- tbb-commits - lists.torproject.org

[Git][tpo/applications/tor-browser] Pushed new branch base-browser-102.11.0esr-12.5-1
by Pier Angelo Vendrame (＠pierov) 04 May '23

04 May '23

Pier Angelo Vendrame pushed new branch base-browser-102.11.0esr-12.5-1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/base-brow… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new branch base-browser-102.11.0esr-12.0-1
by Pier Angelo Vendrame (＠pierov) 04 May '23

04 May '23

Pier Angelo Vendrame pushed new branch base-browser-102.11.0esr-12.0-1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/base-brow… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new branch tor-browser-102.11.0esr-12.0-1
by Pier Angelo Vendrame (＠pierov) 04 May '23

04 May '23

Pier Angelo Vendrame pushed new branch tor-browser-102.11.0esr-12.0-1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag FIREFOX_102_11_0esr_BUILD2
by Pier Angelo Vendrame (＠pierov) 04 May '23

04 May '23

Pier Angelo Vendrame pushed new tag FIREFOX_102_11_0esr_BUILD2 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/FIREFOX_1… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.10.0esr-13.0-1] 11 commits: fixup! Bug 41417: Always prompt users to restart after changing language
by Pier Angelo Vendrame (＠pierov) 04 May '23

04 May '23

Pier Angelo Vendrame pushed to branch tor-browser-102.10.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: 7cf4e447 by Pier Angelo Vendrame at 2023-04-20T20:16:02+02:00 fixup! Bug 41417: Always prompt users to restart after changing language Bug 41738: Drop the patch to disable live reload Revert "Bug 41417: Always prompt users to restart after changing language" This reverts commit bad85a459ea24b34f3c09924c6d2b9f0bc750d88. - - - - - 4ae88530 by Pier Angelo Vendrame at 2023-04-20T20:16:02+02:00 fixup! Firefox preference overrides. Bug 41738: Drop the patch to disable live reload and use the pref - - - - - 1ce930e3 by Henry Wilkes at 2023-04-20T20:03:08+00:00 Bug 41736 - Customize toolbar for base-browser. - - - - - d354800c by Henry Wilkes at 2023-04-20T20:03:08+00:00 fixup! Bug 40926: Implemented the New Identity feature Bug 41736 - Stop setting the browser.uiCustomization.state preference. - - - - - adacb2c3 by Henry Wilkes at 2023-04-20T20:03:08+00:00 fixup! Bug 40925: Implemented the Security Level component Bug 41736 - Stop setting the browser.uiCustomization.state preference. - - - - - 491718d1 by Henry Wilkes at 2023-04-20T20:03:08+00:00 fixup! Firefox preference overrides. Bug 41736 - Stop setting the browser.uiCustomization.state preference. - - - - - 352acb10 by Henry Wilkes at 2023-04-20T20:03:08+00:00 Bug 41736 - Customize toolbar for tor-browser. - - - - - 96796fa5 by Henry Wilkes at 2023-04-20T20:03:08+00:00 fixup! Bug 40562: Added Tor Browser preferences to 000-tor-browser.js Bug 41736 - Stop setting the browser.uiCustomization.state preference. - - - - - 9b35dbeb by hackademix at 2023-04-20T20:11:22+00:00 Bug 41728: Pin bridges.torproject.org domains to Let's Encrypt's root cert public key - - - - - 0db7a4bd by Richard Pospesel at 2023-04-23T11:51:30+00:00 fixup! Bug 41649: Create rebase and security backport gitlab issue templates - - - - - d1f3b52e by Henry Wilkes at 2023-05-04T08:43:14+00:00 fixup! Bug 10760: Integrate TorButton to TorBrowser core Bug 41607 - New icon for new circuit toolbar button - - - - - 10 changed files: - .gitlab/issue_templates/Backport Android Security Fixes.md - .gitlab/issue_templates/Rebase Browser - Alpha.md - .gitlab/issue_templates/Rebase Browser - Stable.md - browser/app/profile/000-tor-browser.js - browser/app/profile/001-base-profile.js - browser/components/customizableui/CustomizableUI.jsm - browser/components/extensions/parent/ext-browserAction.js - browser/components/preferences/main.js - browser/themes/shared/icons/new_circuit.svg - security/manager/ssl/StaticHPKPins.h Changes: ===================================== .gitlab/issue_templates/Backport Android Security Fixes.md ===================================== @@ -4,6 +4,7 @@ - example : `102.8.0` - `$(RR_VERSION)` : the Mozilla defined Rapid-Release version; Tor Browser for Android is based off of the `$(ESR_VERSION)`, but Mozilla's Firefox for Android is based off of the `$(RR_VERSION)` so we need to keep track of security vulnerabilities to backport from the monthly Rapid-Release train and our frozen ESR train. - example: `110` +- `$(PROJECT_NAME)` : the name of the browser project, either `base-browser` or `tor-browser` - `$(TOR_BROWSER_MAJOR)` : the Tor Browser major version - example : `12` - `$(TOR_BROWSER_MINOR)` : the Tor Browser minor version @@ -12,7 +13,7 @@ - example : `build1` </details> -**NOTE:** It is assumed the `tor-browser` rebase has already happened and there exists a `build1` build tag for both `base-browser` and `tor-browser` +**NOTE:** It is assumed the `tor-browser` rebase (stable and alpha) has already happened and there exists a `build1` build tags for both `base-browser` and `tor-browser` (stable and alpha) ### **Bookkeeping** @@ -36,26 +37,53 @@ - Create link to the CVE on [mozilla.org](https://www.mozilla.org/en-US/security/advisories/) - example: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-257… - Create link to the associated Bugzilla issues (found in the CVE description) - - Create a link to the relevant `gecko-dev`/other commit hashes which need to be backported OR a brief justification for why the fix does not need to be backported + - Create links to the relevant `gecko-dev`/other commit hashes which need to be backported OR a brief justification for why the fix does not need to be backported - To find the `gecko-dev` version of a `mozilla-central`, search for a unique string in the relevant `mozilla-central` commit message in the `gecko-dev/release` branch log. - **NOTE:** This process is unfortunately somewhat poorly defined/ad-hoc given the general variation in how Bugzilla issues are labeled and resolved. In general this is going to involve a bit of hunting to identify needed commits or determining whether or not the fix is relevant. +### CVEs + + ### **tor-browser** : https://gitlab.torproject.org/tpo/applications/tor-browser.git - [ ] Backport any Android-specific security fixes from Firefox rapid-release - - [ ] Sign/Tag commit: - - Tag : `tor-browser-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)` + - [ ] Backport patches to `tor-browser` stable branch + - [ ] Open MR + - [ ] Merge + - [ ] Rebase patches onto: + - [ ] `base-browser` stable + - [ ] `tor-browser` alpha + - [ ] `base-browser` alpha + - [ ] Sign/Tag commits: + - Tag : `$(PROJECT_NAME)-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)` - Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based alpha)` - - [ ] Push tag to `origin` + - [ ] `base-browser` stable + - [ ] `tor-browser` stable + - [ ] `base-browser` alpha + - [ ] `tor-browser` alpha + - [ ] Push tags to `origin` **OR** - [ ] No backports ### **application-services** : *TODO: we will need to setup a gitlab copy of this repo that we can apply security backports to if there are ever any security issues here* - [ ] Backport any Android-specific security fixes from Firefox rapid-release - - [ ] Sign/Tag commit: + - [ ] Backport patches to `application-services` stable branch + - [ ] Open MR + - [ ] Merge + - [ ] Rebase patches onto `application-services` alpha + - [ ] Sign/Tag commits: - Tag : `application-services-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)` - Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based alpha` - - [ ] Push tag to `origin` + - [ ] `application-services` stable + - [ ] `application-services` alpha + - [ ] Push tags to `origin` **OR** - [ ] No backports @@ -63,10 +91,16 @@ ### **android-components** : https://gitlab.torproject.org/tpo/applications/android-components.git - [ ] Backport any Android-specific security fixes from Firefox rapid-release - **NOTE**: Since November 2022, this repo has been merged with `fenix` into a singular `firefox-android` repo: https://github.com/mozilla-mobile/firefox-android. Any backport will require a patch rewrite to apply to our legacy `android-components` project. - - [ ] Sign/Tag commit: + - [ ] Backport patches to `android-components` stable branch + - [ ] Open MR + - [ ] Merge + - [ ] Rebase patches onto `android-components` alpha + - [ ] Sign/Tag commits: - Tag : `android-components-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)` - Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based alpha)` - - [ ] Push tag to `origin` + - [ ] `android-components` stable + - [ ] `android-components` alpha + - [ ] Push tags to `origin` **OR** - [ ] No backports @@ -74,15 +108,17 @@ ### **fenix** : https://gitlab.torproject.org/tpo/applications/fenix.git - [ ] Backport any Android-specific security fixes from Firefox rapid-release - **NOTE**: Since February 2023, this repo has been merged with `android-components` into a singular `firefox-android` repo: https://github.com/mozilla-mobile/firefox-android. Any backport will require a patch rewrite to apply to our legacy `fenix` project. - - [ ] Sign/Tag commit: + - [ ] Backport patches to `fenix` stable branch + - [ ] Open MR + - [ ] Merge + - [ ] Rebase patches onto `fenix` alpha + - [ ] Sign/Tag commits: - Tag : `tor-browser-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)` - Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based alpha)` - - [ ] Push tag to `origin` + - [ ] `fenix` stable + - [ ] `fenix` alpha + - [ ] Push tags to `origin` **OR** - [ ] No backports -### CVEs - - - /confidential ===================================== .gitlab/issue_templates/Rebase Browser - Alpha.md ===================================== @@ -27,14 +27,46 @@ - [ ] Link this issue to the appropriate [Release Prep](https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/is… issue. +### Update Branch Protection Rules + +- [ ] In [Repository Settings](https://gitlab.torproject.org/tpo/applications/tor-browser/-/sett…: + - [ ] Remove previous alpha `base-browser` and `tor-browser` branch protection rules (this will prevent pushing new changes to the branches being rebased) + - [ ] Create new `base-browser` and `tor-browser` branch protection rule: + - **Branch**: `*-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1*` + - example: `*-102.8.0esr-12.5-1*` + - **Allowed to merge**: `Maintainers` + - **Allowed to push and merge**: `Maintainers` + - **Allowed to force push**: `false` + +### **Create New Branches** + +- [ ] Create new alpha `base-browser` branch from Firefox mercurial tag (found during the stable rebase) + - branch name in the form: `base-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1` + - example: `base-browser-102.8.0esr-12.5-1` +- [ ] Create new alpha `tor-browser` branch from Firefox mercurial tag + - branch name in the form: `tor-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1` + - example: `tor-browser-102.8.0esr-12.5-1` +- [ ] Push new `base-browser` branch to `origin` +- [ ] Push new `tor-browser` branch to `origin` + ### **Rebase base-browser** -- [ ] Checkout a new branch for the `base-browser` rebase +- [ ] Checkout a new local branch for the `base-browser` rebase - example: `git branch base-browser-rebase FIREFOX_102_8_0esr_BUILD1` - [ ] Cherry-pick the previous `base-browser` commits up to `base-browser`'s `build1` tag onto new `base-browser` rebase branch - example: `git cherry-pick FIREFOX_102_7_0esr_BUILD1..base-browser-102.7.0esr-12.5-1-build1` - [ ] Rebase and autosquash these cherry-picked commits - example: `git rebase --autosquash --interactive FIREFOX_102_8_0esr_BUILD1 HEAD` + - [ ] **(Optional)** Patch reordering + - Relocate new `base-browser` patches in the patch-set to enforce this rough thematic ordering: + - **MOZILLA BACKPORTS** - official Firefox patches we have backported to our ESR branch: Android-specific security updates, critical bug fixes, worthwhile features, etc + - **MOZILLA REVERTS** - revert commits of official Firefox patches + - **UPLIFT CANDIDATES** - patches which stand on their own and should be uplifted to `mozilla-central` + - **BUILD CONFIGURATION** - tools/scripts, gitlab templates, etc + - **BROWSER CONFIGURATION** - branding, mozconfigs, preference overrides, etc + - **SECURITY PATCHES** - security improvements, hardening, etc + - **PRIVACY PATCHES** - fingerprinting, linkability, proxy bypass, etc + - **FEATURES** - new functionality: updater, UX, letterboxing, security level, add-on integration, etc - [ ] Cherry-pick remainder of patches after the `build1` tag - example: `git cherry-pick base-browser-102.7.0esr-12.5-1-build1 origin/base-browser-102.7.0esr-12.5-1` - [ ] Compare patch sets to ensure nothing *weird* happened during conflict resolution: @@ -61,15 +93,30 @@ - example: `git cherry-pick base-browser-102.7.0esr-12.5-1-build1..tor-browser-102.7.0esr-12.5-1-build1` - [ ] Rebase and autosquash these cherry-picked commits (from the last new `base-browser` commit to `HEAD`) - example: `git rebase --autosquash --interactive base-browser-102.8.0esr-12.5-1-build1 HEAD` + - [ ] **(Optional)** Patch reordering + - Relocate new `tor-browser` patches in the patch-set to enforce this rough thematic ordering: + - **BUILD CONFIGURATION** - tools/scripts, gitlab templates, etc + - **BROWSER CONFIGURATION** - branding, mozconfigs, preference overrides, etc + - **UPDATER PATCHES** - updater tweaks, signing keys, etc + - **SECURITY PATCHES** - non tor-dependent security improvements, hardening, etc + - **PRIVACY PATCHES** - non tor-dependent fingerprinting, linkability, proxy bypass, etc + - **FEAURES** - non tor-dependent features + - **TOR INTEGRATION** - legacy tor-launcher/torbutton, tor modules, bootstrapping, etc + - **TOR SECURITY PATCHES** - tor-specific security improvements + - **TOR PRIVACY PATCHES** - tor-specific privacy improvements + - **TOR FEATURES** - new tor-specific functionality: manual, onion-location, onion service client auth, etc - [ ] Cherry-pick remainder of patches after the last `buildN` tag - example: `git cherry-pick base-browser-102.7.0esr-12.5-1-build1..origin/tor-browser-102.7.0esr-12.5-1` +- [ ] Rebase and autosquash again (from the last new `base-browser` commit to `HEAD`), this time replacing all `fixup` and `squash` commands with `pick`. The goal here is to have all of the `fixup` and `squash` commits beside the commit which they modify. + - example: `git rebase --autosquash --interactive base-browser-102.8.0esr-12.5-1-build1 HEAD` + - **NOTE**: Do not allow `fixup` or `squash` commands here! - [ ] Compare patch sets to ensure nothing *weird* happened during conflict resolution: - [ ] diff of diffs: - Do the diff between `current_patchset.diff` and `rebased_patchset.diff` with your preferred difftool and look at differences on lines that starts with + or - - `git diff $(ESR_TAG_PREV)..$(BROWSER_BRANCH_PREV) > current_patchset.diff` - `git diff $(ESR_TAG)..$(BROWSER_BRANCH) > rebased_patchset.diff` - diff `current_patchset.diff` and `rebased_patchset.diff` - - If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456` + - If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456` (unless the previous `base-browser` branch includes changes not included in the previous `tor-browser` branch) - [ ] rangediff: `git range-diff $(ESR_TAG_PREV)..$(TOR_BROWSER_BRANCH_PREV) $(ESR_TAG)..HEAD` - example: `git range-dif FIREFOX_102_7_0esr_BUILD1..origin/tor-browser-102.7.0esr-12.5-1 FIREFOX_102_8_0esr_BUILD1..HEAD` - [ ] Open MR for the `tor-browser` rebase ===================================== .gitlab/issue_templates/Rebase Browser - Stable.md ===================================== @@ -25,6 +25,17 @@ - [ ] Link this issue to the appropriate [Release Prep](https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/is… issue. +### Update Branch Protection Rules + +- [ ] In [Repository Settings](https://gitlab.torproject.org/tpo/applications/tor-browser/-/sett…: + - [ ] Remove previous stable `base-browser` and `tor-browser` branch protection rules (this will prevent pushing new changes to the branches being rebased) + - [ ] Create new `base-browser` and `tor-browser` branch protection rule: + - **Branch**: `*-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1*` + - example: `*-102.8.0esr-12.0-1*` + - **Allowed to merge**: `Maintainers` + - **Allowed to push and merge**: `Maintainers` + - **Allowed to force push**: `false` + ### **Identify the Firefox Tagged Commit and Create New Branches** - [ ] Find the Firefox mercurial tag here : https://hg.mozilla.org/releases/mozilla-esr102/tags @@ -48,7 +59,7 @@ ### **Rebase base-browser** -- [ ] Checkout a new branch for the `base-browser` rebase +- [ ] Checkout a new local branch for the `base-browser` rebase - example: `git branch base-browser-rebase FIREFOX_102_8_0esr_BUILD1` - [ ] Cherry-pick the previous `base-browser` commits up to `base-browser`'s `build1` tag onto new `base-browser` rebase branch - example: `git cherry-pick FIREFOX_102_7_0esr_BUILD1..base-browser-102.7.0esr-12.0-1-build1` @@ -72,6 +83,7 @@ - Message : `Tagging build1 for $(ESR_VERSION)esr-based stable` - [ ] Push tag to `origin` + ### **Rebase tor-browser** - [ ] Checkout a new branch for the `tor-browser` rebase starting from the `base-browser` `build1` tag @@ -88,7 +100,7 @@ - `git diff $(ESR_TAG_PREV)..$(BROWSER_BRANCH_PREV) > current_patchset.diff` - `git diff $(ESR_TAG)..$(BROWSER_BRANCH) > rebased_patchset.diff` - diff `current_patchset.diff` and `rebased_patchset.diff` - - If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456` + - If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456` (unless the previous `base-browser` branch includes changes not included in the previous `tor-browser` branch) - [ ] rangediff: `git range-diff $(ESR_TAG_PREV)..$(TOR_BROWSER_BRANCH_PREV) $(ESR_TAG)..HEAD` - example: `git range-dif FIREFOX_102_7_0esr_BUILD1..origin/tor-browser-102.7.0esr-12.0-1 FIREFOX_102_8_0esr_BUILD1..HEAD` - [ ] Open MR for the `tor-browser` rebase @@ -97,4 +109,3 @@ - Tag : `tor-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1-build1` - Message : `Tagging build1 for $(ESR_VERSION)esr-based stable` - [ ] Push tag to `origin` - ===================================== browser/app/profile/000-tor-browser.js ===================================== @@ -30,8 +30,6 @@ pref("network.security.ports.banned", "", locked); pref("network.dns.disabled", true); // This should cover the #5741 patch for DNS leaks pref("network.http.max-persistent-connections-per-proxy", 256); -pref("browser.uiCustomization.state", "{\"placements\":{\"widget-overflow-fixed-list\":[],\"PersonalToolbar\":[\"personal-bookmarks\"],\"nav-bar\":[\"back-button\",\"forward-button\",\"stop-reload-button\",\"urlbar-container\",\"torbutton-button\",\"security-level-button\",\"new-identity-button\",\"downloads-button\"],\"TabsToolbar\":[\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\"],\"toolbar-menubar\":[\"menubar-items\"],\"PanelUI-contents\":[\"home-button\",\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"save-page-button\",\"print-button\",\"bookmarks-menu-button\",\"history-panelmenu\",\"find-button\",\"preferences-button\",\"add-ons-button\",\"developer-button\"],\"addon-bar\":[\"addonbar-closebutton\",\"status-bar\"]},\"seen\":[\"developer-button\",\"_73a6fe31-595d-460b-a920-fcc0f8843232_-browser-action\"],\"dirtyAreaCache\":[\"PersonalToolbar\",\"nav-bar\",\"TabsToolbar\",\"toolbar-menubar\"],\"currentVersion\":14,\"newElementCount\":1}"); - // Treat .onions as secure pref("dom.securecontext.allowlist_onions", true); ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -464,9 +464,6 @@ pref("intl.multilingual.downloadEnabled", false); // Disk activity: Disable storage.sync (tor-browser#41424) pref("webextensions.storage.sync.enabled", false); -// Toolbar layout -pref("browser.uiCustomization.state", "{\"placements\":{\"widget-overflow-fixed-list\":[],\"PersonalToolbar\":[\"personal-bookmarks\"],\"nav-bar\":[\"back-button\",\"forward-button\",\"stop-reload-button\",\"urlbar-container\",\"security-level-button\",\"new-identity-button\",\"downloads-button\"],\"TabsToolbar\":[\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\"],\"toolbar-menubar\":[\"menubar-items\"],\"PanelUI-contents\":[\"home-button\",\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"save-page-button\",\"print-button\",\"bookmarks-menu-button\",\"history-panelmenu\",\"find-button\",\"preferences-button\",\"add-ons-button\",\"developer-button\"],\"addon-bar\":[\"addonbar-closebutton\",\"status-bar\"]},\"seen\":[\"developer-button\"],\"dirtyAreaCache\":[\"PersonalToolbar\",\"nav-bar\",\"TabsToolbar\",\"toolbar-menubar\"],\"currentVersion\":14,\"newElementCount\":1}"); - // Enforce certificate pinning, see: https://bugs.torproject.org/16206 pref("security.cert_pinning.enforcement_level", 2); @@ -499,6 +496,10 @@ pref("browser.urlbar.suggest.topsites", false); // is only reported via telemetry (which is disabled). See tor-browser#40048. pref("corroborator.enabled", false); +// tor-browser#41417: do not allow live reload until we switch to Fluent and +// stop using .textContent. +pref("intl.multilingual.liveReload", false); + // Onboarding. pref("browser.onboarding.tourset-version", 5); pref("browser.onboarding.newtour", "welcome,privacy,tor-network-9.0,circuit-display,security,expect-differences,onion-services,learn-more"); ===================================== browser/components/customizableui/CustomizableUI.jsm ===================================== @@ -65,6 +65,16 @@ const kSubviewEvents = ["ViewShowing", "ViewHiding"]; */ var kVersion = 17; +/** + * The current version for base browser. + */ +var kVersionBaseBrowser = 1; + +/** + * The current version for tor browser. + */ +var kVersionTorBrowser = 1; + /** * Buttons removed from built-ins by version they were removed. kVersion must be * bumped any time a new id is added to this. Use the button id as key, and @@ -218,6 +228,8 @@ var CustomizableUIInternal = { this._updateForNewVersion(); this._updateForNewProtonVersion(); this._markObsoleteBuiltinButtonsSeen(); + this._updateForBaseBrowser(); + this._updateForTorBrowser(); this.registerArea( CustomizableUI.AREA_FIXED_OVERFLOW_PANEL, @@ -236,10 +248,17 @@ var CustomizableUIInternal = { Services.policies.isAllowed("removeHomeButtonByDefault") ? null : "home-button", - "spring", + // Don't want springs either side of the urlbar. tor-browser#41736 "urlbar-container", - "spring", - "save-to-pocket-button", + // save-to-pocket-button is entirely disabled. See tor-browser#18886 and + // tor-browser#31602. + // Base-browser additions tor-browser#41736. If you want to add to, remove + // from, or rearrange this list, then bump the kVersionBaseBrowser and + // update existing saved states in _updateForBaseBrowser. + // Or if the change is only meant for tor-browser, bump kVersionTorBrowser + // instead and update the existing saved states in _updateForTorBrowser. + "security-level-button", + "new-identity-button", "downloads-button", AppConstants.MOZ_DEV_EDITION ? "developer-button" : null, "fxa-toolbar-menu-button", @@ -255,6 +274,10 @@ var CustomizableUIInternal = { }, true ); + // navbarPlacements does not match the initial default XHTML layout. + // Therefore we always need to rebuild the navbar area when + // registerToolbarNode is called. tor-browser#41736 + gDirtyAreaCache.add(CustomizableUI.AREA_NAVBAR); if (AppConstants.MENUBAR_CAN_AUTOHIDE) { this.registerArea( @@ -687,6 +710,123 @@ var CustomizableUIInternal = { } }, + _updateForBaseBrowser() { + if (!gSavedState) { + // Use the defaults. + return; + } + + const currentVersion = gSavedState.currentVersionBaseBrowser; + + if (currentVersion < 1) { + // NOTE: In base-browser/tor-browser version 12.5a5, and earlier, the + // toolbar was configured by setting the full JSON string for the default + // "browser.uiCustomization.state" preference value. The disadvantage is + // that we could not update this value in a way that existing users (who + // would have non-default preference values) would also get the desired + // change (e.g. for adding or removing a button). + // + // With tor-browser#41736 we want to switch to changing the toolbar + // dynamically like firefox. Therefore, this first version transfer simply + // gets the toolbar into the same state we wanted before, away from the + // default firefox state. + // + // If an existing user state aligned with the previous default + // "browser.uiCustomization.state" then this shouldn't visibly change + // anything. + // If a user explicitly customized the toolbar to go back to the firefox + // default, then this may undo those changes. + const navbarPlacements = + gSavedState.placements[CustomizableUI.AREA_NAVBAR]; + if (navbarPlacements) { + const getBeforeAfterUrlbar = () => { + // NOTE: The urlbar is non-removable from the navbar, so should have + // an index. + const index = navbarPlacements.indexOf("urlbar-container"); + let after = index + 1; + if ( + after < navbarPlacements.length && + navbarPlacements[after] === "search-container" + ) { + // Skip past the search-container. + after++; + } + return { before: index - 1, after }; + }; + + // Remove the urlbar springs either side of the urlbar. + const { before, after } = getBeforeAfterUrlbar(); + if ( + after < navbarPlacements.length && + this.matchingSpecials(navbarPlacements[after], "spring") + ) { + // Remove the spring after. + navbarPlacements.splice(after, 1); + // NOTE: The `before` index does not change. + } + if ( + before >= 0 && + this.matchingSpecials(navbarPlacements[before], "spring") + ) { + // Remove the spring before. + navbarPlacements.splice(before, 1); + } + + // Make sure the security-level-button and new-identity-button appears + // in the toolbar. + for (const id of ["new-identity-button", "security-level-button"]) { + let alreadyAdded = false; + for (const placements of Object.values(gSavedState.placements)) { + if (placements.includes(id)) { + alreadyAdded = true; + break; + } + } + if (alreadyAdded) { + continue; + } + + // Add to the nav-bar, after the urlbar-container. + // NOTE: We have already removed the spring after the urlbar. + navbarPlacements.splice(getBeforeAfterUrlbar().after, 0, id); + } + } + + // Remove save-to-pocket-button. See tor-browser#18886 and + // tor-browser#31602. + for (const placements of Object.values(gSavedState.placements)) { + let buttonIndex = placements.indexOf("save-to-pocket-button"); + if (buttonIndex != -1) { + placements.splice(buttonIndex, 1); + } + } + + // Remove unused fields that used to be part of + // "browser.uiCustomization.state". + delete gSavedState.placements["PanelUI-contents"]; + delete gSavedState.placements["addon-bar"]; + } + }, + + _updateForTorBrowser() { + if (!gSavedState) { + // Use the defaults. + return; + } + + const currentVersion = gSavedState.currentVersionTorBrowser; + + if (currentVersion < 1) { + // Remove torbutton-button, which no longer exists. + for (const placements of Object.values(gSavedState.placements)) { + let buttonIndex = placements.indexOf("torbutton-button"); + if (buttonIndex != -1) { + placements.splice(buttonIndex, 1); + } + } + } + }, + _placeNewDefaultWidgetsInArea(aArea) { let futurePlacedWidgets = gFuturePlacements.get(aArea); let savedPlacements = @@ -2501,6 +2641,14 @@ var CustomizableUIInternal = { gSavedState.currentVersion = 0; } + if (!("currentVersionBaseBrowser" in gSavedState)) { + gSavedState.currentVersionBaseBrowser = 0; + } + + if (!("currentVersionTorBrowser" in gSavedState)) { + gSavedState.currentVersionTorBrowser = 0; + } + gSeenWidgets = new Set(gSavedState.seen || []); gDirtyAreaCache = new Set(gSavedState.dirtyAreaCache || []); gNewElementCount = gSavedState.newElementCount || 0; @@ -2579,6 +2727,8 @@ var CustomizableUIInternal = { seen: gSeenWidgets, dirtyAreaCache: gDirtyAreaCache, currentVersion: kVersion, + currentVersionBaseBrowser: kVersionBaseBrowser, + currentVersionTorBrowser: kVersionTorBrowser, newElementCount: gNewElementCount, }; ===================================== browser/components/extensions/parent/ext-browserAction.js ===================================== @@ -193,6 +193,10 @@ this.browserAction = class extends ExtensionAPIPersistent { } build() { + // The extension ID for NoScript (WebExtension) + const isNoScript = + this.extension.id === "{73a6fe31-595d-460b-a920-fcc0f8843232}"; + let widget = CustomizableUI.createWidget({ id: this.id, viewId: this.viewId, @@ -200,7 +204,11 @@ this.browserAction = class extends ExtensionAPIPersistent { removable: true, label: this.action.getProperty(null, "title"), tooltiptext: this.action.getProperty(null, "title"), - defaultArea: browserAreas[this.action.getDefaultArea()], + // Do not want to add the NoScript extension to the toolbar by default. + // tor-browser#41736 + defaultArea: isNoScript + ? null + : browserAreas[this.action.getDefaultArea()], showInPrivateBrowsing: this.extension.privateBrowsingAllowed, // Don't attempt to load properties from the built-in widget string ===================================== browser/components/preferences/main.js ===================================== @@ -1196,17 +1196,18 @@ var gMainPane = { gMainPane.recordBrowserLanguagesTelemetry("reorder"); switch (gMainPane.getLanguageSwitchTransitionType(newLocales)) { - // tor-browser#41417: Always prompt for the restart, until we switch to - // Fluent, since the current way we use to update languages does not allow - // live-reload. We could also call showConfirmLanguageChangeMessageBar in - // the official live-reload case, but the result is inconsistent and makes - // handling the locales-match case harder. case "requires-restart": - case "live-reload": // Prepare to change the locales, as they were different. gMainPane.showConfirmLanguageChangeMessageBar(newLocales); gMainPane.updatePrimaryBrowserLanguageUI(newLocales[0]); break; + case "live-reload": + Services.locale.requestedLocales = newLocales; + gMainPane.updatePrimaryBrowserLanguageUI( + Services.locale.appLocaleAsBCP47 + ); + gMainPane.hideConfirmLanguageChangeMessageBar(); + break; case "locales-match": // They matched, so we can reset the UI. gMainPane.updatePrimaryBrowserLanguageUI( @@ -1459,12 +1460,18 @@ var gMainPane = { } switch (gMainPane.getLanguageSwitchTransitionType(selected)) { - // tor-browser#41417: see onPrimaryBrowserLanguageMenuChange case "requires-restart": - case "live-reload": gMainPane.showConfirmLanguageChangeMessageBar(selected); gMainPane.updatePrimaryBrowserLanguageUI(selected[0]); break; + case "live-reload": + Services.locale.requestedLocales = selected; + + gMainPane.updatePrimaryBrowserLanguageUI( + Services.locale.appLocaleAsBCP47 + ); + gMainPane.hideConfirmLanguageChangeMessageBar(); + break; case "locales-match": // They matched, so we can reset the UI. gMainPane.updatePrimaryBrowserLanguageUI( ===================================== browser/themes/shared/icons/new_circuit.svg ===================================== @@ -1,6 +1,4 @@ -<svg width="16px" height="16px" viewBox="0 0 16 16" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> - <g stroke="none" stroke-width="1" fill="context-fill" fill-rule="evenodd" opacity="context-fill-opacity"> - <path d="m10.707 6h3.993l.3-.3v-3.993c.0002-.09902-.0291-.19586-.084-.27825s-.1331-.14661-.2245-.18453c-.0915-.03792-.1922-.04782-.2893-.02845-.0971.01936-.1863.06713-.2562.13723l-1.459 1.459c-1.2817-1.16743-2.95335-1.813714-4.687-1.812-3.859 0-7 3.141-7 7s3.141 7 7 7c1.74123.007 3.422-.6379 4.7116-1.8079 1.2896-1.1701 2.0945-2.7804 2.2564-4.5141.0156-.1649-.0348-.32927-.1401-.4571s-.2571-.2087-.4219-.2249c-.1644-.01324-.3275.03801-.4548.1429s-.2088.2552-.2272.4191c-.1334 1.42392-.7948 2.7464-1.854 3.7072-1.0593.9609-2.43986 1.4905-3.87 1.4848-3.171 0-5.75-2.579-5.75-5.75s2.579-5.75 5.75-5.75c1.40277-.00207 2.7572.5123 3.805 1.445l-1.451 1.451c-.07.06987-.1178.15895-.1372.25597-.0194.09701-.0096.1976.0282.28903.0378.09144.1019.1696.1841.22461.0823.055.179.08437.2779.08439z"/> - <path d="m8 12.5c-2.48528 0-4.5-2.0147-4.5-4.5 0-2.48528 2.01472-4.5 4.5-4.5z"/> - </g> +<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg"> +<path fill-rule="evenodd" clip-rule="evenodd" d="M10.5994 2.89744C9.52191 2.34851 8.2983 2.15477 7.10392 2.34398C6.64247 2.41708 6.19453 2.5459 5.76923 2.72578C5.82159 2.91042 5.84961 3.10529 5.84961 3.3067C5.84961 4.48031 4.89821 5.4317 3.72461 5.4317C2.551 5.4317 1.59961 4.48031 1.59961 3.3067C1.59961 2.1331 2.551 1.1817 3.72461 1.1817C4.23757 1.1817 4.70808 1.36346 5.07525 1.66608C5.65429 1.3987 6.27072 1.21038 6.90834 1.10937C8.36342 0.878863 9.85413 1.11489 11.1668 1.78364C12.4795 2.45239 13.5468 3.51953 14.2158 4.83212C14.8848 6.14471 15.121 7.63538 14.8907 9.0905C14.8368 9.43143 14.5167 9.66408 14.1757 9.61013C13.8348 9.55617 13.6022 9.23605 13.6561 8.89511C13.8451 7.70071 13.6512 6.47713 13.1021 5.39971C12.553 4.3223 11.6769 3.44636 10.5994 2.89744ZM4.64961 3.3067C4.64961 3.81756 4.23547 4.2317 3.72461 4.2317C3.21375 4.2317 2.79961 3.81756 2.79961 3.3067C2.79961 2.79584 3.21375 2.3817 3.72461 2.3817C4.23547 2.3817 4.64961 2.79584 4.64961 3.3067Z" fill="context-fill"/> +<path fill-rule="evenodd" clip-rule="evenodd" d="M1.82421 6.38991C2.16514 6.44387 2.39779 6.76399 2.34383 7.10492C2.15482 8.29933 2.34875 9.52291 2.89785 10.6003C3.44695 11.6777 4.32303 12.5537 5.40053 13.1026C6.47803 13.6515 7.70165 13.8453 8.89602 13.6561C9.35628 13.5831 9.8031 13.4548 10.2274 13.2757C10.1734 13.0884 10.1445 12.8906 10.1445 12.686C10.1445 11.5124 11.0959 10.561 12.2695 10.561C13.4431 10.561 14.3945 11.5124 14.3945 12.686C14.3945 13.8596 13.4431 14.811 12.2695 14.811C11.7602 14.811 11.2927 14.6318 10.9267 14.333C10.3471 14.6009 9.72997 14.7895 9.0916 14.8907C7.63652 15.1212 6.14581 14.8851 4.83311 14.2164C3.52042 13.5476 2.45311 12.4805 1.78415 11.1679C1.11519 9.85533 0.878921 8.36466 1.1092 6.90954C1.16315 6.56861 1.48327 6.33596 1.82421 6.38991ZM13.1945 12.686C13.1945 13.1968 12.7804 13.611 12.2695 13.611C11.7587 13.611 11.3445 13.1968 11.3445 12.686C11.3445 12.1751 11.7587 11.761 12.2695 11.761C12.7804 11.761 13.1945 12.1751 13.1945 12.686Z" fill="context-fill"/> </svg> ===================================== security/manager/ssl/StaticHPKPins.h ===================================== @@ -451,6 +451,14 @@ static const StaticFingerprints kPinset_tor = { kPinset_tor_Data }; +static const char* const kPinset_tor_browser_Data[] = { + kISRG_Root_X1Fingerprint, +}; +static const StaticFingerprints kPinset_tor_browser = { + sizeof(kPinset_tor_browser_Data) / sizeof(const char*), + kPinset_tor_browser_Data +}; + static const char* const kPinset_twitterCom_Data[] = { kGOOGLE_PIN_VeriSignClass2_G2Fingerprint, kGOOGLE_PIN_VeriSignClass3_G2Fingerprint, @@ -619,6 +627,7 @@ static const TransportSecurityPreload kPublicKeyPinningPreloadList[] = { { "blogger.com", true, false, false, -1, &kPinset_google_root_pems }, { "blogspot.com", true, false, false, -1, &kPinset_google_root_pems }, { "br.search.yahoo.com", false, true, false, -1, &kPinset_yahoo }, + { "bridges.torproject.org", false, false, false, -1, &kPinset_tor_browser }, { "bugs.chromium.org", true, false, false, -1, &kPinset_google_root_pems }, { "build.chromium.org", true, false, false, -1, &kPinset_google_root_pems }, { "business.facebook.com", true, false, false, -1, &kPinset_facebook }, View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/337dcb… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/337dcb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.10.0esr-12.5-1] fixup! Bug 10760: Integrate TorButton to TorBrowser core
by Pier Angelo Vendrame (＠pierov) 04 May '23

04 May '23

Pier Angelo Vendrame pushed to branch tor-browser-102.10.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: d1f3b52e by Henry Wilkes at 2023-05-04T08:43:14+00:00 fixup! Bug 10760: Integrate TorButton to TorBrowser core Bug 41607 - New icon for new circuit toolbar button - - - - - 1 changed file: - browser/themes/shared/icons/new_circuit.svg Changes: ===================================== browser/themes/shared/icons/new_circuit.svg ===================================== @@ -1,6 +1,4 @@ -<svg width="16px" height="16px" viewBox="0 0 16 16" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> - <g stroke="none" stroke-width="1" fill="context-fill" fill-rule="evenodd" opacity="context-fill-opacity"> - <path d="m10.707 6h3.993l.3-.3v-3.993c.0002-.09902-.0291-.19586-.084-.27825s-.1331-.14661-.2245-.18453c-.0915-.03792-.1922-.04782-.2893-.02845-.0971.01936-.1863.06713-.2562.13723l-1.459 1.459c-1.2817-1.16743-2.95335-1.813714-4.687-1.812-3.859 0-7 3.141-7 7s3.141 7 7 7c1.74123.007 3.422-.6379 4.7116-1.8079 1.2896-1.1701 2.0945-2.7804 2.2564-4.5141.0156-.1649-.0348-.32927-.1401-.4571s-.2571-.2087-.4219-.2249c-.1644-.01324-.3275.03801-.4548.1429s-.2088.2552-.2272.4191c-.1334 1.42392-.7948 2.7464-1.854 3.7072-1.0593.9609-2.43986 1.4905-3.87 1.4848-3.171 0-5.75-2.579-5.75-5.75s2.579-5.75 5.75-5.75c1.40277-.00207 2.7572.5123 3.805 1.445l-1.451 1.451c-.07.06987-.1178.15895-.1372.25597-.0194.09701-.0096.1976.0282.28903.0378.09144.1019.1696.1841.22461.0823.055.179.08437.2779.08439z"/> - <path d="m8 12.5c-2.48528 0-4.5-2.0147-4.5-4.5 0-2.48528 2.01472-4.5 4.5-4.5z"/> - </g> +<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg"> +<path fill-rule="evenodd" clip-rule="evenodd" d="M10.5994 2.89744C9.52191 2.34851 8.2983 2.15477 7.10392 2.34398C6.64247 2.41708 6.19453 2.5459 5.76923 2.72578C5.82159 2.91042 5.84961 3.10529 5.84961 3.3067C5.84961 4.48031 4.89821 5.4317 3.72461 5.4317C2.551 5.4317 1.59961 4.48031 1.59961 3.3067C1.59961 2.1331 2.551 1.1817 3.72461 1.1817C4.23757 1.1817 4.70808 1.36346 5.07525 1.66608C5.65429 1.3987 6.27072 1.21038 6.90834 1.10937C8.36342 0.878863 9.85413 1.11489 11.1668 1.78364C12.4795 2.45239 13.5468 3.51953 14.2158 4.83212C14.8848 6.14471 15.121 7.63538 14.8907 9.0905C14.8368 9.43143 14.5167 9.66408 14.1757 9.61013C13.8348 9.55617 13.6022 9.23605 13.6561 8.89511C13.8451 7.70071 13.6512 6.47713 13.1021 5.39971C12.553 4.3223 11.6769 3.44636 10.5994 2.89744ZM4.64961 3.3067C4.64961 3.81756 4.23547 4.2317 3.72461 4.2317C3.21375 4.2317 2.79961 3.81756 2.79961 3.3067C2.79961 2.79584 3.21375 2.3817 3.72461 2.3817C4.23547 2.3817 4.64961 2.79584 4.64961 3.3067Z" fill="context-fill"/> +<path fill-rule="evenodd" clip-rule="evenodd" d="M1.82421 6.38991C2.16514 6.44387 2.39779 6.76399 2.34383 7.10492C2.15482 8.29933 2.34875 9.52291 2.89785 10.6003C3.44695 11.6777 4.32303 12.5537 5.40053 13.1026C6.47803 13.6515 7.70165 13.8453 8.89602 13.6561C9.35628 13.5831 9.8031 13.4548 10.2274 13.2757C10.1734 13.0884 10.1445 12.8906 10.1445 12.686C10.1445 11.5124 11.0959 10.561 12.2695 10.561C13.4431 10.561 14.3945 11.5124 14.3945 12.686C14.3945 13.8596 13.4431 14.811 12.2695 14.811C11.7602 14.811 11.2927 14.6318 10.9267 14.333C10.3471 14.6009 9.72997 14.7895 9.0916 14.8907C7.63652 15.1212 6.14581 14.8851 4.83311 14.2164C3.52042 13.5476 2.45311 12.4805 1.78415 11.1679C1.11519 9.85533 0.878921 8.36466 1.1092 6.90954C1.16315 6.56861 1.48327 6.33596 1.82421 6.38991ZM13.1945 12.686C13.1945 13.1968 12.7804 13.611 12.2695 13.611C11.7587 13.611 11.3445 13.1968 11.3445 12.686C11.3445 12.1751 11.7587 11.761 12.2695 11.761C12.7804 11.761 13.1945 12.1751 13.1945 12.686Z" fill="context-fill"/> </svg> View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/d1f3b52… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/d1f3b52… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.10.0esr-12.5-1] fixup! Bug 41649: Create rebase and security backport gitlab issue templates
by Richard Pospesel (＠richard) 23 Apr '23

23 Apr '23

Richard Pospesel pushed to branch tor-browser-102.10.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: 0db7a4bd by Richard Pospesel at 2023-04-23T11:51:30+00:00 fixup! Bug 41649: Create rebase and security backport gitlab issue templates - - - - - 3 changed files: - .gitlab/issue_templates/Backport Android Security Fixes.md - .gitlab/issue_templates/Rebase Browser - Alpha.md - .gitlab/issue_templates/Rebase Browser - Stable.md Changes: ===================================== .gitlab/issue_templates/Backport Android Security Fixes.md ===================================== @@ -4,6 +4,7 @@ - example : `102.8.0` - `$(RR_VERSION)` : the Mozilla defined Rapid-Release version; Tor Browser for Android is based off of the `$(ESR_VERSION)`, but Mozilla's Firefox for Android is based off of the `$(RR_VERSION)` so we need to keep track of security vulnerabilities to backport from the monthly Rapid-Release train and our frozen ESR train. - example: `110` +- `$(PROJECT_NAME)` : the name of the browser project, either `base-browser` or `tor-browser` - `$(TOR_BROWSER_MAJOR)` : the Tor Browser major version - example : `12` - `$(TOR_BROWSER_MINOR)` : the Tor Browser minor version @@ -12,7 +13,7 @@ - example : `build1` </details> -**NOTE:** It is assumed the `tor-browser` rebase has already happened and there exists a `build1` build tag for both `base-browser` and `tor-browser` +**NOTE:** It is assumed the `tor-browser` rebase (stable and alpha) has already happened and there exists a `build1` build tags for both `base-browser` and `tor-browser` (stable and alpha) ### **Bookkeeping** @@ -36,26 +37,53 @@ - Create link to the CVE on [mozilla.org](https://www.mozilla.org/en-US/security/advisories/) - example: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-257… - Create link to the associated Bugzilla issues (found in the CVE description) - - Create a link to the relevant `gecko-dev`/other commit hashes which need to be backported OR a brief justification for why the fix does not need to be backported + - Create links to the relevant `gecko-dev`/other commit hashes which need to be backported OR a brief justification for why the fix does not need to be backported - To find the `gecko-dev` version of a `mozilla-central`, search for a unique string in the relevant `mozilla-central` commit message in the `gecko-dev/release` branch log. - **NOTE:** This process is unfortunately somewhat poorly defined/ad-hoc given the general variation in how Bugzilla issues are labeled and resolved. In general this is going to involve a bit of hunting to identify needed commits or determining whether or not the fix is relevant. +### CVEs + + ### **tor-browser** : https://gitlab.torproject.org/tpo/applications/tor-browser.git - [ ] Backport any Android-specific security fixes from Firefox rapid-release - - [ ] Sign/Tag commit: - - Tag : `tor-browser-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)` + - [ ] Backport patches to `tor-browser` stable branch + - [ ] Open MR + - [ ] Merge + - [ ] Rebase patches onto: + - [ ] `base-browser` stable + - [ ] `tor-browser` alpha + - [ ] `base-browser` alpha + - [ ] Sign/Tag commits: + - Tag : `$(PROJECT_NAME)-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)` - Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based alpha)` - - [ ] Push tag to `origin` + - [ ] `base-browser` stable + - [ ] `tor-browser` stable + - [ ] `base-browser` alpha + - [ ] `tor-browser` alpha + - [ ] Push tags to `origin` **OR** - [ ] No backports ### **application-services** : *TODO: we will need to setup a gitlab copy of this repo that we can apply security backports to if there are ever any security issues here* - [ ] Backport any Android-specific security fixes from Firefox rapid-release - - [ ] Sign/Tag commit: + - [ ] Backport patches to `application-services` stable branch + - [ ] Open MR + - [ ] Merge + - [ ] Rebase patches onto `application-services` alpha + - [ ] Sign/Tag commits: - Tag : `application-services-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)` - Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based alpha` - - [ ] Push tag to `origin` + - [ ] `application-services` stable + - [ ] `application-services` alpha + - [ ] Push tags to `origin` **OR** - [ ] No backports @@ -63,10 +91,16 @@ ### **android-components** : https://gitlab.torproject.org/tpo/applications/android-components.git - [ ] Backport any Android-specific security fixes from Firefox rapid-release - **NOTE**: Since November 2022, this repo has been merged with `fenix` into a singular `firefox-android` repo: https://github.com/mozilla-mobile/firefox-android. Any backport will require a patch rewrite to apply to our legacy `android-components` project. - - [ ] Sign/Tag commit: + - [ ] Backport patches to `android-components` stable branch + - [ ] Open MR + - [ ] Merge + - [ ] Rebase patches onto `android-components` alpha + - [ ] Sign/Tag commits: - Tag : `android-components-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)` - Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based alpha)` - - [ ] Push tag to `origin` + - [ ] `android-components` stable + - [ ] `android-components` alpha + - [ ] Push tags to `origin` **OR** - [ ] No backports @@ -74,15 +108,17 @@ ### **fenix** : https://gitlab.torproject.org/tpo/applications/fenix.git - [ ] Backport any Android-specific security fixes from Firefox rapid-release - **NOTE**: Since February 2023, this repo has been merged with `android-components` into a singular `firefox-android` repo: https://github.com/mozilla-mobile/firefox-android. Any backport will require a patch rewrite to apply to our legacy `fenix` project. - - [ ] Sign/Tag commit: + - [ ] Backport patches to `fenix` stable branch + - [ ] Open MR + - [ ] Merge + - [ ] Rebase patches onto `fenix` alpha + - [ ] Sign/Tag commits: - Tag : `tor-browser-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)` - Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based alpha)` - - [ ] Push tag to `origin` + - [ ] `fenix` stable + - [ ] `fenix` alpha + - [ ] Push tags to `origin` **OR** - [ ] No backports -### CVEs - - - /confidential ===================================== .gitlab/issue_templates/Rebase Browser - Alpha.md ===================================== @@ -27,14 +27,46 @@ - [ ] Link this issue to the appropriate [Release Prep](https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/is… issue. +### Update Branch Protection Rules + +- [ ] In [Repository Settings](https://gitlab.torproject.org/tpo/applications/tor-browser/-/sett…: + - [ ] Remove previous alpha `base-browser` and `tor-browser` branch protection rules (this will prevent pushing new changes to the branches being rebased) + - [ ] Create new `base-browser` and `tor-browser` branch protection rule: + - **Branch**: `*-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1*` + - example: `*-102.8.0esr-12.5-1*` + - **Allowed to merge**: `Maintainers` + - **Allowed to push and merge**: `Maintainers` + - **Allowed to force push**: `false` + +### **Create New Branches** + +- [ ] Create new alpha `base-browser` branch from Firefox mercurial tag (found during the stable rebase) + - branch name in the form: `base-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1` + - example: `base-browser-102.8.0esr-12.5-1` +- [ ] Create new alpha `tor-browser` branch from Firefox mercurial tag + - branch name in the form: `tor-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1` + - example: `tor-browser-102.8.0esr-12.5-1` +- [ ] Push new `base-browser` branch to `origin` +- [ ] Push new `tor-browser` branch to `origin` + ### **Rebase base-browser** -- [ ] Checkout a new branch for the `base-browser` rebase +- [ ] Checkout a new local branch for the `base-browser` rebase - example: `git branch base-browser-rebase FIREFOX_102_8_0esr_BUILD1` - [ ] Cherry-pick the previous `base-browser` commits up to `base-browser`'s `build1` tag onto new `base-browser` rebase branch - example: `git cherry-pick FIREFOX_102_7_0esr_BUILD1..base-browser-102.7.0esr-12.5-1-build1` - [ ] Rebase and autosquash these cherry-picked commits - example: `git rebase --autosquash --interactive FIREFOX_102_8_0esr_BUILD1 HEAD` + - [ ] **(Optional)** Patch reordering + - Relocate new `base-browser` patches in the patch-set to enforce this rough thematic ordering: + - **MOZILLA BACKPORTS** - official Firefox patches we have backported to our ESR branch: Android-specific security updates, critical bug fixes, worthwhile features, etc + - **MOZILLA REVERTS** - revert commits of official Firefox patches + - **UPLIFT CANDIDATES** - patches which stand on their own and should be uplifted to `mozilla-central` + - **BUILD CONFIGURATION** - tools/scripts, gitlab templates, etc + - **BROWSER CONFIGURATION** - branding, mozconfigs, preference overrides, etc + - **SECURITY PATCHES** - security improvements, hardening, etc + - **PRIVACY PATCHES** - fingerprinting, linkability, proxy bypass, etc + - **FEATURES** - new functionality: updater, UX, letterboxing, security level, add-on integration, etc - [ ] Cherry-pick remainder of patches after the `build1` tag - example: `git cherry-pick base-browser-102.7.0esr-12.5-1-build1 origin/base-browser-102.7.0esr-12.5-1` - [ ] Compare patch sets to ensure nothing *weird* happened during conflict resolution: @@ -61,15 +93,30 @@ - example: `git cherry-pick base-browser-102.7.0esr-12.5-1-build1..tor-browser-102.7.0esr-12.5-1-build1` - [ ] Rebase and autosquash these cherry-picked commits (from the last new `base-browser` commit to `HEAD`) - example: `git rebase --autosquash --interactive base-browser-102.8.0esr-12.5-1-build1 HEAD` + - [ ] **(Optional)** Patch reordering + - Relocate new `tor-browser` patches in the patch-set to enforce this rough thematic ordering: + - **BUILD CONFIGURATION** - tools/scripts, gitlab templates, etc + - **BROWSER CONFIGURATION** - branding, mozconfigs, preference overrides, etc + - **UPDATER PATCHES** - updater tweaks, signing keys, etc + - **SECURITY PATCHES** - non tor-dependent security improvements, hardening, etc + - **PRIVACY PATCHES** - non tor-dependent fingerprinting, linkability, proxy bypass, etc + - **FEAURES** - non tor-dependent features + - **TOR INTEGRATION** - legacy tor-launcher/torbutton, tor modules, bootstrapping, etc + - **TOR SECURITY PATCHES** - tor-specific security improvements + - **TOR PRIVACY PATCHES** - tor-specific privacy improvements + - **TOR FEATURES** - new tor-specific functionality: manual, onion-location, onion service client auth, etc - [ ] Cherry-pick remainder of patches after the last `buildN` tag - example: `git cherry-pick base-browser-102.7.0esr-12.5-1-build1..origin/tor-browser-102.7.0esr-12.5-1` +- [ ] Rebase and autosquash again (from the last new `base-browser` commit to `HEAD`), this time replacing all `fixup` and `squash` commands with `pick`. The goal here is to have all of the `fixup` and `squash` commits beside the commit which they modify. + - example: `git rebase --autosquash --interactive base-browser-102.8.0esr-12.5-1-build1 HEAD` + - **NOTE**: Do not allow `fixup` or `squash` commands here! - [ ] Compare patch sets to ensure nothing *weird* happened during conflict resolution: - [ ] diff of diffs: - Do the diff between `current_patchset.diff` and `rebased_patchset.diff` with your preferred difftool and look at differences on lines that starts with + or - - `git diff $(ESR_TAG_PREV)..$(BROWSER_BRANCH_PREV) > current_patchset.diff` - `git diff $(ESR_TAG)..$(BROWSER_BRANCH) > rebased_patchset.diff` - diff `current_patchset.diff` and `rebased_patchset.diff` - - If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456` + - If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456` (unless the previous `base-browser` branch includes changes not included in the previous `tor-browser` branch) - [ ] rangediff: `git range-diff $(ESR_TAG_PREV)..$(TOR_BROWSER_BRANCH_PREV) $(ESR_TAG)..HEAD` - example: `git range-dif FIREFOX_102_7_0esr_BUILD1..origin/tor-browser-102.7.0esr-12.5-1 FIREFOX_102_8_0esr_BUILD1..HEAD` - [ ] Open MR for the `tor-browser` rebase ===================================== .gitlab/issue_templates/Rebase Browser - Stable.md ===================================== @@ -25,6 +25,17 @@ - [ ] Link this issue to the appropriate [Release Prep](https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/is… issue. +### Update Branch Protection Rules + +- [ ] In [Repository Settings](https://gitlab.torproject.org/tpo/applications/tor-browser/-/sett…: + - [ ] Remove previous stable `base-browser` and `tor-browser` branch protection rules (this will prevent pushing new changes to the branches being rebased) + - [ ] Create new `base-browser` and `tor-browser` branch protection rule: + - **Branch**: `*-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1*` + - example: `*-102.8.0esr-12.0-1*` + - **Allowed to merge**: `Maintainers` + - **Allowed to push and merge**: `Maintainers` + - **Allowed to force push**: `false` + ### **Identify the Firefox Tagged Commit and Create New Branches** - [ ] Find the Firefox mercurial tag here : https://hg.mozilla.org/releases/mozilla-esr102/tags @@ -48,7 +59,7 @@ ### **Rebase base-browser** -- [ ] Checkout a new branch for the `base-browser` rebase +- [ ] Checkout a new local branch for the `base-browser` rebase - example: `git branch base-browser-rebase FIREFOX_102_8_0esr_BUILD1` - [ ] Cherry-pick the previous `base-browser` commits up to `base-browser`'s `build1` tag onto new `base-browser` rebase branch - example: `git cherry-pick FIREFOX_102_7_0esr_BUILD1..base-browser-102.7.0esr-12.0-1-build1` @@ -72,6 +83,7 @@ - Message : `Tagging build1 for $(ESR_VERSION)esr-based stable` - [ ] Push tag to `origin` + ### **Rebase tor-browser** - [ ] Checkout a new branch for the `tor-browser` rebase starting from the `base-browser` `build1` tag @@ -88,7 +100,7 @@ - `git diff $(ESR_TAG_PREV)..$(BROWSER_BRANCH_PREV) > current_patchset.diff` - `git diff $(ESR_TAG)..$(BROWSER_BRANCH) > rebased_patchset.diff` - diff `current_patchset.diff` and `rebased_patchset.diff` - - If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456` + - If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456` (unless the previous `base-browser` branch includes changes not included in the previous `tor-browser` branch) - [ ] rangediff: `git range-diff $(ESR_TAG_PREV)..$(TOR_BROWSER_BRANCH_PREV) $(ESR_TAG)..HEAD` - example: `git range-dif FIREFOX_102_7_0esr_BUILD1..origin/tor-browser-102.7.0esr-12.0-1 FIREFOX_102_8_0esr_BUILD1..HEAD` - [ ] Open MR for the `tor-browser` rebase @@ -97,4 +109,3 @@ - Tag : `tor-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1-build1` - Message : `Tagging build1 for $(ESR_VERSION)esr-based stable` - [ ] Push tag to `origin` - View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/0db7a4b… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/0db7a4b… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.10.0esr-12.5-1] Bug 41728: Pin bridges.torproject.org domains to Let's Encrypt's root cert public key
by Richard Pospesel (＠richard) 20 Apr '23

20 Apr '23

Richard Pospesel pushed to branch tor-browser-102.10.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: 9b35dbeb by hackademix at 2023-04-20T20:11:22+00:00 Bug 41728: Pin bridges.torproject.org domains to Let's Encrypt's root cert public key - - - - - 1 changed file: - security/manager/ssl/StaticHPKPins.h Changes: ===================================== security/manager/ssl/StaticHPKPins.h ===================================== @@ -451,6 +451,14 @@ static const StaticFingerprints kPinset_tor = { kPinset_tor_Data }; +static const char* const kPinset_tor_browser_Data[] = { + kISRG_Root_X1Fingerprint, +}; +static const StaticFingerprints kPinset_tor_browser = { + sizeof(kPinset_tor_browser_Data) / sizeof(const char*), + kPinset_tor_browser_Data +}; + static const char* const kPinset_twitterCom_Data[] = { kGOOGLE_PIN_VeriSignClass2_G2Fingerprint, kGOOGLE_PIN_VeriSignClass3_G2Fingerprint, @@ -619,6 +627,7 @@ static const TransportSecurityPreload kPublicKeyPinningPreloadList[] = { { "blogger.com", true, false, false, -1, &kPinset_google_root_pems }, { "blogspot.com", true, false, false, -1, &kPinset_google_root_pems }, { "br.search.yahoo.com", false, true, false, -1, &kPinset_yahoo }, + { "bridges.torproject.org", false, false, false, -1, &kPinset_tor_browser }, { "bugs.chromium.org", true, false, false, -1, &kPinset_google_root_pems }, { "build.chromium.org", true, false, false, -1, &kPinset_google_root_pems }, { "business.facebook.com", true, false, false, -1, &kPinset_facebook }, View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/9b35dbe… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/9b35dbe… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-102.10.0esr-12.5-1] 4 commits: Bug 41736 - Customize toolbar for base-browser.
by Richard Pospesel (＠richard) 20 Apr '23

20 Apr '23

Richard Pospesel pushed to branch base-browser-102.10.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: ca768445 by Henry Wilkes at 2023-04-20T20:00:45+00:00 Bug 41736 - Customize toolbar for base-browser. - - - - - 1cc48456 by Henry Wilkes at 2023-04-20T20:00:45+00:00 fixup! Bug 40926: Implemented the New Identity feature Bug 41736 - Stop setting the browser.uiCustomization.state preference. - - - - - 4bea1315 by Henry Wilkes at 2023-04-20T20:00:46+00:00 fixup! Bug 40925: Implemented the Security Level component Bug 41736 - Stop setting the browser.uiCustomization.state preference. - - - - - 90750ca9 by Henry Wilkes at 2023-04-20T20:00:46+00:00 fixup! Firefox preference overrides. Bug 41736 - Stop setting the browser.uiCustomization.state preference. - - - - - 3 changed files: - browser/app/profile/001-base-profile.js - browser/components/customizableui/CustomizableUI.jsm - browser/components/extensions/parent/ext-browserAction.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -464,9 +464,6 @@ pref("intl.multilingual.downloadEnabled", false); // Disk activity: Disable storage.sync (tor-browser#41424) pref("webextensions.storage.sync.enabled", false); -// Toolbar layout -pref("browser.uiCustomization.state", "{\"placements\":{\"widget-overflow-fixed-list\":[],\"PersonalToolbar\":[\"personal-bookmarks\"],\"nav-bar\":[\"back-button\",\"forward-button\",\"stop-reload-button\",\"urlbar-container\",\"security-level-button\",\"new-identity-button\",\"downloads-button\"],\"TabsToolbar\":[\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\"],\"toolbar-menubar\":[\"menubar-items\"],\"PanelUI-contents\":[\"home-button\",\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"save-page-button\",\"print-button\",\"bookmarks-menu-button\",\"history-panelmenu\",\"find-button\",\"preferences-button\",\"add-ons-button\",\"developer-button\"],\"addon-bar\":[\"addonbar-closebutton\",\"status-bar\"]},\"seen\":[\"developer-button\"],\"dirtyAreaCache\":[\"PersonalToolbar\",\"nav-bar\",\"TabsToolbar\",\"toolbar-menubar\"],\"currentVersion\":14,\"newElementCount\":1}"); - // Enforce certificate pinning, see: https://bugs.torproject.org/16206 pref("security.cert_pinning.enforcement_level", 2); ===================================== browser/components/customizableui/CustomizableUI.jsm ===================================== @@ -65,6 +65,11 @@ const kSubviewEvents = ["ViewShowing", "ViewHiding"]; */ var kVersion = 17; +/** + * The current version for base browser. + */ +var kVersionBaseBrowser = 1; + /** * Buttons removed from built-ins by version they were removed. kVersion must be * bumped any time a new id is added to this. Use the button id as key, and @@ -218,6 +223,7 @@ var CustomizableUIInternal = { this._updateForNewVersion(); this._updateForNewProtonVersion(); this._markObsoleteBuiltinButtonsSeen(); + this._updateForBaseBrowser(); this.registerArea( CustomizableUI.AREA_FIXED_OVERFLOW_PANEL, @@ -236,10 +242,15 @@ var CustomizableUIInternal = { Services.policies.isAllowed("removeHomeButtonByDefault") ? null : "home-button", - "spring", + // Don't want springs either side of the urlbar. tor-browser#41736 "urlbar-container", - "spring", - "save-to-pocket-button", + // save-to-pocket-button is entirely disabled. See tor-browser#18886 and + // tor-browser#31602. + // Base-browser additions tor-browser#41736. If you want to add to, remove + // from, or rearrange this list, then bump the kVersionBaseBrowser and + // update existing saved states in _updateForBaseBrowser. + "security-level-button", + "new-identity-button", "downloads-button", AppConstants.MOZ_DEV_EDITION ? "developer-button" : null, "fxa-toolbar-menu-button", @@ -255,6 +266,10 @@ var CustomizableUIInternal = { }, true ); + // navbarPlacements does not match the initial default XHTML layout. + // Therefore we always need to rebuild the navbar area when + // registerToolbarNode is called. tor-browser#41736 + gDirtyAreaCache.add(CustomizableUI.AREA_NAVBAR); if (AppConstants.MENUBAR_CAN_AUTOHIDE) { this.registerArea( @@ -687,6 +702,104 @@ var CustomizableUIInternal = { } }, + _updateForBaseBrowser() { + if (!gSavedState) { + // Use the defaults. + return; + } + + const currentVersion = gSavedState.currentVersionBaseBrowser; + + if (currentVersion < 1) { + // NOTE: In base-browser/tor-browser version 12.5a5, and earlier, the + // toolbar was configured by setting the full JSON string for the default + // "browser.uiCustomization.state" preference value. The disadvantage is + // that we could not update this value in a way that existing users (who + // would have non-default preference values) would also get the desired + // change (e.g. for adding or removing a button). + // + // With tor-browser#41736 we want to switch to changing the toolbar + // dynamically like firefox. Therefore, this first version transfer simply + // gets the toolbar into the same state we wanted before, away from the + // default firefox state. + // + // If an existing user state aligned with the previous default + // "browser.uiCustomization.state" then this shouldn't visibly change + // anything. + // If a user explicitly customized the toolbar to go back to the firefox + // default, then this may undo those changes. + const navbarPlacements = + gSavedState.placements[CustomizableUI.AREA_NAVBAR]; + if (navbarPlacements) { + const getBeforeAfterUrlbar = () => { + // NOTE: The urlbar is non-removable from the navbar, so should have + // an index. + const index = navbarPlacements.indexOf("urlbar-container"); + let after = index + 1; + if ( + after < navbarPlacements.length && + navbarPlacements[after] === "search-container" + ) { + // Skip past the search-container. + after++; + } + return { before: index - 1, after }; + }; + + // Remove the urlbar springs either side of the urlbar. + const { before, after } = getBeforeAfterUrlbar(); + if ( + after < navbarPlacements.length && + this.matchingSpecials(navbarPlacements[after], "spring") + ) { + // Remove the spring after. + navbarPlacements.splice(after, 1); + // NOTE: The `before` index does not change. + } + if ( + before >= 0 && + this.matchingSpecials(navbarPlacements[before], "spring") + ) { + // Remove the spring before. + navbarPlacements.splice(before, 1); + } + + // Make sure the security-level-button and new-identity-button appears + // in the toolbar. + for (const id of ["new-identity-button", "security-level-button"]) { + let alreadyAdded = false; + for (const placements of Object.values(gSavedState.placements)) { + if (placements.includes(id)) { + alreadyAdded = true; + break; + } + } + if (alreadyAdded) { + continue; + } + + // Add to the nav-bar, after the urlbar-container. + // NOTE: We have already removed the spring after the urlbar. + navbarPlacements.splice(getBeforeAfterUrlbar().after, 0, id); + } + } + + // Remove save-to-pocket-button. See tor-browser#18886 and + // tor-browser#31602. + for (const placements of Object.values(gSavedState.placements)) { + let buttonIndex = placements.indexOf("save-to-pocket-button"); + if (buttonIndex != -1) { + placements.splice(buttonIndex, 1); + } + } + + // Remove unused fields that used to be part of + // "browser.uiCustomization.state". + delete gSavedState.placements["PanelUI-contents"]; + delete gSavedState.placements["addon-bar"]; + } + }, + _placeNewDefaultWidgetsInArea(aArea) { let futurePlacedWidgets = gFuturePlacements.get(aArea); let savedPlacements = @@ -2501,6 +2614,10 @@ var CustomizableUIInternal = { gSavedState.currentVersion = 0; } + if (!("currentVersionBaseBrowser" in gSavedState)) { + gSavedState.currentVersionBaseBrowser = 0; + } + gSeenWidgets = new Set(gSavedState.seen || []); gDirtyAreaCache = new Set(gSavedState.dirtyAreaCache || []); gNewElementCount = gSavedState.newElementCount || 0; @@ -2579,6 +2696,7 @@ var CustomizableUIInternal = { seen: gSeenWidgets, dirtyAreaCache: gDirtyAreaCache, currentVersion: kVersion, + currentVersionBaseBrowser: kVersionBaseBrowser, newElementCount: gNewElementCount, }; ===================================== browser/components/extensions/parent/ext-browserAction.js ===================================== @@ -193,6 +193,10 @@ this.browserAction = class extends ExtensionAPIPersistent { } build() { + // The extension ID for NoScript (WebExtension) + const isNoScript = + this.extension.id === "{73a6fe31-595d-460b-a920-fcc0f8843232}"; + let widget = CustomizableUI.createWidget({ id: this.id, viewId: this.viewId, @@ -200,7 +204,11 @@ this.browserAction = class extends ExtensionAPIPersistent { removable: true, label: this.action.getProperty(null, "title"), tooltiptext: this.action.getProperty(null, "title"), - defaultArea: browserAreas[this.action.getDefaultArea()], + // Do not want to add the NoScript extension to the toolbar by default. + // tor-browser#41736 + defaultArea: isNoScript + ? null + : browserAreas[this.action.getDefaultArea()], showInPrivateBrowsing: this.extension.privateBrowsingAllowed, // Don't attempt to load properties from the built-in widget string View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/fd31ee… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/fd31ee… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.10.0esr-12.5-1] 6 commits: Bug 41736 - Customize toolbar for base-browser.
by Richard Pospesel (＠richard) 20 Apr '23

20 Apr '23

Richard Pospesel pushed to branch tor-browser-102.10.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: 1ce930e3 by Henry Wilkes at 2023-04-20T20:03:08+00:00 Bug 41736 - Customize toolbar for base-browser. - - - - - d354800c by Henry Wilkes at 2023-04-20T20:03:08+00:00 fixup! Bug 40926: Implemented the New Identity feature Bug 41736 - Stop setting the browser.uiCustomization.state preference. - - - - - adacb2c3 by Henry Wilkes at 2023-04-20T20:03:08+00:00 fixup! Bug 40925: Implemented the Security Level component Bug 41736 - Stop setting the browser.uiCustomization.state preference. - - - - - 491718d1 by Henry Wilkes at 2023-04-20T20:03:08+00:00 fixup! Firefox preference overrides. Bug 41736 - Stop setting the browser.uiCustomization.state preference. - - - - - 352acb10 by Henry Wilkes at 2023-04-20T20:03:08+00:00 Bug 41736 - Customize toolbar for tor-browser. - - - - - 96796fa5 by Henry Wilkes at 2023-04-20T20:03:08+00:00 fixup! Bug 40562: Added Tor Browser preferences to 000-tor-browser.js Bug 41736 - Stop setting the browser.uiCustomization.state preference. - - - - - 4 changed files: - browser/app/profile/000-tor-browser.js - browser/app/profile/001-base-profile.js - browser/components/customizableui/CustomizableUI.jsm - browser/components/extensions/parent/ext-browserAction.js Changes: ===================================== browser/app/profile/000-tor-browser.js ===================================== @@ -30,8 +30,6 @@ pref("network.security.ports.banned", "", locked); pref("network.dns.disabled", true); // This should cover the #5741 patch for DNS leaks pref("network.http.max-persistent-connections-per-proxy", 256); -pref("browser.uiCustomization.state", "{\"placements\":{\"widget-overflow-fixed-list\":[],\"PersonalToolbar\":[\"personal-bookmarks\"],\"nav-bar\":[\"back-button\",\"forward-button\",\"stop-reload-button\",\"urlbar-container\",\"torbutton-button\",\"security-level-button\",\"new-identity-button\",\"downloads-button\"],\"TabsToolbar\":[\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\"],\"toolbar-menubar\":[\"menubar-items\"],\"PanelUI-contents\":[\"home-button\",\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"save-page-button\",\"print-button\",\"bookmarks-menu-button\",\"history-panelmenu\",\"find-button\",\"preferences-button\",\"add-ons-button\",\"developer-button\"],\"addon-bar\":[\"addonbar-closebutton\",\"status-bar\"]},\"seen\":[\"developer-button\",\"_73a6fe31-595d-460b-a920-fcc0f8843232_-browser-action\"],\"dirtyAreaCache\":[\"PersonalToolbar\",\"nav-bar\",\"TabsToolbar\",\"toolbar-menubar\"],\"currentVersion\":14,\"newElementCount\":1}"); - // Treat .onions as secure pref("dom.securecontext.allowlist_onions", true); ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -464,9 +464,6 @@ pref("intl.multilingual.downloadEnabled", false); // Disk activity: Disable storage.sync (tor-browser#41424) pref("webextensions.storage.sync.enabled", false); -// Toolbar layout -pref("browser.uiCustomization.state", "{\"placements\":{\"widget-overflow-fixed-list\":[],\"PersonalToolbar\":[\"personal-bookmarks\"],\"nav-bar\":[\"back-button\",\"forward-button\",\"stop-reload-button\",\"urlbar-container\",\"security-level-button\",\"new-identity-button\",\"downloads-button\"],\"TabsToolbar\":[\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\"],\"toolbar-menubar\":[\"menubar-items\"],\"PanelUI-contents\":[\"home-button\",\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"save-page-button\",\"print-button\",\"bookmarks-menu-button\",\"history-panelmenu\",\"find-button\",\"preferences-button\",\"add-ons-button\",\"developer-button\"],\"addon-bar\":[\"addonbar-closebutton\",\"status-bar\"]},\"seen\":[\"developer-button\"],\"dirtyAreaCache\":[\"PersonalToolbar\",\"nav-bar\",\"TabsToolbar\",\"toolbar-menubar\"],\"currentVersion\":14,\"newElementCount\":1}"); - // Enforce certificate pinning, see: https://bugs.torproject.org/16206 pref("security.cert_pinning.enforcement_level", 2); ===================================== browser/components/customizableui/CustomizableUI.jsm ===================================== @@ -65,6 +65,16 @@ const kSubviewEvents = ["ViewShowing", "ViewHiding"]; */ var kVersion = 17; +/** + * The current version for base browser. + */ +var kVersionBaseBrowser = 1; + +/** + * The current version for tor browser. + */ +var kVersionTorBrowser = 1; + /** * Buttons removed from built-ins by version they were removed. kVersion must be * bumped any time a new id is added to this. Use the button id as key, and @@ -218,6 +228,8 @@ var CustomizableUIInternal = { this._updateForNewVersion(); this._updateForNewProtonVersion(); this._markObsoleteBuiltinButtonsSeen(); + this._updateForBaseBrowser(); + this._updateForTorBrowser(); this.registerArea( CustomizableUI.AREA_FIXED_OVERFLOW_PANEL, @@ -236,10 +248,17 @@ var CustomizableUIInternal = { Services.policies.isAllowed("removeHomeButtonByDefault") ? null : "home-button", - "spring", + // Don't want springs either side of the urlbar. tor-browser#41736 "urlbar-container", - "spring", - "save-to-pocket-button", + // save-to-pocket-button is entirely disabled. See tor-browser#18886 and + // tor-browser#31602. + // Base-browser additions tor-browser#41736. If you want to add to, remove + // from, or rearrange this list, then bump the kVersionBaseBrowser and + // update existing saved states in _updateForBaseBrowser. + // Or if the change is only meant for tor-browser, bump kVersionTorBrowser + // instead and update the existing saved states in _updateForTorBrowser. + "security-level-button", + "new-identity-button", "downloads-button", AppConstants.MOZ_DEV_EDITION ? "developer-button" : null, "fxa-toolbar-menu-button", @@ -255,6 +274,10 @@ var CustomizableUIInternal = { }, true ); + // navbarPlacements does not match the initial default XHTML layout. + // Therefore we always need to rebuild the navbar area when + // registerToolbarNode is called. tor-browser#41736 + gDirtyAreaCache.add(CustomizableUI.AREA_NAVBAR); if (AppConstants.MENUBAR_CAN_AUTOHIDE) { this.registerArea( @@ -687,6 +710,123 @@ var CustomizableUIInternal = { } }, + _updateForBaseBrowser() { + if (!gSavedState) { + // Use the defaults. + return; + } + + const currentVersion = gSavedState.currentVersionBaseBrowser; + + if (currentVersion < 1) { + // NOTE: In base-browser/tor-browser version 12.5a5, and earlier, the + // toolbar was configured by setting the full JSON string for the default + // "browser.uiCustomization.state" preference value. The disadvantage is + // that we could not update this value in a way that existing users (who + // would have non-default preference values) would also get the desired + // change (e.g. for adding or removing a button). + // + // With tor-browser#41736 we want to switch to changing the toolbar + // dynamically like firefox. Therefore, this first version transfer simply + // gets the toolbar into the same state we wanted before, away from the + // default firefox state. + // + // If an existing user state aligned with the previous default + // "browser.uiCustomization.state" then this shouldn't visibly change + // anything. + // If a user explicitly customized the toolbar to go back to the firefox + // default, then this may undo those changes. + const navbarPlacements = + gSavedState.placements[CustomizableUI.AREA_NAVBAR]; + if (navbarPlacements) { + const getBeforeAfterUrlbar = () => { + // NOTE: The urlbar is non-removable from the navbar, so should have + // an index. + const index = navbarPlacements.indexOf("urlbar-container"); + let after = index + 1; + if ( + after < navbarPlacements.length && + navbarPlacements[after] === "search-container" + ) { + // Skip past the search-container. + after++; + } + return { before: index - 1, after }; + }; + + // Remove the urlbar springs either side of the urlbar. + const { before, after } = getBeforeAfterUrlbar(); + if ( + after < navbarPlacements.length && + this.matchingSpecials(navbarPlacements[after], "spring") + ) { + // Remove the spring after. + navbarPlacements.splice(after, 1); + // NOTE: The `before` index does not change. + } + if ( + before >= 0 && + this.matchingSpecials(navbarPlacements[before], "spring") + ) { + // Remove the spring before. + navbarPlacements.splice(before, 1); + } + + // Make sure the security-level-button and new-identity-button appears + // in the toolbar. + for (const id of ["new-identity-button", "security-level-button"]) { + let alreadyAdded = false; + for (const placements of Object.values(gSavedState.placements)) { + if (placements.includes(id)) { + alreadyAdded = true; + break; + } + } + if (alreadyAdded) { + continue; + } + + // Add to the nav-bar, after the urlbar-container. + // NOTE: We have already removed the spring after the urlbar. + navbarPlacements.splice(getBeforeAfterUrlbar().after, 0, id); + } + } + + // Remove save-to-pocket-button. See tor-browser#18886 and + // tor-browser#31602. + for (const placements of Object.values(gSavedState.placements)) { + let buttonIndex = placements.indexOf("save-to-pocket-button"); + if (buttonIndex != -1) { + placements.splice(buttonIndex, 1); + } + } + + // Remove unused fields that used to be part of + // "browser.uiCustomization.state". + delete gSavedState.placements["PanelUI-contents"]; + delete gSavedState.placements["addon-bar"]; + } + }, + + _updateForTorBrowser() { + if (!gSavedState) { + // Use the defaults. + return; + } + + const currentVersion = gSavedState.currentVersionTorBrowser; + + if (currentVersion < 1) { + // Remove torbutton-button, which no longer exists. + for (const placements of Object.values(gSavedState.placements)) { + let buttonIndex = placements.indexOf("torbutton-button"); + if (buttonIndex != -1) { + placements.splice(buttonIndex, 1); + } + } + } + }, + _placeNewDefaultWidgetsInArea(aArea) { let futurePlacedWidgets = gFuturePlacements.get(aArea); let savedPlacements = @@ -2501,6 +2641,14 @@ var CustomizableUIInternal = { gSavedState.currentVersion = 0; } + if (!("currentVersionBaseBrowser" in gSavedState)) { + gSavedState.currentVersionBaseBrowser = 0; + } + + if (!("currentVersionTorBrowser" in gSavedState)) { + gSavedState.currentVersionTorBrowser = 0; + } + gSeenWidgets = new Set(gSavedState.seen || []); gDirtyAreaCache = new Set(gSavedState.dirtyAreaCache || []); gNewElementCount = gSavedState.newElementCount || 0; @@ -2579,6 +2727,8 @@ var CustomizableUIInternal = { seen: gSeenWidgets, dirtyAreaCache: gDirtyAreaCache, currentVersion: kVersion, + currentVersionBaseBrowser: kVersionBaseBrowser, + currentVersionTorBrowser: kVersionTorBrowser, newElementCount: gNewElementCount, }; ===================================== browser/components/extensions/parent/ext-browserAction.js ===================================== @@ -193,6 +193,10 @@ this.browserAction = class extends ExtensionAPIPersistent { } build() { + // The extension ID for NoScript (WebExtension) + const isNoScript = + this.extension.id === "{73a6fe31-595d-460b-a920-fcc0f8843232}"; + let widget = CustomizableUI.createWidget({ id: this.id, viewId: this.viewId, @@ -200,7 +204,11 @@ this.browserAction = class extends ExtensionAPIPersistent { removable: true, label: this.action.getProperty(null, "title"), tooltiptext: this.action.getProperty(null, "title"), - defaultArea: browserAreas[this.action.getDefaultArea()], + // Do not want to add the NoScript extension to the toolbar by default. + // tor-browser#41736 + defaultArea: isNoScript + ? null + : browserAreas[this.action.getDefaultArea()], showInPrivateBrowsing: this.extension.privateBrowsingAllowed, // Don't attempt to load properties from the built-in widget string View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/4ae885… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/4ae885… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-update-responses][main] alpha: new version, 12.5a5
by boklm (＠boklm) 20 Apr '23

20 Apr '23

boklm pushed to branch main at The Tor Project / Applications / Tor Browser update responses Commits: f3488a32 by Nicolas Vigier at 2023-04-20T21:46:33+02:00 alpha: new version, 12.5a5 - - - - - 30 changed files: - update_3/alpha/.htaccess - − update_3/alpha/12.5a3-12.5a4-linux32-ALL.xml - − update_3/alpha/12.5a3-12.5a4-linux64-ALL.xml - − update_3/alpha/12.5a3-12.5a4-macos-ALL.xml - − update_3/alpha/12.5a3-12.5a4-win32-ALL.xml - − update_3/alpha/12.5a3-12.5a4-win64-ALL.xml - + update_3/alpha/12.5a4-12.5a5-linux32-ALL.xml - + update_3/alpha/12.5a4-12.5a5-linux64-ALL.xml - + update_3/alpha/12.5a4-12.5a5-macos-ALL.xml - + update_3/alpha/12.5a4-12.5a5-win32-ALL.xml - + update_3/alpha/12.5a4-12.5a5-win64-ALL.xml - − update_3/alpha/12.5a4-linux32-ALL.xml - − update_3/alpha/12.5a4-linux64-ALL.xml - − update_3/alpha/12.5a4-macos-ALL.xml - − update_3/alpha/12.5a4-win32-ALL.xml - − update_3/alpha/12.5a4-win64-ALL.xml - + update_3/alpha/12.5a5-linux32-ALL.xml - + update_3/alpha/12.5a5-linux64-ALL.xml - + update_3/alpha/12.5a5-macos-ALL.xml - + update_3/alpha/12.5a5-win32-ALL.xml - + update_3/alpha/12.5a5-win64-ALL.xml - update_3/alpha/download-android-aarch64.json - update_3/alpha/download-android-armv7.json - update_3/alpha/download-android-x86.json - update_3/alpha/download-android-x86_64.json - update_3/alpha/download-linux-i686.json - update_3/alpha/download-linux-x86_64.json - update_3/alpha/download-macos.json - update_3/alpha/download-windows-i686.json - update_3/alpha/download-windows-x86_64.json The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.10.0esr-12.5-1] 2 commits: fixup! Bug 41417: Always prompt users to restart after changing language
by Pier Angelo Vendrame (＠pierov) 20 Apr '23

20 Apr '23

Pier Angelo Vendrame pushed to branch tor-browser-102.10.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: 7cf4e447 by Pier Angelo Vendrame at 2023-04-20T20:16:02+02:00 fixup! Bug 41417: Always prompt users to restart after changing language Bug 41738: Drop the patch to disable live reload Revert "Bug 41417: Always prompt users to restart after changing language" This reverts commit bad85a459ea24b34f3c09924c6d2b9f0bc750d88. - - - - - 4ae88530 by Pier Angelo Vendrame at 2023-04-20T20:16:02+02:00 fixup! Firefox preference overrides. Bug 41738: Drop the patch to disable live reload and use the pref - - - - - 2 changed files: - browser/app/profile/001-base-profile.js - browser/components/preferences/main.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -499,6 +499,10 @@ pref("browser.urlbar.suggest.topsites", false); // is only reported via telemetry (which is disabled). See tor-browser#40048. pref("corroborator.enabled", false); +// tor-browser#41417: do not allow live reload until we switch to Fluent and +// stop using .textContent. +pref("intl.multilingual.liveReload", false); + // Onboarding. pref("browser.onboarding.tourset-version", 5); pref("browser.onboarding.newtour", "welcome,privacy,tor-network-9.0,circuit-display,security,expect-differences,onion-services,learn-more"); ===================================== browser/components/preferences/main.js ===================================== @@ -1196,17 +1196,18 @@ var gMainPane = { gMainPane.recordBrowserLanguagesTelemetry("reorder"); switch (gMainPane.getLanguageSwitchTransitionType(newLocales)) { - // tor-browser#41417: Always prompt for the restart, until we switch to - // Fluent, since the current way we use to update languages does not allow - // live-reload. We could also call showConfirmLanguageChangeMessageBar in - // the official live-reload case, but the result is inconsistent and makes - // handling the locales-match case harder. case "requires-restart": - case "live-reload": // Prepare to change the locales, as they were different. gMainPane.showConfirmLanguageChangeMessageBar(newLocales); gMainPane.updatePrimaryBrowserLanguageUI(newLocales[0]); break; + case "live-reload": + Services.locale.requestedLocales = newLocales; + gMainPane.updatePrimaryBrowserLanguageUI( + Services.locale.appLocaleAsBCP47 + ); + gMainPane.hideConfirmLanguageChangeMessageBar(); + break; case "locales-match": // They matched, so we can reset the UI. gMainPane.updatePrimaryBrowserLanguageUI( @@ -1459,12 +1460,18 @@ var gMainPane = { } switch (gMainPane.getLanguageSwitchTransitionType(selected)) { - // tor-browser#41417: see onPrimaryBrowserLanguageMenuChange case "requires-restart": - case "live-reload": gMainPane.showConfirmLanguageChangeMessageBar(selected); gMainPane.updatePrimaryBrowserLanguageUI(selected[0]); break; + case "live-reload": + Services.locale.requestedLocales = selected; + + gMainPane.updatePrimaryBrowserLanguageUI( + Services.locale.appLocaleAsBCP47 + ); + gMainPane.hideConfirmLanguageChangeMessageBar(); + break; case "locales-match": // They matched, so we can reset the UI. gMainPane.updatePrimaryBrowserLanguageUI( View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/337dcb… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/337dcb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Update Mullvad Browser release prep templates to include downstream package...
by Richard Pospesel (＠richard) 20 Apr '23

20 Apr '23

Richard Pospesel pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: b1b4bf77 by Richard Pospesel at 2023-04-20T17:53:16+00:00 Update Mullvad Browser release prep templates to include downstream package notification/maintenance - - - - - 1 changed file: - .gitlab/issue_templates/Release Prep - Mullvad Browser Stable.md Changes: ===================================== .gitlab/issue_templates/Release Prep - Mullvad Browser Stable.md ===================================== @@ -98,7 +98,7 @@ Mullvad Browser Stable lives in the various `maint-$(MULLVAD_BROWSER_MAJOR).$(MU </details> <details> - <summary>Communications</summary> + <summary>Downstream</summary> ### notify stakeholders @@ -107,9 +107,15 @@ Mullvad Browser Stable lives in the various `maint-$(MULLVAD_BROWSER_MAJOR).$(MU - [ ] New `mullvad-browser` project branch and tags - [ ] mullvad-browser-update-responses git hash - [ ] changelog +- [ ] Email downstream consumers: + - [ ] flathub package maintainer: proletarius101(a)protonmail.com + - [ ] arch package maintainer: bootctl(a)gmail.com -</details> +### merge requests +- [ ] homebrew: https://github.com/Homebrew/homebrew-cask/blob/master/Casks/mullvad-browser… + - **NOTE**: should just need to update the version to latest +</details> /label ~"Release Prep" View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/b… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/b… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 40818: Enable wasm target for rust
by Pier Angelo Vendrame (＠pierov) 20 Apr '23

20 Apr '23

Pier Angelo Vendrame pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: d86056dd by Cecylia Bocovich at 2023-04-20T13:11:22+00:00 Bug 40818: Enable wasm target for rust - - - - - 2 changed files: - projects/rust/build - projects/rust/config Changes: ===================================== projects/rust/build ===================================== @@ -6,6 +6,8 @@ tar -C /var/tmp/dist -xf [% c('input_files_by_name/cmake') %] export PATH="/var/tmp/dist/cmake/bin:$PATH" tar -C /var/tmp/dist -xf [% c('input_files_by_name/binutils') %] export PATH=/var/tmp/dist/binutils/bin:$PATH +tar -C /var/tmp/dist -xf [% c('input_files_by_name/ninja') %] +export PATH=/var/tmp/dist/ninja:$PATH tar -C /var/tmp/dist -xf [% c('input_files_by_name/rust_prebuilt') %] cd /var/tmp/dist/rust-[% c('version') %]-x86_64-unknown-linux-gnu ./install.sh --prefix=$distdir-rust-prebuilt @@ -52,6 +54,11 @@ mkdir /var/tmp/build tar -C /var/tmp/build -xf [% c('input_files_by_name/rust') %] cd /var/tmp/build/rustc-[% c('version') %]-src +# This is a workaround to get access to the libunwind header files. Our LLVM_CONFIG +# thinks that the llvm source root is at /var/tmp/dist/clang-source because that's +# where it was when clang was compiled. +ln -s "/var/tmp/build/rustc-[% c('version') %]-src/src/llvm-project" "/var/tmp/build/clang-source" + mkdir build cd build ../configure --prefix=$distdir --disable-docs --disable-compiler-docs [% c("var/configure_opt") %] ===================================== projects/rust/config ===================================== @@ -7,7 +7,7 @@ container: targets: android: var: - configure_opt: --enable-local-rust --enable-vendor --enable-extended --release-channel=stable --sysconfdir=etc --llvm-root=/var/tmp/dist/clang --set rust.jemalloc --target=x86_64-unknown-linux-gnu,armv7-linux-androideabi,thumbv7neon-linux-androideabi,aarch64-linux-android,i686-linux-android,x86_64-linux-android --set=target.armv7-linux-androideabi.cc=armv7a-linux-androideabi16-clang --set=target.armv7-linux-androideabi.ar=armv7a-linux-androideabi-ar --set=target.thumbv7neon-linux-androideabi.cc=armv7a-linux-androideabi16-clang --set=target.thumbv7neon-linux-androideabi.ar=armv7a-linux-androideabi-ar --set=target.aarch64-linux-android.cc=aarch64-linux-android21-clang --set=target.aarch64-linux-android.ar=aarch64-linux-android-ar --set=target.i686-linux-android.cc=i686-linux-android16-clang --set=target.i686-linux-android.ar=i686-linux-android-ar --set=target.x86_64-linux-android.cc=x86_64-linux-android21-clang --set=target.x86_64-linux-android.ar=x86_64-linux-android-ar + configure_opt: --enable-local-rust --enable-vendor --enable-extended --release-channel=stable --sysconfdir=etc --llvm-root=/var/tmp/dist/clang --set rust.jemalloc --target=x86_64-unknown-linux-gnu,armv7-linux-androideabi,thumbv7neon-linux-androideabi,aarch64-linux-android,i686-linux-android,x86_64-linux-android,wasm32-unknown-unknown --set=target.armv7-linux-androideabi.cc=armv7a-linux-androideabi16-clang --set=target.armv7-linux-androideabi.ar=armv7a-linux-androideabi-ar --set=target.thumbv7neon-linux-androideabi.cc=armv7a-linux-androideabi16-clang --set=target.thumbv7neon-linux-androideabi.ar=armv7a-linux-androideabi-ar --set=target.aarch64-linux-android.cc=aarch64-linux-android21-clang --set=target.aarch64-linux-android.ar=aarch64-linux-android-ar --set=target.i686-linux-android.cc=i686-linux-android16-clang --set=target.i686-linux-android.ar=i686-linux-android-ar --set=target.x86_64-linux-android.cc=x86_64-linux-android21-clang --set=target.x86_64-linux-android.ar=x86_64-linux-android-ar --set target.wasm32-unknown-unknown.linker=clang --set target.wasm32-unknown-unknown.ar=llvm-ar --set target.wasm32-unknown-unknown.ranlib=llvm-ranlib --set rust.lld=true linux: var: @@ -41,11 +41,11 @@ targets: # # Finally, we tell Rust to use some tools from LLVM, like the prebuilt # binaries do. - configure_opt: --enable-local-rust --enable-vendor --enable-extended --release-channel=stable --sysconfdir=etc --llvm-root=/var/tmp/dist/clang --set rust.jemalloc --target=x86_64-unknown-linux-gnu,i686-unknown-linux-gnu --set target.x86_64-unknown-linux-gnu.linker=clang --set target.x86_64-unknown-linux-gnu.ar=llvm-ar --set target.x86_64-unknown-linux-gnu.ranlib=llvm-ranlib --set target.i686-unknown-linux-gnu.linker=clang --set target.i686-unknown-linux-gnu.ar=llvm-ar --set target.i686-unknown-linux-gnu.ranlib=llvm-ranlib + configure_opt: --enable-local-rust --enable-vendor --enable-extended --release-channel=stable --sysconfdir=etc --llvm-root=/var/tmp/dist/clang --set rust.jemalloc --target=x86_64-unknown-linux-gnu,i686-unknown-linux-gnu,wasm32-unknown-unknown --set target.x86_64-unknown-linux-gnu.linker=clang --set target.x86_64-unknown-linux-gnu.ar=llvm-ar --set target.x86_64-unknown-linux-gnu.ranlib=llvm-ranlib --set target.i686-unknown-linux-gnu.linker=clang --set target.i686-unknown-linux-gnu.ar=llvm-ar --set target.i686-unknown-linux-gnu.ranlib=llvm-ranlib --set target.wasm32-unknown-unknown.linker=clang --set target.wasm32-unknown-unknown.ar=llvm-ar --set target.wasm32-unknown-unknown.ranlib=llvm-ranlib --set rust.lld=true macos: var: - configure_opt: --enable-local-rust --enable-vendor --enable-extended --release-channel=stable --sysconfdir=etc --llvm-root=/var/tmp/dist/macosx-toolchain/clang --set rust.jemalloc --target=x86_64-unknown-linux-gnu,[% c("var/build_target") %] --set=target.[% c("var/build_target") %].cc=[% c("var/build_target") %]-clang --set target.x86_64-unknown-linux-gnu.linker=clang --set target.x86_64-unknown-linux-gnu.ar=llvm-ar --set target.x86_64-unknown-linux-gnu.ranlib=llvm-ranlib + configure_opt: --enable-local-rust --enable-vendor --enable-extended --release-channel=stable --sysconfdir=etc --llvm-root=/var/tmp/dist/macosx-toolchain/clang --set rust.jemalloc --target=x86_64-unknown-linux-gnu,[% c("var/build_target") %],wasm32-unknown-unknown --set=target.[% c("var/build_target") %].cc=[% c("var/build_target") %]-clang --set target.x86_64-unknown-linux-gnu.linker=clang --set target.x86_64-unknown-linux-gnu.ar=llvm-ar --set target.x86_64-unknown-linux-gnu.ranlib=llvm-ranlib --set target.wasm32-unknown-unknown.linker=clang --set target.wasm32-unknown-unknown.ar=llvm-ar --set target.wasm32-unknown-unknown.ranlib=llvm-ranlib --set rust.lld=true arch_deps: - pkg-config @@ -53,7 +53,7 @@ targets: var: # See tor-browser-build#29320 compiler: mingw-w64 - configure_opt: --enable-local-rust --enable-vendor --enable-extended --release-channel=stable --sysconfdir=etc --llvm-root=/var/tmp/dist/clang --target=x86_64-unknown-linux-gnu,[% c("arch") %]-pc-windows-gnu --set target.x86_64-unknown-linux-gnu.linker=clang --set target.x86_64-unknown-linux-gnu.ar=llvm-ar --set target.x86_64-unknown-linux-gnu.ranlib=llvm-ranlib + configure_opt: --enable-local-rust --enable-vendor --enable-extended --release-channel=stable --sysconfdir=etc --llvm-root=/var/tmp/dist/clang --target=x86_64-unknown-linux-gnu,[% c("arch") %]-pc-windows-gnu,wasm32-unknown-unknown --set target.x86_64-unknown-linux-gnu.linker=clang --set target.x86_64-unknown-linux-gnu.ar=llvm-ar --set target.x86_64-unknown-linux-gnu.ranlib=llvm-ranlib --set target.wasm32-unknown-unknown.linker=clang --set target.wasm32-unknown-unknown.ar=llvm-ar --set target.wasm32-unknown-unknown.ranlib=llvm-ranlib --set rust.lld=true arch_deps: - pkg-config @@ -72,6 +72,8 @@ input_files: # libgcc, and the GNU/LLVM is a tier 3 platform supported only for x86_64). # macOS does not need Clang because it comes already with its compiler. enable: '[% c("var/linux") || c("var/android") || c("var/windows") %]' + - project: ninja + name: ninja - URL: 'https://static.rust-lang.org/dist/rustc-[% c("version") %]-src.tar.gz' name: rust sig_ext: asc View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/d… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/d… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new branch tor-browser-102.10.0esr-13.0-1
by Pier Angelo Vendrame (＠pierov) 20 Apr '23

20 Apr '23

Pier Angelo Vendrame pushed new branch tor-browser-102.10.0esr-13.0-1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.10.0esr-12.5-1] fixup! Add TorStrings module for localization
by Pier Angelo Vendrame (＠pierov) 20 Apr '23

20 Apr '23

Pier Angelo Vendrame pushed to branch tor-browser-102.10.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: 337dcb91 by Henry Wilkes at 2023-04-20T09:21:20+00:00 fixup! Add TorStrings module for localization Bug 41714 - Add settings.bridgeShowFewer string. - - - - - 1 changed file: - toolkit/torbutton/chrome/locale/en-US/settings.properties Changes: ===================================== toolkit/torbutton/chrome/locale/en-US/settings.properties ===================================== @@ -46,6 +46,7 @@ settings.whatAreThese=What are these? settings.bridgeCopy=Copy Bridge Address settings.copied=Copied! settings.bridgeShowAll=Show All Bridges +settings.bridgeShowFewer=Show Fewer Bridges settings.allBridgesEnabled=Use current bridges settings.bridgeRemoveAll=Remove All Bridges settings.bridgeRemoveAllDialogTitle=Remove all bridges? View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/337dcb9… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/337dcb9… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag mb-12.0.5-build1
by Pier Angelo Vendrame (＠pierov) 20 Apr '23

20 Apr '23

Pier Angelo Vendrame pushed new tag mb-12.0.5-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/mb-… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-12.0-mullvad] Bug 40839: Prepare Mullvad Browser Release 12.0.5
by Pier Angelo Vendrame (＠pierov) 20 Apr '23

20 Apr '23

Pier Angelo Vendrame pushed to branch maint-12.0-mullvad at The Tor Project / Applications / tor-browser-build Commits: 7fa3141d by Pier Angelo Vendrame at 2023-04-19T12:29:10+02:00 Bug 40839: Prepare Mullvad Browser Release 12.0.5 - - - - - 4 changed files: - .gitignore - projects/browser/config - projects/firefox/config - rbm.conf Changes: ===================================== .gitignore ===================================== @@ -4,7 +4,7 @@ /out /torbrowser /basebrowser -/privacybrowser +/mullvadbrowser /testbuild /rbm.local.conf /logs ===================================== projects/browser/config ===================================== @@ -103,12 +103,12 @@ input_files: enable: '[% ! c("var/android") %]' - filename: Bundle-Data enable: '[% ! c("var/android") %]' - - URL: https://addons.mozilla.org/firefox/downloads/file/4086528/noscript-11.4.20.… + - URL: https://addons.mozilla.org/firefox/downloads/file/4090970/noscript-11.4.21.… name: noscript - sha256sum: 014aec3ce142222338372d227eaadfa2ae13c9e3861f6d43869615b932ce4b53 - - URL: https://addons.mozilla.org/firefox/downloads/file/4086892/ublock_origin-1.4… + sha256sum: 0fd3b66a2780d03a5b3cd460216105f3df2b27c6d3a552c1769c5de48c9e2338 + - URL: https://addons.mozilla.org/firefox/downloads/file/4092158/ublock_origin-1.4… name: ublock-origin - sha256sum: 787950ad4fdbf57ffab136c706918077ed15b0b4fb22b5429ddd0043de3c9720 + sha256sum: d7666b963c2969b0014937aae55472eea5098ff21ed3bea8a2e1f595f62856c1 enable: '[% c("var/mullvad-browser") %]' - URL: https://github.com/mullvad/browser-extension/releases/download/v0.7.9-firef… name: mullvad-extension ===================================== projects/firefox/config ===================================== @@ -11,10 +11,10 @@ container: use_container: 1 var: - firefox_platform_version: 102.9.0 + firefox_platform_version: 102.10.0 firefox_version: '[% c("var/firefox_platform_version") %]esr' - browser_series: '12.5' - browser_branch: '[% c("var/browser_series") %]-1' + browser_series: '12.0' + browser_branch: '[% c("var/browser_series") %]-2' browser_build: 2 branding_directory_prefix: 'tb' copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' @@ -79,10 +79,6 @@ targets: git_url: https://gitlab.torproject.org/tpo/applications/mullvad-browser.git var: branding_directory_prefix: 'mb' - firefox_platform_version: 102.9.0 - browser_series: '12.0' - browser_branch: '[% c("var/browser_series") %]-2' - browser_build: 1 gitlab_project: https://gitlab.torproject.org/tpo/applications/mullvad-browser linux-x86_64: ===================================== rbm.conf ===================================== @@ -71,10 +71,10 @@ buildconf: git_signtag_opt: '-s' var: - torbrowser_version: '12.5a4' + torbrowser_version: '12.0.5' torbrowser_build: 'build1' torbrowser_incremental_from: - - 12.5a3 + - 12.0.4 updater_enabled: 1 build_mar: 1 mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]' @@ -252,9 +252,6 @@ targets: exe_name: mullvadbrowser mar_channel_id: '[% c("var/projectname") %]-mullvad-[% c("var/channel") %]' locales: [] - torbrowser_version: '12.0.4' - torbrowser_build: 'build1' - torbrowser_incremental_from: torbrowser-testbuild: - testbuild View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/7… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/7… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-102.10.0esr-12.5-1] fixup! Bug 4234: Use the Firefox Update Process for Base Browser.
by Pier Angelo Vendrame (＠pierov) 20 Apr '23

20 Apr '23

Pier Angelo Vendrame pushed to branch base-browser-102.10.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: fd31ee11 by Pier Angelo Vendrame at 2023-04-20T09:01:57+02:00 fixup! Bug 4234: Use the Firefox Update Process for Base Browser. Bug 41654: Move UpdateInfo into Data again - - - - - 1 changed file: - toolkit/xre/nsXREDirProvider.cpp Changes: ===================================== toolkit/xre/nsXREDirProvider.cpp ===================================== @@ -1211,15 +1211,15 @@ nsresult nsXREDirProvider::GetUpdateRootDir(nsIFile** aResult, NS_ENSURE_SUCCESS(rv, rv); #if defined(BASE_BROWSER_UPDATE) - nsCOMPtr<nsIFile> dataDir; // For Base Browser and derivatives, we store update history, etc. within the // UpdateInfo directory under the user data directory. # if defined(ANDROID) # error "The Base Browser updater is not supported on Android." -# else - rv = GetUserDataDirectoryHome(getter_AddRefs(dataDir), false); +# elif defined(XP_MACOSX) + rv = GetUserDataDirectory(getter_AddRefs(updRoot), false); NS_ENSURE_SUCCESS(rv, rv); - rv = dataDir->GetParent(getter_AddRefs(updRoot)); +# else + rv = GetUserDataDirectoryHome(getter_AddRefs(updRoot), false); NS_ENSURE_SUCCESS(rv, rv); # endif rv = updRoot->AppendNative("UpdateInfo"_ns); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/fd31ee1… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/fd31ee1… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.10.0esr-12.5-1] 2 commits: fixup! Bug 4234: Use the Firefox Update Process for Base Browser.
by Pier Angelo Vendrame (＠pierov) 20 Apr '23

20 Apr '23

Pier Angelo Vendrame pushed to branch tor-browser-102.10.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: 07d2f3f1 by Pier Angelo Vendrame at 2023-04-20T08:58:20+02:00 fixup! Bug 4234: Use the Firefox Update Process for Base Browser. Bug 41654: Move UpdateInfo into Data again - - - - - 83901ef7 by Pier Angelo Vendrame at 2023-04-20T08:58:35+02:00 fixup! Bug 41668: Tweaks to the Base Browser updater for Tor Browser Bug 41654: Fix the UpdateInfo directory path - - - - - 1 changed file: - toolkit/xre/nsXREDirProvider.cpp Changes: ===================================== toolkit/xre/nsXREDirProvider.cpp ===================================== @@ -1213,16 +1213,24 @@ nsresult nsXREDirProvider::GetUpdateRootDir(nsIFile** aResult, NS_ENSURE_SUCCESS(rv, rv); #if defined(BASE_BROWSER_UPDATE) - nsCOMPtr<nsIFile> dataDir; // For Base Browser and derivatives, we store update history, etc. within the // UpdateInfo directory under the user data directory. # if defined(ANDROID) # error "The Base Browser updater is not supported on Android." -# else +# endif + nsCOMPtr<nsIFile> dataDir; rv = GetUserDataDirectoryHome(getter_AddRefs(dataDir), false); NS_ENSURE_SUCCESS(rv, rv); rv = dataDir->GetParent(getter_AddRefs(updRoot)); NS_ENSURE_SUCCESS(rv, rv); +# if !defined(XP_MACOSX) + // For Tor Browser, the profile directory is TorBrowser/Data/Browser. + // Updates used to be in TorBrowser/updateInfo, so go up two directories. + // If we switch to data directory outside also on Windows and on Linux, we + // should remove this block. + dataDir = updRoot; + rv = dataDir->GetParent(getter_AddRefs(updRoot)); + NS_ENSURE_SUCCESS(rv, rv); # endif rv = updRoot->AppendNative("UpdateInfo"_ns); NS_ENSURE_SUCCESS(rv, rv); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/c24cc0… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/c24cc0… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag tbb-12.5a5-build1
by Richard Pospesel (＠richard) 19 Apr '23

19 Apr '23

Richard Pospesel pushed new tag tbb-12.5a5-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/tbb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 40759: Prepare Tor Browser Alpha 12.5a5
by Richard Pospesel (＠richard) 19 Apr '23

19 Apr '23

Richard Pospesel pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: f6675851 by Richard Pospesel at 2023-04-18T18:26:47+00:00 Bug 40759: Prepare Tor Browser Alpha 12.5a5 - - - - - 10 changed files: - projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt - projects/browser/allowed_addons.json - projects/browser/config - projects/fenix/config - projects/firefox/config - projects/geckoview/config - projects/go/config - projects/manual/config - projects/translation/config - rbm.conf Changes: ===================================== projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt ===================================== @@ -1,3 +1,89 @@ +Tor Browser 12.5a5 - April 18 2023 + * All Platforms + * Updated Translations + * Updated NoScript to 11.4.21 + * Updated Go to 11.9.8 + * Bug 40833: base-browser nightly is using the default channel instead of nightly [tor-browser-build] + * Bug 41687: Rebase Tor Browser Alpha to 102.10.0esr [tor-browser] + * Bug 41689: Remove startup.homepage_override_url from Base Browser [tor-browser] + * Bug 41704: Immediately return on remoteSettings.pollChanges [tor-browser] + * Windows + macOS + Linux + * Updated Firefox to 102.10esr + * Bug 165: Fix maximization warning x button and preference [mullvad-browser] + * Bug 40501: High CPU load after tor exits unexpectedly [tor-browser] + * Bug 40701: Improve security warning when downloading a file [tor-browser] + * Bug 40788: Tor Browser 11.0.4-11.0.6 phoning home [tor-browser] + * Bug 40811: Make testing the updater easier [tor-browser-build] + * Bug 40831: Fix update URL for base-browser nightly [tor-browser-build] + * Bug 40958: The number of relays displayed for an onion site can be misleading [tor-browser] + * Bug 41038: Update "Click to Copy" button label in circuit display [tor-browser] + * Bug 41109: "New circuit..." button gets cut-off when onion name wraps [tor-browser] + * Bug 41350: Move the implementation of Bug 19273 out of Torbutton [tor-browser] + * Bug 41521: Improve localization notes [tor-browser] + * Bug 41533: Page Info window for view-source:http://...onion addresses says Connection Not Encrypted [tor-browser] + * Bug 41600: Some users have difficulty finding the circuit display [tor-browser] + * Bug 41617: Improve the UX of the built-in bridges dialog [tor-browser] + * Bug 41668: Move part of the updater patches to base browser [tor-browser] + * Bug 41686: Move the 'Bug 11641: Disable remoting by default' commit from base-browser to tor-browser [tor-browser] + * Bug 41695: Port warning on maximized windows without letterboxing from torbutton [tor-browser] + * Bug 41699: Tighten up the tor onion alias regular expression [tor-browser] + * Bug 41701: Reporting an extension does not work [tor-browser] + * Bug 41702: The connection pill needs to be centered vertically [tor-browser] + * Bug 41709: sendCommand should not try to send a command forever [tor-browser] + * Bug 41711: Race condition when opening a new window in New Identity [tor-browser] + * Bug 41713: “Remove All Bridges” button only appears after hitting “Show All Bridges" [tor-browser] + * Bug 41714: “Show Fewer Bridges” button missing from refactored remove all bridges UI [tor-browser] + * Bug 41719: Update title and button strings in the new circuit display to sentence case [tor-browser] + * Bug 41722: Regression: window maximization warning cannot be closed by the X button [tor-browser] + * Bug 41725: Stray connectionPane.xhtml patch [tor-browser] + * Windows + * Bug 41459: WebRTC fails to build under mingw [tor-browser] + * Bug 41678: WebRTC build fix patches incorrectly defining pid_t [tor-browser] + * Bug 41683: Disable the network process on Windows [tor-browser] + * Linux + * Bug 40830: The fontconfig directory is missing in Base Browser [tor-browser-build] + * Bug 41163: Many bundled fonts are blocked in Ubuntu/Fedora because of RFP [tor-browser] + * Android + * Updated GeckoView to 102.10esr + * Bug 41724: Backport Android-specific security fixes from Firefox 112 to ESR 102.10-based Tor Browser [tor-browser] + * Build System + * All Platforms + * Bug 40828: Use http://archive.debian.org/debian-archive/ for jessie [tor-browser-build] + * Bug 40837: Rebase mullvad-browser build changes onto main [tor-browser-build] + * Windows + macOS + Linux + * Bug 40823: Update appname_* variables in projects/release/update_responses_config.yml [tor-browser-build] + * Bug 40826: Correctly set appname_marfile for basebrowser in tools/signing/nightly/update-responses-base-config.yml [tor-browser-build] + * Bug 40827: MAR generation uses (mostly) hard-coded MAR update channel [tor-browser-build] + * Bug 41730: Bridge lines in tools/torbrowser/bridges.js out of date [tor-browser] + * Windows + * Bug 40822: The Tor Browser installer doesn't run with mandatory ASLR on (0xc000007b) [tor-browser-build] + * macOS + * Bug 40824: dmg2mar script using hardcoded project names for paths [tor-browser-build] + * Bug 40844: DMG reproducibility problem on 12.0.5 [tor-browser-build] + * Linux + * Bug 40835: Update faketime URLs in projects/container-image/config [tor-browser-build] + * Android + * Bug 41684: Android improvements for local dev builds [tor-browser] + +Tor Browser 12.0.5 - April 12 2023 + * All Platforms + * Updated Translations + * Updated NoScript to 11.4.21 + * Updated Go to 11.9.8 + * Bug 41688: Rebase Tor Browser Stable to 102.10.0esr [tor-browser] + * Windows + macOS + Linux + * Updated Firefox to 102.10esr + * Bug 41526: "Cancel" button when establishing a connection should be grey [tor-browser] + * Android + * Updated GeckoView to 102.10esr + * Bug 41724: Backport Android-specific security fixes from Firefox 112 to ESR 102.10-based Tor Browser [tor-browser] + * Build System + * Windows + * Bug 40822: The Tor Browser installer doesn't run with mandatory ASLR on (0xc000007b) [tor-browser-build] + * Linux + * Bug 40828: Use http://archive.debian.org/debian-archive/ for jessie [tor-browser-build] + * Bug 40835: Update faketime URLs in projects/container-image/config [tor-browser-build] + Tor Browser 12.5a4 - March 20 2023 * All Platforms * Updated Translations @@ -245,7 +331,7 @@ Tor Browser 12.5a2 - January 22 2023 * Android * Bug 40738: Update Android git hashes templates [tor-browser-build] -Tor Browser 12.0.2 - January 16 2023 +Tor Browser 12.0.2 - January 18 2023 * All Platforms * Updated tor to 0.4.7.13 * Updated NoScript to 11.4.14 @@ -278,6 +364,7 @@ Tor Browser 12.0.2 - January 16 2023 * Bug 40739: tor-expert-bundle should include ClientTransportPlugin torrc lines for each pluggable transport [tor-browser-build] * Windows + macOS + Linux * Bug 40734: Backport the translation project [tor-browser-build] + * Bug 40746: Remove pt_config.json from pt dir [tor-browser-build] * macOS * Bug 40706: macos-signer-stapler should wait for user interaction before attempting stapling [tor-browser-build] ===================================== projects/browser/allowed_addons.json ===================================== @@ -17,7 +17,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/34/9734/13299734/13299734.pn…" } ], - "average_daily_users": 991330, + "average_daily_users": 970562, "categories": { "android": [ "experimental", @@ -31,7 +31,7 @@ "contributions_url": "https://opencollective.com/darkreader?utm_content=product-page-contribute&u…", "created": "2017-09-19T07:03:00Z", "current_version": { - "id": 5509244, + "id": 5550694, "compatibility": { "firefox": { "min": "54.0", @@ -42,7 +42,7 @@ "max": "*" } }, - "edit_url": "https://addons.mozilla.org/en-US/developers/addon/darkreader/versions/55092…", + "edit_url": "https://addons.mozilla.org/en-US/developers/addon/darkreader/versions/55506…", "is_strict_compatibility_enabled": false, "license": { "id": 22, @@ -53,22 +53,22 @@ "url": "http://www.opensource.org/license/mit" }, "release_notes": { - "en-US": "- Fixed a edge case with extracting color numbers, it's now able to extract `rgb(0 0 0/0.04)`.\n- Improved IPv6 check.\n- Faster UI loading.\n- Users' fixes for websites." + "en-US": "- Site toggle panel (detect dark theme and shortcut).\n- App toggle panel (automation and shortcut).\n- Improved Site List indexing.\n- Users' fixes for websites." }, - "reviewed": "2023-01-09T12:25:16Z", - "version": "4.9.62", + "reviewed": "2023-04-13T13:17:06Z", + "version": "4.9.63", "files": [ { - "id": 4053589, - "created": "2023-01-08T17:15:31Z", - "hash": "sha256:e537a2cee45ed7c26f79ecd3ed362620e3f00d24c158532a58e163a63a3d60cc", + "id": 4095037, + "created": "2023-04-10T09:52:02Z", + "hash": "sha256:16ba6337fcff7ad85e08ad51b384ba26ff751b2b2ded12309f75e8337ace925a", "is_restart_required": false, "is_webextension": true, "is_mozilla_signed_extension": false, "platform": "all", - "size": 636487, + "size": 658318, "status": "public", - "url": "https://addons.mozilla.org/firefox/downloads/file/4053589/darkreader-4.9.62…", + "url": "https://addons.mozilla.org/firefox/downloads/file/4095037/darkreader-4.9.63…", "permissions": [ "alarms", "contextMenus", @@ -146,7 +146,7 @@ }, "is_disabled": false, "is_experimental": false, - "last_updated": "2023-01-09T12:25:16Z", + "last_updated": "2023-04-13T13:17:06Z", "name": { "ar": "Dark Reader", "bn": "Dark Reader", @@ -221,10 +221,10 @@ "category": "recommended" }, "ratings": { - "average": 4.5572, - "bayesian_average": 4.556020910333306, - "count": 4912, - "text_count": 1556 + "average": 4.5575, + "bayesian_average": 4.55632411125665, + "count": 4956, + "text_count": 1572 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/darkreader/reviews/", "requires_payment": false, @@ -321,7 +321,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/darkreader/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/darkreader/versions/", - "weekly_downloads": 29096 + "weekly_downloads": 25917 }, "notes": null }, @@ -337,7 +337,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/56/7656/6937656/6937656.png?…" } ], - "average_daily_users": 266501, + "average_daily_users": 258016, "categories": { "android": [ "security-privacy" @@ -553,10 +553,10 @@ "category": "recommended" }, "ratings": { - "average": 4.8173, - "bayesian_average": 4.812651456820935, - "count": 1330, - "text_count": 236 + "average": 4.8168, + "bayesian_average": 4.81213034274172, + "count": 1332, + "text_count": 235 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/reviews/", "requires_payment": false, @@ -641,7 +641,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/versions/", - "weekly_downloads": 4398 + "weekly_downloads": 3798 }, "notes": null }, @@ -657,7 +657,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/73/4073/5474073/5474073.png?…" } ], - "average_daily_users": 1141854, + "average_daily_users": 1125722, "categories": { "android": [ "security-privacy" @@ -1180,10 +1180,10 @@ "category": "recommended" }, "ratings": { - "average": 4.8016, - "bayesian_average": 4.798796787815379, - "count": 2198, - "text_count": 426 + "average": 4.8005, + "bayesian_average": 4.797701870245844, + "count": 2215, + "text_count": 428 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/reviews/", "requires_payment": false, @@ -1207,7 +1207,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/versions/", - "weekly_downloads": 41171 + "weekly_downloads": 22431 }, "notes": null }, @@ -1223,7 +1223,7 @@ "picture_url": null } ], - "average_daily_users": 6481174, + "average_daily_users": 6247825, "categories": { "android": [ "security-privacy" @@ -1235,7 +1235,7 @@ "contributions_url": "", "created": "2015-04-25T07:26:22Z", "current_version": { - "id": 5534721, + "id": 5547815, "compatibility": { "firefox": { "min": "78.0", @@ -1246,7 +1246,7 @@ "max": "*" } }, - "edit_url": "https://addons.mozilla.org/en-US/developers/addon/ublock-origin/versions/55…", + "edit_url": "https://addons.mozilla.org/en-US/developers/addon/ublock-origin/versions/55…", "is_strict_compatibility_enabled": false, "license": { "id": 6, @@ -1257,22 +1257,22 @@ "url": "http://www.gnu.org/licenses/gpl-3.0.html" }, "release_notes": { - "en-US": "See complete release notes for <a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/ea467320fde698dd660f5e…" rel=\"nofollow\">1.47.4</a>.\n\n<b>Fixes / changes</b>\n\n<ul><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/90332d429df9e9702298e1…" rel=\"nofollow\">Add list for Macedonia; add languages to Persian list</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/f99dde6a629e89c9f720b2…" rel=\"nofollow\">Support update period below 1-day</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/07f7b3b6b630e4e4652b00…" rel=\"nofollow\">Restore behind-the-scene origin for docless secondary resources</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/538445e0e1306d365a45a8…" rel=\"nofollow\">Refine AST template's regex for hosts file entries</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/4b7349389c22c2bd89ddd6…" rel=\"nofollow\">Flush cached result when adding to FilterDomainHitSet</a></li></ul>\n<a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/25aa2ca137134570435ed8…" rel=\"nofollow\">Commits history since last version</a>." + "en-US": "See complete release notes for <a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/9ba5436deff955b8634d3a…" rel=\"nofollow\">1.48.4</a>.\n\n<b>Fixes / changes</b>\n\n<ul><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/2881e29d212046e14a4f20…" rel=\"nofollow\">Fix presumed network filter not being a valid network filter</a></li><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/1d29de8f605dc6f4b7684f…" rel=\"nofollow\">Avoid using ! toolbar icon badge when inconsequential</a><ul><li><a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/04728b2f874e135c8736ae…" rel=\"nofollow\">Clear unprocessed requests status on webNavigation reload event</a></li></ul></li></ul>\n<a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/e34f62492a00e2b8a221ca…" rel=\"nofollow\">Commits history since last version</a>." }, - "reviewed": "2023-03-08T13:21:02Z", - "version": "1.47.4", + "reviewed": "2023-04-05T17:12:25Z", + "version": "1.48.4", "files": [ { - "id": 4079064, - "created": "2023-03-03T22:26:56Z", - "hash": "sha256:a35a6c8758ba74616afc09648c96d74ec2e7d27fe30f311d1db6e9a4966e7858", + "id": 4092158, + "created": "2023-04-01T21:20:42Z", + "hash": "sha256:d7666b963c2969b0014937aae55472eea5098ff21ed3bea8a2e1f595f62856c1", "is_restart_required": false, "is_webextension": true, "is_mozilla_signed_extension": false, "platform": "all", - "size": 3246151, + "size": 3343703, "status": "public", - "url": "https://addons.mozilla.org/firefox/downloads/file/4079064/ublock_origin-1.4…", + "url": "https://addons.mozilla.org/firefox/downloads/file/4092158/ublock_origin-1.4…", "permissions": [ "dns", "menus", @@ -1388,7 +1388,7 @@ }, "is_disabled": false, "is_experimental": false, - "last_updated": "2023-03-19T11:30:30Z", + "last_updated": "2023-04-16T15:40:30Z", "name": { "ar": "uBlock Origin", "bg": "uBlock Origin", @@ -1534,9 +1534,9 @@ }, "ratings": { "average": 4.7805, - "bayesian_average": 4.780094594455903, - "count": 15128, - "text_count": 3934 + "bayesian_average": 4.780095724686764, + "count": 15264, + "text_count": 3968 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/reviews/", "requires_payment": false, @@ -1598,7 +1598,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/versions/", - "weekly_downloads": 143423 + "weekly_downloads": 132315 }, "notes": null }, @@ -1614,7 +1614,7 @@ "picture_url": null } ], - "average_daily_users": 159499, + "average_daily_users": 159848, "categories": { "android": [ "photos-media" @@ -1712,10 +1712,10 @@ "category": "recommended" }, "ratings": { - "average": 4.5055, - "bayesian_average": 4.50026668386193, - "count": 1090, - "text_count": 405 + "average": 4.4964, + "bayesian_average": 4.4911928855659555, + "count": 1100, + "text_count": 407 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/video-background-play-fix/re…", "requires_payment": false, @@ -1737,7 +1737,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/video-background-play-fix/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/video-background-play-fix/ve…", - "weekly_downloads": 363 + "weekly_downloads": 366 }, "notes": null }, @@ -1753,7 +1753,7 @@ "picture_url": null } ], - "average_daily_users": 92182, + "average_daily_users": 88484, "categories": { "android": [ "experimental", @@ -1866,8 +1866,8 @@ ], "promoted": null, "ratings": { - "average": 4.3769, - "bayesian_average": 4.3630961936527894, + "average": 4.3668, + "bayesian_average": 4.352941163663537, "count": 398, "text_count": 112 }, @@ -1891,7 +1891,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-possum/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-possum/versions/", - "weekly_downloads": 1406 + "weekly_downloads": 1034 }, "notes": null }, @@ -1907,7 +1907,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/64/9064/12929064/12929064.pn…" } ], - "average_daily_users": 259947, + "average_daily_users": 258622, "categories": { "android": [ "photos-media", @@ -2126,10 +2126,10 @@ "category": "recommended" }, "ratings": { - "average": 4.6513, - "bayesian_average": 4.646506092845788, - "count": 1236, - "text_count": 240 + "average": 4.6538, + "bayesian_average": 4.64901646767579, + "count": 1248, + "text_count": 241 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/search_by_image/reviews/", "requires_payment": false, @@ -2150,7 +2150,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/search_by_image/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/search_by_image/versions/", - "weekly_downloads": 7883 + "weekly_downloads": 4497 }, "notes": null }, @@ -2173,7 +2173,7 @@ "picture_url": null } ], - "average_daily_users": 109654, + "average_daily_users": 109747, "categories": { "android": [ "other" @@ -2456,10 +2456,10 @@ "category": "recommended" }, "ratings": { - "average": 4.4426, - "bayesian_average": 4.437933242019955, - "count": 1202, - "text_count": 319 + "average": 4.4449, + "bayesian_average": 4.440238588001734, + "count": 1207, + "text_count": 321 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/google-search-fixer/reviews/", "requires_payment": false, @@ -2479,7 +2479,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/google-search-fixer/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/google-search-fixer/versions/", - "weekly_downloads": 50 + "weekly_downloads": 31 }, "notes": null }, @@ -2495,7 +2495,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/43/0143/143/143.png?modified…" } ], - "average_daily_users": 326501, + "average_daily_users": 312295, "categories": { "android": [ "performance", @@ -2509,7 +2509,7 @@ "contributions_url": "https://www.paypal.com/donate/?hosted_button_id=9ERKTU5MBH4EW&utm_content=p…", "created": "2005-05-13T10:51:32Z", "current_version": { - "id": 5542185, + "id": 5546627, "compatibility": { "firefox": { "min": "59.0", @@ -2520,7 +2520,7 @@ "max": "*" } }, - "edit_url": "https://addons.mozilla.org/en-US/developers/addon/noscript/versions/5542185", + "edit_url": "https://addons.mozilla.org/en-US/developers/addon/noscript/versions/5546627", "is_strict_compatibility_enabled": false, "license": { "id": 13, @@ -2531,22 +2531,22 @@ "url": "http://www.gnu.org/licenses/gpl-2.0.html" }, "release_notes": { - "en-US": "v 11.4.20\n============================================================\nx Generalized prompt safety hooks\nx Better blob: URL support\nx [nscl] Improved cross-window patch cascading\nx [nscl] Avoid unneeded side effects when checking for\n zombie patched objects\nx [nscl] Prompt safety hooks\nx [L10n] Updated fr, fi\nx Fix font family typo (!283, thanks alex-kinokon)" + "en-US": "v 11.4.21\n============================================================\nx Fixed mislabeled Tor Browser settings override option\nx [L10n] Updated mk" }, - "reviewed": "2023-03-21T12:03:50Z", - "version": "11.4.20", + "reviewed": "2023-04-04T12:01:03Z", + "version": "11.4.21", "files": [ { - "id": 4086528, - "created": "2023-03-20T22:48:31Z", - "hash": "sha256:014aec3ce142222338372d227eaadfa2ae13c9e3861f6d43869615b932ce4b53", + "id": 4090970, + "created": "2023-03-30T09:39:24Z", + "hash": "sha256:0fd3b66a2780d03a5b3cd460216105f3df2b27c6d3a552c1769c5de48c9e2338", "is_restart_required": false, "is_webextension": true, "is_mozilla_signed_extension": false, "platform": "all", - "size": 951165, + "size": 951542, "status": "public", - "url": "https://addons.mozilla.org/firefox/downloads/file/4086528/noscript-11.4.20.…", + "url": "https://addons.mozilla.org/firefox/downloads/file/4090970/noscript-11.4.21.…", "permissions": [ "contextMenus", "storage", @@ -2613,7 +2613,7 @@ }, "is_disabled": false, "is_experimental": false, - "last_updated": "2023-03-21T12:03:50Z", + "last_updated": "2023-04-04T12:01:03Z", "name": { "de": "NoScript", "el": "NoScript", @@ -2685,10 +2685,10 @@ "category": "recommended" }, "ratings": { - "average": 4.405, - "bayesian_average": 4.402291645516784, - "count": 2052, - "text_count": 801 + "average": 4.4117, + "bayesian_average": 4.40897409082447, + "count": 2055, + "text_count": 798 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/noscript/reviews/", "requires_payment": false, @@ -2732,7 +2732,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/noscript/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/noscript/versions/", - "weekly_downloads": 8165 + "weekly_downloads": 8021 }, "notes": null }, @@ -2748,7 +2748,7 @@ "picture_url": null } ], - "average_daily_users": 148495, + "average_daily_users": 146192, "categories": { "android": [ "performance", @@ -2863,10 +2863,10 @@ "category": "recommended" }, "ratings": { - "average": 3.9155, - "bayesian_average": 3.9111787696510967, - "count": 1113, - "text_count": 396 + "average": 3.9109, + "bayesian_average": 3.9065939897765096, + "count": 1122, + "text_count": 397 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/revi…", "requires_payment": false, @@ -2885,7 +2885,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/vers…", - "weekly_downloads": 1769 + "weekly_downloads": 1829 }, "notes": null } ===================================== projects/browser/config ===================================== @@ -103,9 +103,9 @@ input_files: enable: '[% ! c("var/android") %]' - filename: Bundle-Data enable: '[% ! c("var/android") %]' - - URL: https://addons.mozilla.org/firefox/downloads/file/4086528/noscript-11.4.20.… + - URL: https://addons.mozilla.org/firefox/downloads/file/4090970/noscript-11.4.21.… name: noscript - sha256sum: 014aec3ce142222338372d227eaadfa2ae13c9e3861f6d43869615b932ce4b53 + sha256sum: 0fd3b66a2780d03a5b3cd460216105f3df2b27c6d3a552c1769c5de48c9e2338 - URL: https://addons.mozilla.org/firefox/downloads/file/4079064/ublock_origin-1.4… name: ublock-origin sha256sum: a35a6c8758ba74616afc09648c96d74ec2e7d27fe30f311d1db6e9a4966e7858 ===================================== projects/fenix/config ===================================== @@ -14,7 +14,7 @@ container: var: fenix_version: 102.2.1 browser_branch: 12.5-1 - fenix_build: 3 + fenix_build: 4 git_branch: 'tor-browser-[% c("var/fenix_version") %]-[% c("var/browser_branch") %]' copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' # This should be updated when the list of gradle dependencies is changed. ===================================== projects/firefox/config ===================================== @@ -11,11 +11,11 @@ container: use_container: 1 var: - firefox_platform_version: 102.9.0 + firefox_platform_version: 102.10.0 firefox_version: '[% c("var/firefox_platform_version") %]esr' browser_series: '12.5' browser_branch: '[% c("var/browser_series") %]-1' - browser_build: 2 + browser_build: 3 branding_directory_prefix: 'tb' copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-[% c("var/osname") %]' ===================================== projects/geckoview/config ===================================== @@ -11,9 +11,9 @@ container: use_container: 1 var: - geckoview_version: 102.9.0esr + geckoview_version: 102.10.0esr browser_branch: 12.5-1 - browser_build: 2 + browser_build: 3 copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' deps: - build-essential ===================================== projects/go/config ===================================== @@ -1,5 +1,5 @@ # vim: filetype=yaml sw=2 -version: 1.19.7 +version: 1.19.8 filename: '[% project %]-[% c("version") %]-[% c("var/build_id") %].tar.gz' container: use_container: 1 @@ -121,7 +121,7 @@ input_files: enable: '[% ! c("var/linux") %]' - URL: 'https://golang.org/dl/go[% c("version") %].src.tar.gz' name: go - sha256sum: 775bdf285ceaba940da8a2fe20122500efd7a0b65dbcee85247854a8d7402633 + sha256sum: 1d7a67929dccafeaf8a29e55985bc2b789e0499cb1a17100039f084e3238da2f - URL: 'https://golang.org/dl/go[% c("var/go14_version") %].src.tar.gz' name: go14 sha256sum: 9947fc705b0b841b5938c48b22dc33e9647ec0752bae66e50278df4f23f64959 ===================================== projects/manual/config ===================================== @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 # To update, see doc/how-to-update-the-manual.txt # Remember to update also the package's hash, with the version! -version: 69998 +version: 74065 filename: 'manual-[% c("version") %]-[% c("var/build_id") %].tar.gz' container: use_container: 1 @@ -19,6 +19,6 @@ input_files: - project: container-image - URL: 'https://people.torproject.org/~richard/tbb_files/manual_[% c("version") %].zip' name: manual - sha256sum: 236ad8b877d9bdb3ad5309deee8acb4025e10e4faf4626d063cbf6c87fc209a4 + sha256sum: 788c2dc2bfacbc6961ce443c5639706cc23fbb7b7730ed7f71a26396511305be - filename: packagemanual.py name: package_script ===================================== projects/translation/config ===================================== @@ -6,19 +6,19 @@ version: '[% c("abbrev") %]' steps: base-browser: base-browser: '[% INCLUDE build %]' - git_hash: 50ec65bc65e510156c1e9f5c835eb6ea034450d0 + git_hash: 97c76d5183b16b069e66feaaf10e00c1d2c7d9e0 targets: nightly: git_hash: 'base-browser' base-browser-fluent: base-browser-fluent: '[% INCLUDE build %]' - git_hash: 667a6daeba46b7aeb0a8b664bd9ae006f8ac233d + git_hash: e016c52705a2663309a7b05b05ac93002eab3ed0 targets: nightly: git_hash: 'basebrowser-newidentityftl' tor-browser: tor-browser: '[% INCLUDE build %]' - git_hash: e9ad920fc7427ff1b84e3723a97212ccd78dfe26 + git_hash: 69273c40343bd6f8f125109ddac9d949d7bcb605 targets: nightly: git_hash: 'tor-browser' @@ -26,7 +26,7 @@ steps: fenix: '[% INCLUDE build %]' # We need to bump the commit before releasing but just pointing to a branch # might cause too much rebuidling of the Firefox part. - git_hash: f9fd1869f6904e3a9fe99fa3626382b20ff33e66 + git_hash: 0deec2a78dea0013e8c4eaec1d40ef5aac4e43b0 targets: nightly: git_hash: 'fenix-torbrowserstringsxml' ===================================== rbm.conf ===================================== @@ -71,10 +71,10 @@ buildconf: git_signtag_opt: '-s' var: - torbrowser_version: '12.5a4' + torbrowser_version: '12.5a5' torbrowser_build: 'build1' torbrowser_incremental_from: - - 12.5a3 + - 12.5a4 updater_enabled: 1 build_mar: 1 mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]' View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/f… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/f… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-update-responses][main] release: new version, 12.0.5
by boklm (＠boklm) 19 Apr '23

19 Apr '23

boklm pushed to branch main at The Tor Project / Applications / Tor Browser update responses Commits: d88821fb by Nicolas Vigier at 2023-04-19T18:03:46+02:00 release: new version, 12.0.5 - - - - - 30 changed files: - update_3/release/.htaccess - − update_3/release/12.0.3-12.0.4-linux32-ALL.xml - − update_3/release/12.0.3-12.0.4-linux64-ALL.xml - − update_3/release/12.0.3-12.0.4-macos-ALL.xml - − update_3/release/12.0.3-12.0.4-win32-ALL.xml - − update_3/release/12.0.3-12.0.4-win64-ALL.xml - + update_3/release/12.0.4-12.0.5-linux32-ALL.xml - + update_3/release/12.0.4-12.0.5-linux64-ALL.xml - + update_3/release/12.0.4-12.0.5-macos-ALL.xml - + update_3/release/12.0.4-12.0.5-win32-ALL.xml - + update_3/release/12.0.4-12.0.5-win64-ALL.xml - − update_3/release/12.0.4-linux32-ALL.xml - − update_3/release/12.0.4-linux64-ALL.xml - − update_3/release/12.0.4-macos-ALL.xml - − update_3/release/12.0.4-win32-ALL.xml - − update_3/release/12.0.4-win64-ALL.xml - + update_3/release/12.0.5-linux32-ALL.xml - + update_3/release/12.0.5-linux64-ALL.xml - + update_3/release/12.0.5-macos-ALL.xml - + update_3/release/12.0.5-win32-ALL.xml - + update_3/release/12.0.5-win64-ALL.xml - update_3/release/download-android-aarch64.json - update_3/release/download-android-armv7.json - update_3/release/download-android-x86.json - update_3/release/download-android-x86_64.json - update_3/release/download-linux-i686.json - update_3/release/download-linux-x86_64.json - update_3/release/download-macos.json - update_3/release/download-windows-i686.json - update_3/release/download-windows-x86_64.json The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 40831: Fix update URL for base-browser nightly
by boklm (＠boklm) 18 Apr '23

18 Apr '23

boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 4e92f461 by Nicolas Vigier at 2023-04-18T15:17:05+02:00 Bug 40831: Fix update URL for base-browser nightly - - - - - 2 changed files: - projects/firefox/build - projects/firefox/config Changes: ===================================== projects/firefox/build ===================================== @@ -97,7 +97,7 @@ fi cp $rootdir/marsigner.der toolkit/mozapps/update/updater/nightly_aurora_level3_secondary.der [% ELSIF c("var/nightly") && ! c("var/mullvad-browser") -%] # Set update url for nightly (#33402 / #40033) - sed -i 's|^URL=https://aus1\.torproject\.org/.*|URL=https://nightlies.tbb.torprojec… c("var/nightly_updates_publish_dir") %]/%CHANNEL%/%BUILD_TARGET%/%VERSION%/ALL|' build/application.ini.in + sed -i 's|^URL=https://aus1\.torproject\.org/.*|URL=https://nightlies.tbb.torprojec… c("var/nightly_updates_publish_dir") %]/%CHANNEL%/%BUILD_TARGET%/%VERSION%/ALL|' build/application.ini.in [% END -%] ===================================== projects/firefox/config ===================================== @@ -18,7 +18,7 @@ var: browser_build: 2 branding_directory_prefix: 'tb' copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' - nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %][% c("var/osname") %]' + nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-[% c("var/osname") %]' gitlab_project: https://gitlab.torproject.org/tpo/applications/tor-browser git_commit: '[% exec("git rev-parse HEAD") %]' deps: @@ -133,7 +133,7 @@ targets: macos: var: martools_filename: 'mar-tools-macos-[% c("var/macos_arch") %].zip' - nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]macos' + nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-macos' arch_deps: - python3 - python3-distutils View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Deleted branch bug_40759
by Richard Pospesel (＠richard) 17 Apr '23

17 Apr '23

Richard Pospesel deleted branch bug_40759 at The Tor Project / Applications / tor-browser-build -- You're receiving this email because of your account on gitlab.torproject.org.

1 0