the internal loxId *after* the Lox.activeLoxId has changed. In particular, we want to ensure that the data associated with the new loxId (invites and event data) is set before we fetch them. - - - - - 154a92e3 by Henry Wilkes at 2024-05-07T10:12:07+02:00 fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection Bug 42476: Disable the Lox module for the stable release. - - - - - 861786d2 by Henry Wilkes at 2024-05-07T10:12:08+02:00 fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection Bug 42537: Move tor-browser.ftl to toolkit. - - - - - a42e5e3f by Henry Wilkes at 2024-05-07T10:12:08+02:00 fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection Bug 42540: Fix gNetworkStatus.deinint typo - - - - - 488a621c by Richard Pospesel at 2024-05-07T10:12:08+02:00 Bug 27476: Implement about:torconnect captive portal within Tor Browser - implements new about:torconnect page as tor-launcher replacement - adds new torconnect component to browser - tor process management functionality remains implemented in tor-launcher through the TorProtocolService module - adds warning/error box to about:preferences#tor when not connected to tor Bug 40773: Update the about:torconnect frontend page to match additional UI flows. Bug 41608: Add a toolbar status button and a urlbar "Connect" button. - - - - - 30558651 by Pier Angelo Vendrame at 2024-05-07T10:12:08+02:00 fixup! Bug 27476: Implement about:torconnect captive portal within Tor Browser Formatted comments. - - - - - dfc63ff7 by Pier Angelo Vendrame at 2024-05-07T10:12:08+02:00 fixup! Bug 27476: Implement about:torconnect captive portal within Tor Browser Bug 42479: Improve TorConnect error handling. Consume the new error codes and transform them into localized error messages. - - - - - e8ea8f19 by Pier Angelo Vendrame at 2024-05-07T10:12:09+02:00 fixup! Bug 27476: Implement about:torconnect captive portal within Tor Browser Various fixes to address tor-browser!968. - - - - - 4d17e716 by henry at 2024-05-07T10:12:09+02:00 fixup! Bug 27476: Implement about:torconnect captive portal within Tor Browser Fix the offline error handler. - - - - - 7c1a7c5e by Pier Angelo Vendrame at 2024-05-07T10:12:09+02:00 Temporary changes to about:torconnect for Android. We are planning of tempoorarily using about:torconnect on Android, until the native UX is ready. - - - - - 9ea977a8 by Pier Angelo Vendrame at 2024-05-07T10:12:09+02:00 fixup! Temporary changes to about:torconnect for Android. - - - - - 3d2a5e40 by Henry Wilkes at 2024-05-07T10:12:09+02:00 Bug 7494: Create local home page for TBB. Bug 41333: Update about:tor to new design. Including: + make the favicon match the branding icon. + make the location bar show a search icon. - - - - - 5e9a251a by Henry Wilkes at 2024-05-07T10:12:10+02:00 fixup! Bug 7494: Create local home page for TBB. Bug 42537: Move tor-browser.ftl to toolkit. - - - - - 5a3b52a5 by Arthur Edelstein at 2024-05-07T10:12:10+02:00 Bug 12620: TorBrowser regression tests Regression tests for Bug #2950: Make Permissions Manager memory-only Regression tests for TB4: Tor Browser's Firefox preference overrides. Note: many more functional tests could be made here Regression tests for #2874: Block Components.interfaces from content Bug 18923: Add a script to run all Tor Browser specific tests Regression tests for Bug #16441: Suppress "Reset Tor Browser" prompt. - - - - - 876f6a21 by Pier Angelo Vendrame at 2024-05-07T10:12:10+02:00 Bug 41668: Tweaks to the Base Browser updater for Tor Browser This commit was once part of "Bug 4234: Use the Firefox Update Process for Tor Browser.". However, some parts of it were not needed for Base Browser and some derivative browsers. Therefore, we extracted from that commit the parts for Tor Browser legacy, and we add them back to the patch set with this commit. - - - - - 5454c241 by Kathy Brade at 2024-05-07T10:12:10+02:00 Bug 12647: Support symlinks in the updater. - - - - - bc863711 by Kathy Brade at 2024-05-07T10:12:10+02:00 Bug 19121: reinstate the update.xml hash check This is a partial revert of commit f1241db6986e4b54473a1ed870f7584c75d51122. Revert most changes from Mozilla Bug 862173 "don't verify mar file hash when using mar signing to verify the mar file (lessens main thread I/O)." We kept the addition to the AppConstants API in case other JS code references it in the future. - - - - - 01a38039 by Kathy Brade at 2024-05-07T10:12:11+02:00 Bug 16940: After update, load local change notes. Add an about:tbupdate page that displays the first section from TorBrowser/Docs/ChangeLog.txt and includes a link to the remote post-update page (typically our blog entry for the release). Always load about:tbupdate in a content process, but implement the code that reads the file system (changelog) in the chrome process for compatibility with future sandboxing efforts. Also fix bug 29440. Now about:tbupdate is styled as a fairly simple changelog page that is designed to be displayed via a link that is on about:tor. - - - - - 11784529 by Georg Koppen at 2024-05-07T10:12:11+02:00 Bug 32658: Create a new MAR signing key It's time for our rotation again: Move the backup key in the front position and add a new backup key. Bug 33803: Move our primary nightly MAR signing key to tor-browser Bug 33803: Add a secondary nightly MAR signing key - - - - - e5a1c26d by Mike Perry at 2024-05-07T10:12:11+02:00 Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing eBay and Amazon don't treat Tor users very well. Accounts often get locked and payments reversed. Also: Bug 16322: Update DuckDuckGo search engine We are replacing the clearnet URL with an onion service one (thanks to a patch by a cypherpunk) and are removing the duplicated DDG search engine. Duplicating DDG happend due to bug 1061736 where Mozilla included DDG itself into Firefox. Interestingly, this caused breaking the DDG search if JavaScript is disabled as the Mozilla engine, which gets loaded earlier, does not use the html version of the search page. Moreover, the Mozilla engine tracked where the users were searching from by adding a respective parameter to the search query. We got rid of that feature as well. Also: This fixes bug 20809: the DuckDuckGo team has changed its server-side code in a way that lets users with JavaScript enabled use the default landing page while those without JavaScript available get redirected directly to the non-JS page. We adapt the search engine URLs accordingly. Also fixes bug 29798 by making sure we only specify the Google search engine we actually ship an .xml file for. Also regression tests. squash! Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing Bug 40494: Update Startpage search provider squash! Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing Bug 40438: Add Blockchair as a search engine Bug 33342: Avoid disconnect search addon error after removal. We removed the addon in #32767, but it was still being loaded from addonStartup.json.lz4 and throwing an error on startup because its resource: location is not available anymore. - - - - - 477da199 by Alex Catarineu at 2024-05-07T10:12:11+02:00 Bug 40073: Disable remote Public Suffix List fetching In https://bugzilla.mozilla.org/show_bug.cgi?id=1563246 Firefox implemented fetching the Public Suffix List via RemoteSettings and replacing the default one at runtime, which we do not want. - - - - - 06a307da by Henry Wilkes at 2024-05-07T10:12:11+02:00 Bug 41906: Hide DNS over HTTPS preferences. - - - - - dd1891a4 by Richard Pospesel at 2024-05-07T10:12:12+02:00 Bug 23247: Communicating security expectations for .onion Encrypting pages hosted on Onion Services with SSL/TLS is redundant (in terms of hiding content) as all traffic within the Tor network is already fully encrypted. Therefore, serving HTTP pages from an Onion Service is more or less fine. Prior to this patch, Tor Browser would mostly treat pages delivered via Onion Services as well as pages delivered in the ordinary fashion over the internet in the same way. This created some inconsistencies in behaviour and misinformation presented to the user relating to the security of pages delivered via Onion Services: - HTTP Onion Service pages did not have any 'lock' icon indicating the site was secure - HTTP Onion Service pages would be marked as unencrypted in the Page Info screen - Mixed-mode content restrictions did not apply to HTTP Onion Service pages embedding Non-Onion HTTP content This patch fixes the above issues, and also adds several new 'Onion' icons to the mix to indicate all of the various permutations of Onion Services hosted HTTP or HTTPS pages with HTTP or HTTPS content. Strings for Onion Service Page Info page are pulled from Torbutton's localization strings. - - - - - e5162b1b by Henry Wilkes at 2024-05-07T10:12:12+02:00 fixup! Bug 23247: Communicating security expectations for .onion Bug 41622: Add context-stroke to onion-warning.svg. - - - - - a75b99cd by Henry Wilkes at 2024-05-07T10:12:12+02:00 fixup! Bug 23247: Communicating security expectations for .onion Bug 42538: Move onion icons to toolkit. - - - - - c6bd3e98 by Kathy Brade at 2024-05-07T10:12:12+02:00 Bug 30237: Add v3 onion services client authentication prompt When Tor informs the browser that client authentication is needed, temporarily load about:blank instead of about:neterror and prompt for the user's key. If a correctly formatted key is entered, use Tor's ONION_CLIENT_AUTH_ADD control port command to add the key (via Torbutton's control port module) and reload the page. If the user cancels the prompt, display the standard about:neterror "Unable to connect" page. This requires a small change to browser/actors/NetErrorChild.jsm to account for the fact that the docShell no longer has the failedChannel information. The failedChannel is used to extract TLS-related error info, which is not applicable in the case of a canceled .onion authentication prompt. Add a leaveOpen option to PopupNotifications.show so we can display error messages within the popup notification doorhanger without closing the prompt. Add support for onion services strings to the TorStrings module. Add support for Tor extended SOCKS errors (Tor proposal 304) to the socket transport and SOCKS layers. Improved display of all of these errors will be implemented as part of bug 30025. Also fixes bug 19757: Add a "Remember this key" checkbox to the client auth prompt. Add an "Onion Services Authentication" section within the about:preferences "Privacy & Security section" to allow viewing and removal of v3 onion client auth keys that have been stored on disk. Also fixes bug 19251: use enhanced error pages for onion service errors. - - - - - e4686d34 by Henry Wilkes at 2024-05-07T10:12:13+02:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 41622: Follow net error style from mozilla. We drop our additions to the page and work with the existing files from mozilla. - - - - - d9a7dd5c by Henry Wilkes at 2024-05-07T10:12:13+02:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 42538: Move onion icons to toolkit. - - - - - 485671e5 by Henry Wilkes at 2024-05-07T10:12:13+02:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 42537: Move tor-browser.ftl to toolkit. - - - - - 4222e615 by Henry Wilkes at 2024-05-07T10:12:13+02:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 42542: Remove the OnionServicesAuthPrompt class. The class is merged into OnionAuthPrompt. This currently only works when only one tab triggers the prompt at a time. Not linted to improve commit readability. - - - - - 054613f3 by Henry Wilkes at 2024-05-07T10:12:13+02:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 42542: Lint after removing OnionServicesAuthPrompt class. - - - - - 5d98e670 by Henry Wilkes at 2024-05-07T10:12:14+02:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 42542: Re-handle showing errors. Call "_showWarning" rather than "show" when we have an error. Do not attempt to show the prompt if we cannot determine the onion service id. For the service id regex, use "^(.*\.)?" instead of "^(.*\.)*": since the ".*" is greedy, this can only ever match up to once. - - - - - 8dbd8867 by Henry Wilkes at 2024-05-07T10:12:14+02:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 42542: Reset the authentication prompt when switching between two authentication tabs. We keep a record of which tab details are being shown in the notification popup. We reset the prompt whenever we want to show different details. We also fetch elements and set event listeners (once) when we initialize OnionAuthPrompt. In particular, the listeners should only react to the shown details. We also assume that elements with an ID exist in the DOM. - - - - - ee2e4565 by Henry Wilkes at 2024-05-07T10:12:14+02:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 42542: Follow recent coding conventions. Do not prefix variable names with "a" and use triple equality. - - - - - 1673e5d4 by Henry Wilkes at 2024-05-07T10:12:14+02:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 42542: Use "keydown" instead of deprecated "keypress". Also, stop handling "Escape" key since it is already handled by PopupNotification. - - - - - 95e48d20 by Henry Wilkes at 2024-05-07T10:12:14+02:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 42542: Add documentation to OnionAuthPrompt. - - - - - ed0737a9 by Henry Wilkes at 2024-05-07T10:12:15+02:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 42542: Add a logger to OnionAuthPrompt. - - - - - cacfe8ea by Alex Catarineu at 2024-05-07T10:12:15+02:00 Bug 21952: Implement Onion-Location Whenever a valid Onion-Location HTTP header (or corresponding HTML <meta> http-equiv attribute) is found in a document load, we either redirect to it (if the user opted-in via preference) or notify the presence of an onionsite alternative with a badge in the urlbar. - - - - - 3bdd0c5f by Henry Wilkes at 2024-05-07T10:12:15+02:00 fixup! Bug 21952: Implement Onion-Location Bug 42538: Move onion icons to toolkit. - - - - - b6fd1391 by Pier Angelo Vendrame at 2024-05-07T10:12:15+02:00 Bug 40458: Implement .tor.onion aliases We have enabled HTTPS-Only mode, therefore we do not need HTTPS-Everywhere anymore. However, we want to keep supporting .tor.onion aliases (especially for securedrop). Therefore, in this patch we implemented the parsing of HTTPS-Everywhere rulesets, and the redirect of .tor.onion domains. Actually, Tor Browser believes they are actual domains. We change them on the fly on the SOCKS proxy requests to resolve the domain, and on the code that verifies HTTPS certificates. - - - - - f5dff9b9 by Henry Wilkes at 2024-05-07T10:12:15+02:00 fixup! Bug 40458: Implement .tor.onion aliases Bug 42206: Migrate ruleset strings to Fluent. - - - - - b8e3e9ae by Henry Wilkes at 2024-05-07T10:12:16+02:00 fixup! Bug 40458: Implement .tor.onion aliases Bug 42537: Move tor-browser.ftl to toolkit. - - - - - 32ca62af by Pier Angelo Vendrame at 2024-05-07T10:12:16+02:00 Bug 11698: Incorporate Tor Browser Manual pages into Tor Browser This patch associates the about:manual page to a translated page that must be injected to browser/omni.ja after the build. The content must be placed in chrome/browser/content/browser/manual/, so that is then available at chrome://browser/content/manual/. We preferred giving absolute freedom to the web team, rather than having to change the patch in case of changes on the documentation. - - - - - bc6b89e5 by Pier Angelo Vendrame at 2024-05-07T10:12:16+02:00 Bug 41435: Add a Tor Browser migration function For now this function only deletes old language packs for which we are already packaging the strings with the application. - - - - - 27f02c87 by Henry Wilkes at 2024-05-07T10:12:16+02:00 Bug 42110: Add TorUIUtils module for common tor component methods. - - - - - 7d0183b8 by Dan Ballard at 2024-05-07T10:12:16+02:00 Bug 40701: Add security warning when downloading a file Shown in the downloads panel, about:downloads and places.xhtml. - - - - - 96c62a52 by Henry Wilkes at 2024-05-07T10:12:17+02:00 fixup! Bug 40701: Add security warning when downloading a file Bug 42221: Migrate downloads warning strings to Fluent. - - - - - 2393c767 by Henry Wilkes at 2024-05-07T10:12:17+02:00 fixup! Bug 40701: Add security warning when downloading a file Bug 42537: Move tor-browser.ftl to toolkit. - - - - - dc87020e by Henry Wilkes at 2024-05-07T10:12:17+02:00 Bug 41736: Customize toolbar for tor-browser. - - - - - d0bf278a by hackademix at 2024-05-07T10:12:17+02:00 Bug 41728: Pin bridges.torproject.org domains to Let's Encrypt's root cert public key - - - - - a25e39fc by Henry Wilkes at 2024-05-07T10:12:17+02:00 Customize moz-toggle for tor-browser. - - - - - 55450e06 by Richard Pospesel at 2024-05-07T10:12:18+02:00 Bug 41822: Unconditionally disable default browser UX in about:preferences - - - - - 119d2f4b by Cecylia Bocovich at 2024-05-07T10:12:18+02:00 Temporary commit: manually place generated wasm files These files are built reproducibly using tor-browser-build: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_re… We're manually adding them here while working on the interface, but eventually these should be placed in the right location using tor-browser-build. - - - - - 30 changed files: - .eslintignore - .gitignore - + .gitlab-ci.yml - + .gitlab/issue_templates/Backport Android Security Fixes.md - + .gitlab/issue_templates/Emergency Security Issue.md - + .gitlab/issue_templates/Rebase Browser - Alpha.md - + .gitlab/issue_templates/Rebase Browser - Stable.md - + .gitlab/issue_templates/bug.md - + .gitlab/merge_request_templates/default.md - + README.md - − README.txt - accessible/android/SessionAccessibility.cpp - accessible/android/SessionAccessibility.h - accessible/ipc/DocAccessibleParent.cpp - accessible/ipc/DocAccessibleParent.h - accessible/ipc/moz.build - + browser/actors/AboutTBUpdateChild.jsm - + browser/actors/AboutTBUpdateParent.jsm - + browser/actors/CryptoSafetyChild.jsm - + browser/actors/CryptoSafetyParent.jsm - − browser/actors/RFPHelperChild.sys.mjs - − browser/actors/RFPHelperParent.sys.mjs - browser/actors/moz.build - browser/app/Makefile.in - browser/app/macbuild/Contents/Info.plist.in - browser/app/macbuild/Contents/MacOS-files.in - browser/app/moz.build - browser/app/permissions - + browser/app/profile/000-tor-browser.js - + browser/app/profile/001-base-profile.js The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/3e25f5… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/3e25f5… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41136: Include *.deb in the list of files to gpg sign
by richard (＠richard) 07 May '24

07 May '24

richard pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 86ad0eeb by Nicolas Vigier at 2024-05-07T11:10:35+00:00 Bug 41136: Include *.deb in the list of files to gpg sign - - - - - 1 changed file: - tools/signing/linux-signer-gpg-sign Changes: ===================================== tools/signing/linux-signer-gpg-sign ===================================== @@ -8,7 +8,9 @@ cd ~/"$SIGNING_PROJECTNAME-$tbb_version" test -n "$GPG_PASS" || read -sp "Enter gpg passphrase: " GPG_PASS currentdir=$(pwd) -for i in `find . -name "*.dmg" -o -name "*.exe" -o -name "*.tar.xz" -o -name "*.txt" -o -name "*.zip" -o -name "*.tar.gz" -o -name "*.apk" | sort` +for i in `find . -name "*.dmg" -o -name "*.exe" -o -name "*.tar.xz" \ + -o -name "*.txt" -o -name "*.zip" -o -name "*.tar.gz" -o -name "*.apk" \ + -o -name "*.deb" | sort` do if test -f "$i.asc" then View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/8… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/8… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] 8 commits: Bug 41001: Change some config files to make automation easier.
by richard (＠richard) 07 May '24

07 May '24

richard pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 7789b280 by Pier Angelo Vendrame at 2024-05-07T10:41:54+00:00 Bug 41001: Change some config files to make automation easier. - - - - - cbbcdf08 by Pier Angelo Vendrame at 2024-05-07T10:41:54+00:00 Bug 41001: Refactor fetch_allowed_addons.py. In this commit we change this file to be able to use it as a Python module from other scripts. Also, we lint it with black. - - - - - 51c8ccd3 by Pier Angelo Vendrame at 2024-05-07T10:41:54+00:00 Bug 41001: Refactored fetch-changelog.py. Also, added Zstandard to the possible updates. - - - - - 70539485 by Pier Angelo Vendrame at 2024-05-07T10:41:54+00:00 Bug 41001: Renamed fetch-changelog.py. After the refactor, fetch-changelog.py can be used as a Python module, but to do so we need to replace the dash in its name with something else (e.g., an underscore). - - - - - 48d9469a by Pier Angelo Vendrame at 2024-05-07T10:41:54+00:00 Bug 41001: Refactored fetch-manual.py. Allow the script to possibly run as a Python module. - - - - - 8e155939 by Pier Angelo Vendrame at 2024-05-07T10:41:54+00:00 Bug 41001: Renamed fetch-manual.py to update_manual.py. This allows us to import it in other Python scripts. - - - - - 9f583c64 by Pier Angelo Vendrame at 2024-05-07T10:41:54+00:00 Bug 41001: Add a release preparation script. - - - - - a34dcb00 by Pier Angelo Vendrame at 2024-05-07T10:41:54+00:00 Bug 41001: Added a checklist to the relprep MR template. Since the release preparation is becoming an almost fully automated procedure, it is necessary to be more careful during the review. This new checklist in the release preparation MR should help to spot any errors. - - - - - 16 changed files: - + .gitattributes - .gitlab/issue_templates/Release Prep - Mullvad Browser Alpha.md - .gitlab/issue_templates/Release Prep - Tor Browser Alpha.md - .gitlab/merge_request_templates/relprep.md - projects/browser/config - projects/firefox/config - projects/go/config - projects/openssl/config - rbm.conf - tools/.gitignore - − tools/fetch-changelogs.py - − tools/fetch-manual.py - tools/fetch_allowed_addons.py - + tools/fetch_changelogs.py - + tools/relprep.py - + tools/update_manual.py Changes: ===================================== .gitattributes ===================================== @@ -0,0 +1 @@ +projects/browser/allowed_addons.json -diff ===================================== .gitlab/issue_templates/Release Prep - Mullvad Browser Alpha.md ===================================== @@ -67,14 +67,14 @@ Mullvad Browser Alpha (and Nightly) are on the `main` branch - [ ] Update `ChangeLog-MB.txt` - [ ] Ensure `ChangeLog-MB.txt` is sync'd between alpha and stable branches - [ ] Check the linked issues: ask people to check if any are missing, remove the not fixed ones - - [ ] Run `./tools/fetch-changelogs.py $(ISSUE_NUMBER) --date $date $updateArgs` + - [ ] Run `./tools/fetch_changelogs.py $(ISSUE_NUMBER) --date $date $updateArgs` - Make sure you have `requests` installed (e.g., `apt install python3-requests`) - The first time you run this script you will need to generate an access token; the script will guide you - `$updateArgs` should be these arguments, depending on what you actually updated: - [ ] `--firefox` (be sure to include esr at the end if needed, which is usually the case) - [ ] `--no-script` - [ ] `--ublock` - - E.g., `./tools/fetch-changelogs.py 41029 --date 'December 19 2023' --firefox 115.6.0esr --no-script 11.4.29 --ublock 1.54.0` + - E.g., `./tools/fetch_changelogs.py 41029 --date 'December 19 2023' --firefox 115.6.0esr --no-script 11.4.29 --ublock 1.54.0` - `--date $date` is optional, if omitted it will be the date on which you run the command - [ ] Copy the output of the script to the beginning of `ChangeLog-MB.txt` and adjust its output - [ ] Open MR with above changes, using the template for release preparations ===================================== .gitlab/issue_templates/Release Prep - Tor Browser Alpha.md ===================================== @@ -78,6 +78,10 @@ Tor Browser Alpha (and Nightly) are on the `main` branch - [ ] Check for zlib updates here: https://github.com/madler/zlib/releases - [ ] **(Optional)** If new tag available, update `projects/zlib/config` - [ ] `version` : update to next release tag + - [ ] Check for Zstandard updates here: https://github.com/facebook/zstd/releases + - [ ] **(Optional)** If new tag available, update `projects/zstd/config` + - [ ] `version` : update to next release tag + - [ ] `git_hash`: update to the commit corresponding to the tag (we don't check signatures for Zstandard) - [ ] Check for tor updates here : https://gitlab.torproject.org/tpo/core/tor/-/tags - [ ] ***(Optional)*** Update `projects/tor/config` - [ ] `version` : update to latest `-alpha` tag or release tag if newer (ping dgoulet or ahf if unsure) @@ -86,18 +90,17 @@ Tor Browser Alpha (and Nightly) are on the `main` branch - [ ] ***(Optional)*** Update `projects/go/config` - [ ] `version` : update go version - [ ] `input_files/sha256sum` for `go` : update sha256sum of archive (sha256 sums are displayed on the go download page) - - [ ] Check for manual updates by running (from `tor-browser-build` root): `./tools/fetch-manual.py` + - [ ] Check for manual updates by running (from `tor-browser-build` root): `./tools/update_manual.py` - [ ] ***(Optional)*** If new version is available: - [ ] Upload the downloaded `manual_$PIPELINEID.zip` file to `tb-build-02.torproject.org` + - The script will tell if it's necessary to - [ ] Deploy to `tb-builder`'s `public_html` directory: - `sudo -u tb-builder cp manual_$PIPELINEID.zip ~tb-builder/public_html/.` - - [ ] Update `projects/manual/config`: - - [ ] Change the `version` to `$PIPELINEID` - - [ ] Update `sha256sum` in the `input_files` section + - [ ] Add `projects/manual/config` to the stage area if the script updated it. - [ ] Update `ChangeLog-TBB.txt` - [ ] Ensure `ChangeLog-TBB.txt` is sync'd between alpha and stable branches - [ ] Check the linked issues: ask people to check if any are missing, remove the not fixed ones - - [ ] Run `./tools/fetch-changelogs.py $(ISSUE_NUMBER) --date $date $updateArgs` + - [ ] Run `./tools/fetch_changelogs.py $(ISSUE_NUMBER) --date $date $updateArgs` - Make sure you have `requests` installed (e.g., `apt install python3-requests`) - The first time you run this script you will need to generate an access token; the script will guide you - `$updateArgs` should be these arguments, depending on what you actually updated: @@ -106,8 +109,9 @@ Tor Browser Alpha (and Nightly) are on the `main` branch - [ ] `--no-script` - [ ] `--openssl` - [ ] `--zlib` + - [ ] `--zstd` - [ ] `--go` - - E.g., `./tools/fetch-changelogs.py 41028 --date 'December 19 2023' --firefox 115.6.0esr --tor 0.4.8.10 --no-script 11.4.29 --zlib 1.3 --go 1.21.5 --openssl 3.0.12` + - E.g., `./tools/fetch_changelogs.py 41028 --date 'December 19 2023' --firefox 115.6.0esr --tor 0.4.8.10 --no-script 11.4.29 --zlib 1.3 --go 1.21.5 --openssl 3.0.12` - `--date $date` is optional, if omitted it will be the date on which you run the command - [ ] Copy the output of the script to the beginning of `ChangeLog-TBB.txt` and adjust its output - [ ] Open MR with above changes, using the template for release preparations ===================================== .gitlab/merge_request_templates/relprep.md ===================================== @@ -1,10 +1,43 @@ -## Merge Info - -### Related Issues +## Related Issues - tor-browser-build#xxxxx - tor-browser-build#xxxxx +## Self-review + reviewer's template + +- [ ] `rbm.conf` updates: + - [ ] `var/torbrowser_version` + - [ ] `var/torbrowser_build`: should be `build1`, unless bumping a previous release preparation + - [ ] `var/browser_release_date`: must not be in the future when we start building + - [ ] `var/torbrowser_incremental_from` (not needed for Android-only releases) +- [ ] Tag updates: + - [ ] [Firefox](https://gitlab.torproject.org/tpo/applications/tor-browser/-/tags) + - [ ] Geckoview - should match Firefox + - [ ] [Firefox Android](https://gitlab.torproject.org/tpo/applications/firefox-android/-/t… + - Tags might be speculative in the release preparation: i.e., they might not exist yet. +- [ ] Addon updates: + - [ ] [NoScript](https://addons.mozilla.org/en-US/firefox/addon/noscript/) + - [ ] [uBlock Origin](https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/) (Mullvad Browser only) + - [ ] [Mullvad Browser Extension](https://github.com/mullvad/browser-extension/releases) (Mullvad Browser only) + - For AMO extension (NoScript and uBlock), updating the version in the URL is not enough, check that also a numeric ID from the URL has changed +- [ ] Tor and dependencies updates (Tor Browser only) + - [ ] [Tor](https://gitlab.torproject.org/tpo/core/tor/-/tags) + - [ ] [OpenSSL](https://www.openssl.org/source/): we stay on the latest LTS channel (currently 3.0.x) + - [ ] [zlib](https://github.com/madler/zlib/releases) + - [ ] [Zstandard](https://github.com/facebook/zstd/releases) (Android only, at least for now) + - [ ] [Go](https://go.dev/dl): avoid major updates, unless planned +- [ ] Manual version update (Tor Browser only, optional) +- [ ] Changelogs + - [ ] Changelogs must be in sync between stable and alpha + - [ ] Check the browser name + - [ ] Check the version + - [ ] Check the release date + - [ ] Check we include only the platform we're releasing for (e.g., no Android in desktop-only releases) + - [ ] Check all the updates from above are reported in the changelogs + - [ ] Check for major errors + - If you find errors such as platform or category (build system) please adjust the issue label accordingly + - You can run `tools/relprep.py --only-changelogs --date $date $version` to update only the changelogs + ## Review ### Request Reviewer ===================================== projects/browser/config ===================================== @@ -111,7 +111,7 @@ input_files: name: ublock-origin sha256sum: 9928e79a52cecf7cfa231fdb0699c7d7a427660d94eb10d711ed5a2f10d2eb89 enable: '[% c("var/mullvad-browser") %]' - - URL: https://github.com/mullvad/browser-extension/releases/download/v0.9.0-firef… + - URL: https://cdn.mullvad.net/browser-extension/0.9.0/mullvad-browser-extension-0… name: mullvad-extension sha256sum: 65bf235aa1015054ae0a54a40c5a663e67fe1d0f0799e7b4726f98cccc7f3eab enable: '[% c("var/mullvad-browser") %]' ===================================== projects/firefox/config ===================================== @@ -17,7 +17,8 @@ var: firefox_platform_version: 115.10.0 firefox_version: '[% c("var/firefox_platform_version") %]esr' browser_series: '13.5' - browser_branch: '[% c("var/browser_series") %]-1' + browser_rebase: 1 + browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' browser_build: 2 branding_directory_prefix: 'tb' copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' ===================================== projects/go/config ===================================== @@ -1,11 +1,14 @@ # vim: filetype=yaml sw=2 -version: '[% IF c("var/use_go_1_20") %]1.20.14[% ELSE %]1.21.9[% END %]' +# When Windows 7 goes EOL, just update this field +version: '[% IF c("var/use_go_1_20") %][% c("var/go_1_20") %][% ELSE %][% c("var/go_1_21") %][% END %]' filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' container: use_container: 1 var: use_go_1_20: 0 + go_1_21: 1.21.9 + go_1_20: 1.20.14 setup: | mkdir -p /var/tmp/dist tar -C /var/tmp/dist -xf $rootdir/[% c("go_tarfile") %] @@ -119,13 +122,11 @@ input_files: - name: '[% c("var/compiler") %]' project: '[% c("var/compiler") %]' enable: '[% ! c("var/linux") %]' - - URL: 'https://go.dev/dl/go[% c("version") %].src.tar.gz' - # 1.21 series + - URL: 'https://go.dev/dl/go[% c("var/go_1_21") %].src.tar.gz' name: go sha256sum: 58f0c5ced45a0012bce2ff7a9df03e128abcc8818ebabe5027bb92bafe20e421 enable: '[% !c("var/use_go_1_20") %]' - - URL: 'https://go.dev/dl/go[% c("version") %].src.tar.gz' - # 1.20 series + - URL: 'https://go.dev/dl/go[% c("var/go_1_20") %].src.tar.gz' name: go sha256sum: 1aef321a0e3e38b7e91d2d7eb64040666cabdcc77d383de3c9522d0d69b67f4e enable: '[% c("var/use_go_1_20") %]' ===================================== projects/openssl/config ===================================== @@ -34,3 +34,4 @@ input_files: project: '[% c("var/compiler") %]' - URL: 'https://www.openssl.org/source/openssl-[% c("version") %].tar.gz' sha256sum: 88525753f79d3bec27d2fa7c66aa0b92b3aa9498dafd93d7cfa4b3780cdae313 + name: openssl ===================================== rbm.conf ===================================== @@ -75,16 +75,16 @@ buildconf: var: torbrowser_version: '13.5a7' torbrowser_build: 'build2' - torbrowser_incremental_from: - - '13.5a6' - - '13.5a5' - - '13.5a4' # This should be the date of when the build is started. For the build # to be reproducible, browser_release_date should always be in the past. browser_release_date: '2024/04/25 12:00:00' browser_release_date_timestamp: '[% USE date; date.format(c("var/browser_release_date"), "%s") %]' updater_enabled: 1 build_mar: 1 + torbrowser_incremental_from: + - '13.5a6' + - '13.5a5' + - '13.5a4' mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]' # By default, we sort the list of installed packages. This allows sharing ===================================== tools/.gitignore ===================================== @@ -1,3 +1,4 @@ _repackaged +__pycache__ .changelogs_token local ===================================== tools/fetch-changelogs.py deleted ===================================== @@ -1,276 +0,0 @@ -#!/usr/bin/env python3 -import argparse -from datetime import datetime -import enum -from pathlib import Path -import re -import sys - -import requests - - -GITLAB = "https://gitlab.torproject.org" -API_URL = f"{GITLAB}/api/v4" -PROJECT_ID = 473 - -is_mb = False -project_order = { - "tor-browser-spec": 0, - # Leave 1 free, so we can redefine mullvad-browser when needed. - "tor-browser": 2, - "tor-browser-build": 3, - "mullvad-browser": 4, - "rbm": 5, -} - - -class EntryType(enum.IntFlag): - UPDATE = 0 - ISSUE = 1 - - -class Platform(enum.IntFlag): - WINDOWS = 8 - MACOS = 4 - LINUX = 2 - ANDROID = 1 - DESKTOP = 8 | 4 | 2 - ALL_PLATFORMS = 8 | 4 | 2 | 1 - - -class ChangelogEntry: - def __init__(self, type_, platform, num_platforms, is_build): - self.type = type_ - self.platform = platform - self.num_platforms = num_platforms - self.is_build = is_build - - def get_platforms(self): - if self.platform == Platform.ALL_PLATFORMS: - return "All Platforms" - platforms = [] - if self.platform & Platform.WINDOWS: - platforms.append("Windows") - if self.platform & Platform.MACOS: - platforms.append("macOS") - if self.platform & Platform.LINUX: - platforms.append("Linux") - if self.platform & Platform.ANDROID: - platforms.append("Android") - return " + ".join(platforms) - - def __lt__(self, other): - if self.type != other.type: - return self.type < other.type - if self.type == EntryType.UPDATE: - # Rely on sorting being stable on Python - return False - if self.project == other.project: - return self.number < other.number - return project_order[self.project] < project_order[other.project] - - -class UpdateEntry(ChangelogEntry): - def __init__(self, name, version): - if name == "Firefox" and not is_mb: - platform = Platform.DESKTOP - num_platforms = 3 - elif name == "GeckoView": - platform = Platform.ANDROID - num_platforms = 3 - else: - platform = Platform.ALL_PLATFORMS - num_platforms = 4 - super().__init__( - EntryType.UPDATE, platform, num_platforms, name == "Go" - ) - self.name = name - self.version = version - - def __str__(self): - return f"Updated {self.name} to {self.version}" - - -class Issue(ChangelogEntry): - def __init__(self, j): - self.title = j["title"] - self.project, self.number = ( - j["references"]["full"].rsplit("/", 2)[-1].split("#") - ) - self.number = int(self.number) - platform = 0 - num_platforms = 0 - if "Desktop" in j["labels"]: - platform = Platform.DESKTOP - num_platforms += 3 - else: - if "Windows" in j["labels"]: - platform |= Platform.WINDOWS - num_platforms += 1 - if "MacOS" in j["labels"]: - platform |= Platform.MACOS - num_platforms += 1 - if "Linux" in j["labels"]: - platform |= Platform.LINUX - num_platforms += 1 - if "Android" in j["labels"]: - if is_mb and num_platforms == 0: - raise Exception( - f"Android-only issue on Mullvad Browser: {j['references']['full']}!" - ) - elif not is_mb: - platform |= Platform.ANDROID - num_platforms += 1 - if not platform or (is_mb and platform == Platform.DESKTOP): - platform = Platform.ALL_PLATFORMS - num_platforms = 4 - is_build = "Build System" in j["labels"] - super().__init__(EntryType.ISSUE, platform, num_platforms, is_build) - - def __str__(self): - return f"Bug {self.number}: {self.title} [{self.project}]" - - -def sorted_issues(issues): - issues = [sorted(v) for v in issues.values()] - return sorted( - issues, - key=lambda group: (group[0].num_platforms << 8) | group[0].platform, - reverse=True, - ) - - -parser = argparse.ArgumentParser() -parser.add_argument("issue_version") -parser.add_argument("--date", help="The date of the release") -parser.add_argument("--firefox", help="New Firefox version (if we rebased)") -parser.add_argument("--tor", help="New Tor version (if updated)") -parser.add_argument("--no-script", help="New NoScript version (if updated)") -parser.add_argument("--openssl", help="New OpenSSL version (if updated)") -parser.add_argument("--ublock", help="New uBlock version (if updated)") -parser.add_argument("--zlib", help="New zlib version (if updated)") -parser.add_argument("--go", help="New Go version (if updated)") -args = parser.parse_args() - -if not args.issue_version: - parser.print_help() - sys.exit(1) - -token_file = Path(__file__).parent / ".changelogs_token" -if not token_file.exists(): - print( - f"Please add your personal GitLab token (with 'read_api' scope) to {token_file}" - ) - print( - f"Please go to {GITLAB}/-/profile/personal_access_tokens and generate it." - ) - token = input("Please enter the new token: ").strip() - if not token: - print("Invalid token!") - sys.exit(2) - with token_file.open("w") as f: - f.write(token) -with token_file.open() as f: - token = f.read().strip() -headers = {"PRIVATE-TOKEN": token} - -version = args.issue_version -r = requests.get( - f"{API_URL}/projects/{PROJECT_ID}/issues?labels=Release Prep", - headers=headers, -) -if r.status_code == 401: - print("Unauthorized! Has your token expired?") - sys.exit(3) -issue = None -issues = [] -for i in r.json(): - if i["title"].find(version) != -1: - issues.append(i) -if len(issues) == 1: - issue = issues[0] -elif len(issues) > 1: - print("More than one matching issue found:") - for idx, i in enumerate(issues): - print(f" {idx + 1}) #{i['iid']} - {i['title']}") - print("Please use the issue id.") - sys.exit(4) -else: - iid = version - version = "CHANGEME!" - if iid[0] == "#": - iid = iid[1:] - try: - int(iid) - r = requests.get( - f"{API_URL}/projects/{PROJECT_ID}/issues?iids={iid}", - headers=headers, - ) - if r.ok and r.json(): - issue = r.json()[0] - version_match = re.search(r"\b[0-9]+\.[.0-9a]+\b", issue["title"]) - if version_match: - version = version_match.group() - except ValueError: - pass -if not issue: - print( - "Release preparation issue not found. Please make sure it has ~Release Prep." - ) - sys.exit(5) -if "Sponsor 131" in issue["labels"]: - is_mb = True - project_order["mullvad-browser"] = 1 -iid = issue["iid"] - -linked = {} -linked_build = {} - - -def add_entry(entry): - target = linked_build if entry.is_build else linked - if entry.platform not in target: - target[entry.platform] = [] - target[entry.platform].append(entry) - - -if args.firefox: - add_entry(UpdateEntry("Firefox", args.firefox)) - if not is_mb: - add_entry(UpdateEntry("GeckoView", args.firefox)) -if args.tor and not is_mb: - add_entry(UpdateEntry("Tor", args.tor)) -if args.no_script: - add_entry(UpdateEntry("NoScript", args.no_script)) -if not is_mb: - if args.openssl: - add_entry(UpdateEntry("OpenSSL", args.openssl)) - if args.zlib: - add_entry(UpdateEntry("zlib", args.zlib)) - if args.go: - add_entry(UpdateEntry("Go", args.go)) -elif args.ublock: - add_entry(UpdateEntry("uBlock Origin", args.ublock)) - -r = requests.get( - f"{API_URL}/projects/{PROJECT_ID}/issues/{iid}/links", headers=headers -) -for i in r.json(): - add_entry(Issue(i)) - -linked = sorted_issues(linked) -linked_build = sorted_issues(linked_build) - -name = "Mullvad" if is_mb else "Tor" -date = args.date if args.date else datetime.now().strftime("%B %d %Y") -print(f"{name} Browser {version} - {date}") -for issues in linked: - print(f" * {issues[0].get_platforms()}") - for i in issues: - print(f" * {i}") -if linked_build: - print(" * Build System") - for issues in linked_build: - print(f" * {issues[0].get_platforms()}") - for i in issues: - print(f" * {i}") ===================================== tools/fetch-manual.py deleted ===================================== @@ -1,83 +0,0 @@ -#!/usr/bin/env python3 -import hashlib -from pathlib import Path -import sys - -import requests -import yaml - - -GITLAB = "https://gitlab.torproject.org" -API_URL = f"{GITLAB}/api/v4" -PROJECT_ID = 23 -REF_NAME = "main" - - -token_file = Path(__file__).parent / ".changelogs_token" -if not token_file.exists(): - print("This scripts uses the same access token as fetch-changelog.py.") - print("However, the file has not been found.") - print( - "Please run fetch-changelog.py to get the instructions on how to " - "generate it." - ) - sys.exit(1) -with token_file.open() as f: - headers = {"PRIVATE-TOKEN": f.read().strip()} - -r = requests.get(f"{API_URL}/projects/{PROJECT_ID}/jobs", headers=headers) -if r.status_code == 401: - print("Unauthorized! Maybe the token has expired.") - sys.exit(2) -found = False -for job in r.json(): - if job["ref"] != REF_NAME: - continue - for art in job["artifacts"]: - if art["filename"] == "artifacts.zip": - found = True - break - if found: - break -if not found: - print("Cannot find a usable job.") - sys.exit(3) - -pipeline_id = job["pipeline"]["id"] -conf_file = Path(__file__).parent.parent / "projects/manual/config" -with conf_file.open() as f: - config = yaml.load(f, yaml.SafeLoader) -if int(config["version"]) == int(pipeline_id): - print( - "projects/manual/config is already using the latest pipeline. Nothing to do." - ) - sys.exit(0) - -manual_dir = Path(__file__).parent.parent / "out/manual" -manual_dir.mkdir(0o755, parents=True, exist_ok=True) -manual_file = manual_dir / f"manual_{pipeline_id}.zip" -sha256 = hashlib.sha256() -if manual_file.exists(): - with manual_file.open("rb") as f: - while chunk := f.read(8192): - sha256.update(chunk) - print("You already have the latest manual version in your out directory.") - print("Please update projects/manual/config to:") -else: - print("Downloading the new version of the manual...") - url = f"{API_URL}/projects/{PROJECT_ID}/jobs/artifacts/{REF_NAME}/download?job={job['name']}" - r = requests.get(url, headers=headers, stream=True) - # https://stackoverflow.com/a/16696317 - r.raise_for_status() - with manual_file.open("wb") as f: - for chunk in r.iter_content(chunk_size=8192): - f.write(chunk) - sha256.update(chunk) - print(f"File downloaded as {manual_file}.") - print( - "Please upload it to tb-build-02.torproject.org:~tb-builder/public_html/. and then update projects/manual/config:" - ) -sha256 = sha256.hexdigest() - -print(f"\tversion: {pipeline_id}") -print(f"\tSHA256: {sha256}") ===================================== tools/fetch_allowed_addons.py ===================================== @@ -5,33 +5,49 @@ import json import base64 import sys +NOSCRIPT = "{73a6fe31-595d-460b-a920-fcc0f8843232}" + + def fetch(x): - with urllib.request.urlopen(x) as response: - return response.read() + with urllib.request.urlopen(x) as response: + return response.read() + def find_addon(addons, addon_id): - results = addons['results'] - for x in results: - addon = x['addon'] - if addon['guid'] == addon_id: - return addon - sys.exit("Error: cannot find addon " + addon_id) + results = addons["results"] + for x in results: + addon = x["addon"] + if addon["guid"] == addon_id: + return addon + def fetch_and_embed_icons(addons): - results = addons['results'] - for x in results: - addon = x['addon'] - icon_data = fetch(addon['icon_url']) - addon['icon_url'] = 'data:image/png;base64,' + str(base64.b64encode(icon_data), 'utf8') + results = addons["results"] + for x in results: + addon = x["addon"] + icon_data = fetch(addon["icon_url"]) + addon["icon_url"] = "data:image/png;base64," + str( + base64.b64encode(icon_data), "utf8" + ) + + +def fetch_allowed_addons(amo_collection=None): + if amo_collection is None: + amo_collection = "83a9cccfe6e24a34bd7b155ff9ee32" + url = f"https://services.addons.mozilla.org/api/v4/accounts/account/mozilla/collect…" + data = json.loads(fetch(url)) + fetch_and_embed_icons(data) + data["results"].sort(key=lambda x: x["addon"]["guid"]) + return data + def main(argv): - amo_collection = argv[0] if argv else '83a9cccfe6e24a34bd7b155ff9ee32' - url = 'https://services.addons.mozilla.org/api/v4/accounts/account/mozilla/collect…' + amo_collection + '/addons/' - data = json.loads(fetch(url)) - fetch_and_embed_icons(data) - data['results'].sort(key=lambda x: x['addon']['guid']) - find_addon(data, '{73a6fe31-595d-460b-a920-fcc0f8843232}') # Check that NoScript is present - print(json.dumps(data, indent=2, ensure_ascii=False)) + data = fetch_allowed_addons(argv[0] if len(argv) > 1 else None) + # Check that NoScript is present + if find_addon(data, NOSCRIPT) is None: + sys.exit("Error: cannot find NoScript.") + print(json.dumps(data, indent=2, ensure_ascii=False)) + if __name__ == "__main__": - main(sys.argv[1:]) + main(sys.argv[1:]) ===================================== tools/fetch_changelogs.py ===================================== @@ -0,0 +1,366 @@ +#!/usr/bin/env python3 +import argparse +from datetime import datetime +import enum +from pathlib import Path +import re +import sys + +import requests + + +GITLAB = "https://gitlab.torproject.org" +API_URL = f"{GITLAB}/api/v4" +PROJECT_ID = 473 +AUTH_HEADER = "PRIVATE-TOKEN" + + +class EntryType(enum.IntFlag): + UPDATE = 0 + ISSUE = 1 + + +class Platform(enum.IntFlag): + WINDOWS = 8 + MACOS = 4 + LINUX = 2 + ANDROID = 1 + DESKTOP = 8 | 4 | 2 + ALL_PLATFORMS = 8 | 4 | 2 | 1 + + +class ChangelogEntry: + def __init__(self, type_, platform, num_platforms, is_build, is_mb): + self.type = type_ + self.platform = platform + self.num_platforms = num_platforms + self.is_build = is_build + self.project_order = { + "tor-browser-spec": 0, + # Leave 1 free, so we can redefine mullvad-browser when needed. + "tor-browser": 2, + "tor-browser-build": 3, + "mullvad-browser": 1 if is_mb else 4, + "rbm": 5, + } + + def get_platforms(self): + if self.platform == Platform.ALL_PLATFORMS: + return "All Platforms" + platforms = [] + if self.platform & Platform.WINDOWS: + platforms.append("Windows") + if self.platform & Platform.MACOS: + platforms.append("macOS") + if self.platform & Platform.LINUX: + platforms.append("Linux") + if self.platform & Platform.ANDROID: + platforms.append("Android") + return " + ".join(platforms) + + def __lt__(self, other): + if self.num_platforms != other.num_platforms: + return self.num_platforms > other.num_platforms + if self.platform != other.platform: + return self.platform > other.platform + if self.type != other.type: + return self.type < other.type + if self.type == EntryType.UPDATE: + # Rely on sorting being stable on Python + return False + if self.project == other.project: + return self.number < other.number + return ( + self.project_order[self.project] + < self.project_order[other.project] + ) + + +class UpdateEntry(ChangelogEntry): + def __init__(self, name, version, is_mb): + if name == "Firefox" and not is_mb: + platform = Platform.DESKTOP + num_platforms = 3 + elif name == "GeckoView" or name == "Zstandard": + platform = Platform.ANDROID + num_platforms = 1 + else: + platform = Platform.ALL_PLATFORMS + num_platforms = 4 + super().__init__( + EntryType.UPDATE, platform, num_platforms, name == "Go", is_mb + ) + self.name = name + self.version = version + + def __str__(self): + return f"Updated {self.name} to {self.version}" + + +class Issue(ChangelogEntry): + def __init__(self, j, is_mb): + self.title = j["title"] + self.project, self.number = ( + j["references"]["full"].rsplit("/", 2)[-1].split("#") + ) + self.number = int(self.number) + platform = 0 + num_platforms = 0 + if "Desktop" in j["labels"]: + platform = Platform.DESKTOP + num_platforms += 3 + else: + if "Windows" in j["labels"]: + platform |= Platform.WINDOWS + num_platforms += 1 + if "MacOS" in j["labels"]: + platform |= Platform.MACOS + num_platforms += 1 + if "Linux" in j["labels"]: + platform |= Platform.LINUX + num_platforms += 1 + if "Android" in j["labels"]: + if is_mb and num_platforms == 0: + raise Exception( + f"Android-only issue on Mullvad Browser: {j['references']['full']}!" + ) + elif not is_mb: + platform |= Platform.ANDROID + num_platforms += 1 + if not platform or (is_mb and platform == Platform.DESKTOP): + platform = Platform.ALL_PLATFORMS + num_platforms = 4 + is_build = "Build System" in j["labels"] + super().__init__( + EntryType.ISSUE, platform, num_platforms, is_build, is_mb + ) + + def __str__(self): + return f"Bug {self.number}: {self.title} [{self.project}]" + + +class ChangelogBuilder: + + def __init__(self, auth_token, issue_or_version, is_mullvad=None): + self.headers = {AUTH_HEADER: auth_token} + self._find_issue(issue_or_version, is_mullvad) + + def _find_issue(self, issue_or_version, is_mullvad): + self.version = None + if issue_or_version[0] == "#": + self._fetch_issue(issue_or_version[1:], is_mullvad) + return + labels = "Release Prep" + if is_mullvad: + labels += ",Sponsor 131" + elif not is_mullvad and is_mullvad is not None: + labels += "&not[labels]=Sponsor 131" + r = requests.get( + f"{API_URL}/projects/{PROJECT_ID}/issues?labels={labels}&search={issue_or_version}&in=title", + headers=self.headers, + ) + r.raise_for_status() + issues = r.json() + if len(issues) == 1: + self.version = issue_or_version + self._set_issue(issues[0], is_mullvad) + elif len(issues) > 1: + raise ValueError( + "Multiple issues found, try to specify the browser." + ) + else: + self._fetch_issue(issue_or_version, is_mullvad) + + def _fetch_issue(self, number, is_mullvad): + try: + # Validate the string to be an integer + number = int(number) + except ValueError: + # This is called either as a last chance, or because we + # were given "#", so this error should be good. + raise ValueError("Issue not found") + r = requests.get( + f"{API_URL}/projects/{PROJECT_ID}/issues?iids[]={number}", + headers=self.headers, + ) + r.raise_for_status() + issues = r.json() + if len(issues) != 1: + # It should be only 0, since we used the number... + raise ValueError("Issue not found") + self._set_issue(issues[0], is_mullvad) + + def _set_issue(self, issue, is_mullvad): + has_s131 = "Sponsor 131" in issue["labels"] + if is_mullvad is not None and is_mullvad != has_s131: + raise ValueError( + "Inconsistency detected: a browser was explicitly specified, but the issue does not have the correct labels." + ) + self.issue_id = issue["iid"] + self.is_mullvad = has_s131 + + if self.version is None: + version_match = re.search(r"\b[0-9]+\.[.0-9a]+\b", issue["title"]) + if version_match: + self.version = version_match.group() + + def create(self, **kwargs): + self._find_linked() + self._add_updates(kwargs) + self._sort_issues() + name = "Mullvad" if self.is_mullvad else "Tor" + date = ( + kwargs["date"] + if kwargs.get("date") + else datetime.now().strftime("%B %d %Y") + ) + text = f"{name} Browser {self.version} - {date}\n" + prev_platform = "" + for issue in self.issues: + platform = issue.get_platforms() + if platform != prev_platform: + text += f" * {platform}\n" + prev_platform = platform + text += f" * {issue}\n" + if self.issues_build: + text += " * Build System\n" + prev_platform = "" + for issue in self.issues_build: + platform = issue.get_platforms() + if platform != prev_platform: + text += f" * {platform}\n" + prev_platform = platform + text += f" * {issue}\n" + return text + + def _find_linked(self): + self.issues = [] + self.issues_build = [] + + r = requests.get( + f"{API_URL}/projects/{PROJECT_ID}/issues/{self.issue_id}/links", + headers=self.headers, + ) + for i in r.json(): + self._add_issue(i) + + def _add_issue(self, gitlab_data): + self._add_entry(Issue(gitlab_data, self.is_mullvad)) + + def _add_entry(self, entry): + target = self.issues_build if entry.is_build else self.issues + target.append(entry) + + def _add_updates(self, updates): + names = { + "Firefox": "firefox", + } + if not self.is_mullvad: + names.update( + { + "GeckoView": "firefox", + "Tor": "tor", + "NoScript": "noscript", + "OpenSSL": "openssl", + "zlib": "zlib", + "Zstandard": "zstd", + "Go": "go", + } + ) + else: + names.update( + { + "Mullvad Browser Extension": "mb_extension", + "uBlock Origin": "ublock", + } + ) + for name, key in names.items(): + self._maybe_add_update(name, updates, key) + + def _maybe_add_update(self, name, updates, key): + if updates.get(key): + self._add_entry(UpdateEntry(name, updates[key], self.is_mullvad)) + + def _sort_issues(self): + self.issues.sort() + self.issues_build.sort() + + +def load_token(test=True, interactive=True): + token_path = Path(__file__).parent / ".changelogs_token" + + if token_path.exists(): + with token_path.open() as f: + token = f.read().strip() + elif interactive: + print( + f"Please add your personal GitLab token (with 'read_api' scope) to {token_path}" + ) + print( + f"Please go to {GITLAB}/-/profile/personal_access_tokens and generate it." + ) + token = input("Please enter the new token: ").strip() + if not token: + raise ValueError("Invalid token!") + with token_path.open("w") as f: + f.write(token) + if test: + r = requests.get(f"{API_URL}/version", headers={AUTH_HEADER: token}) + if r.status_code == 401: + raise ValueError("The loaded or provided token does not work.") + return token + + +if __name__ == "__main__": + parser = argparse.ArgumentParser() + parser.add_argument("issue_version") + parser.add_argument("-d", "--date", help="The date of the release") + parser.add_argument( + "-b", "--browser", choices=["tor-browser", "mullvad-browser"] + ) + parser.add_argument( + "--firefox", help="New Firefox version (if we rebased)" + ) + parser.add_argument("--tor", help="New Tor version (if updated)") + parser.add_argument( + "--noscript", "--no-script", help="New NoScript version (if updated)" + ) + parser.add_argument("--openssl", help="New OpenSSL version (if updated)") + parser.add_argument("--zlib", help="New zlib version (if updated)") + parser.add_argument("--zstd", help="New zstd version (if updated)") + parser.add_argument("--go", help="New Go version (if updated)") + parser.add_argument( + "--mb-extension", + help="New Mullvad Browser Extension version (if updated)", + ) + parser.add_argument("--ublock", help="New uBlock version (if updated)") + args = parser.parse_args() + + if not args.issue_version: + parser.print_help() + sys.exit(1) + + try: + token = load_token() + except ValueError: + print( + "Invalid authentication token. Maybe has it expired?", + file=sys.stderr, + ) + sys.exit(2) + is_mullvad = args.browser == "mullvad-browser" if args.browser else None + cb = ChangelogBuilder(token, args.issue_version, is_mullvad) + print( + cb.create( + date=args.date, + firefox=args.firefox, + tor=args.tor, + noscript=args.noscript, + openssl=args.openssl, + zlib=args.zlib, + zstd=args.zstd, + go=args.go, + mb_extension=args.mb_extension, + ublock=args.ublock, + ) + ) ===================================== tools/relprep.py ===================================== @@ -0,0 +1,761 @@ +#!/usr/bin/env python3 +import argparse +from collections import namedtuple +import configparser +from datetime import datetime, timezone +from hashlib import sha256 +import json +import locale +import logging +from pathlib import Path +import re +import sys +import xml.etree.ElementTree as ET + +from git import Repo +import requests +import ruamel.yaml + +from fetch_allowed_addons import NOSCRIPT, fetch_allowed_addons, find_addon +import fetch_changelogs +from update_manual import update_manual + + +logger = logging.getLogger(__name__) + + +ReleaseTag = namedtuple("ReleaseTag", ["tag", "version"]) + + +class Version: + def __init__(self, v): + self.v = v + m = re.match(r"(\d+\.\d+)([a\.])?(\d*)", v) + self.major = m.group(1) + self.minor = int(m.group(3)) if m.group(3) else 0 + self.is_alpha = m.group(2) == "a" + self.channel = "alpha" if self.is_alpha else "release" + + def __str__(self): + return self.v + + def __lt__(self, other): + if self.major != other.major: + # String comparison, but it should be fine until + # version 100 :) + return self.major < other.major + if self.is_alpha != other.is_alpha: + return self.is_alpha + # Same major, both alphas/releases + return self.minor < other.minor + + def __eq__(self, other): + return self.v == other.v + + def __hash__(self): + return hash(self.v) + + +def get_sorted_tags(repo): + return sorted( + [t.tag for t in repo.tags if t.tag], + key=lambda t: t.tagged_date, + reverse=True, + ) + + +def get_github_release(project, regex=""): + if regex: + regex = re.compile(regex) + url = f"https://github.com/{project}/releases.atom" + r = requests.get(url) + r.raise_for_status() + feed = ET.fromstring(r.text) + for entry in feed.findall("{http://www.w3.org/2005/Atom}entry"): + link = entry.find("{http://www.w3.org/2005/Atom}link").attrib["href"] + tag = link.split("/")[-1] + if regex: + m = regex.match(tag) + if m: + return m.group(1) + else: + return tag + + +class ReleasePreparation: + def __init__(self, repo_path, version, **kwargs): + logger.debug( + "Initializing. Version=%s, repo=%s, additional args=%s", + repo_path, + version, + kwargs, + ) + self.base_path = Path(repo_path) + self.repo = Repo(self.base_path) + + self.tor_browser = bool(kwargs.get("tor_browser", True)) + self.mullvad_browser = bool(kwargs.get("tor_browser", True)) + if not self.tor_browser and not self.mullvad_browser: + raise ValueError("Nothing to do") + self.android = kwargs.get("android", self.tor_browser) + if not self.tor_browser and self.android: + raise ValueError("Only Tor Browser supports Android") + + logger.debug( + "Tor Browser: %s; Mullvad Browser: %s; Android: %s", + self.tor_browser, + self.mullvad_browser, + self.android, + ) + + self.yaml = ruamel.yaml.YAML() + self.yaml.indent(mapping=2, sequence=4, offset=2) + self.yaml.width = 4096 + self.yaml.preserve_quotes = True + + self.version = Version(version) + + self.build_date = kwargs.get("build_date", datetime.now(timezone.utc)) + self.changelog_date = kwargs.get("changelog_date", self.build_date) + self.num_incrementals = kwargs.get("num_incrementals", 3) + + self.get_last_releases() + + logger.info("Checking you have a working GitLab token.") + self.gitlab_token = fetch_changelogs.load_token() + + def run(self): + self.branch_sanity_check() + + self.update_firefox() + if self.android: + self.update_firefox_android() + self.update_translations() + self.update_addons() + + if self.tor_browser: + self.update_tor() + self.update_openssl() + self.update_zlib() + if self.android: + self.update_zstd() + self.update_go() + self.update_manual() + + self.update_changelogs() + self.update_rbm_conf() + + logger.info("Release preparation complete!") + + def branch_sanity_check(self): + logger.info("Checking you are on an updated branch.") + + remote = None + for rem in self.repo.remotes: + if "tpo/applications/tor-browser-build" in rem.url: + remote = rem + break + if remote is None: + raise RuntimeError("Cannot find the tpo/applications remote.") + remote.fetch() + + branch_name = ( + "main" if self.version.is_alpha else f"maint-{self.version.major}" + ) + branch = remote.refs[branch_name] + base = self.repo.merge_base(self.repo.head, branch)[0] + if base != branch.commit: + raise RuntimeError( + "You are not working on a branch descending from " + f"f{branch_name}. " + "Please checkout the correct branch, or pull/rebase." + ) + logger.debug("Sanity check succeeded.") + + def update_firefox(self): + logger.info("Updating Firefox (and GeckoView if needed)") + config = self.load_config("firefox") + + tag_tb = None + tag_mb = None + if self.tor_browser: + tag_tb = self._get_firefox_tag(config, "tor-browser") + logger.debug( + "Tor Browser tag: ff=%s, rebase=%s, build=%s", + tag_tb[0], + tag_tb[1], + tag_tb[2], + ) + if self.mullvad_browser: + tag_mb = self._get_firefox_tag(config, "mullvad-browser") + logger.debug( + "Mullvad Browser tag: ff=%s, rebase=%s, build=%s", + tag_mb[0], + tag_mb[1], + tag_mb[2], + ) + if ( + tag_mb + and (not tag_tb or tag_tb[2] == tag_mb[2]) + and "browser_build" in config["targets"]["mullvadbrowser"]["var"] + ): + logger.debug( + "Tor Browser and Mullvad Browser are on the same build number, deleting unnecessary targets/mullvadbrowser/var/browser_build." + ) + del config["targets"]["mullvadbrowser"]["var"]["browser_build"] + elif tag_mb and tag_tb and tag_mb[2] != tag_tb[2]: + config["targets"]["mullvadbrowser"]["var"]["browser_build"] = ( + tag_mb[2] + ) + logger.debug( + "Mismatching builds for TBB and MB, will add targets/mullvadbrowser/var/browser_build." + ) + # We assume firefox version and rebase to be in sync + if tag_tb: + version = tag_tb[0] + rebase = tag_tb[1] + build = tag_tb[2] + elif tag_mb: + version = tag_mb[0] + rebase = tag_mb[1] + build = tag_mb[2] + platform = version[:-3] if version.endswith("esr") else version + config["var"]["firefox_platform_version"] = platform + config["var"]["browser_rebase"] = rebase + config["var"]["browser_build"] = build + self.save_config("firefox", config) + logger.debug("Firefox configuration saved") + + if self.android: + assert tag_tb + config = self.load_config("geckoview") + config["var"]["geckoview_version"] = tag_tb[0] + config["var"][ + "browser_branch" + ] = f"{self.version.major}-{tag_tb[1]}" + config["var"]["browser_build"] = tag_tb[2] + self.save_config("geckoview", config) + logger.debug("GeckoView configuration saved") + + def _get_firefox_tag(self, config, browser): + if browser == "mullvad-browser": + remote = config["targets"]["mullvadbrowser"]["git_url"] + else: + remote = config["git_url"] + repo = Repo(self.base_path / "git_clones/firefox") + repo.remotes["origin"].set_url(remote) + logger.debug("About to fetch Firefox from %s.", remote) + repo.remotes["origin"].fetch() + tags = get_sorted_tags(repo) + for t in tags: + m = re.match( + r"(\w+-browser)-([^-]+)-([\d\.]+)-(\d+)-build(\d+)", t.tag + ) + if ( + m + and m.group(1) == browser + and m.group(3) == self.version.major + ): + # firefox-version, rebase, build + return (m.group(2), int(m.group(4)), int(m.group(5))) + + def update_firefox_android(self): + logger.info("Updating firefox-android") + config = self.load_config("firefox-android") + repo = Repo(self.base_path / "git_clones/firefox-android") + repo.remotes["origin"].fetch() + tags = get_sorted_tags(repo) + for t in tags: + m = re.match( + r"firefox-android-([^-]+)-([\d\.]+)-(\d+)-build(\d+)", t.tag + ) + if not m or m.group(2) != self.version.major: + logger.debug("Discarding firefox-android tag: %s", t.tag) + continue + logger.debug("Using firefox-android tag: %s", t.tag) + config["var"]["fenix_version"] = m.group(1) + config["var"]["browser_branch"] = m.group(2) + "-" + m.group(3) + config["var"]["browser_build"] = int(m.group(4)) + break + self.save_config("firefox-android", config) + + def update_translations(self): + logger.info("Updating translations") + repo = Repo(self.base_path / "git_clones/translation") + repo.remotes["origin"].fetch() + config = self.load_config("translation") + targets = ["base-browser"] + if self.tor_browser: + targets.append("tor-browser") + targets.append("fenix") + if self.mullvad_browser: + targets.append("mullvad-browser") + for i in targets: + branch = config["steps"][i]["targets"]["nightly"]["git_hash"] + config["steps"][i]["git_hash"] = str( + repo.rev_parse(f"origin/{branch}") + ) + self.save_config("translation", config) + logger.debug("Translations updated") + + def update_addons(self): + logger.info("Updating addons") + config = self.load_config("browser") + + amo_data = fetch_allowed_addons() + logger.debug("Fetched AMO data") + if self.android: + with ( + self.base_path / "projects/browser/allowed_addons.json" + ).open("w") as f: + json.dump(amo_data, f, indent=2) + + noscript = find_addon(amo_data, NOSCRIPT) + logger.debug("Updating NoScript") + self.update_addon_amo(config, "noscript", noscript) + if self.mullvad_browser: + logger.debug("Updating uBlock Origin") + ublock = find_addon(amo_data, "uBlock0(a)raymondhill.net") + self.update_addon_amo(config, "ublock-origin", ublock) + logger.debug("Updating the Mullvad Browser extension") + self.update_mullvad_addon(config) + + self.save_config("browser", config) + + def update_addon_amo(self, config, name, addon): + addon = addon["current_version"]["files"][0] + assert addon["hash"].startswith("sha256:") + addon_input = self.find_input(config, name) + addon_input["URL"] = addon["url"] + addon_input["sha256sum"] = addon["hash"][7:] + + def update_mullvad_addon(self, config): + input_ = self.find_input(config, "mullvad-extension") + r = requests.get( + "https://cdn.mullvad.net/browser-extension/updates.json" + ) + r.raise_for_status() + + data = r.json() + updates = data["addons"]["{d19a89b9-76c1-4a61-bcd4-49e8de916403}"][ + "updates" + ] + url = updates[-1]["update_link"] + if input_["URL"] == url: + logger.debug("No need to update the Mullvad extension.") + return + input_["URL"] = url + + path = self.base_path / "out/browser" / url.split("/")[-1] + # The extension should be small enough to easily fit in memory :) + if not path.exists: + r = requests.get(url) + r.raise_for_status() + with path.open("wb") as f: + f.write(r.bytes) + with path.open("rb") as f: + input_["sha256sum"] = sha256(f.read()).hexdigest() + logger.debug("Mullvad extension downloaded and updated") + + def update_tor(self): + logger.info("Updating Tor") + databag = configparser.ConfigParser() + r = requests.get( + "https://gitlab.torproject.org/tpo/web/tpo/-/raw/main/databags/versions.ini" + ) + r.raise_for_status() + databag.read_string(r.text) + tor_stable = databag["tor-stable"]["version"] + tor_alpha = databag["tor-alpha"]["version"] + logger.debug( + "Found tor stable: %s, alpha: %s", + tor_stable, + tor_alpha if tor_alpha else "(empty)", + ) + if self.version.is_alpha and tor_alpha: + version = tor_alpha + else: + version = tor_stable + + config = self.load_config("tor") + if version != config["version"]: + config["version"] = version + self.save_config("tor", config) + logger.debug("Tor updated to %s and config saved", version) + else: + logger.debug( + "No need to update Tor (current version: %s).", version + ) + + def update_openssl(self): + logger.info("Updating OpenSSL") + config = self.load_config("openssl") + version = get_github_release("openssl/openssl", r"openssl-(3.0.\d+)") + if version == config["version"]: + logger.debug("No need to update OpenSSL, keeping %s.", version) + return + + config["version"] = version + + source = self.find_input(config, "openssl") + # No need to update URL, as it uses a variable. + hash_url = ( + f"https://www.openssl.org/source/openssl-{version}.tar.gz.sha256" + ) + r = requests.get(hash_url) + r.raise_for_status() + source["sha256sum"] = r.text.strip() + self.save_config("openssl", config) + logger.debug("Updated OpenSSL to %s and config saved.", version) + + def update_zlib(self): + logger.info("Updating zlib") + config = self.load_config("zlib") + version = get_github_release("madler/zlib", r"v([0-9\.]+)") + if version == config["version"]: + logger.debug("No need to update zlib, keeping %s.", version) + return + config["version"] = version + self.save_config("zlib", config) + logger.debug("Updated zlib to %s and config saved.", version) + + def update_zstd(self): + logger.info("Updating Zstandard") + config = self.load_config("zstd") + version = get_github_release("facebook/zstd", r"v([0-9\.]+)") + if version == config["version"]: + logger.debug("No need to update Zstandard, keeping %s.", version) + return + + repo = Repo(self.base_path / "git_clones/zstd") + repo.remotes["origin"].fetch() + tag = repo.rev_parse(f"v{version}") + + config["version"] = version + config["git_hash"] = tag.object.hexsha + self.save_config("zstd", config) + logger.debug( + "Updated Zstandard to %s (commit %s) and config saved.", + version, + config["git_hash"], + ) + + def update_go(self): + def get_major(v): + major = ".".join(v.split(".")[:2]) + if major.startswith("go"): + major = major[2:] + return major + + config = self.load_config("go") + # TODO: When Windows 7 goes EOL use config["version"] + major = get_major(config["var"]["go_1_21"]) + + r = requests.get("https://go.dev/dl/?mode=json") + r.raise_for_status() + go_versions = r.json() + data = None + for v in go_versions: + if get_major(v["version"]) == major: + data = v + break + if not data: + raise KeyError("Could not find information for our Go series.") + # Skip the "go" prefix in the version. + config["var"]["go_1_21"] = data["version"][2:] + + sha256sum = "" + for f in data["files"]: + if f["kind"] == "source": + sha256sum = f["sha256"] + break + if not sha256sum: + raise KeyError("Go source package not found.") + updated_hash = False + for input_ in config["input_files"]: + if "URL" in input_ and "var/go_1_21" in input_["URL"]: + input_["sha256sum"] = sha256sum + updated_hash = True + break + if not updated_hash: + raise KeyError("Could not find a matching entry in input_files.") + + self.save_config("go", config) + + def update_manual(self): + logger.info("Updating the manual") + update_manual(self.gitlab_token, self.base_path) + + def get_last_releases(self): + logger.info("Finding the previous releases.") + sorted_tags = get_sorted_tags(self.repo) + self.last_releases = {} + self.build_number = 1 + regex = re.compile(r"(\w+)-([\d\.a]+)-build(\d+)") + num_releases = 0 + for t in sorted_tags: + m = regex.match(t.tag) + project = m.group(1) + version = Version(m.group(2)) + build = int(m.group(3)) + if version == self.version: + # A previous tag, we can use it to bump our build. + if self.build_number == 1: + self.build_number = build + 1 + logger.debug( + "Found previous tag for the version we are preparing: %s. Bumping build number to %d.", + t.tag, + self.build_number, + ) + continue + key = (project, version.channel) + if key not in self.last_releases: + self.last_releases[key] = [] + skip = False + for rel in self.last_releases[key]: + # Tags are already sorted: higher builds should come + # first. + if rel.version == version: + skip = True + logger.debug( + "Additional build for a version we already found, skipping: %s", + t.tag, + ) + break + if skip: + continue + if len(self.last_releases[key]) != self.num_incrementals: + logger.debug( + "Found tag to potentially build incrementals from: %s.", + t.tag, + ) + self.last_releases[key].append(ReleaseTag(t, version)) + num_releases += 1 + if num_releases == self.num_incrementals * 4: + break + + def update_changelogs(self): + if self.tor_browser: + logger.info("Updating changelogs for Tor Browser") + self.make_changelogs("tbb") + if self.mullvad_browser: + logger.info("Updating changelogs for Mullvad Browser") + self.make_changelogs("mb") + + def make_changelogs(self, tag_prefix): + locale.setlocale(locale.LC_TIME, "C") + kwargs = {"date": self.changelog_date.strftime("%B %d %Y")} + prev_tag = self.last_releases[(tag_prefix, self.version.channel)][ + 0 + ].tag + self.check_update( + kwargs, prev_tag, "firefox", ["var", "firefox_platform_version"] + ) + if "firefox" in kwargs: + # Sometimes this might be incorrect for alphas, but let's + # keep it for now. + kwargs["firefox"] += "esr" + self.check_update_simple(kwargs, prev_tag, "tor") + self.check_update_simple(kwargs, prev_tag, "openssl") + self.check_update_simple(kwargs, prev_tag, "zlib") + self.check_update_simple(kwargs, prev_tag, "zstd") + try: + self.check_update(kwargs, prev_tag, "go", ["var", "go_1_21"]) + except KeyError as e: + logger.warning( + "Go: var/go_1_21 not found, marking Go as not updated.", + exc_info=e, + ) + pass + self.check_update_extensions(kwargs, prev_tag) + logger.debug("Changelog arguments for %s: %s", tag_prefix, kwargs) + cb = fetch_changelogs.ChangelogBuilder( + self.gitlab_token, str(self.version), is_mullvad=tag_prefix == "mb" + ) + changelogs = cb.create(**kwargs) + + path = f"projects/browser/Bundle-Data/Docs-{tag_prefix.upper()}/ChangeLog.txt" + stable_tag = self.last_releases[(tag_prefix, "release")][0].tag + alpha_tag = self.last_releases[(tag_prefix, "alpha")][0].tag + if stable_tag.tagged_date > alpha_tag.tagged_date: + last_tag = stable_tag + else: + last_tag = alpha_tag + logger.debug("Using %s to add the new changelogs to.", last_tag.tag) + last_changelogs = self.repo.git.show(f"{last_tag.tag}:{path}") + with (self.base_path / path).open("w") as f: + f.write(changelogs + "\n" + last_changelogs + "\n") + + def check_update(self, updates, prev_tag, project, key): + old_val = self.load_old_config(prev_tag.tag, project) + new_val = self.load_config(project) + for k in key: + old_val = old_val[k] + new_val = new_val[k] + if old_val != new_val: + updates[project] = new_val + + def check_update_simple(self, updates, prev_tag, project): + self.check_update(updates, prev_tag, project, ["version"]) + + def check_update_extensions(self, updates, prev_tag): + old_config = self.load_old_config(prev_tag, "browser") + new_config = self.load_config("browser") + keys = { + "noscript": "noscript", + "mb_extension": "mullvad-extension", + "ublock": "ublock-origin", + } + regex = re.compile(r"-([0-9\.]+).xpi$") + for update_key, input_name in keys.items(): + old_url = self.find_input(old_config, input_name)["URL"] + new_url = self.find_input(new_config, input_name)["URL"] + old_version = regex.findall(old_url)[0] + new_version = regex.findall(new_url)[0] + if old_version != new_version: + updates[update_key] = new_version + + def update_rbm_conf(self): + logger.info("Updating rbm.conf.") + releases = {} + browsers = { + "tbb": '[% IF c("var/tor-browser") %]{}[% END %]', + "mb": '[% IF c("var/mullvad-browser") %]{}[% END %]', + } + incremental_from = [] + for b in ["tbb", "mb"]: + for rel in self.last_releases[(b, self.version.channel)]: + if rel.version not in releases: + releases[rel.version] = {} + releases[rel.version][b] = str(rel.version) + for version in sorted(releases.keys(), reverse=True): + if len(releases[version]) == 2: + incremental_from.append(releases[version]["tbb"]) + logger.debug( + "Building incremental from %s for both browsers.", version + ) + else: + for b, template in browsers.items(): + maybe_rel = releases[version].get(b) + if maybe_rel: + logger.debug( + "Building incremental from %s only for %s.", + version, + b, + ) + incremental_from.append(template.format(maybe_rel)) + + separator = "\n--- |\n" + path = self.base_path / "rbm.conf" + with path.open() as f: + docs = f.read().split(separator, 2) + config = self.yaml.load(docs[0]) + config["var"]["torbrowser_version"] = str(self.version) + config["var"]["torbrowser_build"] = f"build{self.build_number}" + config["var"]["torbrowser_incremental_from"] = incremental_from + config["var"]["browser_release_date"] = self.build_date.strftime( + "%Y/%m/%d %H:%M:%S" + ) + with path.open("w") as f: + self.yaml.dump(config, f) + f.write(separator) + f.write(docs[1]) + + def load_config(self, project): + config_path = self.base_path / f"projects/{project}/config" + return self.yaml.load(config_path) + + def load_old_config(self, committish, project): + treeish = f"{committish}:projects/{project}/config" + return self.yaml.load(self.repo.git.show(treeish)) + + def save_config(self, project, config): + config_path = self.base_path / f"projects/{project}/config" + with config_path.open("w") as f: + self.yaml.dump(config, f) + + def find_input(self, config, name): + for entry in config["input_files"]: + if "name" in entry and entry["name"] == name: + return entry + raise KeyError(f"Input {name} not found.") + + +if __name__ == "__main__": + parser = argparse.ArgumentParser() + parser.add_argument( + "-r", + "--repository", + type=Path, + default=Path(__file__).parent.parent, + help="Path to a tor-browser-build.git clone", + ) + parser.add_argument("--tor-browser", action="store_true") + parser.add_argument("--mullvad-browser", action="store_true") + parser.add_argument( + "--date", + help="Release date and optionally time for changelog purposes. " + "It must be understandable by datetime.fromisoformat.", + ) + parser.add_argument( + "--build-date", + help="Build date. It cannot not be in the future when running the build.", + ) + parser.add_argument( + "--incrementals", type=int, help="The number of incrementals to create" + ) + parser.add_argument( + "--only-changelogs", + action="store_true", + help="Only update the changelogs", + ) + parser.add_argument( + "--log-level", + choices=["debug", "info", "warning", "error"], + default="info", + help="Set the log level", + ) + parser.add_argument("version") + + args = parser.parse_args() + + # Logger adapted from https://stackoverflow.com/a/56944256. + log_level = getattr(logging, args.log_level.upper()) + logger.setLevel(log_level) + ch = logging.StreamHandler() + ch.setLevel(log_level) + ch.setFormatter( + logging.Formatter( + "%(asctime)s - %(name)s - %(levelname)s - %(message)s (%(filename)s:%(lineno)d)", + datefmt="%Y-%m-%d %H:%M:%S", + ) + ) + logger.addHandler(ch) + + tbb = bool(args.tor_browser) + mb = bool(args.mullvad_browser) + kwargs = {} + if tbb or mb: + kwargs["tor_browser"] = tbb + kwargs["mullvad_browser"] = mb + if args.date: + try: + kwargs["changelog_date"] = datetime.fromisoformat(args.date) + except ValueError: + print("Invalid date supplied.", file=sys.stderr) + sys.exit(1) + if args.build_date: + try: + kwargs["build_date"] = datetime.fromisoformat(args.date) + except ValueError: + print("Invalid date supplied.", file=sys.stderr) + sys.exit(1) + if args.incrementals: + kwargs["incrementals"] = args.incrementals + rp = ReleasePreparation(args.repository, args.version, **kwargs) + if args.only_changelogs: + logger.info("Updating only the changelogs") + rp.update_changelogs() + else: + logger.debug("Running a complete release preparation.") + rp.run() ===================================== tools/update_manual.py ===================================== @@ -0,0 +1,100 @@ +#!/usr/bin/env python3 +import hashlib +from pathlib import Path + +import requests +import ruamel.yaml + +from fetch_changelogs import load_token, AUTH_HEADER + + +GITLAB = "https://gitlab.torproject.org" +API_URL = f"{GITLAB}/api/v4" +PROJECT_ID = 23 +REF_NAME = "main" + + +def find_job(auth_token): + r = requests.get( + f"{API_URL}/projects/{PROJECT_ID}/jobs", + headers={AUTH_HEADER: auth_token}, + ) + r.raise_for_status() + for job in r.json(): + if job["ref"] != REF_NAME: + continue + for artifact in job["artifacts"]: + if artifact["filename"] == "artifacts.zip": + return job + + +def update_config(base_path, pipeline_id, sha256): + yaml = ruamel.yaml.YAML() + yaml.indent(mapping=2, sequence=4, offset=2) + yaml.width = 150 + yaml.preserve_quotes = True + + config_path = base_path / "projects/manual/config" + config = yaml.load(config_path) + if int(config["version"]) == pipeline_id: + return False + + config["version"] = pipeline_id + for input_file in config["input_files"]: + if input_file.get("name") == "manual": + input_file["sha256sum"] = sha256 + break + with config_path.open("w") as f: + yaml.dump(config, f) + return True + +def download_manual(url, dest): + r = requests.get(url, stream=True) + # https://stackoverflow.com/a/16696317 + r.raise_for_status() + sha256 = hashlib.sha256() + with dest.open("wb") as f: + for chunk in r.iter_content(chunk_size=8192): + f.write(chunk) + sha256.update(chunk) + return sha256.hexdigest() + + +def update_manual(auth_token, base_path): + job = find_job(auth_token) + if job is None: + raise RuntimeError("No usable job found") + pipeline_id = int(job["pipeline"]["id"]) + + manual_fname = f"manual_{pipeline_id}.zip" + url = f"https://build-sources.tbb.torproject.org/{manual_fname}" + r = requests.head(url) + needs_upload = r.status_code != 200 + + manual_dir = base_path / "out/manual" + manual_dir.mkdir(0o755, parents=True, exist_ok=True) + manual_file = manual_dir / manual_fname + if manual_file.exists(): + sha256 = hashlib.sha256() + with manual_file.open("rb") as f: + while chunk := f.read(8192): + sha256.update(chunk) + sha256 = sha256.hexdigest() + elif not needs_upload: + sha256 = download_manual(url, manual_file) + else: + url = f"{API_URL}/projects/{PROJECT_ID}/jobs/artifacts/{REF_NAME}/download?job={job['name']}" + sha256 = download_manual(url, manual_file) + + if needs_upload: + print(f"New manual version: {manual_file}.") + print( + "Please upload it to tb-build-02.torproject.org:~tb-builder/public_html/." + ) + + return update_config(base_path, pipeline_id, sha256) + + +if __name__ == "__main__": + if update_manual(load_token(), Path(__file__).parent.parent): + print("Manual config updated, remember to stage it!") View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new branch mullvad-browser-115.11.0esr-13.5-1
by Pier Angelo Vendrame (＠pierov) 07 May '24

07 May '24

Pier Angelo Vendrame pushed new branch mullvad-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new branch mullvad-browser-115.11.0esr-13.0-1
by Pier Angelo Vendrame (＠pierov) 07 May '24

07 May '24

Pier Angelo Vendrame pushed new branch mullvad-browser-115.11.0esr-13.0-1 at The Tor Project / Applications / Mullvad Browser -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new branch tor-browser-115.11.0esr-13.5-1
by Pier Angelo Vendrame (＠pierov) 07 May '24

07 May '24

Pier Angelo Vendrame pushed new branch tor-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new branch tor-browser-115.11.0esr-13.0-1
by Pier Angelo Vendrame (＠pierov) 07 May '24

07 May '24

Pier Angelo Vendrame pushed new branch tor-browser-115.11.0esr-13.0-1 at The Tor Project / Applications / Tor Browser -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag FIREFOX_115_11_0esr_BUILD1
by Pier Angelo Vendrame (＠pierov) 06 May '24

06 May '24

Pier Angelo Vendrame pushed new tag FIREFOX_115_11_0esr_BUILD1 at The Tor Project / Applications / Tor Browser -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/FIREFOX_1… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.10.0esr-13.5-1] fixup! MB 1: Mullvad Browser branding
by Pier Angelo Vendrame (＠pierov) 06 May '24

06 May '24

Pier Angelo Vendrame pushed to branch mullvad-browser-115.10.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser Commits: dd21380f by Pier Angelo Vendrame at 2024-05-06T09:16:59+02:00 fixup! MB 1: Mullvad Browser branding MB 284: Customize logs in about:debugging. - - - - - 4 changed files: - devtools/client/aboutdebugging/src/actions/runtimes.js - devtools/client/aboutdebugging/src/components/sidebar/Sidebar.js - devtools/client/jar.mn - + devtools/client/themes/images/aboutdebugging-mullvadbrowser-logo.svg Changes: ===================================== devtools/client/aboutdebugging/src/actions/runtimes.js ===================================== @@ -60,25 +60,7 @@ const CONNECTION_TIMING_OUT_DELAY = 3000; const CONNECTION_CANCEL_DELAY = 13000; async function getRuntimeIcon(runtime, channel) { - if (runtime.isFenix) { - switch (channel) { - case "release": - case "beta": - return "chrome://devtools/skin/images/aboutdebugging-fenix.svg"; - case "aurora": - default: - return "chrome://devtools/skin/images/aboutdebugging-fenix-nightly.svg"; - } - } - - // Use the release build skin for devtools within Tor Browser alpha releases. - if (channel === "alpha") { - return "chrome://devtools/skin/images/aboutdebugging-firefox-release.svg"; - } - - return channel === "release" || channel === "beta" || channel === "aurora" - ? `chrome://devtools/skin/images/aboutdebugging-firefox-${channel}.svg` - : "chrome://devtools/skin/images/aboutdebugging-firefox-nightly.svg"; + return "chrome://branding/content/about-logo.svg"; } function onRemoteDevToolsClientClosed() { ===================================== devtools/client/aboutdebugging/src/components/sidebar/Sidebar.js ===================================== @@ -43,7 +43,7 @@ const RefreshDevicesButton = createFactory( require("resource://devtools/client/aboutdebugging/src/components/sidebar/RefreshDevicesButton.js") ); const FIREFOX_ICON = - "chrome://devtools/skin/images/aboutdebugging-firefox-logo.svg"; + "chrome://devtools/skin/images/aboutdebugging-mullvadbrowser-logo.svg"; const CONNECT_ICON = "chrome://devtools/skin/images/settings.svg"; const GLOBE_ICON = "chrome://devtools/skin/images/aboutdebugging-globe-icon.svg"; ===================================== devtools/client/jar.mn ===================================== @@ -374,6 +374,7 @@ devtools.jar: skin/images/aboutdebugging-firefox-release.svg (themes/images/aboutdebugging-firefox-release.svg) skin/images/aboutdebugging-globe-icon.svg (themes/images/aboutdebugging-globe-icon.svg) skin/images/aboutdebugging-information.svg (themes/images/aboutdebugging-information.svg) + skin/images/aboutdebugging-mullvadbrowser-logo.svg (themes/images/aboutdebugging-mullvadbrowser-logo.svg) skin/images/aboutdebugging-process-icon.svg (themes/images/aboutdebugging-process-icon.svg) skin/images/aboutdebugging-usb-icon.svg (themes/images/aboutdebugging-usb-icon.svg) content/aboutdebugging/index.html (aboutdebugging/index.html) ===================================== devtools/client/themes/images/aboutdebugging-mullvadbrowser-logo.svg ===================================== @@ -0,0 +1,3 @@ +<svg width="80" height="80" viewBox="0 0 80 80" fill="none" xmlns="http://www.w3.org/2000/svg"> +<path fill-rule="evenodd" clip-rule="evenodd" d="M13.125 8.125C10.3636 8.125 8.125 10.3636 8.125 13.125V66.875C8.125 69.6364 10.3636 71.875 13.125 71.875H66.875C69.6364 71.875 71.875 69.6364 71.875 66.875V13.125C71.875 10.3636 69.6364 8.125 66.875 8.125H13.125ZM17.5 16.875H27L40 41.5L53 16.875H62.5V63.75H53V39.25L46.5 51.625H33.5L27 39.25V63.75H17.5V16.875Z" fill="context-fill"/> +</svg> View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/dd2… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/dd2… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] 2 commits: MB 295: Change to browser directory instead of HOME in system install
by boklm (＠boklm) 06 May '24

06 May '24

boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 4d541c5a by Nicolas Vigier at 2024-05-03T08:10:49+02:00 MB 295: Change to browser directory instead of HOME in system install - - - - - 3774a75a by Nicolas Vigier at 2024-05-03T08:15:15+02:00 Bug 41135: Don't use full path to start the browser Using the full path instead of `./` to start the browser seems to break KeePassXC-Browser. - - - - - 1 changed file: - projects/browser/RelativeLink/start-browser Changes: ===================================== projects/browser/RelativeLink/start-browser ===================================== @@ -396,7 +396,7 @@ export GSETTINGS_BACKEND=memory # $HOME/.cache/nvidia. We we can easily disable it. export __GL_SHADER_DISK_CACHE=0 -cd "${HOME}" +cd "$browser_dir" # We pass all additional command-line arguments we get to Firefox. # @@ -408,18 +408,18 @@ cd "${HOME}" if [ "$show_usage" -eq 1 ]; then # Display Firefox help, then our help - [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] "$browser_dir"/[% c('var/exe_name') %] --help 2>/dev/null + [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] ./[% c('var/exe_name') %] --help 2>/dev/null print_usage elif [ "$detach" -eq 1 ] ; then - [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] "$browser_dir"/[% c('var/exe_name') %] "${@}" > "$logfile" 2>&1 </dev/null & + [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] ./[% c('var/exe_name') %] "${@}" > "$logfile" 2>&1 </dev/null & disown "$!" elif [ "$log_output" -eq 1 -a "$show_output" -eq 1 ]; then - [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] "$browser_dir"/[% c('var/exe_name') %] "${@}" 2>&1 </dev/null | \ + [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] ./[% c('var/exe_name') %] "${@}" 2>&1 </dev/null | \ tee "$logfile" elif [ "$show_output" -eq 1 ]; then - [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] "$browser_dir"/[% c('var/exe_name') %] "${@}" < /dev/null + [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] ./[% c('var/exe_name') %] "${@}" < /dev/null else - [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] "$browser_dir"/[% c('var/exe_name') %] "${@}" > "$logfile" 2>&1 </dev/null + [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] ./[% c('var/exe_name') %] "${@}" > "$logfile" 2>&1 </dev/null fi exit $? View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-13.0] Bug 42535 (TB): Fix Japanese translation paths.
by Pier Angelo Vendrame (＠pierov) 02 May '24

02 May '24

Pier Angelo Vendrame pushed to branch maint-13.0 at The Tor Project / Applications / tor-browser-build Commits: 0e074a38 by Pier Angelo Vendrame at 2024-05-02T17:10:10+02:00 Bug 42535 (TB): Fix Japanese translation paths. When we setup packaged locales, it seemed that Japanese files needed to be in torbutton/locale/ja also for macOS, instead of ja-JP-mac. However, recently we saw that Firefox cannot find brand.ftl in ja, and the legacy files work also in ja-JP-mac. Maybe the initial tests were influenced by some cache. - - - - - 1 changed file: - projects/firefox/build Changes: ===================================== projects/firefox/build ===================================== @@ -132,15 +132,15 @@ mkdir "$HOME/.mozbuild" torbutton_locales="toolkit/torbutton/chrome/locale/" torbutton_jar="toolkit/torbutton/jar.mn" for lang in $supported_locales; do - central_lang=$lang + source_lang=$lang [% IF c("var/macos") -%] if [ "$lang" == "ja-JP-mac" ]; then - lang="ja" + source_lang="ja" fi [% END -%] - mv "$transl_tor_browser/$lang/tor-browser.ftl" "$l10ncentral/$central_lang/browser/browser/" - mv "$transl_tor_browser/$lang/cryptoSafetyPrompt.properties" "$l10ncentral/$central_lang/browser/chrome/browser/" - mv "$transl_tor_browser/$lang" "$torbutton_locales/" + mv "$transl_tor_browser/$source_lang/tor-browser.ftl" "$l10ncentral/$lang/browser/browser/" + mv "$transl_tor_browser/$source_lang/cryptoSafetyPrompt.properties" "$l10ncentral/$lang/browser/chrome/browser/" + mv "$transl_tor_browser/$source_lang" "$torbutton_locales/$lang" echo "% locale torbutton $lang %locale/$lang/" >> "$torbutton_jar" echo " locale/$lang (chrome/locale/$lang/*)" >> "$torbutton_jar" done View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/0… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/0… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.10.0esr-13.5-1] fixup! Add TorStrings module for localization
by Pier Angelo Vendrame (＠pierov) 02 May '24

02 May '24

Pier Angelo Vendrame pushed to branch tor-browser-115.10.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: f8bdd0d3 by Henry Wilkes at 2024-05-01T15:26:43+01:00 fixup! Add TorStrings module for localization Bug 42549: Remove brand.dtd - - - - - 8 changed files: - − browser/base/content/browser-doctype.inc - browser/base/content/browser.xhtml - browser/base/content/hiddenWindowMac.xhtml - browser/base/content/pageinfo/pageInfo.xhtml - browser/components/places/content/places.xhtml - browser/components/shell/content/setDesktopBackground.xhtml - − toolkit/torbutton/chrome/locale/en-US/brand.dtd - toolkit/torbutton/jar.mn Changes: ===================================== browser/base/content/browser-doctype.inc deleted ===================================== @@ -1,4 +0,0 @@ -<!ENTITY % brandDTD SYSTEM "chrome://branding/locale/brand.dtd" > -%brandDTD; -<!ENTITY % torbuttonDTD SYSTEM "chrome://torbutton/locale/torbutton.dtd"> -%torbuttonDTD; ===================================== browser/base/content/browser.xhtml ===================================== @@ -41,7 +41,8 @@ <?xml-stylesheet href="chrome://global/content/torconnect/torConnectTitlebarStatus.css" type="text/css"?> <!DOCTYPE window [ -#include browser-doctype.inc + <!ENTITY % torbuttonDTD SYSTEM "chrome://torbutton/locale/torbutton.dtd"> +%torbuttonDTD; ]> <html id="main-window" ===================================== browser/base/content/hiddenWindowMac.xhtml ===================================== @@ -8,10 +8,6 @@ <?xml-stylesheet href="chrome://browser/skin/webRTC-menubar-indicator.css" type="text/css"?> -<!DOCTYPE window [ -#include browser-doctype.inc -]> - <window id="main-window" xmlns:html="http://www.w3.org/1999/xhtml" xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul" ===================================== browser/base/content/pageinfo/pageInfo.xhtml ===================================== @@ -6,12 +6,6 @@ <?xml-stylesheet href="chrome://browser/content/pageinfo/pageInfo.css" type="text/css"?> <?xml-stylesheet href="chrome://browser/skin/pageInfo.css" type="text/css"?> -<!DOCTYPE window [ -#ifdef XP_MACOSX -#include ../browser-doctype.inc -#endif -]> - <window id="main-window" xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul" xmlns:html="http://www.w3.org/1999/xhtml" ===================================== browser/components/places/content/places.xhtml ===================================== @@ -16,11 +16,7 @@ <?xml-stylesheet href="chrome://browser/content/downloads/downloads.css"?> <?xml-stylesheet href="chrome://browser/skin/downloads/allDownloadsView.css"?> -<!DOCTYPE window [ -#ifdef XP_MACOSX -#include ../../../base/content/browser-doctype.inc -#endif -]> +<!DOCTYPE window> <window id="places" data-l10n-id="places-library3" ===================================== browser/components/shell/content/setDesktopBackground.xhtml ===================================== @@ -7,12 +7,6 @@ <?xml-stylesheet href="chrome://global/skin/global.css" type="text/css"?> <?xml-stylesheet href="chrome://browser/skin/setDesktopBackground.css" type="text/css"?> -<!DOCTYPE window [ -#ifdef XP_MACOSX -#include ../../../base/content/browser-doctype.inc -#endif -]> - <window xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul" xmlns:html="http://www.w3.org/1999/xhtml" windowtype="Shell:SetDesktopBackground" ===================================== toolkit/torbutton/chrome/locale/en-US/brand.dtd deleted ===================================== @@ -1,9 +0,0 @@ - - -<!ENTITY brandShortName "Tor Browser"> - - -<!ENTITY vendorShortName "Tor Project"> ===================================== toolkit/torbutton/jar.mn ===================================== @@ -5,7 +5,6 @@ torbutton.jar: % category l10n-registry torbutton resource://torbutton/locale/{locale}/ # browser branding -% override chrome://branding/locale/brand.dtd chrome://torbutton/locale/brand.dtd % override chrome://branding/locale/brand.properties chrome://torbutton/locale/brand.properties # Strings for the about:tbupdate page View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/f8bdd0d… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/f8bdd0d… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/firefox-android][firefox-android-115.2.1-13.5-1] fixup! Implement Android-native Connection Assist UI
by Dan Ballard (＠dan) 01 May '24

01 May '24

Dan Ballard pushed to branch firefox-android-115.2.1-13.5-1 at The Tor Project / Applications / firefox-android Commits: 4d86739b by clairehurst at 2024-04-30T15:25:18-06:00 fixup! Implement Android-native Connection Assist UI - - - - - 6 changed files: - + fenix/app/src/main/java/org/mozilla/fenix/tor/ConnectAssistUiState.kt - fenix/app/src/main/java/org/mozilla/fenix/tor/TorConnectionAssistFragment.kt - fenix/app/src/main/java/org/mozilla/fenix/tor/TorConnectionAssistViewModel.kt - fenix/app/src/main/java/org/mozilla/fenix/tor/TorControllerGV.kt - + fenix/app/src/main/res/drawable/browser_location.xml - fenix/app/src/main/res/layout/fragment_tor_connection_assist.xml Changes: ===================================== fenix/app/src/main/java/org/mozilla/fenix/tor/ConnectAssistUiState.kt ===================================== @@ -0,0 +1,288 @@ +package org.mozilla.fenix.tor + +import androidx.annotation.ColorRes +import androidx.annotation.DrawableRes +import androidx.annotation.IntRange +import androidx.annotation.StringRes +import org.mozilla.fenix.R + +enum class ConnectAssistUiState( + val progressBarVisible: Boolean, + @IntRange(0, 100) var progress: Int = 0, + @ColorRes val progressTintColorResource: Int? = null, + val backButtonVisible: Boolean, + val settingsButtonVisible: Boolean, + val torConnectImageVisible: Boolean, + @DrawableRes val torConnectImageResource: Int = R.drawable.connect, + val titleLargeTextViewVisible: Boolean, + @StringRes val titleLargeTextViewTextStringResource: Int = R.string.connection_assist_tor_connect_title, + val titleDescriptionVisible: Boolean, + @StringRes val learnMoreStringResource: Int? = null, + @StringRes val internetErrorDescription: Int? = null, + @StringRes val internetErrorDescription1: Int? = null, + @StringRes val internetErrorDescription2: Int? = null, + @StringRes val titleDescriptionTextStringResource: Int? = R.string.preferences_tor_network_settings_explanation, + val quickstartSwitchVisible: Boolean, + val unblockTheInternetInCountryDescriptionVisible: Boolean, + val countryDropDownVisible: Boolean, + val torBootstrapButton1Visible: Boolean, + @StringRes val torBootstrapButton1TextStringResource: Int = R.string.tor_bootstrap_connect, + val torBootstrapButton1ShouldShowTryingABridge: Boolean = false, + val torBootstrapButton2Visible: Boolean, + @StringRes val torBootstrapButton2TextStringResource: Int? = R.string.connection_assist_configure_connection_button, + val torBootstrapButton2ShouldOpenSettings: Boolean = true, + val wordmarkLogoVisible: Boolean, +) { + Splash( + progressBarVisible = false, + backButtonVisible = false, + settingsButtonVisible = false, + torConnectImageVisible = false, + titleLargeTextViewVisible = false, + titleDescriptionVisible = false, + quickstartSwitchVisible = false, + unblockTheInternetInCountryDescriptionVisible = false, + countryDropDownVisible = false, + torBootstrapButton1Visible = false, + torBootstrapButton2Visible = false, + wordmarkLogoVisible = true, + ), + Configuring( + progressBarVisible = false, + progress = 0, + backButtonVisible = false, + settingsButtonVisible = true, + torConnectImageVisible = true, + torConnectImageResource = R.drawable.connect, + titleLargeTextViewVisible = true, + titleLargeTextViewTextStringResource = R.string.connection_assist_tor_connect_title, + titleDescriptionVisible = true, + titleDescriptionTextStringResource = R.string.preferences_tor_network_settings_explanation, + quickstartSwitchVisible = true, + unblockTheInternetInCountryDescriptionVisible = false, + countryDropDownVisible = false, + torBootstrapButton1Visible = true, + torBootstrapButton2Visible = true, + torBootstrapButton2TextStringResource = R.string.connection_assist_configure_connection_button, + torBootstrapButton2ShouldOpenSettings = true, + wordmarkLogoVisible = false, + ), + Bootstrapping( + progressBarVisible = true, + progress = 0, + backButtonVisible = false, + settingsButtonVisible = true, + torConnectImageVisible = true, + torConnectImageResource = R.drawable.connect, + titleLargeTextViewVisible = true, + titleLargeTextViewTextStringResource = R.string.connection_assist_connecting_title, + titleDescriptionVisible = true, + titleDescriptionTextStringResource = R.string.preferences_tor_network_settings_explanation, + quickstartSwitchVisible = true, + unblockTheInternetInCountryDescriptionVisible = false, + countryDropDownVisible = false, + torBootstrapButton1Visible = false, + torBootstrapButton2Visible = true, + torBootstrapButton2TextStringResource = R.string.btn_cancel, + torBootstrapButton2ShouldOpenSettings = false, + wordmarkLogoVisible = false, + ), + InternetError( + progressBarVisible = true, + progress = 100, + progressTintColorResource = R.color.warning_yellow, + backButtonVisible = true, + settingsButtonVisible = true, + torConnectImageVisible = true, + torConnectImageResource = R.drawable.globe_broken, + titleLargeTextViewVisible = true, + titleLargeTextViewTextStringResource = R.string.connection_assist_internet_error_title, + titleDescriptionVisible = true, + learnMoreStringResource = R.string.connection_assist_internet_error_learn_more, + internetErrorDescription = R.string.connection_assist_internet_error_description, + titleDescriptionTextStringResource = null, + quickstartSwitchVisible = false, + unblockTheInternetInCountryDescriptionVisible = false, + countryDropDownVisible = false, + torBootstrapButton1Visible = true, + torBootstrapButton1TextStringResource = R.string.connection_assist_internet_error_try_again, + torBootstrapButton2Visible = true, + torBootstrapButton2TextStringResource = R.string.connection_assist_configure_connection_button, + torBootstrapButton2ShouldOpenSettings = true, + wordmarkLogoVisible = false, + ), + TryingAgain( + progressBarVisible = true, + progress = 0, + progressTintColorResource = null, + backButtonVisible = true, + settingsButtonVisible = true, + torConnectImageVisible = true, + torConnectImageResource = R.drawable.connect, + titleLargeTextViewVisible = true, + titleLargeTextViewTextStringResource = R.string.connection_assist_trying_again_waiting_title, + titleDescriptionVisible = true, + learnMoreStringResource = R.string.connection_assist_internet_error_learn_more, + internetErrorDescription = R.string.connection_assist_internet_error_description, + titleDescriptionTextStringResource = null, + quickstartSwitchVisible = false, + unblockTheInternetInCountryDescriptionVisible = false, + countryDropDownVisible = false, + torBootstrapButton1Visible = false, + torBootstrapButton2Visible = true, + torBootstrapButton2TextStringResource = R.string.btn_cancel, + torBootstrapButton2ShouldOpenSettings = false, + wordmarkLogoVisible = false, + ), + TryABridge( + progressBarVisible = true, + progress = 100, + progressTintColorResource = R.color.warning_yellow, + backButtonVisible = true, + settingsButtonVisible = true, + torConnectImageVisible = true, + torConnectImageResource = R.drawable.connect_broken, + titleLargeTextViewVisible = true, + titleLargeTextViewTextStringResource = R.string.connection_assist_cant_connect_to_tor_title, + titleDescriptionVisible = true, + learnMoreStringResource = R.string.connection_assist_internet_error_learn_more, + internetErrorDescription = R.string.connection_assist_try_a_bridge_description, + titleDescriptionTextStringResource = null, + quickstartSwitchVisible = false, + unblockTheInternetInCountryDescriptionVisible = true, + countryDropDownVisible = true, + torBootstrapButton1Visible = true, + torBootstrapButton1TextStringResource = R.string.connection_assist_try_a_bridge_button, + torBootstrapButton1ShouldShowTryingABridge = true, + torBootstrapButton2Visible = false, + torBootstrapButton2TextStringResource = null, + torBootstrapButton2ShouldOpenSettings = true, + wordmarkLogoVisible = false, + ), + TryingABridge( + progressBarVisible = true, + progress = 0, + progressTintColorResource = null, + backButtonVisible = true, + settingsButtonVisible = true, + torConnectImageVisible = true, + torConnectImageResource = R.drawable.connect, + titleLargeTextViewVisible = true, + titleLargeTextViewTextStringResource = R.string.connection_assist_trying_a_bridge_title, + titleDescriptionVisible = true, + learnMoreStringResource = R.string.connection_assist_internet_error_learn_more, + internetErrorDescription = R.string.connection_assist_try_a_bridge_description, + titleDescriptionTextStringResource = null, + quickstartSwitchVisible = true, + unblockTheInternetInCountryDescriptionVisible = false, + countryDropDownVisible = false, + torBootstrapButton1Visible = false, + torBootstrapButton2Visible = true, + torBootstrapButton2TextStringResource = R.string.btn_cancel, + torBootstrapButton2ShouldOpenSettings = false, + wordmarkLogoVisible = false, + ), + LocationError( + progressBarVisible = true, + progress = 100, + progressTintColorResource = R.color.warning_yellow, + backButtonVisible = true, + settingsButtonVisible = true, + torConnectImageVisible = true, + torConnectImageResource = R.drawable.browser_location, + titleLargeTextViewVisible = true, + titleLargeTextViewTextStringResource = R.string.connection_assist_location_error_title, + titleDescriptionVisible = true, + learnMoreStringResource = R.string.connection_assist_location_error_learn_more_link, + internetErrorDescription = R.string.connection_assist_location_error_description, + internetErrorDescription1 = R.string.connection_assist_find_bridge_location_description, + internetErrorDescription2 = R.string.connection_assist_select_country_try_again, + titleDescriptionTextStringResource = null, + quickstartSwitchVisible = false, + unblockTheInternetInCountryDescriptionVisible = true, + countryDropDownVisible = true, + torBootstrapButton1Visible = true, + torBootstrapButton1TextStringResource = R.string.connection_assist_try_a_bridge_button, + torBootstrapButton1ShouldShowTryingABridge = true, + torBootstrapButton2Visible = false, + torBootstrapButton2TextStringResource = null, + torBootstrapButton2ShouldOpenSettings = true, + wordmarkLogoVisible = false, + ), + LocationCheck( + progressBarVisible = true, + progress = 100, + progressTintColorResource = R.color.warning_yellow, + backButtonVisible = true, + settingsButtonVisible = true, + torConnectImageVisible = true, + torConnectImageResource = R.drawable.browser_location, + titleLargeTextViewVisible = true, + titleLargeTextViewTextStringResource = R.string.connection_assist_location_check_title, + titleDescriptionVisible = true, + learnMoreStringResource = R.string.connection_assist_location_error_learn_more_link, + internetErrorDescription = R.string.connection_assist_location_error_description, + internetErrorDescription1 = R.string.connection_assist_find_bridge_location_description, + internetErrorDescription2 = R.string.connection_assist_select_country_try_again, + titleDescriptionTextStringResource = null, + quickstartSwitchVisible = false, + unblockTheInternetInCountryDescriptionVisible = true, + countryDropDownVisible = true, + torBootstrapButton1Visible = true, + torBootstrapButton1TextStringResource = R.string.connection_assist_try_a_bridge_button, + torBootstrapButton1ShouldShowTryingABridge = true, + torBootstrapButton2Visible = false, + torBootstrapButton2TextStringResource = null, + torBootstrapButton2ShouldOpenSettings = true, + wordmarkLogoVisible = false, + ), + LastTry( + progressBarVisible = true, + progress = 0, + backButtonVisible = true, + settingsButtonVisible = true, + torConnectImageVisible = true, + torConnectImageResource = R.drawable.connect, + titleLargeTextViewVisible = true, + titleLargeTextViewTextStringResource = R.string.connection_assist_last_try_title, + titleDescriptionVisible = true, + learnMoreStringResource = R.string.connection_assist_location_error_learn_more_link, + internetErrorDescription = R.string.connection_assist_location_error_description, + internetErrorDescription1 = R.string.connection_assist_find_bridge_location_description, + internetErrorDescription2 = R.string.connection_assist_select_country_try_again, + titleDescriptionTextStringResource = null, + quickstartSwitchVisible = true, + unblockTheInternetInCountryDescriptionVisible = false, + countryDropDownVisible = false, + torBootstrapButton1Visible = false, + torBootstrapButton2Visible = true, + torBootstrapButton2TextStringResource = R.string.btn_cancel, + torBootstrapButton2ShouldOpenSettings = false, + wordmarkLogoVisible = false, + ), + FinalError( + progressBarVisible = true, + progress = 100, + progressTintColorResource = R.color.warning_yellow, + backButtonVisible = true, + settingsButtonVisible = true, + torConnectImageVisible = true, + torConnectImageResource = R.drawable.connect_broken, + titleLargeTextViewVisible = true, + titleLargeTextViewTextStringResource = R.string.connection_assist_final_error_title, + titleDescriptionVisible = true, + learnMoreStringResource = R.string.connection_assist_final_error_learn_more_link, + internetErrorDescription = R.string.connection_assist_final_error_description1, + internetErrorDescription1 = R.string.connection_assist_final_error_troubleshoot_connection_link, + titleDescriptionTextStringResource = null, + quickstartSwitchVisible = false, + unblockTheInternetInCountryDescriptionVisible = false, + countryDropDownVisible = false, + torBootstrapButton1Visible = true, + torBootstrapButton1TextStringResource = R.string.connection_assist_internet_error_try_again, + torBootstrapButton2Visible = true, + torBootstrapButton2TextStringResource = R.string.connection_assist_configure_connection_button, + torBootstrapButton2ShouldOpenSettings = true, + wordmarkLogoVisible = false, + ) +} ===================================== fenix/app/src/main/java/org/mozilla/fenix/tor/TorConnectionAssistFragment.kt ===================================== @@ -24,27 +24,35 @@ import androidx.lifecycle.lifecycleScope import androidx.lifecycle.repeatOnLifecycle import androidx.navigation.fragment.findNavController import kotlinx.coroutines.launch +import mozilla.components.support.base.feature.UserInteractionHandler import org.mozilla.fenix.R import org.mozilla.fenix.databinding.FragmentTorConnectionAssistBinding import org.mozilla.fenix.ext.hideToolbar -class TorConnectionAssistFragment : Fragment() { +class TorConnectionAssistFragment : Fragment(), UserInteractionHandler { private val TAG = "TorConnectionAssistFrag" - private var _binding: FragmentTorConnectionAssistBinding? = null - private val binding get() = _binding!! - private val viewModel: TorConnectionAssistViewModel by viewModels() + private lateinit var binding: FragmentTorConnectionAssistBinding override fun onCreateView( inflater: LayoutInflater, container: ViewGroup?, savedInstanceState: Bundle?, ): View { - _binding = FragmentTorConnectionAssistBinding.inflate( + binding = FragmentTorConnectionAssistBinding.inflate( inflater, container, false, ) + viewLifecycleOwner.lifecycleScope.launch { + repeatOnLifecycle(Lifecycle.State.STARTED) { + viewModel.torConnectScreen.collect { screen -> + Log.d(TAG, "torConnectScreen is $screen") + showScreen(screen) + } + } + } + return binding.root } @@ -56,23 +64,6 @@ class TorConnectionAssistFragment : Fragment() { override fun onViewCreated(view: View, savedInstanceState: Bundle?) { super.onViewCreated(view, savedInstanceState) - lifecycleScope.launch { - repeatOnLifecycle(Lifecycle.State.STARTED) { - viewModel.torConnectState.collect { torConnectState -> - Log.d(TAG, "torConnectState is ${torConnectState.state}") - when (torConnectState) { - TorConnectState.Initial -> showSplash() - TorConnectState.Configuring -> showConfiguring() - TorConnectState.AutoBootstrapping -> showBootstrapping() - TorConnectState.Bootstrapping -> showBootstrapping() - TorConnectState.Error -> showError() - TorConnectState.Bootstrapped -> openHome() - TorConnectState.Disabled -> openHome() - } - } - } - } - viewModel.progress().observe( viewLifecycleOwner, ) { progress -> @@ -88,243 +79,96 @@ class TorConnectionAssistFragment : Fragment() { ) { binding.quickstartSwitch.isChecked = it == true } - - binding.quickstartSwitch.setOnCheckedChangeListener { _, isChecked -> - viewModel.handleQuickstartChecked(isChecked) - } } - - private fun showSplash() { - binding.torBootstrapProgressBar.visibility = View.GONE - binding.settingsButton.visibility = View.GONE - binding.backButton.visibility = View.GONE - binding.torConnectImage.visibility = View.GONE - binding.titleLargeTextView.visibility = View.GONE - binding.titleDescription.visibility = View.GONE - binding.quickstartSwitch.visibility = View.GONE - binding.torBootstrapButton1.visibility = View.GONE - binding.torBootstrapButton2.visibility = View.GONE - binding.wordmarkLogo.visibility = View.VISIBLE + override fun onDestroyView() { + super.onDestroyView() } + private fun showScreen(screen: ConnectAssistUiState) { + binding.apply { + torBootstrapProgressBar.visibility = if (screen.progressBarVisible) View.VISIBLE else View.GONE + torBootstrapProgressBar.progress = screen.progress + torBootstrapProgressBar.progressTintList = + screen.progressTintColorResource?.let { + AppCompatResources.getColorStateList(requireContext(), + it + ) + } - private fun showConfiguring() { - binding.wordmarkLogo.visibility = View.GONE - - binding.torBootstrapProgressBar.visibility = View.INVISIBLE - binding.torBootstrapProgressBar.progress = 0 - binding.backButton.visibility = View.INVISIBLE - binding.settingsButton.visibility = View.VISIBLE - binding.settingsButton.setOnClickListener { - viewModel.cancelTorBootstrap() - openSettings() - } - binding.torConnectImage.visibility = View.VISIBLE - binding.torConnectImage.setImageResource(R.drawable.connect) - binding.titleLargeTextView.visibility = View.VISIBLE - binding.titleLargeTextView.text = getString(R.string.connection_assist_tor_connect_title) - binding.titleDescription.visibility = View.VISIBLE - binding.titleDescription.text = - getString(R.string.preferences_tor_network_settings_explanation) - binding.quickstartSwitch.visibility = View.VISIBLE - binding.quickstartSwitch.isChecked = viewModel.quickstartToggle().value == true - - binding.unblockTheInternetInCountryDescription.visibility = View.GONE - binding.countryDropDown.visibility = View.GONE + settingsButton.visibility = if (screen.settingsButtonVisible) View.VISIBLE else View.GONE + settingsButton.setOnClickListener { + viewModel.cancelTorBootstrap() + openSettings() + } - binding.torBootstrapButton1.visibility = View.VISIBLE - binding.torBootstrapButton1.text = getString(R.string.tor_bootstrap_connect) - binding.torBootstrapButton1.setOnClickListener { - viewModel.handleConnect(lifecycleScope = lifecycleScope) - showBootstrapping() - } + backButton.visibility = if (screen.backButtonVisible) View.VISIBLE else View.INVISIBLE + backButton.setOnClickListener { + viewModel.handleBackButtonPressed() + } - binding.torBootstrapButton2.visibility = View.VISIBLE - binding.torBootstrapButton2.text = - getString(R.string.connection_assist_configure_connection_button) - binding.torBootstrapButton2.setOnClickListener { - viewModel.cancelTorBootstrap() - openTorConnectionSettings() - } - } + torConnectImage.visibility = if (screen.torConnectImageVisible) View.VISIBLE else View.GONE + torConnectImage.setImageResource(screen.torConnectImageResource) + + titleLargeTextView.visibility = if (screen.titleLargeTextViewVisible) View.VISIBLE else View.GONE + titleLargeTextView.text = getString(screen.titleLargeTextViewTextStringResource) + titleDescription.visibility = if (screen.titleDescriptionVisible) View.VISIBLE else View.GONE + if (screen.learnMoreStringResource != null && screen.internetErrorDescription != null) { + val learnMore: String = getString(screen.learnMoreStringResource) + val internetErrorDescription: String = + if (screen.internetErrorDescription1 == null) { + getString( + screen.internetErrorDescription, + learnMore, + ) + } else if (screen.internetErrorDescription2 == null) { + getString( + screen.internetErrorDescription, + getString(screen.internetErrorDescription1), + learnMore, + ) + } else { + getString( + screen.internetErrorDescription, + getString(screen.internetErrorDescription1), + getString(screen.internetErrorDescription2), + learnMore, + ) + } + handleDescriptionWithClickable(internetErrorDescription, learnMore) + } else if (screen.titleDescriptionTextStringResource != null) { + titleDescription.text = getString(screen.titleDescriptionTextStringResource) + } + quickstartSwitch.visibility = if (screen.quickstartSwitchVisible) View.VISIBLE else View.GONE + quickstartSwitch.isChecked = viewModel.quickstartToggle().value == true + quickstartSwitch.setOnCheckedChangeListener { _, isChecked -> + viewModel.handleQuickstartChecked(isChecked) + } - private fun showBootstrapping() { - binding.wordmarkLogo.visibility = View.GONE + unblockTheInternetInCountryDescription.visibility = if (screen.unblockTheInternetInCountryDescriptionVisible) View.VISIBLE else View.GONE + countryDropDown.visibility = if (screen.countryDropDownVisible) View.VISIBLE else View.GONE - binding.torBootstrapProgressBar.visibility = View.VISIBLE - binding.torBootstrapProgressBar.progress = 0 - binding.backButton.visibility = View.INVISIBLE - binding.settingsButton.visibility = View.VISIBLE - binding.settingsButton.setOnClickListener { - viewModel.cancelTorBootstrap() - openSettings() - } - binding.torConnectImage.visibility = View.VISIBLE - binding.torConnectImage.setImageResource(R.drawable.connect) - binding.titleLargeTextView.visibility = View.VISIBLE - binding.titleLargeTextView.text = getString(R.string.connection_assist_connecting_title) - binding.titleDescription.visibility = View.VISIBLE - binding.titleDescription.text = - getString(R.string.preferences_tor_network_settings_explanation) - binding.quickstartSwitch.visibility = View.VISIBLE - binding.quickstartSwitch.isChecked = viewModel.quickstartToggle().value == true - binding.quickstartSwitch.jumpDrawablesToCurrentState() - binding.torBootstrapButton1.visibility = View.INVISIBLE - binding.torBootstrapButton2.visibility = View.VISIBLE - binding.torBootstrapButton2.text = getString(R.string.btn_cancel) - binding.torBootstrapButton2.setOnClickListener { viewModel.cancelTorBootstrap() } - } + torBootstrapButton1.visibility = if (screen.torBootstrapButton1Visible) View.VISIBLE else View.GONE + torBootstrapButton1.text = getString(screen.torBootstrapButton1TextStringResource) + torBootstrapButton1.setOnClickListener { viewModel.handleButton1Pressed(screen, lifecycleScope) } - private suspend fun showError() { - viewModel.torError.collect { - Log.d( - TAG, - "TorError: details = ${it?.details ?: "null details"}, message = ${it?.message ?: "null message"}", - ) - when (viewModel.handleError(it)) { - ErrorScreen.CantConnectToInternet -> showCantConnectToInternet() - ErrorScreen.CantConnectToTorDirectly -> showCantConnectToTorDirectly() - ErrorScreen.WeCouldntFindYourLocation -> showWeCouldntFindYourLocation() - ErrorScreen.WereStillHavingTroubleConnecting -> showWereStillHavingTroubleConnecting() - ErrorScreen.WeWerentAbleToConnectAutomatically -> showWeWerentAbleToConnectAutomatically() - null -> { - // no op - Log.d(TAG, "ErrorScreen: null, nothing shown") + torBootstrapButton2.visibility = if (screen.torBootstrapButton2Visible) View.VISIBLE else View.GONE + torBootstrapButton2.text = screen.torBootstrapButton2TextStringResource?.let { + getString( + it + ) + } + torBootstrapButton2.setOnClickListener { + viewModel.cancelTorBootstrap() + if (screen.torBootstrapButton2ShouldOpenSettings){ + openTorConnectionSettings() + } else { + showScreen(ConnectAssistUiState.Configuring) } } - } - } - - private fun showCantConnectToInternet() { - Log.d(TAG, "showCantConnectToInternet()") - binding.torBootstrapProgressBar.visibility = View.VISIBLE - binding.torBootstrapProgressBar.progressTintList = - AppCompatResources.getColorStateList(requireContext(), R.color.warning_yellow) - binding.torBootstrapProgressBar.progress = 100 - - binding.backButton.visibility = View.VISIBLE - binding.backButton.setOnClickListener { - showConfiguring() - } - - binding.torConnectImage.setImageResource(R.drawable.globe_broken) - binding.titleLargeTextView.text = getString(R.string.connection_assist_internet_error_title) - val learnMore: String = getString(R.string.connection_assist_internet_error_learn_more) - val internetErrorDescription: String = getString( - R.string.connection_assist_internet_error_description, - learnMore, - ) - handleDescriptionWithClickable(internetErrorDescription, learnMore) - - binding.quickstartSwitch.visibility = View.GONE - - binding.torBootstrapButton1.visibility = View.VISIBLE - binding.torBootstrapButton1.text = - getString(R.string.connection_assist_internet_error_try_again) - binding.torBootstrapButton1.setOnClickListener { - showTryingAgain() - viewModel.handleConnect(lifecycleScope = lifecycleScope) - } - - binding.torBootstrapButton2.text = - getString(R.string.connection_assist_configure_connection_button) - binding.torBootstrapButton2.setOnClickListener { - openTorConnectionSettings() - } - } - - private fun showTryingAgain() { - Log.d(TAG, "showTryingAgain()") - binding.torBootstrapProgressBar.progress = 0 - binding.torBootstrapProgressBar.visibility = View.VISIBLE - binding.torBootstrapProgressBar.progressTintList = null - binding.torConnectImage.setImageResource(R.drawable.connect) - binding.titleLargeTextView.text = - getString(R.string.connection_assist_trying_again_waiting_title) - - binding.quickstartSwitch.visibility = View.GONE - binding.torBootstrapButton1.visibility = View.INVISIBLE - binding.torBootstrapButton2.visibility = View.VISIBLE - binding.torBootstrapButton2.text = getString(R.string.btn_cancel) - binding.torBootstrapButton2.setOnClickListener { - viewModel.cancelTorBootstrap() - showConfiguring() - } - } - - private fun showCantConnectToTorDirectly() { - Log.d(TAG, "showCantConnectToTorDirectly()") - binding.torBootstrapProgressBar.visibility = View.VISIBLE - binding.torBootstrapProgressBar.progressTintList = - AppCompatResources.getColorStateList(requireContext(), R.color.warning_yellow) - binding.torBootstrapProgressBar.progress = 100 - - binding.backButton.visibility = View.VISIBLE - binding.backButton.setOnClickListener { - showConfiguring() - } - - binding.torConnectImage.setImageResource(R.drawable.globe_broken) - binding.titleLargeTextView.text = - getString(R.string.connection_assist_cant_connect_to_tor_title) - - val learnMore: String = getString(R.string.connection_assist_internet_error_learn_more) - val tryABridge: String = getString( - R.string.connection_assist_try_a_bridge_description, - learnMore, - ) - handleDescriptionWithClickable(tryABridge, learnMore) - - binding.quickstartSwitch.visibility = View.GONE - binding.unblockTheInternetInCountryDescription.visibility = View.VISIBLE - binding.countryDropDown.visibility = View.VISIBLE - // TODO implement countryDropDown - - binding.torBootstrapButton1.visibility = View.VISIBLE - binding.torBootstrapButton1.text = getString(R.string.connection_assist_try_a_bridge_button) - binding.torBootstrapButton1.setOnClickListener { - viewModel.tryABridge() - showTryingABridge() + wordmarkLogo.visibility = if(screen.wordmarkLogoVisible) View.VISIBLE else View.GONE } - binding.torBootstrapButton2.visibility = View.GONE - } - - private fun showTryingABridge() { - Log.d(TAG, "showTryingABridge()") - // TODO(Not implemented) - binding.torBootstrapButton2.setOnClickListener { - showTryingABridge() - } - } - - private fun showWeCouldntFindYourLocation() { - Log.d(TAG, "showWeCouldntFindYourLocation()") - // TODO(Not implemented) - binding.torBootstrapButton2.setOnClickListener { - showTryingABridge() - } - } - - private fun showWereStillHavingTroubleConnecting() { - Log.d(TAG, "showWereStillHavingTroubleConnecting()") - TODO("Not yet implemented") - } - - private fun showTryingOneMoreTime() { - Log.d(TAG, "showTryingOneMoreTime()") - TODO("Not yet implemented") - } - - private fun showWeWerentAbleToConnectAutomatically() { - Log.d(TAG, "showWeWerentAbleToConnectAutomatically()") - TODO("Not yet implemented") - } - - private fun showUnknownError() { - Log.d(TAG, "showUnknownError()") - TODO("Not yet implemented") } /** @@ -377,4 +221,9 @@ class TorConnectionAssistFragment : Fragment() { ), ) } + + override fun onBackPressed(): Boolean { + return viewModel.handleBackButtonPressed() + } + } ===================================== fenix/app/src/main/java/org/mozilla/fenix/tor/TorConnectionAssistViewModel.kt ===================================== @@ -23,11 +23,8 @@ class TorConnectionAssistViewModel( private val _torController: TorControllerGV = components.torController as TorControllerGV - private val _torConnectState = MutableStateFlow(TorConnectState.Initial) - internal val torConnectState: StateFlow<TorConnectState> = _torConnectState - - private val _torError = MutableStateFlow(_torController.getLastErrorState()) - internal val torError: StateFlow<TorError?> = _torError + private val _torConnectScreen = MutableStateFlow(ConnectAssistUiState.Splash) + internal val torConnectScreen: StateFlow<ConnectAssistUiState> = _torConnectScreen private val _progress = MutableLiveData(0) fun progress(): LiveData<Int> { @@ -45,7 +42,7 @@ class TorConnectionAssistViewModel( _torController.registerTorListener(this) } - fun handleConnect( + private fun handleConnect( withDebugLogging: Boolean = false, lifecycleScope: LifecycleCoroutineScope? = null, ) { @@ -61,6 +58,17 @@ class TorConnectionAssistViewModel( _quickStartToggle.value = checked } + fun handleButton1Pressed( + screen: ConnectAssistUiState, + lifecycleScope: LifecycleCoroutineScope?, + ) { + if (screen.torBootstrapButton1ShouldShowTryingABridge) { + tryABridge() + } else { + handleConnect(lifecycleScope = lifecycleScope) + } + } + fun cancelTorBootstrap() { _torController.stopTor() _torController.setTorStopped() @@ -80,33 +88,126 @@ class TorConnectionAssistViewModel( if (progress != null) { _progress.value = progress.toInt() } - _torConnectState.value = _torController.lastKnownStatus - _torError.value = _torController.getLastErrorState() + + when (_torController.lastKnownStatus) { + TorConnectState.Initial -> _torConnectScreen.value = ConnectAssistUiState.Splash + TorConnectState.Configuring -> handleConfiguring() + TorConnectState.AutoBootstrapping -> handleBootstrap() + TorConnectState.Bootstrapping -> handleBootstrap() + TorConnectState.Error -> handleError() + else -> {} + } + } + + private fun handleConfiguring() { + if (_torController.lastKnownError == null) { + _torConnectScreen.value = ConnectAssistUiState.Configuring + } else { + handleError() + } + } + + private fun handleBootstrap() { + when (_torConnectScreen.value) { + ConnectAssistUiState.InternetError -> { + _torConnectScreen.value = ConnectAssistUiState.TryingAgain + } + + ConnectAssistUiState.TryingAgain -> { + /** stay here */ + } + + ConnectAssistUiState.TryABridge -> { + _torConnectScreen.value = ConnectAssistUiState.TryingABridge + } + + ConnectAssistUiState.LocationError -> { + _torConnectScreen.value = ConnectAssistUiState.TryingABridge + } + + ConnectAssistUiState.TryingABridge -> { + /** stay here */ + } + + ConnectAssistUiState.LocationCheck -> { + _torConnectScreen.value = ConnectAssistUiState.LastTry + } + + ConnectAssistUiState.LastTry -> { + /** stay here */ + } + + else -> _torConnectScreen.value = ConnectAssistUiState.Bootstrapping + } + } + + private fun handleError() { + _torController.lastKnownError?.apply { + Log.d( + TAG, + "TorError(message = $message, details = $details, phase = $phase, reason = $reason", + ) + // TODO better error handling + _torConnectScreen.value = ConnectAssistUiState.InternetError + } } override fun onTorStopped() { Log.d(TAG, "onTorStopped()") } - internal fun handleError(it: TorError?): ErrorScreen? { - // TODO(Only partly implemented) - if (it?.message == null){ - return null + private fun tryABridge() { + if (!_torController.bridgesEnabled) { + _torController.bridgesEnabled = true + _torController.bridgeTransport = + TorBridgeTransportConfig.BUILTIN_OBFS4 // TODO select based on country } - return ErrorScreen.CantConnectToInternet + handleConnect(withDebugLogging = true) } - fun tryABridge() { - // TODO("Try a bridge not enabled") - // connect to bridge based on country - // try connecting + fun handleBackButtonPressed(): Boolean { + when (torConnectScreen.value) { + ConnectAssistUiState.Splash -> return false + ConnectAssistUiState.Configuring -> return false + ConnectAssistUiState.Bootstrapping -> cancelTorBootstrap() + ConnectAssistUiState.InternetError -> { + _torController.lastKnownError = null + _torConnectScreen.value = ConnectAssistUiState.Configuring + } + + ConnectAssistUiState.TryingAgain -> { + cancelTorBootstrap() + } + + ConnectAssistUiState.TryABridge -> { + _torController.lastKnownError = null + _torConnectScreen.value = ConnectAssistUiState.Configuring + } + + ConnectAssistUiState.TryingABridge -> { + _torController.stopTor() + _torConnectScreen.value = ConnectAssistUiState.TryABridge + } + + ConnectAssistUiState.LocationError -> { + _torConnectScreen.value = ConnectAssistUiState.TryABridge + } + + ConnectAssistUiState.LocationCheck -> { + _torConnectScreen.value = ConnectAssistUiState.LocationError + } + + ConnectAssistUiState.LastTry -> { + _torController.stopTor() + _torConnectScreen.value = ConnectAssistUiState.LocationCheck + } + + ConnectAssistUiState.FinalError -> { + _torConnectScreen.value = ConnectAssistUiState.LocationCheck + } + } + return true } -} -internal enum class ErrorScreen { - CantConnectToInternet, - CantConnectToTorDirectly, - WeCouldntFindYourLocation, - WereStillHavingTroubleConnecting, - WeWerentAbleToConnectAutomatically, } + ===================================== fenix/app/src/main/java/org/mozilla/fenix/tor/TorControllerGV.kt ===================================== @@ -285,7 +285,7 @@ class TorControllerGV( // TorEventsBootstrapStateChangeListener override fun onBootstrapStateChange(newStateVal: String?) { - Log.d(TAG, "onBootstrapStateChange($newStateVal)") + Log.d(TAG, "onBootstrapStateChange(newStateVal = $newStateVal)") val newState: TorConnectState = TorConnectState.valueOf(newStateVal ?: "Error") if (newState.isError() && wasTorBootstrapped) { ===================================== fenix/app/src/main/res/drawable/browser_location.xml ===================================== @@ -0,0 +1,17 @@ +<vector xmlns:android="http://schemas.android.com/apk/res/android" + android:width="40dp" + android:height="40dp" + android:viewportWidth="40" + android:viewportHeight="40"> + <group> + <clip-path + android:pathData="M0,0h40v40h-40z"/> + <path + android:pathData="M19.332,28.605C19.332,23.853 23.361,20 28.332,20C33.303,20 37.332,23.853 37.332,28.605C37.332,32.002 32.736,36.822 30.113,39.296C29.636,39.748 28.997,40 28.332,40C27.667,40 27.028,39.748 26.551,39.296C23.928,36.822 19.332,32.001 19.332,28.605ZM26.865,24.958C27.33,24.766 27.829,24.667 28.332,24.667C29.349,24.667 30.324,25.07 31.043,25.789C31.761,26.508 32.165,27.483 32.165,28.5C32.165,29.517 31.761,30.492 31.043,31.211C30.324,31.93 29.349,32.333 28.332,32.333C27.829,32.333 27.33,32.234 26.865,32.042C26.4,31.849 25.977,31.566 25.621,31.211C25.265,30.855 24.983,30.432 24.791,29.967C24.598,29.502 24.499,29.003 24.499,28.5C24.499,27.997 24.598,27.498 24.791,27.033C24.983,26.568 25.265,26.146 25.621,25.789C25.977,25.434 26.4,25.151 26.865,24.958Z" + android:fillColor="#FFA436" + android:fillType="evenOdd"/> + <path + android:pathData="M38.509,22.9C38.721,21.771 38.832,20.607 38.832,19.417C38.832,9.061 30.438,0.667 20.082,0.667C9.727,0.667 1.332,9.061 1.332,19.417C1.332,29.772 9.727,38.167 20.082,38.167C20.825,38.167 21.559,38.124 22.279,38.039C19.438,34.942 16.665,31.167 16.665,28.233C16.665,25.223 17.971,22.499 20.082,20.526V14.846C22.098,14.846 23.809,16.151 24.416,17.962C25.33,17.658 26.298,17.458 27.301,17.375C26.412,14.225 23.517,11.917 20.082,11.917L20.082,9.221C25.042,9.221 29.175,12.764 30.089,17.456C31.169,17.608 32.2,17.899 33.161,18.308C32.598,11.578 26.957,6.292 20.082,6.292V3.596C28.819,3.596 35.903,10.679 35.903,19.417C35.903,19.589 35.9,19.761 35.894,19.933C36.942,20.767 37.83,21.771 38.509,22.9Z" + android:fillColor="#FBFBFE"/> + </group> +</vector> ===================================== fenix/app/src/main/res/layout/fragment_tor_connection_assist.xml ===================================== @@ -3,7 +3,6 @@ - file, You can obtain one at http://mozilla.org/MPL/2.0/. --> <androidx.constraintlayout.widget.ConstraintLayout xmlns:android="http://schemas.android.com/apk/res/android" xmlns:app="http://schemas.android.com/apk/res-auto" - xmlns:tools="http://schemas.android.com/tools" android:layout_width="match_parent" android:layout_height="match_parent" android:background="@drawable/tor_bootstrap_background_gradient" View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/4d8… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/4d8… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Update rbm for rbm#40076
by boklm (＠boklm) 01 May '24

01 May '24

boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 97043406 by Nicolas Vigier at 2024-05-01T10:10:41+02:00 Update rbm for rbm#40076 - - - - - 1 changed file: - rbm Changes: ===================================== rbm ===================================== @@ -1 +1 @@ -Subproject commit 05e32169dfad9f3cc3eb6aa3f93d9b7a1690290e +Subproject commit 148d8541f177f318bfd8c8abfbf9fa96f581ceb8 View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/9… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/9… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.10.0esr-13.5-1] 8 commits: fixup! Bug 30237: Add v3 onion services client authentication prompt
by richard (＠richard) 30 Apr '24

30 Apr '24

richard pushed to branch tor-browser-115.10.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 795b62a7 by Henry Wilkes at 2024-04-25T10:32:13+01:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 42542: Remove the OnionServicesAuthPrompt class. The class is merged into OnionAuthPrompt. This currently only works when only one tab triggers the prompt at a time. Not linted to improve commit readability. - - - - - 38d07333 by Henry Wilkes at 2024-04-25T10:32:14+01:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 42542: Lint after removing OnionServicesAuthPrompt class. - - - - - a35c7a68 by Henry Wilkes at 2024-04-25T11:55:07+01:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 42542: Re-handle showing errors. Call "_showWarning" rather than "show" when we have an error. Do not attempt to show the prompt if we cannot determine the onion service id. For the service id regex, use "^(.*\.)?" instead of "^(.*\.)*": since the ".*" is greedy, this can only ever match up to once. - - - - - df3374c4 by Henry Wilkes at 2024-04-30T11:11:39+01:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 42542: Reset the authentication prompt when switching between two authentication tabs. We keep a record of which tab details are being shown in the notification popup. We reset the prompt whenever we want to show different details. We also fetch elements and set event listeners (once) when we initialize OnionAuthPrompt. In particular, the listeners should only react to the shown details. We also assume that elements with an ID exist in the DOM. - - - - - 0cacad0c by Henry Wilkes at 2024-04-30T11:11:46+01:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 42542: Follow recent coding conventions. Do not prefix variable names with "a" and use triple equality. - - - - - 82fa0a97 by Henry Wilkes at 2024-04-30T11:11:46+01:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 42542: Use "keydown" instead of deprecated "keypress". Also, stop handling "Escape" key since it is already handled by PopupNotification. - - - - - 78107767 by Henry Wilkes at 2024-04-30T11:11:47+01:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 42542: Add documentation to OnionAuthPrompt. - - - - - 170cb7ab by Henry Wilkes at 2024-04-30T11:11:47+01:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 42542: Add a logger to OnionAuthPrompt. - - - - - 2 changed files: - browser/components/onionservices/content/authPopup.inc.xhtml - browser/components/onionservices/content/authPrompt.js Changes: ===================================== browser/components/onionservices/content/authPopup.inc.xhtml ===================================== @@ -5,7 +5,9 @@ <description id="tor-clientauth-notification-desc"/> <label id="tor-clientauth-notification-learnmore" class="text-link popup-notification-learnmore-link" - is="text-link"/> + is="text-link" + href="about:manual#onion-services_onion-service-authentication" + useoriginprincipal="true"/> <html:div> <html:input id="tor-clientauth-notification-key" type="password"/> <html:div id="tor-clientauth-warning"/> ===================================== browser/components/onionservices/content/authPrompt.js ===================================== @@ -2,350 +2,417 @@ "use strict"; -const OnionAuthPrompt = (function () { +var OnionAuthPrompt = { // Only import to our internal scope, rather than the global scope of // browser.xhtml. - const lazy = {}; - ChromeUtils.defineESModuleGetters(lazy, { - TorProviderBuilder: "resource://gre/modules/TorProviderBuilder.sys.mjs", - TorStrings: "resource://gre/modules/TorStrings.sys.mjs", - CommonUtils: "resource://services-common/utils.sys.mjs", - }); - - // OnionServicesAuthPrompt objects run within the main/chrome process. - // aReason is the topic passed within the observer notification that is - // causing this auth prompt to be displayed. - function OnionServicesAuthPrompt(aBrowser, aFailedURI, aReason, aOnionName) { - this._browser = aBrowser; - this._failedURI = aFailedURI; - this._reasonForPrompt = aReason; - this._onionHostname = aOnionName; - } - - const topics = { + _lazy: {}, + + /** + * The topics to listen to. + * + * @type {Object<string, string>} + */ + _topics: { clientAuthMissing: "tor-onion-services-clientauth-missing", clientAuthIncorrect: "tor-onion-services-clientauth-incorrect", - }; - - OnionServicesAuthPrompt.prototype = { - show(aWarningMessage) { - let mainAction = { - label: lazy.TorStrings.onionServices.authPrompt.done, - accessKey: lazy.TorStrings.onionServices.authPrompt.doneAccessKey, - leaveOpen: true, // Callback is responsible for closing the notification. - callback: this._onDone.bind(this), - }; - - let dialogBundle = Services.strings.createBundle( - "chrome://global/locale/dialog.properties" - ); - - let cancelAccessKey = dialogBundle.GetStringFromName("accesskey-cancel"); - if (!cancelAccessKey) { - cancelAccessKey = "c"; - } // required by PopupNotifications.show() - - let cancelAction = { - label: dialogBundle.GetStringFromName("button-cancel"), - accessKey: cancelAccessKey, - callback: this._onCancel.bind(this), - }; - - let _this = this; - let options = { - autofocus: true, - hideClose: true, - persistent: true, - removeOnDismissal: false, - eventCallback(aTopic) { - if (aTopic === "showing") { - _this._onPromptShowing(aWarningMessage); - } else if (aTopic === "shown") { - _this._onPromptShown(); - } else if (aTopic === "removed") { - _this._onPromptRemoved(); - } - }, - }; - - this._prompt = PopupNotifications.show( - this._browser, - "tor-clientauth", - "", - "tor-clientauth-notification-icon", - mainAction, - [cancelAction], - options - ); - }, - - _onPromptShowing(aWarningMessage) { - let xulDoc = this._browser.ownerDocument; - let descElem = xulDoc.getElementById("tor-clientauth-notification-desc"); - if (descElem) { - // Handle replacement of the onion name within the localized - // string ourselves so we can show the onion name as bold text. - // We do this by splitting the localized string and creating - // several HTML <span> elements. - const fmtString = lazy.TorStrings.onionServices.authPrompt.description; - const [prefix, suffix] = fmtString.split("%S"); - - const domainEl = xulDoc.createElement("span"); - domainEl.id = "tor-clientauth-notification-onionname"; - domainEl.textContent = TorUIUtils.shortenOnionAddress( - this._onionHostname - ); - - descElem.replaceChildren(prefix, domainEl, suffix); - } - - // Set "Learn More" label and href. - let learnMoreElem = xulDoc.getElementById( - "tor-clientauth-notification-learnmore" - ); - if (learnMoreElem) { - learnMoreElem.setAttribute( - "value", - lazy.TorStrings.onionServices.learnMore - ); - learnMoreElem.setAttribute( - "href", - "about:manual#onion-services_onion-service-authentication" - ); - learnMoreElem.setAttribute("useoriginprincipal", "true"); - } - - this._showWarning(aWarningMessage); - let checkboxElem = this._getCheckboxElement(); - if (checkboxElem) { - checkboxElem.checked = false; - } - }, - - _onPromptShown() { - let keyElem = this._getKeyElement(); - if (keyElem) { - keyElem.setAttribute( - "placeholder", - lazy.TorStrings.onionServices.authPrompt.keyPlaceholder - ); - this._boundOnKeyFieldKeyPress = this._onKeyFieldKeyPress.bind(this); - this._boundOnKeyFieldInput = this._onKeyFieldInput.bind(this); - keyElem.addEventListener("keypress", this._boundOnKeyFieldKeyPress); - keyElem.addEventListener("input", this._boundOnKeyFieldInput); - keyElem.focus(); - } - }, - - _onPromptRemoved() { - if (this._boundOnKeyFieldKeyPress) { - let keyElem = this._getKeyElement(); - if (keyElem) { - keyElem.value = ""; - keyElem.removeEventListener( - "keypress", - this._boundOnKeyFieldKeyPress - ); - this._boundOnKeyFieldKeyPress = undefined; - keyElem.removeEventListener("input", this._boundOnKeyFieldInput); - this._boundOnKeyFieldInput = undefined; + }, + + /** + * @typedef {object} PromptDetails + * + * @property {Browser} browser - The browser this prompt is for. + * @property {string} cause - The notification that cause this prompt. + * @property {string} onionHost - The onion host name. + * @property {nsIURI} uri - The browser URI when the notification was + * triggered. + * @property {string} onionServiceId - The onion service ID for this host. + * @property {Notification} [notification] - The notification instance for + * this prompt. + */ + + /** + * The currently shown details in the prompt. + */ + _shownDetails: null, + + /** + * Used for logging to represent PromptDetails. + * + * @param {PromptDetails} details - The details to represent. + * @returns {string} - The representation of these details. + */ + _detailsRepr(details) { + if (!details) { + return "none"; + } + return `${details.browser.browserId}:${details.onionHost}`; + }, + + /** + * Show a new prompt, using the given details. + * + * @param {PromptDetails} details - The details to show. + */ + show(details) { + this._logger.debug(`New Notification: ${this._detailsRepr(details)}`); + + let mainAction = { + label: this.TorStrings.onionServices.authPrompt.done, + accessKey: this.TorStrings.onionServices.authPrompt.doneAccessKey, + leaveOpen: true, // Callback is responsible for closing the notification. + callback: this._onDone.bind(this), + }; + + let dialogBundle = Services.strings.createBundle( + "chrome://global/locale/dialog.properties" + ); + + let cancelAccessKey = dialogBundle.GetStringFromName("accesskey-cancel"); + if (!cancelAccessKey) { + cancelAccessKey = "c"; + } // required by PopupNotifications.show() + + // The first secondarybuttoncommand (cancelAction) should be triggered when + // the user presses "Escape". + let cancelAction = { + label: dialogBundle.GetStringFromName("button-cancel"), + accessKey: cancelAccessKey, + callback: this._onCancel.bind(this), + }; + + let options = { + autofocus: true, + hideClose: true, + persistent: true, + removeOnDismissal: false, + eventCallback: topic => { + if (topic === "showing") { + this._onPromptShowing(details); + } else if (topic === "shown") { + this._onPromptShown(); + } else if (topic === "removed") { + this._onPromptRemoved(details); } + }, + }; + + details.notification = PopupNotifications.show( + details.browser, + "tor-clientauth", + "", + "tor-clientauth-notification-icon", + mainAction, + [cancelAction], + options + ); + }, + + /** + * Callback when the prompt is about to be shown. + * + * @param {PromptDetails?} details - The details to show, or null to shown + * none. + */ + _onPromptShowing(details) { + if (details === this._shownDetails) { + // The last shown details match this one exactly. + // This happens when we switch tabs to a page that has no prompt and then + // switch back. + // We don't want to reset the current state in this case. + // In particular, we keep the current _keyInput value and _persistCheckbox + // the same. + this._logger.debug(`Already showing: ${this._detailsRepr(details)}`); + return; + } + + this._logger.debug(`Now showing: ${this._detailsRepr(details)}`); + + this._shownDetails = details; + + // Clear the key input. + // In particular, clear the input when switching tabs. + this._keyInput.value = ""; + this._persistCheckbox.checked = false; + + // Handle replacement of the onion name within the localized + // string ourselves so we can show the onion name as bold text. + // We do this by splitting the localized string and creating + // several HTML <span> elements. + const fmtString = this.TorStrings.onionServices.authPrompt.description; + const [prefix, suffix] = fmtString.split("%S"); + + const domainEl = document.createElement("span"); + domainEl.id = "tor-clientauth-notification-onionname"; + domainEl.textContent = TorUIUtils.shortenOnionAddress( + this._shownDetails?.onionHost ?? "" + ); + + this._descriptionEl.replaceChildren(prefix, domainEl, suffix); + + this._showWarning(undefined); + }, + + /** + * Callback after the prompt is shown. + */ + _onPromptShown() { + this._keyInput.focus(); + }, + + /** + * Callback when a Notification is removed. + * + * @param {PromptDetails} details - The details for the removed notification. + */ + _onPromptRemoved(details) { + if (details !== this._shownDetails) { + // Removing the notification for some other page. + // For example, closing another tab that also requires authentication. + this._logger.debug(`Removed not shown: ${this._detailsRepr(details)}`); + return; + } + this._logger.debug(`Removed shown: ${this._detailsRepr(details)}`); + // Reset the prompt as a precaution. + // In particular, we want to clear the input so that the entered key does + // not persist. + this._onPromptShowing(null); + }, + + /** + * Callback when the user submits the key. + */ + async _onDone() { + this._logger.debug( + `Sumbitting key: ${this._detailsRepr(this._shownDetails)}` + ); + + // Grab the details before they might change as we await. + const { browser, onionServiceId, notification } = this._shownDetails; + const isPermanent = this._persistCheckbox.checked; + + const base64key = this._keyToBase64(this._keyInput.value); + if (!base64key) { + this._showWarning(this.TorStrings.onionServices.authPrompt.invalidKey); + return; + } + + try { + const provider = await this._lazy.TorProviderBuilder.build(); + await provider.onionAuthAdd(onionServiceId, base64key, isPermanent); + } catch (e) { + if (e.torMessage) { + this._showWarning(e.torMessage); + } else { + this._logger.error(`Failed to set key for ${onionServiceId}`, e); + this._showWarning( + this.TorStrings.onionServices.authPrompt.failedToSetKey + ); } - }, - - _onKeyFieldKeyPress(aEvent) { - if (aEvent.keyCode == aEvent.DOM_VK_RETURN) { - this._onDone(); - } else if (aEvent.keyCode == aEvent.DOM_VK_ESCAPE) { - this._prompt.remove(); - this._onCancel(); - } - }, - - _onKeyFieldInput(aEvent) { - this._showWarning(undefined); // Remove the warning. - }, - - async _onDone() { - const keyElem = this._getKeyElement(); - if (!keyElem) { - return; - } - - const base64key = this._keyToBase64(keyElem.value); - if (!base64key) { - this._showWarning(lazy.TorStrings.onionServices.authPrompt.invalidKey); - return; - } - - this._prompt.remove(); - - const controllerFailureMsg = - lazy.TorStrings.onionServices.authPrompt.failedToSetKey; + return; + } + + notification.remove(); + // Success! Reload the page. + browser.sendMessageToActor("Browser:Reload", {}, "BrowserTab"); + }, + + /** + * Callback when the user dismisses the prompt. + */ + _onCancel() { + // Arrange for an error page to be displayed: + // we build a short script calling docShell.displayError() + // and we pass it as a data: URI to loadFrameScript(), + // which runs it in the content frame which triggered + // this authentication prompt. + this._logger.debug(`Cancelling: ${this._detailsRepr(this._shownDetails)}`); + + const { browser, cause, uri } = this._shownDetails; + const errorCode = + cause === this._topics.clientAuthMissing + ? Cr.NS_ERROR_TOR_ONION_SVC_MISSING_CLIENT_AUTH + : Cr.NS_ERROR_TOR_ONION_SVC_BAD_CLIENT_AUTH; + const io = + 'ChromeUtils.import("resource://gre/modules/Services.jsm").Services.io'; + + browser.messageManager.loadFrameScript( + `data:application/javascript,${encodeURIComponent( + `docShell.displayLoadError(${errorCode}, ${io}.newURI(${JSON.stringify( + uri.spec + )}), undefined, undefined);` + )}`, + false + ); + }, + + /** + * Show a warning message to the user or clear the warning. + * + * @param {string?} warningMessage - The message to show, or undefined to + * clear the current message. + */ + _showWarning(warningMessage) { + this._logger.debug(`Showing warning: ${warningMessage}`); + if (warningMessage) { + this._warningEl.textContent = warningMessage; + this._warningEl.removeAttribute("hidden"); + this._keyInput.classList.add("invalid"); + } else { + this._warningEl.setAttribute("hidden", "true"); + this._keyInput.classList.remove("invalid"); + } + }, + + /** + * Convert the user-entered key into base64. + * + * @param {string} keyString - The key to convert. + * @returns {string?} - The base64 representation, or undefined if the given + * key was not the correct format. + */ + _keyToBase64(keyString) { + if (!keyString) { + return undefined; + } + + let base64key; + if (keyString.length === 52) { + // The key is probably base32-encoded. Attempt to decode. + // Although base32 specifies uppercase letters, we accept lowercase + // as well because users may type in lowercase or copy a key out of + // a tor onion-auth file (which uses lowercase). + let rawKey; try { - // ^(subdomain.)*onionserviceid.onion$ (case-insensitive) - const onionServiceIdRegExp = - /^(.*\.)*(?<onionServiceId>[a-z2-7]{56})\.onion$/i; - // match() will return null on bad match, causing throw - const onionServiceId = this._onionHostname - .match(onionServiceIdRegExp) - .groups.onionServiceId.toLowerCase(); - - const checkboxElem = this._getCheckboxElement(); - const isPermanent = checkboxElem && checkboxElem.checked; - const provider = await lazy.TorProviderBuilder.build(); - await provider.onionAuthAdd(onionServiceId, base64key, isPermanent); - // Success! Reload the page. - this._browser.sendMessageToActor("Browser:Reload", {}, "BrowserTab"); - } catch (e) { - if (e.torMessage) { - this.show(e.torMessage); - } else { - console.error(controllerFailureMsg, e); - this.show(controllerFailureMsg); - } - } - }, - - _onCancel() { - // Arrange for an error page to be displayed: - // we build a short script calling docShell.displayError() - // and we pass it as a data: URI to loadFrameScript(), - // which runs it in the content frame which triggered - // this authentication prompt. - const failedURI = this._failedURI.spec; - const errorCode = - this._reasonForPrompt === topics.clientAuthMissing - ? Cr.NS_ERROR_TOR_ONION_SVC_MISSING_CLIENT_AUTH - : Cr.NS_ERROR_TOR_ONION_SVC_BAD_CLIENT_AUTH; - const io = - 'ChromeUtils.import("resource://gre/modules/Services.jsm").Services.io'; - - this._browser.messageManager.loadFrameScript( - `data:application/javascript,${encodeURIComponent( - `docShell.displayLoadError(${errorCode}, ${io}.newURI(${JSON.stringify( - failedURI - )}), undefined, undefined);` - )}`, - false - ); - }, - - _getKeyElement() { - let xulDoc = this._browser.ownerDocument; - return xulDoc.getElementById("tor-clientauth-notification-key"); - }, - - _getCheckboxElement() { - let xulDoc = this._browser.ownerDocument; - return xulDoc.getElementById("tor-clientauth-persistkey-checkbox"); - }, - - _showWarning(aWarningMessage) { - let xulDoc = this._browser.ownerDocument; - let warningElem = xulDoc.getElementById("tor-clientauth-warning"); - let keyElem = this._getKeyElement(); - if (warningElem) { - if (aWarningMessage) { - warningElem.textContent = aWarningMessage; - warningElem.removeAttribute("hidden"); - if (keyElem) { - keyElem.className = "invalid"; - } - } else { - warningElem.setAttribute("hidden", "true"); - if (keyElem) { - keyElem.className = ""; - } - } - } - }, - - // Returns undefined if the key is the wrong length or format. - _keyToBase64(aKeyString) { - if (!aKeyString) { - return undefined; - } + rawKey = this._lazy.CommonUtils.decodeBase32(keyString.toUpperCase()); + } catch (e) {} - let base64key; - if (aKeyString.length == 52) { - // The key is probably base32-encoded. Attempt to decode. - // Although base32 specifies uppercase letters, we accept lowercase - // as well because users may type in lowercase or copy a key out of - // a tor onion-auth file (which uses lowercase). - let rawKey; + if (rawKey) { try { - rawKey = lazy.CommonUtils.decodeBase32(aKeyString.toUpperCase()); + base64key = btoa(rawKey); } catch (e) {} - - if (rawKey) { - try { - base64key = btoa(rawKey); - } catch (e) {} - } - } else if ( - aKeyString.length == 44 && - /^[a-zA-Z0-9+/]*=*$/.test(aKeyString) - ) { - // The key appears to be a correctly formatted base64 value. If not, - // tor will return an error when we try to add the key via the - // control port. - base64key = aKeyString; } - - return base64key; - }, - }; - - let retval = { - init() { - Services.obs.addObserver(this, topics.clientAuthMissing); - Services.obs.addObserver(this, topics.clientAuthIncorrect); - }, - - uninit() { - Services.obs.removeObserver(this, topics.clientAuthMissing); - Services.obs.removeObserver(this, topics.clientAuthIncorrect); - }, - - // aSubject is the DOM Window or browser where the prompt should be shown. - // aData contains the .onion name. - observe(aSubject, aTopic, aData) { - if ( - aTopic != topics.clientAuthMissing && - aTopic != topics.clientAuthIncorrect - ) { - return; - } - - let browser; - if (aSubject instanceof Ci.nsIDOMWindow) { - let contentWindow = aSubject.QueryInterface(Ci.nsIDOMWindow); - browser = contentWindow.docShell.chromeEventHandler; - } else { - browser = aSubject.QueryInterface(Ci.nsIBrowser); - } - - if (!gBrowser.browsers.some(aBrowser => aBrowser == browser)) { - return; // This window does not contain the subject browser; ignore. + } else if ( + keyString.length === 44 && + /^[a-zA-Z0-9+/]*=*$/.test(keyString) + ) { + // The key appears to be a correctly formatted base64 value. If not, + // tor will return an error when we try to add the key via the + // control port. + base64key = keyString; + } + + return base64key; + }, + + /** + * Initialize the authentication prompt. + */ + init() { + this._logger = console.createInstance({ + prefix: "OnionAuthPrompt", + maxLogLevel: "Warn", + maxLogLevelPref: "browser.onionAuthPrompt.loglevel", + }); + + const { TorStrings } = ChromeUtils.importESModule( + "resource://gre/modules/TorStrings.sys.mjs" + ); + this.TorStrings = TorStrings; + ChromeUtils.defineESModuleGetters(this._lazy, { + TorProviderBuilder: "resource://gre/modules/TorProviderBuilder.sys.mjs", + CommonUtils: "resource://services-common/utils.sys.mjs", + }); + + this._keyInput = document.getElementById("tor-clientauth-notification-key"); + this._persistCheckbox = document.getElementById( + "tor-clientauth-persistkey-checkbox" + ); + this._warningEl = document.getElementById("tor-clientauth-warning"); + this._descriptionEl = document.getElementById( + "tor-clientauth-notification-desc" + ); + + // Set "Learn More" label and href. + const learnMoreElem = document.getElementById( + "tor-clientauth-notification-learnmore" + ); + learnMoreElem.setAttribute( + "value", + this.TorStrings.onionServices.learnMore + ); + + this._keyInput.setAttribute( + "placeholder", + this.TorStrings.onionServices.authPrompt.keyPlaceholder + ); + this._keyInput.addEventListener("keydown", event => { + if (event.key === "Enter") { + event.preventDefault(); + this._onDone(); } - - let failedURI = browser.currentURI; - let authPrompt = new OnionServicesAuthPrompt( - browser, - failedURI, - aTopic, - aData + }); + this._keyInput.addEventListener("input", event => { + // Remove the warning. + this._showWarning(undefined); + }); + + Services.obs.addObserver(this, this._topics.clientAuthMissing); + Services.obs.addObserver(this, this._topics.clientAuthIncorrect); + }, + + /** + * Un-initialize the authentication prompt. + */ + uninit() { + Services.obs.removeObserver(this, this._topics.clientAuthMissing); + Services.obs.removeObserver(this, this._topics.clientAuthIncorrect); + }, + + observe(subject, topic, data) { + if ( + topic !== this._topics.clientAuthMissing && + topic !== this._topics.clientAuthIncorrect + ) { + return; + } + + // "subject" is the DOM window or browser where the prompt should be shown. + let browser; + if (subject instanceof Ci.nsIDOMWindow) { + let contentWindow = subject.QueryInterface(Ci.nsIDOMWindow); + browser = contentWindow.docShell.chromeEventHandler; + } else { + browser = subject.QueryInterface(Ci.nsIBrowser); + } + + if (!gBrowser.browsers.includes(browser)) { + // This window does not contain the subject browser. + this._logger.debug( + `Window ${window.docShell.outerWindowID}: Ignoring ${topic}` ); - authPrompt.show(undefined); - }, - }; - - return retval; -})(); /* OnionAuthPrompt */ - -Object.defineProperty(this, "OnionAuthPrompt", { - value: OnionAuthPrompt, - enumerable: true, - writable: false, -}); + return; + } + this._logger.debug( + `Window ${window.docShell.outerWindowID}: Handling ${topic}` + ); + + const onionHost = data; + // ^(subdomain.)*onionserviceid.onion$ (case-insensitive) + const onionServiceId = onionHost + .match(/^(.*\.)?(?<onionServiceId>[a-z2-7]{56})\.onion$/i) + ?.groups.onionServiceId.toLowerCase(); + if (!onionServiceId) { + this._logger.error(`Malformed onion address: ${onionHost}`); + return; + } + + const details = { + browser, + cause: topic, + onionHost, + uri: browser.currentURI, + onionServiceId, + }; + this.show(details); + }, +}; View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/29ff3f… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/29ff3f… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/rbm][main] Bug 40076: Take refresh_input into account when computing input_files_id
by richard (＠richard) 30 Apr '24

30 Apr '24

richard pushed to branch main at The Tor Project / Applications / RBM Commits: 148d8541 by Nicolas Vigier at 2024-04-25T14:54:32+02:00 Bug 40076: Take refresh_input into account when computing input_files_id The `refresh_input` option forces refreshing an input_file. The option is correctly taken into account when starting a build, but was not when computing `input_files_id`. - - - - - 1 changed file: - lib/RBM.pm Changes: ===================================== lib/RBM.pm ===================================== @@ -796,7 +796,7 @@ sub input_file_need_dl { return undef; } return undef if $input_file->{exec}; - return undef if $fname; + return undef if ($fname && !$t->('refresh_input')); return 1 if $input_file->{URL}; return 1 if $input_file->{content}; return undef; View it on GitLab: https://gitlab.torproject.org/tpo/applications/rbm/-/commit/148d8541f177f31… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/rbm/-/commit/148d8541f177f31… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-update-responses][main] alpha: new version, 13.5a7
by boklm (＠boklm) 29 Apr '24

29 Apr '24

boklm pushed to branch main at The Tor Project / Applications / Tor Browser update responses Commits: 54df007d by Nicolas Vigier at 2024-04-29T16:51:58+02:00 alpha: new version, 13.5a7 - - - - - 30 changed files: - update_3/alpha/.htaccess - − update_3/alpha/13.5a3-13.5a6-linux-i686-ALL.xml - − update_3/alpha/13.5a3-13.5a6-linux-x86_64-ALL.xml - − update_3/alpha/13.5a3-13.5a6-macos-ALL.xml - − update_3/alpha/13.5a3-13.5a6-windows-i686-ALL.xml - − update_3/alpha/13.5a3-13.5a6-windows-x86_64-ALL.xml - − update_3/alpha/13.5a4-13.5a6-linux-i686-ALL.xml - − update_3/alpha/13.5a4-13.5a6-linux-x86_64-ALL.xml - − update_3/alpha/13.5a4-13.5a6-macos-ALL.xml - − update_3/alpha/13.5a4-13.5a6-windows-i686-ALL.xml - − update_3/alpha/13.5a4-13.5a6-windows-x86_64-ALL.xml - + update_3/alpha/13.5a4-13.5a7-linux-i686-ALL.xml - + update_3/alpha/13.5a4-13.5a7-linux-x86_64-ALL.xml - + update_3/alpha/13.5a4-13.5a7-macos-ALL.xml - + update_3/alpha/13.5a4-13.5a7-windows-i686-ALL.xml - + update_3/alpha/13.5a4-13.5a7-windows-x86_64-ALL.xml - − update_3/alpha/13.5a5-13.5a6-linux-i686-ALL.xml - − update_3/alpha/13.5a5-13.5a6-linux-x86_64-ALL.xml - − update_3/alpha/13.5a5-13.5a6-macos-ALL.xml - − update_3/alpha/13.5a5-13.5a6-windows-i686-ALL.xml - − update_3/alpha/13.5a5-13.5a6-windows-x86_64-ALL.xml - + update_3/alpha/13.5a5-13.5a7-linux-i686-ALL.xml - + update_3/alpha/13.5a5-13.5a7-linux-x86_64-ALL.xml - + update_3/alpha/13.5a5-13.5a7-macos-ALL.xml - + update_3/alpha/13.5a5-13.5a7-windows-i686-ALL.xml - + update_3/alpha/13.5a5-13.5a7-windows-x86_64-ALL.xml - + update_3/alpha/13.5a6-13.5a7-linux-i686-ALL.xml - + update_3/alpha/13.5a6-13.5a7-linux-x86_64-ALL.xml - + update_3/alpha/13.5a6-13.5a7-macos-ALL.xml - + update_3/alpha/13.5a6-13.5a7-windows-i686-ALL.xml The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser-update-responses][main] alpha: new version, 13.5a7
by boklm (＠boklm) 29 Apr '24

29 Apr '24

boklm pushed to branch main at The Tor Project / Applications / mullvad-browser-update-responses Commits: ac9f621a by Nicolas Vigier at 2024-04-29T15:33:08+02:00 alpha: new version, 13.5a7 - - - - - 29 changed files: - update_1/alpha/.htaccess - − update_1/alpha/13.5a3-13.5a6-linux-x86_64-ALL.xml - − update_1/alpha/13.5a3-13.5a6-macos-ALL.xml - − update_1/alpha/13.5a3-13.5a6-windows-x86_64-ALL.xml - − update_1/alpha/13.5a4-13.5a6-linux-x86_64-ALL.xml - − update_1/alpha/13.5a4-13.5a6-macos-ALL.xml - − update_1/alpha/13.5a4-13.5a6-windows-x86_64-ALL.xml - + update_1/alpha/13.5a4-13.5a7-linux-x86_64-ALL.xml - + update_1/alpha/13.5a4-13.5a7-macos-ALL.xml - + update_1/alpha/13.5a4-13.5a7-windows-x86_64-ALL.xml - − update_1/alpha/13.5a5-13.5a6-linux-x86_64-ALL.xml - − update_1/alpha/13.5a5-13.5a6-macos-ALL.xml - − update_1/alpha/13.5a5-13.5a6-windows-x86_64-ALL.xml - + update_1/alpha/13.5a5-13.5a7-linux-x86_64-ALL.xml - + update_1/alpha/13.5a5-13.5a7-macos-ALL.xml - + update_1/alpha/13.5a5-13.5a7-windows-x86_64-ALL.xml - + update_1/alpha/13.5a6-13.5a7-linux-x86_64-ALL.xml - + update_1/alpha/13.5a6-13.5a7-macos-ALL.xml - + update_1/alpha/13.5a6-13.5a7-windows-x86_64-ALL.xml - − update_1/alpha/13.5a6-linux-x86_64-ALL.xml - − update_1/alpha/13.5a6-macos-ALL.xml - − update_1/alpha/13.5a6-windows-x86_64-ALL.xml - + update_1/alpha/13.5a7-linux-x86_64-ALL.xml - + update_1/alpha/13.5a7-macos-ALL.xml - + update_1/alpha/13.5a7-windows-x86_64-ALL.xml - update_1/alpha/download-linux-x86_64.json - update_1/alpha/download-macos.json - update_1/alpha/download-windows-x86_64.json - update_1/alpha/downloads.json Changes: ===================================== update_1/alpha/.htaccess ===================================== @@ -1,22 +1,22 @@ RewriteEngine On -RewriteRule ^[^/]+/13.5a6/ no-update.xml [last] -RewriteRule ^Linux_x86_64-gcc3/13.5a3/ALL 13.5a3-13.5a6-linux-x86_64-ALL.xml [last] -RewriteRule ^Linux_x86_64-gcc3/13.5a4/ALL 13.5a4-13.5a6-linux-x86_64-ALL.xml [last] -RewriteRule ^Linux_x86_64-gcc3/13.5a5/ALL 13.5a5-13.5a6-linux-x86_64-ALL.xml [last] -RewriteRule ^Linux_x86_64-gcc3/[^/]+/ALL 13.5a6-linux-x86_64-ALL.xml [last] -RewriteRule ^Linux_x86_64-gcc3/ 13.5a6-linux-x86_64-ALL.xml [last] -RewriteRule ^Darwin_x86_64-gcc3/13.5a3/ALL 13.5a3-13.5a6-macos-ALL.xml [last] -RewriteRule ^Darwin_x86_64-gcc3/13.5a4/ALL 13.5a4-13.5a6-macos-ALL.xml [last] -RewriteRule ^Darwin_x86_64-gcc3/13.5a5/ALL 13.5a5-13.5a6-macos-ALL.xml [last] -RewriteRule ^Darwin_x86_64-gcc3/[^/]+/ALL 13.5a6-macos-ALL.xml [last] -RewriteRule ^Darwin_x86_64-gcc3/ 13.5a6-macos-ALL.xml [last] -RewriteRule ^Darwin_aarch64-gcc3/13.5a3/ALL 13.5a3-13.5a6-macos-ALL.xml [last] -RewriteRule ^Darwin_aarch64-gcc3/13.5a4/ALL 13.5a4-13.5a6-macos-ALL.xml [last] -RewriteRule ^Darwin_aarch64-gcc3/13.5a5/ALL 13.5a5-13.5a6-macos-ALL.xml [last] -RewriteRule ^Darwin_aarch64-gcc3/[^/]+/ALL 13.5a6-macos-ALL.xml [last] -RewriteRule ^Darwin_aarch64-gcc3/ 13.5a6-macos-ALL.xml [last] -RewriteRule ^WINNT_x86_64-gcc3-x64/13.5a3/ALL 13.5a3-13.5a6-windows-x86_64-ALL.xml [last] -RewriteRule ^WINNT_x86_64-gcc3-x64/13.5a4/ALL 13.5a4-13.5a6-windows-x86_64-ALL.xml [last] -RewriteRule ^WINNT_x86_64-gcc3-x64/13.5a5/ALL 13.5a5-13.5a6-windows-x86_64-ALL.xml [last] -RewriteRule ^WINNT_x86_64-gcc3-x64/[^/]+/ALL 13.5a6-windows-x86_64-ALL.xml [last] -RewriteRule ^WINNT_x86_64-gcc3-x64/ 13.5a6-windows-x86_64-ALL.xml [last] +RewriteRule ^[^/]+/13.5a7/ no-update.xml [last] +RewriteRule ^Linux_x86_64-gcc3/13.5a4/ALL 13.5a4-13.5a7-linux-x86_64-ALL.xml [last] +RewriteRule ^Linux_x86_64-gcc3/13.5a5/ALL 13.5a5-13.5a7-linux-x86_64-ALL.xml [last] +RewriteRule ^Linux_x86_64-gcc3/13.5a6/ALL 13.5a6-13.5a7-linux-x86_64-ALL.xml [last] +RewriteRule ^Linux_x86_64-gcc3/[^/]+/ALL 13.5a7-linux-x86_64-ALL.xml [last] +RewriteRule ^Linux_x86_64-gcc3/ 13.5a7-linux-x86_64-ALL.xml [last] +RewriteRule ^Darwin_x86_64-gcc3/13.5a4/ALL 13.5a4-13.5a7-macos-ALL.xml [last] +RewriteRule ^Darwin_x86_64-gcc3/13.5a5/ALL 13.5a5-13.5a7-macos-ALL.xml [last] +RewriteRule ^Darwin_x86_64-gcc3/13.5a6/ALL 13.5a6-13.5a7-macos-ALL.xml [last] +RewriteRule ^Darwin_x86_64-gcc3/[^/]+/ALL 13.5a7-macos-ALL.xml [last] +RewriteRule ^Darwin_x86_64-gcc3/ 13.5a7-macos-ALL.xml [last] +RewriteRule ^Darwin_aarch64-gcc3/13.5a4/ALL 13.5a4-13.5a7-macos-ALL.xml [last] +RewriteRule ^Darwin_aarch64-gcc3/13.5a5/ALL 13.5a5-13.5a7-macos-ALL.xml [last] +RewriteRule ^Darwin_aarch64-gcc3/13.5a6/ALL 13.5a6-13.5a7-macos-ALL.xml [last] +RewriteRule ^Darwin_aarch64-gcc3/[^/]+/ALL 13.5a7-macos-ALL.xml [last] +RewriteRule ^Darwin_aarch64-gcc3/ 13.5a7-macos-ALL.xml [last] +RewriteRule ^WINNT_x86_64-gcc3-x64/13.5a4/ALL 13.5a4-13.5a7-windows-x86_64-ALL.xml [last] +RewriteRule ^WINNT_x86_64-gcc3-x64/13.5a5/ALL 13.5a5-13.5a7-windows-x86_64-ALL.xml [last] +RewriteRule ^WINNT_x86_64-gcc3-x64/13.5a6/ALL 13.5a6-13.5a7-windows-x86_64-ALL.xml [last] +RewriteRule ^WINNT_x86_64-gcc3-x64/[^/]+/ALL 13.5a7-windows-x86_64-ALL.xml [last] +RewriteRule ^WINNT_x86_64-gcc3-x64/ 13.5a7-windows-x86_64-ALL.xml [last] ===================================== update_1/alpha/13.5a3-13.5a6-linux-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5a6" appVersion="13.5a6" platformVersion="115.9.0" buildID="20240327135729" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5a6" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5a6" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-linux-x86_64-13.5a6_…" hashFunction="SHA512" hashValue="44fcf94bf30811ae31ced8d9982988e06e10a1dfa0190b000b34604dcac0d17f1610d6f1c61d59a45ff309ef3b188b9c333b37fde1a2f6a75aca0271f39c6339" size="108111355" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-linux-x86_64--13.5a3…" hashFunction="SHA512" hashValue="9e777fddfa0f657288f0390076bd6a43a37a87743ac742fdaf9b958b3b4611a38fdce7b333371d1cf095e2d1323fd654578933adda2c4604748284e2f6b5fbc1" size="16581110" type="partial"></patch></update></updates> ===================================== update_1/alpha/13.5a3-13.5a6-macos-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5a6" appVersion="13.5a6" platformVersion="115.9.0" buildID="20240327135729" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5a6" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5a6" minSupportedOSVersion="16.0.0"><patch URL="https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-macos-13.5a6_ALL.mar" hashFunction="SHA512" hashValue="7ad0fd05c9b20bf197f189151f8c67a0f82fa33612643f4dddccaf26ca0592b035984366a3371efdb64ad5cfea71618912656d63e1d859b3b5d5badb8ed128c7" size="115521323" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-macos--13.5a3-13.5a6…" hashFunction="SHA512" hashValue="4f1b8188d674402974cae1373fa8fa452d9f93862885af4cb7ae555febf5a0a8c383d828b325039722aa0abb6b0f9004911a29e9f0b9a611bd7ca3bb91a9367e" size="17344873" type="partial"></patch></update></updates> ===================================== update_1/alpha/13.5a3-13.5a6-windows-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5a6" appVersion="13.5a6" platformVersion="115.9.0" buildID="20240327135729" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5a6" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5a6" minSupportedOSVersion="6.1" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-windows-x86_64-13.5a…" hashFunction="SHA512" hashValue="77a35c65b2e37e6012e9960ea1d5deca6f76dcb1a5bd76615873b251a984e23372e2a5f028416fcfd04c9acc942136c7846b78785f1f3b25e03805f6e4ef4cdb" size="89742748" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-windows-x86_64--13.5…" hashFunction="SHA512" hashValue="7210d892e7a75d3247ac12ddc7d466df521b256c0ac76b1d2804221d3cce6d38faf327e071ce349ab460bf57e387ecfdfc523f8a94c4f62637442f03f04d8e96" size="13826633" type="partial"></patch></update></updates> ===================================== update_1/alpha/13.5a4-13.5a6-linux-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5a6" appVersion="13.5a6" platformVersion="115.9.0" buildID="20240327135729" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5a6" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5a6" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-linux-x86_64-13.5a6_…" hashFunction="SHA512" hashValue="44fcf94bf30811ae31ced8d9982988e06e10a1dfa0190b000b34604dcac0d17f1610d6f1c61d59a45ff309ef3b188b9c333b37fde1a2f6a75aca0271f39c6339" size="108111355" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-linux-x86_64--13.5a4…" hashFunction="SHA512" hashValue="422b7f0f69f4bb2474261143bbf4c947269f49ad165853636eec6f3b18708ac0e368afc5ff40efe7570413ac531337d577adb626867d1a794c39523b0c216bea" size="10315722" type="partial"></patch></update></updates> ===================================== update_1/alpha/13.5a4-13.5a6-macos-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5a6" appVersion="13.5a6" platformVersion="115.9.0" buildID="20240327135729" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5a6" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5a6" minSupportedOSVersion="16.0.0"><patch URL="https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-macos-13.5a6_ALL.mar" hashFunction="SHA512" hashValue="7ad0fd05c9b20bf197f189151f8c67a0f82fa33612643f4dddccaf26ca0592b035984366a3371efdb64ad5cfea71618912656d63e1d859b3b5d5badb8ed128c7" size="115521323" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-macos--13.5a4-13.5a6…" hashFunction="SHA512" hashValue="3bb3b0c5e75d032e95fefb5320072d0aa222bbd250a5a675a2271be8b1f17b44916bd5aee0a7ccb88da329f22cf6acde09f24eb4087d59ad0fb15f7a5f626845" size="13693861" type="partial"></patch></update></updates> ===================================== update_1/alpha/13.5a4-13.5a6-windows-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5a6" appVersion="13.5a6" platformVersion="115.9.0" buildID="20240327135729" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5a6" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5a6" minSupportedOSVersion="6.1" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-windows-x86_64-13.5a…" hashFunction="SHA512" hashValue="77a35c65b2e37e6012e9960ea1d5deca6f76dcb1a5bd76615873b251a984e23372e2a5f028416fcfd04c9acc942136c7846b78785f1f3b25e03805f6e4ef4cdb" size="89742748" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-windows-x86_64--13.5…" hashFunction="SHA512" hashValue="91a657b6ab486dd9ba34e5529737afb17bc0de2a59ec06d76dc55dc484a685d6e8b2e80be9e5ac22688f4be56da10105e63855b81c49cd46ca047f0ea8b8ee44" size="10272365" type="partial"></patch></update></updates> ===================================== update_1/alpha/13.5a4-13.5a7-linux-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="13.5a7" appVersion="13.5a7" platformVersion="115.10.0" buildID="20240425120000" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5a7" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5a7" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-linux-x86_64-13.5a7_…" hashFunction="SHA512" hashValue="2f3c39a28b3da65e5592c6cf82a48849253e396b66cd564e57213cf1f7aa6946dd4a043cbaae823e8b881578661c16b6997c294a386ab79e9c35e582420532f0" size="108177359" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-linux-x86_64--13.5a4…" hashFunction="SHA512" hashValue="aba1a3b3334ee8b8833cbd2c466049ec3e8633af7936b94b7bf105e138d6d066684029c4eeeef26c2e057162ec6f5d89d8ec6a87a24f96782ff0e89a9002c208" size="11357278" type="partial"></patch></update></updates> ===================================== update_1/alpha/13.5a4-13.5a7-macos-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="13.5a7" appVersion="13.5a7" platformVersion="115.10.0" buildID="20240425120000" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5a7" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5a7" minSupportedOSVersion="16.0.0"><patch URL="https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-macos-13.5a7_ALL.mar" hashFunction="SHA512" hashValue="b169353967ad22a9e5b7f9911db2a0330e494971d98f009543ad29de3ca04d43945eca8707e8ceababcd84ce9e2f52bc02a3e9e343843ae545d6a619ca35aee4" size="115580635" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-macos--13.5a4-13.5a7…" hashFunction="SHA512" hashValue="954f52fde24e217ebcb9297d3b4de06437179343d723939f929a313b346b8d8267ea4ce11adc248288d91362f451cb7579263027f1d4159cbb35dd6ffdc7dc9f" size="75438707" type="partial"></patch></update></updates> ===================================== update_1/alpha/13.5a4-13.5a7-windows-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="13.5a7" appVersion="13.5a7" platformVersion="115.10.0" buildID="20240425120000" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5a7" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5a7" minSupportedOSVersion="6.1" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-windows-x86_64-13.5a…" hashFunction="SHA512" hashValue="07b79ad9c1a9be538b56219a64531fb77972a581adb9996241a17456b062314970c949ce5ef8d31ac2bd6e4f0aef9a8a9d7ed7332c63cf19e026e156f8f81b90" size="89800128" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-windows-x86_64--13.5…" hashFunction="SHA512" hashValue="8a7add2e7f21554e649388793eed84e72ad6e378167c54db0b1cd6c2d38b861309eb0b7135c3beb1888a14cf9ccc77934462c3cfec26a87c462cf8b2ce12d7d3" size="10938745" type="partial"></patch></update></updates> ===================================== update_1/alpha/13.5a5-13.5a6-linux-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5a6" appVersion="13.5a6" platformVersion="115.9.0" buildID="20240327135729" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5a6" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5a6" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-linux-x86_64-13.5a6_…" hashFunction="SHA512" hashValue="44fcf94bf30811ae31ced8d9982988e06e10a1dfa0190b000b34604dcac0d17f1610d6f1c61d59a45ff309ef3b188b9c333b37fde1a2f6a75aca0271f39c6339" size="108111355" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-linux-x86_64--13.5a5…" hashFunction="SHA512" hashValue="b05f7e5a78b61aaa08c2b594e90760f7e9ff79f2fdeb31381f8a2c85afa5996bcabbb08dc0b1bb5142d16a7accdb40583753f23d73806d50f0a865f810bd77ea" size="6911078" type="partial"></patch></update></updates> ===================================== update_1/alpha/13.5a5-13.5a6-macos-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5a6" appVersion="13.5a6" platformVersion="115.9.0" buildID="20240327135729" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5a6" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5a6" minSupportedOSVersion="16.0.0"><patch URL="https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-macos-13.5a6_ALL.mar" hashFunction="SHA512" hashValue="7ad0fd05c9b20bf197f189151f8c67a0f82fa33612643f4dddccaf26ca0592b035984366a3371efdb64ad5cfea71618912656d63e1d859b3b5d5badb8ed128c7" size="115521323" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-macos--13.5a5-13.5a6…" hashFunction="SHA512" hashValue="3ed0b46b6cfc4d28778045acc0338ec5d6fc9e0f7f651d15607128cbf9ed1b287955670a686cf4f8e4fb3541c5cd63ed44d5548de62e9ba0eb35039aaf385fad" size="9947238" type="partial"></patch></update></updates> ===================================== update_1/alpha/13.5a5-13.5a6-windows-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5a6" appVersion="13.5a6" platformVersion="115.9.0" buildID="20240327135729" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5a6" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5a6" minSupportedOSVersion="6.1" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-windows-x86_64-13.5a…" hashFunction="SHA512" hashValue="77a35c65b2e37e6012e9960ea1d5deca6f76dcb1a5bd76615873b251a984e23372e2a5f028416fcfd04c9acc942136c7846b78785f1f3b25e03805f6e4ef4cdb" size="89742748" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-windows-x86_64--13.5…" hashFunction="SHA512" hashValue="8080c016add033f5dca2875c747a7f8c16ad68d28ec6d4bee5cd0d40fe33d3be7c5d085bd2f44aff073a0fbf73538915c481a99b8d695d2f6f12951d60a97c62" size="6715331" type="partial"></patch></update></updates> ===================================== update_1/alpha/13.5a5-13.5a7-linux-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="13.5a7" appVersion="13.5a7" platformVersion="115.10.0" buildID="20240425120000" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5a7" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5a7" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-linux-x86_64-13.5a7_…" hashFunction="SHA512" hashValue="2f3c39a28b3da65e5592c6cf82a48849253e396b66cd564e57213cf1f7aa6946dd4a043cbaae823e8b881578661c16b6997c294a386ab79e9c35e582420532f0" size="108177359" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-linux-x86_64--13.5a5…" hashFunction="SHA512" hashValue="20f6c406be2a65fc95cb6f55217df1de1e404989e3e44375daf6b3247e26a4c3d7550fa750e73c09b3634b06b95549c3cef103f678fcdebd26e64381bb2b7b73" size="10785100" type="partial"></patch></update></updates> ===================================== update_1/alpha/13.5a5-13.5a7-macos-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="13.5a7" appVersion="13.5a7" platformVersion="115.10.0" buildID="20240425120000" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5a7" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5a7" minSupportedOSVersion="16.0.0"><patch URL="https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-macos-13.5a7_ALL.mar" hashFunction="SHA512" hashValue="b169353967ad22a9e5b7f9911db2a0330e494971d98f009543ad29de3ca04d43945eca8707e8ceababcd84ce9e2f52bc02a3e9e343843ae545d6a619ca35aee4" size="115580635" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-macos--13.5a5-13.5a7…" hashFunction="SHA512" hashValue="eb7b6890b3eb2020b8f916fe1def6c05da2b20da5f4ff03175806a847fe34b7b04e770b306cd3a9cbdcb0505d03420e8b5cc54272788ebb93f941d8352c8892a" size="75285209" type="partial"></patch></update></updates> ===================================== update_1/alpha/13.5a5-13.5a7-windows-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="13.5a7" appVersion="13.5a7" platformVersion="115.10.0" buildID="20240425120000" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5a7" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5a7" minSupportedOSVersion="6.1" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-windows-x86_64-13.5a…" hashFunction="SHA512" hashValue="07b79ad9c1a9be538b56219a64531fb77972a581adb9996241a17456b062314970c949ce5ef8d31ac2bd6e4f0aef9a8a9d7ed7332c63cf19e026e156f8f81b90" size="89800128" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-windows-x86_64--13.5…" hashFunction="SHA512" hashValue="6b15fb4cb9dc42972602ad0558db2c395987ebc57fbce059a67a1192af8f6a8fc771877c9824c0e81d80933340014a39c6d51d7fdcbc35d104bc802571467834" size="9916729" type="partial"></patch></update></updates> ===================================== update_1/alpha/13.5a6-13.5a7-linux-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="13.5a7" appVersion="13.5a7" platformVersion="115.10.0" buildID="20240425120000" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5a7" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5a7" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-linux-x86_64-13.5a7_…" hashFunction="SHA512" hashValue="2f3c39a28b3da65e5592c6cf82a48849253e396b66cd564e57213cf1f7aa6946dd4a043cbaae823e8b881578661c16b6997c294a386ab79e9c35e582420532f0" size="108177359" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-linux-x86_64--13.5a6…" hashFunction="SHA512" hashValue="9edd25e8674b44b3e132a01aec0388e6d19a33674a8551e2af03c4cc4342b2abc705247b4c55f4100c578b6f149e2995df467ff22a97246e109bf21e7ef8883a" size="8750651" type="partial"></patch></update></updates> ===================================== update_1/alpha/13.5a6-13.5a7-macos-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="13.5a7" appVersion="13.5a7" platformVersion="115.10.0" buildID="20240425120000" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5a7" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5a7" minSupportedOSVersion="16.0.0"><patch URL="https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-macos-13.5a7_ALL.mar" hashFunction="SHA512" hashValue="b169353967ad22a9e5b7f9911db2a0330e494971d98f009543ad29de3ca04d43945eca8707e8ceababcd84ce9e2f52bc02a3e9e343843ae545d6a619ca35aee4" size="115580635" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-macos--13.5a6-13.5a7…" hashFunction="SHA512" hashValue="a8c6ea5ed2d6c25061572a9e7c7dab835836f988333d69c1d63c7856221f3a8ed7a50c75747389b717794618f79c44d700f89471c6ca0859d88bea95e08c7ece" size="74047521" type="partial"></patch></update></updates> ===================================== update_1/alpha/13.5a6-13.5a7-windows-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="13.5a7" appVersion="13.5a7" platformVersion="115.10.0" buildID="20240425120000" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5a7" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5a7" minSupportedOSVersion="6.1" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-windows-x86_64-13.5a…" hashFunction="SHA512" hashValue="07b79ad9c1a9be538b56219a64531fb77972a581adb9996241a17456b062314970c949ce5ef8d31ac2bd6e4f0aef9a8a9d7ed7332c63cf19e026e156f8f81b90" size="89800128" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-windows-x86_64--13.5…" hashFunction="SHA512" hashValue="6e772f84a813cddf33a10164de58e43512909b445e42ee93b84627d70b206be0e4eb837f4cd3a2b23dd706e3dce0ad9bda31c3620ea016d818bf75708950b1e7" size="8577815" type="partial"></patch></update></updates> ===================================== update_1/alpha/13.5a6-linux-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5a6" appVersion="13.5a6" platformVersion="115.9.0" buildID="20240327135729" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5a6" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5a6" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-linux-x86_64-13.5a6_…" hashFunction="SHA512" hashValue="44fcf94bf30811ae31ced8d9982988e06e10a1dfa0190b000b34604dcac0d17f1610d6f1c61d59a45ff309ef3b188b9c333b37fde1a2f6a75aca0271f39c6339" size="108111355" type="complete"></patch></update></updates> ===================================== update_1/alpha/13.5a6-macos-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5a6" appVersion="13.5a6" platformVersion="115.9.0" buildID="20240327135729" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5a6" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5a6" minSupportedOSVersion="16.0.0"><patch URL="https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-macos-13.5a6_ALL.mar" hashFunction="SHA512" hashValue="7ad0fd05c9b20bf197f189151f8c67a0f82fa33612643f4dddccaf26ca0592b035984366a3371efdb64ad5cfea71618912656d63e1d859b3b5d5badb8ed128c7" size="115521323" type="complete"></patch></update></updates> ===================================== update_1/alpha/13.5a6-windows-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5a6" appVersion="13.5a6" platformVersion="115.9.0" buildID="20240327135729" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5a6" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5a6" minSupportedOSVersion="6.1" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-windows-x86_64-13.5a…" hashFunction="SHA512" hashValue="77a35c65b2e37e6012e9960ea1d5deca6f76dcb1a5bd76615873b251a984e23372e2a5f028416fcfd04c9acc942136c7846b78785f1f3b25e03805f6e4ef4cdb" size="89742748" type="complete"></patch></update></updates> ===================================== update_1/alpha/13.5a7-linux-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="13.5a7" appVersion="13.5a7" platformVersion="115.10.0" buildID="20240425120000" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5a7" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5a7" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-linux-x86_64-13.5a7_…" hashFunction="SHA512" hashValue="2f3c39a28b3da65e5592c6cf82a48849253e396b66cd564e57213cf1f7aa6946dd4a043cbaae823e8b881578661c16b6997c294a386ab79e9c35e582420532f0" size="108177359" type="complete"></patch></update></updates> ===================================== update_1/alpha/13.5a7-macos-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="13.5a7" appVersion="13.5a7" platformVersion="115.10.0" buildID="20240425120000" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5a7" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5a7" minSupportedOSVersion="16.0.0"><patch URL="https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-macos-13.5a7_ALL.mar" hashFunction="SHA512" hashValue="b169353967ad22a9e5b7f9911db2a0330e494971d98f009543ad29de3ca04d43945eca8707e8ceababcd84ce9e2f52bc02a3e9e343843ae545d6a619ca35aee4" size="115580635" type="complete"></patch></update></updates> ===================================== update_1/alpha/13.5a7-windows-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="13.5a7" appVersion="13.5a7" platformVersion="115.10.0" buildID="20240425120000" detailsURL="https://github.com/mullvad/mullvad-browser/releases/13.5a7" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/13.5a7" minSupportedOSVersion="6.1" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-windows-x86_64-13.5a…" hashFunction="SHA512" hashValue="07b79ad9c1a9be538b56219a64531fb77972a581adb9996241a17456b062314970c949ce5ef8d31ac2bd6e4f0aef9a8a9d7ed7332c63cf19e026e156f8f81b90" size="89800128" type="complete"></patch></update></updates> ===================================== update_1/alpha/download-linux-x86_64.json ===================================== @@ -1 +1 @@ -{"binary":"https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-linux-x86_64-13.5a6.…","git_tag":"mb-13.5a6-build1","sig":"https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-linux-x86_64-13.5a6.…","version":"13.5a6"} \ No newline at end of file +{"binary":"https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-linux-x86_64-13.5a7.…","git_tag":"mb-13.5a7-build2","sig":"https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-linux-x86_64-13.5a7.…","version":"13.5a7"} \ No newline at end of file ===================================== update_1/alpha/download-macos.json ===================================== @@ -1 +1 @@ -{"binary":"https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-macos-13.5a6.dmg","git_tag":"mb-13.5a6-build1","sig":"https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-macos-13.5a6.dmg.asc","version":"13.5a6"} \ No newline at end of file +{"binary":"https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-macos-13.5a7.dmg","git_tag":"mb-13.5a7-build2","sig":"https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-macos-13.5a7.dmg.asc","version":"13.5a7"} \ No newline at end of file ===================================== update_1/alpha/download-windows-x86_64.json ===================================== @@ -1 +1 @@ -{"binary":"https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-windows-x86_64-porta…","git_tag":"mb-13.5a6-build1","sig":"https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-windows-x86_64-porta…","version":"13.5a6"} \ No newline at end of file +{"binary":"https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-windows-x86_64-porta…","git_tag":"mb-13.5a7-build2","sig":"https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-windows-x86_64-porta…","version":"13.5a7"} \ No newline at end of file ===================================== update_1/alpha/downloads.json ===================================== @@ -1 +1 @@ -{"downloads":{"linux-x86_64":{"ALL":{"binary":"https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-linux-x86_64-13.5a6.…","sig":"https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-linux-x86_64-13.5a6.…"}},"macos":{"ALL":{"binary":"https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-macos-13.5a6.dmg","sig":"https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-macos-13.5a6.dmg.asc"}},"win64":{"ALL":{"binary":"https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-windows-x86_64-porta…","sig":"https://cdn.mullvad.net/browser/13.5a6/mullvad-browser-windows-x86_64-porta…"}}},"tag":"mb-13.5a6-build1","version":"13.5a6"} \ No newline at end of file +{"downloads":{"linux-x86_64":{"ALL":{"binary":"https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-linux-x86_64-13.5a7.…","sig":"https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-linux-x86_64-13.5a7.…"}},"macos":{"ALL":{"binary":"https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-macos-13.5a7.dmg","sig":"https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-macos-13.5a7.dmg.asc"}},"win64":{"ALL":{"binary":"https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-windows-x86_64-porta…","sig":"https://cdn.mullvad.net/browser/13.5a7/mullvad-browser-windows-x86_64-porta…"}}},"tag":"mb-13.5a7-build2","version":"13.5a7"} \ No newline at end of file View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser-update-respo… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser-update-respo… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag mb-13.5a7-build2
by boklm (＠boklm) 28 Apr '24

28 Apr '24

boklm pushed new tag mb-13.5a7-build2 at The Tor Project / Applications / tor-browser-build -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/mb-… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41114: Mullvad Browser 13.5a7-build2
by richard (＠richard) 25 Apr '24

25 Apr '24

richard pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 5059b98c by Nicolas Vigier at 2024-04-25T17:01:35+02:00 Bug 41114: Mullvad Browser 13.5a7-build2 Update pkg_revision to force rebuild of linux-packages. Having var/browser_release_date being in the past should solve the reproducibility problem of the deb file. - - - - - 5 changed files: - .gitlab/issue_templates/Release Prep - Mullvad Browser Alpha.md - .gitlab/issue_templates/Release Prep - Mullvad Browser Stable.md - .gitlab/issue_templates/Release Prep - Tor Browser Alpha.md - .gitlab/issue_templates/Release Prep - Tor Browser Stable.md - rbm.conf Changes: ===================================== .gitlab/issue_templates/Release Prep - Mullvad Browser Alpha.md ===================================== @@ -39,7 +39,7 @@ Mullvad Browser Alpha (and Nightly) are on the `main` branch - [ ] Update `rbm.conf` - [ ] `var/torbrowser_version` : update to next version - [ ] `var/torbrowser_build` : update to `$(MULLVAD_BROWSER_BUILD_N)` - - [ ] `var/browser_release_date` : update to build date + - [ ] `var/browser_release_date` : update to build date. For the build to be reproducible, the date should be in the past when building. - [ ] `var/torbrowser_incremental_from` : update to previous Desktop version - **NOTE**: We try to build incrementals for the previous 3 desktop versions except in the case of a watershed update - **IMPORTANT**: Really *actually* make sure this is the previous Desktop version or else the `make mullvadbrowser-incrementals-*` step will fail ===================================== .gitlab/issue_templates/Release Prep - Mullvad Browser Stable.md ===================================== @@ -39,7 +39,7 @@ Mullvad Browser Stable lives in the various `maint-$(MULLVAD_BROWSER_MAJOR).$(MU - [ ] Update `rbm.conf` - [ ] `var/torbrowser_version` : update to next version - [ ] `var/torbrowser_build` : update to `$(MULLVAD_BROWSER_BUILD_N)` - - [ ] `var/browser_release_date` : update to build date + - [ ] `var/browser_release_date` : update to build date. For the build to be reproducible, the date should be in the past when building. - [ ] `var/torbrowser_incremental_from` : update to previous Desktop version - **NOTE**: We try to build incrementals for the previous 3 desktop versions except in the case of a watershed update - **IMPORTANT**: Really *actually* make sure this is the previous Desktop version or else the `make mullvadbrowser-incrementals-*` step will fail ===================================== .gitlab/issue_templates/Release Prep - Tor Browser Alpha.md ===================================== @@ -38,7 +38,7 @@ Tor Browser Alpha (and Nightly) are on the `main` branch - [ ] Update `rbm.conf` - [ ] `var/torbrowser_version` : update to next version - [ ] `var/torbrowser_build` : update to `$(TOR_BROWSER_BUILD_N)` - - [ ] `var/browser_release_date` : update to build date + - [ ] `var/browser_release_date` : update to build date. For the build to be reproducible, the date should be in the past when building. - [ ] ***(Desktop Only)***`var/torbrowser_incremental_from` : update to previous Desktop version - **NOTE**: We try to build incrementals for the previous 3 desktop versions except in the case of a watershed update - **IMPORTANT**: Really *actually* make sure this is the previous Desktop version or else the `make torbrowser-incrementals-*` step will fail ===================================== .gitlab/issue_templates/Release Prep - Tor Browser Stable.md ===================================== @@ -38,7 +38,7 @@ Tor Browser Stable lives in the various `maint-$(TOR_BROWSER_MAJOR).$(TOR_BROWSE - [ ] Update `rbm.conf` - [ ] `var/torbrowser_version` : update to next version - [ ] `var/torbrowser_build` : update to `$(TOR_BROWSER_BUILD_N)` - - [ ] `var/browser_release_date` : update to build date + - [ ] `var/browser_release_date` : update to build date. For the build to be reproducible, the date should be in the past when building. - [ ] ***(Desktop Only)***`var/torbrowser_incremental_from` : update to previous Desktop version - **NOTE**: We try to build incrementals for the previous 3 desktop versions except in the case of a watershed update - **IMPORTANT**: Really *actually* make sure this is the previous Desktop version or else the `make torbrowser-incrementals-*` step will fail ===================================== rbm.conf ===================================== @@ -74,11 +74,13 @@ buildconf: var: torbrowser_version: '13.5a7' - torbrowser_build: 'build1' + torbrowser_build: 'build2' torbrowser_incremental_from: - '13.5a6' - '13.5a5' - '13.5a4' + # This should be the date of when the build is started. For the build + # to be reproducible, browser_release_date should always be in the past. browser_release_date: '2024/04/25 12:00:00' browser_release_date_timestamp: '[% USE date; date.format(c("var/browser_release_date"), "%s") %]' updater_enabled: 1 View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/5… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/5… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.10.0esr-13.5-1] fixup! Tor Browser strings
by Pier Angelo Vendrame (＠pierov) 24 Apr '24

24 Apr '24

Pier Angelo Vendrame pushed to branch tor-browser-115.10.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 29ff3f1e by Henry Wilkes at 2024-04-24T16:53:07+01:00 fixup! Tor Browser strings Bug 42545: Rename "onionsite" to "onion site" in Fluent. - - - - - 1 changed file: - toolkit/locales/en-US/toolkit/global/tor-browser.ftl Changes: ===================================== toolkit/locales/en-US/toolkit/global/tor-browser.ftl ===================================== @@ -611,25 +611,25 @@ rulesets-details-scope-input = # "Regular expression" refers to the computing term for a special pattern used for matching: https://en.wikipedia.org/wiki/Regular_expression. rulesets-details-scope-input-invalid = The scope could not be parsed as a regular expression -## Onionsite error page. -## "Onionsite" is an abbreviation of "onion website": a website whose domain URL ends in ".onion", which is reachable through the Tor network. +## Onion site error page. +## "Onion site" is an abbreviation of "onion website": a website whose domain URL ends in ".onion", which is reachable through the Tor network. -onion-neterror-page-title = Problem loading onionsite +onion-neterror-page-title = Problem loading onion site onion-neterror-authorization-title = Authentication required -onion-neterror-not-found-header = Onionsite not found -onion-neterror-not-found-description = The most likely cause is that the onionsite is offline. Contact the onionsite administrator. -onion-neterror-unreachable-header = Onionsite cannot be reached -onion-neterror-unreachable-description = The onionsite is unreachable due an internal error. -onion-neterror-disconnected-header = Onionsite has disconnected -onion-neterror-disconnected-description = The most likely cause is that the onionsite is offline. Contact the onionsite administrator. -onion-neterror-connection-failed-header = Unable to connect to onionsite -onion-neterror-connection-failed-description = The onionsite is busy or the Tor network is overloaded. Try again later. -onion-neterror-missing-authentication-header = Onionsite requires authentication -onion-neterror-missing-authentication-description = Access to the onionsite requires a key but none was provided. -onion-neterror-incorrect-authentication-header = Onionsite authentication failed -onion-neterror-incorrect-authetication-description = The provided key is incorrect or has been revoked. Contact the onionsite administrator. -onion-neterror-invalid-address-header = Invalid onionsite address -onion-neterror-invalid-address-description = The provided onionsite address is invalid. Please check that you entered it correctly. +onion-neterror-not-found-header = Onion site not found +onion-neterror-not-found-description = The most likely cause is that the onion site is offline. Contact the onion site administrator. +onion-neterror-unreachable-header = Onion site cannot be reached +onion-neterror-unreachable-description = The onion site is unreachable due an internal error. +onion-neterror-disconnected-header = Onion site has disconnected +onion-neterror-disconnected-description = The most likely cause is that the onion site is offline. Contact the onion site administrator. +onion-neterror-connection-failed-header = Unable to connect to onion site +onion-neterror-connection-failed-description = The onion site is busy or the Tor network is overloaded. Try again later. +onion-neterror-missing-authentication-header = Onion site requires authentication +onion-neterror-missing-authentication-description = Access to the onion site requires a key but none was provided. +onion-neterror-incorrect-authentication-header = Onion site authentication failed +onion-neterror-incorrect-authetication-description = The provided key is incorrect or has been revoked. Contact the onion site administrator. +onion-neterror-invalid-address-header = Invalid onion site address +onion-neterror-invalid-address-description = The provided onion site address is invalid. Please check that you entered it correctly. # "Circuit" refers to a Tor network circuit. -onion-neterror-timed-out-header = Onionsite circuit creation timed out -onion-neterror-timed-out-description = Failed to connect to the onionsite, possibly due to a poor network connection. +onion-neterror-timed-out-header = Onion site circuit creation timed out +onion-neterror-timed-out-description = Failed to connect to the onion site, possibly due to a poor network connection. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/29ff3f1… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/29ff3f1… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.10.0esr-13.5-1] fixup! Lox integration
by Pier Angelo Vendrame (＠pierov) 24 Apr '24

24 Apr '24

Pier Angelo Vendrame pushed to branch tor-browser-115.10.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 300bf571 by Henry Wilkes at 2024-04-24T12:27:50+00:00 fixup! Lox integration Bug 42543: Demote the validateInvitation console message to "info". - - - - - 1 changed file: - toolkit/components/lox/Lox.sys.mjs Changes: ===================================== toolkit/components/lox/Lox.sys.mjs ===================================== @@ -612,7 +612,7 @@ class LoxImpl { try { lazy.invitation_is_trusted(invite); } catch (err) { - lazy.logger.error(err); + lazy.logger.info(`Does not parse as an invite: "${invite}".`, err); return false; } return true; View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/300bf57… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/300bf57… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.10.0esr-13.5-1] fixup! Bug 40933: Add tor-launcher functionality
by Pier Angelo Vendrame (＠pierov) 24 Apr '24

24 Apr '24

Pier Angelo Vendrame pushed to branch tor-browser-115.10.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: a5f43320 by Pier Angelo Vendrame at 2024-04-23T18:40:17+02:00 fixup! Bug 40933: Add tor-launcher functionality Bug 42541: Bridges without fingerprint break the circuit display. The circuit display backend relies on GETCONF bridges because we want to know the pluggable transport for the circuit display and, as far as I can tell, no GETINFO command includes this information. However, when we get a circuit from tor, we get its fingerprint, which is optional on the bridge lines. Therefore, in some cases we did not have the data to display, and we just hid the circuit display button. With this commit, when we miss the fingerprint of a bridge, we try to get it in another way. It might produce incorrect results (we rely on the IP address the user passes on the bridge line), but at least it will show the circuit display. - - - - - 1 changed file: - toolkit/components/tor-launcher/TorControlPort.sys.mjs Changes: ===================================== toolkit/components/tor-launcher/TorControlPort.sys.mjs ===================================== @@ -795,7 +795,64 @@ export class TorController { * @returns {Bridge[]} The configured bridges */ async getBridges() { - return (await this.#getConf("BRIDGE")).map(TorParsers.parseBridgeLine); + let missingId = false; + const bridges = (await this.#getConf("BRIDGE")).map(line => { + const info = TorParsers.parseBridgeLine(line); + if (!info.id) { + missingId = true; + } + return info; + }); + + // tor-browser#42541: bridge lines are allowed not to have a fingerprint. + // If such a bridge is in use, we will fail to associate it to the circuits, + // and the circuit display will not be shown. + // Tor provides a couple of GETINFO commands we can try to use to get more + // data about bridges, in particular GETINFO ns/purpose/bridge. + // While it tells us the bridge's IP (as configured by the user, which might + // be different from the real one with some PTs such as Snowflake), it does + // not tell the pluggable transport. + // Therefore, we need to start from the configured bridge lines, and if we + // detect that a bridge does not have a fingerprint, we try to associate one + // through its IP address and port. + // However, users can set them directly, therefore we might end up setting + // a fingerprint to the wrong line (e.g., if the IP address is reused). + // Also, we are not sure about when the data of ns/purpose/bridge is + // populated. + // Usually, we are interested only in the data of currently active bridges + // for the circuit display. So, as a matter of fact, we expect to have + // entries and to expose only the correct and working data in the frontend. + if (missingId) { + // See https://spec.torproject.org/dir-spec/consensus-formats.html. + // r <name> <identity> <digest> <date> <time> <address> <orport> <dirport> + const info = (await this.#getInfo("ns/purpose/bridge")).matchAll( + /^r\s+\S+\s+(?<identity>\S+)\s+\S+\s+\S+\s+\S+\s+(?<address>\S+)\s+(?<orport>\d+)/gm + ); + const b64ToHex = b64 => { + let hex = ""; + const raw = atob(b64); + for (let i = 0; i < raw.length; i++) { + hex += raw.charCodeAt(i).toString(16).toUpperCase().padStart(2, "0"); + } + return hex; + }; + const knownBridges = new Map( + Array.from(info, m => [ + `${m.groups.address}:${m.groups.orport}`, + b64ToHex(m.groups.identity), + ]) + ); + for (const b of bridges) { + if (!b.id) { + // We expect the addresses of these lines to be only IPv4, therefore + // we do not check for brackets, even though they might be matched by + // our regex. + b.id = knownBridges.get(b.addr) ?? ""; + } + } + } + + return bridges; } /** View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/a5f4332… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/a5f4332… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new tag mullvad-browser-115.10.0esr-13.5-1-build2
by Pier Angelo Vendrame (＠pierov) 23 Apr '24

23 Apr '24

Pier Angelo Vendrame pushed new tag mullvad-browser-115.10.0esr-13.5-1-build2 at The Tor Project / Applications / Mullvad Browser -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-115.10.0esr-13.5-1-build2
by Pier Angelo Vendrame (＠pierov) 23 Apr '24

23 Apr '24

Pier Angelo Vendrame pushed new tag tor-browser-115.10.0esr-13.5-1-build2 at The Tor Project / Applications / Tor Browser -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag mb-13.5a7-build1
by Pier Angelo Vendrame (＠pierov) 23 Apr '24

23 Apr '24

Pier Angelo Vendrame pushed new tag mb-13.5a7-build1 at The Tor Project / Applications / tor-browser-build -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/mb-… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag tbb-13.5a7-build1
by Pier Angelo Vendrame (＠pierov) 23 Apr '24

23 Apr '24

Pier Angelo Vendrame pushed new tag tbb-13.5a7-build1 at The Tor Project / Applications / tor-browser-build -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/tbb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/firefox-android] Pushed new tag firefox-android-115.2.1-13.5-1-build9
by Dan Ballard (＠dan) 23 Apr '24

23 Apr '24

Dan Ballard pushed new tag firefox-android-115.2.1-13.5-1-build9 at The Tor Project / Applications / firefox-android -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/tree/firef… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41113, 41114: Prepare Tor, Mullvad Browser 13.5a7
by Pier Angelo Vendrame (＠pierov) 23 Apr '24

23 Apr '24

Pier Angelo Vendrame pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: c382ec2a by Richard Pospesel at 2024-04-23T19:33:00+02:00 Bug 41113,41114: Prepare Tor,Mullvad Browser 13.5a7 - - - - - 13 changed files: - projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt - projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt - projects/browser/allowed_addons.json - projects/browser/config - projects/firefox-android/config - projects/firefox/config - projects/geckoview/config - projects/go/config - projects/manual/config - projects/tor/config - projects/translation/config - projects/zstd/config - rbm.conf Changes: ===================================== projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt ===================================== @@ -1,3 +1,52 @@ +Mullvad Browser 13.5a7 - April 25 2024 + * All Platforms + * Updated Firefox to 115.10.0esr + * Updated uBlock Origin to 1.57.2 + * Bug 283: New identity complains about about:mullvad-browser [mullvad-browser] + * Bug 289: The Letterboxing>Content Alignment heading doesn't follow the Firefox design document capitalization [mullvad-browser] + * Bug 291: Rebase Mullvad Browser Alpha onto 115.10.0esr [mullvad-browser] + * Bug 40919: Consider dropping protection against line-height introduced in #23104 [tor-browser] + * Bug 42172: browser.startup.homepage and TOR_DEFAULT_HOMEPAGE are ignored for the new window opened by New Identity [tor-browser] + * Bug 42192: Correctly round new windows when bookmarks toolbar is set to "Only Show on New Tab" [tor-browser] + * Bug 42315: compat: why is eventCounts undefined? [tor-browser] + * Bug 42490: Install svg from branding theme to browser/chrome/icons/default [tor-browser] + * Bug 42500: When startup window is maximized per letterboxing.rememberSize on startup, the restore button shrinks it to its minimum size [tor-browser] + * Bug 42520: Correctly record new initial window size after auto-shrinking [tor-browser] + * Bug 42529: Try not to spoof system-ui in contexts exempt from RFP [tor-browser] + * Bug 42532: Use the HomePage module for new identity checks [tor-browser] + * Bug 42537: Move Fluent files from "browser" to "toolkit" [tor-browser] + * Windows + * Bug 41901: windows: FontSubstitutes can leak system locale [tor-browser] + * Linux + * Bug 41112: Fix indentation of projects/browser/RelativeLink/start-browser [tor-browser-build] + * Build System + * All Platforms + * Bug 282: Move `--disable-eme` to OS- and architecture-specific mozconfigs [mullvad-browser] + * Bug 42519: Update the profile directory patch to check both for `system-install` and for `is-packaged-app` file [tor-browser] + * Bug 41122: Add release date to rbm.conf [tor-browser-build] + * macOS + * Bug 42535: mac: app change to ja doesn't apply ja translations to most (all?) chrome [tor-browser] + * Bug 41124: Since TB/MB 13.5a5 macos signed installers contain all .DS_Store [tor-browser-build] + * Linux + * Bug 42491: Add mozconfig-linux-aarch64 [tor-browser] + * Bug 41083: Make deb package for Mullvad Browser [tor-browser-build] + +Mullvad Browser 13.0.14 - April 16 2024 + * All Platforms + * Updated Firefox to 115.10.0esr + * Updated uBlock Origin to 1.57.2 + * Bug 271: After update, don't open the release page on Github. Instead link it in the startpage, like in Tor Browser [mullvad-browser] + * Bug 283: New identity complains about about:mullvad-browser [mullvad-browser] + * Bug 285: Rebase Mullvad Browser stable onto 115.10.0esr [mullvad-browser] + * Bug 41676: Set privacy.resistFingerprinting.testing.setTZtoUTC as a defense-in-depth [tor-browser] + * Bug 42236: Let users decide whether to load their home page on new identity. [tor-browser] + * Bug 42335: Do not localize the order of locales for app lang [tor-browser] + * Bug 42428: Timezone offset leak via document.lastModified [tor-browser] + * Bug 42468: App languages not sorted correctly in stable [tor-browser] + * Bug 42472: Timezone May leak from XSLT Date function [tor-browser] + * Linux + * Bug 41110: Avoid Fontconfig warning about "ambiguous path" [tor-browser-build] + Mullvad Browser 13.5a6 - March 28 2024 * All Platforms * Updated Firefox to 115.9.0esr ===================================== projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt ===================================== @@ -1,3 +1,93 @@ +Tor Browser 13.5a7 - April 25 2024 + * All Platforms + * Updated Tor to 0.4.8.11 + * Bug 40919: Consider dropping protection against line-height introduced in #23104 [tor-browser] + * Bug 42315: compat: why is eventCounts undefined? [tor-browser] + * Bug 42476: Only allow Lox (invites) in alpha and nightly builds [tor-browser] + * Bug 42479: Switch from localized strings to error codes in TorConnect errors [tor-browser] + * Bug 42512: Rebase Tor Browser alpha onto 115.10.0esr [tor-browser] + * Bug 42521: Remove unused onboarding strings [tor-browser] + * Bug 42529: Try not to spoof system-ui in contexts exempt from RFP [tor-browser] + * Bug 42537: Move Fluent files from "browser" to "toolkit" [tor-browser] + * Bug 42538: Move onion icons to toolkit [tor-browser] + * Bug 41111: Use Lyrebird to provide WebTunnel PT Client [tor-browser-build] + * Windows + macOS + Linux + * Updated Firefox to 115.10.0esr + * Bug 40843: Add a working state to the Internet test button in connection settings [tor-browser] + * Bug 41622: Convert onion site errors to the new neterror template [tor-browser] + * Bug 41966: Cannot remove locales from the locale alternatives list [tor-browser] + * Bug 42192: Correctly round new windows when bookmarks toolbar is set to "Only Show on New Tab" [tor-browser] + * Bug 42202: Fluent migration: crypto safety [tor-browser] + * Bug 42206: Fluent migration: about:rulesets [tor-browser] + * Bug 42207: Fluent migration: preferences [tor-browser] + * Bug 42210: Fluent migration: download warning [tor-browser] + * Bug 42457: Loading icon for bridge pass (Lox) invites [tor-browser] + * Bug 42489: Lox module notifications [tor-browser] + * Bug 42490: Install svg from branding theme to browser/chrome/icons/default [tor-browser] + * Bug 42496: Moat refresh bug [tor-browser] + * Bug 42500: When startup window is maximized per letterboxing.rememberSize on startup, the restore button shrinks it to its minimum size [tor-browser] + * Bug 42504: TB Bookmarks: Add the Tor forum .onion to the bookmarks [tor-browser] + * Bug 42510: SETCONF Tor control protocol command should not be used when system Tor is configured / TOR_SKIP_LAUNCH=1 is not honored [tor-browser] + * Bug 42511: false positive message: browser tab bar shows "Not connected" even though connected in a system Tor etc. context [tor-browser] + * Bug 42520: Correctly record new initial window size after auto-shrinking [tor-browser] + * Bug 42532: Use the HomePage module for new identity checks [tor-browser] + * Bug 42533: Add Lox notification for activeLoxId [tor-browser] + * Bug 42540: Fix gNetworkStatus.deinint typo [tor-browser] + * Bug 289: The Letterboxing>Content Alignment heading doesn't follow the Firefox design document capitalization [mullvad-browser] + * Windows + * Bug 41901: windows: FontSubstitutes can leak system locale [tor-browser] + * Linux + * Bug 41112: Fix indentation of projects/browser/RelativeLink/start-browser [tor-browser-build] + * Android + * Updated GeckoView to 115.10.0esr + * Updated zstd to 1.5.6 + * Bug 42017: TBA13: system/widget font tests: font-family not returned in getComputedStyle [tor-browser] + * Bug 42195: Fix "What's new" URL to direct to latest version [tor-browser] + * Bug 42486: firefox-android bridge settings sometimes dont save [tor-browser] + * Bug 42522: The quick connect switch on Android seems too much on the right side [tor-browser] + * Build System + * All Platforms + * Updated Go to 1.21.9 + * Bug 42516: Make tb-dev worktree-compatible [tor-browser] + * Bug 41122: Add release date to rbm.conf [tor-browser-build] + * Windows + macOS + Linux + * Bug 42501: Move `--disable-eme` to OS- and architecture-specific mozconfigs [tor-browser] + * Bug 42519: Update the profile directory patch to check both for `system-install` and for `is-packaged-app` file [tor-browser] + * macOS + * Bug 42535: mac: app change to ja doesn't apply ja translations to most (all?) chrome [tor-browser] + * Bug 41124: Since TB/MB 13.5a5 macos signed installers contain all .DS_Store [tor-browser-build] + * Linux + * Bug 42491: Add mozconfig-linux-aarch64 [tor-browser] + * Android + * Bug 40992: Updated torbrowser_version number is not enough to change firefox-android versionCode number [tor-browser-build] + * Bug 41127: Android testbuilds fail because of the too early MOZ_BUILD_DATE [tor-browser-build] + +Tor Browser 13.0.14 - April 16 2024 + * All Platforms + * Updated Tor to 0.4.8.11 + * Bug 41676: Set privacy.resistFingerprinting.testing.setTZtoUTC as a defense-in-depth [tor-browser] + * Bug 42335: Do not localize the order of locales for app lang [tor-browser] + * Bug 42428: Timezone offset leak via document.lastModified [tor-browser] + * Bug 42472: Timezone may leak from XSLT Date function [tor-browser] + * Bug 42508: Rebase Tor Browser stable onto 115.10.0esr [tor-browser] + * Windows + macOS + Linux + * Updated Firefox to 115.10.0esr + * Bug 42172: browser.startup.homepage and TOR_DEFAULT_HOMEPAGE are ignored for the new window opened by New Identity [tor-browser] + * Bug 42236: Let users decide whether to load their home page on new identity. [tor-browser] + * Bug 42468: App languages not sorted correctly in stable [tor-browser] + * Linux + * Bug 41110: Avoid Fontconfig warning about "ambiguous path" [tor-browser-build] + * Android + * Updated GeckoView to 115.10.0esr + * Bug 42509: Backport Android security fixes from Firefox 125 [tor-browser] + * Build System + * All Platforms + * Updated Go to 1.21.8 + * Bug 41107: Update download-unsigned-sha256sums-gpg-signatures-from-people-tpo for new type of URL [tor-browser-build] + * Bug 41122: Add release date to rbm.conf [tor-browser-build] + * Android + * Bug 40992: Updated torbrowser_version number is not enough to change firefox-android versionCode number [tor-browser-build] + Tor Browser 13.5a6 - March 28 2024 * All Platforms * Bug 41114: Fix no-async-promise-executor on TorConnect [tor-browser] ===================================== projects/browser/allowed_addons.json ===================================== @@ -17,18 +17,19 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/34/9734/13299734/13299734.pn…" } ], - "average_daily_users": 1157805, + "average_daily_users": 1162909, "categories": { "firefox": [ "web-development", "appearance", - "other" + "other", + "accessibility" ] }, "contributions_url": "https://opencollective.com/darkreader?utm_content=product-page-contribute&u…", "created": "2017-09-19T07:03:00Z", "current_version": { - "id": 5705306, + "id": 5718683, "compatibility": { "firefox": { "min": "78.0", @@ -39,7 +40,7 @@ "max": "*" } }, - "edit_url": "https://addons.mozilla.org/en-US/developers/addon/darkreader/versions/57053…", + "edit_url": "https://addons.mozilla.org/en-US/developers/addon/darkreader/versions/57186…", "is_strict_compatibility_enabled": false, "license": { "id": 22, @@ -50,22 +51,22 @@ "url": "http://www.opensource.org/license/mit" }, "release_notes": { - "en-US": "- Analyze inline background images for root elements.\n- Support for \"background\" attribute.\n- Fixed performance for asynchronously resolved inline styles.\n- Fixed freezes and incorrect work on several websites.\n- Dev Tools: Formatting of CSS fixes.\n- Users' fixes for websites." + "en-US": "- Reduced memory consumption.\n- Fixed iframes' background colors.\n- Optimized CSS @import loading.\n- Users' fixes for websites." }, - "reviewed": "2024-03-18T08:14:15Z", - "version": "4.9.80", + "reviewed": "2024-04-15T06:53:51Z", + "version": "4.9.83", "files": [ { - "id": 4249607, - "created": "2024-03-13T17:13:44Z", - "hash": "sha256:a93f1250b72cc27fe4a9b02be062c68fb079e45a1233d562852b48e1e9b99307", + "id": 4262984, + "created": "2024-04-10T20:40:08Z", + "hash": "sha256:a43cca2449de202d17040b0d91b2fb3ed4dd58ac81ec5d3fde4c9940d326c822", "is_restart_required": false, "is_webextension": true, "is_mozilla_signed_extension": false, "platform": "all", - "size": 731722, + "size": 736649, "status": "public", - "url": "https://addons.mozilla.org/firefox/downloads/file/4249607/darkreader-4.9.80…", + "url": "https://addons.mozilla.org/firefox/downloads/file/4262984/darkreader-4.9.83…", "permissions": [ "alarms", "contextMenus", @@ -143,7 +144,7 @@ }, "is_disabled": false, "is_experimental": false, - "last_updated": "2024-03-18T08:14:15Z", + "last_updated": "2024-04-15T06:53:51Z", "name": { "ar": "Dark Reader", "bn": "Dark Reader", @@ -218,10 +219,10 @@ "category": "recommended" }, "ratings": { - "average": 4.5332, - "bayesian_average": 4.532093960246261, - "count": 5531, - "text_count": 1747 + "average": 4.5327, + "bayesian_average": 4.531595695870713, + "count": 5574, + "text_count": 1752 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/darkreader/reviews/", "requires_payment": false, @@ -318,7 +319,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/darkreader/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/darkreader/versions/", - "weekly_downloads": 23454 + "weekly_downloads": 22901 }, "notes": null }, @@ -334,7 +335,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/56/7656/6937656/6937656.png?…" } ], - "average_daily_users": 266335, + "average_daily_users": 265075, "categories": { "firefox": [ "privacy-security" @@ -343,18 +344,18 @@ "contributions_url": "https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=decentraleyes…", "created": "2014-06-10T05:46:02Z", "current_version": { - "id": 5613891, + "id": 5711487, "compatibility": { "firefox": { - "min": "56.0a1", + "min": "78.0", "max": "*" }, "android": { - "min": "56.0a1", + "min": "113.0", "max": "*" } }, - "edit_url": "https://addons.mozilla.org/en-US/developers/addon/decentraleyes/versions/56…", + "edit_url": "https://addons.mozilla.org/en-US/developers/addon/decentraleyes/versions/57…", "is_strict_compatibility_enabled": false, "license": { "id": 3338, @@ -365,22 +366,22 @@ "url": "http://www.mozilla.org/MPL/2.0/" }, "release_notes": { - "en-US": "<i>Enhancements:</i>\n\n- Improved object property evaluation logic.\n\n<i>Other changes:</i>\n\n- Applied various performance optimizations and stability improvements.\n- Updated resource audit tool dependencies." + "en-US": "<i>Enhancements:</i>\n\n- Added additional resources to the staging environment.\n\n<i>Other changes:</i>\n\n- Implemented mobile extension signing-related changes.\n- Improved and extended the resource audit tool." }, - "reviewed": "2023-08-30T12:55:12Z", - "version": "2.0.18", + "reviewed": "2024-03-28T20:50:08Z", + "version": "2.0.19", "files": [ { - "id": 4158232, - "created": "2023-08-24T20:38:03Z", - "hash": "sha256:f8f031ef91c02a1cb1a6552acd02b8f488693400656b4047d68f03ba0a1078d9", + "id": 4255788, + "created": "2024-03-26T20:59:58Z", + "hash": "sha256:105d65bf8189d527251647d0452715c5725af6065fba67cd08187190aae4a98f", "is_restart_required": false, "is_webextension": true, "is_mozilla_signed_extension": false, "platform": "all", - "size": 6951879, + "size": 7180376, "status": "public", - "url": "https://addons.mozilla.org/firefox/downloads/file/4158232/decentraleyes-2.0…", + "url": "https://addons.mozilla.org/firefox/downloads/file/4255788/decentraleyes-2.0…", "permissions": [ "*://*/*", "privacy", @@ -470,7 +471,7 @@ }, "is_disabled": false, "is_experimental": false, - "last_updated": "2023-08-30T12:55:12Z", + "last_updated": "2024-03-28T20:50:08Z", "name": { "ar": "Decentraleyes", "bg": "Decentraleyes", @@ -547,10 +548,10 @@ "category": "recommended" }, "ratings": { - "average": 4.7986, - "bayesian_average": 4.793974484524402, - "count": 1415, - "text_count": 255 + "average": 4.7963, + "bayesian_average": 4.791679941683995, + "count": 1424, + "text_count": 258 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/reviews/", "requires_payment": false, @@ -635,7 +636,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/versions/", - "weekly_downloads": 3292 + "weekly_downloads": 3048 }, "notes": null }, @@ -651,7 +652,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/73/4073/5474073/5474073.png?…" } ], - "average_daily_users": 1231658, + "average_daily_users": 1227790, "categories": { "firefox": [ "privacy-security" @@ -1170,10 +1171,10 @@ "category": "recommended" }, "ratings": { - "average": 4.7988, - "bayesian_average": 4.796088382620796, - "count": 2415, - "text_count": 458 + "average": 4.798, + "bayesian_average": 4.795280100065183, + "count": 2421, + "text_count": 457 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/reviews/", "requires_payment": false, @@ -1197,7 +1198,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/versions/", - "weekly_downloads": 22533 + "weekly_downloads": 19870 }, "notes": null }, @@ -1213,7 +1214,7 @@ "picture_url": null } ], - "average_daily_users": 7819848, + "average_daily_users": 7852360, "categories": { "firefox": [ "privacy-security" @@ -1222,7 +1223,7 @@ "contributions_url": "", "created": "2015-04-25T07:26:22Z", "current_version": { - "id": 5693353, + "id": 5717409, "compatibility": { "firefox": { "min": "78.0", @@ -1233,7 +1234,7 @@ "max": "*" } }, - "edit_url": "https://addons.mozilla.org/en-US/developers/addon/ublock-origin/versions/56…", + "edit_url": "https://addons.mozilla.org/en-US/developers/addon/ublock-origin/versions/57…", "is_strict_compatibility_enabled": false, "license": { "id": 6, @@ -1244,22 +1245,22 @@ "url": "http://www.gnu.org/licenses/gpl-3.0.html" }, "release_notes": { - "en-US": "See complete release notes for <a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/d2b406aad3a1689d93242d…" rel=\"nofollow\">1.56.0</a>.\n\n<b>Fixes / changes</b>\n\n<ul><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/39dfcbf564824557b9576b…" rel=\"nofollow\">Mind that multiple <code>uritransform</code> may apply to a single request</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/a81992f7ab9a23a438d94b…" rel=\"nofollow\">Fix incorrect built-in filtering expression in logger</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/e88d43f67c0962312b76d6…" rel=\"nofollow\">Fix improper invalidation of valid <code>uritransform</code> exception filters</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/0f3549a7d85e6616619d00…" rel=\"nofollow\">Improve <code>prevent-addEventListener</code> scriptlet</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/378d2611f7de534428615a…" rel=\"nofollow\">Fix Chartbeat flicker control <code>div</code>'s</a> (by @ryanbr)</li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/bbf6c43dcdb62ea74fd182…" rel=\"nofollow\">Fix potential exfiltration of browsing history by a rogue list author through <code>permissions=</code></a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/93a9a64cf8ec890f9a478c…" rel=\"nofollow\">Ignore event handler-related attributes in <code>set-attr</code> scriptlet</a> (suggested by @distinctmondaylilac)</li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/4ed2b2948421552ce1c170…" rel=\"nofollow\">Fix potential exfiltration of browsing history by a rogue list author through <code>csp=</code></a> (reported by @distinctmondaylilac)</li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/0fc7f9c779a1eb0dde44e6…" rel=\"nofollow\">Output scriptlet logging information to the logger</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/0dc5f09464b305050627d6…" rel=\"nofollow\">Fix decompiling of scriptlet parameters</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/5a4d736ff47d1505619f0b…" rel=\"nofollow\">Add support for <code>extraMatch</code> in <code>trusted-click-element</code> scriptlet</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/439735e662e837889e0dbe…" rel=\"nofollow\">Remove minimum height constraint from \"My filters\" pane</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/ef423b580af2dea4a9a044…" rel=\"nofollow\">Unregister all scriptlets when disabling uBO on a specific site</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/e06c923bfb016c184026f7…" rel=\"nofollow\">Allow <code>uritransform</code> to process the hash part of a URL</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/3e0f743a60bf78bced8580…" rel=\"nofollow\">Remember presentation state of \"My rules\" pane</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/819053ea32148fd9ad7c6c…" rel=\"nofollow\">Fix improperly assembled <code>!#include</code> sublists</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/9506d56abc46f95d7412b9…" rel=\"nofollow\">Mark procedural filters with pseudo-elements selector as invalid</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/9b18234e17c6871170acd1…" rel=\"nofollow\">Prevent access to picker when \"My filters\" is not enabled</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/f990e686b6eacbbd0bd43a…" rel=\"nofollow\">Provide visual feedback when applying changes in \"Filter lists\" pane</a></li><li>[...]</li></ul>\n<a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/738859f7b07778caaaa182…" rel=\"nofollow\">Commits history since last version</a>" + "en-US": "See complete release notes for <a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/65a30f1a59ac2ef295f469…" rel=\"nofollow\">1.57.2</a>.\n\nThis is an emergency release to fix an issue causing differential updates to fail. The issue primarily affected Firefox because of uBO's use of indexedDB prior to 1.57.0. The issue did not affect full update of filter lists even though the asset viewer would show old versions of those lists (internally uBO compiles lists and would still correctly compile from lists fetched by full updater).\n\n<b>Fixes / changes</b>\n\n<a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/92c6c66077821bbbc4fd82…" rel=\"nofollow\">Fix stray lists in redesigned cache storage</a>\n\n<a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/ad79f1669e12cf4cb05689…" rel=\"nofollow\">Commits history since last version</a>" }, - "reviewed": "2024-02-20T18:51:52Z", - "version": "1.56.0", + "reviewed": "2024-04-10T09:01:57Z", + "version": "1.57.2", "files": [ { - "id": 4237670, - "created": "2024-02-17T14:54:31Z", - "hash": "sha256:f5fbeeac511ca4e10a74723413727fda8e6f9236c726d16eb54ade1fbe7be5be", + "id": 4261710, + "created": "2024-04-08T13:51:42Z", + "hash": "sha256:9928e79a52cecf7cfa231fdb0699c7d7a427660d94eb10d711ed5a2f10d2eb89", "is_restart_required": false, "is_webextension": true, "is_mozilla_signed_extension": false, "platform": "all", - "size": 3819727, + "size": 3861786, "status": "public", - "url": "https://addons.mozilla.org/firefox/downloads/file/4237670/ublock_origin-1.5…", + "url": "https://addons.mozilla.org/firefox/downloads/file/4261710/ublock_origin-1.5…", "permissions": [ "alarms", "dns", @@ -1379,7 +1380,7 @@ }, "is_disabled": false, "is_experimental": false, - "last_updated": "2024-03-26T17:25:30Z", + "last_updated": "2024-04-22T10:35:19Z", "name": { "ar": "uBlock Origin", "bg": "uBlock Origin", @@ -1524,10 +1525,10 @@ "category": "recommended" }, "ratings": { - "average": 4.7892, - "bayesian_average": 4.788825346990968, - "count": 17455, - "text_count": 4552 + "average": 4.7888, + "bayesian_average": 4.788425633486962, + "count": 17570, + "text_count": 4578 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/reviews/", "requires_payment": false, @@ -1590,7 +1591,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/versions/", - "weekly_downloads": 158166 + "weekly_downloads": 157043 }, "notes": null }, @@ -1606,7 +1607,7 @@ "picture_url": null } ], - "average_daily_users": 178562, + "average_daily_users": 180840, "categories": { "firefox": [ "photos-music-videos", @@ -1702,10 +1703,10 @@ "category": "recommended" }, "ratings": { - "average": 4.4481, - "bayesian_average": 4.443180454772495, - "count": 1214, - "text_count": 467 + "average": 4.446, + "bayesian_average": 4.441120511767687, + "count": 1231, + "text_count": 478 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/video-background-play-fix/re…", "requires_payment": false, @@ -1727,7 +1728,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/video-background-play-fix/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/video-background-play-fix/ve…", - "weekly_downloads": 386 + "weekly_downloads": 367 }, "notes": null }, @@ -1743,7 +1744,7 @@ "picture_url": null } ], - "average_daily_users": 77166, + "average_daily_users": 74977, "categories": { "firefox": [ "privacy-security", @@ -1853,10 +1854,10 @@ ], "promoted": null, "ratings": { - "average": 4.3753, - "bayesian_average": 4.3611016639271964, - "count": 405, - "text_count": 114 + "average": 4.3768, + "bayesian_average": 4.3623663717329295, + "count": 406, + "text_count": 115 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-possum/reviews/", "requires_payment": false, @@ -1878,7 +1879,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-possum/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-possum/versions/", - "weekly_downloads": 1963 + "weekly_downloads": 622 }, "notes": null }, @@ -1894,7 +1895,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/64/9064/12929064/12929064.pn…" } ], - "average_daily_users": 309800, + "average_daily_users": 313979, "categories": { "firefox": [ "search-tools", @@ -2111,10 +2112,10 @@ "category": "recommended" }, "ratings": { - "average": 4.6336, - "bayesian_average": 4.629244598584173, - "count": 1441, - "text_count": 284 + "average": 4.6337, + "bayesian_average": 4.629361656130135, + "count": 1455, + "text_count": 286 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/search_by_image/reviews/", "requires_payment": false, @@ -2137,7 +2138,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/search_by_image/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/search_by_image/versions/", - "weekly_downloads": 5510 + "weekly_downloads": 5338 }, "notes": null }, @@ -2160,7 +2161,7 @@ "picture_url": null } ], - "average_daily_users": 124783, + "average_daily_users": 126198, "categories": { "firefox": [ "search-tools", @@ -2441,10 +2442,10 @@ "category": "recommended" }, "ratings": { - "average": 4.3766, - "bayesian_average": 4.372232748328777, - "count": 1341, - "text_count": 379 + "average": 4.3816, + "bayesian_average": 4.377221344459828, + "count": 1347, + "text_count": 380 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/google-search-fixer/reviews/", "requires_payment": false, @@ -2464,7 +2465,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/google-search-fixer/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/google-search-fixer/versions/", - "weekly_downloads": 26 + "weekly_downloads": 37 }, "notes": null }, @@ -2480,7 +2481,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/43/0143/143/143.png?modified…" } ], - "average_daily_users": 307654, + "average_daily_users": 305131, "categories": { "firefox": [ "privacy-security", @@ -2666,10 +2667,10 @@ "category": "recommended" }, "ratings": { - "average": 4.399, - "bayesian_average": 4.396311536554253, - "count": 2193, - "text_count": 842 + "average": 4.4, + "bayesian_average": 4.3973085609220925, + "count": 2205, + "text_count": 843 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/noscript/reviews/", "requires_payment": false, @@ -2713,7 +2714,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/noscript/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/noscript/versions/", - "weekly_downloads": 7405 + "weekly_downloads": 7026 }, "notes": null }, @@ -2729,7 +2730,7 @@ "picture_url": null } ], - "average_daily_users": 162666, + "average_daily_users": 162878, "categories": { "firefox": [ "photos-music-videos", @@ -2838,10 +2839,10 @@ "category": "recommended" }, "ratings": { - "average": 3.8694, - "bayesian_average": 3.8653261105375534, - "count": 1233, - "text_count": 447 + "average": 3.866, + "bayesian_average": 3.861922949733725, + "count": 1239, + "text_count": 448 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/revi…", "requires_payment": false, @@ -2860,7 +2861,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/vers…", - "weekly_downloads": 1444 + "weekly_downloads": 1345 }, "notes": null } ===================================== projects/browser/config ===================================== @@ -107,9 +107,9 @@ input_files: - URL: https://addons.mozilla.org/firefox/downloads/file/4206186/noscript-11.4.29.… name: noscript sha256sum: 05b98840b05ef2acbac333543e4b7c3d40fee2ce5fb4e29260b05e2ff6fe24cd - - URL: https://addons.mozilla.org/firefox/downloads/file/4237670/ublock_origin-1.5… + - URL: https://addons.mozilla.org/firefox/downloads/file/4261710/ublock_origin-1.5… name: ublock-origin - sha256sum: f5fbeeac511ca4e10a74723413727fda8e6f9236c726d16eb54ade1fbe7be5be + sha256sum: 9928e79a52cecf7cfa231fdb0699c7d7a427660d94eb10d711ed5a2f10d2eb89 enable: '[% c("var/mullvad-browser") %]' - URL: https://github.com/mullvad/browser-extension/releases/download/v0.9.0-firef… name: mullvad-extension ===================================== projects/firefox-android/config ===================================== @@ -16,7 +16,7 @@ container: var: fenix_version: 115.2.1 browser_branch: 13.5-1 - browser_build: 8 + browser_build: 9 variant: Beta # This should be updated when the list of gradle dependencies is changed. gradle_dependencies_version: 1 ===================================== projects/firefox/config ===================================== @@ -18,7 +18,7 @@ var: firefox_version: '[% c("var/firefox_platform_version") %]esr' browser_series: '13.5' browser_branch: '[% c("var/browser_series") %]-1' - browser_build: 1 + browser_build: 2 branding_directory_prefix: 'tb' copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-[% c("var/osname") %]' ===================================== projects/geckoview/config ===================================== @@ -16,7 +16,7 @@ container: var: geckoview_version: 115.10.0esr browser_branch: 13.5-1 - browser_build: 1 + browser_build: 2 copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' gitlab_project: https://gitlab.torproject.org/tpo/applications/tor-browser git_commit: '[% exec("git rev-parse HEAD") %]' ===================================== projects/go/config ===================================== @@ -1,5 +1,5 @@ # vim: filetype=yaml sw=2 -version: '[% IF c("var/use_go_1_20") %]1.20.14[% ELSE %]1.21.8[% END %]' +version: '[% IF c("var/use_go_1_20") %]1.20.14[% ELSE %]1.21.9[% END %]' filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' container: use_container: 1 @@ -122,7 +122,7 @@ input_files: - URL: 'https://go.dev/dl/go[% c("version") %].src.tar.gz' # 1.21 series name: go - sha256sum: dc806cf75a87e1414b5b4c3dcb9dd3e9cc98f4cfccec42b7af617d5a658a3c43 + sha256sum: 58f0c5ced45a0012bce2ff7a9df03e128abcc8818ebabe5027bb92bafe20e421 enable: '[% !c("var/use_go_1_20") %]' - URL: 'https://go.dev/dl/go[% c("version") %].src.tar.gz' # 1.20 series ===================================== projects/manual/config ===================================== @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 # To update, see doc/how-to-update-the-manual.txt # Remember to update also the package's hash, with the version! -version: 150100 +version: 161678 filename: 'manual-[% c("version") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' container: use_container: 1 @@ -23,6 +23,6 @@ input_files: - project: container-image - URL: 'https://build-sources.tbb.torproject.org/manual_[% c("version") %].zip' name: manual - sha256sum: 039bdb04f97b803f0db2f12a6ba0a03a2091e8d8bd794e178c297e571f04eb7f + sha256sum: 5ceaec926295a62a946f41ec2e270dfd9d8d2fb3b57d11700ab67ed982ccc6e8 - filename: packagemanual.py name: package_script ===================================== projects/tor/config ===================================== @@ -1,6 +1,6 @@ # vim: filetype=yaml sw=2 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' -version: 0.4.8.10 +version: 0.4.8.11 git_hash: 'tor-[% c("version") %]' git_url: https://gitlab.torproject.org/tpo/core/tor.git git_submodule: 1 ===================================== projects/translation/config ===================================== @@ -12,13 +12,13 @@ compress_tar: 'gz' steps: base-browser: base-browser: '[% INCLUDE build %]' - git_hash: 891785fda28488bfe599afc8d3b9a155c0130f5f + git_hash: 76f037ba6fb13fdae3604f2ae4cdf6fcd284812a targets: nightly: git_hash: 'base-browser' tor-browser: tor-browser: '[% INCLUDE build %]' - git_hash: 020ff1e1fd29f39a75d1d7f795a4d80996472dd5 + git_hash: 03ef36ed51d2ef339c673c607097eb3a4472120c targets: nightly: git_hash: 'tor-browser' @@ -32,7 +32,7 @@ steps: fenix: '[% INCLUDE build %]' # We need to bump the commit before releasing but just pointing to a branch # might cause too much rebuidling of the Firefox part. - git_hash: 4962bd88652169e6a98afbe1d3b25847e909d213 + git_hash: 523e656f6baf0977fb798187ab83a308bc34c784 compress_tar: 'zst' targets: nightly: ===================================== projects/zstd/config ===================================== @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 -version: 1.4.8 +version: 1.5.6 git_url: https://github.com/facebook/zstd.git -git_hash: 97a3da1df009d4dc67251de0c4b1c9d7fe286fc1 +git_hash: 794ea1b0afca0f020f4e57b6732332231fb23c70 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' container: ===================================== rbm.conf ===================================== @@ -73,13 +73,13 @@ buildconf: git_signtag_opt: '-s' var: - torbrowser_version: '13.5a6' + torbrowser_version: '13.5a7' torbrowser_build: 'build1' torbrowser_incremental_from: + - '13.5a6' - '13.5a5' - '13.5a4' - - '13.5a3' - browser_release_date: '2024/03/28 01:02:03' + browser_release_date: '2024/04/25 12:00:00' browser_release_date_timestamp: '[% USE date; date.format(c("var/browser_release_date"), "%s") %]' updater_enabled: 1 build_mar: 1 View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/c… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/c… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.10.0esr-13.5-1] 4 commits: fixup! Base Browser strings
by Pier Angelo Vendrame (＠pierov) 23 Apr '24

23 Apr '24

Pier Angelo Vendrame pushed to branch mullvad-browser-115.10.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser Commits: c18dbfc4 by Henry Wilkes at 2024-04-23T08:34:43+02:00 fixup! Base Browser strings Bug 42537: Move base-browser.ftl to toolkit. - - - - - 149be0e5 by Henry Wilkes at 2024-04-23T08:35:45+02:00 fixup! Bug 4234: Use the Firefox Update Process for Base Browser. Bug 42537: Move base-browser.ftl to toolkit. - - - - - da74078b by Henry Wilkes at 2024-04-23T08:35:46+02:00 fixup! Bug 40926: Implemented the New Identity feature Bug 42537: Move base-browser.ftl to toolkit. - - - - - c37b5e2a by Henry Wilkes at 2024-04-23T08:35:47+02:00 fixup! Bug 41698: Reword the recommendation badges in about:addons Bug 42537: Move base-browser.ftl to toolkit. - - - - - 9 changed files: - browser/base/content/aboutDialog.xhtml - browser/base/content/browser.xhtml - browser/components/newidentity/content/newIdentityDialog.xhtml - browser/components/preferences/preferences.xhtml - browser/locales/jar.mn - browser/locales-preview/base-browser-no-translate.ftl → toolkit/locales-preview/base-browser-no-translate.ftl - browser/locales/en-US/browser/base-browser.ftl → toolkit/locales/en-US/toolkit/global/base-browser.ftl - toolkit/locales/jar.mn - toolkit/mozapps/extensions/content/aboutaddons.html Changes: ===================================== browser/base/content/aboutDialog.xhtml ===================================== @@ -30,7 +30,7 @@ <linkset> <html:link rel="localization" href="branding/brand.ftl"/> <html:link rel="localization" href="browser/aboutDialog.ftl"/> - <html:link rel="localization" href="browser/base-browser.ftl"/> + <html:link rel="localization" href="toolkit/global/base-browser.ftl"/> <html:link rel="localization" href="browser/aboutDialogMullvad.ftl"/> </linkset> ===================================== browser/base/content/browser.xhtml ===================================== @@ -88,7 +88,7 @@ <link rel="localization" href="toolkit/branding/brandings.ftl"/> <link rel="localization" href="toolkit/global/textActions.ftl"/> <link rel="localization" href="toolkit/printing/printUI.ftl"/> - <link rel="localization" href="browser/base-browser.ftl"/> + <link rel="localization" href="toolkit/global/base-browser.ftl"/>  <link rel="localization" href="preview/firefoxSuggest.ftl" /> <link rel="localization" href="preview/identityCredentialNotification.ftl" /> ===================================== browser/components/newidentity/content/newIdentityDialog.xhtml ===================================== @@ -22,7 +22,7 @@ <dialog id="newIdentityDialog" buttons="accept,cancel" defaultButton="accept"> <linkset> <html:link rel="localization" href="branding/brand.ftl" /> - <html:link rel="localization" href="browser/base-browser.ftl" /> + <html:link rel="localization" href="toolkit/global/base-browser.ftl" /> </linkset> <div xmlns="http://www.w3.org/1999/xhtml"> ===================================== browser/components/preferences/preferences.xhtml ===================================== @@ -57,7 +57,7 @@ <link rel="localization" href="security/certificates/certManager.ftl"/> <link rel="localization" href="security/certificates/deviceManager.ftl"/> <link rel="localization" href="toolkit/updates/history.ftl"/> - <link rel="localization" href="browser/base-browser.ftl"/> + <link rel="localization" href="toolkit/global/base-browser.ftl"/> <link rel="localization" href="browser/mullvad-browser/preferences.ftl"/> <link rel="shortcut icon" href="chrome://global/skin/icons/settings.svg"/> ===================================== browser/locales/jar.mn ===================================== @@ -14,7 +14,6 @@ preview/firefoxSuggest.ftl (../components/urlbar/content/firefoxSuggest.ftl) preview/identityCredentialNotification.ftl (../components/credentialmanager/identityCredentialNotification.ftl) preview/stripOnShare.ftl (../components/urlbar/content/stripOnShare.ftl) - preview/base-browser-no-translate.ftl (../locales-preview/base-browser-no-translate.ftl) browser (%browser/**/*.ftl) @AB_CD@.jar: ===================================== browser/locales-preview/base-browser-no-translate.ftl → toolkit/locales-preview/base-browser-no-translate.ftl ===================================== ===================================== browser/locales/en-US/browser/base-browser.ftl → toolkit/locales/en-US/toolkit/global/base-browser.ftl ===================================== ===================================== toolkit/locales/jar.mn ===================================== @@ -8,6 +8,7 @@ services (%services/**/*.ftl) toolkit (%toolkit/**/*.ftl) locales-preview/aboutTranslations.ftl (../locales-preview/aboutTranslations.ftl) + locales-preview/base-browser-no-translate.ftl (../locales-preview/base-browser-no-translate.ftl) #ifdef MOZ_LAYOUT_DEBUGGER layoutdebug/layoutdebug.ftl (../../layout/tools/layout-debug/ui/content/layoutdebug.ftl) #endif ===================================== toolkit/mozapps/extensions/content/aboutaddons.html ===================================== @@ -35,7 +35,7 @@ <link rel="localization" href="toolkit/about/aboutAddons.ftl" /> <link rel="localization" href="toolkit/about/abuseReports.ftl" /> - <link rel="localization" href="browser/base-browser.ftl" /> + <link rel="localization" href="toolkit/global/base-browser.ftl" />  <script View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/04… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/04… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-115.10.0esr-13.5-1] 4 commits: fixup! Base Browser strings
by Pier Angelo Vendrame (＠pierov) 23 Apr '24

23 Apr '24

Pier Angelo Vendrame pushed to branch base-browser-115.10.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: f1d27be7 by Henry Wilkes at 2024-04-22T20:49:17+01:00 fixup! Base Browser strings Bug 42537: Move base-browser.ftl to toolkit. - - - - - 3aa48e65 by Henry Wilkes at 2024-04-22T20:49:43+01:00 fixup! Bug 4234: Use the Firefox Update Process for Base Browser. Bug 42537: Move base-browser.ftl to toolkit. - - - - - a402e72c by Henry Wilkes at 2024-04-22T20:49:47+01:00 fixup! Bug 40926: Implemented the New Identity feature Bug 42537: Move base-browser.ftl to toolkit. - - - - - ca81f26e by Henry Wilkes at 2024-04-22T20:49:47+01:00 fixup! Bug 41698: Reword the recommendation badges in about:addons Bug 42537: Move base-browser.ftl to toolkit. - - - - - 9 changed files: - browser/base/content/aboutDialog.xhtml - browser/base/content/browser.xhtml - browser/components/newidentity/content/newIdentityDialog.xhtml - browser/components/preferences/preferences.xhtml - browser/locales/jar.mn - browser/locales-preview/base-browser-no-translate.ftl → toolkit/locales-preview/base-browser-no-translate.ftl - browser/locales/en-US/browser/base-browser.ftl → toolkit/locales/en-US/toolkit/global/base-browser.ftl - toolkit/locales/jar.mn - toolkit/mozapps/extensions/content/aboutaddons.html Changes: ===================================== browser/base/content/aboutDialog.xhtml ===================================== @@ -30,7 +30,7 @@ <linkset> <html:link rel="localization" href="branding/brand.ftl"/> <html:link rel="localization" href="browser/aboutDialog.ftl"/> - <html:link rel="localization" href="browser/base-browser.ftl"/> + <html:link rel="localization" href="toolkit/global/base-browser.ftl"/> </linkset> <html:div id="aboutDialogContainer"> ===================================== browser/base/content/browser.xhtml ===================================== @@ -88,7 +88,7 @@ <link rel="localization" href="toolkit/branding/brandings.ftl"/> <link rel="localization" href="toolkit/global/textActions.ftl"/> <link rel="localization" href="toolkit/printing/printUI.ftl"/> - <link rel="localization" href="browser/base-browser.ftl"/> + <link rel="localization" href="toolkit/global/base-browser.ftl"/>  <link rel="localization" href="preview/firefoxSuggest.ftl" /> <link rel="localization" href="preview/identityCredentialNotification.ftl" /> ===================================== browser/components/newidentity/content/newIdentityDialog.xhtml ===================================== @@ -22,7 +22,7 @@ <dialog id="newIdentityDialog" buttons="accept,cancel" defaultButton="accept"> <linkset> <html:link rel="localization" href="branding/brand.ftl" /> - <html:link rel="localization" href="browser/base-browser.ftl" /> + <html:link rel="localization" href="toolkit/global/base-browser.ftl" /> </linkset> <div xmlns="http://www.w3.org/1999/xhtml"> ===================================== browser/components/preferences/preferences.xhtml ===================================== @@ -57,7 +57,7 @@ <link rel="localization" href="security/certificates/certManager.ftl"/> <link rel="localization" href="security/certificates/deviceManager.ftl"/> <link rel="localization" href="toolkit/updates/history.ftl"/> - <link rel="localization" href="browser/base-browser.ftl"/> + <link rel="localization" href="toolkit/global/base-browser.ftl"/> <link rel="shortcut icon" href="chrome://global/skin/icons/settings.svg"/> ===================================== browser/locales/jar.mn ===================================== @@ -14,7 +14,6 @@ preview/firefoxSuggest.ftl (../components/urlbar/content/firefoxSuggest.ftl) preview/identityCredentialNotification.ftl (../components/credentialmanager/identityCredentialNotification.ftl) preview/stripOnShare.ftl (../components/urlbar/content/stripOnShare.ftl) - preview/base-browser-no-translate.ftl (../locales-preview/base-browser-no-translate.ftl) browser (%browser/**/*.ftl) @AB_CD@.jar: ===================================== browser/locales-preview/base-browser-no-translate.ftl → toolkit/locales-preview/base-browser-no-translate.ftl ===================================== ===================================== browser/locales/en-US/browser/base-browser.ftl → toolkit/locales/en-US/toolkit/global/base-browser.ftl ===================================== ===================================== toolkit/locales/jar.mn ===================================== @@ -8,6 +8,7 @@ services (%services/**/*.ftl) toolkit (%toolkit/**/*.ftl) locales-preview/aboutTranslations.ftl (../locales-preview/aboutTranslations.ftl) + locales-preview/base-browser-no-translate.ftl (../locales-preview/base-browser-no-translate.ftl) #ifdef MOZ_LAYOUT_DEBUGGER layoutdebug/layoutdebug.ftl (../../layout/tools/layout-debug/ui/content/layoutdebug.ftl) #endif ===================================== toolkit/mozapps/extensions/content/aboutaddons.html ===================================== @@ -35,7 +35,7 @@ <link rel="localization" href="toolkit/about/aboutAddons.ftl" /> <link rel="localization" href="toolkit/about/abuseReports.ftl" /> - <link rel="localization" href="browser/base-browser.ftl" /> + <link rel="localization" href="toolkit/global/base-browser.ftl" />  <script View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/5616a8… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/5616a8… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.10.0esr-13.5-1] fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in...
by richard (＠richard) 22 Apr '24

22 Apr '24

richard pushed to branch tor-browser-115.10.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 51c8a409 by Henry Wilkes at 2024-04-22T21:47:56+00:00 fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection Bug 42540: Fix gNetworkStatus.deinint typo - - - - - 1 changed file: - browser/components/torpreferences/content/connectionPane.js Changes: ===================================== browser/components/torpreferences/content/connectionPane.js ===================================== @@ -2331,7 +2331,7 @@ const gNetworkStatus = { /** * Un-initialize the area. */ - deinint() { + uninit() { Services.obs.removeObserver(this, TorConnectTopics.StateChange); }, View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/51c8a40… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/51c8a40… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41111: Use Lyrebird to provide WebTunnel PT Client
by richard (＠richard) 22 Apr '24

22 Apr '24

richard pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 991ebf57 by Richard Pospesel at 2024-04-22T19:24:31+00:00 Bug 41111: Use Lyrebird to provide WebTunnel PT Client - - - - - 13 changed files: - Makefile - projects/browser/build - projects/lyrebird/config - projects/tor-android-service/config - projects/tor-expert-bundle/build - projects/tor-expert-bundle/config - projects/tor-expert-bundle/pt_config.json - − projects/tor-onion-proxy-library/0001-Bug-40800-Add-WebTunnel-support.patch - + projects/tor-onion-proxy-library/0001-Bug-41111-Use-Lyrebird-to-provide-WebTunnel-PT-Client.patch - projects/tor-onion-proxy-library/build - projects/tor-onion-proxy-library/config - − projects/webtunnel/build - − projects/webtunnel/config Changes: ===================================== Makefile ===================================== @@ -643,9 +643,6 @@ go_vendor-snowflake: submodule-update go_vendor-conjure: submodule-update $(rbm) build conjure --step go_vendor --target alpha --target torbrowser-linux-x86_64 -go_vendor-webtunnel: submodule-update - $(rbm) build webtunnel --step go_vendor --target alpha --target torbrowser-linux-x86_64 - go_vendor-lyrebird: submodule-update $(rbm) build lyrebird --step go_vendor --target alpha --target torbrowser-linux-x86_64 ===================================== projects/browser/build ===================================== @@ -109,11 +109,8 @@ mv [% c('input_files_by_name/noscript') %] "$TBDIR/$EXTSPATH/{73a6fe31-595d-460b # Move READMEs from tor-expert-bundle to the doc dir mkdir -p "$TBDIR/$DOCSPATH/snowflake" [% IF c("var/macos_universal") %]"$TBDIR_AARCH64/$DOCSPATH/snowflake"[% END %] - - mkdir -p "$TBDIR/$DOCSPATH/webtunnel" [% IF c("var/macos_universal") %]"$TBDIR_AARCH64/$DOCSPATH/webtunnel"[% END %] mkdir -p "$TBDIR/$DOCSPATH/conjure" [% IF c("var/macos_universal") %]"$TBDIR_AARCH64/$DOCSPATH/conjure"[% END %] mv_tbdir tor/pluggable_transports/README.SNOWFLAKE.md "$DOCSPATH/snowflake/README.md" - mv_tbdir tor/pluggable_transports/README.WEBTUNNEL.md "$DOCSPATH/webtunnel/README.md" mv_tbdir tor/pluggable_transports/README.CONJURE.md "$DOCSPATH/conjure/README.md" # Move the PTs to where TB expects them ===================================== projects/lyrebird/config ===================================== @@ -1,5 +1,5 @@ # vim: filetype=yaml sw=2 -version: 0.1.0 +version: 0.2.0 git_url: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/lyre… git_hash: 'lyrebird-[% c("version") %]' tag_gpg_id: 1 @@ -9,7 +9,7 @@ container: use_container: 1 var: - go_vendor_sha256sum: d95d1fa8ce3904b76395b20ef169e8ef2b039fa485764b74739bb6290631537d + go_vendor_sha256sum: dc6b2671250f4ffd0caff3ef020bd60f99207f519f6f5f1be47243677a13c695 targets: nightly: ===================================== projects/tor-android-service/config ===================================== @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 version: '[% c("abbrev") %]' filename: '[% project %]-[% c("version") %]-[% c("var/build_id") %]' -git_hash: 0438a9a4ce1548be08dd2df891a38987bb313d22 +git_hash: 27924bc748044e987c188be854ff1471397cdb6a git_url: https://gitlab.torproject.org/tpo/applications/tor-android-service.git git_submodule: 1 container: ===================================== projects/tor-expert-bundle/build ===================================== @@ -15,7 +15,6 @@ mkdir pluggable_transports && cd pluggable_transports tar -xkf $rootdir/[% c('input_files_by_name/lyrebird') %] tar -xkf $rootdir/[% c('input_files_by_name/snowflake') %] -tar -xkf $rootdir/[% c('input_files_by_name/webtunnel') %] tar -xkf $rootdir/[% c('input_files_by_name/conjure') %] # add per-platform pt extension @@ -35,7 +34,6 @@ cd $distdir cp -a tor/pluggable_transports/conjure-client aar/jni/[% c('arch') %]/libConjure.so cp -a tor/pluggable_transports/lyrebird aar/jni/[% c('arch') %]/Lyrebird.so cp -a tor/pluggable_transports/snowflake-client aar/jni/[% c('arch') %]/libSnowflake.so - cp -a tor/pluggable_transports/webtunnel-client aar/jni/[% c('arch') %]/libWebtunnel.so cp -a data/* aar/assets/common/ ===================================== projects/tor-expert-bundle/config ===================================== @@ -18,8 +18,6 @@ input_files: project: lyrebird - name: snowflake project: snowflake - - project: webtunnel - name: webtunnel - name: conjure project: conjure - filename: pt_config.json ===================================== projects/tor-expert-bundle/pt_config.json ===================================== @@ -1,9 +1,8 @@ { "recommendedDefault" : "obfs4", "pluggableTransports" : { - "lyrebird" : "ClientTransportPlugin meek_lite,obfs2,obfs3,obfs4,scramblesuit exec ${pt_path}lyrebird${pt_extension}", + "lyrebird" : "ClientTransportPlugin meek_lite,obfs2,obfs3,obfs4,scramblesuit,webtunnel exec ${pt_path}lyrebird${pt_extension}", "snowflake" : "ClientTransportPlugin snowflake exec ${pt_path}snowflake-client${pt_extension}", - "webtunnel" : "ClientTransportPlugin webtunnel exec ${pt_path}webtunnel-client${pt_extension}", "conjure" : "ClientTransportPlugin conjure exec ${pt_path}conjure-client${pt_extension} -registerURL https://registration.refraction.network/api" }, "bridges" : { ===================================== projects/tor-onion-proxy-library/0001-Bug-40800-Add-WebTunnel-support.patch deleted ===================================== @@ -1,74 +0,0 @@ -From 3a6f835e8089dd15f5cd6487b5cfbdfafe7422f8 Mon Sep 17 00:00:00 2001 -From: Shelikhoo <xiaokangwang(a)outlook.com> -Date: Tue, 14 Feb 2023 16:59:59 +0000 -Subject: [PATCH] add WebTunnel Support - ---- - android/build.gradle | 3 +++ - .../thali/toronionproxy/TorConfigBuilder.java | 19 +++++++++++++++---- - 2 files changed, 18 insertions(+), 4 deletions(-) - -diff --git a/android/build.gradle b/android/build.gradle -index e107e8e..acd92c1 100644 ---- a/android/build.gradle -+++ b/android/build.gradle -@@ -102,6 +102,9 @@ task copyPluggableTransports(type: Copy) { - rename { filename -> - filename.replace 'conjure-client', 'libConjure.so' - } -+ rename { filename -> -+ filename.replace 'webtunnel-client', 'libWebtunnel.so' -+ } - } - - gradle.projectsEvaluated { -diff --git a/universal/src/main/java/com/msopentech/thali/toronionproxy/TorConfigBuilder.java b/universal/src/main/java/com/msopentech/thali/toronionproxy/TorConfigBuilder.java -index b87993d..5e6d6c5 100644 ---- a/universal/src/main/java/com/msopentech/thali/toronionproxy/TorConfigBuilder.java -+++ b/universal/src/main/java/com/msopentech/thali/toronionproxy/TorConfigBuilder.java -@@ -109,8 +109,8 @@ public final class TorConfigBuilder { - return this; - } - -- public TorConfigBuilder configurePluggableTransportsFromSettings(File pluggableTransportObfs, File pluggableTransportSnow, File pluggableTransportConjure) throws IOException { -- if (pluggableTransportObfs == null || pluggableTransportSnow == null || pluggableTransportConjure == null) { -+ public TorConfigBuilder configurePluggableTransportsFromSettings(File pluggableTransportObfs, File pluggableTransportSnow, File pluggableTransportConjure, File pluggableTransportWebtunnel) throws IOException { -+ if (pluggableTransportObfs == null || pluggableTransportSnow == null || pluggableTransportConjure == null || pluggableTransportWebtunnel == null) { - return this; - } - -@@ -144,7 +144,17 @@ public final class TorConfigBuilder { - .getCanonicalPath()); - } - -- transportPlugin(pluggableTransportObfs.getCanonicalPath(), pluggableTransportSnow.getCanonicalPath(), pluggableTransportConjure.getCanonicalPath()); -+ if (!pluggableTransportWebtunnel.exists()) { -+ throw new IOException("Webtunnel binary does not exist: " + pluggableTransportWebtunnel -+ .getCanonicalPath()); -+ } -+ -+ if (!pluggableTransportWebtunnel.canExecute()) { -+ throw new IOException("Webtunnel binary is not executable: " + pluggableTransportWebtunnel -+ .getCanonicalPath()); -+ } -+ -+ transportPlugin(pluggableTransportObfs.getCanonicalPath(), pluggableTransportSnow.getCanonicalPath(), pluggableTransportConjure.getCanonicalPath(), pluggableTransportWebtunnel.getCanonicalPath()); - return this; - } - -@@ -511,10 +521,11 @@ public final class TorConfigBuilder { - return transPort(settings.transPort()); - } - -- public TorConfigBuilder transportPlugin(String obfsPath, String snowPath, String conjurePath) { -+ public TorConfigBuilder transportPlugin(String obfsPath, String snowPath, String conjurePath, String webtunnelPath) { - buffer.append("ClientTransportPlugin meek_lite,obfs3,obfs4 exec ").append(obfsPath).append('\n'); - buffer.append("ClientTransportPlugin snowflake exec ").append(snowPath).append('\n'); - buffer.append("ClientTransportPlugin conjure exec ").append(conjurePath).append(" -registerURL https://registration.refraction.network/api\n"); -+ buffer.append("ClientTransportPlugin webtunnel exec ").append(webtunnelPath).append('\n'); - return this; - } - --- -2.34.1 - ===================================== projects/tor-onion-proxy-library/0001-Bug-41111-Use-Lyrebird-to-provide-WebTunnel-PT-Client.patch ===================================== @@ -0,0 +1,19 @@ +From 4aa1038fd0d3acc212579fbd94566e062dd187e6 Mon Sep 17 00:00:00 2001 +From: Richard Pospesel <richard(a)torproject.org> +Date: Mon, 22 Apr 2024 17:38:49 +0000 +Subject: [PATCH] add WebTunnel Support + +--- +diff --git a/universal/src/main/java/com/msopentech/thali/toronionproxy/TorConfigBuilder.java b/universal/src/main/java/com/msopentech/thali/toronionproxy/TorConfigBuilder.java +index 8a439f8..77e6f35 100644 +--- a/universal/src/main/java/com/msopentech/thali/toronionproxy/TorConfigBuilder.java ++++ b/universal/src/main/java/com/msopentech/thali/toronionproxy/TorConfigBuilder.java +@@ -512,7 +512,7 @@ public final class TorConfigBuilder { + } + + public TorConfigBuilder transportPlugin(String obfsPath, String snowPath, String conjurePath) { +- buffer.append("ClientTransportPlugin meek_lite,obfs3,obfs4 exec ").append(obfsPath).append('\n'); ++ buffer.append("ClientTransportPlugin meek_lite,obfs3,obfs4,webtunnel exec ").append(obfsPath).append('\n'); + buffer.append("ClientTransportPlugin snowflake exec ").append(snowPath).append('\n'); + buffer.append("ClientTransportPlugin conjure exec ").append(conjurePath).append(" -registerURL https://registration.refraction.network/api\n"); + return this; ===================================== projects/tor-onion-proxy-library/build ===================================== @@ -37,7 +37,7 @@ patch -p1 < $rootdir/gradle.patch patch -p1 < $rootdir/0001-Bug-33931-Filter-bridges-in-stream-by-type.patch patch -p1 < $rootdir/0001-Bug-30318-Add-snowflake-support.patch patch -p1 < $rootdir/0001-Bug-41361-Add-conjure-support.patch -patch -p1 < $rootdir/0001-Bug-40800-Add-WebTunnel-support.patch +patch -p1 < $rootdir/0001-Bug-41111-Use-Lyrebird-to-provide-WebTunnel-PT-Client.patch [% FOREACH arch = ['armv7', 'aarch64', 'x86', 'x86_64'] -%] # Extract tor-expert-bundle @@ -54,18 +54,14 @@ patch -p1 < $rootdir/0001-Bug-40800-Add-WebTunnel-support.patch cp $ptdir/snowflake-client external/pluto/bin/armeabi/ cp $ptdir/conjure-client external/pluto/bin/armeabi-v7a/ cp $ptdir/conjure-client external/pluto/bin/armeabi/ - cp $ptdir/webtunnel-client external/pluto/bin/armeabi-v7a/ - cp $ptdir/webtunnel-client external/pluto/bin/armeabi/ [% ELSIF arch == "aarch64" -%] cp $ptdir/lyrebird external/pluto/bin/arm64-v8a/obfs4proxy cp $ptdir/snowflake-client external/pluto/bin/arm64-v8a/ cp $ptdir/conjure-client external/pluto/bin/arm64-v8a/ - cp $ptdir/webtunnel-client external/pluto/bin/arm64-v8a/ [% ELSE -%] cp $ptdir/lyrebird external/pluto/bin/[% arch %]/obfs4proxy cp $ptdir/snowflake-client external/pluto/bin/[% arch %]/ cp $ptdir/conjure-client external/pluto/bin/[% arch %]/ - cp $ptdir/webtunnel-client external/pluto/bin/[% arch %]/ [% END -%] [% END -%] ===================================== projects/tor-onion-proxy-library/config ===================================== @@ -41,4 +41,4 @@ input_files: - filename: 0001-Bug-33931-Filter-bridges-in-stream-by-type.patch - filename: 0001-Bug-30318-Add-snowflake-support.patch - filename: 0001-Bug-41361-Add-conjure-support.patch - - filename: 0001-Bug-40800-Add-WebTunnel-support.patch + - filename: 0001-Bug-41111-Use-Lyrebird-to-provide-WebTunnel-PT-Client.patch ===================================== projects/webtunnel/build deleted ===================================== @@ -1,31 +0,0 @@ -#!/bin/bash -[% c("var/set_default_env") -%] -[% pc('go', 'var/setup', { go_tarfile => c('input_files_by_name/go') }) %] -distdir=/var/tmp/dist/[% project %] -mkdir -p $distdir - -[% IF c("var/android") -%] - [% pc(c('var/compiler'), 'var/setup', { compiler_tarfile => c('input_files_by_name/' _ c('var/compiler')) }) %] - # We need to explicitly set CGO_ENABLED with Go 1.13.x as the Android build - # breaks otherwise. - export CGO_ENABLED=1 -[% END -%] - -mkdir -p /var/tmp/build -tar -C /var/tmp/build -xf [% project %]-[% c('version') %].tar.[% c('compress_tar') %] -cd /var/tmp/build/[% project %]-[% c('version') %] - -tar -xf $rootdir/[% c('input_files_by_name/go_vendor') %] - -cd main/client -go build -ldflags '-s' -cp -a client[% IF c("var/windows") %].exe[% END %] $distdir/webtunnel-client[% IF c("var/windows") %].exe[% END %] - -cd /var/tmp/build/[% project %]-[% c('version') %] -cp -a README.md $distdir/README.WEBTUNNEL.md - -cd $distdir -[% c('tar', { - tar_src => [ '.' ], - tar_args => '-caf ' _ dest_dir _ '/' _ c('filename'), - }) %] ===================================== projects/webtunnel/config deleted ===================================== @@ -1,24 +0,0 @@ -# vim: filetype=yaml sw=2 -version: '[% c("abbrev") %]' -git_url: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webt… -git_hash: 38eb55054a5c3c072acc1d8f9a9afa36e3a5c9b7 -container: - use_container: 1 - -steps: - build: - filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' - input_files: - - project: container-image - - name: go - project: go - - name: '[% c("var/compiler") %]' - project: '[% c("var/compiler") %]' - enable: '[% c("var/android") %]' - - name: go_vendor - pkg_type: go_vendor - project: webtunnel - norec: - sha256sum: e3b5a9b3c3939aafa5389246f3a7a7e78d70fe623bed495f99c39cc37bbbe645 - target_replace: - '^torbrowser-(?!testbuild).*': 'torbrowser-linux-x86_64' View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/9… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/9… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.10.0esr-13.5-1] 8 commits: fixup! Tor Browser strings
by Pier Angelo Vendrame (＠pierov) 22 Apr '24

22 Apr '24

Pier Angelo Vendrame pushed to branch tor-browser-115.10.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: ba71db7d by Henry Wilkes at 2024-04-22T18:17:43+01:00 fixup! Tor Browser strings Bug 42537: Move tor-browser.ftl to toolkit. - - - - - 3878b648 by Henry Wilkes at 2024-04-22T18:17:44+01:00 fixup! Bug 40209: Implement Basic Crypto Safety Bug 42537: Move tor-browser.ftl to toolkit. - - - - - 70f8caa3 by Henry Wilkes at 2024-04-22T18:17:44+01:00 fixup! Bug 2176: Rebrand Firefox to TorBrowser Bug 42537: Move tor-browser.ftl to toolkit. - - - - - 401d5c98 by Henry Wilkes at 2024-04-22T18:17:45+01:00 fixup! Bug 7494: Create local home page for TBB. Bug 42537: Move tor-browser.ftl to toolkit. - - - - - ed24f5ca by Henry Wilkes at 2024-04-22T18:17:45+01:00 fixup! Bug 40701: Add security warning when downloading a file Bug 42537: Move tor-browser.ftl to toolkit. - - - - - 179b425c by Henry Wilkes at 2024-04-22T18:17:46+01:00 fixup! Bug 40458: Implement .tor.onion aliases Bug 42537: Move tor-browser.ftl to toolkit. - - - - - b8698ae3 by Henry Wilkes at 2024-04-22T18:17:46+01:00 fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection Bug 42537: Move tor-browser.ftl to toolkit. - - - - - 464c9389 by Henry Wilkes at 2024-04-22T18:17:47+01:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 42537: Move tor-browser.ftl to toolkit. - - - - - 20 changed files: - browser/actors/CryptoSafetyParent.jsm - browser/base/content/aboutDialog.xhtml - browser/base/content/browser.xhtml - browser/components/abouttor/content/aboutTor.html - browser/components/downloads/content/contentAreaDownloadsView.xhtml - browser/components/places/content/places.xhtml - browser/components/preferences/preferences.xhtml - browser/components/rulesets/content/aboutRulesets.html - browser/components/torpreferences/content/bridgeQrDialog.xhtml - browser/components/torpreferences/content/builtinBridgeDialog.xhtml - browser/components/torpreferences/content/connectionSettingsDialog.xhtml - browser/components/torpreferences/content/loxInviteDialog.xhtml - browser/components/torpreferences/content/provideBridgeDialog.xhtml - browser/components/torpreferences/content/requestBridgeDialog.xhtml - browser/components/torpreferences/content/torLogDialog.xhtml - browser/locales/jar.mn - toolkit/content/aboutNetError.xhtml - browser/locales-preview/tor-browser-no-translate.ftl → toolkit/locales-preview/tor-browser-no-translate.ftl - browser/locales/en-US/browser/tor-browser.ftl → toolkit/locales/en-US/toolkit/global/tor-browser.ftl - toolkit/locales/jar.mn Changes: ===================================== browser/actors/CryptoSafetyParent.jsm ===================================== @@ -21,7 +21,7 @@ ChromeUtils.defineModuleGetter( ); ChromeUtils.defineLazyGetter(lazy, "CryptoStrings", function () { - return new Localization(["browser/tor-browser.ftl"]); + return new Localization(["toolkit/global/tor-browser.ftl"]); }); XPCOMUtils.defineLazyPreferenceGetter( ===================================== browser/base/content/aboutDialog.xhtml ===================================== @@ -32,7 +32,7 @@ <html:link rel="localization" href="branding/brand.ftl"/> <html:link rel="localization" href="browser/aboutDialog.ftl"/> <html:link rel="localization" href="toolkit/global/base-browser.ftl"/> - <html:link rel="localization" href="browser/tor-browser.ftl"/> + <html:link rel="localization" href="toolkit/global/tor-browser.ftl"/> </linkset> <html:div id="aboutDialogContainer"> ===================================== browser/base/content/browser.xhtml ===================================== @@ -96,7 +96,7 @@ <link rel="localization" href="toolkit/global/textActions.ftl"/> <link rel="localization" href="toolkit/printing/printUI.ftl"/> <link rel="localization" href="toolkit/global/base-browser.ftl"/> - <link rel="localization" href="browser/tor-browser.ftl"/> + <link rel="localization" href="toolkit/global/tor-browser.ftl"/>  <link rel="localization" href="preview/firefoxSuggest.ftl" /> <link rel="localization" href="preview/identityCredentialNotification.ftl" /> ===================================== browser/components/abouttor/content/aboutTor.html ===================================== @@ -20,7 +20,7 @@ /> <link rel="localization" href="browser/newtab/newtab.ftl" /> - <link rel="localization" href="browser/tor-browser.ftl" /> + <link rel="localization" href="toolkit/global/tor-browser.ftl" /> <script type="module" ===================================== browser/components/downloads/content/contentAreaDownloadsView.xhtml ===================================== @@ -21,7 +21,7 @@ <linkset> <html:link rel="localization" href="toolkit/global/textActions.ftl"/> <html:link rel="localization" href="browser/downloads.ftl" /> - <html:link rel="localization" href="browser/tor-browser.ftl" /> + <html:link rel="localization" href="toolkit/global/tor-browser.ftl" /> </linkset> <script src="chrome://global/content/globalOverlay.js"/> ===================================== browser/components/places/content/places.xhtml ===================================== @@ -40,7 +40,7 @@ <html:link rel="localization" href="browser/places.ftl"/> <html:link rel="localization" href="browser/downloads.ftl"/> <html:link rel="localization" href="browser/editBookmarkOverlay.ftl"/> - <html:link rel="localization" href="browser/tor-browser.ftl"/> + <html:link rel="localization" href="toolkit/global/tor-browser.ftl"/> </linkset> <script src="chrome://browser/content/places/places.js"/> ===================================== browser/components/preferences/preferences.xhtml ===================================== @@ -60,7 +60,7 @@ <link rel="localization" href="security/certificates/deviceManager.ftl"/> <link rel="localization" href="toolkit/updates/history.ftl"/> <link rel="localization" href="toolkit/global/base-browser.ftl"/> - <link rel="localization" href="browser/tor-browser.ftl"/> + <link rel="localization" href="toolkit/global/tor-browser.ftl"/> <link rel="shortcut icon" href="chrome://global/skin/icons/settings.svg"/> ===================================== browser/components/rulesets/content/aboutRulesets.html ===================================== @@ -13,7 +13,7 @@ /> <link rel="localization" href="branding/brand.ftl" /> - <link rel="localization" href="browser/tor-browser.ftl" /> + <link rel="localization" href="toolkit/global/tor-browser.ftl" /> </head> <body>  ===================================== browser/components/torpreferences/content/bridgeQrDialog.xhtml ===================================== @@ -11,7 +11,7 @@ > <dialog id="bridgeQr-dialog" buttons="accept"> <linkset> - <html:link rel="localization" href="browser/tor-browser.ftl" /> + <html:link rel="localization" href="toolkit/global/tor-browser.ftl" /> </linkset> <script src="chrome://browser/content/torpreferences/bridgeQrDialog.js" /> ===================================== browser/components/torpreferences/content/builtinBridgeDialog.xhtml ===================================== @@ -12,7 +12,7 @@ <dialog id="torPreferences-builtinBridge-dialog" buttons="accept,cancel"> <linkset> <html:link rel="localization" href="branding/brand.ftl" /> - <html:link rel="localization" href="browser/tor-browser.ftl" /> + <html:link rel="localization" href="toolkit/global/tor-browser.ftl" /> </linkset> <script src="chrome://browser/content/torpreferences/builtinBridgeDialog.js" /> ===================================== browser/components/torpreferences/content/connectionSettingsDialog.xhtml ===================================== @@ -12,7 +12,7 @@ <dialog id="torPreferences-connection-dialog" buttons="accept,cancel"> <linkset> <html:link rel="localization" href="branding/brand.ftl" /> - <html:link rel="localization" href="browser/tor-browser.ftl" /> + <html:link rel="localization" href="toolkit/global/tor-browser.ftl" /> </linkset> <script src="chrome://browser/content/torpreferences/connectionSettingsDialog.js" /> ===================================== browser/components/torpreferences/content/loxInviteDialog.xhtml ===================================== @@ -19,10 +19,10 @@ </menupopup> <dialog id="lox-invite-dialog" buttons="accept"> <linkset> - <html:link rel="localization" href="browser/tor-browser.ftl" /> + <html:link rel="localization" href="toolkit/global/tor-browser.ftl" /> <html:link rel="localization" - href="preview/tor-browser-no-translate.ftl" + href="locales-preview/tor-browser-no-translate.ftl" /> </linkset> ===================================== browser/components/torpreferences/content/provideBridgeDialog.xhtml ===================================== @@ -14,7 +14,7 @@ class="show-entry-page" > <linkset> - <html:link rel="localization" href="browser/tor-browser.ftl" /> + <html:link rel="localization" href="toolkit/global/tor-browser.ftl" /> </linkset> <script src="chrome://browser/content/torpreferences/bridgemoji/BridgeEmoji.js" /> ===================================== browser/components/torpreferences/content/requestBridgeDialog.xhtml ===================================== @@ -11,7 +11,7 @@ > <dialog id="torPreferences-requestBridge-dialog" buttons="accept,cancel"> <linkset> - <html:link rel="localization" href="browser/tor-browser.ftl" /> + <html:link rel="localization" href="toolkit/global/tor-browser.ftl" /> </linkset> <script src="chrome://browser/content/torpreferences/requestBridgeDialog.js" /> ===================================== browser/components/torpreferences/content/torLogDialog.xhtml ===================================== @@ -11,7 +11,7 @@ > <dialog id="torPreferences-torLog-dialog" buttons="accept,extra1"> <linkset> - <html:link rel="localization" href="browser/tor-browser.ftl" /> + <html:link rel="localization" href="toolkit/global/tor-browser.ftl" /> </linkset> <script src="chrome://browser/content/torpreferences/torLogDialog.js" /> ===================================== browser/locales/jar.mn ===================================== @@ -14,7 +14,6 @@ preview/firefoxSuggest.ftl (../components/urlbar/content/firefoxSuggest.ftl) preview/identityCredentialNotification.ftl (../components/credentialmanager/identityCredentialNotification.ftl) preview/stripOnShare.ftl (../components/urlbar/content/stripOnShare.ftl) - preview/tor-browser-no-translate.ftl (../locales-preview/tor-browser-no-translate.ftl) browser (%browser/**/*.ftl) @AB_CD@.jar: ===================================== toolkit/content/aboutNetError.xhtml ===================================== @@ -16,7 +16,7 @@ <link rel="localization" href="branding/brand.ftl"/> <link rel="localization" href="toolkit/neterror/certError.ftl" /> <link rel="localization" href="toolkit/neterror/netError.ftl"/> - <link rel="localization" href="browser/tor-browser.ftl"/> + <link rel="localization" href="toolkit/global/tor-browser.ftl"/> </head> <body> ===================================== browser/locales-preview/tor-browser-no-translate.ftl → toolkit/locales-preview/tor-browser-no-translate.ftl ===================================== ===================================== browser/locales/en-US/browser/tor-browser.ftl → toolkit/locales/en-US/toolkit/global/tor-browser.ftl ===================================== ===================================== toolkit/locales/jar.mn ===================================== @@ -9,6 +9,7 @@ toolkit (%toolkit/**/*.ftl) locales-preview/aboutTranslations.ftl (../locales-preview/aboutTranslations.ftl) locales-preview/base-browser-no-translate.ftl (../locales-preview/base-browser-no-translate.ftl) + locales-preview/tor-browser-no-translate.ftl (../locales-preview/tor-browser-no-translate.ftl) #ifdef MOZ_LAYOUT_DEBUGGER layoutdebug/layoutdebug.ftl (../../layout/tools/layout-debug/ui/content/layoutdebug.ftl) #endif View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/9d6fa2… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/9d6fa2… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.10.0esr-13.5-1] 4 commits: fixup! Base Browser strings
by Pier Angelo Vendrame (＠pierov) 22 Apr '24

22 Apr '24

Pier Angelo Vendrame pushed to branch tor-browser-115.10.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 26909ecf by Henry Wilkes at 2024-04-22T17:14:34+00:00 fixup! Base Browser strings Bug 42537: Move base-browser.ftl to toolkit. - - - - - 3db6db01 by Henry Wilkes at 2024-04-22T17:14:34+00:00 fixup! Bug 4234: Use the Firefox Update Process for Base Browser. Bug 42537: Move base-browser.ftl to toolkit. - - - - - f223c735 by Henry Wilkes at 2024-04-22T17:14:34+00:00 fixup! Bug 40926: Implemented the New Identity feature Bug 42537: Move base-browser.ftl to toolkit. - - - - - 9d6fa205 by Henry Wilkes at 2024-04-22T17:14:34+00:00 fixup! Bug 41698: Reword the recommendation badges in about:addons Bug 42537: Move base-browser.ftl to toolkit. - - - - - 9 changed files: - browser/base/content/aboutDialog.xhtml - browser/base/content/browser.xhtml - browser/components/newidentity/content/newIdentityDialog.xhtml - browser/components/preferences/preferences.xhtml - browser/locales/jar.mn - browser/locales-preview/base-browser-no-translate.ftl → toolkit/locales-preview/base-browser-no-translate.ftl - browser/locales/en-US/browser/base-browser.ftl → toolkit/locales/en-US/toolkit/global/base-browser.ftl - toolkit/locales/jar.mn - toolkit/mozapps/extensions/content/aboutaddons.html Changes: ===================================== browser/base/content/aboutDialog.xhtml ===================================== @@ -31,7 +31,7 @@ <linkset> <html:link rel="localization" href="branding/brand.ftl"/> <html:link rel="localization" href="browser/aboutDialog.ftl"/> - <html:link rel="localization" href="browser/base-browser.ftl"/> + <html:link rel="localization" href="toolkit/global/base-browser.ftl"/> <html:link rel="localization" href="browser/tor-browser.ftl"/> </linkset> ===================================== browser/base/content/browser.xhtml ===================================== @@ -95,7 +95,7 @@ <link rel="localization" href="toolkit/branding/brandings.ftl"/> <link rel="localization" href="toolkit/global/textActions.ftl"/> <link rel="localization" href="toolkit/printing/printUI.ftl"/> - <link rel="localization" href="browser/base-browser.ftl"/> + <link rel="localization" href="toolkit/global/base-browser.ftl"/> <link rel="localization" href="browser/tor-browser.ftl"/>  <link rel="localization" href="preview/firefoxSuggest.ftl" /> ===================================== browser/components/newidentity/content/newIdentityDialog.xhtml ===================================== @@ -22,7 +22,7 @@ <dialog id="newIdentityDialog" buttons="accept,cancel" defaultButton="accept"> <linkset> <html:link rel="localization" href="branding/brand.ftl" /> - <html:link rel="localization" href="browser/base-browser.ftl" /> + <html:link rel="localization" href="toolkit/global/base-browser.ftl" /> </linkset> <div xmlns="http://www.w3.org/1999/xhtml"> ===================================== browser/components/preferences/preferences.xhtml ===================================== @@ -59,7 +59,7 @@ <link rel="localization" href="security/certificates/certManager.ftl"/> <link rel="localization" href="security/certificates/deviceManager.ftl"/> <link rel="localization" href="toolkit/updates/history.ftl"/> - <link rel="localization" href="browser/base-browser.ftl"/> + <link rel="localization" href="toolkit/global/base-browser.ftl"/> <link rel="localization" href="browser/tor-browser.ftl"/> <link rel="shortcut icon" href="chrome://global/skin/icons/settings.svg"/> ===================================== browser/locales/jar.mn ===================================== @@ -14,7 +14,6 @@ preview/firefoxSuggest.ftl (../components/urlbar/content/firefoxSuggest.ftl) preview/identityCredentialNotification.ftl (../components/credentialmanager/identityCredentialNotification.ftl) preview/stripOnShare.ftl (../components/urlbar/content/stripOnShare.ftl) - preview/base-browser-no-translate.ftl (../locales-preview/base-browser-no-translate.ftl) preview/tor-browser-no-translate.ftl (../locales-preview/tor-browser-no-translate.ftl) browser (%browser/**/*.ftl) ===================================== browser/locales-preview/base-browser-no-translate.ftl → toolkit/locales-preview/base-browser-no-translate.ftl ===================================== ===================================== browser/locales/en-US/browser/base-browser.ftl → toolkit/locales/en-US/toolkit/global/base-browser.ftl ===================================== ===================================== toolkit/locales/jar.mn ===================================== @@ -8,6 +8,7 @@ services (%services/**/*.ftl) toolkit (%toolkit/**/*.ftl) locales-preview/aboutTranslations.ftl (../locales-preview/aboutTranslations.ftl) + locales-preview/base-browser-no-translate.ftl (../locales-preview/base-browser-no-translate.ftl) #ifdef MOZ_LAYOUT_DEBUGGER layoutdebug/layoutdebug.ftl (../../layout/tools/layout-debug/ui/content/layoutdebug.ftl) #endif ===================================== toolkit/mozapps/extensions/content/aboutaddons.html ===================================== @@ -35,7 +35,7 @@ <link rel="localization" href="toolkit/about/aboutAddons.ftl" /> <link rel="localization" href="toolkit/about/abuseReports.ftl" /> - <link rel="localization" href="browser/base-browser.ftl" /> + <link rel="localization" href="toolkit/global/base-browser.ftl" />  <script View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/94374b… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/94374b… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 42537 (TB): Move our Fluent files to toolkit.
by Pier Angelo Vendrame (＠pierov) 22 Apr '24

22 Apr '24

Pier Angelo Vendrame pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: fd4f3d0b by Pier Angelo Vendrame at 2024-04-22T19:13:34+02:00 Bug 42537 (TB): Move our Fluent files to toolkit. For tor-browser#42537, we are moving our Fluent files to toolkit, so that they are available also on Android, shall we need them. This needs a couple of changes also on the tor-browser-build side. - - - - - 1 changed file: - projects/firefox/build Changes: ===================================== projects/firefox/build ===================================== @@ -118,7 +118,7 @@ mkdir "$HOME/.mozbuild" ln -s ja ja-JP-mac for lang in $supported_locales; do # Fluent - mv $lang/base-browser.ftl "$l10ncentral/$lang/browser/browser/" + mv $lang/base-browser.ftl "$l10ncentral/$lang/toolkit/toolkit/global/" # Properties (they use a different directory) mv $lang/* "$l10ncentral/$lang/browser/chrome/browser/" done @@ -139,7 +139,7 @@ mkdir "$HOME/.mozbuild" source_lang="ja" fi [% END -%] - mv "$transl_tor_browser/$source_lang/tor-browser.ftl" "$l10ncentral/$lang/browser/browser/" + mv "$transl_tor_browser/$source_lang/tor-browser.ftl" "$l10ncentral/$lang/toolkit/toolkit/global/" mv "$transl_tor_browser/$source_lang/cryptoSafetyPrompt.properties" "$l10ncentral/$lang/browser/chrome/browser/" mv "$transl_tor_browser/$source_lang" "$torbutton_locales/$lang" echo "% locale torbutton $lang %locale/$lang/" >> "$torbutton_jar" View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/f… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/f… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.10.0esr-13.5-1] 3 commits: fixup! Lox integration
by Pier Angelo Vendrame (＠pierov) 22 Apr '24

22 Apr '24

Pier Angelo Vendrame pushed to branch tor-browser-115.10.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 303a1239 by Henry Wilkes at 2024-04-22T17:35:39+01:00 fixup! Lox integration Bug 42476: Drop unnecessary #window property. - - - - - 45f5e2d9 by Henry Wilkes at 2024-04-22T17:35:39+01:00 fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection Bug 42476: Disable the Lox module for the stable release. - - - - - 94374ba5 by Henry Wilkes at 2024-04-22T18:01:19+01:00 fixup! Lox integration Bug 42476: Disable the Lox module for the stable release. - - - - - 3 changed files: - browser/components/torpreferences/content/connectionPane.js - browser/components/torpreferences/content/provideBridgeDialog.js - toolkit/components/lox/Lox.sys.mjs Changes: ===================================== browser/components/torpreferences/content/connectionPane.js ===================================== @@ -1284,6 +1284,11 @@ const gLoxStatus = { * Initialize the bridge pass area. */ init() { + if (!Lox.enabled) { + // Area should remain inactive and hidden. + return; + } + this._area = document.getElementById("tor-bridges-lox-status"); this._detailsArea = document.getElementById("tor-bridges-lox-details"); this._nextUnlockCounterEl = document.getElementById( @@ -1333,6 +1338,10 @@ const gLoxStatus = { * Uninitialize the built-in bridges area. */ uninit() { + if (!Lox.enabled) { + return; + } + Services.obs.removeObserver(this, TorSettingsTopics.SettingsChanged); Services.obs.removeObserver(this, LoxTopics.UpdateActiveLoxId); Services.obs.removeObserver(this, LoxTopics.UpdateEvents); ===================================== browser/components/torpreferences/content/provideBridgeDialog.js ===================================== @@ -72,8 +72,7 @@ const gProvideBridgeDialog = { document.l10n.setAttributes(document.documentElement, titleId); - // TODO: Make conditional on Lox being enabled. - this._allowLoxInvite = mode !== "edit"; // && Lox.enabled + this._allowLoxInvite = mode !== "edit" && Lox.enabled; document.l10n.setAttributes( document.getElementById("user-provide-bridge-textarea-label"), @@ -403,33 +402,39 @@ const gProvideBridgeDialog = { return null; } - let loxInvite = null; - for (let line of this._textarea.value.split(/\r?\n/)) { - line = line.trim(); - if (!line) { - continue; - } - // TODO: Once we have a Lox invite encoding, distinguish between a valid - // invite and something that looks like it should be an invite. - const isLoxInvite = Lox.validateInvitation(line); - if (isLoxInvite) { - if (!this._allowLoxInvite) { - this.updateError({ type: "not-allowed-invite" }); - return null; + // Only check if this looks like a Lox invite when the Lox module is + // enabled. + if (Lox.enabled) { + let loxInvite = null; + for (let line of this._textarea.value.split(/\r?\n/)) { + line = line.trim(); + if (!line) { + continue; } - if (loxInvite) { - this.updateError({ type: "multiple-invites" }); + // TODO: Once we have a Lox invite encoding, distinguish between a valid + // invite and something that looks like it should be an invite. + const isLoxInvite = Lox.validateInvitation(line); + if (isLoxInvite) { + if (!this._allowLoxInvite) { + // Lox is enabled, but not allowed invites when editing bridge + // addresses. + this.updateError({ type: "not-allowed-invite" }); + return null; + } + if (loxInvite) { + this.updateError({ type: "multiple-invites" }); + return null; + } + loxInvite = line; + } else if (loxInvite) { + this.updateError({ type: "mixed" }); return null; } - loxInvite = line; - } else if (loxInvite) { - this.updateError({ type: "mixed" }); - return null; } - } - if (loxInvite) { - return { loxInvite }; + if (loxInvite) { + return { loxInvite }; + } } const validation = validateBridgeLines(this._textarea.value); ===================================== toolkit/components/lox/Lox.sys.mjs ===================================== @@ -1,4 +1,5 @@ import { XPCOMUtils } from "resource://gre/modules/XPCOMUtils.sys.mjs"; +import { AppConstants } from "resource://gre/modules/AppConstants.sys.mjs"; import { clearInterval, setInterval, @@ -103,8 +104,24 @@ export class LoxError extends Error { } class LoxImpl { + /** + * Whether the Lox module has completed initialization. + * + * @type {boolean} + */ #initialized = false; - #window = null; + + /** + * Whether the Lox module is enabled for this Tor Browser instance. + * + * @type {boolean} + */ + #enabled = AppConstants.MOZ_UPDATE_CHANNEL !== "release"; + + get enabled() { + return this.#enabled; + } + #pubKeyPromise = null; #encTablePromise = null; #constantsPromise = null; @@ -218,13 +235,14 @@ class LoxImpl { * Assert that the module is initialized. */ #assertInitialized() { - if (!this.#initialized) { + if (!this.enabled || !this.#initialized) { throw new LoxError("Not initialized"); } } get #inuse() { return ( + this.enabled && Boolean(this.#activeLoxId) && lazy.TorSettings.bridges.enabled === true && lazy.TorSettings.bridges.source === lazy.TorBridgeSource.Lox @@ -532,16 +550,20 @@ class LoxImpl { } async init() { + if (!this.enabled) { + lazy.logger.info( + "Skipping initialization since Lox module is not enabled" + ); + return; + } // If lox_id is set, load it Services.obs.addObserver(this, lazy.TorSettingsTopics.SettingsChanged); Services.obs.addObserver(this, lazy.TorSettingsTopics.Ready); // Hack to make the generated wasm happy - this.#window = { - crypto, - }; - this.#window.window = this.#window; - await lazy.init(this.#window); + const win = { crypto }; + win.window = win; + await lazy.init(win); lazy.set_panic_hook(); if (typeof lazy.open_invite !== "function") { throw new LoxError("Initialization failed"); @@ -551,6 +573,9 @@ class LoxImpl { } async uninit() { + if (!this.enabled) { + return; + } Services.obs.removeObserver(this, lazy.TorSettingsTopics.SettingsChanged); Services.obs.removeObserver(this, lazy.TorSettingsTopics.Ready); if (this.#domainFrontedRequests !== null) { @@ -561,7 +586,6 @@ class LoxImpl { this.#domainFrontedRequests = null; } this.#initialized = false; - this.#window = null; this.#invites = []; this.#pubKeys = null; this.#encTable = null; View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/07ec58… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/07ec58… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] 3 commits: Bug 41112: Fix indentation of projects/browser/RelativeLink/start-browser
by boklm (＠boklm) 22 Apr '24

22 Apr '24

boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: ac2bba26 by Nicolas Vigier at 2024-04-22T18:22:06+02:00 Bug 41112: Fix indentation of projects/browser/RelativeLink/start-browser - - - - - 9b42ad01 by Nicolas Vigier at 2024-04-22T18:22:08+02:00 Bug 41083: Add more spaces to projects/browser/config - - - - - c93586fc by Nicolas Vigier at 2024-04-22T18:22:11+02:00 Bug 41083: Make a deb package for Mullvad Browser - - - - - 17 changed files: - projects/browser/RelativeLink/start-browser - projects/browser/config - + projects/linux-packages/Makefile.in - + projects/linux-packages/build - + projects/linux-packages/config - + projects/linux-packages/debian/browser.desktop.in - + projects/linux-packages/debian/changelog.in - + projects/linux-packages/debian/compat - + projects/linux-packages/debian/control.in - + projects/linux-packages/debian/copyright.in - + projects/linux-packages/debian/docs.in - + projects/linux-packages/debian/install.in - + projects/linux-packages/debian/links.in - + projects/linux-packages/debian/rules - projects/release/build - projects/release/config - rbm Changes: ===================================== projects/browser/RelativeLink/start-browser ===================================== @@ -9,9 +9,9 @@ complain_dialog_title="[% c('var/Project_Name') %]" # Make sure this script wasn't started as 'sh start-[% c('var/project-name') %]' or similar. if [ "x$BASH" = "x" ]; then - echo "$complain_dialog_title should be started as './start-[% c('var/project-name') %]'" - echo "Exiting." >&2 - exit 1; + echo "$complain_dialog_title should be started as './start-[% c('var/project-name') %]'" + echo "Exiting." >&2 + exit 1; fi # Do not (try to) connect to the session manager @@ -21,84 +21,86 @@ unset SESSION_MANAGER # Usage: complain message # message must not begin with a dash. complain () { - # Trim leading newlines, to avoid breaking formatting in some dialogs. - complain_message="`echo "$1" | sed '/./,$!d'`" - - # If we're being run in debug/verbose mode, complain to stderr. - if [ "$show_output" -eq 1 ]; then - echo "$complain_message" >&2 - return - fi - - # Otherwise, we're being run by a GUI program of some sort; - # try to pop up a message in the GUI in the nicest way - # possible. - # - # In mksh, non-existent commands return 127; I'll assume all - # other shells set the same exit code if they can't run a - # command. (xmessage returns 1 if the user clicks the WM - # close button, so we do need to look at the exact exit code, - # not just assume the command failed to display a message if - # it returns non-zero.) - - # First, try zenity. - zenity --error \ - --title="$complain_dialog_title" \ - --text="$complain_message" - if [ "$?" -ne 127 ]; then - return - fi - - # Try kdialog. - kdialog --title "$complain_dialog_title" \ - --error "$complain_message" - if [ "$?" -ne 127 ]; then - return - fi - - # Try xmessage. - xmessage -title "$complain_dialog_title" \ - -center \ - -buttons OK \ - -default OK \ - -xrm '*message.scrollVertical: Never' \ - "$complain_message" - if [ "$?" -ne 127 ]; then - return - fi - - # Try gxmessage. This one isn't installed by default on - # Debian with the default GNOME installation, so it seems to - # be the least likely program to have available, but it might - # be used by one of the 'lightweight' Gtk-based desktop - # environments. - gxmessage -title "$complain_dialog_title" \ - -center \ - -buttons GTK_STOCK_OK \ - -default OK \ - "$complain_message" - if [ "$?" -ne 127 ]; then - return - fi + # Trim leading newlines, to avoid breaking formatting in some dialogs. + complain_message="`echo "$1" | sed '/./,$!d'`" + + # If we're being run in debug/verbose mode, complain to stderr. + if [ "$show_output" -eq 1 ]; then + echo "$complain_message" >&2 + return + fi + + # Otherwise, we're being run by a GUI program of some sort; + # try to pop up a message in the GUI in the nicest way + # possible. + # + # In mksh, non-existent commands return 127; I'll assume all + # other shells set the same exit code if they can't run a + # command. (xmessage returns 1 if the user clicks the WM + # close button, so we do need to look at the exact exit code, + # not just assume the command failed to display a message if + # it returns non-zero.) + + # First, try zenity. + zenity --error \ + --title="$complain_dialog_title" \ + --text="$complain_message" + if [ "$?" -ne 127 ]; then + return + fi + + # Try kdialog. + kdialog --title "$complain_dialog_title" \ + --error "$complain_message" + if [ "$?" -ne 127 ]; then + return + fi + + # Try xmessage. + xmessage -title "$complain_dialog_title" \ + -center \ + -buttons OK \ + -default OK \ + -xrm '*message.scrollVertical: Never' \ + "$complain_message" + if [ "$?" -ne 127 ]; then + return + fi + + # Try gxmessage. This one isn't installed by default on + # Debian with the default GNOME installation, so it seems to + # be the least likely program to have available, but it might + # be used by one of the 'lightweight' Gtk-based desktop + # environments. + gxmessage -title "$complain_dialog_title" \ + -center \ + -buttons GTK_STOCK_OK \ + -default OK \ + "$complain_message" + if [ "$?" -ne 127 ]; then + return + fi } if [ "`id -u`" -eq 0 ]; then - complain "The [% c('var/Project_Name') %] should not be run as root. Exiting." - exit 1 + complain "The [% c('var/Project_Name') %] should not be run as root. Exiting." + exit 1 fi if test -r /proc/cpuinfo && ! grep -q '^flags\s*:.* sse2' /proc/cpuinfo; then - complain "[% c('var/Project_Name') %] requires a CPU with SSE2 support. Exiting." - exit 1 + complain "[% c('var/Project_Name') %] requires a CPU with SSE2 support. Exiting." + exit 1 fi print_usage () { - printf "\n[% c('var/Project_Name') %] Script Options\n" - printf " --verbose Display [% IF c("var/tor-browser") -%]Tor and [% END -%]the browser output in the terminal\n" - printf " --log [file] Record [% IF c("var/tor-browser") -%]Tor and [% END -%]the browser output in file (default: [% c('var/project-name') %].log)\n" - printf " --detach Detach from terminal and run [% c('var/Project_Name') %] in the background.\n" + printf "\n[% c('var/Project_Name') %] Script Options\n" + printf " --verbose Display [% IF c("var/tor-browser") -%]Tor and [% END -%]the browser output in the terminal\n" + printf " --log [file] Record [% IF c("var/tor-browser") -%]Tor and [% END -%]the browser output in file (default: [% c('var/project-name') %].log)\n" + printf " --detach Detach from terminal and run [% c('var/Project_Name') %] in the background.\n" + if test -z "$system_install"; then printf " --register-app Register [% c('var/Project_Name') %] as a desktop app for this user\n" printf " --unregister-app Unregister [% c('var/Project_Name') %] as a desktop app for this user\n" + fi } log_output=0 show_output=0 @@ -108,116 +110,122 @@ register_desktop_app=0 logfile=/dev/null while : do - case "$1" in - --detach) - detach=1 - shift - ;; - -v | --verbose | -d | --debug) - show_output=1 - verbose_arg="$2" - shift - ;; - -h | "-?" | --help | -help) - show_usage=1 - show_output=1 - shift - ;; - -l | --log) - if [ -z "$2" -o "${2:0:1}" == "-" ]; then - printf "Logging [% c('var/Project_Name') %] debug information to [% c('var/project-name') %].log\n" - logfile="../[% c('var/project-name') %].log" - elif [ "${2:0:1}" == "/" -o "${2:0:1}" == "~" ]; then - printf "Logging [% c('var/Project_Name') %] debug information to %s\n" "$2" - logfile="$2" - shift - else - printf "Logging [% c('var/Project_Name') %] debug information to %s\n" "$2" - logfile="../$2" - shift - fi - log_output=1 - shift - ;; - --register-app) - register_desktop_app=1 - show_output=1 - shift - ;; - --unregister-app) - register_desktop_app=-1 - show_output=1 - shift - ;; - *) # No more options - break - ;; - esac + case "$1" in + --detach) + detach=1 + shift + ;; + -v | --verbose | -d | --debug) + show_output=1 + verbose_arg="$2" + shift + ;; + -h | "-?" | --help | -help) + show_usage=1 + show_output=1 + shift + ;; + -l | --log) + if [ -z "$2" -o "${2:0:1}" == "-" ]; then + printf "Logging [% c('var/Project_Name') %] debug information to [% c('var/project-name') %].log\n" + logfile="../[% c('var/project-name') %].log" + elif [ "${2:0:1}" == "/" -o "${2:0:1}" == "~" ]; then + printf "Logging [% c('var/Project_Name') %] debug information to %s\n" "$2" + logfile="$2" + shift + else + printf "Logging [% c('var/Project_Name') %] debug information to %s\n" "$2" + logfile="../$2" + shift + fi + log_output=1 + shift + ;; + --register-app) + register_desktop_app=1 + show_output=1 + shift + ;; + --unregister-app) + register_desktop_app=-1 + show_output=1 + shift + ;; + *) # No more options + break + ;; + esac done # We can't detach and show output at the same time.. if [ "$show_output" -eq 1 -a "$detach" -eq 1 ]; then - detach=0 + detach=0 fi if [ "$show_output" -eq 0 ]; then - # If the user hasn't requested 'debug mode' or --help, close stdout and stderr, - # to keep Firefox and the stuff loaded by/for it (including the - # system's shared-library loader) from printing messages to - # $HOME/.xsession-errors or other files. (Users wouldn't have seen - # messages there anyway.) - exec > "$logfile" - exec 2> "$logfile" + # If the user hasn't requested 'debug mode' or --help, close stdout and stderr, + # to keep Firefox and the stuff loaded by/for it (including the + # system's shared-library loader) from printing messages to + # $HOME/.xsession-errors or other files. (Users wouldn't have seen + # messages there anyway.) + exec > "$logfile" + exec 2> "$logfile" fi # If XAUTHORITY is unset, set it to its default value of $HOME/.Xauthority # before we change HOME below. (See xauth(1) and #1945.) XDM and KDM rely # on applications using this default value. if [ -z "$XAUTHORITY" ]; then - XAUTHORITY=~/.Xauthority - export XAUTHORITY + XAUTHORITY=~/.Xauthority + export XAUTHORITY fi # If this script is being run through a symlink, we need to know where # in the filesystem the script itself is, not where the symlink is. myname="$0" if [ -L "$myname" ]; then - # XXX readlink is not POSIX, but is present in GNU coreutils - # and on FreeBSD. Unfortunately, the -f option (which follows - # a whole chain of symlinks until it reaches a non-symlink - # path name) is a GNUism, so we have to have a fallback for - # FreeBSD. Fortunately, FreeBSD has realpath instead; - # unfortunately, that's also non-POSIX and is not present in - # GNU coreutils. - # - # If this launcher were a C program, we could just use the - # realpath function, which *is* POSIX. Too bad POSIX didn't - # make that function accessible to shell scripts. - - # If realpath is available, use it; it Does The Right Thing. - possibly_my_real_name="`realpath "$myname" 2>/dev/null`" - if [ "$?" -eq 0 ]; then - myname="$possibly_my_real_name" - else - # realpath is not available; hopefully readlink -f works. - myname="`readlink -f "$myname" 2>/dev/null`" - if [ "$?" -ne 0 ]; then - # Ugh. - complain "start-[% c('var/project-name') %] cannot be run using a symlink on this operating system." - fi - fi + # XXX readlink is not POSIX, but is present in GNU coreutils + # and on FreeBSD. Unfortunately, the -f option (which follows + # a whole chain of symlinks until it reaches a non-symlink + # path name) is a GNUism, so we have to have a fallback for + # FreeBSD. Fortunately, FreeBSD has realpath instead; + # unfortunately, that's also non-POSIX and is not present in + # GNU coreutils. + # + # If this launcher were a C program, we could just use the + # realpath function, which *is* POSIX. Too bad POSIX didn't + # make that function accessible to shell scripts. + + # If realpath is available, use it; it Does The Right Thing. + possibly_my_real_name="`realpath "$myname" 2>/dev/null`" + if [ "$?" -eq 0 ]; then + myname="$possibly_my_real_name" + else + # realpath is not available; hopefully readlink -f works. + myname="`readlink -f "$myname" 2>/dev/null`" + if [ "$?" -ne 0 ]; then + # Ugh. + complain "start-[% c('var/project-name') %] cannot be run using a symlink on this operating system." + fi + fi fi -# Try to be agnostic to where we're being started from, chdir to where -# the script is. -mydir="`dirname "$myname"`" -test -d "$mydir" && cd "$mydir" +cd "$(dirname "$myname")" +browser_dir="$(pwd)" +if test -f "$browser_dir/is-packaged-app"; then + system_install=1 + browser_home="$HOME/.[% pc('linux-packages', 'var/system_pkg/pkg_name') %]" + mkdir -p "$browser_home" + cd "$browser_home" +else + browser_home="$browser_dir" +fi # If ${PWD} results in a zero length string, we can try something else... if [ ! "${PWD}" ]; then - # "hacking around some braindamage" - PWD="`pwd`" - surveysays="This system has a messed up shell.\n" + # "hacking around some braindamage" + PWD="`pwd`" + surveysays="This system has a messed up shell.\n" fi # This is a fix for an ibus issue on some Linux systems. See #9353 for more @@ -227,46 +235,48 @@ if [ ! -d ".config/ibus" ]; then ln -nsf ~/.config/ibus/bus .config/ibus fi -# Fix up .desktop Icon and Exec Paths, and update the .desktop file from the -# canonical version if it was changed by the updater. -cp start-[% c('var/project-name') %].desktop ../ -sed -i -e "s,^Name=.*,Name=[% c('var/Project_Name') %],g" ../start-[% c('var/project-name') %].desktop -sed -i -e "s,^Icon=.*,Icon=$PWD/browser/chrome/icons/default/default128.png,g" ../start-[% c('var/project-name') %].desktop -sed -i -e "s,^Icon=.*,Icon=$PWD/browser/chrome/icons/default/default128.png,g" start-[% c('var/project-name') %].desktop -sed -i -e "s,^Exec=.*,Exec=sh -c '\"$PWD/start-[% c('var/project-name') %]\" --detach || ([ ! -x \"$PWD/start-[% c('var/project-name') %]\" ] \&\& \"\$(dirname \"\$*\")\"/Browser/start-[% c('var/project-name') %] --detach)' dummy %k,g" ../start-[% c('var/project-name') %].desktop - -if [ "$register_desktop_app" -eq 1 ]; then - mkdir -p "$HOME/.local/share/applications/" - cp ../start-[% c('var/project-name') %].desktop "$HOME/.local/share/applications/" - update-desktop-database "$HOME/.local/share/applications/" - printf "[% c('var/Project_Name') %] has been registered as a desktop app for this user in ~/.local/share/applications/\n" - exit 0 -fi - -if [ "$register_desktop_app" -eq -1 ]; then - if [ -e "$HOME/.local/share/applications/start-[% c('var/project-name') %].desktop" ]; then - rm -f "$HOME/.local/share/applications/start-[% c('var/project-name') %].desktop" - update-desktop-database "$HOME/.local/share/applications/" - printf "[% c('var/Project_Name') %] has been removed as a user desktop app (from ~/.local/share/applications/)\n" - else - printf "[% c('var/Project_Name') %] does not appear to be a desktop app (not present in ~/.local/share/applications/)\n" - fi - exit 0 +if test -z "$system_install"; then + # Fix up .desktop Icon and Exec Paths, and update the .desktop file from the + # canonical version if it was changed by the updater. + cp start-[% c('var/project-name') %].desktop ../ + sed -i -e "s,^Name=.*,Name=[% c('var/Project_Name') %],g" ../start-[% c('var/project-name') %].desktop + sed -i -e "s,^Icon=.*,Icon=$PWD/browser/chrome/icons/default/default128.png,g" ../start-[% c('var/project-name') %].desktop + sed -i -e "s,^Icon=.*,Icon=$PWD/browser/chrome/icons/default/default128.png,g" start-[% c('var/project-name') %].desktop + sed -i -e "s,^Exec=.*,Exec=sh -c '\"$PWD/start-[% c('var/project-name') %]\" --detach || ([ ! -x \"$PWD/start-[% c('var/project-name') %]\" ] \&\& \"\$(dirname \"\$*\")\"/Browser/start-[% c('var/project-name') %] --detach)' dummy %k,g" ../start-[% c('var/project-name') %].desktop + + if [ "$register_desktop_app" -eq 1 ]; then + mkdir -p "$HOME/.local/share/applications/" + cp ../start-[% c('var/project-name') %].desktop "$HOME/.local/share/applications/" + update-desktop-database "$HOME/.local/share/applications/" + printf "[% c('var/Project_Name') %] has been registered as a desktop app for this user in ~/.local/share/applications/\n" + exit 0 + fi + + if [ "$register_desktop_app" -eq -1 ]; then + if [ -e "$HOME/.local/share/applications/start-[% c('var/project-name') %].desktop" ]; then + rm -f "$HOME/.local/share/applications/start-[% c('var/project-name') %].desktop" + update-desktop-database "$HOME/.local/share/applications/" + printf "[% c('var/Project_Name') %] has been removed as a user desktop app (from ~/.local/share/applications/)\n" + else + printf "[% c('var/Project_Name') %] does not appear to be a desktop app (not present in ~/.local/share/applications/)\n" + fi + exit 0 + fi fi export BB_ORIGINAL_HOME="$HOME" -HOME="${PWD}" +HOME="$browser_home" export HOME # Prevent disk leaks in $HOME/.local/share (tor-browser#17560) function erase_leaky() { - local leaky="$1" - [ -e "$leaky" ] && - ( srm -r "$leaky" || - wipe -r "$leaky" || - find "$leaky" -type f -exec shred -u {} \; ; - rm -rf "$leaky" - ) > /dev/null 2>&1 + local leaky="$1" + [ -e "$leaky" ] && + ( srm -r "$leaky" || + wipe -r "$leaky" || + find "$leaky" -type f -exec shred -u {} \; ; + rm -rf "$leaky" + ) > /dev/null 2>&1 } local_dir="$HOME/.local/" share_dir="$local_dir/share" @@ -275,14 +285,14 @@ share_dir="$local_dir/share" # We're not using realpath/readlink for consistency with the (possibly # outdated) availability assumptions made elsewhere in this script. if ! [ -L "$local_dir" -o -L "$share_dir" ]; then - if [ -d "$share_dir" ]; then - for leaky_path in "gvfs-metadata" "recently-used.xbel"; do - erase_leaky "$share_dir/$leaky_path" - done - else - mkdir -p "$local_dir" - fi - ln -fs /dev/null "$share_dir" + if [ -d "$share_dir" ]; then + for leaky_path in "gvfs-metadata" "recently-used.xbel"; do + erase_leaky "$share_dir/$leaky_path" + done + else + mkdir -p "$local_dir" + fi + ln -fs /dev/null "$share_dir" fi [ -L "$HOME/.cache" ] || erase_leaky "$HOME/.cache/nvidia" @@ -291,8 +301,8 @@ SYSARCHITECTURE=$(getconf LONG_BIT) TORARCHITECTURE=$(expr "$(file TorBrowser/Tor/tor)" : '.*ELF $[[:digit:]]*$') if [ $SYSARCHITECTURE -ne $TORARCHITECTURE ]; then - complain "Wrong architecture? 32-bit vs. 64-bit." - exit 1 + complain "Wrong architecture? 32-bit vs. 64-bit." + exit 1 fi [% END -%] @@ -305,27 +315,27 @@ export ASAN_OPTIONS [% IF c("var/tor-browser") -%] function setControlPortPasswd() { - local ctrlPasswd=$1 - - if test -z "$ctrlPasswd" -o "$ctrlPasswd" = $'\"secret\"' ; then - unset TOR_CONTROL_PASSWD - return - fi - - if test "${ctrlPasswd:0:1}" = $'\"'; then # First 2 chars were '" - printf "Using system Tor process.\n" - export TOR_CONTROL_PASSWD - else - complain "There seems to have been a quoting problem with your \ + local ctrlPasswd=$1 + + if test -z "$ctrlPasswd" -o "$ctrlPasswd" = $'\"secret\"' ; then + unset TOR_CONTROL_PASSWD + return + fi + + if test "${ctrlPasswd:0:1}" = $'\"'; then # First 2 chars were '" + printf "Using system Tor process.\n" + export TOR_CONTROL_PASSWD + else + complain "There seems to have been a quoting problem with your \ TOR_CONTROL_PASSWD environment variable." - echo "The Tor ControlPort password should be given inside double" - echo "quotes, inside single quotes. That is, if the ControlPort" - echo 'password is “secret” (without curly quotes) then we must' - echo "start this script after setting the environment variable" - echo "exactly like this:" - echo - echo " \$ TOR_CONTROL_PASSWD='\"secret\"' $myname" - fi + echo "The Tor ControlPort password should be given inside double" + echo "quotes, inside single quotes. That is, if the ControlPort" + echo 'password is “secret” (without curly quotes) then we must' + echo "start this script after setting the environment variable" + echo "exactly like this:" + echo + echo " \$ TOR_CONTROL_PASSWD='\"secret\"' $myname" + fi } # Using a system-installed Tor process with Tor Browser: @@ -367,7 +377,7 @@ setControlPortPasswd ${TOR_CONTROL_PASSWD:='"secret"'} [% END -%] # Set up custom bundled fonts. See fonts-conf(5). -export FONTCONFIG_PATH="${HOME}/fontconfig" +export FONTCONFIG_PATH="$browser_dir/fontconfig" export FONTCONFIG_FILE="fonts.conf" [% # tor-browser#41776: We cannot make the updater remove this file. # So, let's remove it on this script, since we know that at this point the @@ -397,19 +407,19 @@ cd "${HOME}" # prevent from mixing up with them). if [ "$show_usage" -eq 1 ]; then - # Display Firefox help, then our help - [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] ./[% c('var/exe_name') %] --help 2>/dev/null - print_usage + # Display Firefox help, then our help + [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] "$browser_dir"/[% c('var/exe_name') %] --help 2>/dev/null + print_usage elif [ "$detach" -eq 1 ] ; then - [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] ./[% c('var/exe_name') %] "${@}" > "$logfile" 2>&1 </dev/null & - disown "$!" + [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] "$browser_dir"/[% c('var/exe_name') %] "${@}" > "$logfile" 2>&1 </dev/null & + disown "$!" elif [ "$log_output" -eq 1 -a "$show_output" -eq 1 ]; then - [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] ./[% c('var/exe_name') %] "${@}" 2>&1 </dev/null | \ - tee "$logfile" + [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] "$browser_dir"/[% c('var/exe_name') %] "${@}" 2>&1 </dev/null | \ + tee "$logfile" elif [ "$show_output" -eq 1 ]; then - [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] ./[% c('var/exe_name') %] "${@}" < /dev/null + [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] "$browser_dir"/[% c('var/exe_name') %] "${@}" < /dev/null else - [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] ./[% c('var/exe_name') %] "${@}" > "$logfile" 2>&1 </dev/null + [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] "$browser_dir"/[% c('var/exe_name') %] "${@}" > "$logfile" 2>&1 </dev/null fi exit $? ===================================== projects/browser/config ===================================== @@ -14,7 +14,9 @@ var: mar_osname: '[% c("var/osname") %]' version_json: version.json + targets: + linux: var: arch_deps: @@ -23,6 +25,7 @@ targets: # share the container to reduce space used. - libc6-i386 pt_path: ./TorBrowser/Tor/PluggableTransports/ + macos: var: arch_deps: @@ -32,14 +35,17 @@ targets: - python3-distutils-extra - python3-psutil pt_path: PluggableTransports/ + macos-universal: var: mar_osname: macos + windows: var: arch_deps: - python3-pefile pt_path: TorBrowser\Tor\PluggableTransports\ + android: build: '[% INCLUDE build.android %]' var: @@ -53,17 +59,21 @@ targets: # apksigner. suite: bookworm arch: amd64 + torbrowser: var: prefs_file: 000-tor-browser.js version_json: tbb_version.json + basebrowser: var: prefs_file: 001-base-profile.js + mullvadbrowser: var: prefs_file: 001-base-profile.js + input_files: - project: container-image - project: firefox ===================================== projects/linux-packages/Makefile.in ===================================== @@ -0,0 +1,7 @@ +build: + rm -f "${DEB_TARGET_ARCH}/Browser/start-[% c('var/project-name') %].desktop" + echo 'This is a packaged app.' > "${DEB_TARGET_ARCH}/Browser/is-packaged-app" + [% c("touch") %] "${DEB_TARGET_ARCH}/Browser/is-packaged-app" + +clean: + rm -f "${DEB_TARGET_ARCH}/Browser/is-packaged-app" ===================================== projects/linux-packages/build ===================================== @@ -0,0 +1,55 @@ +#!/bin/bash +[% c("var/set_default_env") -%] +distdir=/var/tmp/dist/[% project %] + +OUTDIR='[% dest_dir _ "/" _ c("filename") %]' +mkdir -p $OUTDIR +mkdir -p "$distdir" + +export SOURCE_DATE_EPOCH='[% c("timestamp") %]' + +[% IF c("var/build_deb_pkg") -%] + cd $distdir + project_dir=[% c("var/system_pkg/pkg_name") %]-[% c("var/system_pkg/pkg_version") %] + mkdir "$project_dir" + mv $rootdir/Makefile "$project_dir" + [% c('tar', { + tar_src => [ '$project_dir' ], + tar_args => '-cJf ' _ c("var/system_pkg/pkg_name") _ '_' _ c("var/system_pkg/pkg_version") _ '.orig.tar.xz', + }) %] + + cd "$project_dir" + mv $rootdir/debian . + chmod +x debian/install debian/docs debian/rules + mkdir debian/source + echo -n '3.0 (quilt)' > debian/source/format + + + function extract_src_tar { + src_tar="$1" + deb_arch="$2" + mkdir $deb_arch + tar -C $deb_arch --strip-components=1 -xf "$src_tar" + mv "$src_tar" \ + ../[% c("var/system_pkg/pkg_name") %]_[% c("var/system_pkg/pkg_version") %].orig-$deb_arch.tar.xz + } + [% IF c("var/browser-linux-x86_64") -%] + extract_src_tar \ + $rootdir/[% c('input_files_by_name/linux-x86_64') %]/[% c("var/project-name") %]-linux-x86_64-[% c("version") %].tar.xz \ + amd64 + [% END -%] + [% IF c("var/browser-linux-i686") -%] + extract_src_tar \ + $rootdir/[% c('input_files_by_name/linux-x86_64') %]/[% c("var/project-name") %]-linux-i686-[% c("version") %].tar.xz \ + i386 + [% END -%] + + [% FOREACH deb_arch = c("var_p/system_pkg/deb_archs") -%] + dpkg-buildpackage --unsigned-source --unsigned-changes --build=full --host-arch=[% deb_arch %] + deb_file_name='[% c("var/system_pkg/pkg_name") %]_[% c("var/system_pkg/pkg_version") %]-[% c("var/system_pkg/pkg_revision") %]_[% deb_arch %].deb' + dpkg-deb --info "../$deb_file_name" + pushd .. + mv -f "$deb_file_name" *.dsc *.orig.tar.xz *.debian.tar.xz "$OUTDIR/" + popd + [% END -%] +[% END %] ===================================== projects/linux-packages/config ===================================== @@ -0,0 +1,157 @@ +# vim: filetype=yaml sw=2 +version: '[% c("var/torbrowser_version") %]' +filename: '[% c("var/project-name") %]-[% c("version") %]-[% c("var/build_id") %]' +timestamp: '[% c("var/browser_release_date_timestamp") %]' +container: + use_container: 1 + +var: + build_deb_pkg: '[% c("var/mullvad-browser") %]' + system_pkg: + install_path: 'usr/lib/[% c("var/system_pkg/pkg_name") %]' + pkg_name: '[% c("var/project-name") %]-[% c("var/channel") %]' + pkg_version: '[% c("var/torbrowser_version") %]-[% c("var/torbrowser_build") %]' + pkg_revision: '1' + pkg_description: '[% c("var/display_name") %]' + deb_release_date: '[% USE date; date.format(c("timestamp"), format = "%a, %d %b %Y 01:02:03 +0000", locale = "en_US") %]' + # Use var_p/system_pkg/deb_archs for the processed list + deb_archs_list: + - '[% IF c("var/browser-linux-x86_64") %]amd64[% END %]' + - '[% IF c("var/browser-linux-i686") %]i386[% END %]' + + arch_deps: + # Packages needed to build the deb package + - dpkg-dev + - debhelper + - dh-exec + # Packages needed to generate dependencies for the deb package + - linux-libc-dev + - libasound2-dev + - libfontconfig1-dev + - libfreetype6-dev + - libgconf2-dev + - libgtk-3-dev + - libpango1.0-dev + - libpulse-dev + - libx11-xcb-dev + - libxt-dev + +targets: + + browser-all: + - browser-linux-x86_64 + - browser-linux-i686 + + browser-all-desktop: browser-all + + browser-linux-x86_64: + var: + browser-linux-x86_64: 1 + browser-linux-i686: + var: + browser-linux-i686: '[% c("var/browser_type") != "mullvadbrowser" %]' + + torbrowser: + var: + browser_type: torbrowser + basebrowser: + var: + browser_type: basebrowser + mullvadbrowser: + var: + browser_type: mullvadbrowser + system_pkg: + pkg_description: 'Mullvad Browser is a privacy-focused web browser designed to minimize tracking and fingerprinting.' + + release: + var: + build_target: release + system_pkg: + pkg_name: '[% c("var/project-name") %]' + nightly: + var: + build_target: nightly + system_pkg: + # debian package version needs to start with a number + pkg_version: '[% pc("firefox", "var/browser_series") %]~[% c("var/torbrowser_version") FILTER remove("tbb-nightly.") %]' + alpha: + var: + build_target: alpha + testbuild: + var: + testbuild: 1 + build_target: '[% c("var/browser_type") %]-testbuild' + + +input_files: + + - project: container-image + + - name: linux-x86_64 + project: browser + enable: '[% c("var/browser-linux-x86_64") %]' + target: + - '[% c("var/build_target") %]' + - '[% c("var/browser_type") %]-linux-x86_64' + + - name: linux-i686 + project: browser + enable: '[% c("var/browser-linux-i686") %]' + target: + - '[% c("var/build_target") %]' + - '[% c("var/browser_type") %]-linux-i686' + + - filename: Makefile + content: "[% INCLUDE 'Makefile.in' %]" + refresh_input: 1 + + # Debian Package + - filename: debian/changelog + content: "[% INCLUDE 'debian/changelog.in' %]" + refresh_input: 1 + enable: '[% c("var/build_deb_pkg") %]' + - filename: debian/compat + enable: '[% c("var/build_deb_pkg") %]' + - filename: debian/control + content: "[% INCLUDE 'debian/control.in' %]" + refresh_input: 1 + enable: '[% c("var/build_deb_pkg") %]' + - filename: debian/copyright + content: "[% INCLUDE 'debian/copyright.in' %]" + refresh_input: 1 + enable: '[% c("var/build_deb_pkg") %]' + - filename: debian/install + content: "[% INCLUDE 'debian/install.in' %]" + refresh_input: 1 + enable: '[% c("var/build_deb_pkg") %]' + - filename: debian/docs + content: "[% INCLUDE 'debian/docs.in' %]" + refresh_input: 1 + enable: '[% c("var/build_deb_pkg") %]' + - filename: 'debian/[% c("var/system_pkg/pkg_name") %].desktop' + content: "[% INCLUDE 'debian/browser.desktop.in' %]" + refresh_input: 1 + enable: '[% c("var/build_deb_pkg") %]' + - filename: debian/links + content: "[% INCLUDE 'debian/links.in' %]" + refresh_input: 1 + enable: '[% c("var/build_deb_pkg") %]' + - filename: debian/rules + enable: '[% c("var/build_deb_pkg") %]' + +--- | + # This part of the file contains options written in perl + ( + var_p => { + system_pkg => { + deb_archs => sub { + my ($project, $options) = @_; + my $deb_archs = project_config($project, + 'var/system_pkg/deb_archs_list', $options); + return [ + grep { $_ } map { process_template($project, $_, '.') } @$deb_archs + ]; + }, + }, + }, + ) ===================================== projects/linux-packages/debian/browser.desktop.in ===================================== @@ -0,0 +1,10 @@ +[Desktop Entry] +Type=Application +Name=[% c("var/Project_Name") %] +GenericName=Web Browser +Comment=[% c("var/system_pkg/pkg_description") %] +Categories=Network;WebBrowser;Security; +Exec=/[% c("var/system_pkg/install_path") %]/start-[% c("var/project-name") %] --detach +X-[% c("var/ProjectName") %]-ExecShell=/[% c("var/system_pkg/install_path") %]/start-[% c("var/project-name") %] --detach +Icon=[% c("var/system_pkg/pkg_name") %] +StartupWMClass=[% c("var/display_name") %] ===================================== projects/linux-packages/debian/changelog.in ===================================== @@ -0,0 +1,5 @@ +[% c("var/system_pkg/pkg_name") %] ([% c("var/system_pkg/pkg_version") %]-[% c("var/system_pkg/pkg_revision") %]) UNRELEASED; urgency=medium + + * [% c("var/Project_Name") %] [% c("var/torbrowser_version") %] + + -- [% c("var/Project_Name") %] Developers <torbrowser(a)torproject.org> [% c("var/system_pkg/deb_release_date") %] ===================================== projects/linux-packages/debian/compat ===================================== @@ -0,0 +1 @@ +9 ===================================== projects/linux-packages/debian/control.in ===================================== @@ -0,0 +1,11 @@ +Source: [% c("var/system_pkg/pkg_name") %] +Maintainer: [% c("var/Project_Name") %] Developers <torbrowser(a)torproject.org> +Priority: optional +Section: web +Build-Depends: debhelper (>= 9) + +Package: [% c("var/system_pkg/pkg_name") %] +Architecture: [% c("var_p/system_pkg/deb_archs").join(" ") %] +Depends: ${shlibs:Depends}, +Description: [% c('var/display_name') %] + [% c("var/system_pkg/pkg_description") %] ===================================== projects/linux-packages/debian/copyright.in ===================================== @@ -0,0 +1,10 @@ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Source:: https://gitlab.torproject.org/tpo/applications/tor-browser-build/ +Upstream-Name: [% c("var/Project_Name") %] +Comment: + License for the build recipes and tools used for building [% c("var/Project_Name") %] + can be found at this URL: + https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/blob/mai… + For the license of specific components included in [% c("var/Project_Name") %], see + this directory: + /usr/share/doc/[% c("var/system_pkg/pkg_name") %]/Licenses ===================================== projects/linux-packages/debian/docs.in ===================================== @@ -0,0 +1,3 @@ +#! /usr/bin/dh-exec +${DEB_HOST_ARCH}/Browser/[% c("var/ProjectName") %]/Docs/ChangeLog.txt +${DEB_HOST_ARCH}/Browser/[% c("var/ProjectName") %]/Docs/Licenses/ ===================================== projects/linux-packages/debian/install.in ===================================== @@ -0,0 +1,3 @@ +#! /usr/bin/dh-exec +${DEB_HOST_ARCH}/Browser/* [% c("var/system_pkg/install_path") %] +debian/[% c("var/system_pkg/pkg_name") %].desktop usr/share/applications ===================================== projects/linux-packages/debian/links.in ===================================== @@ -0,0 +1,7 @@ +[% c("var/system_pkg/install_path") %]/start-[% c("var/project-name") %] usr/bin/[% c("var/system_pkg/pkg_name") %] +[% c("var/system_pkg/install_path") %]/browser/chrome/icons/default/default16.png usr/share/icons/hicolor/16x16/apps/[% c("var/system_pkg/pkg_name") %].png +[% c("var/system_pkg/install_path") %]/browser/chrome/icons/default/default32.png usr/share/icons/hicolor/32x32/apps/[% c("var/system_pkg/pkg_name") %].png +[% c("var/system_pkg/install_path") %]/browser/chrome/icons/default/default48.png usr/share/icons/hicolor/48x48/apps/[% c("var/system_pkg/pkg_name") %].png +[% c("var/system_pkg/install_path") %]/browser/chrome/icons/default/default64.png usr/share/icons/hicolor/64x64/apps/[% c("var/system_pkg/pkg_name") %].png +[% c("var/system_pkg/install_path") %]/browser/chrome/icons/default/default128.png usr/share/icons/hicolor/128x128/apps/[% c("var/system_pkg/pkg_name") %].png +[% c("var/system_pkg/install_path") %]/browser/chrome/icons/default/about-logo.svg usr/share/icons/hicolor/scalable/apps/[% c("var/system_pkg/pkg_name") %].svg ===================================== projects/linux-packages/debian/rules ===================================== @@ -0,0 +1,10 @@ +#!/usr/bin/make -f + +%: + dh $@ + +override_dh_strip_nondeterminism: + dh_strip_nondeterminism -Xxpi + +override_dh_shlibdeps: + dh_shlibdeps -Xabicheck ===================================== projects/release/build ===================================== @@ -37,6 +37,9 @@ mkdir -p "$destdir" [% IF c("var/browser-linux-x86_64") -%] mv [% c('input_files_by_name/linux-x86_64') %]/* "$destdir"/ [% END -%] +[% IF c("var/linux-packages") -%] + mv [% c('input_files_by_name/linux-packages') %]/* "$destdir"/ +[% END -%] [% IF c("var/browser-src") -%] mv [% c('input_files_by_name/src-firefox') %] \ "$destdir"/ @@ -59,7 +62,7 @@ EOF # empty any existing sh256sums file echo -n > sha256sums-unsigned-build.txt # concat sha256sum entry for each file in set -for i in $(ls -1 *.exe *.tar.xz *.dmg *.mar *.zip *.tar.gz *.apk *.bspatch *.json | grep -v '\.incremental\.mar$' | sort) +for i in $(ls -1 *.exe *.tar.xz *.dmg *.mar *.zip *.tar.gz *.apk *.bspatch *.json *.deb | grep -v '\.incremental\.mar$' | sort) do sha256sum $i >> sha256sums-unsigned-build.txt done ===================================== projects/release/config ===================================== @@ -47,6 +47,7 @@ targets: browser-linux-x86_64: var: browser-linux-x86_64: 1 + linux-packages: '[% c("var/mullvad-browser") %]' browser-linux-x86_64-asan: var: browser-linux-x86_64: 1 @@ -54,6 +55,7 @@ targets: browser-linux-i686: var: browser-linux-i686: '[% c("var/browser_type") != "mullvadbrowser" %]' + linux-packages: '[% c("var/mullvad-browser") %]' browser-windows-i686: var: browser-windows-i686: '[% c("var/browser_type") != "mullvadbrowser" %]' @@ -186,6 +188,14 @@ input_files: - '[% c("var/build_target") %]' - '[% c("var/browser_type") %]-linux-i686' + - name: linux-packages + project: linux-packages + enable: '[% c("var/linux-packages") %]' + # Add linux-x86_64 targets for container config + target_prepend: + - linux-x86_64 + - linux + - name: windows-i686 project: browser enable: '[% c("var/browser-windows-i686") %]' ===================================== rbm ===================================== @@ -1 +1 @@ -Subproject commit 10c6b24e90e3dc9c2578290a7d82a87b7f4eb9a3 +Subproject commit 05e32169dfad9f3cc3eb6aa3f93d9b7a1690290e View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.10.0esr-13.5-1] 4 commits: fixup! Bug 2176: Rebrand Firefox to TorBrowser
by Pier Angelo Vendrame (＠pierov) 22 Apr '24

22 Apr '24

Pier Angelo Vendrame pushed to branch tor-browser-115.10.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: fd8774a0 by Henry Wilkes at 2024-04-22T17:33:16+01:00 fixup! Bug 2176: Rebrand Firefox to TorBrowser Bug 42538: Move onion icons to toolkit. - - - - - 916196f7 by Henry Wilkes at 2024-04-22T17:33:16+01:00 fixup! Bug 21952: Implement Onion-Location Bug 42538: Move onion icons to toolkit. - - - - - 09294f1b by Henry Wilkes at 2024-04-22T17:33:17+01:00 fixup! Bug 23247: Communicating security expectations for .onion Bug 42538: Move onion icons to toolkit. - - - - - 07ec5817 by Henry Wilkes at 2024-04-22T17:33:17+01:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 42538: Move onion icons to toolkit. - - - - - 8 changed files: - browser/components/onionservices/content/onionlocation.css - browser/themes/shared/identity-block/identity-block.css - browser/themes/shared/jar.inc.mn - toolkit/themes/shared/aboutNetError.css - toolkit/themes/shared/desktop-jar.inc.mn - browser/themes/shared/identity-block/onion-site.svg → toolkit/themes/shared/icons/onion-site.svg - browser/themes/shared/identity-block/onion-slash.svg → toolkit/themes/shared/icons/onion-slash.svg - browser/themes/shared/identity-block/onion-warning.svg → toolkit/themes/shared/icons/onion-warning.svg Changes: ===================================== browser/components/onionservices/content/onionlocation.css ===================================== @@ -1,7 +1,7 @@ /* Copyright (c) 2020, The Tor Project, Inc. */ #onion-location-button { - list-style-image: url(chrome://browser/skin/onion-site.svg); + list-style-image: url(chrome://global/skin/icons/onion-site.svg); -moz-context-properties: fill; fill: currentColor; } ===================================== browser/themes/shared/identity-block/identity-block.css ===================================== @@ -195,14 +195,14 @@ #identity-box[pageproxystate="valid"].onionUnknownIdentity #identity-icon, #identity-box[pageproxystate="valid"].onionVerifiedDomain #identity-icon, #identity-box[pageproxystate="valid"].onionMixedActiveBlocked #identity-icon { - list-style-image: url(chrome://browser/skin/onion-site.svg); + list-style-image: url(chrome://global/skin/icons/onion-site.svg); visibility: visible; } #identity-box[pageproxystate="valid"].onionMixedDisplayContent #identity-icon, #identity-box[pageproxystate="valid"].onionMixedDisplayContentLoadedActiveBlocked #identity-icon, #identity-box[pageproxystate="valid"].onionCertUserOverridden #identity-icon { - list-style-image: url(chrome://browser/skin/onion-warning.svg); + list-style-image: url(chrome://global/skin/icons/onion-warning.svg); visibility: visible; /* onion-warning includes another context-stroke color. Here we want it to * match the context-fill color, which should be currentColor. */ @@ -211,7 +211,7 @@ } #identity-box[pageproxystate="valid"].onionMixedActiveContent #identity-icon { - list-style-image: url(chrome://browser/skin/onion-slash.svg); + list-style-image: url(chrome://global/skin/icons/onion-slash.svg); visibility: visible; } ===================================== browser/themes/shared/jar.inc.mn ===================================== @@ -70,9 +70,6 @@ skin/classic/browser/downloads/progressmeter.css (../shared/downloads/progressmeter.css) skin/classic/browser/drm-icon.svg (../shared/drm-icon.svg) skin/classic/browser/identity-block/identity-block.css (../shared/identity-block/identity-block.css) - skin/classic/browser/onion-site.svg (../shared/identity-block/onion-site.svg) - skin/classic/browser/onion-slash.svg (../shared/identity-block/onion-slash.svg) - skin/classic/browser/onion-warning.svg (../shared/identity-block/onion-warning.svg) skin/classic/browser/permissions.svg (../shared/identity-block/permissions.svg) skin/classic/browser/migration/migration-dialog-window.css (../shared/migration/migration-dialog-window.css) skin/classic/browser/migration/migration-wizard.css (../shared/migration/migration-wizard.css) ===================================== toolkit/themes/shared/aboutNetError.css ===================================== @@ -51,7 +51,7 @@ body.certerror .title { } body.onion-error .title { - background-image: url("chrome://browser/skin/onion-warning.svg"); + background-image: url("chrome://global/skin/icons/onion-warning.svg"); -moz-context-properties: fill, stroke; fill: currentColor; stroke: var(--warning-color); ===================================== toolkit/themes/shared/desktop-jar.inc.mn ===================================== @@ -91,6 +91,9 @@ skin/classic/global/icons/tor-dark-loading.png (../../shared/icons/tor-dark-loading.png) skin/classic/global/icons/tor-dark-loading(a)2x.png (../../shared/icons/tor-dark-loading(a)2x.png) skin/classic/global/icons/more.svg (../../shared/icons/more.svg) + skin/classic/global/icons/onion-site.svg (../../shared/icons/onion-site.svg) + skin/classic/global/icons/onion-slash.svg (../../shared/icons/onion-slash.svg) + skin/classic/global/icons/onion-warning.svg (../../shared/icons/onion-warning.svg) skin/classic/global/icons/open-in-new.svg (../../shared/icons/open-in-new.svg) skin/classic/global/icons/page-portrait.svg (../../shared/icons/page-portrait.svg) skin/classic/global/icons/page-landscape.svg (../../shared/icons/page-landscape.svg) ===================================== browser/themes/shared/identity-block/onion-site.svg → toolkit/themes/shared/icons/onion-site.svg ===================================== ===================================== browser/themes/shared/identity-block/onion-slash.svg → toolkit/themes/shared/icons/onion-slash.svg ===================================== ===================================== browser/themes/shared/identity-block/onion-warning.svg → toolkit/themes/shared/icons/onion-warning.svg ===================================== View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/d98ff1… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/d98ff1… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.10.0esr-13.5-1] fixup! Bug 40926: Implemented the New Identity feature
by ma1 (＠ma1) 22 Apr '24

22 Apr '24

ma1 pushed to branch mullvad-browser-115.10.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser Commits: 04899df2 by hackademix at 2024-04-22T18:27:14+02:00 fixup! Bug 40926: Implemented the New Identity feature Bug 42532: Use the HomePage module for new identity checks. - - - - - 1 changed file: - browser/components/newidentity/content/newidentity.js Changes: ===================================== browser/components/newidentity/content/newidentity.js ===================================== @@ -395,15 +395,12 @@ XPCOMUtils.defineLazyGetter(this, "NewIdentityButton", () => { return new Promise(resolve => { // Open a new window forcing the about:privatebrowsing page (tor-browser#41765) // unless user explicitly overrides this policy (tor-browser #42236) - const homePref = "browser.startup.homepage"; const trustedHomePref = "browser.startup.homepage.new_identity"; - const homeURL = Services.prefs.getStringPref(homePref, ""); - const defaultHomeURL = Services.prefs - .getDefaultBranch("") - .getStringPref(homePref, ""); + const homeURL = HomePage.get(); + const defaultHomeURL = HomePage.getDefault(); const isTrustedHome = homeURL === defaultHomeURL || - homeURL.startsWith("chrome://") || // about:blank and other built-ins + homeURL === "chrome://browser/content/blanktab.html" || // about:blank homeURL === Services.prefs.getStringPref(trustedHomePref, ""); const isCustomHome = Services.prefs.getIntPref("browser.startup.page") === 1; View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/048… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/048… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-115.10.0esr-13.5-1] fixup! Bug 40926: Implemented the New Identity feature
by ma1 (＠ma1) 22 Apr '24

22 Apr '24

ma1 pushed to branch base-browser-115.10.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 5616a8da by hackademix at 2024-04-22T18:26:36+02:00 fixup! Bug 40926: Implemented the New Identity feature Bug 42532: Use the HomePage module for new identity checks. - - - - - 1 changed file: - browser/components/newidentity/content/newidentity.js Changes: ===================================== browser/components/newidentity/content/newidentity.js ===================================== @@ -395,15 +395,12 @@ XPCOMUtils.defineLazyGetter(this, "NewIdentityButton", () => { return new Promise(resolve => { // Open a new window forcing the about:privatebrowsing page (tor-browser#41765) // unless user explicitly overrides this policy (tor-browser #42236) - const homePref = "browser.startup.homepage"; const trustedHomePref = "browser.startup.homepage.new_identity"; - const homeURL = Services.prefs.getStringPref(homePref, ""); - const defaultHomeURL = Services.prefs - .getDefaultBranch("") - .getStringPref(homePref, ""); + const homeURL = HomePage.get(); + const defaultHomeURL = HomePage.getDefault(); const isTrustedHome = homeURL === defaultHomeURL || - homeURL.startsWith("chrome://") || // about:blank and other built-ins + homeURL === "chrome://browser/content/blanktab.html" || // about:blank homeURL === Services.prefs.getStringPref(trustedHomePref, ""); const isCustomHome = Services.prefs.getIntPref("browser.startup.page") === 1; View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/5616a8d… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/5616a8d… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 42535 (TB): Fix Japanese translation paths.
by Pier Angelo Vendrame (＠pierov) 22 Apr '24

22 Apr '24

Pier Angelo Vendrame pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 40425dd2 by Pier Angelo Vendrame at 2024-04-22T17:52:26+02:00 Bug 42535 (TB): Fix Japanese translation paths. When we setup packaged locales, it seemed that Japanese files needed to be in torbutton/locale/ja also for macOS, instead of ja-JP-mac. However, recently we saw that Firefox cannot find brand.ftl in ja, and the legacy files work also in ja-JP-mac. Maybe the initial tests were influenced by some cache. - - - - - 1 changed file: - projects/firefox/build Changes: ===================================== projects/firefox/build ===================================== @@ -133,15 +133,15 @@ mkdir "$HOME/.mozbuild" torbutton_locales="toolkit/torbutton/chrome/locale/" torbutton_jar="toolkit/torbutton/jar.mn" for lang in $supported_locales; do - central_lang=$lang + source_lang=$lang [% IF c("var/macos") -%] if [ "$lang" == "ja-JP-mac" ]; then - lang="ja" + source_lang="ja" fi [% END -%] - mv "$transl_tor_browser/$lang/tor-browser.ftl" "$l10ncentral/$central_lang/browser/browser/" - mv "$transl_tor_browser/$lang/cryptoSafetyPrompt.properties" "$l10ncentral/$central_lang/browser/chrome/browser/" - mv "$transl_tor_browser/$lang" "$torbutton_locales/" + mv "$transl_tor_browser/$source_lang/tor-browser.ftl" "$l10ncentral/$lang/browser/browser/" + mv "$transl_tor_browser/$source_lang/cryptoSafetyPrompt.properties" "$l10ncentral/$lang/browser/chrome/browser/" + mv "$transl_tor_browser/$source_lang" "$torbutton_locales/$lang" echo "% locale torbutton $lang %locale/$lang/" >> "$torbutton_jar" echo " locale/$lang (chrome/locale/$lang/*)" >> "$torbutton_jar" done View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.10.0esr-13.5-1] fixup! Bug 40926: Implemented the New Identity feature
by ma1 (＠ma1) 22 Apr '24

22 Apr '24

ma1 pushed to branch tor-browser-115.10.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: d98ff16e by hackademix at 2024-04-22T17:06:04+02:00 fixup! Bug 40926: Implemented the New Identity feature Bug 42532: Use the HomePage module for new identity checks. - - - - - 1 changed file: - browser/components/newidentity/content/newidentity.js Changes: ===================================== browser/components/newidentity/content/newidentity.js ===================================== @@ -395,15 +395,12 @@ XPCOMUtils.defineLazyGetter(this, "NewIdentityButton", () => { return new Promise(resolve => { // Open a new window forcing the about:privatebrowsing page (tor-browser#41765) // unless user explicitly overrides this policy (tor-browser #42236) - const homePref = "browser.startup.homepage"; const trustedHomePref = "browser.startup.homepage.new_identity"; - const homeURL = Services.prefs.getStringPref(homePref, ""); - const defaultHomeURL = Services.prefs - .getDefaultBranch("") - .getStringPref(homePref, ""); + const homeURL = HomePage.get(); + const defaultHomeURL = HomePage.getDefault(); const isTrustedHome = homeURL === defaultHomeURL || - homeURL.startsWith("chrome://") || // about:blank and other built-ins + homeURL === "chrome://browser/content/blanktab.html" || // about:blank homeURL === Services.prefs.getStringPref(trustedHomePref, ""); const isCustomHome = Services.prefs.getIntPref("browser.startup.page") === 1; View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/d98ff16… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/d98ff16… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.10.0esr-13.5-1] fixup! Bug 9173: Change the default Firefox profile directory to be relative.
by Pier Angelo Vendrame (＠pierov) 22 Apr '24

22 Apr '24

Pier Angelo Vendrame pushed to branch mullvad-browser-115.10.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser Commits: fd7362db by Pier Angelo Vendrame at 2024-04-22T16:37:11+02:00 fixup! Bug 9173: Change the default Firefox profile directory to be relative. Bug 42536: Fix !985 on macOS. - - - - - 1 changed file: - toolkit/xre/nsXREDirProvider.cpp Changes: ===================================== toolkit/xre/nsXREDirProvider.cpp ===================================== @@ -1323,6 +1323,7 @@ nsresult nsXREDirProvider::GetPortableDataDir(nsIFile** aFile, # if defined(XP_MACOSX) // On macOS we try to create the directory immediately to switch to // system-install mode if needed (e.g., when running from the DMG). + bool exists = false; rv = localDir->Exists(&exists); NS_ENSURE_SUCCESS(rv, rv); if (!exists) { View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/fd7… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/fd7… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-115.10.0esr-13.5-1] fixup! Bug 9173: Change the default Firefox profile directory to be relative.
by Pier Angelo Vendrame (＠pierov) 22 Apr '24

22 Apr '24

Pier Angelo Vendrame pushed to branch base-browser-115.10.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: fd04a394 by Pier Angelo Vendrame at 2024-04-22T16:36:35+02:00 fixup! Bug 9173: Change the default Firefox profile directory to be relative. Bug 42536: Fix !985 on macOS. - - - - - 1 changed file: - toolkit/xre/nsXREDirProvider.cpp Changes: ===================================== toolkit/xre/nsXREDirProvider.cpp ===================================== @@ -1323,6 +1323,7 @@ nsresult nsXREDirProvider::GetPortableDataDir(nsIFile** aFile, # if defined(XP_MACOSX) // On macOS we try to create the directory immediately to switch to // system-install mode if needed (e.g., when running from the DMG). + bool exists = false; rv = localDir->Exists(&exists); NS_ENSURE_SUCCESS(rv, rv); if (!exists) { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/fd04a39… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/fd04a39… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.10.0esr-13.5-1] fixup! Bug 9173: Change the default Firefox profile directory to be relative.
by Pier Angelo Vendrame (＠pierov) 22 Apr '24

22 Apr '24

Pier Angelo Vendrame pushed to branch tor-browser-115.10.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 22873387 by Pier Angelo Vendrame at 2024-04-22T09:23:12+02:00 fixup! Bug 9173: Change the default Firefox profile directory to be relative. Bug 42536: Fix !985 on macOS. - - - - - 1 changed file: - toolkit/xre/nsXREDirProvider.cpp Changes: ===================================== toolkit/xre/nsXREDirProvider.cpp ===================================== @@ -1326,6 +1326,7 @@ nsresult nsXREDirProvider::GetPortableDataDir(nsIFile** aFile, # if defined(XP_MACOSX) // On macOS we try to create the directory immediately to switch to // system-install mode if needed (e.g., when running from the DMG). + bool exists = false; rv = localDir->Exists(&exists); NS_ENSURE_SUCCESS(rv, rv); if (!exists) { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/2287338… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/2287338… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.10.0esr-13.5-1] 2 commits: fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in...
by Pier Angelo Vendrame (＠pierov) 22 Apr '24

22 Apr '24

Pier Angelo Vendrame pushed to branch tor-browser-115.10.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: a9c02248 by Henry Wilkes at 2024-04-22T07:22:05+00:00 fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection Bug 42533: Only update the internal loxId *after* the Lox.activeLoxId has changed. In particular, we want to ensure that the data associated with the new loxId (invites and event data) is set before we fetch them. - - - - - 4006866f by Henry Wilkes at 2024-04-22T07:22:05+00:00 fixup! Lox integration Bug 42533: Add notification for when the activeLoxId changes. - - - - - 3 changed files: - browser/components/torpreferences/content/connectionPane.js - browser/components/torpreferences/content/loxInviteDialog.js - toolkit/components/lox/Lox.sys.mjs Changes: ===================================== browser/components/torpreferences/content/connectionPane.js ===================================== @@ -1317,6 +1317,7 @@ const gLoxStatus = { }); Services.obs.addObserver(this, TorSettingsTopics.SettingsChanged); + Services.obs.addObserver(this, LoxTopics.UpdateActiveLoxId); Services.obs.addObserver(this, LoxTopics.UpdateEvents); Services.obs.addObserver(this, LoxTopics.UpdateNextUnlock); Services.obs.addObserver(this, LoxTopics.UpdateRemainingInvites); @@ -1333,6 +1334,7 @@ const gLoxStatus = { */ uninit() { Services.obs.removeObserver(this, TorSettingsTopics.SettingsChanged); + Services.obs.removeObserver(this, LoxTopics.UpdateActiveLoxId); Services.obs.removeObserver(this, LoxTopics.UpdateEvents); Services.obs.removeObserver(this, LoxTopics.UpdateNextUnlock); Services.obs.removeObserver(this, LoxTopics.UpdateRemainingInvites); @@ -1343,12 +1345,17 @@ const gLoxStatus = { switch (topic) { case TorSettingsTopics.SettingsChanged: const { changes } = subject.wrappedJSObject; - if ( - changes.includes("bridges.source") || - changes.includes("bridges.lox_id") - ) { + if (changes.includes("bridges.source")) { this._updateLoxId(); } + // NOTE: We do not call _updateLoxId when "bridges.lox_id" is in the + // changes. Instead we wait until LoxTopics.UpdateActiveLoxId to ensure + // that the Lox module has responded to the change in ID strictly + // *before* we do. In particular, we want to make sure the invites and + // event data has been cleared. + break; + case LoxTopics.UpdateActiveLoxId: + this._updateLoxId(); break; case LoxTopics.UpdateNextUnlock: this._updateNextUnlock(); @@ -1378,9 +1385,7 @@ const gLoxStatus = { */ async _updateLoxId() { let loxId = - TorSettings.bridges.source === TorBridgeSource.Lox - ? TorSettings.bridges.lox_id - : ""; + TorSettings.bridges.source === TorBridgeSource.Lox ? Lox.activeLoxId : ""; if (loxId === this._loxId) { return; } ===================================== browser/components/torpreferences/content/loxInviteDialog.js ===================================== @@ -104,6 +104,7 @@ const gLoxInvites = { // NOTE: TorSettings should already be initialized when this dialog is // opened. Services.obs.addObserver(this, TorSettingsTopics.SettingsChanged); + Services.obs.addObserver(this, LoxTopics.UpdateActiveLoxId); Services.obs.addObserver(this, LoxTopics.UpdateRemainingInvites); Services.obs.addObserver(this, LoxTopics.NewInvite); @@ -119,6 +120,7 @@ const gLoxInvites = { */ uninit() { Services.obs.removeObserver(this, TorSettingsTopics.SettingsChanged); + Services.obs.removeObserver(this, LoxTopics.UpdateActiveLoxId); Services.obs.removeObserver(this, LoxTopics.UpdateRemainingInvites); Services.obs.removeObserver(this, LoxTopics.NewInvite); }, @@ -127,13 +129,13 @@ const gLoxInvites = { switch (topic) { case TorSettingsTopics.SettingsChanged: const { changes } = subject.wrappedJSObject; - if ( - changes.includes("bridges.source") || - changes.includes("bridges.lox_id") - ) { + if (changes.includes("bridges.source")) { this._updateLoxId(); } break; + case LoxTopics.UpdateActiveLoxId: + this._updateLoxId(); + break; case LoxTopics.UpdateRemainingInvites: this._updateRemainingInvites(); break; @@ -155,9 +157,7 @@ const gLoxInvites = { */ _updateLoxId() { const loxId = - TorSettings.bridges.source === TorBridgeSource.Lox - ? TorSettings.bridges.lox_id - : ""; + TorSettings.bridges.source === TorBridgeSource.Lox ? Lox.activeLoxId : ""; if (!loxId || (this._loxId !== null && loxId !== this._loxId)) { // No lox id, or it changed. Close this dialog. this._dialog.cancelDialog(); ===================================== toolkit/components/lox/Lox.sys.mjs ===================================== @@ -55,6 +55,8 @@ XPCOMUtils.defineLazyModuleGetters(lazy, { }); export const LoxTopics = Object.freeze({ + // Whenever the activeLoxId value changes. + UpdateActiveLoxId: "lox:update-active-lox-id", // Whenever the bridges *might* have changed. // getBridges only uses #credentials, so this will only fire when it changes. UpdateBridges: "lox:update-bridges", @@ -141,6 +143,10 @@ class LoxImpl { */ #activeLoxId = null; + get activeLoxId() { + return this.#activeLoxId; + } + /** * Update the active lox id. */ @@ -164,6 +170,8 @@ class LoxImpl { this.#store(); } this.#activeLoxId = loxId; + + Services.obs.notifyObservers(null, LoxTopics.UpdateActiveLoxId); } observe(subject, topic, data) { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/00e009… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/00e009… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.10.0esr-13.5-1] fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in...
by richard (＠richard) 18 Apr '24

18 Apr '24

richard pushed to branch tor-browser-115.10.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 00e009df by Henry Wilkes at 2024-04-18T13:57:12+01:00 fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection Bug 42457: Add a loading icon for Lox invites. Also reduce the amount of focus-jumping by keeping the focus on the disabled button. Also change the focus of the last provideBridgeDialog page to be the table of bridges. NVDA did not announce the focus when it was set to the dialog itself. - - - - - 6 changed files: - browser/components/torpreferences/content/connectionPane.xhtml - browser/components/torpreferences/content/loxInviteDialog.js - browser/components/torpreferences/content/loxInviteDialog.xhtml - browser/components/torpreferences/content/provideBridgeDialog.js - browser/components/torpreferences/content/provideBridgeDialog.xhtml - browser/components/torpreferences/content/torPreferences.css Changes: ===================================== browser/components/torpreferences/content/connectionPane.xhtml ===================================== @@ -48,7 +48,7 @@ class="network-status-label" data-l10n-id="tor-connection-internet-status-label" ></html:span> - <img alt="" class="network-status-loading-icon" /> + <img alt="" class="network-status-loading-icon tor-loading-icon" /> <html:span class="network-status-result"></html:span> </html:div> <html:button ===================================== browser/components/torpreferences/content/loxInviteDialog.js ===================================== @@ -62,12 +62,12 @@ const gLoxInvites = { this._remainingInvitesEl = document.getElementById( "lox-invite-dialog-remaining" ); + this._generateArea = document.getElementById( + "lox-invite-dialog-generate-area" + ); this._generateButton = document.getElementById( "lox-invite-dialog-generate-button" ); - this._connectingEl = document.getElementById( - "lox-invite-dialog-connecting" - ); this._errorEl = document.getElementById("lox-invite-dialog-error-message"); this._inviteListEl = document.getElementById("lox-invite-dialog-list"); @@ -237,20 +237,46 @@ const gLoxInvites = { _setGenerating(isGenerating) { this._generating = isGenerating; this._updateGenerateButtonState(); - this._connectingEl.classList.toggle("show-connecting", isGenerating); + this._generateArea.classList.toggle("show-connecting", isGenerating); }, + /** + * Whether the generate button is disabled. + * + * @type {boolean} + */ + _generateDisabled: false, /** * Update the state of the generate button. */ _updateGenerateButtonState() { - this._generateButton.disabled = this._generating || !this._remainingInvites; + const disabled = this._generating || !this._remainingInvites; + this._generateDisabled = disabled; + // When generating we use "aria-disabled" rather than the "disabled" + // attribute so that the button can remain focusable whilst we generate + // invites. + // NOTE: When we generate the invite the focus will move to the invite list, + // so it should be safe to make the button non-focusable in this case. + const spoofDisabled = this._generating; + this._generateButton.disabled = disabled && !spoofDisabled; + this._generateButton.classList.toggle( + "spoof-button-disabled", + spoofDisabled + ); + if (spoofDisabled) { + this._generateButton.setAttribute("aria-disabled", "true"); + } else { + this._generateButton.removeAttribute("aria-disabled"); + } }, /** * Start generating a new invite. */ _generateNewInvite() { + if (this._generateDisabled) { + return; + } if (this._generating) { console.error("Already generating an invite"); return; @@ -258,15 +284,13 @@ const gLoxInvites = { this._setGenerating(true); // Clear the previous error. this._updateGenerateError(null); - // Move focus from the button to the connecting element, since button is - // now disabled. - this._connectingEl.focus(); - let lostFocus = false; + let moveFocus = false; Lox.generateInvite(this._loxId) .finally(() => { - // Fetch whether the connecting label still has focus before we hide it. - lostFocus = this._connectingEl.contains(document.activeElement); + // Fetch whether the generate button has focus before we potentially + // disable it. + moveFocus = this._generateButton.contains(document.activeElement); this._setGenerating(false); }) .then( @@ -279,7 +303,7 @@ const gLoxInvites = { this._inviteListEl.selectedIndex = 0; } - if (lostFocus) { + if (moveFocus) { // Move focus to the new invite before we hide the "Connecting" // message. this._inviteListEl.focus(); @@ -295,12 +319,6 @@ const gLoxInvites = { this._updateGenerateError("generic"); break; } - - if (lostFocus) { - // Move focus back to the button before we hide the "Connecting" - // message. - this._generateButton.focus(); - } } ); }, @@ -315,7 +333,7 @@ const gLoxInvites = { // First clear the existing error. this._errorEl.removeAttribute("data-l10n-id"); this._errorEl.textContent = ""; - this._errorEl.classList.toggle("show-error", !!type); + this._generateArea.classList.toggle("show-error", !!type); if (!type) { return; ===================================== browser/components/torpreferences/content/loxInviteDialog.xhtml ===================================== @@ -40,10 +40,14 @@ id="lox-invite-dialog-error-message" role="alert" ></html:span> + <img + id="lox-invite-dialog-loading-icon" + class="tor-loading-icon" + alt="" + /> <html:span id="lox-invite-dialog-connecting" role="alert" - tabindex="0" data-l10n-id="lox-invite-dialog-connecting" ></html:span> </html:div> ===================================== browser/components/torpreferences/content/provideBridgeDialog.js ===================================== @@ -84,13 +84,19 @@ const gProvideBridgeDialog = { this._dialog = document.getElementById("user-provide-bridge-dialog"); this._acceptButton = this._dialog.getButton("accept"); + + // Inject our stylesheet into the shadow root so that the accept button can + // take the spoof-button-disabled styling. + const styleLink = document.createElement("link"); + styleLink.rel = "stylesheet"; + styleLink.href = + "chrome://browser/content/torpreferences/torPreferences.css"; + this._dialog.shadowRoot.append(styleLink); + this._textarea = document.getElementById("user-provide-bridge-textarea"); this._errorEl = document.getElementById( "user-provide-bridge-error-message" ); - this._connectingEl = document.getElementById( - "user-provide-bridge-connecting" - ); this._resultDescription = document.getElementById( "user-provide-result-description" ); @@ -152,13 +158,16 @@ const gProvideBridgeDialog = { * Reset focus position in the dialog. */ takeFocus() { - if (this._page === "entry") { - this._textarea.focus(); - } else { - // Move focus to the <xul:window> element. - // In particular, we do not want to keep the focus on the (same) accept - // button (with now different text). - document.documentElement.focus(); + switch (this._page) { + case "entry": + this._textarea.focus(); + break; + case "result": + // Move focus to the table. + // In particular, we do not want to keep the focus on the (same) accept + // button (with now different text). + this._bridgeGrid.focus(); + break; } }, @@ -193,12 +202,27 @@ const gProvideBridgeDialog = { } }, + /** + * Whether the dialog accept button is disabled. + * + * @type {boolean} + */ + _acceptDisabled: false, /** * Callback for whenever the accept button's might need to be disabled. */ updateAcceptDisabled() { - this._acceptButton.disabled = + const disabled = this._page === "entry" && (this.isEmpty() || this._loxLoading); + this._acceptDisabled = disabled; + // Spoof the button to look and act as if it is disabled, but still allow + // keyboard focus so the user can sit on this button whilst we are loading. + this._acceptButton.classList.toggle("spoof-button-disabled", disabled); + if (disabled) { + this._acceptButton.setAttribute("aria-disabled", "true"); + } else { + this._acceptButton.removeAttribute("aria-disabled"); + } }, /** @@ -217,16 +241,7 @@ const gProvideBridgeDialog = { setLoxLoading(isLoading) { this._loxLoading = isLoading; this._textarea.readOnly = isLoading; - this._connectingEl.classList.toggle("show-connecting", isLoading); - if ( - isLoading && - this._acceptButton.contains( - this._acceptButton.getRootNode().activeElement - ) - ) { - // Move focus to the alert before we disable the button. - this._connectingEl.focus(); - } + this._dialog.classList.toggle("show-connecting", isLoading); this.updateAcceptDisabled(); }, @@ -236,6 +251,12 @@ const gProvideBridgeDialog = { * @param {Event} event - The dialogaccept event. */ onDialogAccept(event) { + if (this._acceptDisabled) { + // Prevent closing. + event.preventDefault(); + return; + } + if (this._page === "result") { this._result.accepted = true; // Continue to close the dialog. @@ -313,14 +334,11 @@ const gProvideBridgeDialog = { this._errorEl.textContent = ""; if (error) { this._textarea.setAttribute("aria-invalid", "true"); - // Move focus back to the text area, likely away from the Next button or - // the "Connecting..." alert. - this._textarea.focus(); } else { this._textarea.removeAttribute("aria-invalid"); } this._textarea.classList.toggle("invalid-input", !!error); - this._errorEl.classList.toggle("show-error", !!error); + this._dialog.classList.toggle("show-error", !!error); if (!error) { return; ===================================== browser/components/torpreferences/content/provideBridgeDialog.xhtml ===================================== @@ -51,10 +51,14 @@ role="alert" aria-live="assertive" ></html:span> + <img + id="user-provide-bridge-loading-icon" + class="tor-loading-icon" + alt="" + /> <html:span id="user-provide-bridge-connecting" role="alert" - tabindex="0" data-l10n-id="user-provide-bridge-dialog-connecting" ></html:span> </html:div> @@ -70,6 +74,8 @@ id="user-provide-bridge-grid-display" class="tor-bridges-grid" role="table" + tabindex="0" + aria-labelledby="user-provide-result-description" ></html:div> <html:template id="user-provide-bridge-row-template"> <html:div class="tor-bridges-grid-row" role="row"> ===================================== browser/components/torpreferences/content/torPreferences.css ===================================== @@ -14,6 +14,24 @@ button.spoof-button-disabled { pointer-events: none; } +.tor-loading-icon { + width: 16px; + height: 16px; + content: image-set( + url("chrome://global/skin/icons/tor-light-loading.png"), + url("chrome://global/skin/icons/tor-light-loading@2x.png") 2x + ); +} + +@media (prefers-color-scheme: dark) { + .tor-loading-icon { + content: image-set( + url("chrome://global/skin/icons/tor-dark-loading.png"), + url("chrome://global/skin/icons/tor-dark-loading@2x.png") 2x + ); + } +} + /* Status */ #network-status-internet-area { @@ -81,21 +99,6 @@ button.spoof-button-disabled { .network-status-loading-icon { margin-inline-end: 0.5em; - width: 16px; - height: 16px; - content: image-set( - url("chrome://global/skin/icons/tor-light-loading.png"), - url("chrome://global/skin/icons/tor-light-loading@2x.png") 2x - ); -} - -@media (prefers-color-scheme: dark) { - .network-status-loading-icon { - content: image-set( - url("chrome://global/skin/icons/tor-dark-loading.png"), - url("chrome://global/skin/icons/tor-dark-loading@2x.png") 2x - ); - } } #network-status-internet-area:not(.status-loading) .network-status-loading-icon { @@ -900,6 +903,8 @@ dialog#torPreferences-requestBridge-dialog > hbox { #lox-invite-dialog-message-area { grid-area: message; justify-self: end; + display: flex; + align-items: center; } #lox-invite-dialog-message-area::after { @@ -911,19 +916,29 @@ dialog#torPreferences-requestBridge-dialog > hbox { color: var(--in-content-error-text-color); } -#lox-invite-dialog-error-message:not(.show-error) { +#lox-invite-dialog-generate-area:not(.show-error) #lox-invite-dialog-error-message { display: none; } #lox-invite-dialog-connecting { color: var(--text-color-deemphasized); - /* TODO: Add spinner ::before */ + /* Gap with #user-provide-bridge-loading-icon. */ + margin-inline-start: 0.5em; } -#lox-invite-dialog-connecting:not(.show-connecting) { +#lox-invite-dialog-generate-area:not(.show-connecting) #lox-invite-dialog-connecting { display: none; } +#lox-invite-dialog-loading-icon { + flex: 0 0 auto; +} + +#lox-invite-dialog-generate-area:not(.show-connecting) #lox-invite-dialog-loading-icon { + /* Use width:0 to effectively hide, but still occupy vertical space. */ + width: 0; +} + #lox-invite-dialog-list-label { font-weight: 700; } @@ -1019,6 +1034,8 @@ groupbox#torPreferences-bridges-group textarea { flex: 0 0 auto; margin-block: 8px 12px; align-self: end; + display: flex; + align-items: center; } #user-provide-bridge-message-area::after { @@ -1035,19 +1052,29 @@ groupbox#torPreferences-bridges-group textarea { color: var(--in-content-error-text-color); } -#user-provide-bridge-error-message.not(.show-error) { +#user-provide-bridge-dialog:not(.show-error) #user-provide-bridge-error-message { display: none; } #user-provide-bridge-connecting { color: var(--text-color-deemphasized); - /* TODO: Add spinner ::before */ + /* Gap with #user-provide-bridge-loading-icon. */ + margin-inline-start: 0.5em; } -#user-provide-bridge-connecting:not(.show-connecting) { +#user-provide-bridge-dialog:not(.show-connecting) #user-provide-bridge-connecting { display: none; } +#user-provide-bridge-loading-icon { + flex: 0 0 auto; +} + +#user-provide-bridge-dialog:not(.show-connecting) #user-provide-bridge-loading-icon { + /* Use width:0 to effectively hide, but still occupy vertical space. */ + width: 0; +} + #user-provide-bridge-result-page { flex: 1 1 0; min-height: 0; @@ -1065,6 +1092,11 @@ groupbox#torPreferences-bridges-group textarea { margin-block: 8px; } +#user-provide-bridge-grid-display:focus-visible { + outline: var(--in-content-focus-outline); + outline-offset: var(--in-content-focus-outline-offset); +} + /* Connection settings dialog */ #torPreferences-connection-dialog label { /* Do not wrap the labels. */ View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/00e009d… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/00e009d… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41127: Update default browser_release_date for nightly
by boklm (＠boklm) 18 Apr '24

18 Apr '24

boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: e47404c6 by Nicolas Vigier at 2024-04-17T21:17:49+02:00 Bug 41127: Update default browser_release_date for nightly In nightly builds, when a date cannot be extracted from `var/torbrowser_version` (for example when doing a testbuild), we set a default date. However `firefox-android` fails to build when the date from `MOZ_BUILD_DATE` (which is based on `var/browser_release_date`) is too old. So we change the default date to something more recent. - - - - - 1 changed file: - rbm.conf Changes: ===================================== rbm.conf ===================================== @@ -256,7 +256,7 @@ targets: IF (matches = c("var/torbrowser_version").match('^tbb-nightly\.(\d\d\d\d)\.(\d\d)\.(\d\d)$')); GET matches.0 _ "/" _ matches.1 _ "/" _ matches.2 _ " 01:01:01"; ELSE; - GET "2000/01/01 01:01:01"; + GET "2024/01/01 01:01:01"; END -%] max_torbrowser_incremental_from: 2 View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/e… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/e… You're receiving this email because of your account on gitlab.torproject.org.

1 0