- tbb-commits - lists.torproject.org

[Git][tpo/applications/tor-browser-build] Pushed new tag mb-15.0.3-build1
by ma1 (＠ma1) 08 Dec '25

08 Dec '25

ma1 pushed new tag mb-15.0.3-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/mb-… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag tbb-15.0.3-build1
by ma1 (＠ma1) 08 Dec '25

08 Dec '25

ma1 pushed new tag tbb-15.0.3-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/tbb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-15.0] Bug 41637,41638: Prepare Tor, Mullvad Browser 15.0.3
by ma1 (＠ma1) 08 Dec '25

08 Dec '25

ma1 pushed to branch maint-15.0 at The Tor Project / Applications / tor-browser-build Commits: e590f09a by hackademix at 2025-12-08T12:41:20+01:00 Bug 41637,41638: Prepare Tor, Mullvad Browser 15.0.3 - - - - - 9 changed files: - projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt - projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt - projects/browser/config - projects/firefox/config - projects/geckoview/config - projects/go/config - projects/moat-settings/config - projects/translation/config - rbm.conf Changes: ===================================== projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt ===================================== @@ -1,3 +1,34 @@ +Mullvad Browser 15.0.3 - December 09 2025 + * All Platforms + * Updated Firefox to 140.6.0esr + * Updated NoScript to 13.5.2.1984 + * Updated uBlock Origin to 1.68.0 + * Bug 497: Rebase Mullvad Browser stable onto 140.6.0esr [mullvad-browser] + * Bug 22974: Self-host NoScript Updates [tor-browser] + * Bug 44334: TB does not render image in PDF file [tor-browser] + * Bug 44348: Backport Bugzilla 1999126: Protect whether PDF.js is enabled/disabled to improve fingerprinting protection [tor-browser] + * Bug 44391: Restrictions cascade blocks every capability in subframes (e.g. captchas) [tor-browser] + * Bug 44409: Backport Security Fixes from Firefox 146 [tor-browser] + * Build System + * All Platforms + * Bug 493: Automatically check whether the signed build is avaliable on dist.torproject.org before notifying Mullvad for QA [mullvad-browser] + * Bug 41644: Self-hosted browser extensions support in relprep.py [tor-browser-build] + +Mullvad Browser 15.0.3 - December 09 2025 + * All Platforms + * Updated Firefox to 140.6.0esr + * Updated NoScript to 13.5.2.1984 + * Updated uBlock Origin to 1.68.0 + * Bug 497: Rebase Mullvad Browser stable onto 140.6.0esr [mullvad-browser] + * Bug 22974: Self-host NoScript Updates [tor-browser] + * Bug 44348: Backport Bugzilla 1999126: Protect whether PDF.js is enabled/disabled to improve fingerprinting protection [tor-browser] + * Bug 44391: Restrictions cascade blocks every capability in subframes (e.g. captchas) [tor-browser] + * Bug 44409: Backport Security Fixes from Firefox 146 [tor-browser] + * Build System + * All Platforms + * Bug 493: Automatically check whether the signed build is avaliable on dist.torproject.org before notifying Mullvad for QA [mullvad-browser] + * Bug 41644: Self-hosted browser extensions support in relprep.py [tor-browser-build] + Mullvad Browser 15.0.2 - November 20 2025 * All Platforms * Updated Mullvad Browser Extension to 0.9.6 ===================================== projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt ===================================== @@ -1,3 +1,44 @@ +Tor Browser 15.0.3 - December 09 2025 + * All Platforms + * Bug 22974: Self-host NoScript Updates [tor-browser] + * Bug 44334: TB does not render image in PDF file [tor-browser] + * Bug 44348: Backport Bugzilla 1999126: Protect whether PDF.js is enabled/disabled to improve fingerprinting protection [tor-browser] + * Bug 44391: Restrictions cascade blocks every capability in subframes (e.g. captchas) [tor-browser] + * Bug 44399: Rebase Tor Browser 15.0 stable onto 140.6.0esr [tor-browser] + * Bug 44409: Backport Security Fixes from Firefox 146 [tor-browser] + * Bug 41646: Update lyrebird version to v0.7.0 [tor-browser-build] + * Windows + macOS + Linux + * Updated Firefox to 140.6.0esr + * Android + * Updated GeckoView to 140.6.0esr + * Updated Zstandard to 1.5.7 + * Bug 44346: Webrender broken on Adreno 510 devices with esr140 [tor-browser] + * Build System + * All Platforms + * Bug 41644: Self-hosted browser extensions support in relprep.py [tor-browser-build] + * Windows + Linux + Android + * Updated Go to 1.24.11 + +Tor Browser 15.0.3 - December 09 2025 + * All Platforms + * Updated NoScript to 13.5.2.1984 + * Bug 22974: Self-host NoScript Updates [tor-browser] + * Bug 44348: Backport Bugzilla 1999126: Protect whether PDF.js is enabled/disabled to improve fingerprinting protection [tor-browser] + * Bug 44391: Restrictions cascade blocks every capability in subframes (e.g. captchas) [tor-browser] + * Bug 44399: Rebase Tor Browser 15.0 stable onto 140.6.0esr [tor-browser] + * Bug 44409: Backport Security Fixes from Firefox 146 [tor-browser] + * Bug 41646: Update lyrebird version to v0.7.0 [tor-browser-build] + * Windows + macOS + Linux + * Updated Firefox to 140.6.0esr + * Android + * Updated GeckoView to 140.6.0esr + * Bug 44346: Webrender broken on Adreno 510 devices with esr140 [tor-browser] + * Build System + * All Platforms + * Bug 41644: Self-hosted browser extensions support in relprep.py [tor-browser-build] + * Windows + Linux + Android + * Updated Go to 1.24.11 + Tor Browser 15.0.2 - November 19 2025 * All Platforms * Updated Tor to 0.4.8.21 ===================================== projects/browser/config ===================================== @@ -113,12 +113,12 @@ input_files: enable: '[% ! c("var/android") %]' - filename: dmg-root enable: '[% ! c("var/android") %]' - - URL: https://addons.mozilla.org/firefox/downloads/file/4609561/noscript-13.4.xpi + - URL: https://dist.torproject.org/torbrowser/noscript/noscript-13.5.2.1984.xpi name: noscript - sha256sum: 9496d2bc785f2b6dff36a3d6f60fa1a70d7b9a1895bc738c30387c94cd945168 - - URL: https://addons.mozilla.org/firefox/downloads/file/4598854/ublock_origin-1.6… + sha256sum: 4579c70b69e3198ea0bf064f9912b9341696b9ad4ed177cb19994208872425fd + - URL: https://addons.mozilla.org/firefox/downloads/file/4629131/ublock_origin-1.6… name: ublock-origin - sha256sum: b83c6ec49f817a8d05d288b53dbc7005cceccf82e9490d8683b3120aab3c133a + sha256sum: 5caf4abda494018841222a12156919bbdd8cad82a783c38c36b22dd642704315 enable: '[% c("var/mullvad-browser") %]' - URL: https://cdn.mullvad.net/browser-extension/0.9.6/mullvad-browser-extension-0… name: mullvad-extension ===================================== projects/firefox/config ===================================== @@ -16,12 +16,12 @@ container: use_container: 1 var: - firefox_platform_version: '140.5.0' + firefox_platform_version: '140.6.0' firefox_version: '[% c("var/firefox_platform_version") %]esr' browser_series: '15.0' browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' - browser_build: 3 + browser_build: 4 copyright_year: '[% exec("git show -s --format=%ci " _ c("git_hash") _ "^{commit}", { exec_noco => 1 }).remove("-.*") %]' nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-[% c("var/osname") %]' gitlab_project: https://gitlab.torproject.org/tpo/applications/tor-browser @@ -114,6 +114,7 @@ targets: updater_url: 'https://cdn.mullvad.net/browser/update_responses/update_1/' mar_id_prefix: 'mullvadbrowser-mullvad' nightly_updates_publish_dir_prefix: mullvadbrowser- + browser_build: 3 linux-x86_64: var: arch_deps: ===================================== projects/geckoview/config ===================================== @@ -18,12 +18,12 @@ container: build_apk: 1 var: - firefox_platform_version: '140.5.0' + firefox_platform_version: '140.6.0' geckoview_version: '[% c("var/firefox_platform_version") %]esr' browser_series: '15.0' browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' - browser_build: 2 + browser_build: 4 gitlab_project: https://gitlab.torproject.org/tpo/applications/tor-browser git_commit: '[% exec("git rev-parse " _ c("git_hash") _ "^{commit}", { exec_noco => 1 }) %]' deps: ===================================== projects/go/config ===================================== @@ -1,11 +1,11 @@ # vim: filetype=yaml sw=2 -version: '1.24.10' +version: '1.24.11' filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' container: use_container: 1 var: - source_sha256: 34000dcc47a517b78fcf2657ee7d033328a57079fe60c4ed8b7b84260d1d19d3 + source_sha256: ffdf97766a4c4b135cd53809713978e9ee1a943b2c8e28ad221a5429de30e210 no_crosscompile: 1 setup: | mkdir -p /var/tmp/dist ===================================== projects/moat-settings/config ===================================== @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 filename: '[% project %]-[% c("version") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' git_url: https://gitlab.torproject.org/tpo/anti-censorship/rdsys-admin.git -git_hash: 810fb24bd5fe36c8c0a67ecf8f8ec47b479eee31 +git_hash: c13a8e5909d78abbabf5b853e20e63e38fcc4808 version: '[% c("abbrev") %]' # Use gz for now, since we do not support Zstandard on Linux containers. compress_tar: 'gz' ===================================== projects/translation/config ===================================== @@ -12,13 +12,13 @@ compress_tar: 'gz' steps: base-browser: base-browser: '[% INCLUDE build %]' - git_hash: fbef59e3ea6d685abd47b6506db44a0f4e517869 + git_hash: d366318349af0977ff23b492fa87e436e8672fdd targets: nightly: git_hash: 'base-browser' tor-browser: tor-browser: '[% INCLUDE build %]' - git_hash: 4fcb19da2c6b62bdd96828172162bea89ee3231e + git_hash: 45b67d3be52f79e8a4b361fd04ab12f342ab0016 targets: nightly: git_hash: 'tor-browser' @@ -32,7 +32,7 @@ steps: fenix: '[% INCLUDE build %]' # We need to bump the commit before releasing but just pointing to a branch # might cause too much rebuidling of the Firefox part. - git_hash: d9fe5b503d0795a584caa2ce99ee101831967220 + git_hash: 4690b13484b82453db1482af32953ee2c9398568 compress_tar: 'zst' targets: nightly: ===================================== rbm.conf ===================================== @@ -74,11 +74,11 @@ buildconf: git_signtag_opt: '-s' var: - torbrowser_version: '15.0.2' + torbrowser_version: '15.0.3' torbrowser_build: 'build1' # This should be the date of when the build is started. For the build # to be reproducible, browser_release_date should always be in the past. - browser_release_date: '2025/11/20 07:40:03' + browser_release_date: '2025/12/08 08:01:36' browser_release_date_timestamp: '[% USE date; date.format(c("var/browser_release_date"), "%s") %]' browser_default_channel: release browser_platforms: @@ -128,14 +128,13 @@ var: updater_enabled: 1 build_mar: 1 torbrowser_incremental_from: + - 15.0.2 - 15.0.1 - - '15.0' - - 14.5.8 - - 14.5.7 + - 15.0 mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]' - torbrowser_legacy_version: 13.5.25 - torbrowser_legacy_platform_version: 115.30.0 + torbrowser_legacy_version: 13.5.26 + torbrowser_legacy_platform_version: 115.31.0 # By default, we sort the list of installed packages. This allows sharing # containers with identical list of packages, even if they are not listed View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/e… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/e… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-140.6.0esr-15.0-1] Bug 1977576 - Pass JSContext to VideoFrame::PrefEnabled in more places. r=manuel,chunmin,tjr
by Pier Angelo Vendrame (＠pierov) 08 Dec '25

08 Dec '25

Pier Angelo Vendrame pushed to branch mullvad-browser-140.6.0esr-15.0-1 at The Tor Project / Applications / Mullvad Browser Commits: 52b09dcb by Fatih Kilic at 2025-12-08T12:31:32+01:00 Bug 1977576 - Pass JSContext to VideoFrame::PrefEnabled in more places. r=manuel,chunmin,tjr Differential Revision: https://phabricator.services.mozilla.com/D257488 - - - - - 3 changed files: - dom/base/StructuredCloneHolder.cpp - dom/media/webcodecs/VideoFrame.h - toolkit/components/resistfingerprinting/nsRFPService.cpp Changes: ===================================== dom/base/StructuredCloneHolder.cpp ===================================== @@ -1110,7 +1110,7 @@ JSObject* StructuredCloneHolder::CustomReadHandler( return ClonedErrorHolder::ReadStructuredClone(aCx, aReader, this); } - if (VideoFrame::PrefEnabled() && aTag == SCTAG_DOM_VIDEOFRAME && + if (VideoFrame::PrefEnabled(aCx) && aTag == SCTAG_DOM_VIDEOFRAME && CloneScope() == StructuredCloneScope::SameProcess && aCloneDataPolicy.areIntraClusterClonableSharedObjectsAllowed()) { JS::Rooted<JSObject*> global(aCx, mGlobal->GetGlobalJSObject()); @@ -1250,7 +1250,7 @@ bool StructuredCloneHolder::CustomWriteHandler( } // See if this is a VideoFrame object. - if (VideoFrame::PrefEnabled()) { + if (VideoFrame::PrefEnabled(aCx)) { VideoFrame* videoFrame = nullptr; if (NS_SUCCEEDED(UNWRAP_OBJECT(VideoFrame, &obj, videoFrame))) { SameProcessScopeRequired(aSameProcessScopeRequired); @@ -1446,7 +1446,7 @@ StructuredCloneHolder::CustomReadTransferHandler( aReturnObject); } - if (VideoFrame::PrefEnabled() && aTag == SCTAG_DOM_VIDEOFRAME && + if (VideoFrame::PrefEnabled(aCx) && aTag == SCTAG_DOM_VIDEOFRAME && CloneScope() == StructuredCloneScope::SameProcess && aCloneDataPolicy.areIntraClusterClonableSharedObjectsAllowed()) { MOZ_ASSERT(aContent); @@ -1591,7 +1591,7 @@ StructuredCloneHolder::CustomWriteTransferHandler( return true; } - if (VideoFrame::PrefEnabled()) { + if (VideoFrame::PrefEnabled(aCx)) { VideoFrame* videoFrame = nullptr; rv = UNWRAP_OBJECT(VideoFrame, &obj, videoFrame); if (NS_SUCCEEDED(rv)) { @@ -1758,7 +1758,7 @@ void StructuredCloneHolder::CustomFreeTransferHandler( return; } - if (VideoFrame::PrefEnabled() && aTag == SCTAG_DOM_VIDEOFRAME && + if (aTag == SCTAG_DOM_VIDEOFRAME && CloneScope() == StructuredCloneScope::SameProcess) { if (aContent) { VideoFrame::TransferredData* data = @@ -1767,8 +1767,7 @@ void StructuredCloneHolder::CustomFreeTransferHandler( } return; } - if (StaticPrefs::dom_media_webcodecs_enabled() && - aTag == SCTAG_DOM_AUDIODATA && + if (aTag == SCTAG_DOM_AUDIODATA && CloneScope() == StructuredCloneScope::SameProcess) { if (aContent) { AudioData::TransferredData* data = @@ -1851,7 +1850,7 @@ bool StructuredCloneHolder::CustomCanTransferHandler( } } - if (VideoFrame::PrefEnabled()) { + if (VideoFrame::PrefEnabled(aCx)) { VideoFrame* videoframe = nullptr; nsresult rv = UNWRAP_OBJECT(VideoFrame, &obj, videoframe); if (NS_SUCCEEDED(rv)) { ===================================== dom/media/webcodecs/VideoFrame.h ===================================== @@ -104,7 +104,7 @@ class VideoFrame final : public nsISupports, JSObject* WrapObject(JSContext* aCx, JS::Handle<JSObject*> aGivenProto) override; - static bool PrefEnabled(JSContext* aCx = nullptr, JSObject* aObj = nullptr); + static bool PrefEnabled(JSContext* aCx, JSObject* aObj = nullptr); static already_AddRefed<VideoFrame> Constructor( const GlobalObject& aGlobal, HTMLImageElement& aImageElement, ===================================== toolkit/components/resistfingerprinting/nsRFPService.cpp ===================================== @@ -2708,8 +2708,10 @@ bool nsRFPService::IsWebCodecsRFPTargetEnabled(JSContext* aCx) { // We know that the RFPTarget::WebCodecs is enabled, check if principal // is exempted. - // VideoFrame::PrefEnabled function can be called without a JSContext. - if (!aCx) { + if (NS_WARN_IF(!aCx)) { + MOZ_LOG(gResistFingerprintingLog, LogLevel::Warning, + ("nsRFPService::IsWebCodecsRFPTargetEnabled called with null " + "JSContext")); return true; } View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/52b… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/52b… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new tag mullvad-browser-140.6.0esr-15.0-1-build3
by Pier Angelo Vendrame (＠pierov) 08 Dec '25

08 Dec '25

Pier Angelo Vendrame pushed new tag mullvad-browser-140.6.0esr-15.0-1-build3 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-140.6.0esr-15.0-1] Bug 1977576 - Pass JSContext to VideoFrame::PrefEnabled in more places. r=manuel,chunmin,tjr
by Pier Angelo Vendrame (＠pierov) 08 Dec '25

08 Dec '25

Pier Angelo Vendrame pushed to branch base-browser-140.6.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: a12d7a61 by Fatih Kilic at 2025-12-08T12:26:54+01:00 Bug 1977576 - Pass JSContext to VideoFrame::PrefEnabled in more places. r=manuel,chunmin,tjr Differential Revision: https://phabricator.services.mozilla.com/D257488 - - - - - 3 changed files: - dom/base/StructuredCloneHolder.cpp - dom/media/webcodecs/VideoFrame.h - toolkit/components/resistfingerprinting/nsRFPService.cpp Changes: ===================================== dom/base/StructuredCloneHolder.cpp ===================================== @@ -1110,7 +1110,7 @@ JSObject* StructuredCloneHolder::CustomReadHandler( return ClonedErrorHolder::ReadStructuredClone(aCx, aReader, this); } - if (VideoFrame::PrefEnabled() && aTag == SCTAG_DOM_VIDEOFRAME && + if (VideoFrame::PrefEnabled(aCx) && aTag == SCTAG_DOM_VIDEOFRAME && CloneScope() == StructuredCloneScope::SameProcess && aCloneDataPolicy.areIntraClusterClonableSharedObjectsAllowed()) { JS::Rooted<JSObject*> global(aCx, mGlobal->GetGlobalJSObject()); @@ -1250,7 +1250,7 @@ bool StructuredCloneHolder::CustomWriteHandler( } // See if this is a VideoFrame object. - if (VideoFrame::PrefEnabled()) { + if (VideoFrame::PrefEnabled(aCx)) { VideoFrame* videoFrame = nullptr; if (NS_SUCCEEDED(UNWRAP_OBJECT(VideoFrame, &obj, videoFrame))) { SameProcessScopeRequired(aSameProcessScopeRequired); @@ -1446,7 +1446,7 @@ StructuredCloneHolder::CustomReadTransferHandler( aReturnObject); } - if (VideoFrame::PrefEnabled() && aTag == SCTAG_DOM_VIDEOFRAME && + if (VideoFrame::PrefEnabled(aCx) && aTag == SCTAG_DOM_VIDEOFRAME && CloneScope() == StructuredCloneScope::SameProcess && aCloneDataPolicy.areIntraClusterClonableSharedObjectsAllowed()) { MOZ_ASSERT(aContent); @@ -1591,7 +1591,7 @@ StructuredCloneHolder::CustomWriteTransferHandler( return true; } - if (VideoFrame::PrefEnabled()) { + if (VideoFrame::PrefEnabled(aCx)) { VideoFrame* videoFrame = nullptr; rv = UNWRAP_OBJECT(VideoFrame, &obj, videoFrame); if (NS_SUCCEEDED(rv)) { @@ -1758,7 +1758,7 @@ void StructuredCloneHolder::CustomFreeTransferHandler( return; } - if (VideoFrame::PrefEnabled() && aTag == SCTAG_DOM_VIDEOFRAME && + if (aTag == SCTAG_DOM_VIDEOFRAME && CloneScope() == StructuredCloneScope::SameProcess) { if (aContent) { VideoFrame::TransferredData* data = @@ -1767,8 +1767,7 @@ void StructuredCloneHolder::CustomFreeTransferHandler( } return; } - if (StaticPrefs::dom_media_webcodecs_enabled() && - aTag == SCTAG_DOM_AUDIODATA && + if (aTag == SCTAG_DOM_AUDIODATA && CloneScope() == StructuredCloneScope::SameProcess) { if (aContent) { AudioData::TransferredData* data = @@ -1851,7 +1850,7 @@ bool StructuredCloneHolder::CustomCanTransferHandler( } } - if (VideoFrame::PrefEnabled()) { + if (VideoFrame::PrefEnabled(aCx)) { VideoFrame* videoframe = nullptr; nsresult rv = UNWRAP_OBJECT(VideoFrame, &obj, videoframe); if (NS_SUCCEEDED(rv)) { ===================================== dom/media/webcodecs/VideoFrame.h ===================================== @@ -104,7 +104,7 @@ class VideoFrame final : public nsISupports, JSObject* WrapObject(JSContext* aCx, JS::Handle<JSObject*> aGivenProto) override; - static bool PrefEnabled(JSContext* aCx = nullptr, JSObject* aObj = nullptr); + static bool PrefEnabled(JSContext* aCx, JSObject* aObj = nullptr); static already_AddRefed<VideoFrame> Constructor( const GlobalObject& aGlobal, HTMLImageElement& aImageElement, ===================================== toolkit/components/resistfingerprinting/nsRFPService.cpp ===================================== @@ -2708,8 +2708,10 @@ bool nsRFPService::IsWebCodecsRFPTargetEnabled(JSContext* aCx) { // We know that the RFPTarget::WebCodecs is enabled, check if principal // is exempted. - // VideoFrame::PrefEnabled function can be called without a JSContext. - if (!aCx) { + if (NS_WARN_IF(!aCx)) { + MOZ_LOG(gResistFingerprintingLog, LogLevel::Warning, + ("nsRFPService::IsWebCodecsRFPTargetEnabled called with null " + "JSContext")); return true; } View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/a12d7a6… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/a12d7a6… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-140.6.0esr-15.0-1-build4
by Pier Angelo Vendrame (＠pierov) 08 Dec '25

08 Dec '25

Pier Angelo Vendrame pushed new tag tor-browser-140.6.0esr-15.0-1-build4 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.6.0esr-15.0-1] Bug 1977576 - Pass JSContext to VideoFrame::PrefEnabled in more places. r=manuel,chunmin,tjr
by Pier Angelo Vendrame (＠pierov) 08 Dec '25

08 Dec '25

Pier Angelo Vendrame pushed to branch tor-browser-140.6.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 2035d30b by Fatih Kilic at 2025-12-08T11:36:14+01:00 Bug 1977576 - Pass JSContext to VideoFrame::PrefEnabled in more places. r=manuel,chunmin,tjr Differential Revision: https://phabricator.services.mozilla.com/D257488 - - - - - 3 changed files: - dom/base/StructuredCloneHolder.cpp - dom/media/webcodecs/VideoFrame.h - toolkit/components/resistfingerprinting/nsRFPService.cpp Changes: ===================================== dom/base/StructuredCloneHolder.cpp ===================================== @@ -1110,7 +1110,7 @@ JSObject* StructuredCloneHolder::CustomReadHandler( return ClonedErrorHolder::ReadStructuredClone(aCx, aReader, this); } - if (VideoFrame::PrefEnabled() && aTag == SCTAG_DOM_VIDEOFRAME && + if (VideoFrame::PrefEnabled(aCx) && aTag == SCTAG_DOM_VIDEOFRAME && CloneScope() == StructuredCloneScope::SameProcess && aCloneDataPolicy.areIntraClusterClonableSharedObjectsAllowed()) { JS::Rooted<JSObject*> global(aCx, mGlobal->GetGlobalJSObject()); @@ -1250,7 +1250,7 @@ bool StructuredCloneHolder::CustomWriteHandler( } // See if this is a VideoFrame object. - if (VideoFrame::PrefEnabled()) { + if (VideoFrame::PrefEnabled(aCx)) { VideoFrame* videoFrame = nullptr; if (NS_SUCCEEDED(UNWRAP_OBJECT(VideoFrame, &obj, videoFrame))) { SameProcessScopeRequired(aSameProcessScopeRequired); @@ -1446,7 +1446,7 @@ StructuredCloneHolder::CustomReadTransferHandler( aReturnObject); } - if (VideoFrame::PrefEnabled() && aTag == SCTAG_DOM_VIDEOFRAME && + if (VideoFrame::PrefEnabled(aCx) && aTag == SCTAG_DOM_VIDEOFRAME && CloneScope() == StructuredCloneScope::SameProcess && aCloneDataPolicy.areIntraClusterClonableSharedObjectsAllowed()) { MOZ_ASSERT(aContent); @@ -1591,7 +1591,7 @@ StructuredCloneHolder::CustomWriteTransferHandler( return true; } - if (VideoFrame::PrefEnabled()) { + if (VideoFrame::PrefEnabled(aCx)) { VideoFrame* videoFrame = nullptr; rv = UNWRAP_OBJECT(VideoFrame, &obj, videoFrame); if (NS_SUCCEEDED(rv)) { @@ -1758,7 +1758,7 @@ void StructuredCloneHolder::CustomFreeTransferHandler( return; } - if (VideoFrame::PrefEnabled() && aTag == SCTAG_DOM_VIDEOFRAME && + if (aTag == SCTAG_DOM_VIDEOFRAME && CloneScope() == StructuredCloneScope::SameProcess) { if (aContent) { VideoFrame::TransferredData* data = @@ -1767,8 +1767,7 @@ void StructuredCloneHolder::CustomFreeTransferHandler( } return; } - if (StaticPrefs::dom_media_webcodecs_enabled() && - aTag == SCTAG_DOM_AUDIODATA && + if (aTag == SCTAG_DOM_AUDIODATA && CloneScope() == StructuredCloneScope::SameProcess) { if (aContent) { AudioData::TransferredData* data = @@ -1851,7 +1850,7 @@ bool StructuredCloneHolder::CustomCanTransferHandler( } } - if (VideoFrame::PrefEnabled()) { + if (VideoFrame::PrefEnabled(aCx)) { VideoFrame* videoframe = nullptr; nsresult rv = UNWRAP_OBJECT(VideoFrame, &obj, videoframe); if (NS_SUCCEEDED(rv)) { ===================================== dom/media/webcodecs/VideoFrame.h ===================================== @@ -104,7 +104,7 @@ class VideoFrame final : public nsISupports, JSObject* WrapObject(JSContext* aCx, JS::Handle<JSObject*> aGivenProto) override; - static bool PrefEnabled(JSContext* aCx = nullptr, JSObject* aObj = nullptr); + static bool PrefEnabled(JSContext* aCx, JSObject* aObj = nullptr); static already_AddRefed<VideoFrame> Constructor( const GlobalObject& aGlobal, HTMLImageElement& aImageElement, ===================================== toolkit/components/resistfingerprinting/nsRFPService.cpp ===================================== @@ -2715,8 +2715,10 @@ bool nsRFPService::IsWebCodecsRFPTargetEnabled(JSContext* aCx) { // We know that the RFPTarget::WebCodecs is enabled, check if principal // is exempted. - // VideoFrame::PrefEnabled function can be called without a JSContext. - if (!aCx) { + if (NS_WARN_IF(!aCx)) { + MOZ_LOG(gResistFingerprintingLog, LogLevel::Warning, + ("nsRFPService::IsWebCodecsRFPTargetEnabled called with null " + "JSContext")); return true; } View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/2035d30… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/2035d30… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-140.6.0esr-15.0-1] Bug 1995637 - Make sure debugger object gets traced when tracing breakpoints r=iain
by ma1 (＠ma1) 08 Dec '25

08 Dec '25

ma1 pushed to branch mullvad-browser-140.6.0esr-15.0-1 at The Tor Project / Applications / Mullvad Browser Commits: 720da189 by Jon Coppeard at 2025-12-06T15:56:18+01:00 Bug 1995637 - Make sure debugger object gets traced when tracing breakpoints r=iain Breakpoints currently trace |wrappedDebugger| but this doesn't keep |debugger| alive if we have nuked the CCWs. The debugger has a linked list of breakpoints that each breakpoint is part of so we need to make sure it lives at least as long as that. The patch traces the debugger's object even if our CCW to it has been nuked. Differential Revision: https://phabricator.services.mozilla.com/D271062 - - - - - 2 changed files: - js/src/debugger/Debugger.cpp - + js/src/jit-test/tests/debug/bug-1995637.js Changes: ===================================== js/src/debugger/Debugger.cpp ===================================== @@ -454,6 +454,9 @@ Breakpoint::Breakpoint(Debugger* debugger, HandleObject wrappedDebugger, void Breakpoint::trace(JSTracer* trc) { TraceEdge(trc, &wrappedDebugger, "breakpoint owner"); + // Trace the debugger object too in case |wrappedDebugger| got nuked. + TraceCrossCompartmentEdge(trc, wrappedDebugger, &debugger->object, + "breakpoint debugger object"); TraceEdge(trc, &handler, "breakpoint handler"); } ===================================== js/src/jit-test/tests/debug/bug-1995637.js ===================================== @@ -0,0 +1,66 @@ +// |jit-test| error: TypeError +gczeal(9,16); +function F1() { + if (!new.target) { throw 'must be called with new'; } + this.b = null; +} +new F1(); +new F1(); +function f5() {} +new BigUint64Array(3474); +function f14() {} +function f25(a26, a27) { + for (let i30 = 0, i31 = true; i31; i31--) { + function f37() { + function F38() {} + for (let i44 = 0, i45 = SharedArrayBuffer; i45; + (() => { + i45--; + Int8Array.principal = BigUint64Array; + function F50() {} + Int8Array.sameZoneAs = /wp(?:a?)+/imu; + const v54 = this.newGlobal(Int8Array); + const t7 = ({ __proto__: v54 }).Debugger; + const v57 = t7(F50); + const v59 = v57.getNewestFrame(i30, i45, i45, f25, v57).older; + v59.script.setBreakpoint(16, v59); + })()) {} + for (let [i134, i135] = (() => { + for (let i84 = 0, i85 = 10; i85; + (() => { + i85--; + for (let [i102, i103] = (() => { + for (let [i95, i96] = (() => { + new Uint8Array(); + return [0, 10]; + })(); i96; i96--) { + } + return [0, SharedArrayBuffer]; + })(); + i103; i103--) {} + for (let i113 = -4, i114 = 10; i114; i114--) {} + for (let i122 = 4, i123 = 10; i123--, i123; i123--) { + i123++; + } + })()) {} + return [0, SharedArrayBuffer]; + })(); + i135; i135--) { } + for (let i143 = 0, i144 = 10; i144; i144--) {} + } + f37.apply(); + } + for (let i153 = 0, i154 = 10; i154; i154--) {} + function F160(a162, a163) { + if (!new.target) { throw 'must be called with new'; } + this.c = a27; + this.h = a162; + } + new F160(234, a27); + const v167 = this.nukeAllCCWs(); + for (let i170 = 0, i171 = 10; i171; i171--) {} + try { + f25(); + } catch(e178) {} +} +f25(f25, f25); View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/720… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/720… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag tbb-13.5.26-build1
by ma1 (＠ma1) 08 Dec '25

08 Dec '25

ma1 pushed new tag tbb-13.5.26-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/tbb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-13.5] Bug 41645: Prepare Tor Browser 13.5.26
by ma1 (＠ma1) 08 Dec '25

08 Dec '25

ma1 pushed to branch maint-13.5 at The Tor Project / Applications / tor-browser-build Commits: cfd8ad6e by hackademix at 2025-12-08T08:55:23+01:00 Bug 41645: Prepare Tor Browser 13.5.26 - - - - - 7 changed files: - projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt - projects/browser/config - projects/firefox/config - projects/tor/config - projects/translation/config - rbm.conf - tools/fetch_changelogs.py Changes: ===================================== projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt ===================================== @@ -1,3 +1,28 @@ +Tor Browser 13.5.26 - December 09 2025 + * All Platforms + * Updated Firefox to 115.31.0esr + * Updated NoScript to 13.5.2.1984 + * Updated Tor to 0.4.8.21 + * Bug 22974: Self-host NoScript Updates [tor-browser] + * Bug 44391: Restrictions cascade blocks every capability in subframes (e.g. captchas) [tor-browser] + * Bug 44397: Rebase Tor Browser legacy onto 115.31.0esr [tor-browser] + * Bug 44409: Backport Security Fixes from Firefox 146 [tor-browser] + * Build System + * All Platforms + * Bug 41644: Self-hosted browser extensions support in relprep.py [tor-browser-build] + +Tor Browser 13.5.26 - December 09 2025 + * All Platforms + * Updated Firefox to 115.31.0esr + * Updated NoScript to 13.5.2.1984 + * Updated Tor to 0.4.8.21 + * Bug 22974: Self-host NoScript Updates [tor-browser] + * Bug 44397: Rebase Tor Browser legacy onto 115.31.0esr [tor-browser] + * Bug 44409: Backport Security Fixes from Firefox 146 [tor-browser] + * Build System + * All Platforms + * Bug 41644: Self-hosted browser extensions support in relprep.py [tor-browser-build] + Tor Browser 13.5.25 - November 13 2025 * All Platforms * Updated Tor to 0.4.8.20 ===================================== projects/browser/config ===================================== @@ -103,9 +103,9 @@ input_files: enable: '[% ! c("var/android") %]' - filename: Bundle-Data enable: '[% ! c("var/android") %]' - - URL: https://addons.mozilla.org/firefox/downloads/file/4609561/noscript-13.4.xpi + - URL: https://dist.torproject.org/torbrowser/noscript/noscript-13.5.2.1984.xpi name: noscript - sha256sum: 9496d2bc785f2b6dff36a3d6f60fa1a70d7b9a1895bc738c30387c94cd945168 + sha256sum: 4579c70b69e3198ea0bf064f9912b9341696b9ad4ed177cb19994208872425fd - URL: https://addons.mozilla.org/firefox/downloads/file/4359936/ublock_origin-1.6… name: ublock-origin sha256sum: e2cda9b2a1b0a7f6e5ef0da9f87f28df52f8560587ba2e51a3003121cfb81600 ===================================== projects/firefox/config ===================================== @@ -16,12 +16,12 @@ container: use_container: 1 var: - firefox_platform_version: 115.30.0 + firefox_platform_version: 115.31.0 firefox_version: '[% c("var/firefox_platform_version") %]esr' browser_series: '13.5' browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' - browser_build: 3 + browser_build: 2 branding_directory_prefix: 'tb' copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-[% c("var/osname") %]' ===================================== projects/tor/config ===================================== @@ -1,6 +1,6 @@ # vim: filetype=yaml sw=2 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' -version: 0.4.8.20 +version: 0.4.8.21 git_hash: 'tor-[% c("version") %]' git_url: https://gitlab.torproject.org/tpo/core/tor.git git_submodule: 1 ===================================== projects/translation/config ===================================== @@ -12,13 +12,13 @@ compress_tar: 'gz' steps: base-browser: base-browser: '[% INCLUDE build %]' - git_hash: df313475cfd9eba31009edca530803dd991264d7 + git_hash: d366318349af0977ff23b492fa87e436e8672fdd targets: nightly: git_hash: 'base-browser' tor-browser: tor-browser: '[% INCLUDE build %]' - git_hash: 4fcb19da2c6b62bdd96828172162bea89ee3231e + git_hash: 45b67d3be52f79e8a4b361fd04ab12f342ab0016 targets: nightly: git_hash: 'tor-browser' ===================================== rbm.conf ===================================== @@ -73,11 +73,11 @@ buildconf: git_signtag_opt: '-s' var: - torbrowser_version: '13.5.25' + torbrowser_version: '13.5.26' torbrowser_build: 'build1' # This should be the date of when the build is started. For the build # to be reproducible, browser_release_date should always be in the past. - browser_release_date: '2025/11/12 11:00:00' + browser_release_date: '2025/12/07 18:15:20' browser_release_date_timestamp: '[% USE date; date.format(c("var/browser_release_date"), "%s") %]' browser_platforms: # is_android_release and is_desktop_release are used to quickly @@ -115,9 +115,9 @@ var: updater_enabled: 1 build_mar: 1 torbrowser_incremental_from: + - 13.5.25 - 13.5.24 - 13.5.23 - - 13.5.22 mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]' # By default, we sort the list of installed packages. This allows sharing ===================================== tools/fetch_changelogs.py ===================================== @@ -271,7 +271,6 @@ class ChangelogBuilder: if not self.is_mullvad: names.update( { - "GeckoView": "firefox", "Tor": "tor", "OpenSSL": "openssl", "zlib": "zlib", View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/c… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/c… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-140.6.0esr-15.0-1-build3
by Pier Angelo Vendrame (＠pierov) 08 Dec '25

08 Dec '25

Pier Angelo Vendrame pushed new tag tor-browser-140.6.0esr-15.0-1-build3 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-146.0a1-16.0-1] fixup! [android] Modify add-on support
by Pier Angelo Vendrame (＠pierov) 08 Dec '25

08 Dec '25

Pier Angelo Vendrame pushed to branch tor-browser-146.0a1-16.0-1 at The Tor Project / Applications / Tor Browser Commits: ec44cc24 by clairehurst at 2025-12-08T08:52:23+01:00 fixup! [android] Modify add-on support - - - - - 2 changed files: - mobile/android/fenix/app/src/main/java/org/mozilla/fenix/FenixApplication.kt - mobile/android/fenix/app/src/main/java/org/mozilla/fenix/components/TorBrowserFeatures.kt Changes: ===================================== mobile/android/fenix/app/src/main/java/org/mozilla/fenix/FenixApplication.kt ===================================== @@ -112,6 +112,7 @@ import org.mozilla.fenix.session.VisibilityLifecycleCallback import org.mozilla.fenix.settings.doh.DefaultDohSettingsProvider import org.mozilla.fenix.settings.doh.DohSettingsProvider import org.mozilla.fenix.startupCrash.StartupCrashActivity +import org.mozilla.fenix.tor.RunOnceBootstrapped import org.mozilla.fenix.utils.Settings import org.mozilla.fenix.utils.isLargeScreenSize import org.mozilla.fenix.wallpapers.Wallpaper @@ -700,8 +701,13 @@ open class FenixApplication : LocaleAwareApplication(), Provider { components.useCases.tabsUseCases.selectTab(sessionId) }, onExtensionsLoaded = { extensions -> - components.addonUpdater.registerForFutureUpdates(extensions) - subscribeForNewAddonsIfNeeded(components.supportedAddonsChecker, extensions) + // Delay until bootstrap is finished so that it will actually update tor-browser#44303 + components.torController.registerRunOnceBootstrapped(object : RunOnceBootstrapped { + override fun onBootstrapped() { + components.addonUpdater.registerForFutureUpdates(extensions) + subscribeForNewAddonsIfNeeded(components.supportedAddonsChecker, extensions) + } + }) // Bug 1948634 - Make sure the webcompat-reporter extension is fully uninstalled. // This is added here because we need gecko to load the extension first. ===================================== mobile/android/fenix/app/src/main/java/org/mozilla/fenix/components/TorBrowserFeatures.kt ===================================== @@ -18,9 +18,7 @@ import mozilla.components.concept.engine.webextension.WebExtension import mozilla.components.concept.engine.webextension.WebExtensionRuntime import mozilla.components.support.webextensions.WebExtensionSupport import mozilla.components.support.base.log.logger.Logger -import org.mozilla.fenix.ext.components import org.mozilla.fenix.ext.settings -import org.mozilla.fenix.tor.RunOnceBootstrapped object TorBrowserFeatures { private val logger = Logger("torbrowser-features") @@ -133,26 +131,5 @@ object TorBrowserFeatures { } ) } - - /** - * Enable automatic updates for NoScript and, if we've not done it yet, force a - * one-time immediate update check, in order to upgrade old profiles and ensure we've got - * the latest stable AMO version available on first startup. - * We will do it as soon as the Tor is connected, to prevent early addonUpdater activation - * causing automatic update checks failures (components.addonUpdater being a lazy prop). - * The extension, from then on, should behave as if the user had installed it manually. - */ - context.components.torController.registerRunOnceBootstrapped(object : RunOnceBootstrapped { - override fun onBootstrapped() { - // Enable automatic updates. This must be done on every startup (tor-browser#42353) - context.components.addonUpdater.registerForFutureUpdates(NOSCRIPT_ID) - // Force an immediate update check for older installations - // and as belt-and-suspenders if scheduled updates fail (tor-browser#44293) - context.components.addonUpdater.update(NOSCRIPT_ID) - settings.noscriptUpdated = 2 - } - }) } - - } View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/ec44cc2… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/ec44cc2… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.6.0esr-15.0-1] fixup! [android] Modify add-on support
by Pier Angelo Vendrame (＠pierov) 08 Dec '25

08 Dec '25

Pier Angelo Vendrame pushed to branch tor-browser-140.6.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: df2eda19 by clairehurst at 2025-12-08T08:40:39+01:00 fixup! [android] Modify add-on support - - - - - 2 changed files: - mobile/android/fenix/app/src/main/java/org/mozilla/fenix/FenixApplication.kt - mobile/android/fenix/app/src/main/java/org/mozilla/fenix/components/TorBrowserFeatures.kt Changes: ===================================== mobile/android/fenix/app/src/main/java/org/mozilla/fenix/FenixApplication.kt ===================================== @@ -112,6 +112,7 @@ import org.mozilla.fenix.push.PushFxaIntegration import org.mozilla.fenix.push.WebPushEngineIntegration import org.mozilla.fenix.session.PerformanceActivityLifecycleCallbacks import org.mozilla.fenix.session.VisibilityLifecycleCallback +import org.mozilla.fenix.tor.RunOnceBootstrapped import org.mozilla.fenix.utils.Settings import org.mozilla.fenix.utils.isLargeScreenSize import org.mozilla.fenix.wallpapers.Wallpaper @@ -697,9 +698,13 @@ open class FenixApplication : LocaleAwareApplication(), Provider { components.useCases.tabsUseCases.selectTab(sessionId) }, onExtensionsLoaded = { extensions -> - components.addonUpdater.registerForFutureUpdates(extensions) - subscribeForNewAddonsIfNeeded(components.supportedAddonsChecker, extensions) - + // Delay until bootstrap is finished so that it will actually update tor-browser#44303 + components.torController.registerRunOnceBootstrapped(object : RunOnceBootstrapped { + override fun onBootstrapped() { + components.addonUpdater.registerForFutureUpdates(extensions) + subscribeForNewAddonsIfNeeded(components.supportedAddonsChecker, extensions) + } + }) // Bug 1948634 - Make sure the webcompat-reporter extension is fully uninstalled. // This is added here because we need gecko to load the extension first. // ===================================== mobile/android/fenix/app/src/main/java/org/mozilla/fenix/components/TorBrowserFeatures.kt ===================================== @@ -18,9 +18,7 @@ import mozilla.components.concept.engine.webextension.WebExtension import mozilla.components.concept.engine.webextension.WebExtensionRuntime import mozilla.components.support.webextensions.WebExtensionSupport import mozilla.components.support.base.log.logger.Logger -import org.mozilla.fenix.ext.components import org.mozilla.fenix.ext.settings -import org.mozilla.fenix.tor.RunOnceBootstrapped object TorBrowserFeatures { private val logger = Logger("torbrowser-features") @@ -133,26 +131,5 @@ object TorBrowserFeatures { } ) } - - /** - * Enable automatic updates for NoScript and, if we've not done it yet, force a - * one-time immediate update check, in order to upgrade old profiles and ensure we've got - * the latest stable AMO version available on first startup. - * We will do it as soon as the Tor is connected, to prevent early addonUpdater activation - * causing automatic update checks failures (components.addonUpdater being a lazy prop). - * The extension, from then on, should behave as if the user had installed it manually. - */ - context.components.torController.registerRunOnceBootstrapped(object : RunOnceBootstrapped { - override fun onBootstrapped() { - // Enable automatic updates. This must be done on every startup (tor-browser#42353) - context.components.addonUpdater.registerForFutureUpdates(NOSCRIPT_ID) - // Force an immediate update check for older installations - // and as belt-and-suspenders if scheduled updates fail (tor-browser#44293) - context.components.addonUpdater.update(NOSCRIPT_ID) - settings.noscriptUpdated = 2 - } - }) } - - } View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/df2eda1… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/df2eda1… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new tag mullvad-browser-140.6.0esr-15.0-1-build2
by ma1 (＠ma1) 06 Dec '25

06 Dec '25

ma1 pushed new tag mullvad-browser-140.6.0esr-15.0-1-build2 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new tag mullvad-browser-140.6.0esr-15.0-1-build1
by ma1 (＠ma1) 06 Dec '25

06 Dec '25

ma1 pushed new tag mullvad-browser-140.6.0esr-15.0-1-build1 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.6.0esr-15.0-1] Bug 1995637 - Make sure debugger object gets traced when tracing breakpoints r=iain
by ma1 (＠ma1) 06 Dec '25

06 Dec '25

ma1 pushed to branch tor-browser-140.6.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: c483e297 by Jon Coppeard at 2025-12-05T21:55:37+01:00 Bug 1995637 - Make sure debugger object gets traced when tracing breakpoints r=iain Breakpoints currently trace |wrappedDebugger| but this doesn't keep |debugger| alive if we have nuked the CCWs. The debugger has a linked list of breakpoints that each breakpoint is part of so we need to make sure it lives at least as long as that. The patch traces the debugger's object even if our CCW to it has been nuked. Differential Revision: https://phabricator.services.mozilla.com/D271062 - - - - - 2 changed files: - js/src/debugger/Debugger.cpp - + js/src/jit-test/tests/debug/bug-1995637.js Changes: ===================================== js/src/debugger/Debugger.cpp ===================================== @@ -454,6 +454,9 @@ Breakpoint::Breakpoint(Debugger* debugger, HandleObject wrappedDebugger, void Breakpoint::trace(JSTracer* trc) { TraceEdge(trc, &wrappedDebugger, "breakpoint owner"); + // Trace the debugger object too in case |wrappedDebugger| got nuked. + TraceCrossCompartmentEdge(trc, wrappedDebugger, &debugger->object, + "breakpoint debugger object"); TraceEdge(trc, &handler, "breakpoint handler"); } ===================================== js/src/jit-test/tests/debug/bug-1995637.js ===================================== @@ -0,0 +1,66 @@ +// |jit-test| error: TypeError +gczeal(9,16); +function F1() { + if (!new.target) { throw 'must be called with new'; } + this.b = null; +} +new F1(); +new F1(); +function f5() {} +new BigUint64Array(3474); +function f14() {} +function f25(a26, a27) { + for (let i30 = 0, i31 = true; i31; i31--) { + function f37() { + function F38() {} + for (let i44 = 0, i45 = SharedArrayBuffer; i45; + (() => { + i45--; + Int8Array.principal = BigUint64Array; + function F50() {} + Int8Array.sameZoneAs = /wp(?:a?)+/imu; + const v54 = this.newGlobal(Int8Array); + const t7 = ({ __proto__: v54 }).Debugger; + const v57 = t7(F50); + const v59 = v57.getNewestFrame(i30, i45, i45, f25, v57).older; + v59.script.setBreakpoint(16, v59); + })()) {} + for (let [i134, i135] = (() => { + for (let i84 = 0, i85 = 10; i85; + (() => { + i85--; + for (let [i102, i103] = (() => { + for (let [i95, i96] = (() => { + new Uint8Array(); + return [0, 10]; + })(); i96; i96--) { + } + return [0, SharedArrayBuffer]; + })(); + i103; i103--) {} + for (let i113 = -4, i114 = 10; i114; i114--) {} + for (let i122 = 4, i123 = 10; i123--, i123; i123--) { + i123++; + } + })()) {} + return [0, SharedArrayBuffer]; + })(); + i135; i135--) { } + for (let i143 = 0, i144 = 10; i144; i144--) {} + } + f37.apply(); + } + for (let i153 = 0, i154 = 10; i154; i154--) {} + function F160(a162, a163) { + if (!new.target) { throw 'must be called with new'; } + this.c = a27; + this.h = a162; + } + new F160(234, a27); + const v167 = this.nukeAllCCWs(); + for (let i170 = 0, i171 = 10; i171; i171--) {} + try { + f25(); + } catch(e178) {} +} +f25(f25, f25); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/c483e29… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/c483e29… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-140.6.0esr-15.0-1-build2
by ma1 (＠ma1) 06 Dec '25

06 Dec '25

ma1 pushed new tag tor-browser-140.6.0esr-15.0-1-build2 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-115.31.0esr-13.5-1-build2
by ma1 (＠ma1) 06 Dec '25

06 Dec '25

ma1 pushed new tag tor-browser-115.31.0esr-13.5-1-build2 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-115.31.0esr-13.5-1-build1
by ma1 (＠ma1) 06 Dec '25

06 Dec '25

ma1 pushed new tag tor-browser-115.31.0esr-13.5-1-build1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.31.0esr-13.5-1] 2 commits: Bug 1995637 - Make sure debugger object gets traced when tracing breakpoints r=iain
by ma1 (＠ma1) 06 Dec '25

06 Dec '25

ma1 pushed to branch tor-browser-115.31.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 61cd2d08 by Jon Coppeard at 2025-12-05T21:53:31+01:00 Bug 1995637 - Make sure debugger object gets traced when tracing breakpoints r=iain Breakpoints currently trace |wrappedDebugger| but this doesn't keep |debugger| alive if we have nuked the CCWs. The debugger has a linked list of breakpoints that each breakpoint is part of so we need to make sure it lives at least as long as that. The patch traces the debugger's object even if our CCW to it has been nuked. Differential Revision: https://phabricator.services.mozilla.com/D271062 - - - - - 274abcbe by moz-mdauer at 2025-12-05T22:07:49+01:00 Bug 1997639 - Set error on early returns, a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D270900 Differential Revision: https://phabricator.services.mozilla.com/D273984 - - - - - 3 changed files: - dom/webtransport/api/WebTransport.cpp - js/src/debugger/Debugger.cpp - + js/src/jit-test/tests/debug/bug-1995637.js Changes: ===================================== dom/webtransport/api/WebTransport.cpp ===================================== @@ -258,6 +258,7 @@ void WebTransport::Init(const GlobalObject& aGlobal, const nsAString& aURL, PBackgroundChild* backgroundChild = BackgroundChild::GetOrCreateForCurrentThread(); if (NS_WARN_IF(!backgroundChild)) { + aError.Throw(NS_ERROR_FAILURE); return; } @@ -276,11 +277,13 @@ void WebTransport::Init(const GlobalObject& aGlobal, const nsAString& aURL, RefPtr<WebTransportChild> child = new WebTransportChild(this); if (NS_IsMainThread()) { if (!childEndpoint.Bind(child)) { + aError.Throw(NS_ERROR_FAILURE); return; } } else { if (!childEndpoint.Bind(child, mGlobal->EventTargetFor(TaskCategory::Other))) { + aError.Throw(NS_ERROR_FAILURE); return; } } ===================================== js/src/debugger/Debugger.cpp ===================================== @@ -446,6 +446,9 @@ Breakpoint::Breakpoint(Debugger* debugger, HandleObject wrappedDebugger, void Breakpoint::trace(JSTracer* trc) { TraceEdge(trc, &wrappedDebugger, "breakpoint owner"); + // Trace the debugger object too in case |wrappedDebugger| got nuked. + TraceCrossCompartmentEdge(trc, wrappedDebugger, &debugger->object, + "breakpoint debugger object"); TraceEdge(trc, &handler, "breakpoint handler"); } ===================================== js/src/jit-test/tests/debug/bug-1995637.js ===================================== @@ -0,0 +1,66 @@ +// |jit-test| error: TypeError +gczeal(9,16); +function F1() { + if (!new.target) { throw 'must be called with new'; } + this.b = null; +} +new F1(); +new F1(); +function f5() {} +new BigUint64Array(3474); +function f14() {} +function f25(a26, a27) { + for (let i30 = 0, i31 = true; i31; i31--) { + function f37() { + function F38() {} + for (let i44 = 0, i45 = SharedArrayBuffer; i45; + (() => { + i45--; + Int8Array.principal = BigUint64Array; + function F50() {} + Int8Array.sameZoneAs = /wp(?:a?)+/imu; + const v54 = this.newGlobal(Int8Array); + const t7 = ({ __proto__: v54 }).Debugger; + const v57 = t7(F50); + const v59 = v57.getNewestFrame(i30, i45, i45, f25, v57).older; + v59.script.setBreakpoint(16, v59); + })()) {} + for (let [i134, i135] = (() => { + for (let i84 = 0, i85 = 10; i85; + (() => { + i85--; + for (let [i102, i103] = (() => { + for (let [i95, i96] = (() => { + new Uint8Array(); + return [0, 10]; + })(); i96; i96--) { + } + return [0, SharedArrayBuffer]; + })(); + i103; i103--) {} + for (let i113 = -4, i114 = 10; i114; i114--) {} + for (let i122 = 4, i123 = 10; i123--, i123; i123--) { + i123++; + } + })()) {} + return [0, SharedArrayBuffer]; + })(); + i135; i135--) { } + for (let i143 = 0, i144 = 10; i144; i144--) {} + } + f37.apply(); + } + for (let i153 = 0, i154 = 10; i154; i154--) {} + function F160(a162, a163) { + if (!new.target) { throw 'must be called with new'; } + this.c = a27; + this.h = a162; + } + new F160(234, a27); + const v167 = this.nukeAllCCWs(); + for (let i170 = 0, i171 = 10; i171; i171--) {} + try { + f25(); + } catch(e178) {} +} +f25(f25, f25); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/2bbc0a… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/2bbc0a… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-140.6.0esr-15.0-1] 28 commits: Add CI for Mullvad Browser
by ma1 (＠ma1) 05 Dec '25

05 Dec '25

ma1 pushed to branch mullvad-browser-140.6.0esr-15.0-1 at The Tor Project / Applications / Mullvad Browser Commits: 5a79ba92 by Henry Wilkes at 2025-12-05T12:40:22+01:00 Add CI for Mullvad Browser - - - - - a949d7ba by Pier Angelo Vendrame at 2025-12-05T12:40:35+01:00 MB 38: Mullvad Browser configuration - - - - - 47da4df5 by Pier Angelo Vendrame at 2025-12-05T12:40:42+01:00 MB 1: Mullvad Browser branding See also: mullvad-browser#5: Product name and directory customization mullvad-browser#12: Create new branding directories and integrate Mullvad icons+branding mullvad-browser#14: Remove Default Built-in bookmarks mullvad-browser#35: Add custom PDF icons for Windows builds mullvad-browser#48: Replace Mozilla copyright and legal trademarks in mullvadbrowser.exe metadata mullvad-browser#51: Update trademark string mullvad-browser#104: Update shipped dll metadata copyright/licensing info mullvad-browser#107: Add alpha and nightly icons - - - - - b93d2cd3 by Henry Wilkes at 2025-12-05T12:40:48+01:00 Mullvad Browser strings This commit adds strings needed by the following Mullvad Browser patches. - - - - - 01db74c1 by Pier Angelo Vendrame at 2025-12-05T12:40:55+01:00 MB 20: Allow packaged-addons in PBM. We install a few addons from the distribution directory, but they are not automatically enabled for PBM mode. This commit modifies the code that installs them to also add the PBM permission to the known ones. - - - - - 3b18e41d by Pier Angelo Vendrame at 2025-12-05T12:41:01+01:00 MB 63: Customize some about pages for Mullvad Browser Also: mullvad-browser#57: Purge unneeded about: pages - - - - - a5c9afca by Pier Angelo Vendrame at 2025-12-05T12:41:07+01:00 MB 37: Customization for the about dialog - - - - - 19c00a08 by Henry Wilkes at 2025-12-05T12:41:13+01:00 MB 39: Add home page about:mullvad-browser - - - - - fb721755 by Henry Wilkes at 2025-12-05T12:41:19+01:00 fixup! MB 39: Add home page about:mullvad-browser MB 486: Delay the update data for preloaded about:mullvad-browser pages. - - - - - e4c7a7e6 by hackademix at 2025-12-05T12:41:26+01:00 MB 97: Remove UI cues to install new extensions. - - - - - ac79d4f7 by hackademix at 2025-12-05T12:41:32+01:00 MB 47: uBlock Origin customization - - - - - f41586a6 by Pier Angelo Vendrame at 2025-12-05T12:41:38+01:00 MB 21: Disable the password manager This commit disables the about:login page and removes the "Login and Password" section of about:preferences. We do not do anything to the real password manager of Firefox, that is in toolkit: it contains C++ parts that make it difficult to actually prevent it from being built.. Finally, we modify the the function that opens about:login to report an error in the console so that we can quickly get a backtrace to the code that tries to use it. - - - - - 7d084e7f by Pier Angelo Vendrame at 2025-12-05T12:41:44+01:00 MB 112: Updater customization for Mullvad Browser MB 71: Set the updater base URL to Mullvad domain - - - - - e5ed8228 by Nicolas Vigier at 2025-12-05T12:41:51+01:00 MB 79: Add Mullvad Browser MAR signing keys MB 256: Add mullvad-browser nightly mar signing key - - - - - 3234ba0c by Pier Angelo Vendrame at 2025-12-05T12:41:57+01:00 MB 34: Hide unsafe and unwanted preferences UI about:preferences allow to override some of our defaults, that could be fingeprintable or have some other unwanted consequences. - - - - - d47f1544 by Pier Angelo Vendrame at 2025-12-05T12:42:04+01:00 MB 160: Disable the cookie exceptions button Besides disabling the "Delete on close checkbox", disable also the "Manage Exceptions" button when always using PBM. - - - - - 6d9e1869 by hackademix at 2025-12-05T12:42:10+01:00 MB 163: prevent uBlock Origin from being uninstalled/disabled - - - - - d7f99233 by Pier Angelo Vendrame at 2025-12-05T12:42:23+01:00 MB 188: Customize Gitlab Issue and Merge templates - - - - - 8930e44c by Pier Angelo Vendrame at 2025-12-05T12:47:06+01:00 MB 213: Customize the search engines list. MB 483: Ship DDG without AI as a bundled search engine. MB 487: Use custom order for search engines. - - - - - 5f427849 by Pier Angelo Vendrame at 2025-12-05T12:47:45+01:00 fixup! MB 213: Customize the search engines list. MB 487: Use custom order for search engines. - - - - - e7757ff8 by Henry Wilkes at 2025-12-05T12:47:52+01:00 fixup! MB 213: Customize the search engines list. MB 488: Drop Mullvad Leta search engine. - - - - - a8962094 by hackademix at 2025-12-05T12:47:58+01:00 MB 214: Enable cross-tab identity leak protection in "quiet" mode - - - - - dec5b4fe by Pier Angelo Vendrame at 2025-12-05T12:48:04+01:00 MB 80: Enable Mullvad Browser as a default browser - - - - - e3a0e7a3 by Pier Angelo Vendrame at 2025-12-05T12:48:10+01:00 MB 320: Temporarily disable WebRTC and WDBA on Windows. WebRTC should be re-enabled when tor-browser#42758 is resolved, and and the default browser agent when in general we make this feature work again. - - - - - 460d277e by Henry Wilkes at 2025-12-05T12:48:17+01:00 MB 329: Customize toolbar for mullvad-browser. - - - - - 1f02b452 by Henry Wilkes at 2025-12-05T12:48:23+01:00 MB 419: Mullvad Browser migration procedures. This commit implements the the Mullvad Browser's version of _migrateUI. - - - - - 0d161d65 by Henry Wilkes at 2025-12-05T12:48:29+01:00 MB 488: Adjust search engine removal notification for Mullvad Leta. - - - - - 75462035 by Pier Angelo Vendrame at 2025-12-05T12:48:35+01:00 fixup! Firefox preference overrides. BB 44396: Fix the name of CJK fonts in font lists. - - - - - 253 changed files: - .gitlab/ci/jobs/update-translations.yml - .gitlab/issue_templates/000 Bug Report.md - .gitlab/issue_templates/010 Proposal.md - .gitlab/issue_templates/020 Web Compatibility.md - .gitlab/issue_templates/030 Test.md - .gitlab/issue_templates/040 Feature.md - .gitlab/issue_templates/060 Rebase - Alpha.md - .gitlab/issue_templates/061 Rebase - Stable.md - .gitlab/issue_templates/063 Rebase - Rapid.md - .gitlab/issue_templates/090 Emergency Security Issue.md - .gitlab/merge_request_templates/Default.md - + .gitlab/merge_request_templates/Rebase.md - browser/app/Makefile.in - browser/app/macbuild/Contents/Info.plist.in - browser/app/module.ver - browser/app/firefox.exe.manifest → browser/app/mullvadbrowser.exe.manifest - + browser/app/profile/000-mullvad-browser.js - browser/app/profile/001-base-profile.js - browser/base/content/aboutDialog.xhtml - browser/base/content/appmenu-viewcache.inc.xhtml - browser/base/content/browser-menubar.inc - browser/base/content/browser-places.js - browser/base/content/browser.js - browser/base/content/default-bookmarks.html - browser/base/content/nsContextMenu.sys.mjs - browser/base/content/overrides/app-license.html - browser/base/content/pageinfo/pageInfo.xhtml - browser/base/content/utilityOverlay.js - browser/branding/branding-common.mozbuild - + browser/branding/mb-alpha/VisualElements_150.png - + browser/branding/mb-alpha/VisualElements_70.png - + browser/branding/mb-alpha/configure.sh - + browser/branding/mb-alpha/content/about-logo.png - + browser/branding/mb-alpha/content/about-logo.svg - + browser/branding/mb-alpha/content/about-logo(a)2x.png - + browser/branding/mb-alpha/content/about-wordmark.svg - + browser/branding/mb-alpha/content/about.png - + browser/branding/mb-alpha/content/aboutDialog.css - + browser/branding/mb-alpha/content/document_pdf.svg - + browser/branding/mb-alpha/content/firefox-wordmark.svg - + browser/branding/mb-alpha/content/icon128.png - + browser/branding/mb-alpha/content/icon16.png - + browser/branding/mb-alpha/content/icon256.png - + browser/branding/mb-alpha/content/icon32.png - + browser/branding/mb-alpha/content/icon48.png - + browser/branding/mb-alpha/content/icon64.png - + browser/branding/mb-alpha/content/jar.mn - + browser/branding/mb-alpha/content/moz.build - + browser/branding/mb-alpha/content/mullvad-branding.css - + browser/branding/mb-alpha/default128.png - + browser/branding/mb-alpha/default16.png - + browser/branding/mb-alpha/default22.png - + browser/branding/mb-alpha/default24.png - + browser/branding/mb-alpha/default256.png - + browser/branding/mb-alpha/default32.png - + browser/branding/mb-alpha/default48.png - + browser/branding/mb-alpha/default64.png - + browser/branding/mb-alpha/document.icns - + browser/branding/mb-alpha/document.ico - + browser/branding/mb-alpha/document_pdf.ico - + browser/branding/mb-alpha/firefox.icns - + browser/branding/mb-alpha/firefox.ico - + browser/branding/mb-alpha/firefox.svg - + browser/branding/mb-alpha/locales/en-US/brand.ftl - + browser/branding/mb-alpha/locales/en-US/brand.properties - + browser/branding/mb-alpha/locales/jar.mn - + browser/branding/mb-alpha/locales/moz.build - + browser/branding/mb-alpha/locales/mullvad-about-wordmark-en.ftl - + browser/branding/mb-alpha/moz.build - + browser/branding/mb-alpha/mullvadbrowser.VisualElementsManifest.xml - + browser/branding/mb-alpha/newtab.ico - + browser/branding/mb-alpha/newwindow.ico - + browser/branding/mb-alpha/pbmode.ico - + browser/branding/mb-alpha/pref/firefox-branding.js - + browser/branding/mb-nightly/VisualElements_150.png - + browser/branding/mb-nightly/VisualElements_70.png - + browser/branding/mb-nightly/configure.sh - + browser/branding/mb-nightly/content/about-logo.png - + browser/branding/mb-nightly/content/about-logo.svg - + browser/branding/mb-nightly/content/about-logo(a)2x.png - + browser/branding/mb-nightly/content/about-wordmark.svg - + browser/branding/mb-nightly/content/about.png - + browser/branding/mb-nightly/content/aboutDialog.css - + browser/branding/mb-nightly/content/document_pdf.svg - + browser/branding/mb-nightly/content/firefox-wordmark.svg - + browser/branding/mb-nightly/content/icon128.png - + browser/branding/mb-nightly/content/icon16.png - + browser/branding/mb-nightly/content/icon256.png - + browser/branding/mb-nightly/content/icon32.png - + browser/branding/mb-nightly/content/icon48.png - + browser/branding/mb-nightly/content/icon64.png - + browser/branding/mb-nightly/content/jar.mn - + browser/branding/mb-nightly/content/moz.build - + browser/branding/mb-nightly/content/mullvad-branding.css - + browser/branding/mb-nightly/default128.png - + browser/branding/mb-nightly/default16.png - + browser/branding/mb-nightly/default22.png - + browser/branding/mb-nightly/default24.png - + browser/branding/mb-nightly/default256.png - + browser/branding/mb-nightly/default32.png - + browser/branding/mb-nightly/default48.png - + browser/branding/mb-nightly/default64.png - + browser/branding/mb-nightly/document.icns - + browser/branding/mb-nightly/document.ico - + browser/branding/mb-nightly/document_pdf.ico - + browser/branding/mb-nightly/firefox.icns - + browser/branding/mb-nightly/firefox.ico - + browser/branding/mb-nightly/firefox.svg - + browser/branding/mb-nightly/locales/en-US/brand.ftl - + browser/branding/mb-nightly/locales/en-US/brand.properties - + browser/branding/mb-nightly/locales/jar.mn - + browser/branding/mb-nightly/locales/moz.build - + browser/branding/mb-nightly/locales/mullvad-about-wordmark-en.ftl - + browser/branding/mb-nightly/moz.build - + browser/branding/mb-nightly/mullvadbrowser.VisualElementsManifest.xml - + browser/branding/mb-nightly/newtab.ico - + browser/branding/mb-nightly/newwindow.ico - + browser/branding/mb-nightly/pbmode.ico - + browser/branding/mb-nightly/pref/firefox-branding.js - + browser/branding/mb-release/VisualElements_150.png - + browser/branding/mb-release/VisualElements_70.png - + browser/branding/mb-release/configure.sh - + browser/branding/mb-release/content/about-logo.png - + browser/branding/mb-release/content/about-logo.svg - + browser/branding/mb-release/content/about-logo(a)2x.png - + browser/branding/mb-release/content/about-wordmark.svg - + browser/branding/mb-release/content/about.png - + browser/branding/mb-release/content/aboutDialog.css - + browser/branding/mb-release/content/document_pdf.svg - + browser/branding/mb-release/content/firefox-wordmark.svg - + browser/branding/mb-release/content/icon128.png - + browser/branding/mb-release/content/icon16.png - + browser/branding/mb-release/content/icon256.png - + browser/branding/mb-release/content/icon32.png - + browser/branding/mb-release/content/icon48.png - + browser/branding/mb-release/content/icon64.png - + browser/branding/mb-release/content/jar.mn - + browser/branding/mb-release/content/moz.build - + browser/branding/mb-release/content/mullvad-branding.css - + browser/branding/mb-release/default128.png - + browser/branding/mb-release/default16.png - + browser/branding/mb-release/default22.png - + browser/branding/mb-release/default24.png - + browser/branding/mb-release/default256.png - + browser/branding/mb-release/default32.png - + browser/branding/mb-release/default48.png - + browser/branding/mb-release/default64.png - + browser/branding/mb-release/document.icns - + browser/branding/mb-release/document.ico - + browser/branding/mb-release/document_pdf.ico - + browser/branding/mb-release/firefox.icns - + browser/branding/mb-release/firefox.ico - + browser/branding/mb-release/firefox.svg - + browser/branding/mb-release/locales/en-US/brand.ftl - + browser/branding/mb-release/locales/en-US/brand.properties - + browser/branding/mb-release/locales/jar.mn - + browser/branding/mb-release/locales/moz.build - + browser/branding/mb-release/locales/mullvad-about-wordmark-en.ftl - + browser/branding/mb-release/moz.build - + browser/branding/mb-release/mullvadbrowser.VisualElementsManifest.xml - + browser/branding/mb-release/newtab.ico - + browser/branding/mb-release/newwindow.ico - + browser/branding/mb-release/pbmode.ico - + browser/branding/mb-release/pref/firefox-branding.js - browser/components/BrowserContentHandler.sys.mjs - browser/components/BrowserGlue.sys.mjs - browser/components/DesktopActorRegistry.sys.mjs - browser/components/ProfileDataUpgrader.sys.mjs - browser/components/about/AboutRedirector.cpp - browser/components/about/components.conf - browser/components/customizableui/CustomizableUI.sys.mjs - browser/components/moz.build - + browser/components/mullvad-browser/AboutMullvadBrowserChild.sys.mjs - + browser/components/mullvad-browser/AboutMullvadBrowserParent.sys.mjs - + browser/components/mullvad-browser/content/2728-sparkles.svg - + browser/components/mullvad-browser/content/aboutMullvadBrowser.css - + browser/components/mullvad-browser/content/aboutMullvadBrowser.html - + browser/components/mullvad-browser/content/aboutMullvadBrowser.js - + browser/components/mullvad-browser/jar.mn - + browser/components/mullvad-browser/moz.build - browser/components/preferences/home.inc.xhtml - browser/components/preferences/main.js - browser/components/preferences/preferences.xhtml - browser/components/preferences/privacy.inc.xhtml - browser/components/preferences/privacy.js - browser/components/preferences/search.inc.xhtml - browser/components/search/SearchUIUtils.sys.mjs - browser/components/shell/ShellService.sys.mjs - browser/components/shell/WindowsDefaultBrowser.cpp - browser/components/shell/nsWindowsShellService.cpp - browser/components/tabbrowser/NewTabPagePreloading.sys.mjs - browser/config/mozconfigs/base-browser - + browser/config/mozconfigs/mullvad-browser - browser/installer/package-manifest.in - browser/installer/windows/nsis/updater_append.ini - browser/locales/l10n.toml - browser/modules/HomePage.sys.mjs - browser/moz.build - browser/moz.configure - config/create_rc.py - devtools/client/aboutdebugging/src/actions/runtimes.js - devtools/client/aboutdebugging/src/components/sidebar/Sidebar.js - devtools/client/jar.mn - devtools/client/themes/images/aboutdebugging-firefox-aurora.svg - devtools/client/themes/images/aboutdebugging-firefox-beta.svg - devtools/client/themes/images/aboutdebugging-firefox-logo.svg - devtools/client/themes/images/aboutdebugging-firefox-nightly.svg - devtools/client/themes/images/aboutdebugging-firefox-release.svg - + devtools/client/themes/images/aboutdebugging-mullvadbrowser-logo.svg - docshell/base/nsAboutRedirector.cpp - docshell/build/components.conf - moz.configure - mozconfig-linux-aarch64 - mozconfig-linux-aarch64-dev - mozconfig-linux-x86_64 - mozconfig-linux-x86_64-asan - mozconfig-linux-x86_64-dev - mozconfig-macos - mozconfig-macos-dev - mozconfig-windows-x86_64 - + other-licenses/nsis/Contrib/ApplicationID/Makefile - other-licenses/nsis/Contrib/ApplicationID/Set.cpp - + other-licenses/nsis/Contrib/CityHash/Makefile - toolkit/components/extensions/child/ext-storage.js - toolkit/components/extensions/parent/ext-storage.js - toolkit/components/passwordmgr/LoginHelper.sys.mjs - toolkit/components/search/SearchService.sys.mjs - toolkit/components/search/content/base-browser-search-engine-icons.json - toolkit/components/search/content/base-browser-search-engines.json - + toolkit/components/search/content/brave.svg - + toolkit/components/search/content/mojeek.ico - toolkit/components/search/tests/xpcshell/test_base_browser.js - toolkit/components/securitylevel/SecurityLevel.sys.mjs - + toolkit/content/aboutRightsMullvad.xhtml - + toolkit/content/aboutTelemetryMullvad.xhtml - toolkit/content/jar.mn - + toolkit/locales/en-US/toolkit/global/mullvad-browser.ftl - toolkit/mozapps/defaultagent/EventLog.h - toolkit/mozapps/defaultagent/SetDefaultBrowser.cpp - toolkit/mozapps/extensions/AddonManager.sys.mjs - toolkit/mozapps/extensions/content/aboutaddons.css - toolkit/mozapps/extensions/internal/XPIDatabase.sys.mjs - toolkit/mozapps/extensions/internal/XPIProvider.sys.mjs - toolkit/mozapps/update/updater/nightly_aurora_level3_primary.der - toolkit/mozapps/update/updater/nightly_aurora_level3_secondary.der - toolkit/mozapps/update/updater/release_primary.der - toolkit/mozapps/update/updater/release_secondary.der - + toolkit/themes/shared/icons/mullvadbrowser.png - toolkit/themes/shared/minimal-toolkit.jar.inc.mn - toolkit/xre/nsAppRunner.cpp - tools/lint/fluent-lint/exclusions.yml - widget/windows/WinTaskbar.cpp - widget/windows/moz.build The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/ff… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/ff… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-140.6.0esr-15.0-1] fixup! Firefox preference overrides.
by Pier Angelo Vendrame (＠pierov) 05 Dec '25

05 Dec '25

Pier Angelo Vendrame pushed to branch base-browser-140.6.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 42ab5ed3 by Pier Angelo Vendrame at 2025-12-05T11:24:06+01:00 fixup! Firefox preference overrides. BB 44396: Fix the name of CJK fonts in font lists. - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -988,17 +988,17 @@ pref("font.name-list.serif.x-cans", "Noto Serif Canadian Aboriginal, Tinos"); pref("font.name-list.sans-serif.x-cans", "Noto Sans Canadian Aboriginal, Arimo"); pref("font.name-list.monospace.x-cans", "Noto Sans Canadian Aboriginal, Cousine"); // ChineseCN -pref("font.name-list.serif.zh-CN", "Noto Sans SC Regular, Tinos"); -pref("font.name-list.sans-serif.zh-CN", "Noto Sans SC Regular, Arimo"); -pref("font.name-list.monospace.zh-CN", "Noto Sans SC Regular, Cousine"); +pref("font.name-list.serif.zh-CN", "Noto Sans SC, Tinos"); +pref("font.name-list.sans-serif.zh-CN", "Noto Sans SC, Arimo"); +pref("font.name-list.monospace.zh-CN", "Noto Sans SC, Cousine"); // ChineseHK -pref("font.name-list.serif.zh-HK", "Noto Sans TC Regular, Tinos"); -pref("font.name-list.sans-serif.zh-HK", "Noto Sans TC Regular, Arimo"); -pref("font.name-list.monospace.zh-HK", "Noto Sans TC Regular, Cousine"); +pref("font.name-list.serif.zh-HK", "Noto Sans TC, Tinos"); +pref("font.name-list.sans-serif.zh-HK", "Noto Sans TC, Arimo"); +pref("font.name-list.monospace.zh-HK", "Noto Sans TC, Cousine"); // ChineseTW -pref("font.name-list.serif.zh-TW", "Noto Sans TC Regular, Tinos"); -pref("font.name-list.sans-serif.zh-TW", "Noto Sans TC Regular, Arimo"); -pref("font.name-list.monospace.zh-TW", "Noto Sans TC Regular, Cousine"); +pref("font.name-list.serif.zh-TW", "Noto Sans TC, Tinos"); +pref("font.name-list.sans-serif.zh-TW", "Noto Sans TC, Arimo"); +pref("font.name-list.monospace.zh-TW", "Noto Sans TC, Cousine"); // Cyrillic pref("font.name-list.serif.x-cyrillic", "Tinos"); pref("font.name-list.sans-serif.x-cyrillic", "Arimo"); @@ -1032,9 +1032,9 @@ pref("font.name-list.serif.he", "Noto Serif Hebrew, Tinos"); pref("font.name-list.sans-serif.he", "Noto Sans Hebrew, Arimo"); pref("font.name-list.monospace.he", "Noto Sans Hebrew, Cousine"); // Japanese -pref("font.name-list.serif.ja", "Noto Sans JP Regular, Tinos"); -pref("font.name-list.sans-serif.ja", "Noto Sans JP Regular, Arimo"); -pref("font.name-list.monospace.ja", "Noto Sans JP Regular, Cousine"); +pref("font.name-list.serif.ja", "Noto Sans JP, Tinos"); +pref("font.name-list.sans-serif.ja", "Noto Sans JP, Arimo"); +pref("font.name-list.monospace.ja", "Noto Sans JP, Cousine"); // Kannada pref("font.name-list.serif.x-knda", "Noto Serif Kannada, Tinos"); pref("font.name-list.sans-serif.x-knda", "Noto Sans Kannada, Arimo"); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/42ab5ed… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/42ab5ed… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.6.0esr-15.0-1] fixup! Firefox preference overrides.
by Pier Angelo Vendrame (＠pierov) 05 Dec '25

05 Dec '25

Pier Angelo Vendrame pushed to branch tor-browser-140.6.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: aa651749 by Pier Angelo Vendrame at 2025-12-05T11:23:43+01:00 fixup! Firefox preference overrides. BB 44396: Fix the name of CJK fonts in font lists. - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -988,17 +988,17 @@ pref("font.name-list.serif.x-cans", "Noto Serif Canadian Aboriginal, Tinos"); pref("font.name-list.sans-serif.x-cans", "Noto Sans Canadian Aboriginal, Arimo"); pref("font.name-list.monospace.x-cans", "Noto Sans Canadian Aboriginal, Cousine"); // ChineseCN -pref("font.name-list.serif.zh-CN", "Noto Sans SC Regular, Tinos"); -pref("font.name-list.sans-serif.zh-CN", "Noto Sans SC Regular, Arimo"); -pref("font.name-list.monospace.zh-CN", "Noto Sans SC Regular, Cousine"); +pref("font.name-list.serif.zh-CN", "Noto Sans SC, Tinos"); +pref("font.name-list.sans-serif.zh-CN", "Noto Sans SC, Arimo"); +pref("font.name-list.monospace.zh-CN", "Noto Sans SC, Cousine"); // ChineseHK -pref("font.name-list.serif.zh-HK", "Noto Sans TC Regular, Tinos"); -pref("font.name-list.sans-serif.zh-HK", "Noto Sans TC Regular, Arimo"); -pref("font.name-list.monospace.zh-HK", "Noto Sans TC Regular, Cousine"); +pref("font.name-list.serif.zh-HK", "Noto Sans TC, Tinos"); +pref("font.name-list.sans-serif.zh-HK", "Noto Sans TC, Arimo"); +pref("font.name-list.monospace.zh-HK", "Noto Sans TC, Cousine"); // ChineseTW -pref("font.name-list.serif.zh-TW", "Noto Sans TC Regular, Tinos"); -pref("font.name-list.sans-serif.zh-TW", "Noto Sans TC Regular, Arimo"); -pref("font.name-list.monospace.zh-TW", "Noto Sans TC Regular, Cousine"); +pref("font.name-list.serif.zh-TW", "Noto Sans TC, Tinos"); +pref("font.name-list.sans-serif.zh-TW", "Noto Sans TC, Arimo"); +pref("font.name-list.monospace.zh-TW", "Noto Sans TC, Cousine"); // Cyrillic pref("font.name-list.serif.x-cyrillic", "Tinos"); pref("font.name-list.sans-serif.x-cyrillic", "Arimo"); @@ -1032,9 +1032,9 @@ pref("font.name-list.serif.he", "Noto Serif Hebrew, Tinos"); pref("font.name-list.sans-serif.he", "Noto Sans Hebrew, Arimo"); pref("font.name-list.monospace.he", "Noto Sans Hebrew, Cousine"); // Japanese -pref("font.name-list.serif.ja", "Noto Sans JP Regular, Tinos"); -pref("font.name-list.sans-serif.ja", "Noto Sans JP Regular, Arimo"); -pref("font.name-list.monospace.ja", "Noto Sans JP Regular, Cousine"); +pref("font.name-list.serif.ja", "Noto Sans JP, Tinos"); +pref("font.name-list.sans-serif.ja", "Noto Sans JP, Arimo"); +pref("font.name-list.monospace.ja", "Noto Sans JP, Cousine"); // Kannada pref("font.name-list.serif.x-knda", "Noto Serif Kannada, Tinos"); pref("font.name-list.sans-serif.x-knda", "Noto Sans Kannada, Arimo"); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/aa65174… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/aa65174… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new tag FIREFOX_140_6_0esr_BUILD1
by ma1 (＠ma1) 04 Dec '25

04 Dec '25

ma1 pushed new tag FIREFOX_140_6_0esr_BUILD1 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/FIREF… You're receiving this email because of your account on gitlab.torproject.org.

1 0