- tbb-commits - lists.torproject.org

[Git][tpo/applications/tor-browser-build][main] Bug 40866: Remove ansible from README
by Pier Angelo Vendrame (＠pierov) 24 May '23

24 May '23

Pier Angelo Vendrame pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: d94b4545 by Nicolas Vigier at 2023-05-24T13:24:07+02:00 Bug 40866: Remove ansible from README - - - - - 1 changed file: - README Changes: ===================================== README ===================================== @@ -156,18 +156,9 @@ Automated builds using tbb-testsuite ------------------------------------ The Tor Browser testsuite scripts can also be used to do nightly builds -and publish the build logs. The recommended way to do that is to use -the ansible roles from the tools/ansible directory. See next section -for details. - - -Using ansible to set up a nightly build machine ------------------------------------------------ - -The directory tools/ansible contains some ansible roles to set up a -nightly build machine. You can look at the playbook defined in -boklm-tbb-nightly-build.yml and variables in group_vars/boklm-tbb-nightly/ -for an example of how it can be used. +and publish the build logs. This page has some information about the +setup we use for nightly builds: +https://gitlab.torproject.org/tpo/applications/tor-browser/-/wikis/Nightly_Builds_Setup Signing builds View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/d… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/d… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.11.0esr-12.5-1] fixup! Bug 23247: Communicating security expectations for .onion
by Pier Angelo Vendrame (＠pierov) 24 May '23

24 May '23

Pier Angelo Vendrame pushed to branch tor-browser-102.11.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: 4c0986cb by cypherpunks1 at 2023-05-23T14:06:01-08:00 fixup! Bug 23247: Communicating security expectations for .onion Bug 33298: Warn when submitting form data from http onion sites over an insecure connection - - - - - 1 changed file: - dom/html/HTMLFormElement.cpp Changes: ===================================== dom/html/HTMLFormElement.cpp ===================================== @@ -893,7 +893,10 @@ nsresult HTMLFormElement::DoSecureToInsecureSubmitCheck(nsIURI* aActionURL, formIsHTTPS = OwnerDoc()->GetDocumentURI()->SchemeIs("https"); } if (!formIsHTTPS) { - return NS_OK; + bool formIsOnion = nsMixedContentBlocker::IsPotentiallyTrustworthyOnion(OwnerDoc()->GetDocumentURI()); + if (!formIsOnion) { + return NS_OK; + } } if (nsMixedContentBlocker::IsPotentiallyTrustworthyLoopbackURL(aActionURL)) { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/4c0986c… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/4c0986c… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag tbb-12.5a6-build1
by richard (＠richard) 23 May '23

23 May '23

richard pushed new tag tbb-12.5a6-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/tbb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 40843: Prepare Tor Browser Alpha 12.5a6
by richard (＠richard) 23 May '23

23 May '23

richard pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 63dce0f8 by Pier Angelo Vendrame at 2023-05-23T09:21:54+02:00 Bug 40843: Prepare Tor Browser Alpha 12.5a6 - - - - - 10 changed files: - projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt - projects/browser/allowed_addons.json - projects/browser/config - projects/firefox/config - projects/geckoview/config - projects/go/config - projects/manual/config - projects/translation/config - rbm.conf - tools/fetch-changelogs.py Changes: ===================================== projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt ===================================== @@ -1,3 +1,57 @@ +Tor Browser 12.5a6 - May 22 2023 + * All Platforms + * Updated Translations + * Updated Go to 11.9.9 + * Bug 40860: Improve the transition from the old fontconfig file to the new one [tor-browser-build] + * Bug 41728: Pin bridges.torproject.org domains to Let's Encrypt's root cert public key [tor-browser] + * Bug 41738: Replace the patch to disable live reload with its preference [tor-browser] + * Bug 41757: Rebase Tor Browser Alpha to 102.11.0esr [tor-browser] + * Bug 41763: TTP-02-003 WP1: Data URI allows JS execution despite safest security level (Low) [tor-browser] + * Bug 41764: TTP-02-004 OOS: No user-activation required to download files (Low) [tor-browser] + * Bug 41775: Avoid re-defining some macros in nsUpdateDriver.cpp [tor-browser] + * Windows + macOS + Linux + * Updated Firefox to 102.11esr + * Bug 41607: Update "New Circuit" icon [tor-browser] + * Bug 41736: Customize the default CustomizableUI toolbar using CustomizableUI.jsm [tor-browser] + * Bug 41770: Keyboard navigation broken leaving the toolbar tor circuit button [tor-browser] + * Bug 41777: Internally shippped manual does not adapt to RTL languages (it always align to the left) [tor-browser] + * Windows + Linux + * Bug 41654: UpdateInfo jumped into Data [tor-browser] + * Linux + * Bug 41732: implement linux font whitelist as defense-in-depth [tor-browser] + * Bug 41776: System fonts are temporarily leaked on Linux after the browser is updated from 12.5a4 or earlier [tor-browser] + * Android + * Updated GeckoView to 102.11esr + * Build System + * All Platforms + * Bug 33953: Provide a way for easily updating Go dependencies of projects [tor-browser-build] + * Bug 40673: Avoid building each go module separately [tor-browser-build] + * Bug 40818: Enable wasm target for rust compiler [tor-browser-build] + * Bug 40841: Adapt signing scripts to new signing machines [tor-browser-build] + * Bug 40849: Move Go dependencies to the projects dependent on them, not as a standalone projects [tor-browser-build] + * Bug 40856: Unblock nightly builds [tor-browser-build] + * Windows + * Bug 40846: Temporarily disable Windows signing [tor-browser-build] + +Tor Browser 12.0.6 - May 09 2023 + * All Platforms + * Updated Translations + * Updated Go to 11.9.9 + * Bug 41728: Pin bridges.torproject.org domains to Let's Encrypt's root cert public key [tor-browser] + * Bug 41756: Rebase Tor Browser Stable to 102.11.0esr [tor-browser] + * Windows + macOS + Linux + * Updated Firefox to 102.11esr + * Bug 40501: High CPU load after tor exits unexpectedly [tor-browser] + * Windows + * Bug 41683: Disable the network process on Windows [tor-browser] + * Android + * Updated GeckoView to 102.11esr + * Build System + * Windows + macOS + Linux + * Bug 41730: Bridge lines in tools/torbrowser/bridges.js out of date [tor-browser] + * macOS + * Bug 40844: Fix DMG reproducibility problem on 12.0.5 [tor-browser-build] + Tor Browser 12.5a5 - April 18 2023 * All Platforms * Updated Translations ===================================== projects/browser/allowed_addons.json ===================================== @@ -17,7 +17,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/34/9734/13299734/13299734.pn…" } ], - "average_daily_users": 970562, + "average_daily_users": 988302, "categories": { "android": [ "experimental", @@ -221,10 +221,10 @@ "category": "recommended" }, "ratings": { - "average": 4.5575, - "bayesian_average": 4.55632411125665, - "count": 4956, - "text_count": 1572 + "average": 4.5608, + "bayesian_average": 4.559632030468385, + "count": 5005, + "text_count": 1581 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/darkreader/reviews/", "requires_payment": false, @@ -321,7 +321,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/darkreader/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/darkreader/versions/", - "weekly_downloads": 25917 + "weekly_downloads": 24550 }, "notes": null }, @@ -337,7 +337,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/56/7656/6937656/6937656.png?…" } ], - "average_daily_users": 258016, + "average_daily_users": 258950, "categories": { "android": [ "security-privacy" @@ -553,10 +553,10 @@ "category": "recommended" }, "ratings": { - "average": 4.8168, - "bayesian_average": 4.81213034274172, - "count": 1332, - "text_count": 235 + "average": 4.8136, + "bayesian_average": 4.808937485557134, + "count": 1336, + "text_count": 237 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/reviews/", "requires_payment": false, @@ -641,7 +641,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/versions/", - "weekly_downloads": 3798 + "weekly_downloads": 3514 }, "notes": null }, @@ -657,7 +657,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/73/4073/5474073/5474073.png?…" } ], - "average_daily_users": 1125722, + "average_daily_users": 1133122, "categories": { "android": [ "security-privacy" @@ -669,7 +669,7 @@ "contributions_url": "https://paypal.me/SupportEFF?utm_content=product-page-contribute&utm_medium…", "created": "2014-05-01T18:23:16Z", "current_version": { - "id": 5520250, + "id": 5564707, "compatibility": { "firefox": { "min": "60.0", @@ -680,7 +680,7 @@ "max": "*" } }, - "edit_url": "https://addons.mozilla.org/en-US/developers/addon/privacy-badger17/versions…", + "edit_url": "https://addons.mozilla.org/en-US/developers/addon/privacy-badger17/versions…", "is_strict_compatibility_enabled": false, "license": { "id": 6, @@ -691,22 +691,22 @@ "url": "http://www.gnu.org/licenses/gpl-3.0.html" }, "release_notes": { - "en-US": "<ul><li>Added a note to the popup to explain that if you would like to log into websites with your Google account, you need to fully allow <a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/361ac6552f690217a6c9f0…" rel=\"nofollow\">accounts.google.com</a></li><li>Added dark theme support to widget replacement placeholders</li><li>Fixed blocking service worker-initiated requests in Chrome</li><li>Fixed various site breakages</li><li>Added Hindi translations</li><li>Improved Traditional Chinese translations</li></ul>" + "en-US": "<ul><li>Expanded protection for \"cookieblocked\" (slider set to yellow) domains. These domains are allowed to load without access to cookies, as a compromise to avoid breaking websites. However, sometimes the same domain is used to serve both unobjectionable content as well as obnoxious fingerprinters that do not need cookies to track your browsing. Privacy Badger will now fully block these fingerprinters.</li><li>Disabled Google's Topics API by default. The Topics API replaces Federated Learning of Cohorts (FLoC).</li><li>You can now see where Privacy Badger observed tracking by a given domain by clicking on the domain name in the list of tracking domains on the options page</li><li>Fixed various site breakages</li><li>Added Vietnamese translations</li><li>Improved translations (Finnish, French, Hebrew, Persian, European Portuguese, Russian, Spanish)</li></ul>" }, - "reviewed": "2023-02-02T18:47:37Z", - "version": "2023.1.31", + "reviewed": "2023-05-16T10:58:52Z", + "version": "2023.5.10", "files": [ { - "id": 4064595, - "created": "2023-01-31T16:05:01Z", - "hash": "sha256:0082d8ffe7b25f370a313d9b899b0c1ba1669b21b3a11791fe5ecf031aeb6a6c", + "id": 4109050, + "created": "2023-05-10T19:28:15Z", + "hash": "sha256:8ff7650d1ce133894293d1a3e268bb24d300e77a1c25488ed17846e71d8b33e8", "is_restart_required": false, "is_webextension": true, "is_mozilla_signed_extension": false, "platform": "all", - "size": 1834581, + "size": 1975567, "status": "public", - "url": "https://addons.mozilla.org/firefox/downloads/file/4064595/privacy_badger17-…", + "url": "https://addons.mozilla.org/firefox/downloads/file/4109050/privacy_badger17-…", "permissions": [ "tabs", "http://*/*", @@ -1134,7 +1134,7 @@ }, "is_disabled": false, "is_experimental": false, - "last_updated": "2023-02-02T18:47:37Z", + "last_updated": "2023-05-16T10:58:52Z", "name": { "en-US": "Privacy Badger" }, @@ -1180,10 +1180,10 @@ "category": "recommended" }, "ratings": { - "average": 4.8005, - "bayesian_average": 4.797701870245844, - "count": 2215, - "text_count": 428 + "average": 4.802, + "bayesian_average": 4.79921587479466, + "count": 2232, + "text_count": 426 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/reviews/", "requires_payment": false, @@ -1207,7 +1207,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/versions/", - "weekly_downloads": 22431 + "weekly_downloads": 18346 }, "notes": null }, @@ -1223,7 +1223,7 @@ "picture_url": null } ], - "average_daily_users": 6247825, + "average_daily_users": 6410036, "categories": { "android": [ "security-privacy" @@ -1235,7 +1235,7 @@ "contributions_url": "", "created": "2015-04-25T07:26:22Z", "current_version": { - "id": 5547815, + "id": 5558705, "compatibility": { "firefox": { "min": "78.0", @@ -1246,7 +1246,7 @@ "max": "*" } }, - "edit_url": "https://addons.mozilla.org/en-US/developers/addon/ublock-origin/versions/55…", + "edit_url": "https://addons.mozilla.org/en-US/developers/addon/ublock-origin/versions/55…", "is_strict_compatibility_enabled": false, "license": { "id": 6, @@ -1257,22 +1257,22 @@ "url": "http://www.gnu.org/licenses/gpl-3.0.html" }, "release_notes": { - "en-US": "See complete release notes for <a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/9ba5436deff955b8634d3a…" rel=\"nofollow\">1.48.4</a>.\n\nFixes / changes\n\n<ul><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/2881e29d212046e14a4f20…" rel=\"nofollow\">Fix presumed network filter not being a valid network filter</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/1d29de8f605dc6f4b7684f…" rel=\"nofollow\">Avoid using ! toolbar icon badge when inconsequential</a><ul><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/04728b2f874e135c8736ae…" rel=\"nofollow\">Clear unprocessed requests status on webNavigation reload event</a></li></ul></li></ul>\n<a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/e34f62492a00e2b8a221ca…" rel=\"nofollow\">Commits history since last version</a>." + "en-US": "See complete release notes for <a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/24794abbbc5c8930eafab3…" rel=\"nofollow\">1.49.2</a>.\n\nFixes\n\n<ul><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/812da480d7e6e2fa7d6fd1…" rel=\"nofollow\">Reverse usage of browser.alarms</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/53eab9764901466ecb7c1c…" rel=\"nofollow\">Mind rejected promises from vAPI.storage API</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/58bde6ecd0ff76608c1456…" rel=\"nofollow\">Properly handle promise rejection from webext.storage.local API</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/3f0e0640ef4983e8fd2352…" rel=\"nofollow\">Add more checks against unexpected conditions re. assets.json</a></li></ul>\n<a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/deebdaa7a15172babdad3e…" rel=\"nofollow\">Commits history since last version</a>." }, - "reviewed": "2023-04-05T17:12:25Z", - "version": "1.48.4", + "reviewed": "2023-05-03T16:26:03Z", + "version": "1.49.2", "files": [ { - "id": 4092158, - "created": "2023-04-01T21:20:42Z", - "hash": "sha256:d7666b963c2969b0014937aae55472eea5098ff21ed3bea8a2e1f595f62856c1", + "id": 4103048, + "created": "2023-04-26T14:37:33Z", + "hash": "sha256:39266486f720cd31d291d2fdad78625b079782a05517e1936eec7e780bc2a84d", "is_restart_required": false, "is_webextension": true, "is_mozilla_signed_extension": false, "platform": "all", - "size": 3343703, + "size": 3383174, "status": "public", - "url": "https://addons.mozilla.org/firefox/downloads/file/4092158/ublock_origin-1.4…", + "url": "https://addons.mozilla.org/firefox/downloads/file/4103048/ublock_origin-1.4…", "permissions": [ "dns", "menus", @@ -1388,7 +1388,7 @@ }, "is_disabled": false, "is_experimental": false, - "last_updated": "2023-04-16T15:40:30Z", + "last_updated": "2023-05-21T19:05:37Z", "name": { "ar": "uBlock Origin", "bg": "uBlock Origin", @@ -1533,10 +1533,10 @@ "category": "recommended" }, "ratings": { - "average": 4.7805, - "bayesian_average": 4.780095724686764, - "count": 15264, - "text_count": 3968 + "average": 4.7807, + "bayesian_average": 4.780299334467883, + "count": 15437, + "text_count": 4014 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/reviews/", "requires_payment": false, @@ -1598,7 +1598,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/versions/", - "weekly_downloads": 132315 + "weekly_downloads": 131360 }, "notes": null }, @@ -1614,19 +1614,20 @@ "picture_url": null } ], - "average_daily_users": 159848, + "average_daily_users": 168477, "categories": { "android": [ "photos-media" ], "firefox": [ - "games-entertainment" + "games-entertainment", + "photos-music-videos" ] }, "contributions_url": "", "created": "2017-05-03T08:36:43Z", "current_version": { - "id": 5220332, + "id": 5560463, "compatibility": { "firefox": { "min": "42.0", @@ -1637,7 +1638,7 @@ "max": "*" } }, - "edit_url": "https://addons.mozilla.org/en-US/developers/addon/video-background-play-fix…", + "edit_url": "https://addons.mozilla.org/en-US/developers/addon/video-background-play-fix…", "is_strict_compatibility_enabled": false, "license": { "id": 22, @@ -1648,24 +1649,24 @@ "url": "http://www.opensource.org/license/mit" }, "release_notes": { - "de": "Experimentelle Verbesserungen der Handhabung von Youtube.", - "en-US": "Experimental improvement of Youtube handling.", - "ro": "Îmbunătățiri experimentale pentru Youtube." + "de": "Neue Übersetzungen ergänzt", + "en-US": "Added new translations", + "ro": "Adăugat traduceri noi" }, - "reviewed": "2021-04-23T07:50:05Z", - "version": "1.6.0", + "reviewed": "2023-05-05T14:25:10Z", + "version": "1.7.0", "files": [ { - "id": 3764692, - "created": "2021-04-22T21:46:53Z", - "hash": "sha256:73cfa682e0398ca1b51890340e4a6df3fcea945f54e9e677e9db942152aa614d", + "id": 4104806, + "created": "2023-05-01T11:53:35Z", + "hash": "sha256:e8713a1720ffba236c40ebabd5ac1db88702d75c21edc23d61216a5897b3792a", "is_restart_required": false, "is_webextension": true, "is_mozilla_signed_extension": false, "platform": "all", - "size": 12088, + "size": 12968, "status": "public", - "url": "https://addons.mozilla.org/firefox/downloads/file/3764692/video_background_…", + "url": "https://addons.mozilla.org/firefox/downloads/file/4104806/video_background_…", "permissions": [ "*://*.youtube.com/*", "*://*.youtube-nocookie.com/*", @@ -1678,9 +1679,9 @@ }, "default_locale": "en-US", "description": { - "de": "ACHTUNG: Im neuen Firefox für Android (Version 79 und neuer) funktioniert Videowiedergabe im Hintergrund erst <a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/05bb7b1ef7f63358eeabcd…" rel=\"nofollow\">ab Firefox 82</a> korrekt.\n\nUnterstützt momentan folgende Seiten:\n<ul><li>Youtube</li><li>Vimeo (Wiedergabe nicht unterbrechen wenn Vollbildmodus beendet wird)</li></ul>", - "en-US": "ATTENTION: With the new Firefox on Android (Firefox 79 and newer), background playback only properly works starting <a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/05bb7b1ef7f63358eeabcd…" rel=\"nofollow\">from Firefox 82</a>.\n\nThe following pages are currently supported:\n<ul><li>Youtube</li><li>Vimeo (don't stop playback when existing fullscreen)</li></ul>", - "ro": "ATENȚIE: În noul Firefox pentru Android (versiunea 79+), redarea video în fundal funcționează corect abia de la <a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/05bb7b1ef7f63358eeabcd…" rel=\"nofollow\">Firefox 82</a>.\n\nÎn prezent este compatibil cu următoarele site-uri:\n<ul><li>Youtube</li><li>Vimeo (nu întrerupeți redarea atunci când ieșiți din modul fullscreen)</li></ul>" + "de": "Unterstützt momentan folgende Seiten:\n<ul><li>Youtube</li><li>Vimeo (Wiedergabe nicht unterbrechen wenn Vollbildmodus beendet wird)</li></ul>", + "en-US": "The following pages are currently supported:\n<ul><li>Youtube</li><li>Vimeo (don't stop playback when existing fullscreen)</li></ul>", + "ro": "În prezent este compatibil cu următoarele site-uri:\n<ul><li>Youtube</li><li>Vimeo (nu întrerupeți redarea atunci când ieșiți din modul fullscreen)</li></ul>" }, "developer_comments": null, "edit_url": "https://addons.mozilla.org/en-US/developers/addon/video-background-play-fix…", @@ -1698,7 +1699,7 @@ }, "is_disabled": false, "is_experimental": false, - "last_updated": "2021-04-23T07:50:05Z", + "last_updated": "2023-05-05T14:25:10Z", "name": { "de": "Videowiedergabe im Hintergrund", "en-US": "Video Background Play Fix", @@ -1712,10 +1713,10 @@ "category": "recommended" }, "ratings": { - "average": 4.4964, - "bayesian_average": 4.4911928855659555, - "count": 1100, - "text_count": 407 + "average": 4.4875, + "bayesian_average": 4.482377575890338, + "count": 1118, + "text_count": 418 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/video-background-play-fix/re…", "requires_payment": false, @@ -1737,7 +1738,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/video-background-play-fix/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/video-background-play-fix/ve…", - "weekly_downloads": 366 + "weekly_downloads": 387 }, "notes": null }, @@ -1753,7 +1754,7 @@ "picture_url": null } ], - "average_daily_users": 88484, + "average_daily_users": 88341, "categories": { "android": [ "experimental", @@ -1866,9 +1867,9 @@ ], "promoted": null, "ratings": { - "average": 4.3668, - "bayesian_average": 4.352941163663537, - "count": 398, + "average": 4.37, + "bayesian_average": 4.356186612333998, + "count": 400, "text_count": 112 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-possum/reviews/", @@ -1891,7 +1892,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-possum/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-possum/versions/", - "weekly_downloads": 1034 + "weekly_downloads": 1535 }, "notes": null }, @@ -1907,7 +1908,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/64/9064/12929064/12929064.pn…" } ], - "average_daily_users": 258622, + "average_daily_users": 262509, "categories": { "android": [ "photos-media", @@ -2126,10 +2127,10 @@ "category": "recommended" }, "ratings": { - "average": 4.6538, - "bayesian_average": 4.64901646767579, - "count": 1248, - "text_count": 241 + "average": 4.6537, + "bayesian_average": 4.648959055095389, + "count": 1262, + "text_count": 242 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/search_by_image/reviews/", "requires_payment": false, @@ -2150,7 +2151,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/search_by_image/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/search_by_image/versions/", - "weekly_downloads": 4497 + "weekly_downloads": 3984 }, "notes": null }, @@ -2173,7 +2174,7 @@ "picture_url": null } ], - "average_daily_users": 109747, + "average_daily_users": 111302, "categories": { "android": [ "other" @@ -2456,10 +2457,10 @@ "category": "recommended" }, "ratings": { - "average": 4.4449, - "bayesian_average": 4.440238588001734, - "count": 1207, - "text_count": 321 + "average": 4.4439, + "bayesian_average": 4.439229613376027, + "count": 1212, + "text_count": 322 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/google-search-fixer/reviews/", "requires_payment": false, @@ -2479,7 +2480,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/google-search-fixer/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/google-search-fixer/versions/", - "weekly_downloads": 31 + "weekly_downloads": 32 }, "notes": null }, @@ -2495,7 +2496,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/43/0143/143/143.png?modified…" } ], - "average_daily_users": 312295, + "average_daily_users": 314158, "categories": { "android": [ "performance", @@ -2509,7 +2510,7 @@ "contributions_url": "https://www.paypal.com/donate/?hosted_button_id=9ERKTU5MBH4EW&utm_content=p…", "created": "2005-05-13T10:51:32Z", "current_version": { - "id": 5546627, + "id": 5566736, "compatibility": { "firefox": { "min": "59.0", @@ -2520,7 +2521,7 @@ "max": "*" } }, - "edit_url": "https://addons.mozilla.org/en-US/developers/addon/noscript/versions/5546627", + "edit_url": "https://addons.mozilla.org/en-US/developers/addon/noscript/versions/5566736", "is_strict_compatibility_enabled": false, "license": { "id": 13, @@ -2531,22 +2532,22 @@ "url": "http://www.gnu.org/licenses/gpl-2.0.html" }, "release_notes": { - "en-US": "v 11.4.21\n============================================================\nx Fixed mislabeled Tor Browser settings override option\nx [L10n] Updated mk" + "en-US": "v 11.4.22\n============================================================\nx [L10n] Updated uk\nx Consistently apply DEFAULT policy to top-level data: URLs" }, - "reviewed": "2023-04-04T12:01:03Z", - "version": "11.4.21", + "reviewed": "2023-05-18T09:07:59Z", + "version": "11.4.22", "files": [ { - "id": 4090970, - "created": "2023-03-30T09:39:24Z", - "hash": "sha256:0fd3b66a2780d03a5b3cd460216105f3df2b27c6d3a552c1769c5de48c9e2338", + "id": 4111078, + "created": "2023-05-15T08:32:54Z", + "hash": "sha256:46a84c85df4c6be11905388ad2b66aeb5a010ed615484112c8c1710ad13bc36e", "is_restart_required": false, "is_webextension": true, "is_mozilla_signed_extension": false, "platform": "all", - "size": 951542, + "size": 948900, "status": "public", - "url": "https://addons.mozilla.org/firefox/downloads/file/4090970/noscript-11.4.21.…", + "url": "https://addons.mozilla.org/firefox/downloads/file/4111078/noscript-11.4.22.…", "permissions": [ "contextMenus", "storage", @@ -2613,7 +2614,7 @@ }, "is_disabled": false, "is_experimental": false, - "last_updated": "2023-04-04T12:01:03Z", + "last_updated": "2023-05-21T21:36:00Z", "name": { "de": "NoScript", "el": "NoScript", @@ -2685,10 +2686,10 @@ "category": "recommended" }, "ratings": { - "average": 4.4117, - "bayesian_average": 4.40897409082447, - "count": 2055, - "text_count": 798 + "average": 4.4074, + "bayesian_average": 4.404687188031893, + "count": 2067, + "text_count": 803 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/noscript/reviews/", "requires_payment": false, @@ -2732,7 +2733,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/noscript/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/noscript/versions/", - "weekly_downloads": 8021 + "weekly_downloads": 7591 }, "notes": null }, @@ -2748,7 +2749,7 @@ "picture_url": null } ], - "average_daily_users": 146192, + "average_daily_users": 151904, "categories": { "android": [ "performance", @@ -2863,10 +2864,10 @@ "category": "recommended" }, "ratings": { - "average": 3.9109, - "bayesian_average": 3.9065939897765096, - "count": 1122, - "text_count": 397 + "average": 3.9026, + "bayesian_average": 3.898323122758472, + "count": 1129, + "text_count": 401 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/revi…", "requires_payment": false, @@ -2885,7 +2886,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/vers…", - "weekly_downloads": 1829 + "weekly_downloads": 1860 }, "notes": null } ===================================== projects/browser/config ===================================== @@ -103,9 +103,9 @@ input_files: enable: '[% ! c("var/android") %]' - filename: Bundle-Data enable: '[% ! c("var/android") %]' - - URL: https://addons.mozilla.org/firefox/downloads/file/4090970/noscript-11.4.21.… + - URL: https://addons.mozilla.org/firefox/downloads/file/4111078/noscript-11.4.22.… name: noscript - sha256sum: 0fd3b66a2780d03a5b3cd460216105f3df2b27c6d3a552c1769c5de48c9e2338 + sha256sum: 46a84c85df4c6be11905388ad2b66aeb5a010ed615484112c8c1710ad13bc36e - URL: https://addons.mozilla.org/firefox/downloads/file/4079064/ublock_origin-1.4… name: ublock-origin sha256sum: a35a6c8758ba74616afc09648c96d74ec2e7d27fe30f311d1db6e9a4966e7858 ===================================== projects/firefox/config ===================================== @@ -11,7 +11,7 @@ container: use_container: 1 var: - firefox_platform_version: 102.10.0 + firefox_platform_version: 102.11.0 firefox_version: '[% c("var/firefox_platform_version") %]esr' browser_series: '12.5' browser_branch: '[% c("var/browser_series") %]-1' ===================================== projects/geckoview/config ===================================== @@ -11,7 +11,7 @@ container: use_container: 1 var: - geckoview_version: 102.10.0esr + geckoview_version: 102.11.0esr browser_branch: 12.5-1 browser_build: 3 copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' ===================================== projects/go/config ===================================== @@ -1,5 +1,5 @@ # vim: filetype=yaml sw=2 -version: 1.19.8 +version: 1.19.9 filename: '[% project %]-[% c("version") %]-[% c("var/build_id") %].tar.gz' container: use_container: 1 @@ -121,7 +121,7 @@ input_files: enable: '[% ! c("var/linux") %]' - URL: 'https://golang.org/dl/go[% c("version") %].src.tar.gz' name: go - sha256sum: 1d7a67929dccafeaf8a29e55985bc2b789e0499cb1a17100039f084e3238da2f + sha256sum: 131190a4697a70c5b1d232df5d3f55a3f9ec0e78e40516196ffb3f09ae6a5744 - URL: 'https://golang.org/dl/go[% c("var/go14_version") %].src.tar.gz' name: go14 sha256sum: 9947fc705b0b841b5938c48b22dc33e9647ec0752bae66e50278df4f23f64959 ===================================== projects/manual/config ===================================== @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 # To update, see doc/how-to-update-the-manual.txt # Remember to update also the package's hash, with the version! -version: 74065 +version: 79869 filename: 'manual-[% c("version") %]-[% c("var/build_id") %].tar.gz' container: use_container: 1 @@ -17,8 +17,8 @@ var: input_files: - project: container-image - - URL: 'https://people.torproject.org/~richard/tbb_files/manual_[% c("version") %].zip' + - URL: 'https://people.torproject.org/~pierov/tbb_files/manual_[% c("version") %].zip' name: manual - sha256sum: 788c2dc2bfacbc6961ce443c5639706cc23fbb7b7730ed7f71a26396511305be + sha256sum: ee4c6e4ce4998736ae44dc3e6f92875a481b9e03860517764ea9af6c2bba24e0 - filename: packagemanual.py name: package_script ===================================== projects/translation/config ===================================== @@ -6,19 +6,19 @@ version: '[% c("abbrev") %]' steps: base-browser: base-browser: '[% INCLUDE build %]' - git_hash: 97c76d5183b16b069e66feaaf10e00c1d2c7d9e0 + git_hash: f1f1204c2421db64ae3d30be31a4d7819b9a3e42 targets: nightly: git_hash: 'base-browser' base-browser-fluent: base-browser-fluent: '[% INCLUDE build %]' - git_hash: e016c52705a2663309a7b05b05ac93002eab3ed0 + git_hash: 3167fc379caac406941ae4fce429c302fd1a6d5d targets: nightly: git_hash: 'basebrowser-newidentityftl' tor-browser: tor-browser: '[% INCLUDE build %]' - git_hash: 69273c40343bd6f8f125109ddac9d949d7bcb605 + git_hash: 7089eb9ac06e0f6de99c386a09821c8799849206 targets: nightly: git_hash: 'tor-browser' @@ -26,7 +26,7 @@ steps: fenix: '[% INCLUDE build %]' # We need to bump the commit before releasing but just pointing to a branch # might cause too much rebuidling of the Firefox part. - git_hash: 0deec2a78dea0013e8c4eaec1d40ef5aac4e43b0 + git_hash: 65def475aa000981ac3c1b6db203e8e707f72e16 targets: nightly: git_hash: 'fenix-torbrowserstringsxml' ===================================== rbm.conf ===================================== @@ -94,10 +94,11 @@ buildconf: git_signtag_opt: '-s' var: - torbrowser_version: '12.5a5' + torbrowser_version: '12.5a6' torbrowser_build: 'build1' torbrowser_incremental_from: - 12.5a4 + - 12.5a5 updater_enabled: 1 build_mar: 1 mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]' ===================================== tools/fetch-changelogs.py ===================================== @@ -111,15 +111,19 @@ if r.status_code == 401: print("Unauthorized! Has your token expired?") sys.exit(3) issue = None +issues = [] for i in r.json(): if i["title"].find(sys.argv[1]) != -1: - if issue is None: - issue = i - else: - print("More than one matching issue found!") - print("Please use the issue id.") - sys.exit(4) -if not issue: + issues.append(i) +if len(issues) == 1: + issue = issues[0] +elif len(issues) > 1: + print("More than one matching issue found:") + for idx, i in enumerate(issues): + print(f" {idx + 1}) #{i['iid']} - {i['title']}") + print("Please use the issue id.") + sys.exit(4) +else: iid = version version = None if iid[0] == "#": @@ -161,8 +165,9 @@ for issues in linked: print(f" * {issues[0].get_platforms()}") for i in issues: print(f" * {i}") -print(" * Build System") -for issues in linked_build: - print(f" * {issues[0].get_platforms()}") - for i in issues: - print(f" * {i}") +if linked_build: + print(" * Build System") + for issues in linked_build: + print(f" * {issues[0].get_platforms()}") + for i in issues: + print(f" * {i}") View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-102.11.0esr-12.5-1-build3
by Pier Angelo Vendrame (＠pierov) 23 May '23

23 May '23

Pier Angelo Vendrame pushed new tag tor-browser-102.11.0esr-12.5-1-build3 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.11.0esr-12.5-1] fixup! Bug 41668: Tweaks to the Base Browser updater for Tor Browser
by Pier Angelo Vendrame (＠pierov) 23 May '23

23 May '23

Pier Angelo Vendrame pushed to branch tor-browser-102.11.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: d9327485 by Pier Angelo Vendrame at 2023-05-23T09:07:24+02:00 fixup! Bug 41668: Tweaks to the Base Browser updater for Tor Browser Bug 41776 (fix): Added some missing lines to the previous patch - - - - - 1 changed file: - tools/update-packaging/make_incremental_update.sh Changes: ===================================== tools/update-packaging/make_incremental_update.sh ===================================== @@ -222,6 +222,10 @@ for ((i=0; $i<$num_oldfiles; i=$i+1)); do if check_for_add_if_update "$f"; then # TODO: Remove once we do a watershed release + # The full workdir may not exist yet, so create it if necessary. + mkdir -p `dirname "$workdir/$f"` + $XZ $XZ_OPT --compress $BCJ_OPTIONS --lzma2 --format=xz --check=crc64 --force --stdout "$newdir/$f" > "$workdir/$f" + copy_perm "$newdir/$f" "$workdir/$f" make_add_if_instruction "$f" "$updatemanifestv3" archivefiles="$archivefiles \"$f\"" continue 1 View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/d932748… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/d932748… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-102.11.0esr-12.5-1-build2
by Pier Angelo Vendrame (＠pierov) 22 May '23

22 May '23

Pier Angelo Vendrame pushed new tag tor-browser-102.11.0esr-12.5-1-build2 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.11.0esr-12.5-1] 2 commits: fixup! Bug 41668: Tweaks to the Base Browser updater for Tor Browser
by Pier Angelo Vendrame (＠pierov) 22 May '23

22 May '23

Pier Angelo Vendrame pushed to branch tor-browser-102.11.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: f115af33 by Pier Angelo Vendrame at 2023-05-22T10:36:55+02:00 fixup! Bug 41668: Tweaks to the Base Browser updater for Tor Browser Bug 41776: Keep shipping the old fontconfig file until users have one - - - - - 5ec55d20 by Pier Angelo Vendrame at 2023-05-22T10:36:56+02:00 fixup! Firefox preference overrides. Bug 41732: Use font.system.whitelist also on Linux as a defense-in-depth - - - - - 4 changed files: - browser/app/profile/001-base-profile.js - tools/update-packaging/common.sh - tools/update-packaging/make_full_update.sh - tools/update-packaging/make_incremental_update.sh Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -700,6 +700,8 @@ pref("font.name-list.monospace.x-unicode", "Consolas, Noto Sans Balinese, Noto S #endif #ifdef XP_LINUX +pref("font.system.whitelist", "Arimo, Cousine, Noto Naskh Arabic, Noto Sans Adlam, Noto Sans Armenian, Noto Sans Balinese, Noto Sans Bamum, Noto Sans Bassa Vah, Noto Sans Batak, Noto Sans Bengali, Noto Sans Buginese, Noto Sans Buhid, Noto Sans Canadian Aboriginal, Noto Sans Chakma, Noto Sans Cham, Noto Sans Cherokee, Noto Sans Coptic, Noto Sans Deseret, Noto Sans Devanagari, Noto Sans Elbasan, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Grantha, Noto Sans Gujarati, Noto Sans Gunjala Gondi, Noto Sans Gurmukhi, Noto Sans Hanifi Rohingya, Noto Sans Hanunoo, Noto Sans Hebrew, Noto Sans JP, Noto Sans Javanese, Noto Sans KR, Noto Sans Kannada, Noto Sans Kayah Li, Noto Sans Khmer, Noto Sans Khojki, Noto Sans Khudawadi, Noto Sans Lao, Noto Sans Lepcha, Noto Sans Limbu, Noto Sans Lisu, Noto Sans Mahajani, Noto Sans Malayalam, Noto Sans Mandaic, Noto Sans Masaram Gondi, Noto Sans Medefaidrin, Noto Sans Meetei Mayek, Noto Sans Mende Kikakui, Noto Sans Miao, Noto Sans Modi, Noto Sans Mongolian, Noto Sans Mro, Noto Sans Multani, Noto Sans Myanmar, Noto Sans NKo, Noto Sans New Tai Lue, Noto Sans Newa, Noto Sans Ol Chiki, Noto Sans Oriya, Noto Sans Osage, Noto Sans Osmanya, Noto Sans Pahawh Hmong, Noto Sans Pau Cin Hau, Noto Sans Rejang, Noto Sans Runic, Noto Sans SC, Noto Sans Samaritan, Noto Sans Saurashtra, Noto Sans Sharada, Noto Sans Shavian, Noto Sans Sinhala, Noto Sans Sora Sompeng, Noto Sans Soyombo, Noto Sans Sundanese, Noto Sans Syloti Nagri, Noto Sans Symbols, Noto Sans Symbols2, Noto Sans Syriac, Noto Sans TC, Noto Sans Tagalog, Noto Sans Tagbanwa, Noto Sans Tai Le, Noto Sans Tai Tham, Noto Sans Tai Viet, Noto Sans Takri, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tifinagh, Noto Sans Tifinagh APT, Noto Sans Tifinagh Adrar, Noto Sans Tifinagh Agraw Imazighen, Noto Sans Tifinagh Ahaggar, Noto Sans Tifinagh Air, Noto Sans Tifinagh Azawagh, Noto Sans Tifinagh Ghat, Noto Sans Tifinagh Hawad, Noto Sans Tifinagh Rhissa Ixa, Noto Sans Tifinagh SIL, Noto Sans Tifinagh Tawellemmet, Noto Sans Tirhuta, Noto Sans Vai, Noto Sans Wancho, Noto Sans Warang Citi, Noto Sans Yi, Noto Sans Zanabazar Square, Noto Serif Armenian, Noto Serif Balinese, Noto Serif Bengali, Noto Serif Devanagari, Noto Serif Dogra, Noto Serif Ethiopic, Noto Serif Georgian, Noto Serif Grantha, Noto Serif Gujarati, Noto Serif Gurmukhi, Noto Serif Hebrew, Noto Serif Hmong Nyiakeng, Noto Serif Kannada, Noto Serif Khmer, Noto Serif Khojki, Noto Serif Lao, Noto Serif Malayalam, Noto Serif Myanmar, Noto Serif Sinhala, Noto Serif Tamil, Noto Serif Telugu, Noto Serif Thai, Noto Serif Tibetan, Noto Serif Yezidi, STIX Math, Tinos, Twemoji Mozilla"); + // Arabic pref("font.name-list.serif.ar", "Noto Naskh Arabic, Tinos"); pref("font.name-list.sans-serif.ar", "Noto Naskh Arabic, Arimo"); ===================================== tools/update-packaging/common.sh ===================================== @@ -108,6 +108,28 @@ make_add_if_not_instruction() { echo "add-if-not \"$f\" \"$f\"" >> "$filev3" } +check_for_add_if_update() { + add_if_file_chk="$1" + + # tor-browser#41776: We will remove with the old fontconfig file manually + # outside the update process. So, let the updater add the file if there. + # TODO: Remove once we do a watershed release. + if [ "$add_if_file_chk" = "TorBrowser/Data/fontconfig/fonts.conf" ]; then + ## "true" *giggle* + return 0; + fi + ## 'false'... because this is bash. Oh yay! + return 1; +} + +make_add_if_instruction() { + f="$1" + filev3="$2" + + verbose_notice " add-if \"$f\" \"$f\"" + echo "add-if \"$f\" \"$f\"" >> "$filev3" +} + make_addsymlink_instruction() { link="$1" target="$2" ===================================== tools/update-packaging/make_full_update.sh ===================================== @@ -106,6 +106,9 @@ for ((i=0; $i<$num_files; i=$i+1)); do if check_for_add_if_not_update "$f"; then make_add_if_not_instruction "$f" "$updatemanifestv3" + elif check_for_add_if_update "$f"; then + # TODO: Remove once we do a watershed release + make_add_if_instruction "$f" "$updatemanifestv3" else make_add_instruction "$f" "$updatemanifestv3" fi ===================================== tools/update-packaging/make_incremental_update.sh ===================================== @@ -220,6 +220,13 @@ for ((i=0; $i<$num_oldfiles; i=$i+1)); do continue 1 fi + if check_for_add_if_update "$f"; then + # TODO: Remove once we do a watershed release + make_add_if_instruction "$f" "$updatemanifestv3" + archivefiles="$archivefiles \"$f\"" + continue 1 + fi + if check_for_forced_update "$requested_forced_updates" "$f"; then # The full workdir may not exist yet, so create it if necessary. mkdir -p `dirname "$workdir/$f"` @@ -328,6 +335,9 @@ for ((i=0; $i<$num_newfiles; i=$i+1)); do if check_for_add_if_not_update "$f"; then make_add_if_not_instruction "$f" "$updatemanifestv3" + elif check_for_add_if_update "$f"; then + # TODO: Remove once we do a watershed release + make_add_if_instruction "$f" "$updatemanifestv3" else make_add_instruction "$f" "$updatemanifestv3" fi View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/2970a4… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/2970a4… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 40860: Improve the transition from the old fontconfig file to the new one
by Pier Angelo Vendrame (＠pierov) 22 May '23

22 May '23

Pier Angelo Vendrame pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: c78f6080 by Pier Angelo Vendrame at 2023-05-17T19:15:20+02:00 Bug 40860: Improve the transition from the old fontconfig file to the new one - - - - - 2 changed files: - projects/browser/RelativeLink/start-browser - projects/browser/build Changes: ===================================== projects/browser/RelativeLink/start-browser ===================================== @@ -340,6 +340,15 @@ setControlPortPasswd ${TOR_CONTROL_PASSWD:='"secret"'} # Set up custom bundled fonts. See fonts-conf(5). export FONTCONFIG_PATH="${HOME}/fontconfig" export FONTCONFIG_FILE="fonts.conf" +[% # tor-browser#41776: We cannot make the updater remove this file. + # So, let's remove it on this script, since we know that at this point the + # browser will not need it anymore. + # Remove once we do a watershed release. + -%] +[% IF c("var/tor-browser") -%] +# Old fontconfig directory, not needed anymore +rm -Rf "${HOME}/TorBrowser/Data/fontconfig" +[% END -%] # Avoid overwriting user's dconf values. Fixes #27903. export GSETTINGS_BACKEND=memory ===================================== projects/browser/build ===================================== @@ -222,6 +222,15 @@ for tbdir in "${TBDIRS[@]}" do [% IF c("var/linux") -%] mv Bundle-Data/linux/Data/fontconfig "$tbdir/" + [% IF c("var/tor-browser") -%] + # tor-browser#41776: We cannot remove the old fontconfig file with the + # updater. So, let's keep it for the mar generation, but remove it from + # new packages. + # Remove once we do a watershed release. + oldfontconfig="$tbdir/TorBrowser/Data/fontconfig" + mkdir -p $oldfontconfig + cp "$tbdir/fontconfig/fonts.conf" "$oldfontconfig/" + [% END -%] [% END -%] mkdir -p "$tbdir/$DOCSPATH" @@ -357,6 +366,12 @@ cd $distdir [% END -%] [% IF c("var/linux") %] + [% IF c("var/tor-browser") %] + # We need the old fontconfig files only when updating from old installations + # that include it, but do not add it to new packages! + # Remove once we do a watershed release. + rm -rf "$TBDIR/TorBrowser/Data/fontconfig" + [% END -%] [% c('tar', { tar_src => [ '$PKG_DIR' ], tar_args => '-cJf $OUTDIR/' _ c("var/project-name") _ '-' _ c("var/mar_osname") _ '-' _ c("var/torbrowser_version") _ '_${PKG_LOCALE}.tar.xz', View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/c… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/c… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-102.11.0esr-12.0-1] fixup! Firefox preference overrides.
by richard (＠richard) 18 May '23

18 May '23

richard pushed to branch base-browser-102.11.0esr-12.0-1 at The Tor Project / Applications / Tor Browser Commits: cfca55d2 by hackademix at 2023-05-18T20:09:37+00:00 fixup! Firefox preference overrides. tor-browser#41764, prevent automatic download stuffing / DOS - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -44,6 +44,9 @@ pref("security.nocertdb", true); pref("browser.download.useDownloadDir", false); pref("browser.download.manager.addToRecentDocs", false); +// Prevent download stuffing / DOS (tor-browser#41764) +pref("browser.download.enable_spam_prevention", true); + // Misc privacy: Disk pref("signon.rememberSignons", false); pref("browser.formfill.enable", false); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/cfca55d… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/cfca55d… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.11.0esr-12.0-1] fixup! Firefox preference overrides.
by richard (＠richard) 18 May '23

18 May '23

richard pushed to branch tor-browser-102.11.0esr-12.0-1 at The Tor Project / Applications / Tor Browser Commits: 1a914ae1 by hackademix at 2023-05-18T20:09:05+00:00 fixup! Firefox preference overrides. tor-browser#41764, prevent automatic download stuffing / DOS - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -44,6 +44,9 @@ pref("security.nocertdb", true); pref("browser.download.useDownloadDir", false); pref("browser.download.manager.addToRecentDocs", false); +// Prevent download stuffing / DOS (tor-browser#41764) +pref("browser.download.enable_spam_prevention", true); + // Misc privacy: Disk pref("signon.rememberSignons", false); pref("browser.formfill.enable", false); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/1a914ae… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/1a914ae… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-102.11.0esr-12.5-1] fixup! Firefox preference overrides.
by richard (＠richard) 18 May '23

18 May '23

richard pushed to branch base-browser-102.11.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: b937f860 by hackademix at 2023-05-18T20:06:51+00:00 fixup! Firefox preference overrides. tor-browser#41764, prevent automatic download stuffing / DOS - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -48,6 +48,9 @@ pref("security.nocertdb", true); pref("browser.download.useDownloadDir", false); pref("browser.download.manager.addToRecentDocs", false); +// Prevent download stuffing / DOS (tor-browser#41764) +pref("browser.download.enable_spam_prevention", true); + // Misc privacy: Disk pref("signon.rememberSignons", false); pref("browser.formfill.enable", false); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/b937f86… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/b937f86… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.11.0esr-12.5-1] fixup! Firefox preference overrides.
by richard (＠richard) 18 May '23

18 May '23

richard pushed to branch tor-browser-102.11.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: 2970a44d by hackademix at 2023-05-18T19:30:57+00:00 fixup! Firefox preference overrides. - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -48,6 +48,9 @@ pref("security.nocertdb", true); pref("browser.download.useDownloadDir", false); pref("browser.download.manager.addToRecentDocs", false); +// Prevent download stuffing / DOS (tor-browser#41764) +pref("browser.download.enable_spam_prevention", true); + // Misc privacy: Disk pref("signon.rememberSignons", false); pref("browser.formfill.enable", false); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/2970a44… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/2970a44… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.11.0esr-13.0-1] 12 commits: fixup! Bug 40933: Add tor-launcher functionality
by Pier Angelo Vendrame (＠pierov) 17 May '23

17 May '23

Pier Angelo Vendrame pushed to branch tor-browser-102.11.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: 98e75e48 by Pier Angelo Vendrame at 2023-05-17T10:25:44+02:00 fixup! Bug 40933: Add tor-launcher functionality Added a newnym function - - - - - 74e39196 by Pier Angelo Vendrame at 2023-05-17T10:25:52+02:00 fixup! Bug 10760: Integrate TorButton to TorBrowser core Bug 40938: Moving the domain isolator out of torbutton - - - - - 0f9ea290 by Arthur Edelstein at 2023-05-17T10:25:53+02:00 Bug 3455: Add DomainIsolator, for isolating circuit by domain. Add an XPCOM component that registers a ProtocolProxyChannelFilter which sets the username/password for each web request according to url bar domain. Bug 9442: Add New Circuit button Bug 13766: Set a 10 minute circuit dirty timeout for the catch-all circ. Bug 19206: Include a 128 bit random tag as part of the domain isolator nonce. Bug 19206: Clear out the domain isolator state on `New Identity`. Bug 21201.2: Isolate by firstPartyDomain from OriginAttributes Bug 21745: Fix handling of catch-all circuit Bug 41741: Refactor the domain isolator and new circuit - - - - - 14058280 by Pier Angelo Vendrame at 2023-05-17T10:25:53+02:00 fixup! Bug 3455: Add DomainIsolator, for isolating circuit by domain. Refactors to the old JS code. - - - - - c94c9662 by Pier Angelo Vendrame at 2023-05-17T10:25:53+02:00 fixup! Bug 3455: Add DomainIsolator, for isolating circuit by domain. Manage NEWNYM here. - - - - - 994e4ce2 by Pier Angelo Vendrame at 2023-05-17T10:25:54+02:00 fixup! Bug 3455: Add DomainIsolator, for isolating circuit by domain. Removed the XPCOM definition of the domain isolator. - - - - - bcabee6b by Pier Angelo Vendrame at 2023-05-17T10:25:54+02:00 fixup! Bug 10760: Integrate TorButton to TorBrowser core Extract the new identity button from torbutton - - - - - 16cf26ff by Pier Angelo Vendrame at 2023-05-17T10:36:36+02:00 fixup! Bug 3455: Add DomainIsolator, for isolating circuit by domain. Actually added the new circuit button. - - - - - 39b5273c by Pier Angelo Vendrame at 2023-05-17T10:37:31+02:00 fixup! Bug 41600: Add a tor circuit display panel. Use the new domain isolator interface. - - - - - 9cd44b23 by Pier Angelo Vendrame at 2023-05-17T10:38:45+02:00 fixup! Bug 40209: Implement Basic Crypto Safety Use the new domain isolator interface - - - - - b27d2320 by Pier Angelo Vendrame at 2023-05-17T10:38:48+02:00 fixup! Bug 10760: Integrate TorButton to TorBrowser core Remove string changes from Torbutton. We will add them back in the TorStrings commit. - - - - - 5b547f81 by Pier Angelo Vendrame at 2023-05-17T10:38:49+02:00 fixup! Add TorStrings module for localization Add our DTDs where needed. These changes were originally in the torbutton commit, but I think they are better fit here, with all the strings files. - - - - - 15 changed files: - browser/actors/CryptoSafetyParent.jsm - browser/base/content/appmenu-viewcache.inc.xhtml - browser/base/content/browser-menubar.inc - browser/base/content/browser-sets.inc - browser/base/content/browser.js - browser/base/content/navigator-toolbox.inc.xhtml - browser/components/torcircuit/content/torCircuitPanel.js - + toolkit/components/tor-launcher/TorDomainIsolator.jsm - toolkit/components/tor-launcher/TorProtocolService.jsm - toolkit/components/tor-launcher/TorStartupService.jsm - toolkit/components/tor-launcher/moz.build - toolkit/torbutton/chrome/content/torbutton.js - − toolkit/torbutton/components/domain-isolator.js - toolkit/torbutton/jar.mn - toolkit/torbutton/modules/utils.js Changes: ===================================== browser/actors/CryptoSafetyParent.jsm ===================================== @@ -12,6 +12,12 @@ const { XPCOMUtils } = ChromeUtils.import( "resource://gre/modules/XPCOMUtils.jsm" ); +ChromeUtils.defineModuleGetter( + this, + "TorDomainIsolator", + "resource://gre/modules/TorDomainIsolator.jsm" +); + XPCOMUtils.defineLazyGetter(this, "cryptoSafetyBundle", () => { return Services.strings.createBundle( "chrome://browser/locale/cryptoSafetyPrompt.properties" @@ -75,7 +81,11 @@ class CryptoSafetyParent extends JSWindowActorParent { ); if (buttonPressed === 0) { - this.browsingContext.topChromeWindow.torbutton_new_circuit(); + const { browsingContext } = this.manager; + const browser = browsingContext.embedderElement; + if (browser) { + TorDomainIsolator.newCircuitForBrowser(browser.ownerGlobal.gBrowser); + } } } } ===================================== browser/base/content/appmenu-viewcache.inc.xhtml ===================================== @@ -63,9 +63,9 @@ key="new-identity-key"/> <toolbarbutton id="appMenuNewCircuit" class="subviewbutton" - key="torbutton-new-circuit-key" + key="new-circuit-key" label="&torbutton.context_menu.new_circuit_sentence_case;" - oncommand="torbutton_new_circuit();"/> + oncommand="TorDomainIsolator.newCircuitForBrowser(gBrowser);"/> <toolbarseparator/> <toolbarbutton id="appMenu-bookmarks-button" class="subviewbutton subviewbutton-nav" ===================================== browser/base/content/browser-menubar.inc ===================================== @@ -33,9 +33,9 @@ key="new-identity-key"/> <menuitem id="menu_newCircuit" accesskey="&torbutton.context_menu.new_circuit_key;" - key="torbutton-new-circuit-key" + key="new-circuit-key" label="&torbutton.context_menu.new_circuit;" - oncommand="torbutton_new_circuit();"/> + oncommand="TorDomainIsolator.newCircuitForBrowser(gBrowser);"/> <menuseparator/> <menuitem id="menu_openLocation" hidden="true" ===================================== browser/base/content/browser-sets.inc ===================================== @@ -389,5 +389,5 @@ internal="true"/> #endif <key id="new-identity-key" modifiers="accel shift" key="U" oncommand="NewIdentityButton.onCommand(event)"/> - <key id="torbutton-new-circuit-key" modifiers="accel shift" key="L" oncommand="torbutton_new_circuit()"/> + <key id="new-circuit-key" modifiers="accel shift" key="L" oncommand="TorDomainIsolator.newCircuitForBrowser(gBrowser)"/> </keyset> ===================================== browser/base/content/browser.js ===================================== @@ -80,6 +80,7 @@ XPCOMUtils.defineLazyModuleGetters(this, { TabCrashHandler: "resource:///modules/ContentCrashHandlers.jsm", TelemetryEnvironment: "resource://gre/modules/TelemetryEnvironment.jsm", TorConnect: "resource:///modules/TorConnect.jsm", + TorDomainIsolator: "resource://gre/modules/TorDomainIsolator.jsm", Translation: "resource:///modules/translation/TranslationParent.jsm", UITour: "resource:///modules/UITour.jsm", UpdateUtils: "resource://gre/modules/UpdateUtils.jsm", ===================================== browser/base/content/navigator-toolbox.inc.xhtml ===================================== @@ -557,7 +557,7 @@ <toolbarbutton id="new-circuit-button" class="toolbarbutton-1 chromeclass-toolbar-additional" label="&torbutton.context_menu.new_circuit;" - oncommand="torbutton_new_circuit();" + oncommand="TorDomainIsolator.newCircuitForBrowser(gBrowser);" tooltiptext="&torbutton.context_menu.new_circuit;"/> <toolbarbutton id="fullscreen-button" class="toolbarbutton-1 chromeclass-toolbar-additional" ===================================== browser/components/torcircuit/content/torCircuitPanel.js ===================================== @@ -193,7 +193,7 @@ var gTorCircuitPanel = { document .getElementById("tor-circuit-new-circuit") .addEventListener("command", () => { - torbutton_new_circuit(); + TorDomainIsolator.newCircuitForBrowser(gBrowser); // And hide. // NOTE: focus should return to the toolbar button, which we expect to // remain visible during reload. @@ -415,20 +415,14 @@ var gTorCircuitPanel = { */ _updateCurrentBrowser(matchingCredentials = null) { const browser = gBrowser.selectedBrowser; - const { getDomainForBrowser } = ChromeUtils.import( - "resource://torbutton/modules/utils.js" - ); - const domain = getDomainForBrowser(browser); + const domain = TorDomainIsolator.getDomainForBrowser(browser); // We choose the currentURI, which matches what is shown in the URL bar and // will match up with the domain. // In contrast, documentURI corresponds to the shown page. E.g. it could // point to "about:certerror". const scheme = browser.currentURI?.scheme; - const domainIsolator = Cc["@torproject.org/domain-isolator;1"].getService( - Ci.nsISupports - ).wrappedJSObject; - let credentials = domainIsolator.getSocksProxyCredentials( + let credentials = TorDomainIsolator.getSocksProxyCredentials( domain, browser.contentPrincipal.originAttributes.userContextId ); ===================================== toolkit/components/tor-launcher/TorDomainIsolator.jsm ===================================== @@ -0,0 +1,362 @@ +// A component for Tor Browser that puts requests from different +// first party domains on separate Tor circuits. + +var EXPORTED_SYMBOLS = ["TorDomainIsolator"]; + +const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm"); +const { XPCOMUtils } = ChromeUtils.import( + "resource://gre/modules/XPCOMUtils.jsm" +); +const { ConsoleAPI } = ChromeUtils.import("resource://gre/modules/Console.jsm"); + +Cu.importGlobalProperties(["crypto"]); + +XPCOMUtils.defineLazyServiceGetters(this, { + ProtocolProxyService: [ + "@mozilla.org/network/protocol-proxy-service;1", + "nsIProtocolProxyService", + ], +}); + +ChromeUtils.defineModuleGetter( + this, + "TorProtocolService", + "resource://gre/modules/TorProtocolService.jsm" +); + +const logger = new ConsoleAPI({ + prefix: "TorDomainIsolator", + maxLogLevel: "warn", + maxLogLevelPref: "browser.tordomainisolator.loglevel", +}); + +// The string to use instead of the domain when it is not known. +const CATCHALL_DOMAIN = "--unknown--"; + +// The preference to observe, to know whether isolation should be enabled or +// disabled. +const NON_TOR_PROXY_PREF = "extensions.torbutton.use_nontor_proxy"; + +// The topic of new identity, to observe to cleanup all the nonces. +const NEW_IDENTITY_TOPIC = "new-identity-requested"; + +class TorDomainIsolatorImpl { + // A mutable map that records what nonce we are using for each domain. + #noncesForDomains = new Map(); + + // A mutable map that records what nonce we are using for each tab container. + #noncesForUserContextId = new Map(); + + // A bool that controls if we use SOCKS auth for isolation or not. + #isolationEnabled = true; + + // Specifies when the current catch-all circuit was first used + #catchallDirtySince = Date.now(); + + /** + * Initialize the domain isolator. + * This function will setup the proxy filter that injects the credentials and + * register some observers. + */ + init() { + logger.info("Setup circuit isolation by domain and user context"); + + if (Services.prefs.getBoolPref(NON_TOR_PROXY_PREF)) { + this.#isolationEnabled = false; + } + this.#setupProxyFilter(); + + Services.prefs.addObserver(NON_TOR_PROXY_PREF, this); + Services.obs.addObserver(this, NEW_IDENTITY_TOPIC); + } + + /** + * Removes the observers added in the initialization. + */ + uninit() { + Services.prefs.removeObserver(NON_TOR_PROXY_PREF, this); + Services.obs.removeObserver(this, NEW_IDENTITY_TOPIC); + } + + enable() { + logger.trace("Domain isolation enabled"); + this.#isolationEnabled = true; + } + + disable() { + logger.trace("Domain isolation disabled"); + this.#isolationEnabled = false; + } + + /** + * Return the credentials to use as username and password for the SOCKS proxy, + * given a certain domain and userContextId. Optionally, create them. + * + * @param firstPartyDomain The first party domain associated to the requests + * @param userContextId The context ID associated to the request + * @param create Whether to create the nonce, if it is not available + * @return Either the credential, or null if we do not have them and create is + * false. + */ + getSocksProxyCredentials(firstPartyDomain, userContextId, create = false) { + if (!this.#noncesForDomains.has(firstPartyDomain)) { + if (!create) { + return null; + } + const nonce = this.#nonce(); + logger.info(`New nonce for first party ${firstPartyDomain}: ${nonce}`); + this.#noncesForDomains.set(firstPartyDomain, nonce); + } + if (!this.#noncesForUserContextId.has(userContextId)) { + if (!create) { + return null; + } + const nonce = this.#nonce(); + logger.info(`New nonce for userContextId ${userContextId}: ${nonce}`); + this.#noncesForUserContextId.set(userContextId, nonce); + } + return { + username: this.#makeUsername(firstPartyDomain, userContextId), + password: + this.#noncesForDomains.get(firstPartyDomain) + + this.#noncesForUserContextId.get(userContextId), + }; + } + + /** + * Create a new nonce for the FP domain of the selected browser and reload the + * tab with a new circuit. + * + * @param browser Should be the gBrowser from the context of the caller + */ + newCircuitForBrowser(browser) { + const firstPartyDomain = getDomainForBrowser(browser.selectedBrowser); + this.#newCircuitForDomain(firstPartyDomain); + // TODO: How to properly handle the user context? Should we use + // (domain, userContextId) pairs, instead of concatenating nonces? + browser.reloadWithFlags(Ci.nsIWebNavigation.LOAD_FLAGS_BYPASS_CACHE); + } + + /** + * Clear the isolation state cache, forcing new circuits to be used for all + * subsequent requests. + */ + clearIsolation() { + logger.trace("Clearing isolation nonces."); + + // Per-domain and per contextId nonces are stored in maps, so simply clear + // them. + this.#noncesForDomains.clear(); + this.#noncesForUserContextId.clear(); + + // Force a rotation on the next catch-all circuit use by setting the + // creation time to the epoch. + this.#catchallDirtySince = 0; + } + + async observe(subject, topic, data) { + if (topic === "nsPref:changed" && data === NON_TOR_PROXY_PREF) { + if (Services.prefs.getBoolPref(NON_TOR_PROXY_PREF)) { + this.disable(); + } else { + this.enable(); + } + } else if (topic === NEW_IDENTITY_TOPIC) { + logger.info( + "New identity has been requested, clearing isolation tokens." + ); + this.clearIsolation(); + try { + await TorProtocolService.newnym(); + } catch (e) { + logger.error("Could not send the newnym command", e); + // TODO: What UX to use here? See tor-browser#41708 + } + } + } + + /** + * Setup a filter that for every HTTPChannel, replaces the default SOCKS proxy + * with one that authenticates to the SOCKS server (the tor client process) + * with a username (the first party domain and userContextId) and a nonce + * password. + * Tor provides a separate circuit for each username+password combination. + */ + #setupProxyFilter() { + const filterFunction = (aChannel, aProxy) => { + if (!this.#isolationEnabled) { + return aProxy; + } + try { + const channel = aChannel.QueryInterface(Ci.nsIChannel); + let firstPartyDomain = + channel.loadInfo.originAttributes.firstPartyDomain; + const userContextId = channel.loadInfo.originAttributes.userContextId; + if (firstPartyDomain === "") { + firstPartyDomain = CATCHALL_DOMAIN; + if (Date.now() - this.#catchallDirtySince > 1000 * 10 * 60) { + logger.info( + "tor catchall circuit has been dirty for over 10 minutes. Rotating." + ); + this.#newCircuitForDomain(CATCHALL_DOMAIN); + this.#catchallDirtySince = Date.now(); + } + } + const replacementProxy = this.#applySocksProxyCredentials( + aProxy, + firstPartyDomain, + userContextId + ); + logger.debug( + `Requested ${channel.URI.spec} via ${replacementProxy.username}:${replacementProxy.password}` + ); + return replacementProxy; + } catch (e) { + logger.error("Error while setting a new proxy", e); + return null; + } + }; + + ProtocolProxyService.registerChannelFilter( + { + applyFilter(aChannel, aProxy, aCallback) { + aCallback.onProxyFilterResult(filterFunction(aChannel, aProxy)); + }, + }, + 0 + ); + } + + /** + * Takes a proxyInfo object (originalProxy) and returns a new proxyInfo + * object with the same properties, except the username is set to the + * the domain and userContextId, and the password is a nonce. + */ + #applySocksProxyCredentials(originalProxy, domain, userContextId) { + const proxy = originalProxy.QueryInterface(Ci.nsIProxyInfo); + const { username, password } = this.getSocksProxyCredentials( + domain, + userContextId, + true + ); + return ProtocolProxyService.newProxyInfoWithAuth( + "socks", + proxy.host, + proxy.port, + username, + password, + "", // aProxyAuthorizationHeader + "", // aConnectionIsolationKey + proxy.flags, + proxy.failoverTimeout, + proxy.failoverProxy + ); + } + + /** + * Combine the needed data into a username for the proxy. + */ + #makeUsername(domain, userContextId) { + if (!domain) { + domain = CATCHALL_DOMAIN; + } + return `${domain}:${userContextId}`; + } + + /** + * Generate a new 128 bit random tag. + * + * Strictly speaking both using a cryptographic entropy source and using 128 + * bits of entropy for the tag are likely overkill, as correct behavior only + * depends on how unlikely it is for there to be a collision. + */ + #nonce() { + return Array.from(crypto.getRandomValues(new Uint8Array(16)), byte => + byte.toString(16).padStart(2, "0") + ).join(""); + } + + /** + * Re-generate the nonce for a certain domain. + */ + #newCircuitForDomain(domain) { + if (!domain) { + domain = CATCHALL_DOMAIN; + } + this.#noncesForDomains.set(domain, this.#nonce()); + logger.info( + `New domain isolation for ${domain}: ${this.#noncesForDomains.get( + domain + )}` + ); + } + + /** + * Re-generate the nonce for a userContextId. + * + * Currently, this function is not hooked to anything. + */ + #newCircuitForUserContextId(userContextId) { + this.#noncesForUserContextId.set(userContextId, this.#nonce()); + logger.info( + `New container isolation for ${userContextId}: ${this.#noncesForUserContextId.get( + userContextId + )}` + ); + } +} + +/** + * Get the first party domain for a certain browser. + * + * @param browser The browser to get the FP-domain for. + * + * Please notice that it should be gBrowser.selectedBrowser, because + * browser.documentURI is the actual shown page, and might be an error page. + * In this case, we rely on currentURI, which for gBrowser is an alias of + * gBrowser.selectedBrowser.currentURI. + * See browser/base/content/tabbrowser.js and tor-browser#31562. + */ +function getDomainForBrowser(browser) { + let fpd = browser.contentPrincipal.originAttributes.firstPartyDomain; + + // Bug 31562: For neterror or certerror, get the original URL from + // browser.currentURI and use it to calculate the firstPartyDomain. + const knownErrors = [ + "about:neterror", + "about:certerror", + "about:httpsonlyerror", + ]; + const { documentURI } = browser; + if ( + documentURI && + documentURI.schemeIs("about") && + knownErrors.some(x => documentURI.spec.startsWith(x)) + ) { + const knownSchemes = ["http", "https"]; + const currentURI = browser.currentURI; + if (currentURI && knownSchemes.some(x => currentURI.schemeIs(x))) { + try { + fpd = Services.eTLD.getBaseDomainFromHost(currentURI.host); + } catch (e) { + if ( + e.result === Cr.NS_ERROR_HOST_IS_IP_ADDRESS || + e.result === Cr.NS_ERROR_INSUFFICIENT_DOMAIN_LEVELS + ) { + fpd = currentURI.host; + } else { + logger.error( + `Failed to get first party domain for host ${currentURI.host}`, + e + ); + } + } + } + } + + return fpd; +} + +const TorDomainIsolator = new TorDomainIsolatorImpl(); +// Reduce global vars pollution +TorDomainIsolator.getDomainForBrowser = getDomainForBrowser; ===================================== toolkit/components/tor-launcher/TorProtocolService.jsm ===================================== @@ -4,6 +4,7 @@ var EXPORTED_SYMBOLS = ["TorProtocolService"]; +const { ConsoleAPI } = ChromeUtils.import("resource://gre/modules/Console.jsm"); const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm"); const { setTimeout } = ChromeUtils.import("resource://gre/modules/Timer.jsm"); ChromeUtils.defineModuleGetter( @@ -11,9 +12,6 @@ ChromeUtils.defineModuleGetter( "FileUtils", "resource://gre/modules/FileUtils.jsm" ); -const { XPCOMUtils } = ChromeUtils.import( - "resource://gre/modules/XPCOMUtils.jsm" -); Cu.importGlobalProperties(["crypto"]); @@ -45,18 +43,9 @@ const TorTopics = Object.freeze({ ProcessRestarted: "TorProcessRestarted", }); -// Logger adapted from CustomizableUI.jsm -XPCOMUtils.defineLazyGetter(this, "logger", () => { - const { ConsoleAPI } = ChromeUtils.import( - "resource://gre/modules/Console.jsm" - ); - // TODO: Use a preference to set the log level. - const consoleOptions = { - // maxLogLevel: "warn", - maxLogLevel: "all", - prefix: "TorProtocolService", - }; - return new ConsoleAPI(consoleOptions); +const logger = new ConsoleAPI({ + maxLogLevel: "warn", + prefix: "TorProtocolService", }); // Manage the connection to tor's control port, to update its settings and query @@ -194,6 +183,10 @@ const TorProtocolService = { TorMonitorService.retrieveBootstrapStatus(); }, + async newnym() { + return this.sendCommand("SIGNAL NEWNYM"); + }, + // TODO: transform the following 4 functions in getters. At the moment they // are also used in torbutton. ===================================== toolkit/components/tor-launcher/TorStartupService.jsm ===================================== @@ -33,6 +33,12 @@ ChromeUtils.defineModuleGetter( "resource:///modules/TorSettings.jsm" ); +ChromeUtils.defineModuleGetter( + this, + "TorDomainIsolator", + "resource://gre/modules/TorDomainIsolator.jsm" +); + /* Browser observer topis */ const BrowserTopics = Object.freeze({ ProfileAfterChange: "profile-after-change", @@ -67,12 +73,16 @@ class TorStartupService { TorSettings.init(); TorConnect.init(); + TorDomainIsolator.init(); + gInited = true; } _uninit() { Services.obs.removeObserver(this, BrowserTopics.QuitApplicationGranted); + TorDomainIsolator.uninit(); + // Close any helper connection first... TorProtocolService.uninit(); // ... and only then closes the event monitor connection, which will cause ===================================== toolkit/components/tor-launcher/moz.build ===================================== @@ -1,5 +1,6 @@ EXTRA_JS_MODULES += [ "TorBootstrapRequest.jsm", + "TorDomainIsolator.jsm", "TorLauncherUtil.jsm", "TorMonitorService.jsm", "TorParsers.jsm", ===================================== toolkit/torbutton/chrome/content/torbutton.js ===================================== @@ -1,6 +1,5 @@ // window globals var torbutton_init; -var torbutton_new_circuit; (() => { // Bug 1506 P1-P5: This is the main Torbutton overlay file. Much needs to be @@ -16,9 +15,7 @@ var torbutton_new_circuit; let { unescapeTorString, - getDomainForBrowser, torbutton_log, - torbutton_get_property_string, } = ChromeUtils.import("resource://torbutton/modules/utils.js"); let { configureControlPortModule, wait_for_controller } = ChromeUtils.import( "resource://torbutton/modules/tor-control-port.js" @@ -46,32 +43,22 @@ var torbutton_new_circuit; // in a component, not the XUL overlay. var torbutton_unique_pref_observer = { register() { - this.forced_ua = false; - m_tb_prefs.addObserver("extensions.torbutton", this); - m_tb_prefs.addObserver("browser.privatebrowsing.autostart", this); - m_tb_prefs.addObserver("javascript", this); + Services.prefs.addObserver("browser.privatebrowsing.autostart", this); }, unregister() { - m_tb_prefs.removeObserver("extensions.torbutton", this); - m_tb_prefs.removeObserver("browser.privatebrowsing.autostart", this); - m_tb_prefs.removeObserver("javascript", this); + Services.prefs.removeObserver("browser.privatebrowsing.autostart", this); }, // topic: what event occurred // subject: what nsIPrefBranch we're observing // data: which pref has been changed (relative to subject) observe(subject, topic, data) { - if (topic !== "nsPref:changed") { - return; - } - switch (data) { - case "browser.privatebrowsing.autostart": - torbutton_update_disk_prefs(); - break; - case "extensions.torbutton.use_nontor_proxy": - torbutton_use_nontor_proxy(); - break; + if ( + topic === "nsPref:changed" && + data === "browser.privatebrowsing.autostart" + ) { + torbutton_update_disk_prefs(); } }, }; @@ -113,62 +100,6 @@ var torbutton_new_circuit; }, }; - var torbutton_new_identity_observers = { - register() { - Services.obs.addObserver(this, "new-identity-requested"); - }, - - observe(aSubject, aTopic, aData) { - if (aTopic !== "new-identity-requested") { - return; - } - - // Clear the domain isolation state. - torbutton_log(3, "Clearing domain isolator"); - const domainIsolator = Cc["@torproject.org/domain-isolator;1"].getService( - Ci.nsISupports - ).wrappedJSObject; - domainIsolator.clearIsolation(); - - torbutton_log(3, "New Identity: Sending NEWNYM"); - // We only support TBB for newnym. - if ( - !m_tb_control_pass || - (!m_tb_control_ipc_file && !m_tb_control_port) - ) { - const warning = torbutton_get_property_string( - "torbutton.popup.no_newnym" - ); - torbutton_log( - 5, - "Torbutton cannot safely newnym. It does not have access to the Tor Control Port." - ); - window.alert(warning); - } else { - const warning = torbutton_get_property_string( - "torbutton.popup.no_newnym" - ); - torbutton_send_ctrl_cmd("SIGNAL NEWNYM") - .then(res => { - if (!res) { - torbutton_log( - 5, - "Torbutton was unable to request a new circuit from Tor" - ); - window.alert(warning); - } - }) - .catch(e => { - torbutton_log( - 5, - "Torbutton was unable to request a new circuit from Tor " + e - ); - window.alert(warning); - }); - } - }, - }; - // Bug 1506 P2-P4: This code sets some version variables that are irrelevant. // It does read out some important environment variables, though. It is // called once per browser window.. This might belong in a component. @@ -258,8 +189,6 @@ var torbutton_new_circuit; true ); - torbutton_new_identity_observers.register(); - torbutton_log(3, "init completed"); }; @@ -374,36 +303,6 @@ var torbutton_new_circuit; return response; } - // Bug 1506 P4: Needed for New IP Address - torbutton_new_circuit = function() { - let firstPartyDomain = getDomainForBrowser(gBrowser.selectedBrowser); - - let domainIsolator = Cc["@torproject.org/domain-isolator;1"].getService( - Ci.nsISupports - ).wrappedJSObject; - - domainIsolator.newCircuitForDomain(firstPartyDomain); - - gBrowser.reloadWithFlags(Ci.nsIWebNavigation.LOAD_FLAGS_BYPASS_CACHE); - }; - - /* Called when we switch the use_nontor_proxy pref in either direction. - * - * Enables/disables domain isolation and then does new identity - */ - function torbutton_use_nontor_proxy() { - let domainIsolator = Cc["@torproject.org/domain-isolator;1"].getService( - Ci.nsISupports - ).wrappedJSObject; - - if (m_tb_prefs.getBoolPref("extensions.torbutton.use_nontor_proxy")) { - // Disable domain isolation - domainIsolator.disableIsolation(); - } else { - domainIsolator.enableIsolation(); - } - } - async function torbutton_do_tor_check() { let checkSvc = Cc["@torproject.org/torbutton-torCheckService;1"].getService( Ci.nsISupports ===================================== toolkit/torbutton/components/domain-isolator.js deleted ===================================== @@ -1,312 +0,0 @@ -// # domain-isolator.js -// A component for TorBrowser that puts requests from different -// first party domains on separate tor circuits. - -// This file is written in call stack order (later functions -// call earlier functions). The code file can be processed -// with docco.js to provide clear documentation. - -// ### Abbreviations - -const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm"); -const { XPCOMUtils } = ChromeUtils.import( - "resource://gre/modules/XPCOMUtils.jsm" -); - -XPCOMUtils.defineLazyModuleGetters(this, { - ComponentUtils: "resource://gre/modules/ComponentUtils.jsm", -}); - -// Make the logger available. -let logger = Cc["@torproject.org/torbutton-logger;1"].getService(Ci.nsISupports) - .wrappedJSObject; - -// Import crypto object (FF 37+). -Cu.importGlobalProperties(["crypto"]); - -// ## mozilla namespace. -// Useful functionality for interacting with Mozilla services. -let mozilla = {}; - -// __mozilla.protocolProxyService__. -// Mozilla's protocol proxy service, useful for managing proxy connections made -// by the browser. -mozilla.protocolProxyService = Cc[ - "@mozilla.org/network/protocol-proxy-service;1" -].getService(Ci.nsIProtocolProxyService); - -// __mozilla.registerProxyChannelFilter(filterFunction, positionIndex)__. -// Registers a proxy channel filter with the Mozilla Protocol Proxy Service, -// which will help to decide the proxy to be used for a given channel. -// The filterFunction should expect two arguments, (aChannel, aProxy), -// where aProxy is the proxy or list of proxies that would be used by default -// for the given channel, and should return a new Proxy or list of Proxies. -mozilla.registerProxyChannelFilter = function(filterFunction, positionIndex) { - let proxyFilter = { - applyFilter(aChannel, aProxy, aCallback) { - aCallback.onProxyFilterResult(filterFunction(aChannel, aProxy)); - }, - }; - mozilla.protocolProxyService.registerChannelFilter( - proxyFilter, - positionIndex - ); -}; - -// ## tor functionality. -let tor = {}; - -// __tor.noncesForDomains__. -// A mutable map that records what nonce we are using for each domain. -tor.noncesForDomains = new Map(); - -// __tor.noncesForUserContextId__. -// A mutable map that records what nonce we are using for each tab container. -tor.noncesForUserContextId = new Map(); - -// __tor.isolationEabled__. -// A bool that controls if we use SOCKS auth for isolation or not. -tor.isolationEnabled = true; - -// __tor.unknownDirtySince__. -// Specifies when the current catch-all circuit was first used -tor.unknownDirtySince = Date.now(); - -tor.passwordForDomainAndUserContextId = function( - domain, - userContextId, - create -) { - // Check if we already have a nonce. If not, possibly create one for this - // domain and userContextId. - if (!tor.noncesForDomains.has(domain)) { - if (!create) { - return null; - } - tor.noncesForDomains.set(domain, tor.nonce()); - } - if (!tor.noncesForUserContextId.has(userContextId)) { - if (!create) { - return null; - } - tor.noncesForUserContextId.set(userContextId, tor.nonce()); - } - return ( - tor.noncesForDomains.get(domain) + - tor.noncesForUserContextId.get(userContextId) - ); -}; - -tor.usernameForDomainAndUserContextId = function(domain, userContextId) { - return `${domain}:${userContextId}`; -}; - -// __tor.socksProxyCredentials(originalProxy, domain, userContextId)__. -// Takes a proxyInfo object (originalProxy) and returns a new proxyInfo -// object with the same properties, except the username is set to the -// the domain and userContextId, and the password is a nonce. -tor.socksProxyCredentials = function(originalProxy, domain, userContextId) { - let proxy = originalProxy.QueryInterface(Ci.nsIProxyInfo); - let proxyUsername = tor.usernameForDomainAndUserContextId( - domain, - userContextId - ); - let proxyPassword = tor.passwordForDomainAndUserContextId( - domain, - userContextId, - true - ); - return mozilla.protocolProxyService.newProxyInfoWithAuth( - "socks", - proxy.host, - proxy.port, - proxyUsername, - proxyPassword, - "", // aProxyAuthorizationHeader - "", // aConnectionIsolationKey - proxy.flags, - proxy.failoverTimeout, - proxy.failoverProxy - ); -}; - -tor.nonce = function() { - // Generate a new 128 bit random tag. Strictly speaking both using a - // cryptographic entropy source and using 128 bits of entropy for the - // tag are likely overkill, as correct behavior only depends on how - // unlikely it is for there to be a collision. - let tag = new Uint8Array(16); - crypto.getRandomValues(tag); - - // Convert the tag to a hex string. - let tagStr = ""; - for (let i = 0; i < tag.length; i++) { - tagStr += (tag[i] >>> 4).toString(16); - tagStr += (tag[i] & 0x0f).toString(16); - } - - return tagStr; -}; - -tor.newCircuitForDomain = function(domain) { - // Re-generate the nonce for the domain. - if (domain === "") { - domain = "--unknown--"; - } - tor.noncesForDomains.set(domain, tor.nonce()); - logger.eclog( - 3, - `New domain isolation for ${domain}: ${tor.noncesForDomains.get(domain)}` - ); -}; - -tor.newCircuitForUserContextId = function(userContextId) { - // Re-generate the nonce for the context. - tor.noncesForUserContextId.set(userContextId, tor.nonce()); - logger.eclog( - 3, - `New container isolation for ${userContextId}: ${tor.noncesForUserContextId.get( - userContextId - )}` - ); -}; - -// __tor.clearIsolation()_. -// Clear the isolation state cache, forcing new circuits to be used for all -// subsequent requests. -tor.clearIsolation = function() { - // Per-domain and per contextId nonces are stored in maps, so simply clear them. - tor.noncesForDomains.clear(); - tor.noncesForUserContextId.clear(); - - // Force a rotation on the next catch-all circuit use by setting the creation - // time to the epoch. - tor.unknownDirtySince = 0; -}; - -// __tor.isolateCircuitsByDomain()__. -// For every HTTPChannel, replaces the default SOCKS proxy with one that authenticates -// to the SOCKS server (the tor client process) with a username (the first party domain -// and userContextId) and a nonce password. Tor provides a separate circuit for each -// username+password combination. -tor.isolateCircuitsByDomain = function() { - mozilla.registerProxyChannelFilter(function(aChannel, aProxy) { - if (!tor.isolationEnabled) { - return aProxy; - } - try { - let channel = aChannel.QueryInterface(Ci.nsIChannel), - firstPartyDomain = channel.loadInfo.originAttributes.firstPartyDomain, - userContextId = channel.loadInfo.originAttributes.userContextId; - if (firstPartyDomain === "") { - firstPartyDomain = "--unknown--"; - if (Date.now() - tor.unknownDirtySince > 1000 * 10 * 60) { - logger.eclog( - 3, - "tor catchall circuit has been dirty for over 10 minutes. Rotating." - ); - tor.newCircuitForDomain("--unknown--"); - tor.unknownDirtySince = Date.now(); - } - } - let replacementProxy = tor.socksProxyCredentials( - aProxy, - firstPartyDomain, - userContextId - ); - logger.eclog( - 3, - `tor SOCKS: ${channel.URI.spec} via - ${replacementProxy.username}:${replacementProxy.password}` - ); - return replacementProxy; - } catch (e) { - logger.eclog(4, `tor domain isolator error: ${e.message}`); - return null; - } - }, 0); -}; - -// ## XPCOM component construction. -// Module specific constants -const kMODULE_NAME = "TorBrowser Domain Isolator"; -const kMODULE_CONTRACTID = "@torproject.org/domain-isolator;1"; -const kMODULE_CID = Components.ID("e33fd6d4-270f-475f-a96f-ff3140279f68"); - -// DomainIsolator object. -function DomainIsolator() { - this.wrappedJSObject = this; -} - -// Firefox component requirements -DomainIsolator.prototype = { - QueryInterface: ChromeUtils.generateQI([Ci.nsIObserver]), - classDescription: kMODULE_NAME, - classID: kMODULE_CID, - contractID: kMODULE_CONTRACTID, - observe(subject, topic, data) { - if (topic === "profile-after-change") { - logger.eclog(3, "domain isolator: set up isolating circuits by domain"); - - if (Services.prefs.getBoolPref("extensions.torbutton.use_nontor_proxy")) { - tor.isolationEnabled = false; - } - tor.isolateCircuitsByDomain(); - } - }, - - newCircuitForDomain(domain) { - tor.newCircuitForDomain(domain); - }, - - /** - * Return the stored SOCKS proxy username and password for the given domain - * and user context ID. - * - * @param {string} firstPartyDomain - The domain to lookup credentials for. - * @param {integer} userContextId - The ID for the user context. - * - * @return {{ username: string, password: string }?} - The SOCKS credentials, - * or null if none are found. - */ - getSocksProxyCredentials(firstPartyDomain, userContextId) { - if (firstPartyDomain == "") { - firstPartyDomain = "--unknown--"; - } - let proxyPassword = tor.passwordForDomainAndUserContextId( - firstPartyDomain, - userContextId, - // Do not create a new entry if it does not exist. - false - ); - if (!proxyPassword) { - return null; - } - return { - username: tor.usernameForDomainAndUserContextId( - firstPartyDomain, - userContextId - ), - password: proxyPassword, - }; - }, - - enableIsolation() { - tor.isolationEnabled = true; - }, - - disableIsolation() { - tor.isolationEnabled = false; - }, - - clearIsolation() { - tor.clearIsolation(); - }, - - wrappedJSObject: null, -}; - -// Assign factory to global object. -const NSGetFactory = XPCOMUtils.generateNSGetFactory - ? XPCOMUtils.generateNSGetFactory([DomainIsolator]) - : ComponentUtils.generateNSGetFactory([DomainIsolator]); ===================================== toolkit/torbutton/jar.mn ===================================== @@ -43,9 +43,5 @@ torbutton.jar: % component {f36d72c9-9718-4134-b550-e109638331d7} %components/torbutton-logger.js % contract @torproject.org/torbutton-logger;1 {f36d72c9-9718-4134-b550-e109638331d7} -% component {e33fd6d4-270f-475f-a96f-ff3140279f68} %components/domain-isolator.js -% contract @torproject.org/domain-isolator;1 {e33fd6d4-270f-475f-a96f-ff3140279f68} - % category profile-after-change StartupObserver @torproject.org/startup-observer;1 -% category profile-after-change DomainIsolator @torproject.org/domain-isolator;1 % category profile-after-change DragDropFilter @torproject.org/torbutton-dragDropFilter;1 ===================================== toolkit/torbutton/modules/utils.js ===================================== @@ -213,45 +213,6 @@ var unescapeTorString = function(str) { return _torControl._strUnescape(str); }; -var getFPDFromHost = hostname => { - try { - return Services.eTLD.getBaseDomainFromHost(hostname); - } catch (e) { - if ( - e.result == Cr.NS_ERROR_HOST_IS_IP_ADDRESS || - e.result == Cr.NS_ERROR_INSUFFICIENT_DOMAIN_LEVELS - ) { - return hostname; - } - } - return null; -}; - -// Assuming this is called with gBrowser.selectedBrowser -var getDomainForBrowser = browser => { - let fpd = browser.contentPrincipal.originAttributes.firstPartyDomain; - // Bug 31562: For neterror or certerror, get the original URL from - // browser.currentURI and use it to calculate the firstPartyDomain. - let knownErrors = [ - "about:neterror", - "about:certerror", - "about:httpsonlyerror", - ]; - let documentURI = browser.documentURI; - if ( - documentURI && - documentURI.schemeIs("about") && - knownErrors.some(x => documentURI.spec.startsWith(x)) - ) { - let knownSchemes = ["http", "https", "ftp"]; - let currentURI = browser.currentURI; - if (currentURI && knownSchemes.some(x => currentURI.schemeIs(x))) { - fpd = getFPDFromHost(currentURI.host) || fpd; - } - } - return fpd; -}; - var m_tb_torlog = Cc["@torproject.org/torbutton-logger;1"].getService( Ci.nsISupports ).wrappedJSObject; @@ -310,7 +271,6 @@ let EXPORTED_SYMBOLS = [ "bindPrefAndInit", "getEnv", "getLocale", - "getDomainForBrowser", "getPrefValue", "observe", "showDialog", View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/ff98f1… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/ff98f1… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new branch tor-browser-102.11.0esr-13.0-1
by Pier Angelo Vendrame (＠pierov) 17 May '23

17 May '23

Pier Angelo Vendrame pushed new branch tor-browser-102.11.0esr-13.0-1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-102.11.0esr-12.5-1] fixup! Bug 4234: Use the Firefox Update Process for Base Browser.
by Pier Angelo Vendrame (＠pierov) 17 May '23

17 May '23

Pier Angelo Vendrame pushed to branch base-browser-102.11.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: cdb91f71 by Pier Angelo Vendrame at 2023-05-17T08:31:37+02:00 fixup! Bug 4234: Use the Firefox Update Process for Base Browser. Bug 41775: Avoid re-defining some macros in nsUpdateDriver.cpp. They are already defined in toolkit/xre/nsUpdateDriver.h. - - - - - 1 changed file: - toolkit/xre/nsUpdateDriver.cpp Changes: ===================================== toolkit/xre/nsUpdateDriver.cpp ===================================== @@ -64,16 +64,6 @@ static LazyLogModule sUpdateLog("updatedriver"); #endif #define LOG(args) MOZ_LOG(sUpdateLog, mozilla::LogLevel::Debug, args) -#ifdef XP_WIN -# define UPDATER_BIN "updater.exe" -# define MAINTENANCE_SVC_NAME L"MozillaMaintenance" -#elif XP_MACOSX -# define UPDATER_APP "updater.app" -# define UPDATER_BIN "org.mozilla.updater" -#else -# define UPDATER_BIN "updater" -#endif - #ifdef XP_MACOSX static void UpdateDriverSetupMacCommandLine(int& argc, char**& argv, bool restart) { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/cdb91f7… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/cdb91f7… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.11.0esr-12.5-1] fixup! Bug 4234: Use the Firefox Update Process for Base Browser.
by Pier Angelo Vendrame (＠pierov) 17 May '23

17 May '23

Pier Angelo Vendrame pushed to branch tor-browser-102.11.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: ff98f1b1 by Pier Angelo Vendrame at 2023-05-11T11:15:17+02:00 fixup! Bug 4234: Use the Firefox Update Process for Base Browser. Bug 41775: Avoid re-defining some macros in nsUpdateDriver.cpp. They are already defined in toolkit/xre/nsUpdateDriver.h. - - - - - 1 changed file: - toolkit/xre/nsUpdateDriver.cpp Changes: ===================================== toolkit/xre/nsUpdateDriver.cpp ===================================== @@ -64,16 +64,6 @@ static LazyLogModule sUpdateLog("updatedriver"); #endif #define LOG(args) MOZ_LOG(sUpdateLog, mozilla::LogLevel::Debug, args) -#ifdef XP_WIN -# define UPDATER_BIN "updater.exe" -# define MAINTENANCE_SVC_NAME L"MozillaMaintenance" -#elif XP_MACOSX -# define UPDATER_APP "updater.app" -# define UPDATER_BIN "org.mozilla.updater" -#else -# define UPDATER_BIN "updater" -#endif - #ifdef XP_MACOSX static void UpdateDriverSetupMacCommandLine(int& argc, char**& argv, bool restart) { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/ff98f1b… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/ff98f1b… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] 2 commits: Update rbm for rbm#40018, rbm#40051 and rbm#40052
by boklm (＠boklm) 17 May '23

17 May '23

boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 9ce60dc8 by Nicolas Vigier at 2023-05-17T08:10:13+02:00 Update rbm for rbm#40018, rbm#40051 and rbm#40052 - - - - - c9d42e1a by Nicolas Vigier at 2023-05-17T08:10:18+02:00 Bug 40849: Use `go mod vendor` to fetch go dependencies Update conjure, webtunnel, obfs4 and snowflake to use `go mod vendor` to fetch dependencies. We still have some go module projects, for dependencies of projects/ncprop279/config, which doesn't have a `go.sum` file yet. - - - - - 30 changed files: - Makefile - + doc/how-to-update-go-dependencies.txt - − projects/agouti/config - − projects/andybalholm-brotli/config - projects/browser/config - − projects/bsbuffer/config - projects/conjure/build - projects/conjure/config - − projects/edwards25519-extra/config - − projects/edwards25519/config - − projects/go-cmp/config - − projects/go-difflib/config - − projects/go-spew/config - projects/go/config - − projects/gocheck/config - − projects/goerrors/config - − projects/gomock/config - − projects/goprotobuf/config - − projects/goptlib/config - − projects/gotapdance/config - − projects/goxtext/config - − projects/goxxerrors/config - − projects/goyaml/config - − projects/kcp-go/config - − projects/klauspost-compress/config - − projects/logrus/config - projects/ncdns/build - projects/ncprop279/build - − projects/obfs4-lib/config - projects/obfs4/build The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/rbm][main] 3 commits: Bug 40051: Fix test after change of default value for compress_tar
by boklm (＠boklm) 17 May '23

17 May '23

boklm pushed to branch main at The Tor Project / Applications / RBM Commits: 27a89ca5 by Nicolas Vigier at 2023-05-08T18:06:36+02:00 Bug 40051: Fix test after change of default value for compress_tar Default value for compress_tar was changed in a91d4653cb5f66d86fd4d306c564161acfd6fa79. - - - - - 60c5aff5 by Nicolas Vigier at 2023-05-17T08:03:40+02:00 Bug 40018: Add target_replace option in input_files - - - - - 37c204c3 by Nicolas Vigier at 2023-05-17T08:03:43+02:00 Bug 40052: Allow setting sha256sum as norec - - - - - 6 changed files: - doc/rbm_input_files.asc - lib/RBM.pm - test.pl - + test/projects/change-targets/config - test/projects/mozmill-automation/config - test/rbm.conf Changes: ===================================== doc/rbm_input_files.asc ===================================== @@ -92,6 +92,12 @@ target_prepend:: The same as +target+, but instead of replacing the current targets, the new targets are prepended. +target_replace:: + A hash table containing targets to replace. The key is a regular + expression, and the value the replacement. See +perlre+ manual + page for details about the syntax. Note that referencing capture + groups in the replacement is currently not supported. + enable:: The files are enabled by default. If this option is set to 0, then the file is ignored. ===================================== lib/RBM.pm ===================================== @@ -779,7 +779,7 @@ sub input_file_need_dl { my ($input_file, $t, $fname, $action) = @_; return undef if $action eq 'getfpaths'; if ($fname - && $input_file->{sha256sum} + && ($input_file->{sha256sum} || $input_file->{norec}{sha256sum}) && $t->('sha256sum') ne sha256file($fname)) { sha256file($fname, { remove_cache => 1 }); $fname = undef; @@ -787,6 +787,7 @@ sub input_file_need_dl { if ($action eq 'input_files_id') { return undef if $input_file->{input_file_id}; return undef if $input_file->{sha256sum}; + return undef if $input_file->{norec}{sha256sum}; return undef if $input_file->{exec}; return undef if $fname; return 1 if $input_file->{URL}; @@ -810,7 +811,9 @@ sub input_file_id { my ($input_file, $t, $fname, $filename) = @_; return $t->('input_file_id') if $input_file->{input_file_id}; return $input_file->{project} . ':' . $filename if $input_file->{project}; - return $filename . ':' . $t->('sha256sum') if $input_file->{sha256sum}; + if ($input_file->{sha256sum} || $input_file->{norec}{sha256sum}) { + return $filename . ':' . $t->('sha256sum'); + } my $opts = { norec => { output_dir => '/out', getting_id => 1, }}; return $filename . ':' . sha256_hex($t->('exec', $opts)) if $input_file->{exec}; @@ -898,13 +901,18 @@ sub input_files { next; } if ($input_file->{target} || $input_file->{target_append} - || $input_file->{target_prepend}) { + || $input_file->{target_prepend} + || $input_file->{target_replace}) { $input_file = { %$input_file }; foreach my $t (qw/target target_append target_prepend/) { if ($input_file->{$t} && ref $input_file->{$t} ne 'ARRAY') { exit_error("$t should be an ARRAY:\n" . pp($input_file)); } } + if ($input_file->{target_replace} && + ref $input_file->{target_replace} ne 'HASH') { + exit_error("target_replace should be a HASH\n" . pp($input_file)); + } if ($input_file->{target}) { $input_file->{target} = process_template_opt($project, $input_file->{target}, $options); @@ -923,6 +931,14 @@ sub input_files { $input_file->{target_append}, $options) } ]; } + if ($input_file->{target_replace}) { + foreach my $pattern (keys %{$input_file->{target_replace}}) { + my $subst = $input_file->{target_replace}{$pattern}; + $input_file->{target} = [ + map { s/$pattern/$subst/r } @{$input_file->{target}} + ]; + } + } } if ($action eq 'getfnames') { my $getfnames_name; ===================================== test.pl ===================================== @@ -1,7 +1,7 @@ #!/usr/bin/perl -w use strict; use Path::Tiny; -use Test::More tests => 40; +use Test::More tests => 41; use lib 'lib/'; sub set_target { @@ -220,6 +220,14 @@ my @tests = ( 'out/r3' => "1 - build\n2 - build\n3 - build\n", }, }, + { + name => 'multi-steps build with changing targets', + target => [ 'target_a' ], + build => [ 'change-targets', 'build', { pkg_type => 'build' } ], + files => { + 'out/change-targets.txt' => "no\nz\ntta\n", + }, + }, { name => 'build project in a module', target => [], ===================================== test/projects/change-targets/config ===================================== @@ -0,0 +1,49 @@ +# vim: filetype=yaml sw=2 + +targets: + tt_a: + option_a: 'tta' + + +steps: + + build: + filename: change-targets.txt + build: | + #!/bin/sh + cat preptarget.txt replacetarget-1.txt replacetarget-2.txt > [% dest_dir %]/[% c('filename') %] + input_files: + - name: preptarget + refresh_input: 1 + project: change-targets + pkg_type: preptarget + target_prepend: + - target_b + - name: replacetarget + r: 1 + refresh_input: 1 + project: change-targets + pkg_type: replacetarget + target_replace: + '^target_a$': target_z + - name: replacetarget + r: 2 + refresh_input: 1 + project: change-targets + pkg_type: replacetarget + target_replace: + '^target_.*$': 'tt_a' + + preptarget: + filename: preptarget.txt + preptarget: | + #!/bin/sh + echo [% c('option_a') %] > [% dest_dir %]/[% c('filename') %] + input_files: [] + + replacetarget: + filename: 'replacetarget-[% c("r") %].txt' + replacetarget: | + #!/bin/sh + echo [% c('option_a') %] > [% dest_dir %]/[% c('filename') %] + input_files: [] ===================================== test/projects/mozmill-automation/config ===================================== @@ -1,6 +1,7 @@ version: '[% c("abbrev") %]' hg_url: https://hg.mozilla.org/qa/mozmill-automation/ hg_hash: bbad7215c713 +compress_tar: '' t: '[% sha256(exec("cat testrun_remote.py")) %]' build: | #!/bin/sh ===================================== test/rbm.conf ===================================== @@ -15,6 +15,8 @@ targets: - target_c - target_a - target_b + target_z: + option_a: z steps: rpm: option_rpm: 1 View it on GitLab: https://gitlab.torproject.org/tpo/applications/rbm/-/compare/bf35e085111a6f… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/rbm/-/compare/bf35e085111a6f… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new branch base-browser-115.0a1-13.0-1
by Pier Angelo Vendrame (＠pierov) 16 May '23

16 May '23

Pier Angelo Vendrame pushed new branch base-browser-115.0a1-13.0-1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/base-brow… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] 4 commits: Bug 32355: binutils: Add linux-cross target
by boklm (＠boklm) 15 May '23

15 May '23

boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 1f881995 by JeremyRand at 2023-05-15T11:34:26+00:00 Bug 32355: binutils: Add linux-cross target - - - - - eb83bb70 by Jeremy Rand at 2023-05-15T11:34:26+00:00 Bug 32355: gcc: Add linux-arm target - - - - - 25d02d5d by JeremyRand at 2023-05-15T11:34:26+00:00 Bug 32355: openssl: Add linux-arm target - - - - - 225f00eb by Jeremy Rand at 2023-05-15T11:34:26+00:00 Bug 32355: gcc: Add osname to output filename Makes it easier to tell which outputs are for linux-cross. - - - - - 5 changed files: - projects/binutils/build - projects/binutils/config - projects/gcc/build - projects/gcc/config - projects/openssl/config Changes: ===================================== projects/binutils/build ===================================== @@ -23,7 +23,11 @@ cd [% project %]-[% c("version") %] make -j[% c("num_procs") %] MAKEINFO=true make install MAKEINFO=true -[% IF c("var/linux") %] +# gold is disabled for linux-cross, because of +# https://sourceware.org/bugzilla/show_bug.cgi?id=14995 +# Once we upgrade to glibc 2.26, we might be able to enable gold for +# linux-cross. +[% IF c("var/linux") && ! c("var/linux-cross") %] # Make sure gold is used with the hardening wrapper for full RELRO, see #13031. cd $distdir/bin rm ld ===================================== projects/binutils/config ===================================== @@ -10,6 +10,11 @@ targets: windows: var: configure_opt: '--target=[% c("arch") %]-w64-mingw32 --disable-multilib --enable-deterministic-archives' + linux-cross: + var: + # gold is disabled on cross-compiles until we upgrade to glibc 2.26 and + # binutils 2.28 + configure_opt: '--target=[% c("var/crosstarget") %] --disable-multilib --enable-deterministic-archives --enable-plugins' input_files: - URL: https://ftp.gnu.org/gnu/binutils/binutils-[% c("version") %].tar.xz ===================================== projects/gcc/build ===================================== @@ -16,11 +16,85 @@ # https://gcc.gnu.org/bugzilla/show_bug.cgi?id=48817. export DEB_BUILD_HARDENING_FORMAT=0 [% END -%] -distdir=/var/tmp/dist/[% project %] +distdir=/var/tmp/dist/[% c("var/distdir") %] mkdir /var/tmp/build -tar -C /var/tmp/build -xf $rootdir/[% c('input_files_by_name/gcc') %] -cd /var/tmp/build/[% project %]-[% c("version") %] -./configure --prefix=$distdir [% c("var/configure_opt") %] + +[% IF c("var/linux-cross") -%] + + # Install binutils (needed for cross-compiling) + mkdir /var/tmp/dist + cd /var/tmp/dist + tar xf $rootdir/[% c('input_files_by_name/binutils') %] + mv binutils $distdir + export PATH="$distdir/bin:$PATH" + + # Install Linux headers, see Step 2 of + # https://preshing.com/20141119/how-to-build-a-gcc-cross-compiler/ + # Doing this before gcc configure is intended to solve a limits.h issue + cd /var/tmp/build + mkdir linux + cd linux + tar -xJf $rootdir/linux-[% c("var/linux_version") %].tar.xz + cd linux-[% c("var/linux_version") %] + make ARCH=[% c("arch") %] INSTALL_HDR_PATH=$distdir/[% c("var/crosstarget") %] headers_install + + cd /var/tmp/build + mkdir gcc + cd gcc + tar -xJf $rootdir/[% c('input_files_by_name/gcc') %] + # --with-headers is intended to solve a limits.h issue + [% project %]-[% c("version") %]/configure --prefix=$distdir --with-headers=$distdir/[% c("var/crosstarget") %]/include/linux [% c("var/configure_opt") %] + + # For cross-compiling to work, we need to partially build GCC, then build + # glibc, then come back to finish GCC. + + # Build only the components of GCC that don't need glibc, see Step 3 of + # https://preshing.com/20141119/how-to-build-a-gcc-cross-compiler/ + cd /var/tmp/build/gcc + make -j[% c("num_procs") %] all-gcc + make install-gcc + # Removing sys-include is intended to solve a limits.h issue + rm --recursive --force $distdir/[% c("var/crosstarget") %]/sys-include + + # Build glibc headers and startup files, see Step 4 of + # https://preshing.com/20141119/how-to-build-a-gcc-cross-compiler/ + cd /var/tmp/build + mkdir glibc + cd glibc + tar -xJf $rootdir/glibc-[% c("var/glibc_version") %].tar.xz + # TODO: Remove --disable-werror once glibc is upgraded to a version that's + # designed to work with the GCC version we're using. + glibc-[% c("var/glibc_version") %]/configure --prefix=$distdir/[% c("var/crosstarget") %] --build=$MACHTYPE --host=[% c("var/crosstarget") %] --target=[% c("var/crosstarget") %] --with-headers=$distdir/[% c("var/crosstarget") %]/include --disable-multilib --disable-werror libc_cv_forced_unwind=yes + make install-bootstrap-headers=yes install-headers + make -j[% c("num_procs") %] csu/subdir_lib + install csu/crt1.o csu/crti.o csu/crtn.o $distdir/[% c("var/crosstarget") %]/lib + [% c("var/crosstarget") %]-gcc -nostdlib -nostartfiles -shared -x c /dev/null -o $distdir/[% c("var/crosstarget") %]/lib/libc.so + # stdio_lim.h is intended to solve a limits.h issue + touch $distdir/[% c("var/crosstarget") %]/include/gnu/stubs.h $distdir/[% c("var/crosstarget") %]/include/bits/stdio_lim.h + + # Build compiler support library, see Step 5 of + # https://preshing.com/20141119/how-to-build-a-gcc-cross-compiler/ + cd /var/tmp/build/gcc + make -j[% c("num_procs") %] all-target-libgcc + make install-target-libgcc + + # finish building glibc, see Step 6 of + # https://preshing.com/20141119/how-to-build-a-gcc-cross-compiler/ + cd /var/tmp/build/glibc + make -j[% c("num_procs") %] + make install + + # We're done with glibc, we can now finish building gcc... + cd /var/tmp/build/gcc + +[% ELSE -%] + + tar -C /var/tmp/build -xf $rootdir/[% c('input_files_by_name/gcc') %] + cd /var/tmp/build/[% project %]-[% c("version") %] + ./configure --prefix=$distdir [% c("var/configure_opt") %] + +[% END -%] + make -j[% c("num_procs") %] make install # tor-browser-build#31321: we need a link to our GCC, to prevent some projects @@ -28,6 +102,6 @@ make install ln -s gcc $distdir/bin/cc cd /var/tmp/dist [% c('tar', { - tar_src => [ project ], + tar_src => [ c('var/distdir') ], tar_args => '-czf ' _ dest_dir _ '/' _ c('filename'), }) %] ===================================== projects/gcc/config ===================================== @@ -1,5 +1,5 @@ # vim: filetype=yaml sw=2 -filename: '[% project %]-[% c("version") %]-[% c("var/build_id") %].tar.gz' +filename: '[% project %]-[% c("version") %]-[% IF c("var/linux-cross") %][% c("var/osname") %][% ELSE %]x86[% END %]-[% c("var/build_id") %].tar.gz' # Note: When updating the gcc version, if this includes a libstdc++ # ABI change we should also update projects/firefox/abicheck.cc to # require the new version. @@ -7,14 +7,17 @@ version: '[% pc("gcc-source", "version") %]' container: use_container: 1 var: + distdir: gcc deps: - build-essential - libmpc-dev setup: | mkdir -p /var/tmp/dist tar -C /var/tmp/dist -xf $rootdir/[% c("compiler_tarfile") %] - export PATH="/var/tmp/dist/gcc/bin:$PATH" - export LD_LIBRARY_PATH=/var/tmp/dist/gcc/lib64:/var/tmp/dist/gcc/lib32 + export PATH="/var/tmp/dist/[% c("var/distdir") %]/bin:$PATH" + [% IF ! c("var/linux-cross") -%] + export LD_LIBRARY_PATH=/var/tmp/dist/[% c("var/distdir") %]/lib64:/var/tmp/dist/[% c("var/distdir") %]/lib32 + [% END -%] [% IF c("hardened_gcc") -%] # Config options for hardening-wrapper @@ -25,14 +28,14 @@ var: export DEB_BUILD_HARDENING_PIE=1 # Make sure we use the hardening wrapper - pushd /var/tmp/dist/gcc/bin + pushd /var/tmp/dist/[% c("var/distdir") %]/bin cp /usr/bin/hardened-cc ./ - mv gcc gcc.real - mv c++ c++.real - mv g++ g++.real - ln -sf hardened-cc gcc - ln -sf hardened-cc c++ - ln -sf hardened-cc g++ + mv [% c("var/target_prefix") %]gcc [% c("var/target_prefix") %]gcc.real + mv [% c("var/target_prefix") %]c++ [% c("var/target_prefix") %]c++.real + mv [% c("var/target_prefix") %]g++ [% c("var/target_prefix") %]g++.real + ln -sf hardened-cc [% c("var/target_prefix") %]gcc + ln -sf hardened-cc [% c("var/target_prefix") %]c++ + ln -sf hardened-cc [% c("var/target_prefix") %]g++ popd [% END -%] @@ -50,8 +53,34 @@ targets: arch_deps: - hardening-wrapper - libc6-dev-i386 + linux-cross: + var: + target_prefix: '[% c("var/crosstarget") %]-' + distdir: gcc-cross + # TODO: Consider upgrading to a glibc that works out of the box with the + # GCC version we use. However, removing our glibc version workarounds may + # not be desirable since we want to be able to easily bump the GCC + # version without worrying about linux-cross breakage. + glibc_version: 2.26 + linux_version: 4.10.1 + arch_deps: + - hardening-wrapper + - libc6-dev-i386 + - gawk + linux-arm: + var: + configure_opt: --disable-multilib --enable-languages=c,c++ --target=arm-linux-gnueabihf --with-arch=armv7-a --with-fpu=vfpv3-d16 --with-float=hard --with-mode=thumb input_files: - project: container-image - project: gcc-source name: gcc + - name: binutils + project: binutils + enable: '[% c("var/linux-cross") -%]' + - URL: 'https://ftp.gnu.org/gnu/glibc/glibc-[% c("var/glibc_version") %].tar.xz' + sha256sum: e54e0a934cd2bc94429be79da5e9385898d2306b9eaf3c92d5a77af96190f6bd + enable: '[% c("var/linux-cross") -%]' + - URL: 'https://www.kernel.org/pub/linux/kernel/v4.x/linux-[% c("var/linux_version") %].tar.xz' + sha256sum: 6ca06bb5faf5f83600d7388bb623dae41df2a257de85ad5d1792e03302bc3543 + enable: '[% c("var/linux-cross") -%]' ===================================== projects/openssl/config ===================================== @@ -14,6 +14,9 @@ targets: linux-i686: var: configure_opts: -shared linux-x86 + linux-arm: + var: + configure_opts: -shared --cross-compile-prefix=[% c("var/crosstarget") %]- linux-armv4 windows: var: flag_mwindows: '' View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] 2 commits: Bug 40856: Temporarily disable namecoin, until #40845 is fixed
by boklm (＠boklm) 13 May '23

13 May '23

boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 664c0d8a by Nicolas Vigier at 2023-05-13T11:31:26+02:00 Bug 40856: Temporarily disable namecoin, until #40845 is fixed - - - - - 076ffcf1 by Nicolas Vigier at 2023-05-13T12:15:07+02:00 Bug 40856: Temporarily stop using obfs4 main branch in nightly Until #40850 is fixed. - - - - - 2 changed files: - projects/obfs4/config - rbm.conf Changes: ===================================== projects/obfs4/config ===================================== @@ -9,11 +9,12 @@ filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/buil container: use_container: 1 -targets: - nightly: - git_hash: main - version: '[% c("abbrev") %]' - tag_gpg_id: 0 +# Stop using `main` on nightly, until tor-browser-build#40850 is fixed +#targets: +# nightly: +# git_hash: main +# version: '[% c("abbrev") %]' +# tag_gpg_id: 0 input_files: - project: container-image ===================================== rbm.conf ===================================== @@ -465,7 +465,8 @@ targets: compiler: gcc configure_opt: '[% c("var/configure_opt_project") %]' # Only build Namecoin for linux on nightly - namecoin: '[% c("var/nightly") && c("var/tor-browser") %]' + # Temporarily disabled until we have a fix for tor-browser-build#40845 + #namecoin: '[% c("var/nightly") && c("var/tor-browser") %]' container: suite: jessie arch: amd64 View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-update-responses][main] release: new version, 12.0.6
by richard (＠richard) 12 May '23

12 May '23

richard pushed to branch main at The Tor Project / Applications / Tor Browser update responses Commits: 4792e4f8 by Richard Pospesel at 2023-05-12T16:42:40+00:00 release: new version, 12.0.6 - - - - - 30 changed files: - update_3/release/.htaccess - − update_3/release/12.0.4-12.0.5-linux32-ALL.xml - − update_3/release/12.0.4-12.0.5-linux64-ALL.xml - − update_3/release/12.0.4-12.0.5-macos-ALL.xml - − update_3/release/12.0.4-12.0.5-win32-ALL.xml - − update_3/release/12.0.4-12.0.5-win64-ALL.xml - + update_3/release/12.0.4-12.0.6-linux32-ALL.xml - + update_3/release/12.0.4-12.0.6-linux64-ALL.xml - + update_3/release/12.0.4-12.0.6-macos-ALL.xml - + update_3/release/12.0.4-12.0.6-win32-ALL.xml - + update_3/release/12.0.4-12.0.6-win64-ALL.xml - + update_3/release/12.0.5-12.0.6-linux32-ALL.xml - + update_3/release/12.0.5-12.0.6-linux64-ALL.xml - + update_3/release/12.0.5-12.0.6-macos-ALL.xml - + update_3/release/12.0.5-12.0.6-win32-ALL.xml - + update_3/release/12.0.5-12.0.6-win64-ALL.xml - − update_3/release/12.0.5-linux32-ALL.xml - − update_3/release/12.0.5-linux64-ALL.xml - − update_3/release/12.0.5-macos-ALL.xml - − update_3/release/12.0.5-win32-ALL.xml - − update_3/release/12.0.5-win64-ALL.xml - + update_3/release/12.0.6-linux32-ALL.xml - + update_3/release/12.0.6-linux64-ALL.xml - + update_3/release/12.0.6-macos-ALL.xml - + update_3/release/12.0.6-win32-ALL.xml - + update_3/release/12.0.6-win64-ALL.xml - update_3/release/download-android-aarch64.json - update_3/release/download-android-armv7.json - update_3/release/download-android-x86.json - update_3/release/download-android-x86_64.json The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag tbb-12.0.6-build1
by Pier Angelo Vendrame (＠pierov) 10 May '23

10 May '23

Pier Angelo Vendrame pushed new tag tbb-12.0.6-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/tbb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-12.0] Bug 40820: Prepare stable release 12.0.6
by Pier Angelo Vendrame (＠pierov) 10 May '23

10 May '23

Pier Angelo Vendrame pushed to branch maint-12.0 at The Tor Project / Applications / tor-browser-build Commits: 6b72e634 by Pier Angelo Vendrame at 2023-05-10T09:57:03+02:00 Bug 40820: Prepare stable release 12.0.6 - - - - - 8 changed files: - projects/browser/Bundle-Data/Docs/ChangeLog.txt - projects/browser/allowed_addons.json - projects/firefox/config - projects/geckoview/config - projects/go/config - projects/manual/config - projects/translation/config - rbm.conf Changes: ===================================== projects/browser/Bundle-Data/Docs/ChangeLog.txt ===================================== @@ -1,3 +1,89 @@ +Tor Browser 12.0.6 - May 09 2023 + * All Platforms + * Updated Translations + * Updated Go to 11.9.9 + * Bug 41728: Pin bridges.torproject.org domains to Let's Encrypt's root cert public key [tor-browser] + * Bug 41756: Rebase Tor Browser Stable to 102.11.0esr [tor-browser] + * Windows + macOS + Linux + * Updated Firefox to 102.11esr + * Bug 40501: High CPU load after tor exits unexpectedly [tor-browser] + * Windows + * Bug 41683: Disable the network process on Windows [tor-browser] + * Android + * Updated GeckoView to 102.11esr + * Build System + * Windows + macOS + Linux + * Bug 41730: Bridge lines in tools/torbrowser/bridges.js out of date [tor-browser] + * macOS + * Bug 40844: Fix DMG reproducibility problem on 12.0.5 [tor-browser-build] + +Tor Browser 12.5a5 - April 18 2023 + * All Platforms + * Updated Translations + * Updated NoScript to 11.4.21 + * Updated Go to 11.9.8 + * Bug 40833: base-browser nightly is using the default channel instead of nightly [tor-browser-build] + * Bug 41687: Rebase Tor Browser Alpha to 102.10.0esr [tor-browser] + * Bug 41689: Remove startup.homepage_override_url from Base Browser [tor-browser] + * Bug 41704: Immediately return on remoteSettings.pollChanges [tor-browser] + * Windows + macOS + Linux + * Updated Firefox to 102.10esr + * Bug 165: Fix maximization warning x button and preference [mullvad-browser] + * Bug 40501: High CPU load after tor exits unexpectedly [tor-browser] + * Bug 40701: Improve security warning when downloading a file [tor-browser] + * Bug 40788: Tor Browser 11.0.4-11.0.6 phoning home [tor-browser] + * Bug 40811: Make testing the updater easier [tor-browser-build] + * Bug 40831: Fix update URL for base-browser nightly [tor-browser-build] + * Bug 40958: The number of relays displayed for an onion site can be misleading [tor-browser] + * Bug 41038: Update "Click to Copy" button label in circuit display [tor-browser] + * Bug 41109: "New circuit..." button gets cut-off when onion name wraps [tor-browser] + * Bug 41350: Move the implementation of Bug 19273 out of Torbutton [tor-browser] + * Bug 41521: Improve localization notes [tor-browser] + * Bug 41533: Page Info window for view-source:http://...onion addresses says Connection Not Encrypted [tor-browser] + * Bug 41600: Some users have difficulty finding the circuit display [tor-browser] + * Bug 41617: Improve the UX of the built-in bridges dialog [tor-browser] + * Bug 41668: Move part of the updater patches to base browser [tor-browser] + * Bug 41686: Move the 'Bug 11641: Disable remoting by default' commit from base-browser to tor-browser [tor-browser] + * Bug 41695: Port warning on maximized windows without letterboxing from torbutton [tor-browser] + * Bug 41699: Tighten up the tor onion alias regular expression [tor-browser] + * Bug 41701: Reporting an extension does not work [tor-browser] + * Bug 41702: The connection pill needs to be centered vertically [tor-browser] + * Bug 41709: sendCommand should not try to send a command forever [tor-browser] + * Bug 41711: Race condition when opening a new window in New Identity [tor-browser] + * Bug 41713: “Remove All Bridges” button only appears after hitting “Show All Bridges" [tor-browser] + * Bug 41714: “Show Fewer Bridges” button missing from refactored remove all bridges UI [tor-browser] + * Bug 41719: Update title and button strings in the new circuit display to sentence case [tor-browser] + * Bug 41722: Regression: window maximization warning cannot be closed by the X button [tor-browser] + * Bug 41725: Stray connectionPane.xhtml patch [tor-browser] + * Windows + * Bug 41459: WebRTC fails to build under mingw [tor-browser] + * Bug 41678: WebRTC build fix patches incorrectly defining pid_t [tor-browser] + * Bug 41683: Disable the network process on Windows [tor-browser] + * Linux + * Bug 40830: The fontconfig directory is missing in Base Browser [tor-browser-build] + * Bug 41163: Many bundled fonts are blocked in Ubuntu/Fedora because of RFP [tor-browser] + * Android + * Updated GeckoView to 102.10esr + * Bug 41724: Backport Android-specific security fixes from Firefox 112 to ESR 102.10-based Tor Browser [tor-browser] + * Build System + * All Platforms + * Bug 40828: Use http://archive.debian.org/debian-archive/ for jessie [tor-browser-build] + * Bug 40837: Rebase mullvad-browser build changes onto main [tor-browser-build] + * Windows + macOS + Linux + * Bug 40823: Update appname_* variables in projects/release/update_responses_config.yml [tor-browser-build] + * Bug 40826: Correctly set appname_marfile for basebrowser in tools/signing/nightly/update-responses-base-config.yml [tor-browser-build] + * Bug 40827: MAR generation uses (mostly) hard-coded MAR update channel [tor-browser-build] + * Bug 41730: Bridge lines in tools/torbrowser/bridges.js out of date [tor-browser] + * Windows + * Bug 40822: The Tor Browser installer doesn't run with mandatory ASLR on (0xc000007b) [tor-browser-build] + * macOS + * Bug 40824: dmg2mar script using hardcoded project names for paths [tor-browser-build] + * Bug 40844: DMG reproducibility problem on 12.0.5 [tor-browser-build] + * Linux + * Bug 40835: Update faketime URLs in projects/container-image/config [tor-browser-build] + * Android + * Bug 41684: Android improvements for local dev builds [tor-browser] + Tor Browser 12.0.5 - April 12 2023 * All Platforms * Updated Translations ===================================== projects/browser/allowed_addons.json ===================================== @@ -17,7 +17,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/34/9734/13299734/13299734.pn…" } ], - "average_daily_users": 989098, + "average_daily_users": 976883, "categories": { "android": [ "experimental", @@ -31,7 +31,7 @@ "contributions_url": "https://opencollective.com/darkreader?utm_content=product-page-contribute&u…", "created": "2017-09-19T07:03:00Z", "current_version": { - "id": 5509244, + "id": 5550694, "compatibility": { "firefox": { "min": "54.0", @@ -42,7 +42,7 @@ "max": "*" } }, - "edit_url": "https://addons.mozilla.org/en-US/developers/addon/darkreader/versions/55092…", + "edit_url": "https://addons.mozilla.org/en-US/developers/addon/darkreader/versions/55506…", "is_strict_compatibility_enabled": false, "license": { "id": 22, @@ -53,22 +53,22 @@ "url": "http://www.opensource.org/license/mit" }, "release_notes": { - "en-US": "- Fixed a edge case with extracting color numbers, it's now able to extract `rgb(0 0 0/0.04)`.\n- Improved IPv6 check.\n- Faster UI loading.\n- Users' fixes for websites." + "en-US": "- Site toggle panel (detect dark theme and shortcut).\n- App toggle panel (automation and shortcut).\n- Improved Site List indexing.\n- Users' fixes for websites." }, - "reviewed": "2023-01-09T12:25:16Z", - "version": "4.9.62", + "reviewed": "2023-04-13T13:17:06Z", + "version": "4.9.63", "files": [ { - "id": 4053589, - "created": "2023-01-08T17:15:31Z", - "hash": "sha256:e537a2cee45ed7c26f79ecd3ed362620e3f00d24c158532a58e163a63a3d60cc", + "id": 4095037, + "created": "2023-04-10T09:52:02Z", + "hash": "sha256:16ba6337fcff7ad85e08ad51b384ba26ff751b2b2ded12309f75e8337ace925a", "is_restart_required": false, "is_webextension": true, "is_mozilla_signed_extension": false, "platform": "all", - "size": 636487, + "size": 658318, "status": "public", - "url": "https://addons.mozilla.org/firefox/downloads/file/4053589/darkreader-4.9.62…", + "url": "https://addons.mozilla.org/firefox/downloads/file/4095037/darkreader-4.9.63…", "permissions": [ "alarms", "contextMenus", @@ -146,7 +146,7 @@ }, "is_disabled": false, "is_experimental": false, - "last_updated": "2023-01-09T12:25:16Z", + "last_updated": "2023-04-13T13:17:06Z", "name": { "ar": "Dark Reader", "bn": "Dark Reader", @@ -221,10 +221,10 @@ "category": "recommended" }, "ratings": { - "average": 4.5565, - "bayesian_average": 4.5553226794282615, - "count": 4938, - "text_count": 1565 + "average": 4.5607, + "bayesian_average": 4.559531365183289, + "count": 4987, + "text_count": 1578 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/darkreader/reviews/", "requires_payment": false, @@ -321,7 +321,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/darkreader/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/darkreader/versions/", - "weekly_downloads": 27115 + "weekly_downloads": 24385 }, "notes": null }, @@ -337,7 +337,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/56/7656/6937656/6937656.png?…" } ], - "average_daily_users": 264748, + "average_daily_users": 258784, "categories": { "android": [ "security-privacy" @@ -553,10 +553,10 @@ "category": "recommended" }, "ratings": { - "average": 4.817, - "bayesian_average": 4.812343801154484, - "count": 1333, - "text_count": 235 + "average": 4.8166, + "bayesian_average": 4.811948101281903, + "count": 1336, + "text_count": 237 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/reviews/", "requires_payment": false, @@ -641,7 +641,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/versions/", - "weekly_downloads": 3669 + "weekly_downloads": 3623 }, "notes": null }, @@ -657,7 +657,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/73/4073/5474073/5474073.png?…" } ], - "average_daily_users": 1152290, + "average_daily_users": 1128787, "categories": { "android": [ "security-privacy" @@ -1180,10 +1180,10 @@ "category": "recommended" }, "ratings": { - "average": 4.7999, - "bayesian_average": 4.797100778126469, - "count": 2209, - "text_count": 428 + "average": 4.8012, + "bayesian_average": 4.79841359051625, + "count": 2223, + "text_count": 426 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/reviews/", "requires_payment": false, @@ -1207,7 +1207,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/versions/", - "weekly_downloads": 39372 + "weekly_downloads": 18076 }, "notes": null }, @@ -1223,7 +1223,7 @@ "picture_url": null } ], - "average_daily_users": 6459771, + "average_daily_users": 6319454, "categories": { "android": [ "security-privacy" @@ -1235,7 +1235,7 @@ "contributions_url": "", "created": "2015-04-25T07:26:22Z", "current_version": { - "id": 5547815, + "id": 5558705, "compatibility": { "firefox": { "min": "78.0", @@ -1246,7 +1246,7 @@ "max": "*" } }, - "edit_url": "https://addons.mozilla.org/en-US/developers/addon/ublock-origin/versions/55…", + "edit_url": "https://addons.mozilla.org/en-US/developers/addon/ublock-origin/versions/55…", "is_strict_compatibility_enabled": false, "license": { "id": 6, @@ -1257,22 +1257,22 @@ "url": "http://www.gnu.org/licenses/gpl-3.0.html" }, "release_notes": { - "en-US": "See complete release notes for <a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/9ba5436deff955b8634d3a…" rel=\"nofollow\">1.48.4</a>.\n\nFixes / changes\n\n<ul><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/2881e29d212046e14a4f20…" rel=\"nofollow\">Fix presumed network filter not being a valid network filter</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/1d29de8f605dc6f4b7684f…" rel=\"nofollow\">Avoid using ! toolbar icon badge when inconsequential</a><ul><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/04728b2f874e135c8736ae…" rel=\"nofollow\">Clear unprocessed requests status on webNavigation reload event</a></li></ul></li></ul>\n<a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/e34f62492a00e2b8a221ca…" rel=\"nofollow\">Commits history since last version</a>." + "en-US": "See complete release notes for <a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/24794abbbc5c8930eafab3…" rel=\"nofollow\">1.49.2</a>.\n\nFixes\n\n<ul><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/812da480d7e6e2fa7d6fd1…" rel=\"nofollow\">Reverse usage of browser.alarms</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/53eab9764901466ecb7c1c…" rel=\"nofollow\">Mind rejected promises from vAPI.storage API</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/58bde6ecd0ff76608c1456…" rel=\"nofollow\">Properly handle promise rejection from webext.storage.local API</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/3f0e0640ef4983e8fd2352…" rel=\"nofollow\">Add more checks against unexpected conditions re. assets.json</a></li></ul>\n<a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/deebdaa7a15172babdad3e…" rel=\"nofollow\">Commits history since last version</a>." }, - "reviewed": "2023-04-05T17:12:25Z", - "version": "1.48.4", + "reviewed": "2023-05-03T16:26:03Z", + "version": "1.49.2", "files": [ { - "id": 4092158, - "created": "2023-04-01T21:20:42Z", - "hash": "sha256:d7666b963c2969b0014937aae55472eea5098ff21ed3bea8a2e1f595f62856c1", + "id": 4103048, + "created": "2023-04-26T14:37:33Z", + "hash": "sha256:39266486f720cd31d291d2fdad78625b079782a05517e1936eec7e780bc2a84d", "is_restart_required": false, "is_webextension": true, "is_mozilla_signed_extension": false, "platform": "all", - "size": 3343703, + "size": 3383174, "status": "public", - "url": "https://addons.mozilla.org/firefox/downloads/file/4092158/ublock_origin-1.4…", + "url": "https://addons.mozilla.org/firefox/downloads/file/4103048/ublock_origin-1.4…", "permissions": [ "dns", "menus", @@ -1388,7 +1388,7 @@ }, "is_disabled": false, "is_experimental": false, - "last_updated": "2023-04-05T17:12:25Z", + "last_updated": "2023-05-08T12:35:48Z", "name": { "ar": "uBlock Origin", "bg": "uBlock Origin", @@ -1533,10 +1533,10 @@ "category": "recommended" }, "ratings": { - "average": 4.78, - "bayesian_average": 4.7795951137081945, - "count": 15206, - "text_count": 3956 + "average": 4.7808, + "bayesian_average": 4.780398687268275, + "count": 15366, + "text_count": 3994 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/reviews/", "requires_payment": false, @@ -1598,7 +1598,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/versions/", - "weekly_downloads": 138089 + "weekly_downloads": 131497 }, "notes": null }, @@ -1614,19 +1614,20 @@ "picture_url": null } ], - "average_daily_users": 159972, + "average_daily_users": 167016, "categories": { "android": [ "photos-media" ], "firefox": [ - "games-entertainment" + "games-entertainment", + "photos-music-videos" ] }, "contributions_url": "", "created": "2017-05-03T08:36:43Z", "current_version": { - "id": 5220332, + "id": 5560463, "compatibility": { "firefox": { "min": "42.0", @@ -1637,7 +1638,7 @@ "max": "*" } }, - "edit_url": "https://addons.mozilla.org/en-US/developers/addon/video-background-play-fix…", + "edit_url": "https://addons.mozilla.org/en-US/developers/addon/video-background-play-fix…", "is_strict_compatibility_enabled": false, "license": { "id": 22, @@ -1648,24 +1649,24 @@ "url": "http://www.opensource.org/license/mit" }, "release_notes": { - "de": "Experimentelle Verbesserungen der Handhabung von Youtube.", - "en-US": "Experimental improvement of Youtube handling.", - "ro": "Îmbunătățiri experimentale pentru Youtube." + "de": "Neue Übersetzungen ergänzt", + "en-US": "Added new translations", + "ro": "Adăugat traduceri noi" }, - "reviewed": "2021-04-23T07:50:05Z", - "version": "1.6.0", + "reviewed": "2023-05-05T14:25:10Z", + "version": "1.7.0", "files": [ { - "id": 3764692, - "created": "2021-04-22T21:46:53Z", - "hash": "sha256:73cfa682e0398ca1b51890340e4a6df3fcea945f54e9e677e9db942152aa614d", + "id": 4104806, + "created": "2023-05-01T11:53:35Z", + "hash": "sha256:e8713a1720ffba236c40ebabd5ac1db88702d75c21edc23d61216a5897b3792a", "is_restart_required": false, "is_webextension": true, "is_mozilla_signed_extension": false, "platform": "all", - "size": 12088, + "size": 12968, "status": "public", - "url": "https://addons.mozilla.org/firefox/downloads/file/3764692/video_background_…", + "url": "https://addons.mozilla.org/firefox/downloads/file/4104806/video_background_…", "permissions": [ "*://*.youtube.com/*", "*://*.youtube-nocookie.com/*", @@ -1678,9 +1679,9 @@ }, "default_locale": "en-US", "description": { - "de": "ACHTUNG: Im neuen Firefox für Android (Version 79 und neuer) funktioniert Videowiedergabe im Hintergrund erst <a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/05bb7b1ef7f63358eeabcd…" rel=\"nofollow\">ab Firefox 82</a> korrekt.\n\nUnterstützt momentan folgende Seiten:\n<ul><li>Youtube</li><li>Vimeo (Wiedergabe nicht unterbrechen wenn Vollbildmodus beendet wird)</li></ul>", - "en-US": "ATTENTION: With the new Firefox on Android (Firefox 79 and newer), background playback only properly works starting <a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/05bb7b1ef7f63358eeabcd…" rel=\"nofollow\">from Firefox 82</a>.\n\nThe following pages are currently supported:\n<ul><li>Youtube</li><li>Vimeo (don't stop playback when existing fullscreen)</li></ul>", - "ro": "ATENȚIE: În noul Firefox pentru Android (versiunea 79+), redarea video în fundal funcționează corect abia de la <a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/05bb7b1ef7f63358eeabcd…" rel=\"nofollow\">Firefox 82</a>.\n\nÎn prezent este compatibil cu următoarele site-uri:\n<ul><li>Youtube</li><li>Vimeo (nu întrerupeți redarea atunci când ieșiți din modul fullscreen)</li></ul>" + "de": "Unterstützt momentan folgende Seiten:\n<ul><li>Youtube</li><li>Vimeo (Wiedergabe nicht unterbrechen wenn Vollbildmodus beendet wird)</li></ul>", + "en-US": "The following pages are currently supported:\n<ul><li>Youtube</li><li>Vimeo (don't stop playback when existing fullscreen)</li></ul>", + "ro": "În prezent este compatibil cu următoarele site-uri:\n<ul><li>Youtube</li><li>Vimeo (nu întrerupeți redarea atunci când ieșiți din modul fullscreen)</li></ul>" }, "developer_comments": null, "edit_url": "https://addons.mozilla.org/en-US/developers/addon/video-background-play-fix…", @@ -1698,7 +1699,7 @@ }, "is_disabled": false, "is_experimental": false, - "last_updated": "2021-04-23T07:50:05Z", + "last_updated": "2023-05-05T14:25:10Z", "name": { "de": "Videowiedergabe im Hintergrund", "en-US": "Video Background Play Fix", @@ -1712,10 +1713,10 @@ "category": "recommended" }, "ratings": { - "average": 4.5069, - "bayesian_average": 4.501656166558232, - "count": 1093, - "text_count": 405 + "average": 4.4874, + "bayesian_average": 4.4822747330216925, + "count": 1114, + "text_count": 416 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/video-background-play-fix/re…", "requires_payment": false, @@ -1737,7 +1738,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/video-background-play-fix/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/video-background-play-fix/ve…", - "weekly_downloads": 386 + "weekly_downloads": 411 }, "notes": null }, @@ -1753,7 +1754,7 @@ "picture_url": null } ], - "average_daily_users": 90974, + "average_daily_users": 88255, "categories": { "android": [ "experimental", @@ -1867,9 +1868,9 @@ "promoted": null, "ratings": { "average": 4.3684, - "bayesian_average": 4.354634977381083, + "bayesian_average": 4.354580970236878, "count": 399, - "text_count": 113 + "text_count": 112 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-possum/reviews/", "requires_payment": false, @@ -1891,7 +1892,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-possum/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-possum/versions/", - "weekly_downloads": 1200 + "weekly_downloads": 900 }, "notes": null }, @@ -1907,7 +1908,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/64/9064/12929064/12929064.pn…" } ], - "average_daily_users": 261805, + "average_daily_users": 259842, "categories": { "android": [ "photos-media", @@ -2126,9 +2127,9 @@ "category": "recommended" }, "ratings": { - "average": 4.653, - "bayesian_average": 4.6482048070516955, - "count": 1242, + "average": 4.6521, + "bayesian_average": 4.647356516825427, + "count": 1256, "text_count": 241 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/search_by_image/reviews/", @@ -2150,7 +2151,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/search_by_image/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/search_by_image/versions/", - "weekly_downloads": 7262 + "weekly_downloads": 4089 }, "notes": null }, @@ -2173,7 +2174,7 @@ "picture_url": null } ], - "average_daily_users": 110023, + "average_daily_users": 110772, "categories": { "android": [ "other" @@ -2456,10 +2457,10 @@ "category": "recommended" }, "ratings": { - "average": 4.4449, - "bayesian_average": 4.440238588001734, - "count": 1207, - "text_count": 321 + "average": 4.443, + "bayesian_average": 4.438340772354168, + "count": 1210, + "text_count": 322 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/google-search-fixer/reviews/", "requires_payment": false, @@ -2479,7 +2480,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/google-search-fixer/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/google-search-fixer/versions/", - "weekly_downloads": 34 + "weekly_downloads": 40 }, "notes": null }, @@ -2495,7 +2496,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/43/0143/143/143.png?modified…" } ], - "average_daily_users": 324182, + "average_daily_users": 313446, "categories": { "android": [ "performance", @@ -2685,10 +2686,10 @@ "category": "recommended" }, "ratings": { - "average": 4.4039, - "bayesian_average": 4.401185759316559, - "count": 2055, - "text_count": 801 + "average": 4.4106, + "bayesian_average": 4.407881097196251, + "count": 2058, + "text_count": 799 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/noscript/reviews/", "requires_payment": false, @@ -2732,7 +2733,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/noscript/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/noscript/versions/", - "weekly_downloads": 7852 + "weekly_downloads": 7698 }, "notes": null }, @@ -2748,7 +2749,7 @@ "picture_url": null } ], - "average_daily_users": 148389, + "average_daily_users": 150188, "categories": { "android": [ "performance", @@ -2863,10 +2864,10 @@ "category": "recommended" }, "ratings": { - "average": 3.9106, - "bayesian_average": 3.906291934298175, - "count": 1119, - "text_count": 397 + "average": 3.9071, + "bayesian_average": 3.902833394829747, + "count": 1130, + "text_count": 402 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/revi…", "requires_payment": false, @@ -2885,7 +2886,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/vers…", - "weekly_downloads": 1519 + "weekly_downloads": 2266 }, "notes": null } ===================================== projects/firefox/config ===================================== @@ -12,10 +12,10 @@ container: use_container: 1 var: - firefox_platform_version: 102.10.0 + firefox_platform_version: 102.11.0 firefox_version: '[% c("var/firefox_platform_version") %]esr' browser_branch: '12.0-1' - browser_build: 2 + browser_build: 1 branding_directory: 'browser/branding/alpha' copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' nightly_updates_osname: '[% c("var/osname") %]' ===================================== projects/geckoview/config ===================================== @@ -12,9 +12,9 @@ container: use_container: 1 var: - geckoview_version: 102.10.0esr + geckoview_version: 102.11.0esr torbrowser_branch: 12.0-1 - browser_build: 2 + browser_build: 1 copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' deps: - build-essential ===================================== projects/go/config ===================================== @@ -1,5 +1,5 @@ # vim: filetype=yaml sw=2 -version: 1.19.8 +version: 1.19.9 filename: '[% project %]-[% c("version") %]-[% c("var/build_id") %].tar.gz' container: use_container: 1 @@ -121,7 +121,7 @@ input_files: enable: '[% ! c("var/linux") %]' - URL: 'https://golang.org/dl/go[% c("version") %].src.tar.gz' name: go - sha256sum: 1d7a67929dccafeaf8a29e55985bc2b789e0499cb1a17100039f084e3238da2f + sha256sum: 131190a4697a70c5b1d232df5d3f55a3f9ec0e78e40516196ffb3f09ae6a5744 - URL: 'https://golang.org/dl/go[% c("var/go14_version") %].src.tar.gz' name: go14 sha256sum: 9947fc705b0b841b5938c48b22dc33e9647ec0752bae66e50278df4f23f64959 ===================================== projects/manual/config ===================================== @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 # To update, see doc/how-to-update-the-manual.txt # Remember to update also the package's hash, with the version! -version: 72637 +version: 74065 filename: 'manual-[% c("version") %]-[% c("var/build_id") %].tar.gz' container: use_container: 1 @@ -17,8 +17,8 @@ var: input_files: - project: container-image - - URL: 'https://people.torproject.org/~ma1/tbb_files/manual_[% c("version") %].zip' + - URL: 'https://people.torproject.org/~pierov/tbb_files/manual_[% c("version") %].zip' name: manual - sha256sum: 28379bdb31989d26a4cb735b9cbcd9ee52089f72153881f3802d291743b8cf06 + sha256sum: 788c2dc2bfacbc6961ce443c5639706cc23fbb7b7730ed7f71a26396511305be - filename: packagemanual.py name: package_script ===================================== projects/translation/config ===================================== @@ -6,19 +6,19 @@ version: '[% c("abbrev") %]' steps: base-browser: base-browser: '[% INCLUDE build %]' - git_hash: a7f7d59e21395ba563033060a55903f4f7163c02 + git_hash: 97c76d5183b16b069e66feaaf10e00c1d2c7d9e0 targets: nightly: git_hash: 'base-browser' base-browser-fluent: base-browser-fluent: '[% INCLUDE build %]' - git_hash: 32c09e1c5282cf3c7369d45fc199eb35c10a4fcc + git_hash: d473c4dd005325d1be40bae0f816974e195a972d targets: nightly: git_hash: 'basebrowser-newidentityftl' tor-browser: tor-browser: '[% INCLUDE build %]' - git_hash: a7be13f5b46a2bd3684146556390d62b1caa2f52 + git_hash: 267f3c208a323df636ed11e7143164956d3d9d9b targets: nightly: git_hash: 'tor-browser' @@ -26,7 +26,7 @@ steps: fenix: '[% INCLUDE build %]' # We need to bump the commit before releasing but just pointing to a branch # might cause too much rebuidling of the Firefox part. - git_hash: b2691020553c5e81bacfe3ed33cc66226754c98d + git_hash: 0deec2a78dea0013e8c4eaec1d40ef5aac4e43b0 targets: nightly: git_hash: 'fenix-torbrowserstringsxml' ===================================== rbm.conf ===================================== @@ -71,10 +71,13 @@ buildconf: git_signtag_opt: '-s' var: - torbrowser_version: '12.0.5' - torbrowser_build: 'build2' + torbrowser_version: '12.0.6' + torbrowser_build: 'build1' torbrowser_incremental_from: + # Build incrementals also from 12.0.4 until we have a new certificate for + # Windows installers. - 12.0.4 + - 12.0.5 build_mar: 1 # By default, we sort the list of installed packages. This allows sharing # containers with identical list of packages, even if they are not listed View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6… You're receiving this email because of your account on gitlab.torproject.org.

1 0