- tbb-commits - lists.torproject.org

[Git][tpo/applications/firefox-android][firefox-android-115.2.1-13.0-1] fixup! Bug 40009: Change the default search engines
by richard (＠richard) 06 Dec '23

06 Dec '23

richard pushed to branch firefox-android-115.2.1-13.0-1 at The Tor Project / Applications / firefox-android Commits: 325edd9a by cypherpunks1 at 2023-12-06T16:58:01+00:00 fixup! Bug 40009: Change the default search engines Bug 42261: Update the icon and URL of Startpage search engine - - - - - 1 changed file: - android-components/components/feature/search/src/main/assets/searchplugins/startpage.xml Changes: ===================================== android-components/components/feature/search/src/main/assets/searchplugins/startpage.xml ===================================== @@ -2,10 +2,10 @@ <ShortName>Startpage</ShortName> <Description>Start Page</Description> <InputEncoding>UTF-8</InputEncoding> -<Image width="16" height="16">data:image/png;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD2jkj+9YtD/vWLQ/71i0P+9otD/vaLRP72i0T+9YtE/vWLRP72i0T+9otD/vaNRP72jUT+9otF/vaLRf73kkv+9Yc///WJP//1iT//9Yk///rAmf/94Mz/+sCa//aRTv/1iUH/9ok///aJP//2i0H/9otB//aJQv/2iUL/9otC//aNRP/2jUT/9o1E//aNRP/6wpv////////////96dr/95dQ//aNRP/2kET/9pBG//aQRv/2kEb/9pBG//aRR//3lEz/95BH//mueP/7xJ3/959g//efYf/4p23//vDm//3p2//3kEr/95FJ//aRSf/niFH/95FK//aRSv/2mE//95hS/vq4iP/////////////////81bj/95xZ//q4iP//////+bF+//eZT//njFT/PSqi/2xGjv/2mVD/951V/vedVv783cX///////vQrf/++PP///////748//+8uj///////m3gf/olFr/PSuj/w8Pt/9sSJD/951V//eeWf73oVv++8ul///////5sXf/+KRi//vRsf////////////3r3v/olF//Piyk/w8Pt/9sSJH/+J5Z//ieWv/3oV/++KZf/vihXP/97N7//vn0//zTs//6wJP/+bBy//q6iP/onW//Piyl/w8Pt/8fGbH/m2iB/+icY//4pGD/96hl/viqZf74pmD/+Kxr//3iy/////////n1//ivbP/onGj/Pi2m/w8Pt/8uJKz/fFeQ/x8Zsf8+Lqb/6J9r//ivbP74rm3++Klm//mpZv/5q2f/+bR9//m0e//poW7/Pi6n/w8Pt/9sTZj/+Ktp//ira/+rd4P/Dw+3/4xijv/5snH++LN1/vmvbf/5r23/+a5t//mvb//4r2//TTuk/w8Pt/8fGrL/6ah1//ivcP/4r3P/q3yI/w8Pt/+MZpP/+bN5/vm4ev75t3X/+bV1//m1df/5t3X/+Ld3/8qUhP98XZn/Hxqz/+mse//5t3f/2p+B/x8as/8PD7f/u4qK//m7fv76u4D++bl7//m3fP/5uXz/+bl8//m5fP/5t3z/+bl//x8as/9NPKf/fWCb/x8as/8PD7f/bVOh//q5f//6v4X++sGI/vm9g//5voX/+b6F//m9hf/6vYX/+r6F//nCh/+bepr/Hxu0/w8Pt/8PD7f/fWOh//q+hf/6wof/+saN/vrGjf75xIv/+ceL//nEi//5xIv/+sSL//rHi//6x43/+ceN/+m7kP+7lpj/6ruQ//rHkP/6x43/+seQ//rLlf76ypT++seR//rJkf/6yZH/+seR//rJkf/6yZH/+8mR//vJlP/7yZT/+smU//rJlP/6yZT/+8yV//rJlf/6zpn+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==</Image> +<Image width="16" height="16">data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAGAAAABgCAYAAADimHc4AAASsUlEQVR42qSXXWoCQRCElzxKTiOeSMBLhuAZgscQAR/dXU2aBfnggykaIpTTU9aU3fO3OtXro7C1y/LcFY7zvH4Xbsuy/lZ/wzwTgxWIG2rpqxXy+L4u51+89G2soe/vft6rPRdO6/r6fM/3hndQHx5K+IORk9yM3sUoebSMYTLQo8EPrvoFPODXOIH4AHjGhlg52ROu4AUd1EMsr0thzyLUqwT7Iq8qhsJVcNgNWhgVKA06ChfgKdq8NZ4QeBYZvTSatKQJ34V24HMtHLYFeDxen/XBxRP+HlwIhVmjogQKt6fjcVs69RlPzoAxWUMtLDy8a8BLebj+MHa7bXZTdU7hDvUJsMY8eiF4tjR4DxEW2SfMnj6VQHXJX2jw8jxO9XYOiScT0DqSGXnX+JnSf3ZYj681juUvfS//AYfn11TB3XeWJ9JHzn34NRz3yNPCA1090vmaCt72NWfPkW94FihP8Z7n2+RdTCuT/NNS0A7KC5fAjst5mnfuLt65CT1PanHN8PYyPw0mV6tMrCNtTXpgd+KwCI77z5LC6GpreMKHuttXkjFx/FKy8P04JIPGY80L0sJ3Y+Mf9dlTdcf/EGzwqXNcQG/HEftEdTzQ3/94NQsey2EYCPfHHjMzMzMzMzMzMzMzM1HsOyvqKoo+PW+PJFnPTbPJBjyZcfou6JNnQe89DHrzzi+7HfT+Qyuzd9ReIIZDRmKsIpup0T+zLqxbgAJ0pDxQu5yj88GEB3xa/+6DoDv2BZ2+QLT3cNF2vUWbdRZt2F60gVk7860svus1TNTq7tof9N4D3OEwaT+A1QSqD9HnQo/7Po+mAk5+EmPOhAL7gPYofJ+/DLphW9Dew0SbdLJJjlZOesP4HBcg95OFsb/tO0J04/agL16FPNQdRsT/Mws8H9o4QpgZFbUPM/8g4br+e9ux0xaUO1zrrIH9/olZhHQRnbNU9MGjAJTQ27EY3b4+YshyWVXBGJ51Ds/McHy28uZt0KVr4iQ1bFc3+eWONj+Wt4tl+bsYBeSr5uUtuor1ZX3CjgQm5pIDWKg/PMwLDp28w6wcfumUz9s7fzlojyEZlJRw0y61EnrA2gMEpX8Hz10Hip67mOM/CsMMSsj3oYi1D58thRNClK10cuKsBdZtDdrU4KadDyMMSXFn+3W5vvW9ZnPQr19rwoVzsFKmt0LikSGIGmfOy8KkrM/Zws+fg85eInFnlvCSQA1ObgYl7GvFOuaLTpoj+ukzirT6wocjQtnnqEhoKHcCUIP2A2Hn06egMxfahLjwYZPO5clzUk7PXB/aHTdD9MNHTE/TJGZ1kOl5rNGMUuiQimCYYeNbsLjzvwSdu1Q8ePgPxsxq8hzRj59C1WtRj/H5Io2FGB2edP3IORHKpm7aEcrBI7yk0FBCk/1GS+qY385ftNiG+Va/9MmkDgaXrBE+E6LhbvYXgJgVlpcLkIUgYppPzdL3F6+GUlT9qSWUlNkRl2tZhvXLhWzUQfTw8aB8fuFuBtjxoKt8Zis4xPyQ4nvgmKMx2ldBWGU7Pv4ahx88TnTBCtEtu4LuPRR03+Ggm3cGnb9cdMBo0eZd0ogQiBAf5lr3EH36HFiKn1rwYco3oqGcH/EvpqO/dK3HcJLJycptRw4cI7rnUEwn5JGZ+0+f2YKYtoC+KvgTZwv3xT7Dj79gWF5kDaO48G/6Y/nDx0FbdkvDXDn8gf10HiB65GSwwxvZCV/GR3v3Pi5Eq+65MmaxZpZS3cYdRC9c9oQk53KYFdX71i5NR3up55Tzkx907jJh9tGuNiuZOEv05eua4W/mvIvZ1J5Ds2hz/Vjf4O7rV0wdcyqG56nSTZtZ4Sk4Fh15hxEODLdzAcQwJBoXQWzRTKxB+Hqsg9+9fhPsfLBJTvqGhW9nJnV+446il6/57TNT+n2/AMWbVCIRxtCwYXsAeGH2UtLF6Qts8pN2mNK6H0Tl59TLV8HuE0DUKfrlppg+XxzqmZW7F/e+cC2q5UX42bh0v5HiCqDU+gwXw273do3f+f6tu3YmVBN7bXqKRRDMh8cQ/4gFBWVhFQj3acXt8DUG47AOKf1fdVWvXPcv25l1oGbBOhujGIyRaL8JNKZ+Ckknz1K/3L4v0DwDCHJui9JFKMvsSjANdVcEjZ8pGI7R5wVhsZjVy8Lckm49BmcCDZhYujlMd/gQYv0hbFY/A/zP6PikT/3pC6qF+oUr3F/1jwJ8ArH7YHD/nzQS7ACP6QnOhrJeqgRXeSqCuS03wrdkvYaWOyoNccrViHYbFJNgHMKQWUU4oPcYHXbOGDvjSU9yTZEwmDKOmVL6+jrf/f5OT/6GP3nML+V/eFicQ5OxGEsJ2GCcmy57VouWfJKIWSEL4sHVVqpmk2aX8JOkPtLUdZa+KFMTDD98PvlwxYtWMLTQd/gMSc+eB+PQJY56Zoq1FuxAH39u2/eGShB57eaf5Hf81H46pwVdMnNalS9rbt+LDCiKK/tlAVaWHz6RsS341DHzcedxOde3BOGVG/W3SI/99pmRVRdimFb2GUn8u+u34gKkjMIwt1M/UdMGY6eLzlosumiV6Ir1P5s7B5hLliyOdzbevNh+tm3btm3btm3btm1LY+OzdCe1de5MZTv5Tf1zUuPkbJ+tru66X3fX/wivniqSSOTlYE1PyjeuwXheiykoCsH9wMu8pEoYYC4aEQ0e8yY+9+q08NnX01MIp0ydZoLWYcSR95OEsrJrdT0arhHz3GtXdCJxIrcXHHSZr1DXDNCVkKsdA2E9PQ7eoSryA9GZgCIzW3hYkRmX9f1wu6qCC5BOZxTrymv1uK4VK78n749cV/d4hcRcfAWebamznI10bZa37pc8DbAMD2I6DpHAVx+n19K/IUEQ3A0+oZItzMgE8LXxxPmMzOn8HdYv9/cPhocffznc99DzLvrks+/d9+ccV+DKCAUa+GKFcaS2OBYQBpfY5i4DR8JhOn7z3W9hwSU3/T8ttVk8GtX+f42/6bZHZfql1mzgtJSyz6gSW0uVn2KcQovnBwaG4hc5ZEeupbWlIrI1Tz/nOnuwbnrz7U+dmd/ZsldVvI5rKiaqqtLMhswM7unpD1OmtIU//xoR3nzns3D/wy+ES668Mxx3ymVhrwNPC9vtekzYfLtDw/GnXj7jJeisPPKqfIrz/x0+Jiy54jbp4aavPcsvscLWYeSo8bi/r8CwUcRXOf96Im4dZkm8Eb+avQ88PWy01UFhmVW3T9u89scl2rR5XGSZLcIPP/3JFwCVUkGTjel8nBNOuyLBS1ofVP+tW+14RPRtDQAedUW+zv3RcoJpKQ4PKOHmsy9+dGzv2tcWae+DTrdd4NCusAsSyTov24GLLrdldv36eDp3xbX3qixoVahd2DkAFTIiDCh8LT29/fHrP5B/bOKXrPPTzy209Gbh3gefUxnFAo40/++wMWG19fYA1Ch+kWW3DN/98EfhuuV8lSu71BXsNN5uu+sJbPMZfyQgKG37JSI+v/Xu5zLVUfth+PLGjp0UNtv20Pp6aU1AkfGJdtj92LQjeX+qoq48KkKkESDImwGtgyITJ7WEldfeNVDgaThaZpXtw2tvfCyEWm6c5v8//46OQv4wrOehx596TbhecohgBNvJrVEmLYg3oBvaVRt1wy0PA1cJSaTFltsqXHPDA6GjozvdU6m3GLcv99U3PgprbLBn0cNfd5N9Q2dnj1cbEy0PRF8j3AdaEOFFGxEMuU2OKui6m+6XtnWiuvED7ah+tK/3hZffM03E7Sf6/Y9h4egTL4kYvsXMNBwX/+CjL2r4peVv5PNr6TFHgQZ4Pefl1z4IC0c1068VcXesE7/Ii6+4M3z48TfRtd0eY7R9sdpmIPTGF9Pd3dfU1Z9+7q1w4OHnmPDE9Xo9rtXV1ev4u43g/3Jfk3P5VMq6TbzOXKPFe9LpV+XwX42Dt6O9TNNoNtrywKadsdJau8w4J65z8kZPPvNGifYieuGBpMOxypRrQtDQ7503OFpaOurCMEEPtCBqJ+DTXEAH5lPzktfacdtdjrYdBYjw18NhTLZ8I8+AjMiIloYGzv3598iw6nq7Kwjg+Owntaa5Rkzwy0igf5y8vo6GGIuYyatSTfBffPVTWGGNnYofuh9SyiHonAtvgkUu3PCe5n1FlfJYIOukI58rRDCylwDcNoKfSGJ68+iHsaU4x4jzzSLfPDz74jsCKlRigoJoldOEgIzcWunmaivJ63/7fVjYYIsDhDD2jGP3SM2K44l4zbKr7RB+/f1fqQkRkksiYezMWClJrRtw4GVIN+74CVPCwUeeaz4gPDDBzzXacocjwtSWDpEOqcbLqRLuUxXxSnPFeW7R3ui0e+jRl0wu5CJU1GyW0scmUdvCXMynhhVOOuMqC2ESZgkxSivU7ZV1qwIjfv0MNfKYiPUGXHjU6Anh5DOvNheEgJG5TwtFeuCRFx2FIcXBevBITcw06cBXLnpEO9PyGuHnX/4OZ553fdwRO88WLWj51XdsWtBX33C/CdfcLpHjS628ncWRXUaZTl/UXSKpBdFVSmjSEt9hzBG6knx49MlXw0FHnGMaE2AEcFTj7YHtvNcJ4a77ngmjx0y0+zV9SSeefmWaU6ckzDFWW8sUBvNrAT5EwoKI0tGDUB+vdDWkL/9Fa0j+fv/JirYv0FJJLrv6rhg/vqIpvPc95MxwyFHnxfjy5eGiy28P9zzwbPjgo6/DxIkthtv4LS2tHdHQOrrYCDziuAvjixwU8V+k9Od6XUvNsYJ7OePnAP5jYeNL++eoOeX8sOFjw6rr7lYCZwZhFmTyuKYBv+R1UJ7SWTfqED4RGmNaZcs7+HROjj/V0Tyqiy+/FbQtusrJW8Tuo0++FXBcUiNmvxVBeboZSMiMwLgPhijg+VKyaY8Y5xg9liYf6vYHKckVGnRrb7yPyRZHdjXX5zh/byXaxIu8HPq3Ne47Glxwjib/fBPKpuMXq6f7HnyGxSPU+p4SWxWU123jncaa7p/DOSKQzW1NaOQHoRyLbW1dFnifadSMWhENtmtufAAQ44BDPAcVlHcGxlU3cu4m3WNI3F82T2XuDs/z9w8fOc7ixgUu8k0t8mYZHFifMezcruZvNb6iDeDpuY86L4dA4rieXwo7es7Hn34XFl9ha48qijkWmbOcIynj/BVA6QXMVL8FEZ5YcOB/4JxDyJKalS6Q0AaUJYTBhV2DIuE23zTsus9JseivB+s7C0EAs5Wjr40YU5oOrhUE2CCv0wKFLUIIMMPt1LOvhbvaa6hdeNntdj+t6fh7RyOoLoUaH65uAa9lhCPcV0wajtrau8Iue51Q5rSzIM4L78yu1ERZjCAgiEV1frVMQIvISypIB5S5TiOiUF5ro73toaqEACOMr7jmzpYyI7S4hlML0lADnpR7AfpFcA7y8OXa2gDzw6qVJC250rYlLnFLy+ffR/iRNRYVBB21IglPumM4eKTtOQS00/gp15osM441DTo0anTnvU/L6hz+Nn6oFaFE14SRz5UrqRqwEkNGV63r++sIlmVFnHHu9ZmcosQz7+jaGx8ocEcrCNK8hgU97pzbKLi3V/PS45YfZComv/ichpTqG8QajvHK0ZI3TRaYjmt1hTphhu3RtJMP17pc3BoqLOfUckUJP9wRzeqbP/4cAYPV7YpOL0D4LIQhJoPzYq4ytvBScOR53T+O62Mc8z/74ocklKU8OOv8G+EJSCQgHOOV16ynAC3QOvQc/zh3jfY16XvCs/vamx+HpVfZvp7oVU/2ssicQZa7pZtu1qG3rTMArb9I8mK+XsvbxxpqL8bltVZnNjqcFmuMLR5giVvmBzrmpEvDl1//LFzw0AJVR10644x02zDhHqafSLqu6W4WvEoP1B+FKHvFHKyZqm9a2zpDX/8g1hJQU9IvqMz092swLqGkzpH3+2Kc/1lDrCnWKno+oEpbr9qq1V3FBa+/fCGDClRl37Ug/bJ1VxnhX8Muq0QQvGDbN9yQItb19CzSc8rHC3jRrAP//TGOVwUuaDWuoUT3IHUeRTQO6xWOk/BVS9jTBS9oXdzi8Pkrw0s9GKG9ZHNQFSarB6ITx7QM0vP9YVPhmsF8O3bYC3gv0y8IhPPC8ICsUBBDEvgpHYRcQ8ooDaVaNdYRQ8I15tp9PrAXcHBBt0RvDpBf8PnTGP3ndUazKrSQvHhenKv5w80X9N/4Rn4CbMgsOUCJ2w2tx3lfrdU452i+/P4U5qKdDhLPfmk0pi1Q2b84edVIU7C1RNW4q5EHYU3BE+fwmtnEGznm6Plunw+P9qwbK1f1f3Fw5Ui/iC0+G6kxr++pr/HbCCXX/WQffFVV/2lS+h/7F/vmLxBPHh7pg0gdiOpo3ki4kItly3zL+w3NRkukd+ILONgg3551eu7/AxK2F7WQPNQ+AAAAAElFTkSuQmCC</Image> -<Url type="text/html" method="POST" template="https://startpage.com/rto/search"> +<Url type="text/html" method="POST" template="https://startpage.com/sp/search"> <Param name="q" value="{searchTerms}"/> </Url> -<SearchForm>https://startpage.com/rto/search/</SearchForm> +<SearchForm>https://startpage.com/sp/search/</SearchForm> </SearchPlugin> View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/325… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/325… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.5.0esr-13.0-1] fixup! Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing
by richard (＠richard) 06 Dec '23

06 Dec '23

richard pushed to branch tor-browser-115.5.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: 73234e2b by cypherpunks1 at 2023-12-06T16:56:16+00:00 fixup! Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing Bug 42261: Update the icon of Startpage search engine - - - - - 1 changed file: - browser/components/search/extensions/startpage/favicon.png Changes: ===================================== browser/components/search/extensions/startpage/favicon.png ===================================== Binary files a/browser/components/search/extensions/startpage/favicon.png and b/browser/components/search/extensions/startpage/favicon.png differ View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/73234e2… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/73234e2… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-115.5.0esr-13.5-1] Bug 1865238 - Use One UI Sans KR VF for Korean sans-serif font on Android r=jfkthame
by richard (＠richard) 06 Dec '23

06 Dec '23

richard pushed to branch base-browser-115.5.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 02be06d6 by Kagami Sascha Rosylight at 2023-12-06T16:10:56+00:00 Bug 1865238 - Use One UI Sans KR VF for Korean sans-serif font on Android r=jfkthame Per /etc/fonts.xml, there are now only two `<family lang="ko">` nodes there: * OneUISansKRVF series * SECCJK series (but no KR postfix anymore?) This patch uses One UI Sans KR VF as the replacement as this is newer and is a variable font (tested with https://codepen.io/SaschaNaz/pen/ExrdYXJ) Differential Revision: https://phabricator.services.mozilla.com/D195078 - - - - - 1 changed file: - modules/libpref/init/all.js Changes: ===================================== modules/libpref/init/all.js ===================================== @@ -3053,7 +3053,7 @@ pref("font.size.monospace.x-math", 13); pref("font.name-list.monospace.ja", "MotoyaLMaru, MotoyaLCedar, Noto Sans Mono CJK JP, SEC Mono CJK JP, Droid Sans Mono"); pref("font.name-list.serif.ko", "Charis SIL Compact, Noto Serif CJK KR, Noto Serif, Droid Serif, HYSerif"); - pref("font.name-list.sans-serif.ko", "Roboto, Google Sans, SmartGothic, NanumGothic, Noto Sans KR, Noto Sans CJK KR, SamsungKorean_v2.0, SEC CJK KR, DroidSansFallback, Droid Sans Fallback"); + pref("font.name-list.sans-serif.ko", "Roboto, Google Sans, SmartGothic, NanumGothic, Noto Sans KR, Noto Sans CJK KR, One UI Sans KR VF, SamsungKorean_v2.0, SEC CJK KR, DroidSansFallback, Droid Sans Fallback"); pref("font.name-list.monospace.ko", "Droid Sans Mono, Noto Sans Mono CJK KR, SEC Mono CJK KR"); pref("font.name-list.serif.th", "Charis SIL Compact, Noto Serif, Noto Serif Thai, Droid Serif"); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/02be06d… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/02be06d… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.5.0esr-13.5-1] Bug 1865238 - Use One UI Sans KR VF for Korean sans-serif font on Android r=jfkthame
by richard (＠richard) 06 Dec '23

06 Dec '23

richard pushed to branch tor-browser-115.5.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 30248ab5 by Kagami Sascha Rosylight at 2023-12-06T16:06:58+00:00 Bug 1865238 - Use One UI Sans KR VF for Korean sans-serif font on Android r=jfkthame Per /etc/fonts.xml, there are now only two `<family lang="ko">` nodes there: * OneUISansKRVF series * SECCJK series (but no KR postfix anymore?) This patch uses One UI Sans KR VF as the replacement as this is newer and is a variable font (tested with https://codepen.io/SaschaNaz/pen/ExrdYXJ) Differential Revision: https://phabricator.services.mozilla.com/D195078 - - - - - 1 changed file: - modules/libpref/init/all.js Changes: ===================================== modules/libpref/init/all.js ===================================== @@ -3053,7 +3053,7 @@ pref("font.size.monospace.x-math", 13); pref("font.name-list.monospace.ja", "MotoyaLMaru, MotoyaLCedar, Noto Sans Mono CJK JP, SEC Mono CJK JP, Droid Sans Mono"); pref("font.name-list.serif.ko", "Charis SIL Compact, Noto Serif CJK KR, Noto Serif, Droid Serif, HYSerif"); - pref("font.name-list.sans-serif.ko", "Roboto, Google Sans, SmartGothic, NanumGothic, Noto Sans KR, Noto Sans CJK KR, SamsungKorean_v2.0, SEC CJK KR, DroidSansFallback, Droid Sans Fallback"); + pref("font.name-list.sans-serif.ko", "Roboto, Google Sans, SmartGothic, NanumGothic, Noto Sans KR, Noto Sans CJK KR, One UI Sans KR VF, SamsungKorean_v2.0, SEC CJK KR, DroidSansFallback, Droid Sans Fallback"); pref("font.name-list.monospace.ko", "Droid Sans Mono, Noto Sans Mono CJK KR, SEC Mono CJK KR"); pref("font.name-list.serif.th", "Charis SIL Compact, Noto Serif, Noto Serif Thai, Droid Serif"); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/30248ab… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/30248ab… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-13.0] Bug 40990: Remove old macos signing scripts
by richard (＠richard) 06 Dec '23

06 Dec '23

richard pushed to branch maint-13.0 at The Tor Project / Applications / tor-browser-build Commits: 7d25ba41 by Nicolas Vigier at 2023-12-06T16:01:16+00:00 Bug 40990: Remove old macos signing scripts - - - - - 30 changed files: - tools/signing/do-all-signing - − tools/signing/finished-signing-clean-macos-signer - tools/signing/gatekeeper-bundling.sh - − tools/signing/macos-signer-gatekeeper-signing - − tools/signing/macos-signer-gatekeeper-signing.mullvadbrowser - − tools/signing/macos-signer-gatekeeper-signing.torbrowser - − tools/signing/macos-signer-notarization - − tools/signing/macos-signer-notarization.mullvadbrowser - − tools/signing/macos-signer-notarization.torbrowser - − tools/signing/macos-signer-proxy - − tools/signing/macos-signer-proxy.mullvadbrowser - − tools/signing/macos-signer-proxy.torbrowser - − tools/signing/macos-signer-stapler - − tools/signing/macos-signer-stapler.mullvadbrowser - − tools/signing/macos-signer-stapler.torbrowser - tools/signing/set-config - tools/signing/set-config.hosts - − tools/signing/set-config.macos-notarization - − tools/signing/sync-macos-local-to-macos-signer - − tools/signing/sync-macos-local-to-macos-signer.mullvadbrowser - − tools/signing/sync-macos-local-to-macos-signer.torbrowser - − tools/signing/sync-macos-local-to-macos-signer.torbrowser.dry-run - − tools/signing/sync-macos-signer-stapled-to-macos-local-stapled - − tools/signing/sync-macos-signer-stapled-to-macos-local-stapled.mullvadbrowser - − tools/signing/sync-macos-signer-stapled-to-macos-local-stapled.torbrowser - − tools/signing/sync-macos-signer-stapled-to-macos-local-stapled.torbrowser.dry-run - − tools/signing/sync-scripts-to-macos-signer - − tools/signing/sync-scripts-to-macos-signer.mullvadbrowser - − tools/signing/sync-scripts-to-macos-signer.torbrowser - − tools/signing/sync-scripts-to-macos-signer.torbrowser.dry-run Changes: ===================================== tools/signing/do-all-signing ===================================== @@ -8,19 +8,9 @@ NON_INTERACTIVE=1 steps_dir="$signed_version_dir.steps" test -d "$steps_dir" || mkdir -p "$steps_dir" -if test -n "$use_rcodesign" -then - test -f "$steps_dir/linux-signer-rcodesign-sign.done" || - read -sp "Enter rcodesign passphrase for key-1: " RCODESIGN_PW - echo -else - test -f "$steps_dir/macos-signer-gatekeeper-signing.done" || - read -sp "Enter macos keychain passphrase: " KEYCHAIN_PW - echo - test -f "$steps_dir/macos-signer-notarization.done" || - read -sp "Enter macos notarization passphrase: " NOTARIZATION_PW - echo -fi +test -f "$steps_dir/linux-signer-rcodesign-sign.done" || + read -sp "Enter rcodesign passphrase for key-1: " RCODESIGN_PW +echo is_project torbrowser && nssdb=torbrowser-nssdb7 is_project mullvadbrowser && nssdb=mullvadbrowser-nssdb-1 test -f "$steps_dir/linux-signer-signmars.done" || @@ -67,52 +57,6 @@ function rcodesign-notary-submit { "$script_dir/rcodesign-notary-submit" } -function macos-signer-directory-not-present { - # To avoid doing two signings at the same time, or to avoid unknowingly - # using parts from a previous signing attempt, we check that the - # directory does not exist yet (see tor-browser-build#40497) - if ssh "$ssh_host_macos_signer" "test -d $tbb_version" - then - echo "The directory $tbb_version already exists on $ssh_host_macos_signer" - return 1 - fi - return 0 -} - -function sync-scripts-to-macos-signer { - "$script_dir/sync-scripts-to-macos-signer" -} - -function macos-signer-enable-network-proxy-settings { - ssh "$ssh_host_macos_signer" 'networksetup -setsecurewebproxystate Ethernet on' -} - -function macos-signer-gatekeeper-signing { - "$script_dir/sync-macos-local-to-macos-signer" - ssh "$ssh_host_macos_signer" 'bash -s' << EOF - export KEYCHAIN_PW=$KEYCHAIN_PW - ~/signing-$SIGNING_PROJECTNAME-$tbb_version_type/macos-signer-gatekeeper-signing.$SIGNING_PROJECTNAME -EOF - unset KEYCHAIN_PW -} - -function macos-signer-notarization { - ssh "$ssh_host_macos_signer" 'bash -s' << EOF - export PW=$NOTARIZATION_PW - ~/signing-$SIGNING_PROJECTNAME-$tbb_version_type/macos-signer-notarization.$SIGNING_PROJECTNAME -EOF - unset NOTARIZATION_PW -} - -function macos-signer-stapler { - ssh "$ssh_host_macos_signer" "~/signing-$SIGNING_PROJECTNAME-$tbb_version_type/macos-signer-stapler.$SIGNING_PROJECTNAME" - "$script_dir/sync-macos-signer-stapled-to-macos-local-stapled" -} - -function macos-signer-disable-network-proxy-settings { - ssh "$ssh_host_macos_signer" 'networksetup -setsecurewebproxystate Ethernet off' -} - function gatekeeper-bundling { "$script_dir/gatekeeper-bundling.sh" } @@ -212,10 +156,6 @@ function upload-update_responses-to-staticiforme { "$script_dir/upload-update_responses-to-staticiforme" } -function finished-signing-clean-macos-signer { - "$script_dir/finished-signing-clean-macos-signer" -} - function finished-signing-clean-linux-signer { "$script_dir/finished-signing-clean-linux-signer" } @@ -233,22 +173,11 @@ export SIGNING_PROJECTNAME do_step wait-for-finished-build do_step sync-builder-unsigned-to-local-signed -if test -n "$use_rcodesign"; -then - do_step sync-scripts-to-linux-signer - do_step sync-before-linux-signer-rcodesign-sign - do_step linux-signer-rcodesign-sign - do_step sync-linux-signer-macos-signed-tar-to-local - do_step rcodesign-notary-submit -else - do_step macos-signer-directory-not-present - do_step sync-scripts-to-macos-signer - do_step macos-signer-enable-network-proxy-settings - do_step macos-signer-gatekeeper-signing - do_step macos-signer-notarization - do_step macos-signer-stapler - do_step macos-signer-disable-network-proxy-settings -fi +do_step sync-scripts-to-linux-signer +do_step sync-before-linux-signer-rcodesign-sign +do_step linux-signer-rcodesign-sign +do_step sync-linux-signer-macos-signed-tar-to-local +do_step rcodesign-notary-submit do_step gatekeeper-bundling do_step dmg2mar do_step sync-scripts-to-linux-signer @@ -272,5 +201,4 @@ do_step sync-local-to-staticiforme do_step sync-scripts-to-staticiforme do_step staticiforme-prepare-cdn-dist-upload do_step upload-update_responses-to-staticiforme -do_step finished-signing-clean-macos-signer do_step finished-signing-clean-linux-signer ===================================== tools/signing/finished-signing-clean-macos-signer deleted ===================================== @@ -1,14 +0,0 @@ -#!/bin/bash - -# Remove current tbb version from macos-signer. You should run this -# when all signing has been done. - -set -e -script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) -source "$script_dir/functions" - -var_is_defined ssh_host_macos_signer tbb_version - -ssh "$ssh_host_macos_signer" 'bash -s' << EOF - test -n "$tbb_version" && rm -Rfv ~/"$SIGNING_PROJECTNAME-$tbb_version" -EOF ===================================== tools/signing/gatekeeper-bundling.sh ===================================== @@ -68,11 +68,7 @@ export PATH="$PATH:$tmpdir/libdmg-hfsplus:$tmpdir/hfsplus-tools" cd $tmpdir/dmg -if test -n "$use_rcodesign"; then - tar -xf $macos_stapled_dir/"${proj_name}-${tbb_version}-notarized+stapled.tar.zst" -else - unzip -q $macos_stapled_dir/tb-${tbb_version}_ALL-stapled.zip -fi +tar -xf $macos_stapled_dir/"${proj_name}-${tbb_version}-notarized+stapled.tar.zst" cd .. $script_dir/ddmg.sh $macos_signed_dir/${proj_name}-macos-${tbb_version}.dmg $tmpdir/dmg/ "$Proj_Name" ===================================== tools/signing/macos-signer-gatekeeper-signing deleted ===================================== @@ -1,100 +0,0 @@ -#!/bin/bash -set -e - -script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) -source "$script_dir/functions" -source "$script_dir/set-config.generated-config" - -ENTITLEMENTS="$script_dir/$tbb_version_type.entitlements.xml" -app_name=$(Project_Name) - -function check_signature() { - LANG=$1 - UNZIP=$2 - local failed_open=0 - local failed_exec=0 - if [ ${UNZIP} -eq 1 ] - then - test -d test_${LANG} && rm -r test_${LANG} - unzip -d test_${LANG} -q tb-${tbb_version}_$LANG.zip - pushd test_${LANG} - fi - echo "Checking $LANG..." - spctl -vvvv --assess --type open --context context:primary-signature "$app_name.app/" - if [ $? -ne 3 ]; then - echo tb-${tbb_version}_$LANG.zip not signed correctly. Failed open. - failed_open=1 - fi - spctl -vvvv --assess --type exec --context context:primary-signature "$app_name.app/" - if [ $? -ne 0 ]; then - echo tb-${tbb_version}_$LANG.zip not signed correctly. Failed exec. - failed_exec=1 - fi - if [ ${UNZIP} -eq 1 ] - then - popd - rm -r test_${LANG} - fi - if [ ${failed_open} -ne 0 -o ${failed_exec} -ne 0 ] - then - return 1 - fi -} - -cd ~/$SIGNING_PROJECTNAME-${tbb_version} - -if test -n "$KEYCHAIN_PW" -then - KPW="-p $KEYCHAIN_PW" -fi - -security unlock $KPW /Users/torbrowser/Library/Keychains/tbb-signing-alpha.keychain -security unlock $KPW /Users/torbrowser/Library/Keychains/tbb-signing-2021.keychain - -unset KPW KEYCHAIN_PW - -for LANG in ALL -do - if [ -f tb-${tbb_version}_${LANG}.zip ] - then - echo "Deleting tb-${tbb_version}_${LANG}.zip" - rm tb-${tbb_version}_${LANG}.zip - fi - if [ -d "$app_name.app" ] - then - echo "Deleting $app_name.app" - rm -r "$app_name.app" - fi - if [ -d "/Volumes/$app_name" ]; then - echo "DMG already mounted. Please correct." - exit 1 - fi - hdiutil attach $(project-name)-macos-${tbb_version}.dmg - cp -rf "/Volumes/$app_name/$app_name.app" "$app_name.app" - echo "Signing ${app_name}_${LANG}.app" - codesign -vvv --deep -o runtime --entitlements="$ENTITLEMENTS" --timestamp -f -s "Developer ID Application: The Tor Project, Inc (MADPSAYN6T)" "$app_name.app/" - echo "codesign exit code: $?" - set +e - check_signature $LANG 0 - if [ $? -eq 1 ] - then - echo Signature verification failed. - rm -r "$app_name.app" - hdiutil detach "/Volumes/$app_name" - exit 1 - fi - set -e - echo "Zipping up tb-${tbb_version}_${LANG}.zip" - zip -qr tb-${tbb_version}_${LANG}.zip "$app_name.app" - rm -rf "$app_name.app" - hdiutil detach "/Volumes/$app_name" - set +e - check_signature $LANG 1 - if [ $? -eq 1 ] - then - echo "Signature verification failed (${LANG})". - rm -r "$app_name.app" - exit 1 - fi - set -e -done ===================================== tools/signing/macos-signer-gatekeeper-signing.mullvadbrowser deleted ===================================== @@ -1 +0,0 @@ -macos-signer-gatekeeper-signing \ No newline at end of file ===================================== tools/signing/macos-signer-gatekeeper-signing.torbrowser deleted ===================================== @@ -1 +0,0 @@ -macos-signer-gatekeeper-signing \ No newline at end of file ===================================== tools/signing/macos-signer-notarization deleted ===================================== @@ -1,44 +0,0 @@ -#!/bin/bash -set -e - -script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) -source "$script_dir/functions" -source "$script_dir/set-config.macos-notarization" - -ALTOOL=~/Xcode.app/Contents/SharedFrameworks/ContentDeliveryServices.framework/Versions/A/Frameworks/AppStoreService.framework/Versions/A/Support/altool - -cd ~/$SIGNING_PROJECTNAME-${tbb_version} - -if [ -z "${PW}" ]; then - echo "Please enter notarization password:" - stty -echo; read PW; stty echo; export PW -fi - -for LANG in ALL -do - if test -f ${LANG}/tb-${tbb_version}_$LANG.zip.uuid - then - echo "Skipping ${LANG}/tb-${tbb_version}_$LANG.zip" - continue; - fi - if test -d ${LANG}; then - mv ${LANG}/tb-${tbb_version}_$LANG.zip ./ - rm -r ${LANG}/ - fi - mkdir $LANG - cd $LANG - mv ../tb-${tbb_version}_$LANG.zip . - unzip -q tb-${tbb_version}_$LANG.zip - echo "Notarizing $LANG..." - $ALTOOL --notarize-app --verbose -t osx -f tb-${tbb_version}_$LANG.zip --primary-bundle-id org.torproject.torbrowser -u "$macos_notarization_user" -p @env:PW --output-format xml | tee tb-${tbb_version}_$LANG.zip.log 2>&1 - - request_uuid=`grep -A1 RequestUUID tb-${tbb_version}_$LANG.zip.log | grep -o '[0-9a-f]\+[0-9a-f-]\+'` - if [ -z "${request_uuid}" ]; then - echo "Request UUID not present. Notarization failed" - exit 1 - fi - echo ${request_uuid} > tb-${tbb_version}_$LANG.zip.uuid - echo "Notarization done for $LANG." - - cd .. -done ===================================== tools/signing/macos-signer-notarization.mullvadbrowser deleted ===================================== @@ -1 +0,0 @@ -macos-signer-notarization \ No newline at end of file ===================================== tools/signing/macos-signer-notarization.torbrowser deleted ===================================== @@ -1 +0,0 @@ -macos-signer-notarization \ No newline at end of file ===================================== tools/signing/macos-signer-proxy deleted ===================================== @@ -1,6 +0,0 @@ -#!/bin/bash -set -e -script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) -source "$script_dir/functions" - -ssh -R :1080 "$ssh_host_macos_signer" 'python ~/proxy.py --port 8443' ===================================== tools/signing/macos-signer-proxy.mullvadbrowser deleted ===================================== @@ -1 +0,0 @@ -macos-signer-proxy \ No newline at end of file ===================================== tools/signing/macos-signer-proxy.torbrowser deleted ===================================== @@ -1 +0,0 @@ -macos-signer-proxy \ No newline at end of file ===================================== tools/signing/macos-signer-stapler deleted ===================================== @@ -1,22 +0,0 @@ -#!/bin/bash -set -e - -read -n 1 -p "Press enter once notarization is complete..." - -script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) -source "$script_dir/functions" -source "$script_dir/set-config.generated-config" - -STAPLER=/Users/torbrowser/Xcode.app/Contents//Developer/usr/bin/stapler -app_name=$(Project_Name) - -cd ~/$SIGNING_PROJECTNAME-${tbb_version} - -for LANG in ALL -do - echo "Stapling $LANG..." - cd $LANG - $STAPLER staple "$app_name.app" - zip -qr ../tb-${tbb_version}_$LANG-stapled.zip "$app_name.app" - cd .. -done ===================================== tools/signing/macos-signer-stapler.mullvadbrowser deleted ===================================== @@ -1 +0,0 @@ -macos-signer-stapler \ No newline at end of file ===================================== tools/signing/macos-signer-stapler.torbrowser deleted ===================================== @@ -1 +0,0 @@ -macos-signer-stapler \ No newline at end of file ===================================== tools/signing/set-config ===================================== @@ -38,5 +38,3 @@ rsync_options="-avH ${rsync_progress:-} ${DRY_RUN:-}" tb_builders='boklm dan henry ma1 pierov richard' wrappers_dir=/signing/tor-browser-build/tools/signing/wrappers - -use_rcodesign=1 ===================================== tools/signing/set-config.hosts ===================================== @@ -1,6 +1,5 @@ ssh_host_builder=tbbuild ssh_host_linux_signer=linux-signer-notor -ssh_host_macos_signer=mac-signer-notor ssh_host_staticiforme=staticiforme.torproject.org builder_tor_browser_build_dir=/home/user/tor-browser-build ===================================== tools/signing/set-config.macos-notarization deleted ===================================== @@ -1,5 +0,0 @@ -# The following line should be uncommented and updated: - -#macos_notarization_user='user@email' - -var_is_defined macos_notarization_user ===================================== tools/signing/sync-macos-local-to-macos-signer deleted ===================================== @@ -1,8 +0,0 @@ -#!/bin/bash -set -e -script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) -source "$script_dir/functions" - -var_is_defined ssh_host_macos_signer - -rsync $rsync_options "$signed_version_dir"/*.dmg "$ssh_host_macos_signer:$SIGNING_PROJECTNAME-$tbb_version/" ===================================== tools/signing/sync-macos-local-to-macos-signer.mullvadbrowser deleted ===================================== @@ -1 +0,0 @@ -sync-macos-local-to-macos-signer \ No newline at end of file ===================================== tools/signing/sync-macos-local-to-macos-signer.torbrowser deleted ===================================== @@ -1 +0,0 @@ -sync-macos-local-to-macos-signer \ No newline at end of file ===================================== tools/signing/sync-macos-local-to-macos-signer.torbrowser.dry-run deleted ===================================== @@ -1 +0,0 @@ -sync-macos-local-to-macos-signer \ No newline at end of file ===================================== tools/signing/sync-macos-signer-stapled-to-macos-local-stapled deleted ===================================== @@ -1,8 +0,0 @@ -#!/bin/bash -set -e -script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) -source "$script_dir/functions" - -var_is_defined ssh_host_macos_signer - -rsync $rsync_options "$ssh_host_macos_signer:$SIGNING_PROJECTNAME-$tbb_version/*-stapled.zip" "$macos_stapled_dir/" ===================================== tools/signing/sync-macos-signer-stapled-to-macos-local-stapled.mullvadbrowser deleted ===================================== @@ -1 +0,0 @@ -sync-macos-signer-stapled-to-macos-local-stapled \ No newline at end of file ===================================== tools/signing/sync-macos-signer-stapled-to-macos-local-stapled.torbrowser deleted ===================================== @@ -1 +0,0 @@ -sync-macos-signer-stapled-to-macos-local-stapled \ No newline at end of file ===================================== tools/signing/sync-macos-signer-stapled-to-macos-local-stapled.torbrowser.dry-run deleted ===================================== @@ -1 +0,0 @@ -sync-macos-signer-stapled-to-macos-local-stapled \ No newline at end of file ===================================== tools/signing/sync-scripts-to-macos-signer deleted ===================================== @@ -1,10 +0,0 @@ -#!/bin/bash -set -e -script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) -source "$script_dir/functions" - -var_is_defined ssh_host_macos_signer - -generate_config - -rsync $rsync_options "$script_dir/" "$ssh_host_macos_signer:signing-$SIGNING_PROJECTNAME-$tbb_version_type/" ===================================== tools/signing/sync-scripts-to-macos-signer.mullvadbrowser deleted ===================================== @@ -1 +0,0 @@ -sync-scripts-to-macos-signer \ No newline at end of file ===================================== tools/signing/sync-scripts-to-macos-signer.torbrowser deleted ===================================== @@ -1 +0,0 @@ -sync-scripts-to-macos-signer \ No newline at end of file ===================================== tools/signing/sync-scripts-to-macos-signer.torbrowser.dry-run deleted ===================================== @@ -1 +0,0 @@ -sync-scripts-to-macos-signer \ No newline at end of file View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/7… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/7… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 40990: Remove old macos signing scripts
by richard (＠richard) 06 Dec '23

06 Dec '23

richard pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: fa846d22 by Nicolas Vigier at 2023-12-06T15:59:55+00:00 Bug 40990: Remove old macos signing scripts - - - - - 30 changed files: - tools/signing/do-all-signing - − tools/signing/finished-signing-clean-macos-signer - tools/signing/gatekeeper-bundling.sh - − tools/signing/macos-signer-gatekeeper-signing - − tools/signing/macos-signer-gatekeeper-signing.mullvadbrowser - − tools/signing/macos-signer-gatekeeper-signing.torbrowser - − tools/signing/macos-signer-notarization - − tools/signing/macos-signer-notarization.mullvadbrowser - − tools/signing/macos-signer-notarization.torbrowser - − tools/signing/macos-signer-proxy - − tools/signing/macos-signer-proxy.mullvadbrowser - − tools/signing/macos-signer-proxy.torbrowser - − tools/signing/macos-signer-stapler - − tools/signing/macos-signer-stapler.mullvadbrowser - − tools/signing/macos-signer-stapler.torbrowser - tools/signing/set-config - tools/signing/set-config.hosts - − tools/signing/set-config.macos-notarization - − tools/signing/sync-macos-local-to-macos-signer - − tools/signing/sync-macos-local-to-macos-signer.mullvadbrowser - − tools/signing/sync-macos-local-to-macos-signer.torbrowser - − tools/signing/sync-macos-local-to-macos-signer.torbrowser.dry-run - − tools/signing/sync-macos-signer-stapled-to-macos-local-stapled - − tools/signing/sync-macos-signer-stapled-to-macos-local-stapled.mullvadbrowser - − tools/signing/sync-macos-signer-stapled-to-macos-local-stapled.torbrowser - − tools/signing/sync-macos-signer-stapled-to-macos-local-stapled.torbrowser.dry-run - − tools/signing/sync-scripts-to-macos-signer - − tools/signing/sync-scripts-to-macos-signer.mullvadbrowser - − tools/signing/sync-scripts-to-macos-signer.torbrowser - − tools/signing/sync-scripts-to-macos-signer.torbrowser.dry-run Changes: ===================================== tools/signing/do-all-signing ===================================== @@ -8,19 +8,9 @@ NON_INTERACTIVE=1 steps_dir="$signed_version_dir.steps" test -d "$steps_dir" || mkdir -p "$steps_dir" -if test -n "$use_rcodesign" -then - test -f "$steps_dir/linux-signer-rcodesign-sign.done" || - read -sp "Enter rcodesign passphrase for key-1: " RCODESIGN_PW - echo -else - test -f "$steps_dir/macos-signer-gatekeeper-signing.done" || - read -sp "Enter macos keychain passphrase: " KEYCHAIN_PW - echo - test -f "$steps_dir/macos-signer-notarization.done" || - read -sp "Enter macos notarization passphrase: " NOTARIZATION_PW - echo -fi +test -f "$steps_dir/linux-signer-rcodesign-sign.done" || + read -sp "Enter rcodesign passphrase for key-1: " RCODESIGN_PW +echo is_project torbrowser && nssdb=torbrowser-nssdb7 is_project mullvadbrowser && nssdb=mullvadbrowser-nssdb-1 test -f "$steps_dir/linux-signer-signmars.done" || @@ -67,52 +57,6 @@ function rcodesign-notary-submit { "$script_dir/rcodesign-notary-submit" } -function macos-signer-directory-not-present { - # To avoid doing two signings at the same time, or to avoid unknowingly - # using parts from a previous signing attempt, we check that the - # directory does not exist yet (see tor-browser-build#40497) - if ssh "$ssh_host_macos_signer" "test -d $tbb_version" - then - echo "The directory $tbb_version already exists on $ssh_host_macos_signer" - return 1 - fi - return 0 -} - -function sync-scripts-to-macos-signer { - "$script_dir/sync-scripts-to-macos-signer" -} - -function macos-signer-enable-network-proxy-settings { - ssh "$ssh_host_macos_signer" 'networksetup -setsecurewebproxystate Ethernet on' -} - -function macos-signer-gatekeeper-signing { - "$script_dir/sync-macos-local-to-macos-signer" - ssh "$ssh_host_macos_signer" 'bash -s' << EOF - export KEYCHAIN_PW=$KEYCHAIN_PW - ~/signing-$SIGNING_PROJECTNAME-$tbb_version_type/macos-signer-gatekeeper-signing.$SIGNING_PROJECTNAME -EOF - unset KEYCHAIN_PW -} - -function macos-signer-notarization { - ssh "$ssh_host_macos_signer" 'bash -s' << EOF - export PW=$NOTARIZATION_PW - ~/signing-$SIGNING_PROJECTNAME-$tbb_version_type/macos-signer-notarization.$SIGNING_PROJECTNAME -EOF - unset NOTARIZATION_PW -} - -function macos-signer-stapler { - ssh "$ssh_host_macos_signer" "~/signing-$SIGNING_PROJECTNAME-$tbb_version_type/macos-signer-stapler.$SIGNING_PROJECTNAME" - "$script_dir/sync-macos-signer-stapled-to-macos-local-stapled" -} - -function macos-signer-disable-network-proxy-settings { - ssh "$ssh_host_macos_signer" 'networksetup -setsecurewebproxystate Ethernet off' -} - function gatekeeper-bundling { "$script_dir/gatekeeper-bundling.sh" } @@ -212,10 +156,6 @@ function upload-update_responses-to-staticiforme { "$script_dir/upload-update_responses-to-staticiforme" } -function finished-signing-clean-macos-signer { - "$script_dir/finished-signing-clean-macos-signer" -} - function finished-signing-clean-linux-signer { "$script_dir/finished-signing-clean-linux-signer" } @@ -233,22 +173,11 @@ export SIGNING_PROJECTNAME do_step wait-for-finished-build do_step sync-builder-unsigned-to-local-signed -if test -n "$use_rcodesign"; -then - do_step sync-scripts-to-linux-signer - do_step sync-before-linux-signer-rcodesign-sign - do_step linux-signer-rcodesign-sign - do_step sync-linux-signer-macos-signed-tar-to-local - do_step rcodesign-notary-submit -else - do_step macos-signer-directory-not-present - do_step sync-scripts-to-macos-signer - do_step macos-signer-enable-network-proxy-settings - do_step macos-signer-gatekeeper-signing - do_step macos-signer-notarization - do_step macos-signer-stapler - do_step macos-signer-disable-network-proxy-settings -fi +do_step sync-scripts-to-linux-signer +do_step sync-before-linux-signer-rcodesign-sign +do_step linux-signer-rcodesign-sign +do_step sync-linux-signer-macos-signed-tar-to-local +do_step rcodesign-notary-submit do_step gatekeeper-bundling do_step dmg2mar do_step sync-scripts-to-linux-signer @@ -272,5 +201,4 @@ do_step sync-local-to-staticiforme do_step sync-scripts-to-staticiforme do_step staticiforme-prepare-cdn-dist-upload do_step upload-update_responses-to-staticiforme -do_step finished-signing-clean-macos-signer do_step finished-signing-clean-linux-signer ===================================== tools/signing/finished-signing-clean-macos-signer deleted ===================================== @@ -1,14 +0,0 @@ -#!/bin/bash - -# Remove current tbb version from macos-signer. You should run this -# when all signing has been done. - -set -e -script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) -source "$script_dir/functions" - -var_is_defined ssh_host_macos_signer tbb_version - -ssh "$ssh_host_macos_signer" 'bash -s' << EOF - test -n "$tbb_version" && rm -Rfv ~/"$SIGNING_PROJECTNAME-$tbb_version" -EOF ===================================== tools/signing/gatekeeper-bundling.sh ===================================== @@ -68,11 +68,7 @@ export PATH="$PATH:$tmpdir/libdmg-hfsplus:$tmpdir/hfsplus-tools" cd $tmpdir/dmg -if test -n "$use_rcodesign"; then - tar -xf $macos_stapled_dir/"${proj_name}-${tbb_version}-notarized+stapled.tar.zst" -else - unzip -q $macos_stapled_dir/tb-${tbb_version}_ALL-stapled.zip -fi +tar -xf $macos_stapled_dir/"${proj_name}-${tbb_version}-notarized+stapled.tar.zst" cd .. $script_dir/ddmg.sh $macos_signed_dir/${proj_name}-macos-${tbb_version}.dmg $tmpdir/dmg/ "$Proj_Name" ===================================== tools/signing/macos-signer-gatekeeper-signing deleted ===================================== @@ -1,100 +0,0 @@ -#!/bin/bash -set -e - -script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) -source "$script_dir/functions" -source "$script_dir/set-config.generated-config" - -ENTITLEMENTS="$script_dir/$tbb_version_type.entitlements.xml" -app_name=$(Project_Name) - -function check_signature() { - LANG=$1 - UNZIP=$2 - local failed_open=0 - local failed_exec=0 - if [ ${UNZIP} -eq 1 ] - then - test -d test_${LANG} && rm -r test_${LANG} - unzip -d test_${LANG} -q tb-${tbb_version}_$LANG.zip - pushd test_${LANG} - fi - echo "Checking $LANG..." - spctl -vvvv --assess --type open --context context:primary-signature "$app_name.app/" - if [ $? -ne 3 ]; then - echo tb-${tbb_version}_$LANG.zip not signed correctly. Failed open. - failed_open=1 - fi - spctl -vvvv --assess --type exec --context context:primary-signature "$app_name.app/" - if [ $? -ne 0 ]; then - echo tb-${tbb_version}_$LANG.zip not signed correctly. Failed exec. - failed_exec=1 - fi - if [ ${UNZIP} -eq 1 ] - then - popd - rm -r test_${LANG} - fi - if [ ${failed_open} -ne 0 -o ${failed_exec} -ne 0 ] - then - return 1 - fi -} - -cd ~/$SIGNING_PROJECTNAME-${tbb_version} - -if test -n "$KEYCHAIN_PW" -then - KPW="-p $KEYCHAIN_PW" -fi - -security unlock $KPW /Users/torbrowser/Library/Keychains/tbb-signing-alpha.keychain -security unlock $KPW /Users/torbrowser/Library/Keychains/tbb-signing-2021.keychain - -unset KPW KEYCHAIN_PW - -for LANG in ALL -do - if [ -f tb-${tbb_version}_${LANG}.zip ] - then - echo "Deleting tb-${tbb_version}_${LANG}.zip" - rm tb-${tbb_version}_${LANG}.zip - fi - if [ -d "$app_name.app" ] - then - echo "Deleting $app_name.app" - rm -r "$app_name.app" - fi - if [ -d "/Volumes/$app_name" ]; then - echo "DMG already mounted. Please correct." - exit 1 - fi - hdiutil attach $(project-name)-macos-${tbb_version}.dmg - cp -rf "/Volumes/$app_name/$app_name.app" "$app_name.app" - echo "Signing ${app_name}_${LANG}.app" - codesign -vvv --deep -o runtime --entitlements="$ENTITLEMENTS" --timestamp -f -s "Developer ID Application: The Tor Project, Inc (MADPSAYN6T)" "$app_name.app/" - echo "codesign exit code: $?" - set +e - check_signature $LANG 0 - if [ $? -eq 1 ] - then - echo Signature verification failed. - rm -r "$app_name.app" - hdiutil detach "/Volumes/$app_name" - exit 1 - fi - set -e - echo "Zipping up tb-${tbb_version}_${LANG}.zip" - zip -qr tb-${tbb_version}_${LANG}.zip "$app_name.app" - rm -rf "$app_name.app" - hdiutil detach "/Volumes/$app_name" - set +e - check_signature $LANG 1 - if [ $? -eq 1 ] - then - echo "Signature verification failed (${LANG})". - rm -r "$app_name.app" - exit 1 - fi - set -e -done ===================================== tools/signing/macos-signer-gatekeeper-signing.mullvadbrowser deleted ===================================== @@ -1 +0,0 @@ -macos-signer-gatekeeper-signing \ No newline at end of file ===================================== tools/signing/macos-signer-gatekeeper-signing.torbrowser deleted ===================================== @@ -1 +0,0 @@ -macos-signer-gatekeeper-signing \ No newline at end of file ===================================== tools/signing/macos-signer-notarization deleted ===================================== @@ -1,44 +0,0 @@ -#!/bin/bash -set -e - -script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) -source "$script_dir/functions" -source "$script_dir/set-config.macos-notarization" - -ALTOOL=~/Xcode.app/Contents/SharedFrameworks/ContentDeliveryServices.framework/Versions/A/Frameworks/AppStoreService.framework/Versions/A/Support/altool - -cd ~/$SIGNING_PROJECTNAME-${tbb_version} - -if [ -z "${PW}" ]; then - echo "Please enter notarization password:" - stty -echo; read PW; stty echo; export PW -fi - -for LANG in ALL -do - if test -f ${LANG}/tb-${tbb_version}_$LANG.zip.uuid - then - echo "Skipping ${LANG}/tb-${tbb_version}_$LANG.zip" - continue; - fi - if test -d ${LANG}; then - mv ${LANG}/tb-${tbb_version}_$LANG.zip ./ - rm -r ${LANG}/ - fi - mkdir $LANG - cd $LANG - mv ../tb-${tbb_version}_$LANG.zip . - unzip -q tb-${tbb_version}_$LANG.zip - echo "Notarizing $LANG..." - $ALTOOL --notarize-app --verbose -t osx -f tb-${tbb_version}_$LANG.zip --primary-bundle-id org.torproject.torbrowser -u "$macos_notarization_user" -p @env:PW --output-format xml | tee tb-${tbb_version}_$LANG.zip.log 2>&1 - - request_uuid=`grep -A1 RequestUUID tb-${tbb_version}_$LANG.zip.log | grep -o '[0-9a-f]\+[0-9a-f-]\+'` - if [ -z "${request_uuid}" ]; then - echo "Request UUID not present. Notarization failed" - exit 1 - fi - echo ${request_uuid} > tb-${tbb_version}_$LANG.zip.uuid - echo "Notarization done for $LANG." - - cd .. -done ===================================== tools/signing/macos-signer-notarization.mullvadbrowser deleted ===================================== @@ -1 +0,0 @@ -macos-signer-notarization \ No newline at end of file ===================================== tools/signing/macos-signer-notarization.torbrowser deleted ===================================== @@ -1 +0,0 @@ -macos-signer-notarization \ No newline at end of file ===================================== tools/signing/macos-signer-proxy deleted ===================================== @@ -1,6 +0,0 @@ -#!/bin/bash -set -e -script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) -source "$script_dir/functions" - -ssh -R :1080 "$ssh_host_macos_signer" 'python ~/proxy.py --port 8443' ===================================== tools/signing/macos-signer-proxy.mullvadbrowser deleted ===================================== @@ -1 +0,0 @@ -macos-signer-proxy \ No newline at end of file ===================================== tools/signing/macos-signer-proxy.torbrowser deleted ===================================== @@ -1 +0,0 @@ -macos-signer-proxy \ No newline at end of file ===================================== tools/signing/macos-signer-stapler deleted ===================================== @@ -1,22 +0,0 @@ -#!/bin/bash -set -e - -read -n 1 -p "Press enter once notarization is complete..." - -script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) -source "$script_dir/functions" -source "$script_dir/set-config.generated-config" - -STAPLER=/Users/torbrowser/Xcode.app/Contents//Developer/usr/bin/stapler -app_name=$(Project_Name) - -cd ~/$SIGNING_PROJECTNAME-${tbb_version} - -for LANG in ALL -do - echo "Stapling $LANG..." - cd $LANG - $STAPLER staple "$app_name.app" - zip -qr ../tb-${tbb_version}_$LANG-stapled.zip "$app_name.app" - cd .. -done ===================================== tools/signing/macos-signer-stapler.mullvadbrowser deleted ===================================== @@ -1 +0,0 @@ -macos-signer-stapler \ No newline at end of file ===================================== tools/signing/macos-signer-stapler.torbrowser deleted ===================================== @@ -1 +0,0 @@ -macos-signer-stapler \ No newline at end of file ===================================== tools/signing/set-config ===================================== @@ -38,5 +38,3 @@ rsync_options="-avH ${rsync_progress:-} ${DRY_RUN:-}" tb_builders='boklm dan henry ma1 pierov richard' wrappers_dir=/signing/tor-browser-build/tools/signing/wrappers - -use_rcodesign=1 ===================================== tools/signing/set-config.hosts ===================================== @@ -1,6 +1,5 @@ ssh_host_builder=tbbuild ssh_host_linux_signer=linux-signer-notor -ssh_host_macos_signer=mac-signer-notor ssh_host_staticiforme=staticiforme.torproject.org builder_tor_browser_build_dir=/home/user/tor-browser-build ===================================== tools/signing/set-config.macos-notarization deleted ===================================== @@ -1,5 +0,0 @@ -# The following line should be uncommented and updated: - -#macos_notarization_user='user@email' - -var_is_defined macos_notarization_user ===================================== tools/signing/sync-macos-local-to-macos-signer deleted ===================================== @@ -1,8 +0,0 @@ -#!/bin/bash -set -e -script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) -source "$script_dir/functions" - -var_is_defined ssh_host_macos_signer - -rsync $rsync_options "$signed_version_dir"/*.dmg "$ssh_host_macos_signer:$SIGNING_PROJECTNAME-$tbb_version/" ===================================== tools/signing/sync-macos-local-to-macos-signer.mullvadbrowser deleted ===================================== @@ -1 +0,0 @@ -sync-macos-local-to-macos-signer \ No newline at end of file ===================================== tools/signing/sync-macos-local-to-macos-signer.torbrowser deleted ===================================== @@ -1 +0,0 @@ -sync-macos-local-to-macos-signer \ No newline at end of file ===================================== tools/signing/sync-macos-local-to-macos-signer.torbrowser.dry-run deleted ===================================== @@ -1 +0,0 @@ -sync-macos-local-to-macos-signer \ No newline at end of file ===================================== tools/signing/sync-macos-signer-stapled-to-macos-local-stapled deleted ===================================== @@ -1,8 +0,0 @@ -#!/bin/bash -set -e -script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) -source "$script_dir/functions" - -var_is_defined ssh_host_macos_signer - -rsync $rsync_options "$ssh_host_macos_signer:$SIGNING_PROJECTNAME-$tbb_version/*-stapled.zip" "$macos_stapled_dir/" ===================================== tools/signing/sync-macos-signer-stapled-to-macos-local-stapled.mullvadbrowser deleted ===================================== @@ -1 +0,0 @@ -sync-macos-signer-stapled-to-macos-local-stapled \ No newline at end of file ===================================== tools/signing/sync-macos-signer-stapled-to-macos-local-stapled.torbrowser deleted ===================================== @@ -1 +0,0 @@ -sync-macos-signer-stapled-to-macos-local-stapled \ No newline at end of file ===================================== tools/signing/sync-macos-signer-stapled-to-macos-local-stapled.torbrowser.dry-run deleted ===================================== @@ -1 +0,0 @@ -sync-macos-signer-stapled-to-macos-local-stapled \ No newline at end of file ===================================== tools/signing/sync-scripts-to-macos-signer deleted ===================================== @@ -1,10 +0,0 @@ -#!/bin/bash -set -e -script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) -source "$script_dir/functions" - -var_is_defined ssh_host_macos_signer - -generate_config - -rsync $rsync_options "$script_dir/" "$ssh_host_macos_signer:signing-$SIGNING_PROJECTNAME-$tbb_version_type/" ===================================== tools/signing/sync-scripts-to-macos-signer.mullvadbrowser deleted ===================================== @@ -1 +0,0 @@ -sync-scripts-to-macos-signer \ No newline at end of file ===================================== tools/signing/sync-scripts-to-macos-signer.torbrowser deleted ===================================== @@ -1 +0,0 @@ -sync-scripts-to-macos-signer \ No newline at end of file ===================================== tools/signing/sync-scripts-to-macos-signer.torbrowser.dry-run deleted ===================================== @@ -1 +0,0 @@ -sync-scripts-to-macos-signer \ No newline at end of file View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/f… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/f… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.5.0esr-13.5-1] 6 commits: fixup! Bug 3455: Add DomainIsolator, for isolating circuit by domain.
by richard (＠richard) 06 Dec '23

06 Dec '23

richard pushed to branch tor-browser-115.5.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 9d6ca8ac by Pier Angelo Vendrame at 2023-12-05T11:00:25+01:00 fixup! Bug 3455: Add DomainIsolator, for isolating circuit by domain. Collect the browsers also on Android. - - - - - 9e239230 by Pier Angelo Vendrame at 2023-12-05T11:08:42+01:00 fixup! Bug 40597: Implement TorSettings module Moved the creation of Meek credentials to a function on its own that we will reuse also with the Android version of MeekTransport. - - - - - 6a649d7f by Pier Angelo Vendrame at 2023-12-05T11:25:06+01:00 fixup! Bug 40933: Add tor-launcher functionality Store the SOCKS settings as a member, so that we can customize them if needed before applying them. Also, cleanup the public interface of TorProcess. E.g., removed TorProcess.connectionWorked, since we do not use this information anymore. Finally, added a TorLauncherUtil.isAndroid. - - - - - 1ad1d839 by Pier Angelo Vendrame at 2023-12-05T13:48:35+01:00 fixup! Bug 27476: Implement about:torconnect captive portal within Tor Browser HTML-ize about:torconnect. Changed file extension, updated the HTML tag, removed short-tags on tags that are expected to have a closing tag. Also, removed the preprocessor and moved the onion pattern to this commit, since it is used only here. - - - - - fbd5b4bb by Pier Angelo Vendrame at 2023-12-05T13:48:42+01:00 fixup! Bug 2176: Rebrand Firefox to TorBrowser Move the onion pattern files to the commit of about:torconnect. - - - - - 3649cc3f by Pier Angelo Vendrame at 2023-12-05T18:48:25+01:00 Temporary changes to about:torconnect for Android. We are planning of tempoorarily using about:torconnect on Android, until the native UX is ready. - - - - - 14 changed files: - docshell/base/nsAboutRedirector.cpp - toolkit/components/tor-launcher/TorDomainIsolator.sys.mjs - toolkit/components/tor-launcher/TorLauncherUtil.sys.mjs - toolkit/components/tor-launcher/TorProcess.sys.mjs - toolkit/components/tor-launcher/TorProvider.sys.mjs - toolkit/components/torconnect/content/aboutTorConnect.css - toolkit/components/torconnect/content/aboutTorConnect.xhtml → toolkit/components/torconnect/content/aboutTorConnect.html - toolkit/components/torconnect/content/aboutTorConnect.js - toolkit/themes/shared/onionPattern.svg → toolkit/components/torconnect/content/onion-pattern.svg - toolkit/components/torconnect/jar.mn - toolkit/modules/Moat.sys.mjs - toolkit/themes/shared/minimal-toolkit.jar.inc.mn - − toolkit/themes/shared/onionPattern.css - − toolkit/themes/shared/onionPattern.inc.xhtml Changes: ===================================== docshell/base/nsAboutRedirector.cpp ===================================== @@ -169,7 +169,7 @@ static const RedirEntry kRedirMap[] = { #endif {"telemetry", "chrome://global/content/aboutTelemetry.xhtml", nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::IS_SECURE_CHROME_UI}, - {"torconnect", "chrome://global/content/torconnect/aboutTorConnect.xhtml", + {"torconnect", "chrome://global/content/torconnect/aboutTorConnect.html", nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | nsIAboutModule::URI_CAN_LOAD_IN_CHILD | nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT | ===================================== toolkit/components/tor-launcher/TorDomainIsolator.sys.mjs ===================================== @@ -475,9 +475,19 @@ class TorDomainIsolatorImpl { * @returns {MozBrowser?} The browser the channel is associated to */ #getBrowserForChannel(channel) { + const currentBrowser = + channel.loadInfo.browsingContext?.topChromeWindow?.browser; + if ( + channel.loadInfo.browsingContext && + currentBrowser?.browsingContext === channel.loadInfo.browsingContext + ) { + // Android has only one browser, and does not have the browsers property. + return currentBrowser; + } const browsers = channel.loadInfo.browsingContext?.topChromeWindow?.gBrowser?.browsers; if (!browsers || !channel.loadInfo.browsingContext?.browserId) { + logger.debug("Missing data to associate to a browser", channel.loadInfo); return null; } for (const browser of browsers) { ===================================== toolkit/components/tor-launcher/TorLauncherUtil.sys.mjs ===================================== @@ -325,6 +325,10 @@ class TorFile { } export const TorLauncherUtil = Object.freeze({ + get isAndroid() { + return Services.appinfo.OS === "Android"; + }, + get isMac() { return Services.appinfo.OS === "Darwin"; }, ===================================== toolkit/components/tor-launcher/TorProcess.sys.mjs ===================================== @@ -33,8 +33,6 @@ export class TorProcess { #args = []; #subprocess = null; #status = TorProcessStatus.Unknown; - // Have we ever made a connection on the control port? - #didConnectToTorControlPort = false; onExit = exitCode => {}; @@ -69,10 +67,6 @@ export class TorProcess { } } - get status() { - return this.#status; - } - get isRunning() { return ( this.#status === TorProcessStatus.Starting || @@ -102,7 +96,6 @@ export class TorProcess { } this.#status = TorProcessStatus.Starting; - this.#didConnectToTorControlPort = false; // useful for simulating slow tor daemon launch const kPrefTorDaemonLaunchDelay = "extensions.torlauncher.launch_delay"; @@ -155,13 +148,6 @@ export class TorProcess { this.#status = TorProcessStatus.Exited; } - // The owner of the process can use this function to tell us that they - // successfully connected to the control port. This information will be used - // only to decide which text to show in the confirmation dialog if tor exits. - connectionWorked() { - this.#didConnectToTorControlPort = true; - } - async #dumpStdout() { let string; while ( @@ -201,20 +187,6 @@ export class TorProcess { #processExitedUnexpectedly(exitCode) { this.#subprocess = null; this.#status = TorProcessStatus.Exited; - // FIXME: We can probably drop #didConnectToTorControlPort and use only one - // callback. Then we can let the provider actually distinguish between the - // cases. - if (!this.#didConnectToTorControlPort) { - logger.warn("Tor exited before we could connect to its control port."); - // tor might be misconfigured, because we could never connect to it. - // Two instances of Tor Browser trying to use the same port numbers is - // also a typical scenario for this. - // This might happen very early, before the browser UI is actually - // available. So, we will tell the process owner that the process exited, - // without trying to restart it. - this.onExit(exitCode); - return; - } logger.warn("Tor exited suddenly."); this.onExit(exitCode); } ===================================== toolkit/components/tor-launcher/TorProvider.sys.mjs ===================================== @@ -35,6 +35,15 @@ const logger = new ConsoleAPI({ * @property {string=} host The host to connect for a TCP control port * @property {number=} port The port number to use for a TCP control port */ +/** + * @typedef {object} SocksSettings An object that includes the proxy settings to + * be configured in the browser. + * @property {boolean=} transproxy If true, no proxy is configured + * @property {nsIFile=} ipcFile The nsIFile object with the path to a Unix + * socket to use for an IPC proxy + * @property {string=} host The host to connect for a TCP proxy + * @property {number=} port The port number to use for a TCP proxy + */ /** * @typedef {object} LogEntry An object with a log message * @property {Date} date The date at which we received the message @@ -111,6 +120,13 @@ export class TorProvider { */ #torProcess = null; + /** + * The settings for the SOCKS proxy. + * + * @type {SocksSettings?} + */ + #socksSettings = null; + /** * The logs we received over the control port. * We store a finite number of log entries which can be configured with @@ -165,8 +181,9 @@ export class TorProvider { async init() { logger.debug("Initializing the Tor provider."); - const socksSettings = TorLauncherUtil.getPreferredSocksConfiguration(); - logger.debug("Requested SOCKS configuration", socksSettings); + // These settings might be customized in the following steps. + this.#socksSettings = TorLauncherUtil.getPreferredSocksConfiguration(); + logger.debug("Requested SOCKS configuration", this.#socksSettings); try { await this.#setControlPortConfiguration(); @@ -175,11 +192,11 @@ export class TorProvider { throw e; } - if (socksSettings.transproxy) { + if (this.#socksSettings.transproxy) { logger.info("Transparent proxy required, not starting a Tor daemon."); } else if (this.ownsTorDaemon) { try { - await this.#startDaemon(socksSettings); + await this.#startDaemon(); } catch (e) { logger.error("Failed to start the tor daemon", e); throw e; @@ -197,8 +214,7 @@ export class TorProvider { throw e; } - // We do not customize SOCKS settings, at least for now. - TorLauncherUtil.setProxyConfiguration(socksSettings); + TorLauncherUtil.setProxyConfiguration(this.#socksSettings); logger.info("The Tor provider is ready."); @@ -464,7 +480,7 @@ export class TorProvider { // Process management - async #startDaemon(socksSettings) { + async #startDaemon() { // TorProcess should be instanced once, then always reused and restarted // only through the prompt it exposes when the controlled process dies. if (this.#torProcess) { @@ -476,7 +492,7 @@ export class TorProvider { this.#torProcess = new lazy.TorProcess( this.#controlPortSettings, - socksSettings + this.#socksSettings ); // Use a closure instead of bind because we reassign #cancelConnection. // Also, we now assign an exit handler that cancels the first connection, @@ -619,7 +635,6 @@ export class TorProvider { } this.#openControlPort() .then(controller => { - this.#torProcess?.connectionWorked(); this.#cancelConnection = () => {}; // The cancel function should have already called reject. if (!canceled) { ===================================== toolkit/components/torconnect/content/aboutTorConnect.css ===================================== @@ -10,6 +10,11 @@ --onion-radius: 75px; } +html { + width: 100%; + height: 100%; +} + input[type="checkbox"]:focus, select:focus { outline: none!important; box-shadow: 0 0 0 3px var(--purple-30) !important; @@ -330,3 +335,166 @@ body { background-image: url("chrome://global/content/torconnect/connection-location.svg"); stroke: var(--warning-color); } + +.onion-pattern-container { + flex: auto; /* grow to consume remaining space on the page */ + display: flex; + margin: 0 auto; + width: 100%; + /* two onions tall, 4x the radius */ + height: calc(4 * var(--onion-radius)); + max-height: calc(4 * var(--onion-radius)); + min-height: calc(4 * var(--onion-radius)); + direction: ltr; +} + +.onion-pattern-crop { + height: 100%; + width: 100%; + + -moz-context-properties: fill; + fill: var(--onion-color, currentColor); + /* opacity of the entire div, not context-opacity */ + opacity: var(--onion-opacity, 1); + + background-image: url("chrome://global/content/torconnect/onion-pattern.svg"); + background-repeat: repeat; + background-attachment: local; + background-position: center; + /* svg source is 6 onions wide and 2 onions tall */ + background-size: calc(6 * 2 * var(--onion-radius)) calc(2 * 2 * var(--onion-radius));; +} + +:root { + --android-dark-accents-buttons: #9059FF; + --android-dark-background-secondary: #E1E0E7; + --android-dark-text-primary: #FBFBFE; + --android-light-text-primary: #15141A; +} + +[hidden=true] { + display: none !important; +} + +body.android { + --onion-color: var(--android-dark-text-primary); + width: 100%; + height: 100%; + box-sizing: border-box; + margin: 0; + padding: 0 24px !important; + color: var(--onion-color); + background: linear-gradient(194deg, #692E9D -0.93%, #393270 48.91%); + font: menu; + font-size: 14px; + display: flex; +} + +.android #connectPageContainer { + max-width: none; + display: flex; + flex-direction: column; + flex: 1; +} + +.android #breadcrumbs { + display: none; +} + +.android #text-container { + display: flex; + flex-direction: column; + flex: 1; +} + +.android .title { + background-position: left 0; + background-repeat: no-repeat; + background-size: 40px; + padding-top: 64px; + font-size: 22px; + line-height: 28px; +} + +.android h1 { + font-weight: normal; + font-size: 100%; + margin: 0 0 16px 0; +} + +.android p { + margin: 0; + padding-bottom: 8px; + line-height: 20px; +} + +.android #quickstartContainer { + margin-top: 24px; +} + +.android .button-container { + display: flex; + flex: 1; + flex-direction: column; +} + +.android #locationDropdown { + width: 100%; + max-width: none; + margin: 0; +} + +.android select { + background: transparent; + border: none; + border-bottom: 1px solid var(--android-dark-text-primary); + color: var(--android-dark-text-primary); + display: block; + width: 100%; + margin-top: 10px; + padding: 8px; +} + +.android #buttonPadding { + flex: 1; +} + +.android #connectButtonContainer { + width: 100%; + padding-bottom: 18px; + display: grid; +} + +/* Be sure not to match the togglee */ +.android #connectButtonContainer button { + display: block; + width: 100%; + margin: 4px 0; + padding: 11px 30px; + font-size: 14px; + font-weight: 500; + border: none; + border-radius: 4px; +} + +.android #connectButton, .android #tryBridgeButton, .android #configureButton.primary { + color: var(--android-dark-text-primary); + background-color: var(--android-dark-accents-buttons); +} + +.android #configureButton { + order: 1; +} + +.android #restartButton { + order: 2; +} + +.android #restartButton, .android #cancelButton, .android #configureButton { + color: var(--android-light-text-primary); + background-color: var(--android-dark-background-secondary); +} + +.android .onion-pattern-container { + display: none; +} ===================================== toolkit/components/torconnect/content/aboutTorConnect.xhtml → toolkit/components/torconnect/content/aboutTorConnect.html ===================================== @@ -1,17 +1,12 @@  <!DOCTYPE html> -<html xmlns="http://www.w3.org/1999/xhtml"> +<html> <head> <meta http-equiv="Content-Security-Policy" content="default-src chrome:; object-src 'none'" /> - <link - rel="stylesheet" - href="chrome://global/skin/onionPattern.css" - type="text/css" - media="all" - /> + <meta name="viewport" content="width=device-width"> <link rel="stylesheet" href="chrome://global/content/torconnect/aboutTorConnect.css" @@ -21,64 +16,69 @@ </head> <body> <div id="progressBar"> - <div id="progressBackground" /> - <div id="progressSolid" /> + <div id="progressBackground"></div> + <div id="progressSolid"></div> </div> <div id="connectPageContainer" class="container"> <div id="breadcrumbs" class="hidden"> <span id="connect-to-tor" class="breadcrumb-item"> - <span id="connect-to-tor-icon" class="breadcrumb-icon" /> - <span class="breadcrumb-label" /> + <span id="connect-to-tor-icon" class="breadcrumb-icon"></span> + <span class="breadcrumb-label"></span> </span> <span id="connection-assist-separator" class="breadcrumb-separator breadcrumb-icon" - /> + ></span> <span id="connection-assist" class="breadcrumb-item"> - <span id="connection-assist-icon" class="breadcrumb-icon" /> - <span class="breadcrumb-label" /> + <span id="connection-assist-icon" class="breadcrumb-icon"></span> + <span class="breadcrumb-label"></span> </span> <span id="try-bridge-separator" class="breadcrumb-separator breadcrumb-icon" - /> + ></span> <span id="try-bridge" class="breadcrumb-item"> - <span id="try-bridge-icon" class="breadcrumb-icon" /> - <span class="breadcrumb-label" /> + <span id="try-bridge-icon" class="breadcrumb-icon"></span> + <span class="breadcrumb-label"></span> </span> </div> <div id="text-container"> <div class="title"> - <h1 class="title-text" /> + <h1 class="title-text"></h1> </div> <div id="connectLongContent"> - <p id="connectLongContentText" /> + <p id="connectLongContentText"></p> </div> <div id="connectShortDesc"> - <p id="connectShortDescText" /> + <p id="connectShortDescText"></p> </div> <button id="viewLogButton"></button> <div id="quickstartContainer"> <input id="quickstartCheckbox" type="checkbox" /> - <label id="quickstartCheckboxLabel" for="quickstartCheckbox" /> + <label id="quickstartCheckboxLabel" for="quickstartCheckbox"></label> </div> - <div id="connectButtonContainer" class="button-container"> - <button id="restartButton" hidden="true"></button> - <button id="configureButton" hidden="true"></button> - <button id="cancelButton" hidden="true"></button> - <button id="connectButton" class="primary" hidden="true"></button> - <label id="locationDropdownLabel" for="countries" /> + <div class="button-container"> + <label id="locationDropdownLabel" for="countries"></label> <form id="locationDropdown" hidden="true"> <select id="countries"></select> </form> - <button id="tryBridgeButton" class="primary" hidden="true"></button> + <span id="buttonPadding"></span> + <span id="connectButtonContainer"> + <button id="restartButton" hidden="true"></button> + <button id="configureButton" hidden="true"></button> + <button id="cancelButton" hidden="true"></button> + <button id="connectButton" class="primary" hidden="true"></button> + <button id="tryBridgeButton" class="primary" hidden="true"></button> + </span> </div> </div> </div> -#include ../../../themes/shared/onionPattern.inc.xhtml + <div class="onion-pattern-container"> + <div class="onion-pattern-crop"></div> + </div> + <script src="chrome://global/content/torconnect/aboutTorConnect.js"></script> </body> - <script src="chrome://global/content/torconnect/aboutTorConnect.js" /> </html> ===================================== toolkit/components/torconnect/content/aboutTorConnect.js ===================================== @@ -70,8 +70,8 @@ class AboutTorConnect { connect: "button#connectButton", tryBridge: "button#tryBridgeButton", locationDropdownLabel: "#locationDropdownLabel", - locationDropdown: "form#locationDropdown", - locationDropdownSelect: "form#locationDropdown select", + locationDropdown: "#locationDropdown", + locationDropdownSelect: "#locationDropdown select", }, }); @@ -666,6 +666,9 @@ class AboutTorConnect { } initElements(direction) { + const isAndroid = navigator.userAgent.indexOf("Android") !== -1; + document.body.classList.toggle("android", isAndroid); + document.documentElement.setAttribute("dir", direction); this.elements.connectToTorLink.addEventListener("click", event => { ===================================== toolkit/themes/shared/onionPattern.svg → toolkit/components/torconnect/content/onion-pattern.svg ===================================== ===================================== toolkit/components/torconnect/jar.mn ===================================== @@ -3,12 +3,13 @@ toolkit.jar: content/global/torconnect/torConnectTitlebarStatus.js (content/torConnectTitlebarStatus.js) content/global/torconnect/torConnectTitlebarStatus.css (content/torConnectTitlebarStatus.css) content/global/torconnect/aboutTorConnect.css (content/aboutTorConnect.css) -* content/global/torconnect/aboutTorConnect.xhtml (content/aboutTorConnect.xhtml) + content/global/torconnect/aboutTorConnect.html (content/aboutTorConnect.html) content/global/torconnect/aboutTorConnect.js (content/aboutTorConnect.js) content/global/torconnect/arrow-right.svg (content/arrow-right.svg) content/global/torconnect/bridge.svg (content/bridge.svg) content/global/torconnect/connection-failure.svg (content/connection-failure.svg) content/global/torconnect/connection-location.svg (content/connection-location.svg) + content/global/torconnect/onion-pattern.svg (content/onion-pattern.svg) content/global/torconnect/tor-connect.svg (content/tor-connect.svg) content/global/torconnect/tor-not-connected-to-connected-animated.svg (content/tor-not-connected-to-connected-animated.svg) content/global/torconnect/tor-connect-broken.svg (content/tor-connect-broken.svg) ===================================== toolkit/modules/Moat.sys.mjs ===================================== @@ -21,6 +21,56 @@ const TorLauncherPrefs = Object.freeze({ moat_service: "extensions.torlauncher.moat_service", }); +function makeMeekCredentials(proxyType) { + // Construct the per-connection arguments. + let meekClientEscapedArgs = ""; + const meekReflector = Services.prefs.getStringPref( + TorLauncherPrefs.bridgedb_reflector + ); + + // Escape aValue per section 3.5 of the PT specification: + // First the "<Key>=<Value>" formatted arguments MUST be escaped, + // such that all backslash, equal sign, and semicolon characters + // are escaped with a backslash. + const escapeArgValue = aValue => + aValue + ? aValue + .replaceAll("\\", "\\\\") + .replaceAll("=", "\\=") + .replaceAll(";", "\\;") + : ""; + + if (meekReflector) { + meekClientEscapedArgs += "url="; + meekClientEscapedArgs += escapeArgValue(meekReflector); + } + const meekFront = Services.prefs.getStringPref( + TorLauncherPrefs.bridgedb_front + ); + if (meekFront) { + if (meekClientEscapedArgs.length) { + meekClientEscapedArgs += ";"; + } + meekClientEscapedArgs += "front="; + meekClientEscapedArgs += escapeArgValue(meekFront); + } + + // socks5 + if (proxyType === "socks") { + if (meekClientEscapedArgs.length <= 255) { + return [meekClientEscapedArgs, "\x00"]; + } else { + return [ + meekClientEscapedArgs.substring(0, 255), + meekClientEscapedArgs.substring(255), + ]; + } + // socks4 + } else { + return [meekClientEscapedArgs, undefined]; + } +} + // // Launches and controls the PT process lifetime // @@ -70,39 +120,6 @@ class MeekTransport { proxy.pathToBinary = meekPath.path; } - // Construct the per-connection arguments. - let meekClientEscapedArgs = ""; - const meekReflector = Services.prefs.getStringPref( - TorLauncherPrefs.bridgedb_reflector - ); - - // Escape aValue per section 3.5 of the PT specification: - // First the "<Key>=<Value>" formatted arguments MUST be escaped, - // such that all backslash, equal sign, and semicolon characters - // are escaped with a backslash. - const escapeArgValue = aValue => - aValue - ? aValue - .replaceAll("\\", "\\\\") - .replaceAll("=", "\\=") - .replaceAll(";", "\\;") - : ""; - - if (meekReflector) { - meekClientEscapedArgs += "url="; - meekClientEscapedArgs += escapeArgValue(meekReflector); - } - const meekFront = Services.prefs.getStringPref( - TorLauncherPrefs.bridgedb_front - ); - if (meekFront) { - if (meekClientEscapedArgs.length) { - meekClientEscapedArgs += ";"; - } - meekClientEscapedArgs += "front="; - meekClientEscapedArgs += escapeArgValue(meekFront); - } - // Setup env and start meek process const ptStateDir = lazy.TorLauncherUtil.getTorFile("tordatadir", false); ptStateDir.append("pt_state"); // Match what tor uses. @@ -247,22 +264,9 @@ class MeekTransport { this.#meekClientProcess = null; this.uninit(); }); - - // socks5 - if (this.proxyType === "socks") { - if (meekClientEscapedArgs.length <= 255) { - this.proxyUsername = meekClientEscapedArgs; - this.proxyPassword = "\x00"; - } else { - this.proxyUsername = meekClientEscapedArgs.substring(0, 255); - this.proxyPassword = meekClientEscapedArgs.substring(255); - } - // socks4 - } else { - this.proxyUsername = meekClientEscapedArgs; - this.proxyPassword = undefined; - } - + [this.proxyUsername, this.proxyPassword] = makeMeekCredentials( + this.proxyType + ); this.#inited = true; } catch (ex) { if (this.#meekClientProcess) { @@ -403,7 +407,7 @@ export class MoatRPC { throw new Error("MoatRPC: Already initialized"); } - let meekTransport = new MeekTransport(); + const meekTransport = new MeekTransport(); await meekTransport.init(); this.#meekTransport = meekTransport; this.#inited = true; ===================================== toolkit/themes/shared/minimal-toolkit.jar.inc.mn ===================================== @@ -47,7 +47,3 @@ toolkit.jar: skin/classic/global/media/textrecognition.css (../../shared/media/textrecognition.css) skin/classic/global/browser-colors.css (../../shared/browser-colors.css) - -# Tor customization - skin/classic/global/onionPattern.css (../../shared/onionPattern.css) - skin/classic/global/onionPattern.svg (../../shared/onionPattern.svg) ===================================== toolkit/themes/shared/onionPattern.css deleted ===================================== @@ -1,31 +0,0 @@ -/* Onion pattern */ - -.onion-pattern-container { - - flex: auto; /* grow to consume remaining space on the page */ - display: flex; - margin: 0 auto; - width: 100%; - /* two onions tall, 4x the radius */ - height: calc(4 * var(--onion-radius)); - max-height: calc(4 * var(--onion-radius)); - min-height: calc(4 * var(--onion-radius)); - direction: ltr; -} - -.onion-pattern-crop { - height: 100%; - width: 100%; - - -moz-context-properties: fill; - fill: var(--onion-color, currentColor); - /* opacity of the entire div, not context-opacity */ - opacity: var(--onion-opacity, 1); - - background-image: url("chrome://global/skin/onionPattern.svg"); - background-repeat: repeat; - background-attachment: local; - background-position: center; - /* svg source is 6 onions wide and 2 onions tall */ - background-size: calc(6 * 2 * var(--onion-radius)) calc(2 * 2 * var(--onion-radius));; -} ===================================== toolkit/themes/shared/onionPattern.inc.xhtml deleted ===================================== @@ -1,12 +0,0 @@ - - -<div class="onion-pattern-container"> - <div class="onion-pattern-crop"/> -</div> \ No newline at end of file View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/410b9a… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/410b9a… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser-update-responses][main] 2 commits: alpha: new version, 13.5a2
by richard (＠richard) 05 Dec '23

05 Dec '23

richard pushed to branch main at The Tor Project / Applications / mullvad-browser-update-responses Commits: a699b121 by Richard Pospesel at 2023-11-28T17:15:24+00:00 alpha: new version, 13.5a2 - - - - - 40a15b9a by Richard Pospesel at 2023-12-05T16:57:15+00:00 release: new version, 13.0.6 - - - - - 30 changed files: - update_1/alpha/.htaccess - − update_1/alpha/13.0a4-13.5a1-linux-x86_64-ALL.xml - − update_1/alpha/13.0a4-13.5a1-macos-ALL.xml - − update_1/alpha/13.0a4-13.5a1-windows-x86_64-ALL.xml - − update_1/alpha/13.0a5-13.5a1-linux-x86_64-ALL.xml - − update_1/alpha/13.0a5-13.5a1-macos-ALL.xml - − update_1/alpha/13.0a5-13.5a1-windows-x86_64-ALL.xml - + update_1/alpha/13.0a5-13.5a2-linux-x86_64-ALL.xml - + update_1/alpha/13.0a5-13.5a2-macos-ALL.xml - + update_1/alpha/13.0a5-13.5a2-windows-x86_64-ALL.xml - − update_1/alpha/13.0a6-13.5a1-linux-x86_64-ALL.xml - − update_1/alpha/13.0a6-13.5a1-macos-ALL.xml - − update_1/alpha/13.0a6-13.5a1-windows-x86_64-ALL.xml - + update_1/alpha/13.0a6-13.5a2-linux-x86_64-ALL.xml - + update_1/alpha/13.0a6-13.5a2-macos-ALL.xml - + update_1/alpha/13.0a6-13.5a2-windows-x86_64-ALL.xml - + update_1/alpha/13.5a1-13.5a2-linux-x86_64-ALL.xml - + update_1/alpha/13.5a1-13.5a2-macos-ALL.xml - + update_1/alpha/13.5a1-13.5a2-windows-x86_64-ALL.xml - − update_1/alpha/13.5a1-linux-x86_64-ALL.xml - − update_1/alpha/13.5a1-macos-ALL.xml - − update_1/alpha/13.5a1-windows-x86_64-ALL.xml - + update_1/alpha/13.5a2-linux-x86_64-ALL.xml - + update_1/alpha/13.5a2-macos-ALL.xml - + update_1/alpha/13.5a2-windows-x86_64-ALL.xml - update_1/alpha/download-linux-x86_64.json - update_1/alpha/download-macos.json - update_1/alpha/download-windows-x86_64.json - update_1/alpha/downloads.json - update_1/release/.htaccess The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser-update-respo… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser-update-respo… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-update-responses][main] release: new version, 13.0.6
by richard (＠richard) 05 Dec '23

05 Dec '23

richard pushed to branch main at The Tor Project / Applications / Tor Browser update responses Commits: 4d2eccc7 by Richard Pospesel at 2023-12-05T16:23:01+00:00 release: new version, 13.0.6 - - - - - 30 changed files: - update_3/release/.htaccess - − update_3/release/13.0-13.0.5-linux-i686-ALL.xml - − update_3/release/13.0-13.0.5-linux-x86_64-ALL.xml - − update_3/release/13.0-13.0.5-macos-ALL.xml - − update_3/release/13.0-13.0.5-windows-i686-ALL.xml - − update_3/release/13.0-13.0.5-windows-x86_64-ALL.xml - + update_3/release/13.0-13.0.6-linux-i686-ALL.xml - + update_3/release/13.0-13.0.6-linux-x86_64-ALL.xml - + update_3/release/13.0-13.0.6-macos-ALL.xml - + update_3/release/13.0-13.0.6-windows-i686-ALL.xml - + update_3/release/13.0-13.0.6-windows-x86_64-ALL.xml - − update_3/release/13.0.1-13.0.5-linux-i686-ALL.xml - − update_3/release/13.0.1-13.0.5-linux-x86_64-ALL.xml - − update_3/release/13.0.1-13.0.5-macos-ALL.xml - − update_3/release/13.0.1-13.0.5-windows-i686-ALL.xml - − update_3/release/13.0.1-13.0.5-windows-x86_64-ALL.xml - + update_3/release/13.0.1-13.0.6-linux-i686-ALL.xml - + update_3/release/13.0.1-13.0.6-linux-x86_64-ALL.xml - + update_3/release/13.0.1-13.0.6-macos-ALL.xml - + update_3/release/13.0.1-13.0.6-windows-i686-ALL.xml - + update_3/release/13.0.1-13.0.6-windows-x86_64-ALL.xml - − update_3/release/13.0.4-13.0.5-linux-i686-ALL.xml - − update_3/release/13.0.4-13.0.5-linux-x86_64-ALL.xml - − update_3/release/13.0.4-13.0.5-macos-ALL.xml - − update_3/release/13.0.4-13.0.5-windows-i686-ALL.xml - − update_3/release/13.0.4-13.0.5-windows-x86_64-ALL.xml - + update_3/release/13.0.5-13.0.6-linux-i686-ALL.xml - + update_3/release/13.0.5-13.0.6-linux-x86_64-ALL.xml - + update_3/release/13.0.5-13.0.6-macos-ALL.xml - + update_3/release/13.0.5-13.0.6-windows-i686-ALL.xml The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-13.0] 2 commits: Bug 41036: Remove go_vendor-lyrebird-nightly makefile target
by boklm (＠boklm) 05 Dec '23

05 Dec '23

boklm pushed to branch maint-13.0 at The Tor Project / Applications / tor-browser-build Commits: f3939e09 by Nicolas Vigier at 2023-12-05T16:44:03+01:00 Bug 41036: Remove go_vendor-lyrebird-nightly makefile target Since after #40948 we don't check lyrebird-vendor sha256sum in nightly, we don't need to use the `go_vendor-lyrebird-nightly` makefile target anymore. - - - - - 38fc8374 by Nicolas Vigier at 2023-12-05T16:46:01+01:00 Bug 41036: Rename go_vendor-$project-alpha make targets to go_vendor-$project Since we don't have a `-nightly` target anymore, we don't need to keep `-alpha` in the other targets. - - - - - 2 changed files: - Makefile - doc/how-to-update-go-dependencies.txt Changes: ===================================== Makefile ===================================== @@ -631,21 +631,18 @@ cargo_vendor-application-services: submodule-update cargo_vendor-cbindgen: submodule-update $(rbm) build cbindgen --step cargo_vendor --target alpha --target torbrowser-linux-x86_64 -go_vendor-snowflake-alpha: submodule-update +go_vendor-snowflake: submodule-update $(rbm) build snowflake --step go_vendor --target alpha --target torbrowser-linux-x86_64 -go_vendor-conjure-alpha: submodule-update +go_vendor-conjure: submodule-update $(rbm) build conjure --step go_vendor --target alpha --target torbrowser-linux-x86_64 -go_vendor-webtunnel-alpha: submodule-update +go_vendor-webtunnel: submodule-update $(rbm) build webtunnel --step go_vendor --target alpha --target torbrowser-linux-x86_64 -go_vendor-lyrebird-alpha: submodule-update +go_vendor-lyrebird: submodule-update $(rbm) build lyrebird --step go_vendor --target alpha --target torbrowser-linux-x86_64 -go_vendor-lyrebird-nightly: submodule-update - $(rbm) build lyrebird --step go_vendor --target nightly --target torbrowser-linux-x86_64 - ############# # rcodesign # ===================================== doc/how-to-update-go-dependencies.txt ===================================== @@ -2,8 +2,7 @@ When the dependencies of a go project ($project in the following lines) are changing: - the go.mod and go.sum files in $project.git are updated -- in tor-browser-build, run `make go_vendor-$project-alpha` or - `make go_vendor-$project-nightly` +- in tor-browser-build, run `make go_vendor-$project` - find the new file created in directory `out/$project/go_vendor` and compute its sha256sum - in `projects/$project/config`, update `norec/sha256sum` for `go_vendor` View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] 2 commits: Bug 41036: Remove go_vendor-lyrebird-nightly makefile target
by boklm (＠boklm) 05 Dec '23

05 Dec '23

boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 8e7cef63 by Nicolas Vigier at 2023-12-05T16:16:45+01:00 Bug 41036: Remove go_vendor-lyrebird-nightly makefile target Since after #40948 we don't check lyrebird-vendor sha256sum in nightly, we don't need to use the `go_vendor-lyrebird-nightly` makefile target anymore. - - - - - db02c9d4 by Nicolas Vigier at 2023-12-05T16:32:00+01:00 Bug 41036: Rename go_vendor-$project-alpha make targets to go_vendor-$project Since we don't have a `-nightly` target anymore, we don't need to keep `-alpha` in the other targets. - - - - - 2 changed files: - Makefile - doc/how-to-update-go-dependencies.txt Changes: ===================================== Makefile ===================================== @@ -637,21 +637,18 @@ cargo_vendor-wasm-bindgen: submodule-update cargo_vendor-lox: submodule-update $(rbm) build lox-wasm --step cargo_vendor --target alpha --target torbrowser-linux-x86_64 -go_vendor-snowflake-alpha: submodule-update +go_vendor-snowflake: submodule-update $(rbm) build snowflake --step go_vendor --target alpha --target torbrowser-linux-x86_64 -go_vendor-conjure-alpha: submodule-update +go_vendor-conjure: submodule-update $(rbm) build conjure --step go_vendor --target alpha --target torbrowser-linux-x86_64 -go_vendor-webtunnel-alpha: submodule-update +go_vendor-webtunnel: submodule-update $(rbm) build webtunnel --step go_vendor --target alpha --target torbrowser-linux-x86_64 -go_vendor-lyrebird-alpha: submodule-update +go_vendor-lyrebird: submodule-update $(rbm) build lyrebird --step go_vendor --target alpha --target torbrowser-linux-x86_64 -go_vendor-lyrebird-nightly: submodule-update - $(rbm) build lyrebird --step go_vendor --target nightly --target torbrowser-linux-x86_64 - ############# # rcodesign # ===================================== doc/how-to-update-go-dependencies.txt ===================================== @@ -2,8 +2,7 @@ When the dependencies of a go project ($project in the following lines) are changing: - the go.mod and go.sum files in $project.git are updated -- in tor-browser-build, run `make go_vendor-$project-alpha` or - `make go_vendor-$project-nightly` +- in tor-browser-build, run `make go_vendor-$project` - find the new file created in directory `out/$project/go_vendor` and compute its sha256sum - in `projects/$project/config`, update `norec/sha256sum` for `go_vendor` View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-13.0] 2 commits: Bug 40884: add upload-sha256sums make target and release script
by Pier Angelo Vendrame (＠pierov) 05 Dec '23

05 Dec '23

Pier Angelo Vendrame pushed to branch maint-13.0 at The Tor Project / Applications / tor-browser-build Commits: 744d13bf by Dan Ballard at 2023-12-05T08:46:28+01:00 Bug 40884: add upload-sha256sums make target and release script - - - - - bfc545e4 by Pier Angelo Vendrame at 2023-12-05T08:46:45+01:00 Bug 41026: Use a relative target_dir in upload_sha256sums ~/ is expanded by the shell issuing the command, so it results in the local home directory, not the remote one. However, since we are using a path that is relative to the home, we can simply use a relative one. - - - - - 4 changed files: - Makefile - projects/release/config - + projects/release/upload_sha256sums - rbm.local.conf.example Changes: ===================================== Makefile ===================================== @@ -668,12 +668,28 @@ cargo_vendor-rcodesign: submodule-update submodule-update: git submodule update --init +# requires tpo_user variable be set in rbm.local.conf +torbrowser-upload-sha256sums-release: submodule-update + $(rbm) build release --step upload_sha256sums --target release --target torbrowser + +# requires tpo_user variable be set in rbm.local.conf +torbrowser-upload-sha256sums-alpha: submodule-update + $(rbm) build release --step upload_sha256sums --target alpha --target torbrowser + torbrowser-signtag-release: submodule-update $(rbm) build release --step signtag --target release --target torbrowser torbrowser-signtag-alpha: submodule-update $(rbm) build release --step signtag --target alpha --target torbrowser +# requires tpo_user variable be set in rbm.local.conf +mullvadbrowser-upload-sha256sums-release: submodule-update + $(rbm) build release --step upload_sha256sums --target release --target mullvadbrowser + +# requires tpo_user variable be set in rbm.local.conf +mullvadbrowser-upload-sha256sums-alpha: submodule-update + $(rbm) build release --step upload_sha256sums --target alpha --target mullvadbrowser + mullvadbrowser-signtag-release: submodule-update $(rbm) build release --step signtag --target release --target mullvadbrowser ===================================== projects/release/config ===================================== @@ -258,6 +258,11 @@ steps: debug: 0 input_files: [] dmg2mar: '[% INCLUDE dmg2mar %]' + upload_sha256sums: + build_log: '-' + debug: 0 + input_files: [] + upload_sha256sums: '[% INCLUDE upload_sha256sums %]' compare_windows_signed_unsigned_exe: build_log: '-' debug: 0 ===================================== projects/release/upload_sha256sums ===================================== @@ -0,0 +1,34 @@ +#!/bin/sh +# Tool to sign sha256sums of builds and upload them to where signing/download-unsigned-sha256sums-gpg-signatures-from-people-tpo expects them to be + +version=[% c("version") %]-[% c("var/torbrowser_build") %] +signed=[% c("var/signed_status") %] +channel=[% c("var/build_target") %] +browser=[% c("var/browser_type") %] + +src_dir=[% shell_quote(path(dest_dir)) %]/$signed/$version + +target_dir=public_html/builds/$browser/$channel/$version/ + +echo "browser:$browser channel:$channel signed:$signed version:$version" + +if [ ! -d $src_dir ]; then + echo "ERROR: $src_dir does not exist!" + exit +fi + +cd $src_dir +for i in sha256sums*.txt; do + if [ ! -f $i.asc ] ; then + gpg -abs [% c("var/sign_build_gpg_opts") %] $i; + fi +done + +if [ -z '[% c("var/tpo_user") %]' ]; then + print "tpo_user variable unset, required to upload to people.torproject.org. Please set in rbm.local.conf" + exit +fi + +ssh [% c("var/tpo_user") %](a)people.torproject.org "mkdir -p $target_dir" +rsync sha256sums*.* [% c("var/tpo_user") %]@people.torproject.org:$target_dir +echo "Synced sha256sums to https://people.torproject.org/~[% c("var/tpo_user") %]/builds/$browser/$channel/$version/" ===================================== rbm.local.conf.example ===================================== @@ -55,6 +55,11 @@ var: ### and sha256sums-unsigned-build.incrementals.txt files. #sign_build_gpg_opts: '--local-user XXXXXXXX' + ### The var/tpo_user option is used on the release upload_sha256sums step + ### and is the user on people.torproject.org that ssh/rsync will try to + ### upload the files to + #tpo_user: username + ### The clean configuration is used by the cleaning script to find the ### branches and build targets you are using, to compute the list of ### files that should be kept. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag mb-13.0.6-build1
by ma1 (＠ma1) 04 Dec '23

04 Dec '23

ma1 pushed new tag mb-13.0.6-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/mb-… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag tbb-13.0.6-build1
by ma1 (＠ma1) 04 Dec '23

04 Dec '23

ma1 pushed new tag tbb-13.0.6-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/tbb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-13.0] Bug 41009, 41018: Prepare Tor+Mullvad Browser Stable 13.0.6
by ma1 (＠ma1) 04 Dec '23

04 Dec '23

ma1 pushed to branch maint-13.0 at The Tor Project / Applications / tor-browser-build Commits: 7e8b7279 by hackademix at 2023-12-04T17:40:53+01:00 Bug 41009,41018: Prepare Tor+Mullvad Browser Stable 13.0.6 - - - - - 9 changed files: - projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt - projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt - projects/browser/allowed_addons.json - projects/browser/config - projects/firefox/config - projects/geckoview/config - projects/manual/config - projects/translation/config - rbm.conf Changes: ===================================== projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt ===================================== @@ -1,3 +1,50 @@ +Mullvad Browser 13.0.6 - December 04 2023 + * All Platforms + * Bug 42288: Allow language spoofing in status messages [tor-browser] + * Updated uBlock Origin to 1.54.0 + * Linux + * Bug 17560: Downloaded URLs disk leak on Linux [tor-browser] + * Bug 42306: Tor Browser crashes when extensions popups are opened with Wayland enabled [tor-browser] + * Bug 41017: Disable Nvidia shader cache [tor-browser-build] + * Build System + * All Platforms + * Bug 41027: Remove tb-build-04 and tb-build-05 from tools/signing/download-unsigned-sha256sums-gpg-signatures-from-people-tpo [tor-browser-build] + * Bug 40936: Revert tor-browser-build#40933 [tor-browser-build] + * Bug 40970: Missing symlink create-blog-post.torbrowser -> create-blog-post symlink [tor-browser-build] + * Bug 40995: Use cdn.stagemole.eu instead of cdn.devmole.eu in download-unsigned-sha256sums-gpg-signatures-from-people-tpo [tor-browser-build] + * Bug 40063: RBM's chroot fails in Fedora [rbm] + * Bug 40064: Using exec on project with no git_url/hg_url is causing warning [rbm] + * Windows + macOS + Linux + * Bug 41031: Add command to unsign .mar files and compare with sha256sums-unsigned-build.txt [tor-browser-build] + * Windows + * Bug 41030: Add command to unsign .exe files and compare with sha256sums-unsigned-build.txt [tor-browser-build] + +Mullvad Browser 13.5a2 - November 27 2023 + * All Platforms + * Updated Firefox to 115.5.0esr + * Updated uBlock Origin to 1.54.0 + * Bug 250: Enable storage.sync to fix broken webextensions [mullvad-browser] + * Bug 254: Rebase Mullvad Browser Alpha to 115.5.0esr [mullvad-browser] + * Bug 42153: Drop dom.enable_resource_timing = false preference [tor-browser] + * Bug 42194: Blank Net Error page on name resolution failure [tor-browser] + * Bug 42276: Rebase Browsers Alpha to 115.5.0esr [tor-browser] + * Bug 42288: Allow language spoofing in status messages [tor-browser] + * Linux + * Bug 17560: Downloaded URLs disk leak on Linux [tor-browser] + * Bug 41017: Disable Nvidia shader cache [tor-browser-build] + * Build System + * All Platforms + * Bug 40884: Script to automate uploading sha256s and signatures to location signing/download-unsigned-sha256sums-gpg-signatures-from-people-tpo expects them to be [tor-browser-build] + * Bug 40970: Missing symlink create-blog-post.torbrowser -> create-blog-post symlink [tor-browser-build] + * Bug 41006: Fix typo in finished-signing-clean-linux signer [tor-browser-build] + * Bug 40063: RBM's chroot fails in Fedora [rbm] + * Bug 40064: Using exec on project with no git_url/hg_url is causing warning [rbm] + * macOS + * Bug 41005: Unpack macOS bundle to /var/tmp instead of /tmp in rcodesign-notary-submit step [tor-browser-build] + * Bug 41007: gatekeeper-bundling.sh refers to old .tar.gz archive [tor-browser-build] + * Bug 41014: Update libdmg-hfsplus to drop the OpenSSL patch [tor-browser-build] + * Bug 41020: Opening MacOS dmg file is causing a warning, since 13.0 [tor-browser-build] + Mullvad Browser 13.0.4 - November 16 2023 * All Platforms * Updated Firefox to 115.5.0esr ===================================== projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt ===================================== @@ -1,3 +1,72 @@ +Tor Browser 13.0.6 - December 04 2023 + * All Platforms + * Bug 42288: Allow language spoofing in status messages [tor-browser] + * Windows + macOS + Linux + * Bug 42302: The allowed ports string contains a typo [tor-browser] + * Bug 42231: Improve the network monitor patch for http onion resources [tor-browser] + * Bug 42299: After adding incorrect bridge addres on user cannot go back to the Connection page [tor-browser] + * Linux + * Bug 17560: Downloaded URLs disk leak on Linux [tor-browser] + * Bug 42306: Tor Browser crashes when extensions popups are opened with Wayland enabled [tor-browser] + * Bug 41017: Disable Nvidia shader cache [tor-browser-build] + * Build System + * All Platforms + * Bug 41027: Remove tb-build-04 and tb-build-05 from tools/signing/download-unsigned-sha256sums-gpg-signatures-from-people-tpo [tor-browser-build] + * Bug 40936: Revert tor-browser-build#40933 [tor-browser-build] + * Bug 40995: Use cdn.stagemole.eu instead of cdn.devmole.eu in download-unsigned-sha256sums-gpg-signatures-from-people-tpo [tor-browser-build] + * Bug 40064: Using exec on project with no git_url/hg_url is causing warning [rbm] + * Windows + macOS + Linux + * Bug 41031: Add command to unsign .mar files and compare with sha256sums-unsigned-build.txt [tor-browser-build] + * Windows + * Bug 41030: Add command to unsign .exe files and compare with sha256sums-unsigned-build.txt [tor-browser-build] + * Android + * Bug 41024: Fix android filenames in Release Prep issue templates [tor-browser-build] + +Tor Browser 13.5a2 - November 27 2023 + * All Platforms + * Updated tor to 0.4.8.9 + * Bug 42153: Drop dom.enable_resource_timing = false preference [tor-browser] + * Bug 42246: Migrate tor connection stuff from browser to toolkit [tor-browser] + * Bug 42261: Update the icon of Startpage search engine [tor-browser] + * Bug 42276: Rebase Browsers Alpha to 115.5.0esr [tor-browser] + * Bug 42277: Enable storage.sync to fix broken webextensions [tor-browser] + * Bug 42288: Allow language spoofing in status messages [tor-browser] + * Bug 42302: The allowed ports string contains a typo [tor-browser] + * Windows + macOS + Linux + * Updated Firefox to 115.5.0esr + * Bug 42231: Improve the network monitor patch for http onion resources [tor-browser] + * Bug 42072: YEC 2023 Takeover for Desktop Stable [tor-browser] + * Bug 42188: Donations are asked repeatedly when I click New identity button [tor-browser] + * Bug 42194: Blank Net Error page on name resolution failure [tor-browser] + * Linux + * Bug 17560: Downloaded URLs disk leak on Linux [tor-browser] + * Bug 41017: Disable Nvidia shader cache [tor-browser-build] + * Android + * Updated GeckoView to 115.5.0esr + * Bug 41846: firefox-android esr 115 introduced new nimbus use: they need to be disabled [tor-browser] + * Bug 42074: YEC 2023 Takeover for Android Stable [tor-browser] + * Bug 42258: Replace the current boring "fiery android" icon we use for dev with the cool nightly icon [tor-browser] + * Bug 42259: Remove unused firefox branding from Tor Browser for Android [tor-browser] + * Bug 42260: Add TBB artifacts to .gitignore [tor-browser] + * Bug 42285: Update the gitignore to use the correct paths for tor stuff [tor-browser] + * Bug 42287: Backport security fixes (Android & wontfix) from Firefox 120 to 115.5 - based Tor Browser [tor-browser] + * Build System + * All Platforms + * Update Go to 1.21.4 + * Bug 40884: Script to automate uploading sha256s and signatures to location signing/download-unsigned-sha256sums-gpg-signatures-from-people-tpo expects them to be [tor-browser-build] + * Bug 40970: Missing symlink create-blog-post.torbrowser -> create-blog-post symlink [tor-browser-build] + * Bug 41006: Fix typo in finished-signing-clean-linux signer [tor-browser-build] + * Bug 41023: Update lead.png symlink and blog post template in tools/signing/create-blog-post [tor-browser-build] + * Bug 40063: RBM's chroot fails in Fedora [rbm] + * Bug 40064: Using exec on project with no git_url/hg_url is causing warning [rbm] + * macOS + * Bug 41005: Unpack macOS bundle to /var/tmp instead of /tmp in rcodesign-notary-submit step [tor-browser-build] + * Bug 41007: gatekeeper-bundling.sh refers to old .tar.gz archive [tor-browser-build] + * Bug 41014: Update libdmg-hfsplus to drop the OpenSSL patch [tor-browser-build] + * Bug 41020: Opening MacOS dmg file is causing a warning, since 13.0 [tor-browser-build] + * Android + * Bug 41024: Fix android filenames in Release Prep issue templates [tor-browser-build] + Tor Browser 13.0.5 - November 22 2023 * Windows + macOS + Linux * Bug 42072: YEC 2023 Takeover for Desktop Stable [tor-browser] ===================================== projects/browser/allowed_addons.json ===================================== @@ -17,21 +17,18 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/34/9734/13299734/13299734.pn…" } ], - "average_daily_users": 1069317, + "average_daily_users": 1101501, "categories": { - "android": [ - "experimental", - "user-interface" - ], "firefox": [ + "web-development", "appearance", - "web-development" + "other" ] }, "contributions_url": "https://opencollective.com/darkreader?utm_content=product-page-contribute&u…", "created": "2017-09-19T07:03:00Z", "current_version": { - "id": 5650180, + "id": 5654228, "compatibility": { "firefox": { "min": "54.0", @@ -42,7 +39,7 @@ "max": "*" } }, - "edit_url": "https://addons.mozilla.org/en-US/developers/addon/darkreader/versions/56501…", + "edit_url": "https://addons.mozilla.org/en-US/developers/addon/darkreader/versions/56542…", "is_strict_compatibility_enabled": false, "license": { "id": 22, @@ -53,22 +50,22 @@ "url": "http://www.opensource.org/license/mit" }, "release_notes": { - "en-US": "- Fixed for Reddit (incorrect CSS comment handling).\n- Fixed working on domains containing `constructor` part.\n- Users' fixes for websites." + "en-US": "- Separated Enabled and Disabled site lists.\n- Regular expressions support in Site List.\n- Fixed automation after computer waking up.\n- Users' fixes for websites." }, - "reviewed": "2023-11-15T18:44:00Z", - "version": "4.9.68", + "reviewed": "2023-11-27T09:24:35Z", + "version": "4.9.70", "files": [ { - "id": 4194520, - "created": "2023-11-13T16:59:09Z", - "hash": "sha256:009b35e2b5e3ad787cc5f5cd75cf995119baaddfd45a00bd045c2098a99cff85", + "id": 4198549, + "created": "2023-11-22T13:10:25Z", + "hash": "sha256:3ccbe247031dd4fcc3d9bd840872ed38e9843729709f92803c234041070588a7", "is_restart_required": false, "is_webextension": true, "is_mozilla_signed_extension": false, "platform": "all", - "size": 676616, + "size": 679785, "status": "public", - "url": "https://addons.mozilla.org/firefox/downloads/file/4194520/darkreader-4.9.68…", + "url": "https://addons.mozilla.org/firefox/downloads/file/4198549/darkreader-4.9.70…", "permissions": [ "alarms", "contextMenus", @@ -146,7 +143,7 @@ }, "is_disabled": false, "is_experimental": false, - "last_updated": "2023-11-15T18:44:00Z", + "last_updated": "2023-11-27T09:24:35Z", "name": { "ar": "Dark Reader", "bn": "Dark Reader", @@ -221,10 +218,10 @@ "category": "recommended" }, "ratings": { - "average": 4.5559, - "bayesian_average": 4.554766454205969, - "count": 5233, - "text_count": 1642 + "average": 4.554, + "bayesian_average": 4.552870632911627, + "count": 5271, + "text_count": 1653 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/darkreader/reviews/", "requires_payment": false, @@ -321,7 +318,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/darkreader/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/darkreader/versions/", - "weekly_downloads": 39666 + "weekly_downloads": 44692 }, "notes": null }, @@ -337,11 +334,8 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/56/7656/6937656/6937656.png?…" } ], - "average_daily_users": 262050, + "average_daily_users": 264243, "categories": { - "android": [ - "security-privacy" - ], "firefox": [ "privacy-security" ] @@ -553,10 +547,10 @@ "category": "recommended" }, "ratings": { - "average": 4.8089, - "bayesian_average": 4.804287877831421, - "count": 1371, - "text_count": 243 + "average": 4.8061, + "bayesian_average": 4.801493388841497, + "count": 1377, + "text_count": 244 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/reviews/", "requires_payment": false, @@ -641,7 +635,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/versions/", - "weekly_downloads": 4465 + "weekly_downloads": 4281 }, "notes": null }, @@ -657,11 +651,8 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/73/4073/5474073/5474073.png?…" } ], - "average_daily_users": 1180120, + "average_daily_users": 1193283, "categories": { - "android": [ - "security-privacy" - ], "firefox": [ "privacy-security" ] @@ -1181,9 +1172,9 @@ "category": "recommended" }, "ratings": { - "average": 4.7946, - "bayesian_average": 4.7918968335591, - "count": 2332, + "average": 4.7971, + "bayesian_average": 4.794394568610204, + "count": 2341, "text_count": 444 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/reviews/", @@ -1208,7 +1199,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/versions/", - "weekly_downloads": 20900 + "weekly_downloads": 28584 }, "notes": null }, @@ -1224,11 +1215,8 @@ "picture_url": null } ], - "average_daily_users": 7140277, + "average_daily_users": 7361738, "categories": { - "android": [ - "security-privacy" - ], "firefox": [ "privacy-security" ] @@ -1236,7 +1224,7 @@ "contributions_url": "", "created": "2015-04-25T07:26:22Z", "current_version": { - "id": 5644148, + "id": 5654508, "compatibility": { "firefox": { "min": "78.0", @@ -1247,7 +1235,7 @@ "max": "*" } }, - "edit_url": "https://addons.mozilla.org/en-US/developers/addon/ublock-origin/versions/56…", + "edit_url": "https://addons.mozilla.org/en-US/developers/addon/ublock-origin/versions/56…", "is_strict_compatibility_enabled": false, "license": { "id": 6, @@ -1258,22 +1246,22 @@ "url": "http://www.gnu.org/licenses/gpl-3.0.html" }, "release_notes": { - "en-US": "See complete release notes for <a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/8e97e4fad4a9080cacd692…" rel=\"nofollow\">1.53.0</a>.\n\n<b>Fixes / changes</b>\n\n<ul><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/04dc7add7ba2b97b2c9b89…" rel=\"nofollow\">Improve google-ima shim script</a> (by @kzar)</li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/b4a71c78d84ca82dd6abd1…" rel=\"nofollow\">Match <code>type</code> exactly in <code>prevent-addEventListener</code> scriptlet</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/ff70ef00dfe5f67a6928e7…" rel=\"nofollow\">Add filtering expressions for logger output</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/02bf9ee4e085caa28d989f…" rel=\"nofollow\">Add warning against adding custom filters from untrusted sources</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/6c4da5a1939b3db01c9ee3…" rel=\"nofollow\">Consider <em>My filters</em> an untrusted source by default</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/ca1700dc2ee0250b8cf6d8…" rel=\"nofollow\">Add <code>trusted-prune-inbound-object</code> scriptlet</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/ba6f6721dda39f05a31f17…" rel=\"nofollow\">Add <code>dontOverwrite</code> vararg to <code>(trusted-)set-cookie</code> scriptlets</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/35c49cd46c6ee8f6de39a9…" rel=\"nofollow\">Add \"on\" and \"off\" values to set-cookie</a> (by @peace2000)</li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/4927397ea80a4a61cc940c…" rel=\"nofollow\">Fine tune <code>set-local-storage-item</code> as per feedback</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/7fa8961d810dcba3ee585c…" rel=\"nofollow\">Support AdGuard's <code>[trusted-]set-cookie-reload</code> scriptlets</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/349cef9dc278896ca7daa7…" rel=\"nofollow\">Ignore assets older than cached version when fetching from CDNs</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/b0dea07b330af0f97e32e2…" rel=\"nofollow\">Support quoting scriptlet parameters with backticks</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/5d764bfef4a34dddcc078f…" rel=\"nofollow\">Add new static network filter option: <code>urltransform</code></a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/5169835229aef5279e13d7…" rel=\"nofollow\">Support pane: mark lists as obsolete only when update button is clicked</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/3f93ea8084165631352752…" rel=\"nofollow\">Bring <code>header=</code> filter option out of experimental status</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/6f0c547fbe7e39c23f4e0d…" rel=\"nofollow\">Add <code>trusted-click-element</code> scriptlet</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/396bbf79d31a089d9396f0…" rel=\"nofollow\">Add ability to update lists through links with specifically crafted URLs</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/da3831d0dd386383b7c063…" rel=\"nofollow\">Fix overzealous matching in <code>(remove|replace)-node-text</code> scriptlets</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/106e2566988d1f7f89ef4a…" rel=\"nofollow\">Fix <code>no-xhr-if</code> scriptlet for Firefox</a></li><li>[More ...]\n\n<a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/d8295679b79e096909c47f…" rel=\"nofollow\">Commits history since last version</a>.</li></ul>" + "en-US": "See complete release notes for <a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/4c736806dc9702f9496c1c…" rel=\"nofollow\">1.54.0</a>.\n\n<b>Fixes / changes</b>\n\n<ul><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/30ee045a42c04a557ec92d…" rel=\"nofollow\">Enable path for native <code>has()</code> selector in Firefox</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/26aaa3263afd1e6e450a7f…" rel=\"nofollow\">Allow scriptlets to be injected in <code>about:blank</code></a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/5967388a2432967ee63e77…" rel=\"nofollow\">Fix faulty <code>as</code> vararg in <code>set-constant</code> scriptlet</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/b9a3ce2fd67895cc3fd06f…" rel=\"nofollow\">Add support to redirect to <code>noop.json</code></a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/1a7fcce826cb83449490e3…" rel=\"nofollow\">More improvements to the <code>google-ima</code> shim script</a> (by @kzar)</li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/56d921f7e251fb313a4be0…" rel=\"nofollow\">All exceptions filters are exempt from requiring a trusted source</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/b3b9c520dd7fef26a4f129…" rel=\"nofollow\">Add <code>trusted-set-session-storage-item</code> scriptlet</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/5f347a4a217555ac7ff920…" rel=\"nofollow\">Allow the use of quotes in <code>set-cookie</code> scriptlet </a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/fe9490248b43262e2613b2…" rel=\"nofollow\">Allow the use of quotes in <code>set-(local|session)-storage-item</code></a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/92d58a934e2392a346a587…" rel=\"nofollow\">Add ability to trigger cookie removal on specific events</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/23e952e408915752c90dc3…" rel=\"nofollow\">Ensure CSSTree does not hold a reference onto last parsed string</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/302676f334820cdfe567f7…" rel=\"nofollow\">Lower minimum Expires value to 4h</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/03ac48dee7ecbf33ac2dd4…" rel=\"nofollow\">Properly reset needle length in unserialized buffer</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/d4babab0e0c4b624992f8f…" rel=\"nofollow\">Add additional flags to regional lists</a> (by @DandelionSprout)</li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/a09bd04e017892dd0b0d12…" rel=\"nofollow\">Harden scriptlets which need to serialize function code into string</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/1a5be5c8aa0baa49879f92…" rel=\"nofollow\">Reset <code>g</code> regexes before use in <code>rmnt</code>/<code>rpnt</code> scriptlets</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/f2e3dd373c3a474ca27bad…" rel=\"nofollow\">Apply response filtering according to mime type</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/12cfcbade6a208e02352fd…" rel=\"nofollow\">Add t/f to set-cookie</a> (by @ryanbr)</li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/7856310df6fe39bff4e1b0…" rel=\"nofollow\">Have <code>urltransform=</code> use the same syntax as <code>replace=</code></a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/520b2f8c295d638b0c72f5…" rel=\"nofollow\">Implement network filter option <code>replace=</code></a></li><li>...</li></ul>\n<a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/3f4f5634b3bdd26c8e335f…" rel=\"nofollow\">Commits history since last version</a>" }, - "reviewed": "2023-11-02T12:31:33Z", - "version": "1.53.0", + "reviewed": "2023-11-27T08:08:01Z", + "version": "1.54.0", "files": [ { - "id": 4188488, - "created": "2023-10-31T12:35:52Z", - "hash": "sha256:5403474101f753b5d38c09135e40d82a115afcd01310d78133a4af363462194b", + "id": 4198829, + "created": "2023-11-22T16:24:35Z", + "hash": "sha256:9797160908191710ff0858536ba6dc29ecad9923c30b2ad6d3e5e371d759e44d", "is_restart_required": false, "is_webextension": true, "is_mozilla_signed_extension": false, "platform": "all", - "size": 3593021, + "size": 3630690, "status": "public", - "url": "https://addons.mozilla.org/firefox/downloads/file/4188488/ublock_origin-1.5…", + "url": "https://addons.mozilla.org/firefox/downloads/file/4198829/ublock_origin-1.5…", "permissions": [ "dns", "menus", @@ -1392,7 +1380,7 @@ }, "is_disabled": false, "is_experimental": false, - "last_updated": "2023-11-14T23:15:40Z", + "last_updated": "2023-12-03T21:40:39Z", "name": { "ar": "uBlock Origin", "bg": "uBlock Origin", @@ -1537,10 +1525,10 @@ "category": "recommended" }, "ratings": { - "average": 4.7847, - "bayesian_average": 4.7843208303981575, - "count": 16602, - "text_count": 4329 + "average": 4.7859, + "bayesian_average": 4.785523327278846, + "count": 16777, + "text_count": 4370 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/reviews/", "requires_payment": false, @@ -1603,7 +1591,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/versions/", - "weekly_downloads": 252376 + "weekly_downloads": 215425 }, "notes": null }, @@ -1619,14 +1607,11 @@ "picture_url": null } ], - "average_daily_users": 173964, + "average_daily_users": 175242, "categories": { - "android": [ - "photos-media" - ], "firefox": [ - "games-entertainment", - "photos-music-videos" + "photos-music-videos", + "games-entertainment" ] }, "contributions_url": "", @@ -1718,10 +1703,10 @@ "category": "recommended" }, "ratings": { - "average": 4.4904, - "bayesian_average": 4.485326875429083, - "count": 1146, - "text_count": 428 + "average": 4.4827, + "bayesian_average": 4.477648647741963, + "count": 1154, + "text_count": 431 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/video-background-play-fix/re…", "requires_payment": false, @@ -1743,7 +1728,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/video-background-play-fix/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/video-background-play-fix/ve…", - "weekly_downloads": 371 + "weekly_downloads": 395 }, "notes": null }, @@ -1759,14 +1744,11 @@ "picture_url": null } ], - "average_daily_users": 87714, + "average_daily_users": 87541, "categories": { - "android": [ - "experimental", - "security-privacy" - ], "firefox": [ - "privacy-security" + "privacy-security", + "other" ] }, "contributions_url": "", @@ -1897,7 +1879,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-possum/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-possum/versions/", - "weekly_downloads": 1865 + "weekly_downloads": 1612 }, "notes": null }, @@ -1913,15 +1895,12 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/64/9064/12929064/12929064.pn…" } ], - "average_daily_users": 281546, + "average_daily_users": 286382, "categories": { - "android": [ - "photos-media", - "user-interface" - ], "firefox": [ - "photos-music-videos", - "search-tools" + "search-tools", + "appearance", + "photos-music-videos" ] }, "contributions_url": "https://www.paypal.com/donate?hosted_button_id=GLL4UNSNU6SQN&utm_content=pr…", @@ -2133,10 +2112,10 @@ "category": "recommended" }, "ratings": { - "average": 4.655, - "bayesian_average": 4.65048814198261, - "count": 1348, - "text_count": 258 + "average": 4.6517, + "bayesian_average": 4.6472069802370894, + "count": 1358, + "text_count": 262 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/search_by_image/reviews/", "requires_payment": false, @@ -2157,7 +2136,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/search_by_image/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/search_by_image/versions/", - "weekly_downloads": 5130 + "weekly_downloads": 7018 }, "notes": null }, @@ -2180,13 +2159,11 @@ "picture_url": null } ], - "average_daily_users": 116182, + "average_daily_users": 118255, "categories": { - "android": [ - "other" - ], "firefox": [ - "search-tools" + "search-tools", + "other" ] }, "contributions_url": "", @@ -2463,10 +2440,10 @@ "category": "recommended" }, "ratings": { - "average": 4.3666, - "bayesian_average": 4.362179866443754, - "count": 1271, - "text_count": 356 + "average": 4.3682, + "bayesian_average": 4.363792783638318, + "count": 1282, + "text_count": 360 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/google-search-fixer/reviews/", "requires_payment": false, @@ -2486,7 +2463,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/google-search-fixer/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/google-search-fixer/versions/", - "weekly_downloads": 32 + "weekly_downloads": 76 }, "notes": null }, @@ -2502,15 +2479,12 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/43/0143/143/143.png?modified…" } ], - "average_daily_users": 313357, + "average_daily_users": 314489, "categories": { - "android": [ - "performance", - "security-privacy" - ], "firefox": [ + "web-development", "privacy-security", - "web-development" + "other" ] }, "contributions_url": "https://www.paypal.com/donate/?hosted_button_id=9ERKTU5MBH4EW&utm_content=p…", @@ -2692,10 +2666,10 @@ "category": "recommended" }, "ratings": { - "average": 4.3968, - "bayesian_average": 4.394142112372486, - "count": 2137, - "text_count": 828 + "average": 4.3987, + "bayesian_average": 4.3960429536167975, + "count": 2147, + "text_count": 830 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/noscript/reviews/", "requires_payment": false, @@ -2739,7 +2713,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/noscript/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/noscript/versions/", - "weekly_downloads": 8490 + "weekly_downloads": 8814 }, "notes": null }, @@ -2755,15 +2729,12 @@ "picture_url": null } ], - "average_daily_users": 156584, + "average_daily_users": 158614, "categories": { - "android": [ - "performance", - "photos-media" - ], "firefox": [ - "games-entertainment", - "photos-music-videos" + "photos-music-videos", + "other", + "games-entertainment" ] }, "contributions_url": "", @@ -2867,9 +2838,9 @@ "category": "recommended" }, "ratings": { - "average": 3.8631, - "bayesian_average": 3.8590398415336518, - "count": 1191, + "average": 3.8686, + "bayesian_average": 3.8645267887251755, + "count": 1195, "text_count": 432 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/revi…", @@ -2889,7 +2860,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/vers…", - "weekly_downloads": 2791 + "weekly_downloads": 2376 }, "notes": null } ===================================== projects/browser/config ===================================== @@ -91,9 +91,9 @@ input_files: - URL: https://addons.mozilla.org/firefox/downloads/file/4178438/noscript-11.4.28.… name: noscript sha256sum: 54d076b3226d454216117547f6441d2f95af3057d20f726e55d94b0f22573c14 - - URL: https://addons.mozilla.org/firefox/downloads/file/4188488/ublock_origin-1.5… + - URL: https://addons.mozilla.org/firefox/downloads/file/4198829/ublock_origin-1.5… name: ublock-origin - sha256sum: 5403474101f753b5d38c09135e40d82a115afcd01310d78133a4af363462194b + sha256sum: 9797160908191710ff0858536ba6dc29ecad9923c30b2ad6d3e5e371d759e44d enable: '[% c("var/mullvad-browser") %]' - URL: https://cdn.mullvad.net/browser-extension/0.8.4/mullvad-browser-extension-0… name: mullvad-extension ===================================== projects/firefox/config ===================================== @@ -18,7 +18,7 @@ var: firefox_version: '[% c("var/firefox_platform_version") %]esr' browser_series: '13.0' browser_branch: '[% c("var/browser_series") %]-1' - browser_build: 3 + browser_build: 4 branding_directory_prefix: 'tb' copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-[% c("var/osname") %]' @@ -86,7 +86,7 @@ targets: mullvadbrowser: git_url: https://gitlab.torproject.org/tpo/applications/mullvad-browser.git var: - browser_build: 2 + browser_build: 3 branding_directory_prefix: 'mb' gitlab_project: https://gitlab.torproject.org/tpo/applications/mullvad-browser updater_url: 'https://cdn.mullvad.net/browser/update_responses/update_1/' ===================================== projects/geckoview/config ===================================== @@ -16,7 +16,7 @@ container: var: geckoview_version: 115.5.0esr browser_branch: 13.0-1 - browser_build: 2 + browser_build: 4 copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' gitlab_project: https://gitlab.torproject.org/tpo/applications/tor-browser git_commit: '[% exec("git rev-parse HEAD") %]' ===================================== projects/manual/config ===================================== @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 # To update, see doc/how-to-update-the-manual.txt # Remember to update also the package's hash, with the version! -version: 120105 +version: 122062 filename: 'manual-[% c("version") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' container: use_container: 1 ===================================== projects/translation/config ===================================== @@ -12,13 +12,13 @@ compress_tar: 'gz' steps: base-browser: base-browser: '[% INCLUDE build %]' - git_hash: ebcf66a4a8f8d0801234203d8e2b8d46744f6c2f + git_hash: d4772b91cee02fffc2a01db61e45311fad4ad767 targets: nightly: git_hash: 'base-browser' tor-browser: tor-browser: '[% INCLUDE build %]' - git_hash: 94f2dbd69095270431df2d44f5573fc9c68ad240 + git_hash: 677b5d8b72447ef40cd437296802f04894ce9df6 targets: nightly: git_hash: 'tor-browser' @@ -32,7 +32,7 @@ steps: fenix: '[% INCLUDE build %]' # We need to bump the commit before releasing but just pointing to a branch # might cause too much rebuidling of the Firefox part. - git_hash: dfe9edb319cdaf311c11103f3a0efa44ebc95cb4 + git_hash: 76fd869e48f0bd3cb1c7da321ce9e15a482f2a2c compress_tar: 'zst' targets: nightly: ===================================== rbm.conf ===================================== @@ -81,10 +81,10 @@ buildconf: git_signtag_opt: '-s' var: - torbrowser_version: '13.0.5' + torbrowser_version: '13.0.6' torbrowser_build: 'build1' torbrowser_incremental_from: - - '13.0.4' + - '13.0.5' - '13.0.1' - '13.0' updater_enabled: 1 @@ -304,6 +304,10 @@ targets: - tr - zh-CN - zh-TW + torbrowser_incremental_from: + - '13.0.4' + - '13.0.1' + - '13.0' torbrowser-testbuild: - testbuild View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/7… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/7… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new tag mullvad-browser-115.5.0esr-13.0-1-build3
by ma1 (＠ma1) 04 Dec '23

04 Dec '23

ma1 pushed new tag mullvad-browser-115.5.0esr-13.0-1-build3 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.5.0esr-13.0-1] fixup! Bug 42019: Empty browser's clipboard on browser shutdown
by ma1 (＠ma1) 04 Dec '23

04 Dec '23

ma1 pushed to branch mullvad-browser-115.5.0esr-13.0-1 at The Tor Project / Applications / Mullvad Browser Commits: 81d88620 by hackademix at 2023-12-04T13:34:12+01:00 fixup! Bug 42019: Empty browser's clipboard on browser shutdown Bug 42306: Prevent crashes and actually clear the clipboard on Wayland - - - - - 1 changed file: - browser/components/BrowserGlue.sys.mjs Changes: ===================================== browser/components/BrowserGlue.sys.mjs ===================================== @@ -155,12 +155,17 @@ const ClipboardPrivacy = { _globalActivation: false, _isPrivateClipboard: false, _hasher: null, + _shuttingDown: false, - _computeClipboardHash(win = Services.ww.activeWindow) { + _createTransferable() { const trans = Cc["@mozilla.org/widget/transferable;1"].createInstance( Ci.nsITransferable ); - trans.init(win?.docShell?.QueryInterface(Ci.nsILoadContext) || null); + trans.init(null); + return trans; + }, + _computeClipboardHash() { + const trans = this._createTransferable(); ["text/x-moz-url", "text/plain"].forEach(trans.addDataFlavor); try { Services.clipboard.getData(trans, Ci.nsIClipboard.kGlobalClipboard); @@ -199,16 +204,26 @@ const ClipboardPrivacy = { this._globalActivation = !Services.focus.activeWindow; }, 100); } - const clipboardHash = this._computeClipboardHash(win); - if (clipboardHash !== this._lastClipboardHash) { - this._isPrivateClipboard = - !activation && - (lazy.PrivateBrowsingUtils.permanentPrivateBrowsing || - lazy.PrivateBrowsingUtils.isWindowPrivate(win)); - this._lastClipboardHash = clipboardHash; - console.log( - `Clipboard changed: private ${this._isPrivateClipboard}, hash ${clipboardHash}.` - ); + + const checkClipboardContent = () => { + const clipboardHash = this._computeClipboardHash(); + if (clipboardHash !== this._lastClipboardHash) { + this._isPrivateClipboard = + !activation && + (lazy.PrivateBrowsingUtils.permanentPrivateBrowsing || + lazy.PrivateBrowsingUtils.isWindowPrivate(win)); + this._lastClipboardHash = clipboardHash; + console.log( + `Clipboard changed: private ${this._isPrivateClipboard}, hash ${clipboardHash}.` + ); + } + }; + + if (win.closed) { + checkClipboardContent(); + } else { + // defer clipboard access on DOM events to work-around tor-browser#42306 + lazy.setTimeout(checkClipboardContent, 0); } }; const focusListener = e => @@ -231,18 +246,28 @@ const ClipboardPrivacy = { if ( this._isPrivateClipboard && lazy.PrivateBrowsingUtils.isWindowPrivate(win) && - !( - lazy.PrivateBrowsingUtils.permanentPrivateBrowsing || - Array.from(Services.ww.getWindowEnumerator()).find(w => - lazy.PrivateBrowsingUtils.isWindowPrivate(w) - ) - ) + (this._shuttingDown || + !Array.from(Services.ww.getWindowEnumerator()).find( + w => + lazy.PrivateBrowsingUtils.isWindowPrivate(w) && + // We need to filter out the HIDDEN WebExtensions window, + // which might be private as well but is not UI-relevant. + !w.location.href.startsWith("chrome://extensions/") + )) ) { // no more private windows, empty private content if needed this.emptyPrivate(); } } }); + + lazy.AsyncShutdown.quitApplicationGranted.addBlocker( + "ClipboardPrivacy: removing private data", + () => { + this._shuttingDown = true; + this.emptyPrivate(); + } + ); }, emptyPrivate() { if ( @@ -253,7 +278,20 @@ const ClipboardPrivacy = { ) && this._lastClipboardHash === this._computeClipboardHash() ) { - Services.clipboard.emptyClipboard(Ci.nsIClipboard.kGlobalClipboard); + // nsIClipboard.emptyClipboard() does nothing in Wayland: + // we'll set an empty string as a work-around. + const trans = this._createTransferable(); + const flavor = "text/plain"; + trans.addDataFlavor(flavor); + const emptyString = Cc["@mozilla.org/supports-string;1"].createInstance( + Ci.nsISupportsString + ); + emptyString.data = ""; + trans.setTransferData(flavor, emptyString); + const { clipboard } = Services, + { kGlobalClipboard } = clipboard; + clipboard.setData(trans, null, kGlobalClipboard); + clipboard.emptyClipboard(kGlobalClipboard); this._lastClipboardHash = null; this._isPrivateClipboard = false; console.log("Private clipboard emptied."); @@ -1994,7 +2032,6 @@ BrowserGlue.prototype = { lazy.UpdateListener.reset(); } }, - () => ClipboardPrivacy.emptyPrivate(), // tor-browser#42019 ]; for (let task of tasks) { View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/81d… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/81d… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.5.0esr-13.5-1] fixup! Bug 42019: Empty browser's clipboard on browser shutdown
by ma1 (＠ma1) 04 Dec '23

04 Dec '23

ma1 pushed to branch mullvad-browser-115.5.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser Commits: 1ff67dd6 by hackademix at 2023-12-04T13:31:29+01:00 fixup! Bug 42019: Empty browser's clipboard on browser shutdown Bug 42306: Prevent crashes and actually clear the clipboard on Wayland - - - - - 1 changed file: - browser/components/BrowserGlue.sys.mjs Changes: ===================================== browser/components/BrowserGlue.sys.mjs ===================================== @@ -155,12 +155,17 @@ const ClipboardPrivacy = { _globalActivation: false, _isPrivateClipboard: false, _hasher: null, + _shuttingDown: false, - _computeClipboardHash(win = Services.ww.activeWindow) { + _createTransferable() { const trans = Cc["@mozilla.org/widget/transferable;1"].createInstance( Ci.nsITransferable ); - trans.init(win?.docShell?.QueryInterface(Ci.nsILoadContext) || null); + trans.init(null); + return trans; + }, + _computeClipboardHash() { + const trans = this._createTransferable(); ["text/x-moz-url", "text/plain"].forEach(trans.addDataFlavor); try { Services.clipboard.getData(trans, Ci.nsIClipboard.kGlobalClipboard); @@ -199,16 +204,26 @@ const ClipboardPrivacy = { this._globalActivation = !Services.focus.activeWindow; }, 100); } - const clipboardHash = this._computeClipboardHash(win); - if (clipboardHash !== this._lastClipboardHash) { - this._isPrivateClipboard = - !activation && - (lazy.PrivateBrowsingUtils.permanentPrivateBrowsing || - lazy.PrivateBrowsingUtils.isWindowPrivate(win)); - this._lastClipboardHash = clipboardHash; - console.log( - `Clipboard changed: private ${this._isPrivateClipboard}, hash ${clipboardHash}.` - ); + + const checkClipboardContent = () => { + const clipboardHash = this._computeClipboardHash(); + if (clipboardHash !== this._lastClipboardHash) { + this._isPrivateClipboard = + !activation && + (lazy.PrivateBrowsingUtils.permanentPrivateBrowsing || + lazy.PrivateBrowsingUtils.isWindowPrivate(win)); + this._lastClipboardHash = clipboardHash; + console.log( + `Clipboard changed: private ${this._isPrivateClipboard}, hash ${clipboardHash}.` + ); + } + }; + + if (win.closed) { + checkClipboardContent(); + } else { + // defer clipboard access on DOM events to work-around tor-browser#42306 + lazy.setTimeout(checkClipboardContent, 0); } }; const focusListener = e => @@ -231,18 +246,28 @@ const ClipboardPrivacy = { if ( this._isPrivateClipboard && lazy.PrivateBrowsingUtils.isWindowPrivate(win) && - !( - lazy.PrivateBrowsingUtils.permanentPrivateBrowsing || - Array.from(Services.ww.getWindowEnumerator()).find(w => - lazy.PrivateBrowsingUtils.isWindowPrivate(w) - ) - ) + (this._shuttingDown || + !Array.from(Services.ww.getWindowEnumerator()).find( + w => + lazy.PrivateBrowsingUtils.isWindowPrivate(w) && + // We need to filter out the HIDDEN WebExtensions window, + // which might be private as well but is not UI-relevant. + !w.location.href.startsWith("chrome://extensions/") + )) ) { // no more private windows, empty private content if needed this.emptyPrivate(); } } }); + + lazy.AsyncShutdown.quitApplicationGranted.addBlocker( + "ClipboardPrivacy: removing private data", + () => { + this._shuttingDown = true; + this.emptyPrivate(); + } + ); }, emptyPrivate() { if ( @@ -253,7 +278,20 @@ const ClipboardPrivacy = { ) && this._lastClipboardHash === this._computeClipboardHash() ) { - Services.clipboard.emptyClipboard(Ci.nsIClipboard.kGlobalClipboard); + // nsIClipboard.emptyClipboard() does nothing in Wayland: + // we'll set an empty string as a work-around. + const trans = this._createTransferable(); + const flavor = "text/plain"; + trans.addDataFlavor(flavor); + const emptyString = Cc["@mozilla.org/supports-string;1"].createInstance( + Ci.nsISupportsString + ); + emptyString.data = ""; + trans.setTransferData(flavor, emptyString); + const { clipboard } = Services, + { kGlobalClipboard } = clipboard; + clipboard.setData(trans, null, kGlobalClipboard); + clipboard.emptyClipboard(kGlobalClipboard); this._lastClipboardHash = null; this._isPrivateClipboard = false; console.log("Private clipboard emptied."); @@ -1994,7 +2032,6 @@ BrowserGlue.prototype = { lazy.UpdateListener.reset(); } }, - () => ClipboardPrivacy.emptyPrivate(), // tor-browser#42019 ]; for (let task of tasks) { View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/1ff… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/1ff… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-115.5.0esr-13.0-1-build4
by ma1 (＠ma1) 04 Dec '23

04 Dec '23

ma1 pushed new tag tor-browser-115.5.0esr-13.0-1-build4 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.5.0esr-13.0-1] fixup! Bug 23247: Communicating security expectations for .onion
by ma1 (＠ma1) 04 Dec '23

04 Dec '23

ma1 pushed to branch tor-browser-115.5.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: 91e057ca by cypherpunks1 at 2023-12-04T13:06:55+01:00 fixup! Bug 23247: Communicating security expectations for .onion Bug 42231: Improve the network monitor patch for http onion resources - - - - - 2 changed files: - devtools/client/netmonitor/src/components/SecurityState.js - devtools/shared/network-observer/NetworkHelper.sys.mjs Changes: ===================================== devtools/client/netmonitor/src/components/SecurityState.js ===================================== @@ -41,7 +41,7 @@ class SecurityState extends Component { const { securityState, - urlDetails: { isLocal }, + urlDetails: { host, isLocal }, } = item; const iconClassList = ["requests-security-state-icon"]; @@ -50,7 +50,11 @@ class SecurityState extends Component { // Locally delivered files such as http://localhost and file:// paths // are considered to have been delivered securely. - if (isLocal) { + if ( + isLocal || + (host?.endsWith(".onion") && + Services.prefs.getBoolPref("dom.securecontext.allowlist_onions", false)) + ) { realSecurityState = "secure"; } ===================================== devtools/shared/network-observer/NetworkHelper.sys.mjs ===================================== @@ -596,9 +596,6 @@ export var NetworkHelper = { // The request did not contain any security info. if (!securityInfo) { - if (httpActivity.hostname && httpActivity.hostname.endsWith(".onion")) { - info.state = "secure"; - } return info; } @@ -650,11 +647,7 @@ export var NetworkHelper = { // schemes other than https and wss are subject to // downgrade/etc at the scheme level and should always be // considered insecure - if (httpActivity.hostname && httpActivity.hostname.endsWith(".onion")) { - info.state = "secure"; - } else { - info.state = "insecure"; - } + info.state = "insecure"; } else if (state & wpl.STATE_IS_SECURE) { // The connection is secure if the scheme is sufficient info.state = "secure"; View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/91e057c… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/91e057c… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-13.0] Bug 41017: Tell Nvidia drivers not to create the shader cache.
by Pier Angelo Vendrame (＠pierov) 04 Dec '23

04 Dec '23

Pier Angelo Vendrame pushed to branch maint-13.0 at The Tor Project / Applications / tor-browser-build Commits: 6a9aac2c by Pier Angelo Vendrame at 2023-12-04T13:03:03+01:00 Bug 41017: Tell Nvidia drivers not to create the shader cache. Nvidia drivers create a shader cache in $HOME/.cache/nvidia by default. However, it can be easily disabled with an environment variable. - - - - - 1 changed file: - projects/browser/RelativeLink/start-browser Changes: ===================================== projects/browser/RelativeLink/start-browser ===================================== @@ -367,6 +367,10 @@ rm -Rf "${HOME}/TorBrowser/Data/fontconfig" # Avoid overwriting user's dconf values. Fixes #27903. export GSETTINGS_BACKEND=memory +# tor-browser-build#41017: Nvidia drivers create a shader cache by default in +# $HOME/.cache/nvidia. We we can easily disable it. +export __GL_SHADER_DISK_CACHE=0 + cd "${HOME}" # We pass all additional command-line arguments we get to Firefox. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.5.0esr-13.0-1] fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in...
by Pier Angelo Vendrame (＠pierov) 04 Dec '23

04 Dec '23

Pier Angelo Vendrame pushed to branch tor-browser-115.5.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: 92139ee5 by Pier Angelo Vendrame at 2023-12-04T12:57:25+01:00 fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection Bug 42299: Unbreak about:preferences#connection when invalid bridge lines are supplied We switched to a shared bridge line parser. It might throw if an invalid bridge line is passed, but we do not handle the exception in connectionPane.js. As a result, the page breaks. As a workaround, we can simply ignore the errors, but a better solution would warn the user about that. A bridge card rework is expected to happen in the 13.5 cycle, so I think we can defer a proper fix to that moment. (This should also be the UX of 11.5, 12.0 and 12.5). - - - - - 1 changed file: - browser/components/torpreferences/content/connectionPane.js Changes: ===================================== browser/components/torpreferences/content/connectionPane.js ===================================== @@ -398,7 +398,7 @@ const gConnectionPane = (function () { bridgeSwitch.addEventListener("toggle", () => { TorSettings.bridges.enabled = bridgeSwitch.pressed; TorSettings.saveToPrefs(); - TorSettings.applySettings().then(result => { + TorSettings.applySettings().finally(() => { this._populateBridgeCards(); }); }); @@ -486,7 +486,12 @@ const gConnectionPane = (function () { }); const idString = TorStrings.settings.bridgeId; const id = card.querySelector(selectors.bridges.cardId); - const details = TorParsers.parseBridgeLine(bridgeString); + let details; + try { + details = TorParsers.parseBridgeLine(bridgeString); + } catch (e) { + console.error(`Detected invalid bridge line: ${bridgeString}`, e); + } if (details && details.id !== undefined) { card.setAttribute("data-bridge-id", details.id); } @@ -529,7 +534,7 @@ const gConnectionPane = (function () { bridgeSwitch.pressed && !!strings.length; TorSettings.bridges.bridge_strings = strings.join("\n"); TorSettings.saveToPrefs(); - TorSettings.applySettings().then(result => { + TorSettings.applySettings().finally(() => { this._populateBridgeCards(); }); }); @@ -1021,7 +1026,7 @@ const gConnectionPane = (function () { TorSettings.bridges.builtin_type = ""; } TorSettings.saveToPrefs(); - TorSettings.applySettings().then(result => { + TorSettings.applySettings().finally(() => { this._populateBridgeCards(); }); }, @@ -1036,8 +1041,12 @@ const gConnectionPane = (function () { async saveBridgeSettings(connect) { TorSettings.saveToPrefs(); // FIXME: This can throw if the user adds a bridge manually with invalid - // content. Should be addressed by tor-browser#40552. - await TorSettings.applySettings(); + // content. Should be addressed by tor-browser#41913. + try { + await TorSettings.applySettings(); + } catch (e) { + console.error("Applying settings failed", e); + } this._populateBridgeCards(); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/92139ee… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/92139ee… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-115.5.0esr-13.0-1] fixup! Bug 42019: Empty browser's clipboard on browser shutdown
by ma1 (＠ma1) 04 Dec '23

04 Dec '23

ma1 pushed to branch base-browser-115.5.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: d101548d by hackademix at 2023-12-04T12:20:50+01:00 fixup! Bug 42019: Empty browser's clipboard on browser shutdown Bug 42306: Prevent crashes and actually clear the clipboard on Wayland - - - - - 1 changed file: - browser/components/BrowserGlue.sys.mjs Changes: ===================================== browser/components/BrowserGlue.sys.mjs ===================================== @@ -155,12 +155,17 @@ const ClipboardPrivacy = { _globalActivation: false, _isPrivateClipboard: false, _hasher: null, + _shuttingDown: false, - _computeClipboardHash(win = Services.ww.activeWindow) { + _createTransferable() { const trans = Cc["@mozilla.org/widget/transferable;1"].createInstance( Ci.nsITransferable ); - trans.init(win?.docShell?.QueryInterface(Ci.nsILoadContext) || null); + trans.init(null); + return trans; + }, + _computeClipboardHash() { + const trans = this._createTransferable(); ["text/x-moz-url", "text/plain"].forEach(trans.addDataFlavor); try { Services.clipboard.getData(trans, Ci.nsIClipboard.kGlobalClipboard); @@ -199,16 +204,26 @@ const ClipboardPrivacy = { this._globalActivation = !Services.focus.activeWindow; }, 100); } - const clipboardHash = this._computeClipboardHash(win); - if (clipboardHash !== this._lastClipboardHash) { - this._isPrivateClipboard = - !activation && - (lazy.PrivateBrowsingUtils.permanentPrivateBrowsing || - lazy.PrivateBrowsingUtils.isWindowPrivate(win)); - this._lastClipboardHash = clipboardHash; - console.log( - `Clipboard changed: private ${this._isPrivateClipboard}, hash ${clipboardHash}.` - ); + + const checkClipboardContent = () => { + const clipboardHash = this._computeClipboardHash(); + if (clipboardHash !== this._lastClipboardHash) { + this._isPrivateClipboard = + !activation && + (lazy.PrivateBrowsingUtils.permanentPrivateBrowsing || + lazy.PrivateBrowsingUtils.isWindowPrivate(win)); + this._lastClipboardHash = clipboardHash; + console.log( + `Clipboard changed: private ${this._isPrivateClipboard}, hash ${clipboardHash}.` + ); + } + }; + + if (win.closed) { + checkClipboardContent(); + } else { + // defer clipboard access on DOM events to work-around tor-browser#42306 + lazy.setTimeout(checkClipboardContent, 0); } }; const focusListener = e => @@ -231,18 +246,28 @@ const ClipboardPrivacy = { if ( this._isPrivateClipboard && lazy.PrivateBrowsingUtils.isWindowPrivate(win) && - !( - lazy.PrivateBrowsingUtils.permanentPrivateBrowsing || - Array.from(Services.ww.getWindowEnumerator()).find(w => - lazy.PrivateBrowsingUtils.isWindowPrivate(w) - ) - ) + (this._shuttingDown || + !Array.from(Services.ww.getWindowEnumerator()).find( + w => + lazy.PrivateBrowsingUtils.isWindowPrivate(w) && + // We need to filter out the HIDDEN WebExtensions window, + // which might be private as well but is not UI-relevant. + !w.location.href.startsWith("chrome://extensions/") + )) ) { // no more private windows, empty private content if needed this.emptyPrivate(); } } }); + + lazy.AsyncShutdown.quitApplicationGranted.addBlocker( + "ClipboardPrivacy: removing private data", + () => { + this._shuttingDown = true; + this.emptyPrivate(); + } + ); }, emptyPrivate() { if ( @@ -253,7 +278,20 @@ const ClipboardPrivacy = { ) && this._lastClipboardHash === this._computeClipboardHash() ) { - Services.clipboard.emptyClipboard(Ci.nsIClipboard.kGlobalClipboard); + // nsIClipboard.emptyClipboard() does nothing in Wayland: + // we'll set an empty string as a work-around. + const trans = this._createTransferable(); + const flavor = "text/plain"; + trans.addDataFlavor(flavor); + const emptyString = Cc["@mozilla.org/supports-string;1"].createInstance( + Ci.nsISupportsString + ); + emptyString.data = ""; + trans.setTransferData(flavor, emptyString); + const { clipboard } = Services, + { kGlobalClipboard } = clipboard; + clipboard.setData(trans, null, kGlobalClipboard); + clipboard.emptyClipboard(kGlobalClipboard); this._lastClipboardHash = null; this._isPrivateClipboard = false; console.log("Private clipboard emptied."); @@ -2027,7 +2065,6 @@ BrowserGlue.prototype = { lazy.UpdateListener.reset(); } }, - () => ClipboardPrivacy.emptyPrivate(), // tor-browser#42019 ]; for (let task of tasks) { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/d101548… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/d101548… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-115.5.0esr-13.5-1] fixup! Bug 42019: Empty browser's clipboard on browser shutdown
by ma1 (＠ma1) 04 Dec '23

04 Dec '23

ma1 pushed to branch base-browser-115.5.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 2a4e21db by hackademix at 2023-12-04T12:18:52+01:00 fixup! Bug 42019: Empty browser's clipboard on browser shutdown Bug 42306: Prevent crashes and actually clear the clipboard on Wayland - - - - - 1 changed file: - browser/components/BrowserGlue.sys.mjs Changes: ===================================== browser/components/BrowserGlue.sys.mjs ===================================== @@ -155,12 +155,17 @@ const ClipboardPrivacy = { _globalActivation: false, _isPrivateClipboard: false, _hasher: null, + _shuttingDown: false, - _computeClipboardHash(win = Services.ww.activeWindow) { + _createTransferable() { const trans = Cc["@mozilla.org/widget/transferable;1"].createInstance( Ci.nsITransferable ); - trans.init(win?.docShell?.QueryInterface(Ci.nsILoadContext) || null); + trans.init(null); + return trans; + }, + _computeClipboardHash() { + const trans = this._createTransferable(); ["text/x-moz-url", "text/plain"].forEach(trans.addDataFlavor); try { Services.clipboard.getData(trans, Ci.nsIClipboard.kGlobalClipboard); @@ -199,16 +204,26 @@ const ClipboardPrivacy = { this._globalActivation = !Services.focus.activeWindow; }, 100); } - const clipboardHash = this._computeClipboardHash(win); - if (clipboardHash !== this._lastClipboardHash) { - this._isPrivateClipboard = - !activation && - (lazy.PrivateBrowsingUtils.permanentPrivateBrowsing || - lazy.PrivateBrowsingUtils.isWindowPrivate(win)); - this._lastClipboardHash = clipboardHash; - console.log( - `Clipboard changed: private ${this._isPrivateClipboard}, hash ${clipboardHash}.` - ); + + const checkClipboardContent = () => { + const clipboardHash = this._computeClipboardHash(); + if (clipboardHash !== this._lastClipboardHash) { + this._isPrivateClipboard = + !activation && + (lazy.PrivateBrowsingUtils.permanentPrivateBrowsing || + lazy.PrivateBrowsingUtils.isWindowPrivate(win)); + this._lastClipboardHash = clipboardHash; + console.log( + `Clipboard changed: private ${this._isPrivateClipboard}, hash ${clipboardHash}.` + ); + } + }; + + if (win.closed) { + checkClipboardContent(); + } else { + // defer clipboard access on DOM events to work-around tor-browser#42306 + lazy.setTimeout(checkClipboardContent, 0); } }; const focusListener = e => @@ -231,18 +246,28 @@ const ClipboardPrivacy = { if ( this._isPrivateClipboard && lazy.PrivateBrowsingUtils.isWindowPrivate(win) && - !( - lazy.PrivateBrowsingUtils.permanentPrivateBrowsing || - Array.from(Services.ww.getWindowEnumerator()).find(w => - lazy.PrivateBrowsingUtils.isWindowPrivate(w) - ) - ) + (this._shuttingDown || + !Array.from(Services.ww.getWindowEnumerator()).find( + w => + lazy.PrivateBrowsingUtils.isWindowPrivate(w) && + // We need to filter out the HIDDEN WebExtensions window, + // which might be private as well but is not UI-relevant. + !w.location.href.startsWith("chrome://extensions/") + )) ) { // no more private windows, empty private content if needed this.emptyPrivate(); } } }); + + lazy.AsyncShutdown.quitApplicationGranted.addBlocker( + "ClipboardPrivacy: removing private data", + () => { + this._shuttingDown = true; + this.emptyPrivate(); + } + ); }, emptyPrivate() { if ( @@ -253,7 +278,20 @@ const ClipboardPrivacy = { ) && this._lastClipboardHash === this._computeClipboardHash() ) { - Services.clipboard.emptyClipboard(Ci.nsIClipboard.kGlobalClipboard); + // nsIClipboard.emptyClipboard() does nothing in Wayland: + // we'll set an empty string as a work-around. + const trans = this._createTransferable(); + const flavor = "text/plain"; + trans.addDataFlavor(flavor); + const emptyString = Cc["@mozilla.org/supports-string;1"].createInstance( + Ci.nsISupportsString + ); + emptyString.data = ""; + trans.setTransferData(flavor, emptyString); + const { clipboard } = Services, + { kGlobalClipboard } = clipboard; + clipboard.setData(trans, null, kGlobalClipboard); + clipboard.emptyClipboard(kGlobalClipboard); this._lastClipboardHash = null; this._isPrivateClipboard = false; console.log("Private clipboard emptied."); @@ -2027,7 +2065,6 @@ BrowserGlue.prototype = { lazy.UpdateListener.reset(); } }, - () => ClipboardPrivacy.emptyPrivate(), // tor-browser#42019 ]; for (let task of tasks) { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/2a4e21d… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/2a4e21d… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.5.0esr-13.0-1] fixup! Bug 42019: Empty browser's clipboard on browser shutdown
by ma1 (＠ma1) 04 Dec '23

04 Dec '23

ma1 pushed to branch tor-browser-115.5.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: 1a9bf95b by hackademix at 2023-12-04T12:13:55+01:00 fixup! Bug 42019: Empty browser's clipboard on browser shutdown Bug 42306: Prevent crashes and actually clear the clipboard on Wayland - - - - - 1 changed file: - browser/components/BrowserGlue.sys.mjs Changes: ===================================== browser/components/BrowserGlue.sys.mjs ===================================== @@ -157,12 +157,17 @@ const ClipboardPrivacy = { _globalActivation: false, _isPrivateClipboard: false, _hasher: null, + _shuttingDown: false, - _computeClipboardHash(win = Services.ww.activeWindow) { + _createTransferable() { const trans = Cc["@mozilla.org/widget/transferable;1"].createInstance( Ci.nsITransferable ); - trans.init(win?.docShell?.QueryInterface(Ci.nsILoadContext) || null); + trans.init(null); + return trans; + }, + _computeClipboardHash() { + const trans = this._createTransferable(); ["text/x-moz-url", "text/plain"].forEach(trans.addDataFlavor); try { Services.clipboard.getData(trans, Ci.nsIClipboard.kGlobalClipboard); @@ -201,16 +206,26 @@ const ClipboardPrivacy = { this._globalActivation = !Services.focus.activeWindow; }, 100); } - const clipboardHash = this._computeClipboardHash(win); - if (clipboardHash !== this._lastClipboardHash) { - this._isPrivateClipboard = - !activation && - (lazy.PrivateBrowsingUtils.permanentPrivateBrowsing || - lazy.PrivateBrowsingUtils.isWindowPrivate(win)); - this._lastClipboardHash = clipboardHash; - console.log( - `Clipboard changed: private ${this._isPrivateClipboard}, hash ${clipboardHash}.` - ); + + const checkClipboardContent = () => { + const clipboardHash = this._computeClipboardHash(); + if (clipboardHash !== this._lastClipboardHash) { + this._isPrivateClipboard = + !activation && + (lazy.PrivateBrowsingUtils.permanentPrivateBrowsing || + lazy.PrivateBrowsingUtils.isWindowPrivate(win)); + this._lastClipboardHash = clipboardHash; + console.log( + `Clipboard changed: private ${this._isPrivateClipboard}, hash ${clipboardHash}.` + ); + } + }; + + if (win.closed) { + checkClipboardContent(); + } else { + // defer clipboard access on DOM events to work-around tor-browser#42306 + lazy.setTimeout(checkClipboardContent, 0); } }; const focusListener = e => @@ -233,18 +248,28 @@ const ClipboardPrivacy = { if ( this._isPrivateClipboard && lazy.PrivateBrowsingUtils.isWindowPrivate(win) && - !( - lazy.PrivateBrowsingUtils.permanentPrivateBrowsing || - Array.from(Services.ww.getWindowEnumerator()).find(w => - lazy.PrivateBrowsingUtils.isWindowPrivate(w) - ) - ) + (this._shuttingDown || + !Array.from(Services.ww.getWindowEnumerator()).find( + w => + lazy.PrivateBrowsingUtils.isWindowPrivate(w) && + // We need to filter out the HIDDEN WebExtensions window, + // which might be private as well but is not UI-relevant. + !w.location.href.startsWith("chrome://extensions/") + )) ) { // no more private windows, empty private content if needed this.emptyPrivate(); } } }); + + lazy.AsyncShutdown.quitApplicationGranted.addBlocker( + "ClipboardPrivacy: removing private data", + () => { + this._shuttingDown = true; + this.emptyPrivate(); + } + ); }, emptyPrivate() { if ( @@ -255,7 +280,20 @@ const ClipboardPrivacy = { ) && this._lastClipboardHash === this._computeClipboardHash() ) { - Services.clipboard.emptyClipboard(Ci.nsIClipboard.kGlobalClipboard); + // nsIClipboard.emptyClipboard() does nothing in Wayland: + // we'll set an empty string as a work-around. + const trans = this._createTransferable(); + const flavor = "text/plain"; + trans.addDataFlavor(flavor); + const emptyString = Cc["@mozilla.org/supports-string;1"].createInstance( + Ci.nsISupportsString + ); + emptyString.data = ""; + trans.setTransferData(flavor, emptyString); + const { clipboard } = Services, + { kGlobalClipboard } = clipboard; + clipboard.setData(trans, null, kGlobalClipboard); + clipboard.emptyClipboard(kGlobalClipboard); this._lastClipboardHash = null; this._isPrivateClipboard = false; console.log("Private clipboard emptied."); @@ -2130,7 +2168,6 @@ BrowserGlue.prototype = { } }, () => lazy.OnionAliasStore.uninit(), - () => ClipboardPrivacy.emptyPrivate(), // tor-browser#42019 ]; for (let task of tasks) { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/1a9bf95… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/1a9bf95… You're receiving this email because of your account on gitlab.torproject.org.

1 0