- tbb-commits - lists.torproject.org

[Git][tpo/applications/tor-browser][tor-browser-115.3.0esr-13.0-1] 2 commits: Bug 1847180. a=RyanVM
by richard (＠richard) 28 Sep '23

28 Sep '23

richard pushed to branch tor-browser-115.3.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: 84e2f0cd by Marco Bonardo at 2023-09-28T19:12:39+00:00 Bug 1847180. a=RyanVM Original Revision: https://phabricator.services.mozilla.com/D188240 Differential Revision: https://phabricator.services.mozilla.com/D188568 - - - - - fd082b4b by Ryan VanderMeulen at 2023-09-28T19:12:39+00:00 Bug 1855550 - VP8: disallow thread count changes. r=jesup, a=dsmith Cherry-pick of upstream libvpx commits: https://chromium.googlesource.com/webm/libvpx/+/af6dedd715f4307669366944cca… https://chromium.googlesource.com/webm/libvpx/+/3fbd1dca6a4d2dad332a2110d64… Differential Revision: https://phabricator.services.mozilla.com/D189428 - - - - - 6 changed files: - media/libvpx/libvpx/test/encode_api_test.cc - media/libvpx/libvpx/vp8/encoder/onyx_if.c - toolkit/components/reputationservice/ApplicationReputation.cpp - toolkit/components/reputationservice/test/gtest/TestExecutableLists.cpp - xpcom/io/nsLocalFileCommon.cpp - xpcom/io/nsLocalFileCommon.h Changes: ===================================== media/libvpx/libvpx/test/encode_api_test.cc ===================================== @@ -307,7 +307,6 @@ TEST(EncodeAPI, SetRoi) { void InitCodec(const vpx_codec_iface_t &iface, int width, int height, vpx_codec_ctx_t *enc, vpx_codec_enc_cfg_t *cfg) { - ASSERT_EQ(vpx_codec_enc_config_default(&iface, cfg, 0), VPX_CODEC_OK); cfg->g_w = width; cfg->g_h = height; cfg->g_lag_in_frames = 0; @@ -345,6 +344,7 @@ TEST(EncodeAPI, ConfigChangeThreadCount) { vpx_codec_ctx_t ctx = {}; } enc; + ASSERT_EQ(vpx_codec_enc_config_default(iface, &cfg, 0), VPX_CODEC_OK); EXPECT_NO_FATAL_FAILURE( InitCodec(*iface, kWidth, kHeight, &enc.ctx, &cfg)); if (IsVP9(iface)) { @@ -363,6 +363,50 @@ TEST(EncodeAPI, ConfigChangeThreadCount) { } } +TEST(EncodeAPI, ConfigResizeChangeThreadCount) { + constexpr int kInitWidth = 1024; + constexpr int kInitHeight = 1024; + + for (const auto *iface : kCodecIfaces) { + SCOPED_TRACE(vpx_codec_iface_name(iface)); + for (int i = 0; i < (IsVP9(iface) ? 2 : 1); ++i) { + vpx_codec_enc_cfg_t cfg = {}; + struct Encoder { + ~Encoder() { EXPECT_EQ(vpx_codec_destroy(&ctx), VPX_CODEC_OK); } + vpx_codec_ctx_t ctx = {}; + } enc; + + ASSERT_EQ(vpx_codec_enc_config_default(iface, &cfg, 0), VPX_CODEC_OK); + // Start in threaded mode to ensure resolution and thread related + // allocations are updated correctly across changes in resolution and + // thread counts. See https://crbug.com/1486441. + cfg.g_threads = 4; + EXPECT_NO_FATAL_FAILURE( + InitCodec(*iface, kInitWidth, kInitHeight, &enc.ctx, &cfg)); + if (IsVP9(iface)) { + EXPECT_EQ(vpx_codec_control_(&enc.ctx, VP9E_SET_TILE_COLUMNS, 6), + VPX_CODEC_OK); + EXPECT_EQ(vpx_codec_control_(&enc.ctx, VP9E_SET_ROW_MT, i), + VPX_CODEC_OK); + } + + cfg.g_w = 1000; + cfg.g_h = 608; + EXPECT_EQ(vpx_codec_enc_config_set(&enc.ctx, &cfg), VPX_CODEC_OK) + << vpx_codec_error_detail(&enc.ctx); + + cfg.g_w = 16; + cfg.g_h = 720; + + for (const auto threads : { 1, 4, 8, 6, 2, 1 }) { + cfg.g_threads = threads; + EXPECT_NO_FATAL_FAILURE(EncodeWithConfig(cfg, &enc.ctx)) + << "iteration: " << i << " threads: " << threads; + } + } + } +} + #if CONFIG_VP9_ENCODER class EncodeApiGetTplStatsTest : public ::libvpx_test::EncoderTest, ===================================== media/libvpx/libvpx/vp8/encoder/onyx_if.c ===================================== @@ -1447,6 +1447,12 @@ void vp8_change_config(VP8_COMP *cpi, VP8_CONFIG *oxcf) { last_h = cpi->oxcf.Height; prev_number_of_layers = cpi->oxcf.number_of_layers; + if (cpi->initial_width) { + // TODO(https://crbug.com/1486441): Allow changing thread counts; the + // allocation is done once in vp8_create_compressor(). + oxcf->multi_threaded = cpi->oxcf.multi_threaded; + } + cpi->oxcf = *oxcf; switch (cpi->oxcf.Mode) { ===================================== toolkit/components/reputationservice/ApplicationReputation.cpp ===================================== @@ -181,6 +181,8 @@ const char* const ApplicationReputationService::kBinaryFileExtensions[] = { ".applescript", //".application", exec // MS ClickOnce //".appref-ms", exec // MS ClickOnce + //".appx", exec + //".appxbundle", exec //".arc", //".arj", ".as", // Mac archive @@ -334,6 +336,8 @@ const char* const ApplicationReputationService::kBinaryFileExtensions[] = { //".msh2xml", exec // Windows shell //".mshxml", exec // Windows //".msi", exec // Windows installer + //".msix", exec // Windows installer + //".msixbundle", exec // Windows installer //".msp", exec // Windows installer //".mst", exec // Windows installer ".ndif", // Mac disk image ===================================== toolkit/components/reputationservice/test/gtest/TestExecutableLists.cpp ===================================== @@ -25,6 +25,8 @@ static const char* const kTestFileExtensions[] = { ".applescript", ".application", // MS ClickOnce ".appref-ms", // MS ClickOnce + ".appx", + ".appxbundle", ".as", // Mac archive ".asp", // Windows Server script ".asx", // Windows Media Player @@ -155,6 +157,8 @@ static const char* const kTestFileExtensions[] = { ".msh2xml", // Windows shell ".mshxml", // Windows ".msi", // Windows installer + ".msix", // Windows installer + ".msixbundle", // Windows installer ".msp", // Windows installer ".mst", // Windows installer ".ndif", // Mac disk image ===================================== xpcom/io/nsLocalFileCommon.cpp ===================================== @@ -42,6 +42,8 @@ const char* const sExecutableExts[] = { ".app", // executable application ".application", // from bug 348763 ".appref-ms", // ClickOnce link + ".appx", + ".appxbundle", ".asp", ".atloc", // Appletalk Location ".bas", @@ -96,6 +98,8 @@ const char* const sExecutableExts[] = { ".msh2xml", // Microsoft Shell ".mshxml", // Microsoft Shell ".msi", + ".msix", + ".msixbundle", ".msp", ".mst", ".ops", // Office Profile Settings ===================================== xpcom/io/nsLocalFileCommon.h ===================================== @@ -8,9 +8,9 @@ #define _NS_LOCAL_FILE_COMMON_H_ #ifdef MOZ_ESR -extern const char* const sExecutableExts[103]; +extern const char* const sExecutableExts[107]; #else -extern const char* const sExecutableExts[104]; +extern const char* const sExecutableExts[108]; #endif #endif View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/1d7a21… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/1d7a21… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.3.0esr-13.0-1] fixup! Bug 40933: Add tor-launcher functionality
by richard (＠richard) 28 Sep '23

28 Sep '23

richard pushed to branch tor-browser-115.3.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: 1d7a2112 by Pier Angelo Vendrame at 2023-09-28T18:38:11+02:00 fixup! Bug 40933: Add tor-launcher functionality Bug 42129: Do not prompt to restart Tor if we could not connect to the control port but we were asked not to start it. - - - - - 1 changed file: - toolkit/components/tor-launcher/TorProviderBuilder.sys.mjs Changes: ===================================== toolkit/components/tor-launcher/TorProviderBuilder.sys.mjs ===================================== @@ -125,6 +125,11 @@ export class TorProviderBuilder { */ static async firstWindowLoaded() { // FIXME: Just integrate this with the about:torconnect or about:tor UI. + if (!lazy.TorLauncherUtil.shouldStartAndOwnTor) { + // If we are not managing the Tor daemon we cannot restart it, so just + // early return. + return; + } let running = false; try { const provider = await this.#provider; View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/1d7a211… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/1d7a211… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/firefox-android][firefox-android-115.2.1-13.0-1] fixup! Disable features and functionality
by Dan Ballard (＠dan) 28 Sep '23

28 Sep '23

Dan Ballard pushed to branch firefox-android-115.2.1-13.0-1 at The Tor Project / Applications / firefox-android Commits: ed46ed61 by Dan Ballard at 2023-09-28T16:42:56+00:00 fixup! Disable features and functionality Bug 42114: Disable Sharing URL from Recent Screen in Private Browsing mode - - - - - 1 changed file: - fenix/app/src/main/java/org/mozilla/fenix/HomeActivity.kt Changes: ===================================== fenix/app/src/main/java/org/mozilla/fenix/HomeActivity.kt ===================================== @@ -560,7 +560,9 @@ open class HomeActivity : LocaleAwareAppCompatActivity(), NavHostActivity { override fun onProvideAssistContent(outContent: AssistContent?) { super.onProvideAssistContent(outContent) val currentTabUrl = components.core.store.state.selectedTab?.content?.url - outContent?.webUri = currentTabUrl?.let { Uri.parse(it) } + if (components.core.store.state.selectedTab?.content?.private == false) { + outContent?.webUri = currentTabUrl?.let { Uri.parse(it) } + } } private fun getBookmarkCount(node: BookmarkNode): Int { View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/ed4… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/ed4… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/firefox-android][firefox-android-115.2.1-13.0-1] fixup! Modify UI/UX
by Dan Ballard (＠dan) 28 Sep '23

28 Sep '23

Dan Ballard pushed to branch firefox-android-115.2.1-13.0-1 at The Tor Project / Applications / firefox-android Commits: c5b1df66 by Dan Ballard at 2023-09-27T23:48:46-07:00 fixup! Modify UI/UX Bug 42134: Remove Android icon shortcuts for new tab and logins/passwords - - - - - 5 changed files: - fenix/app/src/beta/res/xml/shortcuts.xml - fenix/app/src/debug/res/xml/shortcuts.xml - fenix/app/src/main/res/xml/shortcuts.xml - fenix/app/src/nightly/res/xml/shortcuts.xml - fenix/app/src/release/res/xml/shortcuts.xml Changes: ===================================== fenix/app/src/beta/res/xml/shortcuts.xml ===================================== @@ -3,28 +3,28 @@ - License, v. 2.0. If a copy of the MPL was not distributed with this - file, You can obtain one at http://mozilla.org/MPL/2.0/. --> <shortcuts xmlns:android="http://schemas.android.com/apk/res/android"> - <shortcut - android:shortcutId="password_manager" - android:enabled="true" - android:icon="@drawable/ic_static_password_shortcut" - android:shortcutShortLabel="@string/home_screen_shortcut_open_password_screen" - android:shortcutLongLabel="@string/home_screen_shortcut_open_password_screen"> - <intent - android:action="org.mozilla.fenix.OPEN_PASSWORD_MANAGER" - android:targetPackage="org.mozilla.firefox_beta" - android:targetClass="org.mozilla.fenix.IntentReceiverActivity" /> - </shortcut> - <shortcut - android:shortcutId="open_new_tab" - android:enabled="true" - android:icon="@drawable/ic_static_shortcut_tab" - android:shortcutShortLabel="@string/home_screen_shortcut_open_new_tab_2" - android:shortcutLongLabel="@string/home_screen_shortcut_open_new_tab_2"> - <intent - android:action="org.mozilla.fenix.OPEN_TAB" - android:targetPackage="org.torproject.torbrowser_alpha" - android:targetClass="org.mozilla.fenix.IntentReceiverActivity" /> - </shortcut> + + + + + + + + + + + + + + + + + + + + + + <shortcut android:shortcutId="open_new_private_tab" android:enabled="true" ===================================== fenix/app/src/debug/res/xml/shortcuts.xml ===================================== @@ -4,28 +4,28 @@ - file, You can obtain one at http://mozilla.org/MPL/2.0/. --> <shortcuts xmlns:android="http://schemas.android.com/apk/res/android"> - <shortcut - android:shortcutId="password_manager" - android:enabled="true" - android:icon="@drawable/ic_static_password_shortcut" - android:shortcutShortLabel="@string/home_screen_shortcut_open_password_screen" - android:shortcutLongLabel="@string/home_screen_shortcut_open_password_screen"> - <intent - android:action="org.mozilla.fenix.OPEN_PASSWORD_MANAGER" - android:targetPackage="org.mozilla.fenix.debug" - android:targetClass="org.mozilla.fenix.IntentReceiverActivity" /> - </shortcut> - <shortcut - android:shortcutId="open_new_tab" - android:enabled="true" - android:icon="@drawable/ic_static_shortcut_tab" - android:shortcutShortLabel="@string/home_screen_shortcut_open_new_tab_2" - android:shortcutLongLabel="@string/home_screen_shortcut_open_new_tab_2"> - <intent - android:action="org.mozilla.fenix.OPEN_TAB" - android:targetPackage="org.torproject.torbrowser_debug" - android:targetClass="org.mozilla.fenix.IntentReceiverActivity" /> - </shortcut> + + + + + + + + + + + + + + + + + + + + + + <shortcut android:shortcutId="open_new_private_tab" android:enabled="true" ===================================== fenix/app/src/main/res/xml/shortcuts.xml ===================================== @@ -4,28 +4,28 @@ - file, You can obtain one at http://mozilla.org/MPL/2.0/. --> <shortcuts xmlns:android="http://schemas.android.com/apk/res/android"> - <shortcut - android:shortcutId="password_manager" - android:enabled="true" - android:icon="@drawable/ic_static_password_shortcut" - android:shortcutShortLabel="@string/home_screen_shortcut_open_password_screen" - android:shortcutLongLabel="@string/home_screen_shortcut_open_password_screen"> - <intent - android:action="org.mozilla.fenix.OPEN_PASSWORD_MANAGER" - android:targetPackage="org.mozilla.fenix" - android:targetClass="org.mozilla.fenix.IntentReceiverActivity" /> - </shortcut> - <shortcut - android:shortcutId="open_new_tab" - android:enabled="true" - android:icon="@drawable/ic_static_shortcut_tab" - android:shortcutShortLabel="@string/home_screen_shortcut_open_new_tab_2" - android:shortcutLongLabel="@string/home_screen_shortcut_open_new_tab_2"> - <intent - android:action="org.mozilla.fenix.OPEN_TAB" - android:targetPackage="org.torproject.torbrowser_dev" - android:targetClass="org.mozilla.fenix.IntentReceiverActivity" /> - </shortcut> + + + + + + + + + + + + + + + + + + + + + + <shortcut android:shortcutId="open_new_private_tab" android:enabled="true" ===================================== fenix/app/src/nightly/res/xml/shortcuts.xml ===================================== @@ -4,28 +4,28 @@ - file, You can obtain one at http://mozilla.org/MPL/2.0/. --> <shortcuts xmlns:android="http://schemas.android.com/apk/res/android"> - <shortcut - android:shortcutId="password_manager" - android:enabled="true" - android:icon="@drawable/ic_static_password_shortcut" - android:shortcutShortLabel="@string/home_screen_shortcut_open_password_screen" - android:shortcutLongLabel="@string/home_screen_shortcut_open_password_screen"> - <intent - android:action="org.mozilla.fenix.OPEN_PASSWORD_MANAGER" - android:targetPackage="org.mozilla.fenix" - android:targetClass="org.mozilla.fenix.IntentReceiverActivity" /> - </shortcut> - <shortcut - android:shortcutId="open_new_tab" - android:enabled="true" - android:icon="@drawable/ic_static_shortcut_tab" - android:shortcutShortLabel="@string/home_screen_shortcut_open_new_tab_2" - android:shortcutLongLabel="@string/home_screen_shortcut_open_new_tab_2"> - <intent - android:action="org.mozilla.fenix.OPEN_TAB" - android:targetPackage="org.torproject.torbrowser_nightly" - android:targetClass="org.mozilla.fenix.IntentReceiverActivity" /> - </shortcut> + + + + + + + + + + + + + + + + + + + + + + <shortcut android:shortcutId="open_new_private_tab" android:enabled="true" @@ -37,4 +37,4 @@ android:targetPackage="org.torproject.torbrowser_nightly" android:targetClass="org.mozilla.fenix.IntentReceiverActivity" /> </shortcut> -</shortcuts> \ No newline at end of file +</shortcuts> ===================================== fenix/app/src/release/res/xml/shortcuts.xml ===================================== @@ -3,28 +3,28 @@ - License, v. 2.0. If a copy of the MPL was not distributed with this - file, You can obtain one at http://mozilla.org/MPL/2.0/. --> <shortcuts xmlns:android="http://schemas.android.com/apk/res/android"> - <shortcut - android:shortcutId="password_manager" - android:enabled="true" - android:icon="@drawable/ic_static_password_shortcut" - android:shortcutShortLabel="@string/home_screen_shortcut_open_password_screen" - android:shortcutLongLabel="@string/home_screen_shortcut_open_password_screen"> - <intent - android:action="org.mozilla.fenix.OPEN_PASSWORD_MANAGER" - android:targetPackage="org.mozilla.firefox" - android:targetClass="org.mozilla.fenix.IntentReceiverActivity" /> - </shortcut> - <shortcut - android:shortcutId="open_new_tab" - android:enabled="true" - android:icon="@drawable/ic_static_shortcut_tab" - android:shortcutShortLabel="@string/home_screen_shortcut_open_new_tab_2" - android:shortcutLongLabel="@string/home_screen_shortcut_open_new_tab_2"> - <intent - android:action="org.mozilla.fenix.OPEN_TAB" - android:targetPackage="org.torproject.torbrowser" - android:targetClass="org.mozilla.fenix.IntentReceiverActivity" /> - </shortcut> + + + + + + + + + + + + + + + + + + + + + + <shortcut android:shortcutId="open_new_private_tab" android:enabled="true" View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/c5b… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/c5b… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.3.0esr-13.0-1] fixup! Bug 2176: Rebrand Firefox to TorBrowser
by Pier Angelo Vendrame (＠pierov) 28 Sep '23

28 Sep '23

Pier Angelo Vendrame pushed to branch tor-browser-115.3.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: ba5e4b14 by Henry Wilkes at 2023-09-28T17:20:49+01:00 fixup! Bug 2176: Rebrand Firefox to TorBrowser Bug 41910: Restore tor browser help link in about:preferences. - - - - - 1 changed file: - toolkit/content/widgets/moz-support-link/moz-support-link.mjs Changes: ===================================== toolkit/content/widgets/moz-support-link/moz-support-link.mjs ===================================== @@ -103,6 +103,19 @@ export default class MozSupportLink extends HTMLAnchorElement { #setHref() { let supportPage = this.getAttribute("support-page") ?? ""; + // For tor-browser we sometimes want to override firefox support links with + // our own. + // See tor-browser#40899. + switch (supportPage) { + case "preferences": + // Shown twice in preferences, both as `{ -brand-short-name } Support`. + // Instead of directing to support for preferences, we link to general + // tor browser support. + // See tor-browser#32092. + this.href = "https://support.torproject.org/tbb" + return; + // Fall through to support.mozilla.org + } let base = MozSupportLink.SUPPORT_URL + supportPage; this.href = this.hasAttribute("utm-content") ? formatUTMParams(this.getAttribute("utm-content"), base) View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/ba5e4b1… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/ba5e4b1… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.3.0esr-13.0-1] 2 commits: fixup! Bug 41995: Generated headers on Windows are not reproducible
by richard (＠richard) 28 Sep '23

28 Sep '23

richard pushed to branch tor-browser-115.3.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: 3b4f838b by Pier Angelo Vendrame at 2023-09-28T16:00:59+00:00 fixup! Bug 41995: Generated headers on Windows are not reproducible Revert "Bug 41995: Generated headers on Windows are not reproducible" This reverts commit 1f45f64ee2fb53129a06984f3b9fb36ef3b64645. - - - - - cea59f54 by Pier Angelo Vendrame at 2023-09-28T16:00:59+00:00 Bug 1854117 - Sort the DLL blocklist flags. r=mossop,win-reviewers,gstoll Differential Revision: https://phabricator.services.mozilla.com/D188716 - - - - - 0 changed files: Changes: View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/eb0fd6… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/eb0fd6… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-102.15.1esr-12.5-1] 2 commits: Bug 1847180. a=RyanVM
by Pier Angelo Vendrame (＠pierov) 28 Sep '23

28 Sep '23

Pier Angelo Vendrame pushed to branch base-browser-102.15.1esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: 1183dcd0 by Marco Bonardo at 2023-09-28T16:46:19+02:00 Bug 1847180. a=RyanVM Original Revision: https://phabricator.services.mozilla.com/D188240 Differential Revision: https://phabricator.services.mozilla.com/D188568 - - - - - e98eeaff by Ryan VanderMeulen at 2023-09-28T16:46:22+02:00 Bug 1855550 - VP8: disallow thread count changes. r=jesup, a=dsmith Cherry-pick of upstream libvpx commits: https://chromium.googlesource.com/webm/libvpx/+/af6dedd715f4307669366944cca… https://chromium.googlesource.com/webm/libvpx/+/3fbd1dca6a4d2dad332a2110d64… Differential Revision: https://phabricator.services.mozilla.com/D189428 - - - - - 5 changed files: - media/libvpx/libvpx/vp8/encoder/onyx_if.c - toolkit/components/reputationservice/ApplicationReputation.cpp - toolkit/components/reputationservice/test/gtest/TestExecutableLists.cpp - xpcom/io/nsLocalFileCommon.cpp - xpcom/io/nsLocalFileCommon.h Changes: ===================================== media/libvpx/libvpx/vp8/encoder/onyx_if.c ===================================== @@ -1445,6 +1445,12 @@ void vp8_change_config(VP8_COMP *cpi, VP8_CONFIG *oxcf) { last_h = cpi->oxcf.Height; prev_number_of_layers = cpi->oxcf.number_of_layers; + if (cpi->initial_width) { + // TODO(https://crbug.com/1486441): Allow changing thread counts; the + // allocation is done once in vp8_create_compressor(). + oxcf->multi_threaded = cpi->oxcf.multi_threaded; + } + cpi->oxcf = *oxcf; switch (cpi->oxcf.Mode) { ===================================== toolkit/components/reputationservice/ApplicationReputation.cpp ===================================== @@ -181,6 +181,8 @@ const char* const ApplicationReputationService::kBinaryFileExtensions[] = { ".applescript", //".application", exec // MS ClickOnce //".appref-ms", exec // MS ClickOnce + //".appx", exec + //".appxbundle", exec //".arc", //".arj", ".as", // Mac archive @@ -331,6 +333,8 @@ const char* const ApplicationReputationService::kBinaryFileExtensions[] = { //".msh2xml", exec // Windows shell //".mshxml", exec // Windows //".msi", exec // Windows installer + //".msix", exec // Windows installer + //".msixbundle", exec // Windows installer //".msp", exec // Windows installer //".mst", exec // Windows installer ".ndif", // Mac disk image ===================================== toolkit/components/reputationservice/test/gtest/TestExecutableLists.cpp ===================================== @@ -24,6 +24,8 @@ static const char* const kTestFileExtensions[] = { ".applescript", ".application", // MS ClickOnce ".appref-ms", // MS ClickOnce + ".appx", + ".appxbundle", ".as", // Mac archive ".asp", // Windows Server script ".asx", // Windows Media Player @@ -151,6 +153,8 @@ static const char* const kTestFileExtensions[] = { ".msh2xml", // Windows shell ".mshxml", // Windows ".msi", // Windows installer + ".msix", // Windows installer + ".msixbundle", // Windows installer ".msp", // Windows installer ".mst", // Windows installer ".ndif", // Mac disk image ===================================== xpcom/io/nsLocalFileCommon.cpp ===================================== @@ -40,6 +40,8 @@ const char* const sExecutableExts[] = { ".app", // executable application ".application", // from bug 348763 ".appref-ms", // ClickOnce link + ".appx", + ".appxbundle", ".asp", ".atloc", // Appletalk Location ".bas", @@ -91,6 +93,8 @@ const char* const sExecutableExts[] = { ".msh2xml", // Microsoft Shell ".mshxml", // Microsoft Shell ".msi", + ".msix", + ".msixbundle", ".msp", ".mst", ".ops", // Office Profile Settings ===================================== xpcom/io/nsLocalFileCommon.h ===================================== @@ -7,6 +7,6 @@ #ifndef _NS_LOCAL_FILE_COMMON_H_ #define _NS_LOCAL_FILE_COMMON_H_ -extern const char* const sExecutableExts[103]; +extern const char* const sExecutableExts[107]; #endif View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/8461a8… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/8461a8… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-102.15.1esr-12.5-1-build3
by Pier Angelo Vendrame (＠pierov) 28 Sep '23

28 Sep '23

Pier Angelo Vendrame pushed new tag tor-browser-102.15.1esr-12.5-1-build3 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.15.1esr-12.5-1] 2 commits: Bug 1847180. a=RyanVM
by Pier Angelo Vendrame (＠pierov) 28 Sep '23

28 Sep '23

Pier Angelo Vendrame pushed to branch tor-browser-102.15.1esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: c9f778f9 by Marco Bonardo at 2023-09-28T11:12:19+02:00 Bug 1847180. a=RyanVM Original Revision: https://phabricator.services.mozilla.com/D188240 Differential Revision: https://phabricator.services.mozilla.com/D188568 - - - - - 1390a230 by Ryan VanderMeulen at 2023-09-28T11:14:27+02:00 Bug 1855550 - VP8: disallow thread count changes. r=jesup, a=dsmith Cherry-pick of upstream libvpx commits: https://chromium.googlesource.com/webm/libvpx/+/af6dedd715f4307669366944cca… https://chromium.googlesource.com/webm/libvpx/+/3fbd1dca6a4d2dad332a2110d64… Differential Revision: https://phabricator.services.mozilla.com/D189428 - - - - - 5 changed files: - media/libvpx/libvpx/vp8/encoder/onyx_if.c - toolkit/components/reputationservice/ApplicationReputation.cpp - toolkit/components/reputationservice/test/gtest/TestExecutableLists.cpp - xpcom/io/nsLocalFileCommon.cpp - xpcom/io/nsLocalFileCommon.h Changes: ===================================== media/libvpx/libvpx/vp8/encoder/onyx_if.c ===================================== @@ -1445,6 +1445,12 @@ void vp8_change_config(VP8_COMP *cpi, VP8_CONFIG *oxcf) { last_h = cpi->oxcf.Height; prev_number_of_layers = cpi->oxcf.number_of_layers; + if (cpi->initial_width) { + // TODO(https://crbug.com/1486441): Allow changing thread counts; the + // allocation is done once in vp8_create_compressor(). + oxcf->multi_threaded = cpi->oxcf.multi_threaded; + } + cpi->oxcf = *oxcf; switch (cpi->oxcf.Mode) { ===================================== toolkit/components/reputationservice/ApplicationReputation.cpp ===================================== @@ -181,6 +181,8 @@ const char* const ApplicationReputationService::kBinaryFileExtensions[] = { ".applescript", //".application", exec // MS ClickOnce //".appref-ms", exec // MS ClickOnce + //".appx", exec + //".appxbundle", exec //".arc", //".arj", ".as", // Mac archive @@ -331,6 +333,8 @@ const char* const ApplicationReputationService::kBinaryFileExtensions[] = { //".msh2xml", exec // Windows shell //".mshxml", exec // Windows //".msi", exec // Windows installer + //".msix", exec // Windows installer + //".msixbundle", exec // Windows installer //".msp", exec // Windows installer //".mst", exec // Windows installer ".ndif", // Mac disk image ===================================== toolkit/components/reputationservice/test/gtest/TestExecutableLists.cpp ===================================== @@ -24,6 +24,8 @@ static const char* const kTestFileExtensions[] = { ".applescript", ".application", // MS ClickOnce ".appref-ms", // MS ClickOnce + ".appx", + ".appxbundle", ".as", // Mac archive ".asp", // Windows Server script ".asx", // Windows Media Player @@ -151,6 +153,8 @@ static const char* const kTestFileExtensions[] = { ".msh2xml", // Windows shell ".mshxml", // Windows ".msi", // Windows installer + ".msix", // Windows installer + ".msixbundle", // Windows installer ".msp", // Windows installer ".mst", // Windows installer ".ndif", // Mac disk image ===================================== xpcom/io/nsLocalFileCommon.cpp ===================================== @@ -40,6 +40,8 @@ const char* const sExecutableExts[] = { ".app", // executable application ".application", // from bug 348763 ".appref-ms", // ClickOnce link + ".appx", + ".appxbundle", ".asp", ".atloc", // Appletalk Location ".bas", @@ -91,6 +93,8 @@ const char* const sExecutableExts[] = { ".msh2xml", // Microsoft Shell ".mshxml", // Microsoft Shell ".msi", + ".msix", + ".msixbundle", ".msp", ".mst", ".ops", // Office Profile Settings ===================================== xpcom/io/nsLocalFileCommon.h ===================================== @@ -7,6 +7,6 @@ #ifndef _NS_LOCAL_FILE_COMMON_H_ #define _NS_LOCAL_FILE_COMMON_H_ -extern const char* const sExecutableExts[103]; +extern const char* const sExecutableExts[107]; #endif View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/d1b5a5… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/d1b5a5… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.3.0esr-13.0-1] fixup! Bug 41803: Add some developer tools for working on tor-browser.
by Pier Angelo Vendrame (＠pierov) 28 Sep '23

28 Sep '23

Pier Angelo Vendrame pushed to branch tor-browser-115.3.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: eb0fd6e1 by Henry Wilkes at 2023-09-28T11:37:57+00:00 fixup! Bug 41803: Add some developer tools for working on tor-browser. Bug 42130: Add support for specifying the branch for moving commits to a new default branch. We rename "rebase-on-default" to "move-to-default". Instead of rebasing (which requires checking out the branch, which can trigger a clobber build) we instead create a new branch with the same name, and renaming the old branch. Then we cherry-pick the commits into the new branch. Also rename "show-upstream-commit" to "show-upstream-basis-commit". When checking for the basis commit, we make sure that the upstream branch shares the same FIREFOX base. If a branch was moved onto a tor-browser branch that does not match its "upstream tracking branch", then this should throw. E.g. a branch was tracking origin/tor-browser-115.2.1esr-13.0.1 but was rebased onto origin/tor-browser-115.3.0esr-13.0.1 without changing the tracking branch. - - - - - 1 changed file: - tools/torbrowser/tb-dev Changes: ===================================== tools/torbrowser/tb-dev ===================================== @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/env python3 # PYTHON_ARGCOMPLETE_OK """ Useful tools for working on tor-browser repository. @@ -148,12 +148,28 @@ def get_firefox_ref(search_from): return get_nearest_ref("tag", "FIREFOX_", search_from) -def get_upstream_commit(search_from): +def get_upstream_tracking_branch(search_from): + return git_get(["rev-parse", "--abbrev-ref", f"{search_from}@{{upstream}}"])[0] + + +def get_upstream_basis_commit(search_from): """ Get the first common ancestor of search_from that is also in its upstream branch. """ - return git_get(["merge-base", search_from, f"{search_from}@{{upstream}}"])[0] + upstream_branch = get_upstream_tracking_branch(search_from) + commit = git_get(["merge-base", search_from, upstream_branch])[0] + # Verify that the upstream commit shares the same firefox basis. Otherwise, + # this would indicate that the upstream is on an early or later FIREFOX + # base. + upstream_firefox = get_firefox_ref(upstream_branch).commit + search_firefox = get_firefox_ref(search_from).commit + if upstream_firefox != search_firefox: + raise Exception( + f"Upstream of {search_from} has a different FIREFOX base. " + "You might want to set the upstream tracking branch to a new value." + ) + return commit def get_changed_files(from_commit, staged=False): @@ -239,11 +255,11 @@ def show_firefox_commit(_args): print(ref.commit) -def show_upstream_commit(_args): +def show_upstream_basis_commit(_args): """ Print the last upstream commit for the current HEAD. """ - print(get_upstream_commit("HEAD")) + print(get_upstream_basis_commit("HEAD")) def show_log(args): @@ -278,7 +294,7 @@ def show_changed_files(_args): """ List all the files that have been modified relative to upstream. """ - for filename in get_changed_files(get_upstream_commit("HEAD")): + for filename in get_changed_files(get_upstream_basis_commit("HEAD")): print(filename) @@ -289,7 +305,7 @@ def lint_changed_files(args): os.chdir(get_local_root()) file_list = [ f - for f in get_changed_files(get_upstream_commit("HEAD")) + for f in get_changed_files(get_upstream_basis_commit("HEAD")) if os.path.isfile(f) # Not deleted ] command_base = ["./mach", "lint"] @@ -495,25 +511,49 @@ def branch_from_default(args): git_run(["switch", "--create", args.branchname, "--track", default_branch]) -def rebase_on_default(_args): +def move_to_default(args): """ - Fetch the default gitlab branch from upstream and rebase the current branch - on top. + Fetch the default gitlab branch from upstream and move the specified + branch's commits on top. A new branch will be created tracking the default + branch, and the old branch will be renamed with a suffix for the old + tracking branch. This method will switch to the new branch, but will avoid + switching to the old branch to prevent triggering a CLOBBER build. """ - try: - branch_name = git_get(["branch", "--show-current"])[0] - except IndexError: - raise Exception("No current branch") + branch_name = args.branch + if branch_name is None: + # Use current branch as default. + try: + branch_name = git_get(["branch", "--show-current"])[0] + except IndexError: + raise Exception("No current branch") - current_upstream = get_upstream_commit("HEAD") + current_upstream_branch = get_upstream_tracking_branch(branch_name) default_branch = get_gitlab_default() git_run(["fetch"], get_upstream_name()) - # We set the new upstream before the rebase in case there are conflicts. - git_run(["branch", f"--set-upstream-to={default_branch}"]) - git_run( - ["rebase", "--onto", default_branch, current_upstream, branch_name], check=False - ) + + if current_upstream_branch == default_branch: + print(f"{branch_name} is already set to track the default branch {default_branch}.") + return + + # We want to avoid checking out the old branch because this can cause + # mozilla ./mach to do a CLOBBER build. + # Instead we create a new branch with the same name and cherry pick. + current_basis = get_upstream_basis_commit(branch_name) + old_branch_name = branch_name + "-" + get_firefox_ref(branch_name).name + + print(f"Moving old branch {branch_name} to {old_branch_name}") + git_run(["branch", "-m", branch_name, old_branch_name]) + + try: + git_run(["switch", "--create", branch_name, "--track", default_branch]) + except subprocess.CalledProcessError as err: + print(f"Moving {old_branch_name} back to {branch_name}") + git_run(["branch", "-m", old_branch_name, branch_name]) + raise err + + # Set check to False since cherry-pick might fail due to a merge conflict. + git_run(["cherry-pick", f"{current_basis}..{old_branch_name}"], check=False) def show_range_diff(args): @@ -608,8 +648,8 @@ parser = argparse.ArgumentParser() subparsers = parser.add_subparsers(required=True) for name, details in { - "show-upstream-commit": { - "func": show_upstream_commit, + "show-upstream-basis-commit": { + "func": show_upstream_basis_commit, }, "changed-files": { "func": show_changed_files, @@ -641,8 +681,16 @@ for name, details in { }, }, }, - "rebase-on-default": { - "func": rebase_on_default, + "move-to-default": { + "func": move_to_default, + "args": { + "branch": { + "help": "the branch to move, else uses the current branch", + "metavar": "<branch>", + "nargs": "?", + "completer": branch_complete, + }, + }, }, "show-firefox-commit": { "func": show_firefox_commit, View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/eb0fd6e… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/eb0fd6e… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-spec][main] Bug 40060: FF113 Audit
by richard (＠richard) 27 Sep '23

27 Sep '23

richard pushed to branch main at The Tor Project / Applications / tor-browser-spec Commits: 962190ab by Richard Pospesel at 2023-09-27T22:41:39+00:00 Bug 40060: FF113 Audit - - - - - 1 changed file: - + audits/FF113_AUDIT Changes: ===================================== audits/FF113_AUDIT ===================================== @@ -0,0 +1,73 @@ +# General + +The audit begins at the commit hash where the previous audit ended. Use code_audit.sh for creating the diff and highlighting potentially problematic code. The audit is scoped to a specific language (currently C/C++, Rust, Java/Kotlin, and Javascript). + +The output includes the entire patch where the new problematic code was introduced. Search for `XXX MATCH XXX` to find the next potential violation. + +`code_audit.sh` contains the list of known problematic APIs. New usage of these functions are documented and analyzed in this audit. + +## Firefox: https://github.com/mozilla/gecko-dev.git + +- Start: `8307d3d3e4bfbca09aaa17e444f106e1e1d91b65` ( `FIREFOX_112_0_2_RELEASE` ) +- End: `8a724297d78ba792067a7e4d17d170c6b3af796e` ( `FIREFOX_113_0_2_RELEASE` ) + +### Languages: +- [x] java +- [x] cpp +- [x] js +- [x] rust + +Nothing of interest (using `code_audit.sh`) + +--- + +## Application Services: https://github.com/mozilla/application-services.git + +- Start: `48916bbaf585f89fdff3404d181b260ed981a2d6` ( `v97.5.0` ) +- End: `e3db1107890d3fe69122d4d78ae04c857329b0ea` ( `v114.1` ) + +### Languages: +- [x] java +- [x] cpp +- [x] js +- [x] rust + +Nothing of interest (using `code_audit.sh`) + +## Firefox Android: https://github.com/mozilla-mobile/firefox-android.git + +- Start: `32bb398127bacccb268a272091d2e62b8d72d6b9` +- End: `9d87757910437e94a860e1d6f2577d5648ded966` + +### Languages: +- [x] java +- [x] cpp +- [x] js +- [x] rust + +#### Problematic Commits + +- Bug 1822268 - Part 1: Add juno onboarding fragment `536df038039d256cd41ecad41df97b1b3da1a2e4` +- Bug 1821726 - Part 2: Add juno onboarding telemetry `db4bc04177766a241f1e36621c1d8c480aab568d` +- Bug 1822750 - Add option to open default browser help page in custom tab `a488c06ae9ff9d060517da08e2a2db94465dc871` + - **RESOLUTION** All three of these are part of the Firefox onboarding which we have disabled entirely! + +## Ticket Review ## + +Bugzilla Query: `https://bugzilla.mozilla.org/buglist.cgi?query_format=advanced&resolution=FIXED&target_milestone=113%20Branch&order=priority%2Cbug_severity&limit=0` + +Nothing of interest (manual inspection) + +#### Problematic Tickets + +- **Allow users to submit site support requests in Fenix** https://bugzilla.mozilla.org/show_bug.cgi?id=1805450 + - https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42007 + - **RESOLUTION** disabled +- **Copying images from Pixiv and pasting them in certain programs is broken** https://bugzilla.mozilla.org/show_bug.cgi?id=1808146 + - https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42008 + - **RESOLUTION** verified the web request happens in Firefox not the destination app +- **Enable overscroll on Windows on all channels** https://bugzilla.mozilla.org/show_bug.cgi?id=1810641 + - https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42010 + - **RESOLUTION** nothing to do here until we enable touch events (disabled for now) +## Export +- [ ] Export Report and save to `tor-browser-spec/audits` \ No newline at end of file View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-spec/-/commit/96… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-spec/-/commit/96… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-spec][main] Bug 40058: FF111 Audit
by richard (＠richard) 27 Sep '23

27 Sep '23

richard pushed to branch main at The Tor Project / Applications / tor-browser-spec Commits: b9a30372 by Richard Pospesel at 2023-09-27T22:22:43+00:00 Bug 40058: FF111 Audit - - - - - 1 changed file: - + audits/FF111_AUDIT Changes: ===================================== audits/FF111_AUDIT ===================================== @@ -0,0 +1,85 @@ +# General + +The audit begins at the commit hash where the previous audit ended. Use code_audit.sh for creating the diff and highlighting potentially problematic code. The audit is scoped to a specific language (currently C/C++, Rust, Java/Kotlin, and Javascript). + +The output includes the entire patch where the new problematic code was introduced. Search for `XXX MATCH XXX` to find the next potential violation. + +`code_audit.sh` contains the list of known problematic APIs. New usage of these functions are documented and analyzed in this audit. + +## Firefox: https://github.com/mozilla/gecko-dev.git + +- Start: `250178df19caa1fb25bfa0e35728426cfbde95f8` ( `FIREFOX_110_0_1_RELEASE` ) +- End: `431cede9cc9472bb648f5dfe24c54d0067c290e4` ( `FIREFOX_111_0_1_RELEASE` ) + +### Languages: +- [x] java +- [x] cpp +- [x] js +- [x] rust + +Nothing of interest (using `code_audit.sh`) + +--- + +## Application Services: https://github.com/mozilla/application-services.git + +- Start: `5755d9ce30ef10248eb55c4b39a522a118ce7d95` ( `v97.1.0` ) +- End: `9657aebb7450c5b58e8b9a88bec12bd5e9e0f700` ( `v97.2.0` ) + +### Languages: +- [x] java +- [x] cpp +- [x] js +- [x] rust + +Nothing of interest (using `code_audit.sh`) + +## Firefox Android: https://github.com/mozilla-mobile/firefox-android.git + +- Start: `bc529747751ab545dba0a90a339f11382d742c97` +- End: `6b0f9fdb3f603974914de82185cd184065b2ebee` + +### Languages: +- [x] java +- [x] cpp +- [x] js +- [x] rust + +#### Problematic Commits + +- Bug 1811531 - Add 'site' query parameter to Pocket sponsored stories request + `2dfe183ed96720b843f872fdf51fe206ed9a311c` + - https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41990 + - **RESOLUTION** pocket not available in PBM which we lock+enforce +- Bug 1812518 - Allow a custom View for 3rd party downloads `174237dcbb6d8c631f5834ecbc7875d670bb6d8d` + - https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41991 + - **RESOLUTION** feature disabled + +## Fenix: https://github.com/mozilla-mobile/fenix.git + +- Start: `69e08e3ffbf4b9f5a2ffec99b238fa0c5da1d315` +- End: `8571b648efc860bd2511183540b792e10c6cc0f4` + +### Languages: +- [x] java +- [x] cpp +- [x] js +- [x] rust + +#### Problematic Commits + +- Bug 1815623 - Add telemetry for sharing to an app from the share sheet + `4e5d9b323b465a73d24f8ee91a8b55df10545c36` + +## Ticket Review ## + +Bugzilla Query: `https://bugzilla.mozilla.org/buglist.cgi?query_format=advanced&resolution=FIXED&target_milestone=111%20Branch&order=priority%2Cbug_severity&limit=0` + +#### Problematic Tickets + +- **Add API for saving a PDF** https://bugzilla.mozilla.org/show_bug.cgi?id=1810761 + - https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41993 + - **RESOLUTION** just enabling download byte-per-byte and viewing of PDF in browser, no extra meta data or conversion happens + +## Export +- [x] Export Report and save to `tor-browser-spec/audits` \ No newline at end of file View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-spec/-/commit/b9… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-spec/-/commit/b9… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-spec][main] Bug 40057: FF110 Audit
by richard (＠richard) 27 Sep '23

27 Sep '23

richard pushed to branch main at The Tor Project / Applications / tor-browser-spec Commits: 347fe297 by Richard Pospesel at 2023-09-27T22:16:56+00:00 Bug 40057: FF110 Audit - - - - - 1 changed file: - + audits/FF110_AUDIT Changes: ===================================== audits/FF110_AUDIT ===================================== @@ -0,0 +1,82 @@ +# General + +The audit begins at the commit hash where the previous audit ended. Use code_audit.sh for creating the diff and highlighting potentially problematic code. The audit is scoped to a specific language (currently C/C++, Rust, Java/Kotlin, and Javascript). + +The output includes the entire patch where the new problematic code was introduced. Search for `XXX MATCH XXX` to find the next potential violation. + +`code_audit.sh` contains the list of known problematic APIs. New usage of these functions are documented and analyzed in this audit. + +## Firefox: https://github.com/mozilla/gecko-dev.git + +- Start: `b89c6dedbd57992efe751d1b585116f2eaa34481` ( `FIREFOX_109_0_1_RELEASE` ) +- End: `250178df19caa1fb25bfa0e35728426cfbde95f8` ( `FIREFOX_110_0_1_RELEASE` ) + +### Languages: +- [x] java +- [x] cpp +- [x] js +- [x] rust + +Nothing of interest (using `code_audit.sh`) + +--- + +## Application Services: https://github.com/mozilla/application-services.git + +- Start: `102fa0de36a21b1b2f561ba6de557e20d05b7380` ( `v96.3.0` ) +- End: `5755d9ce30ef10248eb55c4b39a522a118ce7d95` ( `v97.1.0` ) + +### Languages: +- [x] java +- [x] cpp +- [x] js +- [x] rust + +### Problematic Commits + +- Create shared remote settings client and port Nimbus to it `1d55a254fb6817c538ce19666cc02196c61170e6` + +## Firefox Android: https://github.com/mozilla-mobile/firefox-android.git + +- Start: `a7e03da7c26d76bea2fb9c77efce9d841d81f4e0` +- End: `bc529747751ab545dba0a90a339f11382d742c97` + +### Languages: +- [x] java +- [x] cpp +- [x] js +- [x] rust + +Nothing of interest (using `code_audit.sh`) + +## Fenix: https://github.com/mozilla-mobile/fenix.git + +- Start: `efb2198489bbf27e18e434306183667cf4df0526` ( `v110.0b1` ) +- End: `43c570380c5aa091f361018f038fa37cbfa71662` ( `v110.0.1` ) + +### Languages: +- [x] java +- [x] cpp +- [x] js +- [x] rust + +Nothing of interest (using `code_audit.sh`) + +## Ticket Review ## + +Bugzilla Query: `https://bugzilla.mozilla.org/buglist.cgi?query_format=advanced&resolution=FIXED&target_milestone=$(FIREFOX_VERSION)%20Branch&order=priority%2Cbug_severity&limit=0` + +#### Problematic Tickets + +- **Add about:preferences entry for cookie banner handling** https://bugzilla.mozilla.org/show_bug.cgi?id=1800675 + - https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41981 + - **RESOLUTION** disabling for 13.0 and revisiting for the 13.5 alpha series +- **Add Cocoa platform support for paste files** https://bugzilla.mozilla.org/show_bug.cgi?id=1762392 + - https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41982 + - **RESOLUTION** has to deal with pasting into tor-browser, not exfiltration of data out, so we're good here +- **Create a reusable "support-link" widget** https://bugzilla.mozilla.org/show_bug.cgi?id=1770447 + - https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41983 + - **RESOLUTION** not an issue, just a hint to us for future UX work + +## Export +- [ ] Export Report and save to `tor-browser-spec/audits` \ No newline at end of file View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-spec/-/commit/34… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-spec/-/commit/34… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-spec][main] Bug 40056: FF109 Audit
by richard (＠richard) 27 Sep '23

27 Sep '23

richard pushed to branch main at The Tor Project / Applications / tor-browser-spec Commits: 651d6cff by Richard Pospesel at 2023-09-27T22:13:38+00:00 Bug 40056: FF109 Audit - - - - - 1 changed file: - + audits/FF109_AUDIT Changes: ===================================== audits/FF109_AUDIT ===================================== @@ -0,0 +1,76 @@ +# General + +The audit begins at the commit hash where the previous audit ended. Use code_audit.sh for creating the diff and highlighting potentially problematic code. The audit is scoped to a specific language (currently C/C++, Rust, Java/Kotlin, and Javascript). + +The output includes the entire patch where the new problematic code was introduced. Search for `XXX MATCH XXX` to find the next potential violation. + +`code_audit.sh` contains the list of known problematic APIs. New usage of these functions are documented and analyzed in this audit. + +## Firefox: https://github.com/mozilla/gecko-dev.git + +- Start: `0ae93a27c796bea7836d4b0885c8a1f2c4c18284` ( `FIREFOX_108_0_2_RELEASE` ) +- End: `b89c6dedbd57992efe751d1b585116f2eaa34481` ( `FIREFOX_109_0_1_RELEASE` ) + +### Languages: +- [x] java +- [x] cpp +- [x] js +- [x] rust + +Nothing of interest (using `code_audit.sh`) + +--- + +## Application Services: https://github.com/mozilla/application-services.git + +- Start: `d8b5a386936aa156f4c6d93e6645a6d2188aa788` ( `v96.2.1` ) +- End: `102fa0de36a21b1b2f561ba6de557e20d05b7380` ( `v96.3.0` ) + +### Languages: +- [x] java +- [x] cpp +- [x] js +- [x] rust + +Nothing of interest (using `code_audit.sh`) + +## Firefox Android: https://github.com/mozilla-mobile/firefox-android.git + +- Start: `55d34bf82ad051e25f15c0d1ef5fb8b3a32a7522` +- End: `a7e03da7c26d76bea2fb9c77efce9d841d81f4e0` + +### Languages: +- [x] java +- [x] cpp +- [x] js +- [x] rust + +Nothing of interest (using `code_audit.sh`) + +## Fenix: https://github.com/mozilla-mobile/fenix.git + +- Start: `dc08c68a6cd7932dad599d0713bb3bd3b9f72b57` ( `v109.0b1` ) +- End: `a66807eeb0ff39f96a41a60ac950bd9f31ecf5bd` ( `v109.2.0` ) + +### Languages: +- [x] java +- [x] cpp +- [x] js +- [x] rust + +Nothing of interest (using `code_audit.sh`) + +## Ticket Review ## + +Bugzilla Query: `https://bugzilla.mozilla.org/buglist.cgi?query_format=advanced&resolution=FIXED&target_milestone=109%20Branch&order=priority%2Cbug_severity&limit=0` + +#### Problematic Tickets + +- **Re-enable pingsender2** https://bugzilla.mozilla.org/show_bug.cgi?id=1746983 + - https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41969 + - **RESOLUTION** our existing patches are sufficient to keep pingsender away +- **WebRTC bypasses Network settings & proxy.onRequest** https://bugzilla.mozilla.org/show_bug.cgi?id=1790270 + - https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41970 + - **RESOLUTION** nothing to do here, the upstream bug fix is good for us and fixes some proxy leak +## Export +- [ ] Export Report and save to `tor-browser-spec/audits` \ No newline at end of file View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-spec/-/commit/65… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-spec/-/commit/65… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-115.3.0esr-13.0-1] fixup! Firefox preference overrides.
by richard (＠richard) 27 Sep '23

27 Sep '23

richard pushed to branch base-browser-115.3.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: dee4b1e1 by Pier Angelo Vendrame at 2023-09-27T19:51:01+00:00 fixup! Firefox preference overrides. Bug 41496: Pref review for 115/13.0 - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -40,6 +40,8 @@ pref("app.update.promptWaitTime", 3600); pref("app.update.staging.enabled", false); #endif +pref("browser.startup.homepage_override.buildID", "20100101"); + // Disable the "Refresh" prompt that is displayed for stale profiles. pref("browser.disableResetPrompt", true); @@ -47,7 +49,6 @@ pref("browser.disableResetPrompt", true); pref("browser.privatebrowsing.autostart", true); pref("browser.cache.disk.enable", false); pref("permissions.memory_only", true); -pref("network.cookie.lifetimePolicy", 2); pref("security.nocertdb", true); pref("media.aboutwebrtc.hist.enabled", false); @@ -66,7 +67,10 @@ pref("browser.download.enable_spam_prevention", true); // Misc privacy: Disk pref("signon.rememberSignons", false); pref("browser.formfill.enable", false); +pref("signon.formlessCapture.enabled", false); // Added with tor-browser#41496 pref("signon.autofillForms", false); +// Do not store extra data (form, scrollbar positions, cookies, POST data) for +// the session restore functionality. pref("browser.sessionstore.privacy_level", 2); // Use the in-memory media cache and increase its maximum size (#29120) pref("browser.privatebrowsing.forceMediaMemoryCache", true); @@ -80,6 +84,8 @@ pref("browser.pagethumbnails.capturing_disabled", true); // Enable HTTPS-Only mode (tor-browser#19850) pref("dom.security.https_only_mode", true); +// The previous pref automatically sets this to true (see StaticPrefList.yaml), +// but set it anyway only as a defense-in-depth. pref("dom.security.https_only_mode_pbm", true); // tor-browser#22320: Hide referer when comming from a .onion address @@ -118,7 +124,8 @@ pref("security.tls.version.enable-deprecated", false, locked); // Misc privacy: Remote pref("browser.send_pings", false); // Space separated list of URLs that are allowed to send objects (instead of -// only strings) through webchannels. +// only strings) through webchannels. The default for Firefox is some Mozilla +// domains. pref("webchannel.allowObject.urlWhitelist", ""); pref("geo.enabled", false); pref("geo.provider.network.url", ""); @@ -127,6 +134,7 @@ pref("geo.provider.use_corelocation", false); pref("geo.provider.use_gpsd", false); pref("geo.provider.use_geoclue", false); pref("browser.search.suggest.enabled", false); +pref("browser.search.suggest.enabled.private", false); pref("browser.urlbar.suggest.searches", false); pref("browser.urlbar.suggest.quicksuggest.nonsponsored", false); pref("browser.urlbar.suggest.quicksuggest.sponsored", false); @@ -143,7 +151,6 @@ pref("browser.safebrowsing.provider.google4.updateURL", ""); pref("browser.safebrowsing.provider.google4.gethashURL", ""); pref("browser.safebrowsing.provider.mozilla.updateURL", ""); pref("browser.safebrowsing.provider.mozilla.gethashURL", ""); -pref("extensions.ui.lastCategory", "addons://list/extension"); pref("datareporting.healthreport.uploadEnabled", false); pref("datareporting.policy.dataSubmissionEnabled", false); // Make sure Unified Telemetry is really disabled, see: #18738. @@ -152,6 +159,9 @@ pref("toolkit.telemetry.unified", false); pref("toolkit.telemetry.enabled", false, locked); pref("toolkit.telemetry.server", "data:,"); pref("toolkit.telemetry.archive.enabled", false); +pref("toolkit.telemetry.newProfilePing.enabled", false); // Added in tor-browser#41496 +pref("toolkit.telemetry.shutdownPingSender.enabled", false); // Added in tor-browser#41496 +pref("toolkit.telemetry.firstShutdownPing.enabled", false); // Added in tor-browser#41496 pref("toolkit.telemetry.updatePing.enabled", false); // Make sure updater telemetry is disabled; see #25909. pref("toolkit.telemetry.bhrPing.enabled", false); pref("toolkit.telemetry.coverage.opt-out", true); @@ -160,6 +170,11 @@ pref("toolkit.coverage.endpoint.base", ""); pref("browser.ping-centre.telemetry", false); pref("browser.tabs.crashReporting.sendReport", false); pref("browser.crashReports.unsubmittedCheck.autoSubmit2", false); +// Added in tor-browser#41496 even though false by default +pref("browser.crashReports.unsubmittedCheck.enabled", false); +// Added in tor-browser#41496 even though it shuld be already always disabled +// since we disable MOZ_CRASHREPORTER. +pref("breakpad.reportURL", "data:"); #ifdef XP_WIN // Defense-in-depth: ensure that the Windows default browser agent will // not ping Mozilla if it is somehow present (we omit it at build time). @@ -177,10 +192,8 @@ pref("services.sync.engine.passwords", false); pref("services.sync.engine.prefs", false); pref("services.sync.engine.tabs", false); pref("extensions.getAddons.cache.enabled", false); // https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/ -pref("browser.search.region", "US"); // The next two prefs disable GeoIP search lookups (#16254) -pref("browser.search.geoip.url", ""); pref("browser.fixup.alternate.enabled", false); // Bug #16783: Prevent .onion fixups -pref("privacy.donottrackheader.enabled", false); // (privacy-browser#17) +pref("privacy.donottrackheader.enabled", false); // (mullvad-browser#17) // Make sure there is no Tracking Protection active in Tor Browser, see: #17898. pref("privacy.trackingprotection.enabled", false); pref("privacy.trackingprotection.pbmode.enabled", false); @@ -200,15 +213,10 @@ pref("browser.newtabpage.activity-stream.feeds.section.topstories", false); pref("browser.newtabpage.activity-stream.showSponsored", false); pref("browser.newtabpage.activity-stream.showSponsoredTopSites", false); pref("browser.newtabpage.activity-stream.default.sites", ""); +// Activity Stream telemetry pref("browser.newtabpage.activity-stream.feeds.telemetry", false); pref("browser.newtabpage.activity-stream.telemetry", false); -// tor-browser#41945 - disable automatic cookie banners dismissal until -// we're sure it does not causes fingerprinting risks or other issues. -pref("cookiebanners.service.mode", 0); -pref("cookiebanners.service.mode.privateBrowsing", 0); -pref("cookiebanners.ui.desktop.enabled", false); - // tor-browser#40788: disable AS's calls to home. // Notice that null is between quotes because it is a JSON string. // Keep checked firefox.js to see if new entries are added. @@ -221,6 +229,12 @@ pref("browser.newtabpage.activity-stream.asrouter.providers.messaging-experiment // Disable fetching asrouter.ftl and related console errors (tor-browser#40763). pref("browser.newtabpage.activity-stream.asrouter.useRemoteL10n", false); +// tor-browser#41945 - disable automatic cookie banners dismissal until +// we're sure it does not causes fingerprinting risks or other issues. +pref("cookiebanners.service.mode", 0); +pref("cookiebanners.service.mode.privateBrowsing", 0); +pref("cookiebanners.ui.desktop.enabled", false); + // Disable moreFromMozilla pane in the preferences/settings (tor-browser#41292). pref("browser.preferences.moreFromMozilla", false); @@ -228,14 +242,16 @@ pref("browser.preferences.moreFromMozilla", false); pref("extensions.screenshots.disabled", true); pref("extensions.webcompat-reporter.enabled", false); +pref("browser.search.region", "US"); // Disable GeoIP search lookups (#16254) // Disable use of WiFi location information pref("browser.region.network.scan", false); pref("browser.region.network.url", ""); pref("browser.region.local-geocoding", false); -// Bug 40083: Make sure Region.jsm fetching is disabled +// Bug 40083: Make sure Region.sys.mjs fetching is disabled pref("browser.region.update.enabled", false); -// Don't load Mozilla domains in a separate tab process +// Don't load Mozilla domains in a separate privileged tab process +pref("browser.tabs.remote.separatePrivilegedMozillaWebContentProcess", false); pref("browser.tabs.remote.separatedMozillaDomains", ""); // Avoid DNS lookups on search terms @@ -270,12 +286,23 @@ pref("security.pki.crlite_mode", 0); // Disable website password breach alerts pref("signon.management.page.breach-alerts.enabled", false); -// Disable remote "password recipes" +// Disable remote "password recipes". They are a way to improve the UX of the +// password manager by havinc specific heuristics for some sites. +// It needs remote settings and in general we disable the password manager. +// More information about this feature at +// https://bugzilla.mozilla.org/show_bug.cgi?id=1119454 pref("signon.recipes.remoteRecipes.enabled", false); -// Disable ServiceWorkers and push notifications by default +// Disable ServiceWorkers by default. They do not work in PBM in any case. +// See https://bugzilla.mozilla.org/show_bug.cgi?id=1320796 pref("dom.serviceWorkers.enabled", false); +// Push notifications use an online Mozilla service and a persistent ID stored +// in dom.push.userAgentID, so disable them by default. +// See also https://support.mozilla.org/kb/push-notifications-firefox pref("dom.push.enabled", false); +// As a defense in depth measure, also set the push server URL to empty. +// See tor-browser#18801. +pref("dom.push.serverURL", ""); // Fingerprinting // tor-browser#41797: For release builds, lock RFP @@ -292,7 +319,6 @@ pref("privacy.resistFingerprinting", true); pref("webgl.disable-fail-if-major-performance-caveat", true); // tor-browser#16404: disable until we investigate it further (#22333) pref("webgl.enable-webgl2", false); -pref("browser.startup.homepage_override.buildID", "20100101"); pref("browser.link.open_newwindow.restriction", 0); // Bug 9881: Open popups in new tabs (to avoid fullscreen popups) // Prevent scripts from moving and resizing open windows pref("dom.disable_window_move_resize", true); @@ -307,7 +333,9 @@ pref("dom.webmidi.enabled", false); // Bug 41398: Disable Web MIDI API // randomized IDs when this pref is true). // Defense-in-depth (already the default value) from Firefox 119 or 120. pref("media.devices.enumerate.legacy.enabled", false); -pref("dom.w3c_touch_events.enabled", 0); // Bug 10286: Always disable Touch API +// Bug 10286: Always disable Touch API. +// We might need to deepen this topic, see tor-browser#42069. +pref("dom.w3c_touch_events.enabled", 0); pref("dom.vr.enabled", false); // Bug 21607: Disable WebVR for now pref("security.webauth.webauthn", false); // Bug 26614: Disable Web Authentication API for now // Disable SAB, no matter if the sites are cross-origin isolated. @@ -350,6 +378,7 @@ pref("javascript.options.spectre.disable_for_isolated_content", false, locked); pref("privacy.firstparty.isolate", true); // Always enforce first party isolation // tor-browser#40123 and #40308: Disable for now until audit pref("privacy.partition.network_state", false); +// Only accept cookies from the originating site (block third party cookies) pref("network.cookie.cookieBehavior", 1); pref("network.cookie.cookieBehavior.pbmode", 1); pref("network.predictor.enabled", false); // Temporarily disabled. See https://bugs.torproject.org/16633 @@ -365,7 +394,9 @@ pref("privacy.purge_trackers.enabled", false); // Do not allow cross-origin sub-resources to open HTTP authentication // credentials dialogs. Hardens against potential credentials phishing. pref("network.auth.subresource-http-auth-allow", 1); -// Disable sending additional analytics to web servers +// Disable sending additional analytics to web servers. +// This disables navigator.sendBeacon, even though this is discouraged by the +// standard: https://w3c.github.io/beacon/#privacy-and-security pref("beacon.enabled", false); pref("network.dns.disablePrefetch", true); @@ -379,13 +410,19 @@ pref("network.protocol-handler.warn-external.mailto", true); pref("network.protocol-handler.warn-external.news", true); pref("network.protocol-handler.warn-external.nntp", true); pref("network.protocol-handler.warn-external.snews", true); +#ifdef XP_WIN + pref("network.protocol-handler.external.ms-windows-store", false); + pref("network.protocol-handler.warn-external.ms-windows-store", true); +#endif pref("network.proxy.allow_bypass", false, locked); // #40682 // Lock to 'true', which is already the firefox default, to prevent users // from making themselves fingerprintable by disabling. This pref // alters content load order in a page. See tor-browser#24686 pref("network.http.tailing.enabled", true, locked); -// Make sure the varoius http2 settings, buffer sizes, timings, etc are locked to firefox defaults to minimize network performance fingerprinting. See https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/27128 +// Make sure the varoius http2 settings, buffer sizes, timings, etc are locked +// to firefox defaults to minimize network performance fingerprinting. +// See https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/27128 pref("network.http.http2.enabled", true, locked); pref("network.http.http2.enabled.deps", true, locked); pref("network.http.http2.enforce-tls-profile", true, locked); @@ -395,13 +432,13 @@ pref("network.http.http2.coalesce-hostnames", true, locked); pref("network.http.http2.persistent-settings", false, locked); pref("network.http.http2.ping-threshold", 58, locked); pref("network.http.http2.ping-timeout", 8, locked); -pref("network.http.http2.send-buffer-size", 131072, locked); +pref("network.http.http2.send-buffer-size", 0, locked); pref("network.http.http2.allow-push", true, locked); pref("network.http.http2.push-allowance", 131072, locked); pref("network.http.http2.pull-allowance", 12582912, locked); pref("network.http.http2.default-concurrent", 100, locked); pref("network.http.http2.default-hpack-buffer", 65536, locked); -pref("network.http.http2.websockets", false, locked); +pref("network.http.http2.websockets", true, locked); pref("network.http.http2.enable-hpack-dump", false, locked); // tor-browser#23044: Make sure we don't have any GIO supported protocols @@ -467,10 +504,6 @@ pref("network.manage-offline-status", false); pref("network.captive-portal-service.enabled", false); pref("network.connectivity-service.enabled", false); pref("captivedetect.canonicalURL", ""); -// As a "defense in depth" measure, configure an empty push server URL (the -// DOM Push features are disabled by default via other prefs). -// See tor-browser#18801. -pref("dom.push.serverURL", ""); #ifdef XP_WIN // tor-browser#41683: Disable the network process on Windows @@ -482,9 +515,7 @@ pref("network.process.enabled", false); // Extension support pref("extensions.autoDisableScopes", 0); -pref("extensions.databaseSchema", 3); pref("extensions.enabledScopes", 5); // AddonManager.SCOPE_PROFILE=1 | AddonManager.SCOPE_APPLICATION=4 -pref("extensions.pendingOperations", false); // We don't know what extensions Mozilla is advertising to our users and we // don't want to have some random Google Analytics script running either on the // about:addons page, see bug 22073, 22900 and 31601. @@ -498,8 +529,8 @@ pref("browser.discovery.enabled", false); pref("extensions.webextensions.restrictedDomains", ""); // Don't give Mozilla-recommended third-party extensions special privileges. pref("extensions.postDownloadThirdPartyPrompt", false); -// tor-browser#41701: Reporting an extension does not work -// disable extension reporting since the request goes to Mozilla and is rejected anyway (HTTP 400) +// tor-browser#41701: Reporting an extension does not work. The request goes to +// Mozilla and is always rejected anyway (HTTP 400). pref("extensions.abuseReport.enabled", false); // We are already providing the languages we support in multi-lingual packages. // Therefore, do not allow download of additional language packs. They are not a @@ -526,10 +557,6 @@ pref("security.certerrors.mitm.priming.enabled", false); // Don't automatically enable enterprise roots, see bug 40166 pref("security.certerrors.mitm.auto_enable_enterprise_roots", false); -// Don't allow any domain overrides access to offscreen rendering, see tor-browser#41135 -pref("gfx.offscreencanvas.domain-enabled", false); -pref("gfx.offscreencanvas.domain-allowlist", ""); - // Disable share menus on Mac and Windows tor-browser#41117 pref("browser.menu.share_url.allow", false, locked); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/dee4b1e… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/dee4b1e… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.3.0esr-13.0-1] 2 commits: fixup! Bug 40933: Add tor-launcher functionality
by richard (＠richard) 27 Sep '23

27 Sep '23

richard pushed to branch tor-browser-115.3.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: 14e1b34c by Pier Angelo Vendrame at 2023-09-27T19:39:39+00:00 fixup! Bug 40933: Add tor-launcher functionality Bug 42131: Check for existing circuits during initialization. - - - - - 4b7f4df4 by Pier Angelo Vendrame at 2023-09-27T19:39:39+00:00 fixup! Bug 40933: Add tor-launcher functionality Bug 42132: Poll for circuit information when we did not collect its data already. - - - - - 2 changed files: - toolkit/components/tor-launcher/TorControlPort.sys.mjs - toolkit/components/tor-launcher/TorProvider.sys.mjs Changes: ===================================== toolkit/components/tor-launcher/TorControlPort.sys.mjs ===================================== @@ -272,6 +272,11 @@ class AsyncSocket { * * @typedef {string} NodeFingerprint */ +/** + * @typedef {object} CircuitInfo + * @property {CircuitID} id + * @property {NodeFingerprint[]} nodes + */ /** * @typedef {object} Bridge * @property {string} transport The transport of the bridge, or vanilla if not @@ -729,12 +734,14 @@ export class TorController { /** * Ask Tor a list of circuits. * - * @returns {string[]} An array with a string for each line + * @returns {CircuitInfo[]} An array with a string for each line */ async getCircuits() { const circuits = await this.#getInfo("circuit-status"); - // TODO: Do more parsing once we move the event parsing to this class! - return circuits.split(/\r?\n/); + return circuits + .split(/\r?\n/) + .map(this.#parseCircBuilt.bind(this)) + .filter(circ => circ); } // Configuration @@ -1022,25 +1029,15 @@ export class TorController { this.#eventHandler.onBootstrapStatus(status); break; case "CIRC": - const builtEvent = - /^(?<ID>[a-zA-Z0-9]{1,16})\sBUILT\s(?<Path>(,?\$([0-9a-fA-F]{40})(?:~[a-zA-Z0-9]{1,19})?)+)/.exec( - data.groups.data - ); + const maybeCircuit = this.#parseCircBuilt(data.groups.data); const closedEvent = /^(?<ID>[a-zA-Z0-9]{1,16})\sCLOSED/.exec( data.groups.data ); - if (builtEvent) { - const fp = /\$([0-9a-fA-F]{40})/g; - const nodes = Array.from(builtEvent.groups.Path.matchAll(fp), g => - g[1].toUpperCase() + if (maybeCircuit) { + this.#eventHandler.onCircuitBuilt( + maybeCircuit.id, + maybeCircuit.nodes ); - // In some cases, we might already receive SOCKS credentials in the - // line. However, this might be a problem with onion services: we get - // also a 4-hop circuit that we likely do not want to show to the - // user, especially because it is used only temporarily, and it would - // need a technical explaination. - // const credentials = this.#parseCredentials(data.groups.data); - this.#eventHandler.onCircuitBuilt(builtEvent.groups.ID, nodes); } else if (closedEvent) { this.#eventHandler.onCircuitClosed(closedEvent.groups.ID); } @@ -1068,7 +1065,7 @@ export class TorController { } } - // Other helpers + // Parsers /** * Parse a bootstrap status line. @@ -1099,15 +1096,32 @@ export class TorController { } /** - * Throw an exception when value is not a string. + * Parse a CIRC BUILT event or a GETINFO circuit-status. * - * @param {any} value The value to check - * @param {string} name The name of the `value` argument + * @param {string} line The line to parse + * @returns {CircuitInfo?} The ID and nodes of the circuit, or null if the + * parsing failed. */ - #expectString(value, name) { - if (typeof value !== "string" && !(value instanceof String)) { - throw new Error(`The ${name} argument is expected to be a string.`); + #parseCircBuilt(line) { + const builtEvent = + /^(?<ID>[a-zA-Z0-9]{1,16})\sBUILT\s(?<Path>(,?\$([0-9a-fA-F]{40})(?:~[a-zA-Z0-9]{1,19})?)+)/.exec( + line + ); + if (!builtEvent) { + return null; } + const fp = /\$([0-9a-fA-F]{40})/g; + const nodes = Array.from(builtEvent.groups.Path.matchAll(fp), g => + g[1].toUpperCase() + ); + // In some cases, we might already receive SOCKS credentials in the + // line. However, this might be a problem with Onion services: we get + // also a 4-hop circuit that we likely do not want to show to the + // user, especially because it is used only temporarily, and it would + // need a technical explaination. + // So we do not try to extract them for now. Otherwise, we could do + // const credentials = this.#parseCredentials(line); + return { id: builtEvent.groups.ID, nodes }; } /** @@ -1146,6 +1160,20 @@ export class TorController { ) ); } + + // Other helpers + + /** + * Throw an exception when value is not a string. + * + * @param {any} value The value to check + * @param {string} name The name of the `value` argument + */ + #expectString(value, name) { + if (typeof value !== "string" && !(value instanceof String)) { + throw new Error(`The ${name} argument is expected to be a string.`); + } + } } /** ===================================== toolkit/components/tor-launcher/TorProvider.sys.mjs ===================================== @@ -137,7 +137,7 @@ export class TorProvider { * built before the new identity but not yet used. If we cleaned the map, we * risked of not having the data about it. * - * @type {Map<CircuitID, NodeFingerprint[]>} + * @type {Map<CircuitID, Promise<NodeFingerprint[]>>} */ #circuits = new Map(); /** @@ -204,6 +204,11 @@ export class TorProvider { logger.debug(`Notifying ${TorProviderTopics.ProcessIsReady}`); Services.obs.notifyObservers(null, TorProviderTopics.ProcessIsReady); + + // If we are using an external Tor daemon, we might need to fetch circuits + // already, in case streams use them. Do not await because we do not want to + // block the intialization on this (it should not fail anyway...). + this.#fetchCircuits(); } /** @@ -799,6 +804,16 @@ export class TorProvider { return crypto.getRandomValues(new Uint8Array(kPasswordLen)); } + /** + * Ask Tor the circuits it already knows to populate our circuit map with the + * circuits that were already open before we started listening for events. + */ + async #fetchCircuits() { + for (const { id, nodes } of await this.#controller.getCircuits()) { + this.onCircuitBuilt(id, nodes); + } + } + // Notification handlers /** @@ -983,18 +998,35 @@ export class TorProvider { * @param {CircuitID} circuitId The ID of the circuit used by the stream * @param {string} username The SOCKS username * @param {string} password The SOCKS password - * @returns */ - onStreamSucceeded(streamId, circuitId, username, password) { + async onStreamSucceeded(streamId, circuitId, username, password) { if (!username || !password) { return; } logger.debug("Stream succeeded event", username, password, circuitId); - const circuit = this.#circuits.get(circuitId); + let circuit = this.#circuits.get(circuitId); if (!circuit) { - logger.error( - "Seen a STREAM SUCCEEDED with an unknown circuit. Not notifying observers." - ); + circuit = new Promise((resolve, reject) => { + this.#controlConnection.getCircuits().then(circuits => { + for (const { id, nodes } of circuits) { + if (id === circuitId) { + resolve(nodes); + return; + } + // Opportunistically collect circuits, since we are iterating them. + this.#circuits.set(id, nodes); + } + logger.error( + `Seen a STREAM SUCCEEDED with circuit ${circuitId}, but Tor did not send information about it.` + ); + reject(); + }); + }); + this.#circuits.set(circuitId, circuit); + } + try { + circuit = await circuit; + } catch { return; } Services.obs.notifyObservers( View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/c97861… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/c97861… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.3.0esr-13.0-1] 2 commits: fixup! Bug 40562: Added Tor Browser preferences to 000-tor-browser.js
by richard (＠richard) 27 Sep '23

27 Sep '23

richard pushed to branch tor-browser-115.3.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: 8085f615 by Pier Angelo Vendrame at 2023-09-27T14:55:14+02:00 fixup! Bug 40562: Added Tor Browser preferences to 000-tor-browser.js Bug 41496: Pref review for 115/13.0 - - - - - c978614e by Pier Angelo Vendrame at 2023-09-27T14:55:16+02:00 fixup! Firefox preference overrides. Bug 41496: Pref review for 115/13.0 - - - - - 2 changed files: - browser/app/profile/000-tor-browser.js - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/000-tor-browser.js ===================================== @@ -41,14 +41,19 @@ pref("dom.security.https_only_mode.upgrade_onion", false); // Bug 40423/41137: Disable http/3 // We should re-enable it as soon as Tor gets UDP support -pref("network.http.http3.enabled", false); +pref("network.http.http3.enable", false); // 0 = do not use a second connection, see all.js and #7656 pref("network.http.connection-retry-timeout", 0); #expand pref("torbrowser.version", __BASE_BROWSER_VERSION_QUOTED__); -// Old torbutton pref +// Tor Browser used to be compatible with non-Tor proxies. This feature is not +// available anymore, but this legacy preference can be still used to disable +// first-party domain circuit isolation. +// In general, it should not be used. This use-case is still supported only for +// sites that break with this isolation (and even in that case, its use should +// be reduced to the strictly required time). pref("extensions.torbutton.use_nontor_proxy", false); // Browser home page: @@ -61,8 +66,6 @@ pref("browser.download.showTorWarning", true); pref("extensions.torbutton.pref_fixup_version", 0); // Formerly tor-launcher defaults -// When presenting the setup wizard, first prompt for locale. -pref("intl.locale.matchOS", true); pref("extensions.torlauncher.start_tor", true); pref("extensions.torlauncher.prompt_at_startup", true); @@ -112,7 +115,7 @@ pref("extensions.torlauncher.bridgedb_reflector", "https://moat.torproject.org.g pref("extensions.torlauncher.moat_service", "https://bridges.torproject.org/moat"); pref("extensions.torlauncher.bridgedb_bridge_type", "obfs4"); -// Recommended default bridge type (can be set per localized bundle). +// Recommended default bridge type. // pref("extensions.torlauncher.default_bridge_recommended_type", "obfs3"); // Default bridges. ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -40,6 +40,8 @@ pref("app.update.promptWaitTime", 3600); pref("app.update.staging.enabled", false); #endif +pref("browser.startup.homepage_override.buildID", "20100101"); + // Disable the "Refresh" prompt that is displayed for stale profiles. pref("browser.disableResetPrompt", true); @@ -47,7 +49,6 @@ pref("browser.disableResetPrompt", true); pref("browser.privatebrowsing.autostart", true); pref("browser.cache.disk.enable", false); pref("permissions.memory_only", true); -pref("network.cookie.lifetimePolicy", 2); pref("security.nocertdb", true); pref("media.aboutwebrtc.hist.enabled", false); @@ -66,7 +67,10 @@ pref("browser.download.enable_spam_prevention", true); // Misc privacy: Disk pref("signon.rememberSignons", false); pref("browser.formfill.enable", false); +pref("signon.formlessCapture.enabled", false); // Added with tor-browser#41496 pref("signon.autofillForms", false); +// Do not store extra data (form, scrollbar positions, cookies, POST data) for +// the session restore functionality. pref("browser.sessionstore.privacy_level", 2); // Use the in-memory media cache and increase its maximum size (#29120) pref("browser.privatebrowsing.forceMediaMemoryCache", true); @@ -80,6 +84,8 @@ pref("browser.pagethumbnails.capturing_disabled", true); // Enable HTTPS-Only mode (tor-browser#19850) pref("dom.security.https_only_mode", true); +// The previous pref automatically sets this to true (see StaticPrefList.yaml), +// but set it anyway only as a defense-in-depth. pref("dom.security.https_only_mode_pbm", true); // tor-browser#22320: Hide referer when comming from a .onion address @@ -118,7 +124,8 @@ pref("security.tls.version.enable-deprecated", false, locked); // Misc privacy: Remote pref("browser.send_pings", false); // Space separated list of URLs that are allowed to send objects (instead of -// only strings) through webchannels. +// only strings) through webchannels. The default for Firefox is some Mozilla +// domains. pref("webchannel.allowObject.urlWhitelist", ""); pref("geo.enabled", false); pref("geo.provider.network.url", ""); @@ -127,6 +134,7 @@ pref("geo.provider.use_corelocation", false); pref("geo.provider.use_gpsd", false); pref("geo.provider.use_geoclue", false); pref("browser.search.suggest.enabled", false); +pref("browser.search.suggest.enabled.private", false); pref("browser.urlbar.suggest.searches", false); pref("browser.urlbar.suggest.quicksuggest.nonsponsored", false); pref("browser.urlbar.suggest.quicksuggest.sponsored", false); @@ -143,7 +151,6 @@ pref("browser.safebrowsing.provider.google4.updateURL", ""); pref("browser.safebrowsing.provider.google4.gethashURL", ""); pref("browser.safebrowsing.provider.mozilla.updateURL", ""); pref("browser.safebrowsing.provider.mozilla.gethashURL", ""); -pref("extensions.ui.lastCategory", "addons://list/extension"); pref("datareporting.healthreport.uploadEnabled", false); pref("datareporting.policy.dataSubmissionEnabled", false); // Make sure Unified Telemetry is really disabled, see: #18738. @@ -152,6 +159,9 @@ pref("toolkit.telemetry.unified", false); pref("toolkit.telemetry.enabled", false, locked); pref("toolkit.telemetry.server", "data:,"); pref("toolkit.telemetry.archive.enabled", false); +pref("toolkit.telemetry.newProfilePing.enabled", false); // Added in tor-browser#41496 +pref("toolkit.telemetry.shutdownPingSender.enabled", false); // Added in tor-browser#41496 +pref("toolkit.telemetry.firstShutdownPing.enabled", false); // Added in tor-browser#41496 pref("toolkit.telemetry.updatePing.enabled", false); // Make sure updater telemetry is disabled; see #25909. pref("toolkit.telemetry.bhrPing.enabled", false); pref("toolkit.telemetry.coverage.opt-out", true); @@ -160,6 +170,11 @@ pref("toolkit.coverage.endpoint.base", ""); pref("browser.ping-centre.telemetry", false); pref("browser.tabs.crashReporting.sendReport", false); pref("browser.crashReports.unsubmittedCheck.autoSubmit2", false); +// Added in tor-browser#41496 even though false by default +pref("browser.crashReports.unsubmittedCheck.enabled", false); +// Added in tor-browser#41496 even though it shuld be already always disabled +// since we disable MOZ_CRASHREPORTER. +pref("breakpad.reportURL", "data:"); #ifdef XP_WIN // Defense-in-depth: ensure that the Windows default browser agent will // not ping Mozilla if it is somehow present (we omit it at build time). @@ -177,10 +192,8 @@ pref("services.sync.engine.passwords", false); pref("services.sync.engine.prefs", false); pref("services.sync.engine.tabs", false); pref("extensions.getAddons.cache.enabled", false); // https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/ -pref("browser.search.region", "US"); // The next two prefs disable GeoIP search lookups (#16254) -pref("browser.search.geoip.url", ""); pref("browser.fixup.alternate.enabled", false); // Bug #16783: Prevent .onion fixups -pref("privacy.donottrackheader.enabled", false); // (privacy-browser#17) +pref("privacy.donottrackheader.enabled", false); // (mullvad-browser#17) // Make sure there is no Tracking Protection active in Tor Browser, see: #17898. pref("privacy.trackingprotection.enabled", false); pref("privacy.trackingprotection.pbmode.enabled", false); @@ -200,15 +213,10 @@ pref("browser.newtabpage.activity-stream.feeds.section.topstories", false); pref("browser.newtabpage.activity-stream.showSponsored", false); pref("browser.newtabpage.activity-stream.showSponsoredTopSites", false); pref("browser.newtabpage.activity-stream.default.sites", ""); +// Activity Stream telemetry pref("browser.newtabpage.activity-stream.feeds.telemetry", false); pref("browser.newtabpage.activity-stream.telemetry", false); -// tor-browser#41945 - disable automatic cookie banners dismissal until -// we're sure it does not causes fingerprinting risks or other issues. -pref("cookiebanners.service.mode", 0); -pref("cookiebanners.service.mode.privateBrowsing", 0); -pref("cookiebanners.ui.desktop.enabled", false); - // tor-browser#40788: disable AS's calls to home. // Notice that null is between quotes because it is a JSON string. // Keep checked firefox.js to see if new entries are added. @@ -221,6 +229,12 @@ pref("browser.newtabpage.activity-stream.asrouter.providers.messaging-experiment // Disable fetching asrouter.ftl and related console errors (tor-browser#40763). pref("browser.newtabpage.activity-stream.asrouter.useRemoteL10n", false); +// tor-browser#41945 - disable automatic cookie banners dismissal until +// we're sure it does not causes fingerprinting risks or other issues. +pref("cookiebanners.service.mode", 0); +pref("cookiebanners.service.mode.privateBrowsing", 0); +pref("cookiebanners.ui.desktop.enabled", false); + // Disable moreFromMozilla pane in the preferences/settings (tor-browser#41292). pref("browser.preferences.moreFromMozilla", false); @@ -228,14 +242,16 @@ pref("browser.preferences.moreFromMozilla", false); pref("extensions.screenshots.disabled", true); pref("extensions.webcompat-reporter.enabled", false); +pref("browser.search.region", "US"); // Disable GeoIP search lookups (#16254) // Disable use of WiFi location information pref("browser.region.network.scan", false); pref("browser.region.network.url", ""); pref("browser.region.local-geocoding", false); -// Bug 40083: Make sure Region.jsm fetching is disabled +// Bug 40083: Make sure Region.sys.mjs fetching is disabled pref("browser.region.update.enabled", false); -// Don't load Mozilla domains in a separate tab process +// Don't load Mozilla domains in a separate privileged tab process +pref("browser.tabs.remote.separatePrivilegedMozillaWebContentProcess", false); pref("browser.tabs.remote.separatedMozillaDomains", ""); // Avoid DNS lookups on search terms @@ -270,12 +286,23 @@ pref("security.pki.crlite_mode", 0); // Disable website password breach alerts pref("signon.management.page.breach-alerts.enabled", false); -// Disable remote "password recipes" +// Disable remote "password recipes". They are a way to improve the UX of the +// password manager by havinc specific heuristics for some sites. +// It needs remote settings and in general we disable the password manager. +// More information about this feature at +// https://bugzilla.mozilla.org/show_bug.cgi?id=1119454 pref("signon.recipes.remoteRecipes.enabled", false); -// Disable ServiceWorkers and push notifications by default +// Disable ServiceWorkers by default. They do not work in PBM in any case. +// See https://bugzilla.mozilla.org/show_bug.cgi?id=1320796 pref("dom.serviceWorkers.enabled", false); +// Push notifications use an online Mozilla service and a persistent ID stored +// in dom.push.userAgentID, so disable them by default. +// See also https://support.mozilla.org/kb/push-notifications-firefox pref("dom.push.enabled", false); +// As a defense in depth measure, also set the push server URL to empty. +// See tor-browser#18801. +pref("dom.push.serverURL", ""); // Fingerprinting // tor-browser#41797: For release builds, lock RFP @@ -292,7 +319,6 @@ pref("privacy.resistFingerprinting", true); pref("webgl.disable-fail-if-major-performance-caveat", true); // tor-browser#16404: disable until we investigate it further (#22333) pref("webgl.enable-webgl2", false); -pref("browser.startup.homepage_override.buildID", "20100101"); pref("browser.link.open_newwindow.restriction", 0); // Bug 9881: Open popups in new tabs (to avoid fullscreen popups) // Prevent scripts from moving and resizing open windows pref("dom.disable_window_move_resize", true); @@ -307,7 +333,9 @@ pref("dom.webmidi.enabled", false); // Bug 41398: Disable Web MIDI API // randomized IDs when this pref is true). // Defense-in-depth (already the default value) from Firefox 119 or 120. pref("media.devices.enumerate.legacy.enabled", false); -pref("dom.w3c_touch_events.enabled", 0); // Bug 10286: Always disable Touch API +// Bug 10286: Always disable Touch API. +// We might need to deepen this topic, see tor-browser#42069. +pref("dom.w3c_touch_events.enabled", 0); pref("dom.vr.enabled", false); // Bug 21607: Disable WebVR for now pref("security.webauth.webauthn", false); // Bug 26614: Disable Web Authentication API for now // Disable SAB, no matter if the sites are cross-origin isolated. @@ -350,6 +378,7 @@ pref("javascript.options.spectre.disable_for_isolated_content", false, locked); pref("privacy.firstparty.isolate", true); // Always enforce first party isolation // tor-browser#40123 and #40308: Disable for now until audit pref("privacy.partition.network_state", false); +// Only accept cookies from the originating site (block third party cookies) pref("network.cookie.cookieBehavior", 1); pref("network.cookie.cookieBehavior.pbmode", 1); pref("network.predictor.enabled", false); // Temporarily disabled. See https://bugs.torproject.org/16633 @@ -365,7 +394,9 @@ pref("privacy.purge_trackers.enabled", false); // Do not allow cross-origin sub-resources to open HTTP authentication // credentials dialogs. Hardens against potential credentials phishing. pref("network.auth.subresource-http-auth-allow", 1); -// Disable sending additional analytics to web servers +// Disable sending additional analytics to web servers. +// This disables navigator.sendBeacon, even though this is discouraged by the +// standard: https://w3c.github.io/beacon/#privacy-and-security pref("beacon.enabled", false); pref("network.dns.disablePrefetch", true); @@ -379,13 +410,19 @@ pref("network.protocol-handler.warn-external.mailto", true); pref("network.protocol-handler.warn-external.news", true); pref("network.protocol-handler.warn-external.nntp", true); pref("network.protocol-handler.warn-external.snews", true); +#ifdef XP_WIN + pref("network.protocol-handler.external.ms-windows-store", false); + pref("network.protocol-handler.warn-external.ms-windows-store", true); +#endif pref("network.proxy.allow_bypass", false, locked); // #40682 // Lock to 'true', which is already the firefox default, to prevent users // from making themselves fingerprintable by disabling. This pref // alters content load order in a page. See tor-browser#24686 pref("network.http.tailing.enabled", true, locked); -// Make sure the varoius http2 settings, buffer sizes, timings, etc are locked to firefox defaults to minimize network performance fingerprinting. See https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/27128 +// Make sure the varoius http2 settings, buffer sizes, timings, etc are locked +// to firefox defaults to minimize network performance fingerprinting. +// See https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/27128 pref("network.http.http2.enabled", true, locked); pref("network.http.http2.enabled.deps", true, locked); pref("network.http.http2.enforce-tls-profile", true, locked); @@ -395,13 +432,13 @@ pref("network.http.http2.coalesce-hostnames", true, locked); pref("network.http.http2.persistent-settings", false, locked); pref("network.http.http2.ping-threshold", 58, locked); pref("network.http.http2.ping-timeout", 8, locked); -pref("network.http.http2.send-buffer-size", 131072, locked); +pref("network.http.http2.send-buffer-size", 0, locked); pref("network.http.http2.allow-push", true, locked); pref("network.http.http2.push-allowance", 131072, locked); pref("network.http.http2.pull-allowance", 12582912, locked); pref("network.http.http2.default-concurrent", 100, locked); pref("network.http.http2.default-hpack-buffer", 65536, locked); -pref("network.http.http2.websockets", false, locked); +pref("network.http.http2.websockets", true, locked); pref("network.http.http2.enable-hpack-dump", false, locked); // tor-browser#23044: Make sure we don't have any GIO supported protocols @@ -467,10 +504,6 @@ pref("network.manage-offline-status", false); pref("network.captive-portal-service.enabled", false); pref("network.connectivity-service.enabled", false); pref("captivedetect.canonicalURL", ""); -// As a "defense in depth" measure, configure an empty push server URL (the -// DOM Push features are disabled by default via other prefs). -// See tor-browser#18801. -pref("dom.push.serverURL", ""); #ifdef XP_WIN // tor-browser#41683: Disable the network process on Windows @@ -482,9 +515,7 @@ pref("network.process.enabled", false); // Extension support pref("extensions.autoDisableScopes", 0); -pref("extensions.databaseSchema", 3); pref("extensions.enabledScopes", 5); // AddonManager.SCOPE_PROFILE=1 | AddonManager.SCOPE_APPLICATION=4 -pref("extensions.pendingOperations", false); // We don't know what extensions Mozilla is advertising to our users and we // don't want to have some random Google Analytics script running either on the // about:addons page, see bug 22073, 22900 and 31601. @@ -498,8 +529,8 @@ pref("browser.discovery.enabled", false); pref("extensions.webextensions.restrictedDomains", ""); // Don't give Mozilla-recommended third-party extensions special privileges. pref("extensions.postDownloadThirdPartyPrompt", false); -// tor-browser#41701: Reporting an extension does not work -// disable extension reporting since the request goes to Mozilla and is rejected anyway (HTTP 400) +// tor-browser#41701: Reporting an extension does not work. The request goes to +// Mozilla and is always rejected anyway (HTTP 400). pref("extensions.abuseReport.enabled", false); // We are already providing the languages we support in multi-lingual packages. // Therefore, do not allow download of additional language packs. They are not a @@ -526,10 +557,6 @@ pref("security.certerrors.mitm.priming.enabled", false); // Don't automatically enable enterprise roots, see bug 40166 pref("security.certerrors.mitm.auto_enable_enterprise_roots", false); -// Don't allow any domain overrides access to offscreen rendering, see tor-browser#41135 -pref("gfx.offscreencanvas.domain-enabled", false); -pref("gfx.offscreencanvas.domain-allowlist", ""); - // Disable share menus on Mac and Windows tor-browser#41117 pref("browser.menu.share_url.allow", false, locked); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/eae5ea… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/eae5ea… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-12.5] Bug 40957: Update subkey expiration date for Tor Browser gpg key
by richard (＠richard) 26 Sep '23

26 Sep '23

richard pushed to branch maint-12.5 at The Tor Project / Applications / tor-browser-build Commits: 078300d8 by Nicolas Vigier at 2023-09-26T22:18:45+00:00 Bug 40957: Update subkey expiration date for Tor Browser gpg key - - - - - 1 changed file: - keyring/torbrowser.gpg Changes: ===================================== keyring/torbrowser.gpg ===================================== Binary files a/keyring/torbrowser.gpg and b/keyring/torbrowser.gpg differ View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/0… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/0… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 40957: Update subkey expiration date for Tor Browser gpg key
by richard (＠richard) 26 Sep '23

26 Sep '23

richard pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: ed83891d by Nicolas Vigier at 2023-09-26T22:17:44+00:00 Bug 40957: Update subkey expiration date for Tor Browser gpg key - - - - - 1 changed file: - keyring/torbrowser.gpg Changes: ===================================== keyring/torbrowser.gpg ===================================== Binary files a/keyring/torbrowser.gpg and b/keyring/torbrowser.gpg differ View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/e… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/e… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/firefox-android][firefox-android-115.2.1-13.0-1] fixup! Disable features and functionality
by Dan Ballard (＠dan) 26 Sep '23

26 Sep '23

Dan Ballard pushed to branch firefox-android-115.2.1-13.0-1 at The Tor Project / Applications / firefox-android Commits: 533daef0 by clairehurst at 2023-09-26T17:59:27+00:00 fixup! Disable features and functionality - - - - - 3 changed files: - fenix/app/src/main/java/org/mozilla/fenix/settings/quicksettings/QuickSettingsSheetDialogFragment.kt - fenix/app/src/main/java/org/mozilla/fenix/settings/quicksettings/protections/ProtectionsView.kt - fenix/app/src/main/res/layout/quicksettings_protections_panel.xml Changes: ===================================== fenix/app/src/main/java/org/mozilla/fenix/settings/quicksettings/QuickSettingsSheetDialogFragment.kt ===================================== @@ -132,7 +132,8 @@ class QuickSettingsSheetDialogFragment : FenixDialogFragment() { override fun onViewCreated(view: View, savedInstanceState: Bundle?) { super.onViewCreated(view, savedInstanceState) - observeTrackersChange(requireComponents.core.store) +// Removed as part of Bug_42115: Enhanced Tracking Protection can still be enabled +// observeTrackersChange(requireComponents.core.store) consumeFrom(quickSettingsStore) { websiteInfoView.update(it.webInfoState) websitePermissionsView.update(it.websitePermissionsState) @@ -190,34 +191,36 @@ class QuickSettingsSheetDialogFragment : FenixDialogFragment() { @VisibleForTesting internal fun provideTabId(): String = args.sessionId - @VisibleForTesting - internal fun observeTrackersChange(store: BrowserStore) { - consumeFlow(store) { flow -> - flow.mapNotNull { state -> - state.findTabOrCustomTab(provideTabId()) - }.ifAnyChanged { tab -> - arrayOf( - tab.trackingProtection.blockedTrackers, - tab.trackingProtection.loadedTrackers, - ) - }.collect { - updateTrackers(it) - } - } - } - - @VisibleForTesting - internal fun updateTrackers(tab: SessionState) { - provideTrackingProtectionUseCases().fetchTrackingLogs( - tab.id, - onSuccess = { trackers -> - protectionsView.updateDetailsSection(trackers.isNotEmpty()) - }, - onError = { - Logger.error("QuickSettingsSheetDialogFragment - fetchTrackingLogs onError", it) - }, - ) - } +// Removed as part of Bug_42115: Enhanced Tracking Protection can still be enabled +// @VisibleForTesting +// internal fun observeTrackersChange(store: BrowserStore) { +// consumeFlow(store) { flow -> +// flow.mapNotNull { state -> +// state.findTabOrCustomTab(provideTabId()) +// }.ifAnyChanged { tab -> +// arrayOf( +// tab.trackingProtection.blockedTrackers, +// tab.trackingProtection.loadedTrackers, +// ) +// }.collect { +// updateTrackers(it) +// } +// } +// } + +// Removed as part of Bug_42115: Enhanced Tracking Protection can still be enabled +// @VisibleForTesting +// internal fun updateTrackers(tab: SessionState) { +// provideTrackingProtectionUseCases().fetchTrackingLogs( +// tab.id, +// onSuccess = { trackers -> +// protectionsView.updateDetailsSection(trackers.isNotEmpty()) +// }, +// onError = { +// Logger.error("QuickSettingsSheetDialogFragment - fetchTrackingLogs onError", it) +// }, +// ) +// } @VisibleForTesting internal fun provideTrackingProtectionUseCases() = requireComponents.useCases.trackingProtectionUseCases ===================================== fenix/app/src/main/java/org/mozilla/fenix/settings/quicksettings/protections/ProtectionsView.kt ===================================== @@ -54,28 +54,32 @@ class ProtectionsView( * Allows changing what this View displays. */ fun update(state: ProtectionsState) { - bindTrackingProtectionInfo(state.isTrackingProtectionEnabled) +// Removed as part of Bug_42115: Enhanced Tracking Protection can still be enabled +// bindTrackingProtectionInfo(state.isTrackingProtectionEnabled) bindCookieBannerProtection(state.cookieBannerUIMode) - binding.trackingProtectionSwitch.isVisible = settings.shouldUseTrackingProtection +// Removed as part of Bug_42115: Enhanced Tracking Protection can still be enabled +// binding.trackingProtectionSwitch.isVisible = settings.shouldUseTrackingProtection binding.cookieBannerItem.isVisible = shouldShowCookieBanner && state.cookieBannerUIMode != CookieBannerUIMode.HIDE - - binding.trackingProtectionDetails.setOnClickListener { - interactor.onTrackingProtectionDetailsClicked() - } +// Removed as part of Bug_42115: Enhanced Tracking Protection can still be enabled +// binding.trackingProtectionDetails.setOnClickListener { +// interactor.onTrackingProtectionDetailsClicked() +// } } - @VisibleForTesting - internal fun updateDetailsSection(show: Boolean) { - binding.trackingProtectionDetails.isVisible = show - } - - private fun bindTrackingProtectionInfo(isTrackingProtectionEnabled: Boolean) { - binding.trackingProtectionSwitch.isChecked = isTrackingProtectionEnabled - binding.trackingProtectionSwitch.setOnCheckedChangeListener { _, isChecked -> - interactor.onTrackingProtectionToggled(isChecked) - } - } +// Removed as part of Bug_42115: Enhanced Tracking Protection can still be enabled +// @VisibleForTesting +// internal fun updateDetailsSection(show: Boolean) { +// binding.trackingProtectionDetails.isVisible = show +// } + +// Removed as part of Bug_42115: Enhanced Tracking Protection can still be enabled +// private fun bindTrackingProtectionInfo(isTrackingProtectionEnabled: Boolean) { +// binding.trackingProtectionSwitch.isChecked = isTrackingProtectionEnabled +// binding.trackingProtectionSwitch.setOnCheckedChangeListener { _, isChecked -> +// interactor.onTrackingProtectionToggled(isChecked) +// } +// } @VisibleForTesting internal val binding = QuicksettingsProtectionsPanelBinding.inflate( ===================================== fenix/app/src/main/res/layout/quicksettings_protections_panel.xml ===================================== @@ -12,36 +12,38 @@ android:layout_width="match_parent" android:layout_height="wrap_content" android:minHeight="@dimen/tracking_protection_item_height" - app:layout_constraintBottom_toTopOf="@id/trackingProtectionSwitch" + app:layout_constraintBottom_toBottomOf="parent" app:layout_constraintTop_toTopOf="parent" /> - <org.mozilla.fenix.trackingprotection.SwitchWithDescription - android:id="@+id/trackingProtectionSwitch" - android:layout_width="match_parent" - android:layout_height="wrap_content" - android:layout_marginTop="16dp" - android:minHeight="@dimen/tracking_protection_item_height" - android:text="@string/preference_enhanced_tracking_protection" - app:layout_constraintBottom_toTopOf="@id/trackingProtectionDetails" - app:layout_constraintTop_toBottomOf="@id/cookieBannerItem" - app:switchDescriptionOff="@string/etp_panel_off" - app:switchDescriptionOn="@string/etp_panel_on" - app:switchIconOff="@drawable/ic_tracking_protection_disabled" - app:switchIconOn="@drawable/ic_tracking_protection_enabled" - app:switchTitle="@string/preference_enhanced_tracking_protection" /> + + + + + + + + + + + + + + + - <TextView - android:id="@+id/trackingProtectionDetails" - style="@style/QuickSettingsText.Icon" - android:layout_width="0dp" - android:layout_height="@dimen/quicksettings_item_height" - android:layout_alignParentEnd="true" - android:gravity="end|center_vertical" - android:text="@string/enhanced_tracking_protection_details" - android:visibility="gone" - app:drawableEndCompat="@drawable/ic_arrowhead_right" - app:layout_constraintBottom_toBottomOf="parent" - app:layout_constraintEnd_toEndOf="parent" - app:layout_constraintStart_toStartOf="parent" /> +  + + + + + + + + + + + + + </androidx.constraintlayout.widget.ConstraintLayout> View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/533… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/533… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-update-responses][main] release: new version, 12.5.5
by richard (＠richard) 26 Sep '23

26 Sep '23

richard pushed to branch main at The Tor Project / Applications / Tor Browser update responses Commits: a5c4e965 by Richard Pospesel at 2023-09-26T17:40:28+00:00 release: new version, 12.5.5 - - - - - 30 changed files: - update_3/release/.htaccess - − update_3/release/12.5.1-12.5.4-linux32-ALL.xml - − update_3/release/12.5.1-12.5.4-linux64-ALL.xml - − update_3/release/12.5.1-12.5.4-macos-ALL.xml - − update_3/release/12.5.1-12.5.4-win32-ALL.xml - − update_3/release/12.5.1-12.5.4-win64-ALL.xml - + update_3/release/12.5.1-12.5.5-linux32-ALL.xml - + update_3/release/12.5.1-12.5.5-linux64-ALL.xml - + update_3/release/12.5.1-12.5.5-macos-ALL.xml - + update_3/release/12.5.1-12.5.5-win32-ALL.xml - + update_3/release/12.5.1-12.5.5-win64-ALL.xml - − update_3/release/12.5.2-12.5.4-linux32-ALL.xml - − update_3/release/12.5.2-12.5.4-linux64-ALL.xml - − update_3/release/12.5.2-12.5.4-macos-ALL.xml - − update_3/release/12.5.2-12.5.4-win32-ALL.xml - − update_3/release/12.5.2-12.5.4-win64-ALL.xml - + update_3/release/12.5.2-12.5.5-linux32-ALL.xml - + update_3/release/12.5.2-12.5.5-linux64-ALL.xml - + update_3/release/12.5.2-12.5.5-macos-ALL.xml - + update_3/release/12.5.2-12.5.5-win32-ALL.xml - + update_3/release/12.5.2-12.5.5-win64-ALL.xml - − update_3/release/12.5.3-12.5.4-linux32-ALL.xml - − update_3/release/12.5.3-12.5.4-linux64-ALL.xml - − update_3/release/12.5.3-12.5.4-macos-ALL.xml - − update_3/release/12.5.3-12.5.4-win32-ALL.xml - − update_3/release/12.5.3-12.5.4-win64-ALL.xml - + update_3/release/12.5.3-12.5.5-linux32-ALL.xml - + update_3/release/12.5.3-12.5.5-linux64-ALL.xml - + update_3/release/12.5.3-12.5.5-macos-ALL.xml - + update_3/release/12.5.3-12.5.5-win32-ALL.xml The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag mb-12.5.5-build1
by richard (＠richard) 26 Sep '23

26 Sep '23

richard pushed new tag mb-12.5.5-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/mb-… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag tbb-12.5.5-build1
by richard (＠richard) 26 Sep '23

26 Sep '23

richard pushed new tag tbb-12.5.5-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/tbb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-12.5] Bugs 40961, 40962: Tor Browser and Mullvad Browser 12.5.5
by richard (＠richard) 26 Sep '23

26 Sep '23

richard pushed to branch maint-12.5 at The Tor Project / Applications / tor-browser-build Commits: db01e230 by Richard Pospesel at 2023-09-25T20:43:08+00:00 Bugs 40961, 40962: Tor Browser and Mullvad Browser 12.5.5 - - - - - 9 changed files: - projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt - projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt - projects/browser/allowed_addons.json - projects/browser/config - projects/firefox/config - projects/geckoview/config - projects/tor/config - projects/translation/config - rbm.conf Changes: ===================================== projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt ===================================== @@ -1,3 +1,70 @@ +Mullvad Browse 12.5.5 - September 25 2023 + * All Platforms + * Updated NoScript to 11.4.27 + * Upated uBlock Origin to 1.52.2 + * Bug 42123: Backport security fixes from Firefox 118 to ESR 102.15 / 115.3 - based Tor Browser [tor-browser] + +Mullvad Browser 13.0a5 - September 21 2023 + * All Platforms + * Updated Translations + * Updated Firefox to 115.3.0esr + * Bug 228: Remove popup asking for preferred language on websites [mullvad-browser] + * Bug 238: Rebase Mullvad Browser to 115.3.0esr [mullvad-browser] + * Bug 40893: Update (Noto) fonts for 13.0 [tor-browser-build] + * Bug 41327: Disable UrlbarProviderInterventions [tor-browser] + * Bug 41581: ESR115: figure out extension pinning / unified Extensions [tor-browser] + * Bug 41903: The info icon on the language change prompt is not shown [tor-browser] + * Bug 42026: Disable cookie banner service and UI. [tor-browser] + * Bug 42037: Disable about:firefoxview [tor-browser] + * Bug 42083: RemoteSecuritySettings.init throws error in console [tor-browser] + * Bug 42094: Disable media.aboutwebrtc.hist.enabled as security in-depth [tor-browser] + * Windows + * Bug 41798: Stop building private_browsing.exe on Windows [tor-browser] + * Build System + * All Platforms + * Bug 40956: Allow testing the updater also with release and alpha channel [tor-browser-build] + * Windows + * Bug 41995: Generated headers on Windows aren't reproducible [tor-browser] + +Mullvad Browser 13.0a4 - September 12 2023 + * All Platforms + * Updated Firefox to 115.2.1esr + * Updated Translations + * Updated NoScript to 11.4.27 + * Bug 211: Change "Mullvad Browser Home" to "New tab" [mullvad-browser] + * Bug 231: Fix the Security Level "read more" link in popup/settings panel [mullvad-browser] + * Bug 236: Rebase alpha onto 115.2.1 [mullvad-browser] + * Bug 40149: Remove patching of nightly update URL [tor-browser-build] + * Bug 40937: First window after update should go to the user-friendly release page on GitHub [tor-browser-build] + * Bug 41528: Hard-coded English "based on Mozilla Firefox" appears in version in "About" dialog [tor-browser] + * Bug 41675: ESR115: decide on large array buffers [tor-browser] + * Bug 41739: Remove "Website appearance" [tor-browser] + * Bug 41740: ESR115: change devicePixelRatio spoof to 2 in alpha for testing [tor-browser] + * Bug 41774: Hide the new "Switching to a new device" help menu item [tor-browser] + * Bug 41797: Lock RFP in release builds [tor-browser] + * Bug 41876: Remove firefox view from title bar [tor-browser] + * Bug 41881: Developer tools/Network/New Request remembers requests [tor-browser] + * Bug 42027: Create a Base Browser version of migrateUI [tor-browser] + * Bug 42043: Disable gUM: media.devices.enumerate.legacy.enabled [tor-browser] + * Bug 42046: Remove XUL layout hacks from base browser [tor-browser] + * Bug 42050: Bring back Save As... dialog as default [tor-browser] + * Bug 42061: Move the alpha update channel creation to a commit on its own [tor-browser] + * Bug 42084: Race condition with language preferences may make spoof_english ineffective [tor-browser] + * Windows + * Bug 40930: Update zlib to 1.3 after 13.0a3 [tor-browser-build] + * macOS + * Bug 42057: Disable Platform text-recognition functionality [tor-browser] + * Build System + * All Platforms + * Bug 40857: Mullvad Browser generated downloads.json references tbb-* build tag rather than mb-* [tor-browser-build] + * Bug 40932: Remove appname_bundle_android, appname_bundle_macos, appname_bundle_linux, appname_bundle_win32, appname_bundle_win64 from projects/release/update_responses_config.yml [tor-browser-build] + * Bug 40933: Fix generating incrementals between 12.5.x and 13.0 [tor-browser-build] + * Bug 40935: Fix fallout from build target rename in signing scripts [tor-browser-build] + * Bug 40942: Use the branch to build Base Browser [tor-browser-build] + * Bug 40946: override_updater_url does not work for Mullvad Browser [tor-browser-build] + * macOS + * Bug 40943: Update libdmg-hfsplus to include our uplifted patch [tor-browser-build] + Mullvad Browser 12.5.4 - September 12 2023 * All Platforms * Updated Firefox to 102.15.1esr ===================================== projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt ===================================== @@ -1,3 +1,139 @@ +Tor Browser 12.5.5 - September 25 2023 + * All Platforms + * Updated tor to 0.4.7.15 + * Updated NoScript to 11.4.27 + * Updated Translations + * Bug 42120: Use foursquare as domain front for snowflake [tor-browser] + * Bug 42123: Backport security fixes from Firefox 118 to ESR 102.15 / 115.3 - based Tor Browser [tor-browser] + * Windows + macOS + Linux + * Bug 42126: moat and connect assist broken for people who can't reach domain front [tor-browser] + +Tor Browser 13.0a5 - September 21 2023 + * All Platforms + * Updated Translations + * Updated OpenSSL to 3.0.11 + * Updated tor to 0.4.8.6 + * Bug 40938: Migrate remaining torbutton functionality to tor-browser [tor-browser] + * Bug 41327: Disable UrlbarProviderInterventions [tor-browser] + * Bug 42026: Disable cookie banner service and UI. [tor-browser] + * Bug 42094: Disable media.aboutwebrtc.hist.enabled as security in-depth [tor-browser] + * Bug 42112: Rebase alpha to 115.3.0esr [tor-browser] + * Bug 42120: Use foursquare as domain front for snowflake [tor-browser] + * Windows + macOS + Linux + * Updated Firefox to 115.3.0esr + * Bug 40893: Update (Noto) fonts for 13.0 [tor-browser-build] + * Bug 41639: Fix the wordmark (title and background) of the "About Tor Browser" window [tor-browser] + * Bug 41822: The default browser button came back on 115 [tor-browser] + * Bug 41864: TOR_CONTROL_HOST and TOR_SOCKS_HOST do not work as expected when the browser launches tor [tor-browser] + * Bug 41903: The info icon on the language change prompt is not shown [tor-browser] + * Bug 41957: Revert to Fx's default identity block style for internal pages [tor-browser] + * Bug 41958: Console error when closing tor browser with about:preferences open [tor-browser] + * Bug 41986: Fix the control port password handling [tor-browser] + * Bug 42037: Disable about:firefoxview [tor-browser] + * Bug 42073: Add simplified onion pattern to the new homepage [tor-browser] + * Bug 42079: TorConnect: handle switching from Bootstrapped to Configuring state [tor-browser] + * Bug 42083: RemoteSecuritySettings.init throws error in console [tor-browser] + * Bug 42091: Onion authorization prompt overflows [tor-browser] + * Bug 42092: Onion services key table display problems. [tor-browser] + * Bug 42102: TorProcess says the SOCKS port is not valid even though it is [tor-browser] + * Bug 42110: Add a utility module for shared UI methods needed for several tor browser components [tor-browser] + * Windows + * Bug 41798: Stop building private_browsing.exe on Windows [tor-browser] + * macOS + * Bug 42078: Implement MacOS application icons [tor-browser] + * Linux + * Bug 42088: Implement Linux application icons [tor-browser] + * Android + * Updated GeckoView to 115.3.0esr + * Bug 42089: Disable Mozilla 1805450 [tor-browser] + * Bug 42122: Fix crash due to bad android deprecation and APIs + * Build System + * Windows + macOS + Linux + * Bug 40956: Allow testing the updater also with release and alpha channel [tor-browser-build] + * Windows + * Bug 41995: Generated headers on Windows aren't reproducible [tor-browser] + +Tor Browser 13.0a4 - September 12 2023 + * All Platforms + * Updated Translations + * Updated NoScript to 11.4.27 + * Updated tor to 0.4.8.5 + * Updated Snowflake to 2.6.1 + * Bug 40951: Firefox fails to build for macos after #40938 [tor-browser-build] + * Bug 41675: ESR115: decide on large array buffers [tor-browser] + * Bug 41740: ESR115: change devicePixelRatio spoof to 2 in alpha for testing [tor-browser] + * Bug 41797: Lock RFP in release builds [tor-browser] + * Bug 41934: Websocket raises DOMException on http onions in 13.0a1 [tor-browser] + * Bug 42034: aboutTBUpdate.dtd is duplicated [tor-browser] + * Bug 42043: Disable gUM: media.devices.enumerate.legacy.enabled [tor-browser] + * Bug 42061: Move the alpha update channel creation to a commit on its own [tor-browser] + * Bug 42084: Race condition with language preferences may make spoof_english ineffective [tor-browser] + * Bug 42093: Rebase alpha onto 115.2.1esr [tor-browser] + * Windows + macOS + Linux + * Updated Firefox to 115.2.1esr + * Bug 40149: Remove patching of nightly update URL [tor-browser-build] + * Bug 40821: The update details URL is wrong in alphas [tor-browser-build] + * Bug 40938: Copy the new tor-browser.ftl file to the appropriate directory [tor-browser-build] + * Bug 41333: Modernize Tor Browser's new-tab page (about:tor) [tor-browser] + * Bug 41528: Hard-coded English "based on Mozilla Firefox" appears in version in "About" dialog [tor-browser] + * Bug 41651: Use moz-toggle in connection preferences [tor-browser] + * Bug 41739: Remove "Website appearance" [tor-browser] + * Bug 41774: Hide the new "Switching to a new device" help menu item [tor-browser] + * Bug 41821: Fix the proxy type in the proxy modal of about:preferences in 13.0 [tor-browser] + * Bug 41865: Use --text-color-deemphasized rather than --panel-description-color [tor-browser] + * Bug 41876: Remove firefox view from title bar [tor-browser] + * Bug 41881: Developer tools/Network/New Request remembers requests [tor-browser] + * Bug 41886: Downloads drop-down panel has new-line/line-break between every word in the 'Be careful opening downloads' warning [tor-browser] + * Bug 41904: The log textarea doesn't resize anymore [tor-browser] + * BUg 41906: hide about:preferences#privacy > DNS over HTTPS section [tor-browser] + * Bug 41971: Update Tails URL in downloads warning [tor-browser] + * Bug 41974: De-emphasized text in custom components is no longer gray in 13.0 alpha [tor-browser] + * Bug 41977: Hide the "Learn more" link in bridge cards [tor-browser] + * Bug 41980: Circuit display headline is misaligned in 13.0 alpha [tor-browser] + * Bug 42027: Create a Base Browser version of migrateUI [tor-browser] + * Bug 42045: Circuit panel overflows with long ipv6 addresses [tor-browser] + * Bug 42046: Remove XUL layout hacks from base browser [tor-browser] + * Bug 42047: Remove layout hacks from tor browser preferences [tor-browser] + * Bug 42050: Bring back Save As... dialog as default [tor-browser] + * Bug 42075: Fix link spacing and underline on new homepage [tor-browser] + * Windows + Android + * Updated zlib to 1.3 + * Bug 40930: Update zlib to 1.3 after 13.0a3 [tor-browser-build] + * macOS + * Bug 42057: Disable Platform text-recognition functionality [tor-browser] + * Linux + * Bug 41509: After update, KDE Plasma identifies Tor Browser Nightly window group as "firefox-nightly" [tor-browser] + * Android + * Updated GeckoView to 115.2.1esr + * Bug 40941: Remove PT process options on Android [tor-browser-build] + * Bug 41878: firefox-mobile: refactor tor bootstrap off deleted onboarding path [tor-browser] + * Bug 41879: firefox-android: Add Tor integration and UI commit is too big, needs to be split up [tor-browser] + * Bug 41882: Update DuckDuckGo icons [tor-browser] + * Bug 41987: Tor Browser Android Onboarding Plan [tor-browser] + * Bug 42001: Hide 'Open links in external app' settings option and force defaults [tor-browser] + * Bug 42038: TBA Alpha - inscriptions Tor Browser Alpha and FireFox Browser simultaneously on the start screen [tor-browser] + * Bug 42076: Theme is visable in options, but shouldn't be [tor-browser] + * Build System + * All Platforms + * Updated Go to 1.21.1 + * Bug 40929: Update go to 1.21 series after 13.0a3 [tor-browser-build] + * Bug 40932: Remove appname_bundle_android, appname_bundle_macos, appname_bundle_linux, appname_bundle_win32, appname_bundle_win64 from projects/release/update_responses_config.yml [tor-browser-build] + * Bug 40935: Fix fallout from build target rename in signing scripts [tor-browser-build] + * Bug 40948: Remove lyrebird-vendor sha256sum in nightly [tor-browser-build] + * Windows + macOS + Linux + * Bug 40786: deploy_update_responses-*.sh requires +r permissions to run [tor-browser-build] + * Bug 40931: Fix incrementals after tor-browser-build#40829 [tor-browser-build] + * Bug 40933: Fix generating incrementals between 12.5.x and 13.0 [tor-browser-build] + * Bug 40942: Use the branch to build Base Browser [tor-browser-build] + * Bug 40944: After #40931, updates_responses is using incremental.mar files as if they were non-incremental mar files [tor-browser-build] + * Bug 40946: override_updater_url does not work for Mullvad Browser [tor-browser-build] + * Bug 40947: Remove migrate_langs from tools/signing/nightly/update-responses-base-config.yml [tor-browser-build] + * macOS + * Bug 40943: Update libdmg-hfsplus to include our uplifted patch [tor-browser-build] + * Bug 42035: Update tools/torbrowser/ scripts to support macOS dev environment [tor-browser] + * Linux + * Bug 42071: tor-browser deployed format changed breaking fetch.sh [tor-browser] + Tor Browser 12.5.4 - September 12 2023 * All Platforms * Updated Translations ===================================== projects/browser/allowed_addons.json ===================================== @@ -17,7 +17,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/34/9734/13299734/13299734.pn…" } ], - "average_daily_users": 997396, + "average_daily_users": 1014444, "categories": { "android": [ "experimental", @@ -221,10 +221,10 @@ "category": "recommended" }, "ratings": { - "average": 4.5546, - "bayesian_average": 4.553446665437272, - "count": 5144, - "text_count": 1618 + "average": 4.5534, + "bayesian_average": 4.55225009063314, + "count": 5166, + "text_count": 1629 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/darkreader/reviews/", "requires_payment": false, @@ -321,7 +321,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/darkreader/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/darkreader/versions/", - "weekly_downloads": 25493 + "weekly_downloads": 26444 }, "notes": null }, @@ -337,7 +337,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/56/7656/6937656/6937656.png?…" } ], - "average_daily_users": 254833, + "average_daily_users": 256930, "categories": { "android": [ "security-privacy" @@ -553,9 +553,9 @@ "category": "recommended" }, "ratings": { - "average": 4.8125, - "bayesian_average": 4.807850481587009, - "count": 1360, + "average": 4.8128, + "bayesian_average": 4.80814342064221, + "count": 1362, "text_count": 240 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/reviews/", @@ -641,7 +641,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/versions/", - "weekly_downloads": 3381 + "weekly_downloads": 3097 }, "notes": null }, @@ -657,7 +657,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/73/4073/5474073/5474073.png?…" } ], - "average_daily_users": 1103209, + "average_daily_users": 1117012, "categories": { "android": [ "security-privacy" @@ -669,7 +669,7 @@ "contributions_url": "https://paypal.me/SupportEFF?utm_content=product-page-contribute&utm_medium…", "created": "2014-05-01T18:23:16Z", "current_version": { - "id": 5584898, + "id": 5622730, "compatibility": { "firefox": { "min": "60.0", @@ -680,7 +680,7 @@ "max": "*" } }, - "edit_url": "https://addons.mozilla.org/en-US/developers/addon/privacy-badger17/versions…", + "edit_url": "https://addons.mozilla.org/en-US/developers/addon/privacy-badger17/versions…", "is_strict_compatibility_enabled": false, "license": { "id": 6, @@ -691,23 +691,24 @@ "url": "http://www.gnu.org/licenses/gpl-3.0.html" }, "release_notes": { - "en-US": "2023.6.23 is a bug fix release addressing various site breakages.\n\nNotes for 2023.6.14:\n<ul><li>Privacy Badger now comes with the largest blocklist yet, thanks to improved tracking detection and continually expanding <a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/e7679342a72ee118b720d9…" rel=\"nofollow\">pre-training</a>. In addition to learning from tracking techniques like cookies and canvas fingerprinting, Privacy Badger now also learns from the <a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/5a177129df8c5230a116e1…" rel=\"nofollow\">Beacon API</a>.</li><li>Fixed blocking trackers from just-closed tabs or from pages you recently navigated away from</li><li>Improved display of tracking domains on the options page on larger screens</li><li>Fixed various site breakages</li><li>Improved Italian translations</li></ul>" + "en-US": "<ul><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/07ac27a67ad814cdf74ed5…" rel=\"nofollow\">Improved link tracking protection</a> (\"link unwrapping\") on Google sites. With this update Privacy Badger removes tracking from links in Google Docs, Gmail, Google Maps, and Google Images results. Privacy Badger now also removes tracking from links added after scrolling through Google Search results.</li><li>Fixed various site breakages</li><li>Added Malay and restored Serbian translations</li><li>Improved Traditional Chinese translations</li></ul>" }, - "reviewed": "2023-06-28T16:18:01Z", - "version": "2023.6.23", + "reviewed": "2023-09-15T11:48:09Z", + "version": "2023.9.12", "files": [ { - "id": 4129240, - "created": "2023-06-23T20:19:09Z", - "hash": "sha256:ce79513710b2aed96bf03ec63d8be2e8274329e8d90911f5b8962c777e006e96", + "id": 4167070, + "created": "2023-09-12T19:42:38Z", + "hash": "sha256:eae97d9d3df3350476901ca412505cb4a43d0e7fa79bd9516584935158f82095", "is_restart_required": false, "is_webextension": true, "is_mozilla_signed_extension": false, "platform": "all", - "size": 1968096, + "size": 1986265, "status": "public", - "url": "https://addons.mozilla.org/firefox/downloads/file/4129240/privacy_badger17-…", + "url": "https://addons.mozilla.org/firefox/downloads/file/4167070/privacy_badger17-…", "permissions": [ + "alarms", "tabs", "http://*/*", "https://*/*", @@ -721,6 +722,10 @@ "https://*.messenger.com/*", "http://*.messenger.com/*", "*://*.facebookcorewwwi.onion/*", + "https://docs.google.com/*", + "http://docs.google.com/*", + "https://mail.google.com/*", + "http://mail.google.com/*", "https://www.google.com/*", "http://www.google.com/*", "https://www.google.ad/*", @@ -1101,10 +1106,6 @@ "http://www.google.co.zw/*", "https://www.google.cat/*", "http://www.google.cat/*", - "https://hangouts.google.com/*", - "http://hangouts.google.com/*", - "https://docs.google.com/*", - "http://docs.google.com/*", "<all_urls>" ], "optional_permissions": [], @@ -1134,7 +1135,7 @@ }, "is_disabled": false, "is_experimental": false, - "last_updated": "2023-06-28T16:18:01Z", + "last_updated": "2023-09-15T11:48:09Z", "name": { "en-US": "Privacy Badger" }, @@ -1180,9 +1181,9 @@ "category": "recommended" }, "ratings": { - "average": 4.8008, - "bayesian_average": 4.798040649165502, - "count": 2289, + "average": 4.8005, + "bayesian_average": 4.797738794107263, + "count": 2291, "text_count": 436 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/reviews/", @@ -1207,7 +1208,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/versions/", - "weekly_downloads": 18054 + "weekly_downloads": 18666 }, "notes": null }, @@ -1223,7 +1224,7 @@ "picture_url": null } ], - "average_daily_users": 6472388, + "average_daily_users": 6583619, "categories": { "android": [ "security-privacy" @@ -1235,7 +1236,7 @@ "contributions_url": "", "created": "2015-04-25T07:26:22Z", "current_version": { - "id": 5596914, + "id": 5626680, "compatibility": { "firefox": { "min": "78.0", @@ -1246,7 +1247,7 @@ "max": "*" } }, - "edit_url": "https://addons.mozilla.org/en-US/developers/addon/ublock-origin/versions/55…", + "edit_url": "https://addons.mozilla.org/en-US/developers/addon/ublock-origin/versions/56…", "is_strict_compatibility_enabled": false, "license": { "id": 6, @@ -1257,22 +1258,22 @@ "url": "http://www.gnu.org/licenses/gpl-3.0.html" }, "release_notes": { - "en-US": "See complete release notes for <a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/57eadd553bcb629be4f757…" rel=\"nofollow\">1.51.0</a>.\n\nFixes / changes\n\n<ul><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/a578674b791ed67b926b31…" rel=\"nofollow\">Remove obsolete webaccessibleresources</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/7071379ad6c88fec4e40b3…" rel=\"nofollow\">Add missing (deprecated) method to google ima</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/bf46690e10ed8a086d9d50…" rel=\"nofollow\">Fix regression in handling of experimental <code>header=</code> filter option</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/f2328063ec5c7512d5899f…" rel=\"nofollow\">Only already normalized CSS selectors can be fast path-compiled</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/e271cd306c9578e0ed17c7…" rel=\"nofollow\">Improve compatibility with AdGuard's scriptlets</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/f42373a2522c9739807b48…" rel=\"nofollow\">Add static network filter option: <code>permissions</code></a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/f502abdb178413a344a43d…" rel=\"nofollow\">Add <code>set-attr</code> scriptlet</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/46449872121aa9a39f8fe5…" rel=\"nofollow\">Do not bail too early when trapping properties in <code>acs</code> scriptlet</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/76b28688717445a36e5ee4…" rel=\"nofollow\">Fix regression in cloud storage import of \"Filter lists\" pane</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/eb0f0fdfbd50904d7cd8e2…" rel=\"nofollow\">Add <code>set-session-storage-item</code> scriptlet</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/f125a8290e220a02336532…" rel=\"nofollow\">Prevent negative position when widget size is greater than viewport size</a><ul><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/e49ec519e35ce90b1ce424…" rel=\"nofollow\">Ensure no negative value for <code>top</code> property of floating widget in logger</a></li></ul></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/2398a39690c82a85f3fb23…" rel=\"nofollow\">Add visual hint when not all sublists are enabled</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/f549cc526fa10665161c86…" rel=\"nofollow\">Add support for AdGuard's noop (<code>_</code>) network filter option</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/c649c1ddb8b1d7f280a068…" rel=\"nofollow\">Add \"tabless\" filter expression for logger output</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/3f7e7d0a06e918e4c8b3f8…" rel=\"nofollow\">Add support for logical expressions to <code>!#if</code> directive</a><ul><li>Also added support for <code>!#else</code></li></ul></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/f1e827e5c4e256a0c832f9…" rel=\"nofollow\">Add resource aliases for increased compatibility with AdGuard lists</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/6f42d070e087002ada8f37…" rel=\"nofollow\">Add compatibility with AdGuard's <code>#%#//scriptlet(...)</code> syntax</a><ul><li>Also added support for quoted parameters in <code>##+js(...)</code> syntax</li></ul></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/50632bd7b34e7e7185c764…" rel=\"nofollow\">Fix syntax highlighter throwing with invalid patterns</a></li><li>...</li></ul>\n<a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/7c755863346ab5ff9e77ae…" rel=\"nofollow\">Commits history since last version</a>." + "en-US": "See complete release notes for <a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/e38b38b24e46f55b7c57f8…" rel=\"nofollow\">1.52.2</a>.\n\nFixes / changes\n\n<ul><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/c8600567c8c689e1622572…" rel=\"nofollow\">Fix XHR hook partial response handling</a> (fix by @ephemeralViolette)</li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/086a07ab99860699ff92c9…" rel=\"nofollow\">Fix regression in <code>:is()</code> operator</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/70ff1de4e99376d9ec6147…" rel=\"nofollow\">Do not assume set viewport for popup panel when using portrait mode in descktop</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/bbe0786f040f57b52d6ee7…" rel=\"nofollow\">Fix removal of <code>:scope</code> prefix in <code>:has()</code> operator</a></li></ul>\n<a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/3851922ac2114338a1a10a…" rel=\"nofollow\">Commits history since last version</a>." }, - "reviewed": "2023-07-25T09:58:22Z", - "version": "1.51.0", + "reviewed": "2023-09-25T15:47:17Z", + "version": "1.52.2", "files": [ { - "id": 4141256, - "created": "2023-07-19T23:09:25Z", - "hash": "sha256:8b73468bc233a11dd2895219466381783d19123857dd0b6fd16a01820fca4834", + "id": 4171020, + "created": "2023-09-21T17:09:35Z", + "hash": "sha256:e8ee3f9d597a6d42db9d73fe87c1d521de340755fd8bfdd69e41623edfe096d6", "is_restart_required": false, "is_webextension": true, "is_mozilla_signed_extension": false, "platform": "all", - "size": 3538418, + "size": 3578876, "status": "public", - "url": "https://addons.mozilla.org/firefox/downloads/file/4141256/ublock_origin-1.5…", + "url": "https://addons.mozilla.org/firefox/downloads/file/4171020/ublock_origin-1.5…", "permissions": [ "dns", "menus", @@ -1388,7 +1389,7 @@ }, "is_disabled": false, "is_experimental": false, - "last_updated": "2023-09-11T16:45:44Z", + "last_updated": "2023-09-25T15:47:17Z", "name": { "ar": "uBlock Origin", "bg": "uBlock Origin", @@ -1533,10 +1534,10 @@ "category": "recommended" }, "ratings": { - "average": 4.7827, - "bayesian_average": 4.782306388225343, - "count": 15984, - "text_count": 4147 + "average": 4.7829, + "bayesian_average": 4.782507229381479, + "count": 16045, + "text_count": 4163 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/reviews/", "requires_payment": false, @@ -1598,7 +1599,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/versions/", - "weekly_downloads": 141824 + "weekly_downloads": 146003 }, "notes": null }, @@ -1614,7 +1615,7 @@ "picture_url": null } ], - "average_daily_users": 170796, + "average_daily_users": 170996, "categories": { "android": [ "photos-media" @@ -1713,9 +1714,9 @@ "category": "recommended" }, "ratings": { - "average": 4.4934, - "bayesian_average": 4.488285425448023, - "count": 1139, + "average": 4.4899, + "bayesian_average": 4.484788968165164, + "count": 1141, "text_count": 425 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/video-background-play-fix/re…", @@ -1738,7 +1739,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/video-background-play-fix/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/video-background-play-fix/ve…", - "weekly_downloads": 408 + "weekly_downloads": 305 }, "notes": null }, @@ -1754,7 +1755,7 @@ "picture_url": null } ], - "average_daily_users": 85891, + "average_daily_users": 86760, "categories": { "android": [ "experimental", @@ -1775,11 +1776,11 @@ }, "android": { "min": "48.0", - "max": "*" + "max": "68.*" } }, "edit_url": "https://addons.mozilla.org/en-US/developers/addon/privacy-possum/versions/4…", - "is_strict_compatibility_enabled": false, + "is_strict_compatibility_enabled": true, "license": { "id": 6, "is_custom": false, @@ -1892,7 +1893,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-possum/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-possum/versions/", - "weekly_downloads": 720 + "weekly_downloads": 2439 }, "notes": null }, @@ -1908,7 +1909,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/64/9064/12929064/12929064.pn…" } ], - "average_daily_users": 265122, + "average_daily_users": 268258, "categories": { "android": [ "photos-media", @@ -2127,10 +2128,10 @@ "category": "recommended" }, "ratings": { - "average": 4.6523, - "bayesian_average": 4.647695702345138, - "count": 1320, - "text_count": 254 + "average": 4.6533, + "bayesian_average": 4.648688441384268, + "count": 1321, + "text_count": 255 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/search_by_image/reviews/", "requires_payment": false, @@ -2151,7 +2152,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/search_by_image/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/search_by_image/versions/", - "weekly_downloads": 3992 + "weekly_downloads": 4288 }, "notes": null }, @@ -2174,7 +2175,7 @@ "picture_url": null } ], - "average_daily_users": 111829, + "average_daily_users": 112323, "categories": { "android": [ "other" @@ -2457,10 +2458,10 @@ "category": "recommended" }, "ratings": { - "average": 4.3834, - "bayesian_average": 4.378879936387472, - "count": 1252, - "text_count": 346 + "average": 4.3746, + "bayesian_average": 4.370112364351098, + "count": 1260, + "text_count": 351 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/google-search-fixer/reviews/", "requires_payment": false, @@ -2480,7 +2481,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/google-search-fixer/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/google-search-fixer/versions/", - "weekly_downloads": 48 + "weekly_downloads": 59 }, "notes": null }, @@ -2496,7 +2497,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/43/0143/143/143.png?modified…" } ], - "average_daily_users": 304519, + "average_daily_users": 306943, "categories": { "android": [ "performance", @@ -2510,7 +2511,7 @@ "contributions_url": "https://www.paypal.com/donate/?hosted_button_id=9ERKTU5MBH4EW&utm_content=p…", "created": "2005-05-13T10:51:32Z", "current_version": { - "id": 5597003, + "id": 5620645, "compatibility": { "firefox": { "min": "59.0", @@ -2521,7 +2522,7 @@ "max": "*" } }, - "edit_url": "https://addons.mozilla.org/en-US/developers/addon/noscript/versions/5597003", + "edit_url": "https://addons.mozilla.org/en-US/developers/addon/noscript/versions/5620645", "is_strict_compatibility_enabled": false, "license": { "id": 13, @@ -2532,22 +2533,22 @@ "url": "http://www.gnu.org/licenses/gpl-2.0.html" }, "release_notes": { - "en-US": "v 11.4.26\n============================================================\nx [Android] Fixed regression preventing NoScript prompts\n from being shown\nx [XSS] Fallback to execute most demanding regular\n expressions asynchronously\nx [XSS] Removed obsolete Flash-related checks\nx [XSS] Make InjectionChecker's regular expressions easier\n to debug\nx [XSS] Updated OpenID regexp" + "en-US": "v 11.4.27\n============================================================\nx [XSS] Better specificity of HTML elements preliminary\n checks\nx [XSS] Better specificity of potential fragmented injection\n through framework syntax detection (thanks Rom623, barbaz\n et al)\nx [nscl] RegExp.combo(): RegExp creation by combination for\n better readability and comments\nx [nscl] Replaced lib/sha256.js with web platform native\n implementation (thanks Martin for suggested patch)\nx [nscl] Fixed property/function mismatch (thanks Alex)\nx Fixed operators precedence issue #312 (thanks Alex)\nx [nscl] Prevent dead object access on BF cache (thanks\n jamhubub and mriehm)" }, - "reviewed": "2023-07-25T09:58:54Z", - "version": "11.4.26", + "reviewed": "2023-09-13T06:54:08Z", + "version": "11.4.27", "files": [ { - "id": 4141345, - "created": "2023-07-20T07:16:01Z", - "hash": "sha256:283db0eaebbd2888c1a852f5acabaa8e0225ff1eb1a97a25bceaedfd14d9f44c", + "id": 4164985, + "created": "2023-09-08T14:50:57Z", + "hash": "sha256:6b57d9afce663f801177b7492fe7f00967ee3e66b6351b2cf3ff2a6c3ca99637", "is_restart_required": false, "is_webextension": true, "is_mozilla_signed_extension": false, "platform": "all", - "size": 952442, + "size": 950105, "status": "public", - "url": "https://addons.mozilla.org/firefox/downloads/file/4141345/noscript-11.4.26.…", + "url": "https://addons.mozilla.org/firefox/downloads/file/4164985/noscript-11.4.27.…", "permissions": [ "contextMenus", "storage", @@ -2614,7 +2615,7 @@ }, "is_disabled": false, "is_experimental": false, - "last_updated": "2023-09-08T14:26:13Z", + "last_updated": "2023-09-13T06:54:08Z", "name": { "de": "NoScript", "el": "NoScript", @@ -2686,10 +2687,10 @@ "category": "recommended" }, "ratings": { - "average": 4.3969, - "bayesian_average": 4.394206528489455, - "count": 2109, - "text_count": 816 + "average": 4.3975, + "bayesian_average": 4.39481198926411, + "count": 2118, + "text_count": 819 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/noscript/reviews/", "requires_payment": false, @@ -2733,7 +2734,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/noscript/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/noscript/versions/", - "weekly_downloads": 7314 + "weekly_downloads": 7384 }, "notes": null }, @@ -2749,7 +2750,7 @@ "picture_url": null } ], - "average_daily_users": 153051, + "average_daily_users": 153921, "categories": { "android": [ "performance", @@ -2763,18 +2764,18 @@ "contributions_url": "", "created": "2011-07-15T10:42:41Z", "current_version": { - "id": 5522766, + "id": 5625141, "compatibility": { "firefox": { - "min": "48.0", + "min": "113.0", "max": "*" }, "android": { - "min": "48.0", + "min": "113.0", "max": "*" } }, - "edit_url": "https://addons.mozilla.org/en-US/developers/addon/youtube-high-definition/v…", + "edit_url": "https://addons.mozilla.org/en-US/developers/addon/youtube-high-definition/v…", "is_strict_compatibility_enabled": false, "license": { "id": 12, @@ -2785,33 +2786,30 @@ "url": "http://www.gnu.org/licenses/lgpl-3.0.html" }, "release_notes": { - "en-US": "AMO GUID added" + "en-US": "Manifest v3 Support" }, - "reviewed": "2023-02-09T15:16:44Z", - "version": "109.0.0", + "reviewed": "2023-09-21T07:50:10Z", + "version": "118.0.5", "files": [ { - "id": 4067111, - "created": "2023-02-06T12:44:20Z", - "hash": "sha256:bdda70d2ad5bfc5065844b76008ac731341b46be0d43ab9de535f28206ea3c59", + "id": 4169481, + "created": "2023-09-18T12:22:43Z", + "hash": "sha256:66d24520820ea01056219751f4c42bf49cb7c0a295eb53e63cf28d603ea42d50", "is_restart_required": false, "is_webextension": true, "is_mozilla_signed_extension": false, "platform": "all", - "size": 234450, + "size": 216452, "status": "public", - "url": "https://addons.mozilla.org/firefox/downloads/file/4067111/youtube_high_defi…", + "url": "https://addons.mozilla.org/firefox/downloads/file/4169481/youtube_high_defi…", "permissions": [ - "tabs", "storage", - "cookies", - "webRequest", - "webRequestBlocking", - "<all_urls>", "*://*.youtube.com/*" ], "optional_permissions": [], - "host_permissions": [] + "host_permissions": [ + "<all_urls>" + ] } ] }, @@ -2835,7 +2833,7 @@ }, "is_disabled": false, "is_experimental": false, - "last_updated": "2023-02-09T15:16:44Z", + "last_updated": "2023-09-21T07:50:10Z", "name": { "en-US": "YouTube High Definition", "zh-TW": "YouTube High Definition" @@ -2864,10 +2862,10 @@ "category": "recommended" }, "ratings": { - "average": 3.8981, - "bayesian_average": 3.8938714538391337, - "count": 1158, - "text_count": 410 + "average": 3.897, + "bayesian_average": 3.8927898014617073, + "count": 1165, + "text_count": 416 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/revi…", "requires_payment": false, @@ -2886,7 +2884,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/vers…", - "weekly_downloads": 1907 + "weekly_downloads": 1686 }, "notes": null } ===================================== projects/browser/config ===================================== @@ -103,12 +103,12 @@ input_files: enable: '[% ! c("var/android") %]' - filename: Bundle-Data enable: '[% ! c("var/android") %]' - - URL: https://addons.mozilla.org/firefox/downloads/file/4141345/noscript-11.4.26.… + - URL: https://addons.mozilla.org/firefox/downloads/file/4164985/noscript-11.4.27.… name: noscript - sha256sum: 283db0eaebbd2888c1a852f5acabaa8e0225ff1eb1a97a25bceaedfd14d9f44c - - URL: https://addons.mozilla.org/firefox/downloads/file/4141256/ublock_origin-1.5… + sha256sum: 6b57d9afce663f801177b7492fe7f00967ee3e66b6351b2cf3ff2a6c3ca99637 + - URL: https://addons.mozilla.org/firefox/downloads/file/4171020/ublock_origin-1.5… name: ublock-origin - sha256sum: 8b73468bc233a11dd2895219466381783d19123857dd0b6fd16a01820fca4834 + sha256sum: e8ee3f9d597a6d42db9d73fe87c1d521de340755fd8bfdd69e41623edfe096d6 enable: '[% c("var/mullvad-browser") %]' - URL: https://github.com/mullvad/browser-extension/releases/download/v0.8.3-firef… name: mullvad-extension ===================================== projects/firefox/config ===================================== @@ -18,7 +18,7 @@ var: firefox_version: '[% c("var/firefox_platform_version") %]esr' browser_series: '12.5' browser_branch: '[% c("var/browser_series") %]-1' - browser_build: 1 + browser_build: 2 branding_directory_prefix: 'tb' copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-[% c("var/osname") %]' @@ -88,7 +88,6 @@ targets: git_url: https://gitlab.torproject.org/tpo/applications/mullvad-browser.git var: branding_directory_prefix: 'mb' - browser_build: 1 gitlab_project: https://gitlab.torproject.org/tpo/applications/mullvad-browser linux-x86_64: ===================================== projects/geckoview/config ===================================== @@ -16,7 +16,7 @@ container: var: geckoview_version: 102.15.1esr browser_branch: 12.5-1 - browser_build: 1 + browser_build: 2 copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' gitlab_project: https://gitlab.torproject.org/tpo/applications/tor-browser git_commit: '[% exec("git rev-parse HEAD") %]' ===================================== projects/tor/config ===================================== @@ -1,6 +1,6 @@ # vim: filetype=yaml sw=2 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz' -version: 0.4.7.14 +version: 0.4.7.15 git_hash: 'tor-[% c("version") %]' git_url: https://gitlab.torproject.org/tpo/core/tor.git git_submodule: 1 ===================================== projects/translation/config ===================================== @@ -6,7 +6,7 @@ version: '[% c("abbrev") %]' steps: base-browser: base-browser: '[% INCLUDE build %]' - git_hash: 566b80ceb253add31128e6bde62a6c0224afeeb9 + git_hash: b7a2b2cde8e814640554e14520b6b81693810bbd targets: nightly: git_hash: 'base-browser' @@ -18,7 +18,7 @@ steps: git_hash: 'basebrowser-newidentityftl' tor-browser: tor-browser: '[% INCLUDE build %]' - git_hash: c4e6b2794f42ab85025fdf61cdb9ed4cc0fbab05 + git_hash: 00be2129bd017415db63a5da5e18ce54375b7dde targets: nightly: git_hash: 'tor-browser' @@ -26,7 +26,7 @@ steps: fenix: '[% INCLUDE build %]' # We need to bump the commit before releasing but just pointing to a branch # might cause too much rebuidling of the Firefox part. - git_hash: 8a98bcc4f466a6cd61c121c502898affc5b96141 + git_hash: fca8abec22d042536973c482af21683edd98f1b1 targets: nightly: git_hash: 'fenix-torbrowserstringsxml' ===================================== rbm.conf ===================================== @@ -94,9 +94,10 @@ buildconf: git_signtag_opt: '-s' var: - torbrowser_version: '12.5.4' + torbrowser_version: '12.5.5' torbrowser_build: 'build1' torbrowser_incremental_from: + - 12.5.4 - 12.5.3 - 12.5.2 - 12.5.1 View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/d… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/d… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 40963: Make update channel usage consistent between geckoview and firefox-android
by Pier Angelo Vendrame (＠pierov) 26 Sep '23

26 Sep '23

Pier Angelo Vendrame pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: e92709ce by Richard Pospesel at 2023-09-25T20:55:45+00:00 Bug 40963: Make update channel usage consistent between geckoview and firefox-android - - - - - 1 changed file: - projects/geckoview/build Changes: ===================================== projects/geckoview/build ===================================== @@ -78,7 +78,7 @@ mkdir "$HOME/.mozbuild" # For single-arch builds, we want to fake a fat aar anyway, to avoid having # arch suffixes in filenames, or having to rename files. cat >> mozconfig-android-all << 'MOZCONFIG_EOF' -ac_add_options --enable-update-channel=[% c("var/channel") %] +ac_add_options --enable-update-channel=[% c("var/variant") %] ac_add_options --with-base-browser-version=[% c("var/torbrowser_version") %] export MOZ_INCLUDE_SOURCE_INFO=1 export MOZ_SOURCE_REPO="[% c('var/gitlab_project') %]" View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/e… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/e… You're receiving this email because of your account on gitlab.torproject.org.

1 0