- tbb-commits - lists.torproject.org

[Git][tpo/applications/tor-browser-build][main] Update release prep templates
by morgan (＠morgan) 27 Aug '25

27 Aug '25

morgan pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 4544e549 by Morgan at 2025-08-27T12:42:56+00:00 Update release prep templates - add Priority::Blocker and Apps::Impact::High labels to release-prep issues - - - - - 5 changed files: - .gitlab/issue_templates/Release Prep - Mullvad Browser Alpha.md - .gitlab/issue_templates/Release Prep - Mullvad Browser Stable.md - .gitlab/issue_templates/Release Prep - Tor Browser Alpha.md - .gitlab/issue_templates/Release Prep - Tor Browser Legacy.md - .gitlab/issue_templates/Release Prep - Tor Browser Stable.md Changes: ===================================== .gitlab/issue_templates/Release Prep - Mullvad Browser Alpha.md ===================================== @@ -240,4 +240,6 @@ Mullvad Browser Alpha (and Nightly) are on the `main` branch /label ~"Apps::Type::ReleasePreparation" /label ~"Apps::Product::MullvadBrowser" +/label ~"Apps::Impact::High" +/label ~"Priority::Blocker" /label ~"Project 131" ===================================== .gitlab/issue_templates/Release Prep - Mullvad Browser Stable.md ===================================== @@ -248,4 +248,6 @@ Mullvad Browser Stable is on the `maint-${MULLVAD_BROWSER_MAJOR}.${MULLVAD_BROWS /label ~"Apps::Type::ReleasePreparation" /label ~"Apps::Product::MullvadBrowser" +/label ~"Apps::Impact::High" +/label ~"Priority::Blocker" /label ~"Project 131" ===================================== .gitlab/issue_templates/Release Prep - Tor Browser Alpha.md ===================================== @@ -353,4 +353,6 @@ popd </details> /label ~"Apps::Type::ReleasePreparation" +/label ~"Apps::Impact::High" +/label ~"Priority::Blocker" /label ~"Apps::Product::TorBrowser" ===================================== .gitlab/issue_templates/Release Prep - Tor Browser Legacy.md ===================================== @@ -310,4 +310,6 @@ popd </details> /label ~"Apps::Type::ReleasePreparation" +/label ~"Apps::Impact::High" +/label ~"Priority::Blocker" /label ~"Apps::Product::TorBrowser" ===================================== .gitlab/issue_templates/Release Prep - Tor Browser Stable.md ===================================== @@ -365,4 +365,6 @@ popd </details> /label ~"Apps::Type::ReleasePreparation" +/label ~"Apps::Impact::High" +/label ~"Priority::Blocker" /label ~"Apps::Product::TorBrowser" View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-140.2.0esr-15.0-1] 2 commits: fixup! MB 188: Customize Gitlab Issue and Merge templates
by morgan (＠morgan) 27 Aug '25

27 Aug '25

morgan pushed to branch mullvad-browser-140.2.0esr-15.0-1 at The Tor Project / Applications / Mullvad Browser Commits: f333d734 by Morgan at 2025-08-27T12:29:21+00:00 fixup! MB 188: Customize Gitlab Issue and Merge templates cleanup some missing deletes, these files have migrated to the 06.* prefixed templates - - - - - d372dc36 by Morgan at 2025-08-27T12:39:52+00:00 fixup! BB 43615: Add Gitlab Issue and Merge Request templates add Apps::Impact::High label to release prep issues - - - - - 6 changed files: - .gitlab/issue_templates/060 Rebase - Alpha.md - .gitlab/issue_templates/061 Rebase - Stable.md - .gitlab/issue_templates/063 Rebase - Rapid.md - − .gitlab/issue_templates/Rebase Browser - Alpha.md - − .gitlab/issue_templates/Rebase Browser - Rapid.md - − .gitlab/issue_templates/Rebase Browser - Stable.md Changes: ===================================== .gitlab/issue_templates/060 Rebase - Alpha.md ===================================== @@ -94,4 +94,5 @@ /label ~"Apps::Product::MullvadBrowser" /label ~"Apps::Type::Rebase" +/label ~"Apps::Impact::High" /label ~"Priority::Blocker" ===================================== .gitlab/issue_templates/061 Rebase - Stable.md ===================================== @@ -93,4 +93,5 @@ /label ~"Apps::Product::MullvadBrowser" /label ~"Apps::Type::Rebase" +/label ~"Apps::Impact::High" /label ~"Priority::Blocker" ===================================== .gitlab/issue_templates/063 Rebase - Rapid.md ===================================== @@ -90,4 +90,5 @@ /label ~"Apps::Product::MullvadBrowser" /label ~"Apps::Type::Rebase" +/label ~"Apps::Impact::High" /label ~"Priority::High" ===================================== .gitlab/issue_templates/Rebase Browser - Alpha.md deleted ===================================== @@ -1,88 +0,0 @@ -**NOTE:** All examples in this template reference the rebase from 102.7.0esr to 102.8.0esr - -<details> - <summary>Explanation of Variables</summary> - -- `$(ESR_VERSION)`: the Mozilla defined ESR version, used in various places for building mullvad-browser tags, labels, etc - - **Example**: `102.8.0` -- `$(ESR_TAG)`: the Mozilla defined hg (Mercurial) tag associated with `$(ESR_VERSION)` - - **Example**: `FIREFOX_102_8_0esr_RELEASE` -- `$(BROWSER_MAJOR)`: the browser major version - - **Example**: `12` -- `$(BROWSER_MINOR)`: the browser minor version - - **Example**: either `0` or `5`; Alpha's is always `(Stable + 5) % 10` -- `$(BASE_BROWSER_BRANCH)`: the full name of the current `base-browser` branch - - **Example**: `base-browser-102.8.0esr-12.5-1` -- `$(BASE_BROWSER_BRANCH_PREV)`: the full name of the previous `base-browser` branch - - **Example**: `base-browser-102.7.0esr-12.5-1` -- `$(BASE_BROWSER_BRANCH_TAG)`: the `base-browser` build tag used as base commit for `mullvad-browser` - - **Example**: `base-browser-102.8.0esr-12.5-1-build1` -- `$(BASE_BROWSER_BRANCH_PREV_TAG)`: the `base-browser` build tag used as base commit for the previous `mullvad-browser` - - **Example**: `base-browser-102.7.0esr-12.5-1-build1` -- `$(MULLVAD_BROWSER_BRANCH)`: the full name of the current `mullvad-browser` branch - - **Example**: `mullvad-browser-102.8.0esr-12.5-1` -- `$(MULLVAD_BROWSER_BRANCH_PREV)`: the full name of the previous `mullvad-browser` branch - - **Example**: `mullvad-browser-102.7.0esr-12.5-1` -</details> - -**NOTE:** It is assumed that we've already rebased and tagged `base-browser` alpha and that we've already rebased `mullvad-browser` stable - -### **Bookkeeping** - -- [ ] Link this issue to the appropriate [Release Prep](https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/is… issue. - -### Update Branch Protection Rules - -- [ ] In [Repository Settings](https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/…: - - [ ] Remove previous alpha `mullvad-browser` branch protection rules (this will prevent pushing new changes to the branches being rebased) - - [ ] Create new `mullvad-browser` branch protection rule: - - **Branch**: `mullvad-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1*` - - **Example**: `mullvad-browser-102.8.0esr-12.5-1*` - - **Allowed to merge**: `Maintainers` - - **Allowed to push and merge**: `Maintainers` - - **Allowed to force push**: `false` - -### **Create and Push New Branch** - -- [ ] Create new alpha `mullvad-browser` branch from this ESR's alpha `base-browser` tag - - Branch name in the form: `mullvad-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1` - - **Example**: `git branch mullvad-browser-102.8.0esr-12.5-1 base-browser-102.8.0esr-12.5-1-build1` -- [ ] Push new `mullvad-browser` branch to `upstream` -- [ ] Push `base-browser` tag to `upstream` - -### **Rebase tor-browser** - -- [ ] Checkout a new local branch for the `mullvad-browser` rebase - - **Example**: `git branch mullvad-browser-rebase upstream/mullvad-browser-102.8.0esr-12.5-1` -- [ ] `mullvad-browser` rebase - - [ ] Cherry-pick the previous `mullvad-browser` branch's commit range up to the last `mullvad-browser` `build1` tag - - **Example**: `git cherry-pick base-browser-102.7.0esr-12.5-1-build1..mullvad-browser-102.7.0esr-12.5-1-build1` - - [ ] Rebase and autosquash these newly cherry-picked commits - - **Example**: `git rebase --autosquash --interactive upstream/mullvad-browser-102.8.0esr-12.5-1` - - [ ] Cherry-pick remainder of patches after the last `mullvad-browser` `buildN` tag - - **Example**: `git cherry-pick mullvad-browser-102.7.0esr-12.5-1-build1..upstream/mulvad-browser-102.7.0esr-12.5-1` - - [ ] Rebase and autosquash again, this time replacing all `fixup` and `squash` commands with `pick`. The goal here is to have all of the `fixup` and `squash` commits beside the commit which they modify, but kept un-squashed for easy debugging/bisecting. - - **Example**: `git rebase --autosquash --interactive upstream/mullvad-browser-102.8.0esr-12.5-1` -- [ ] Compare patch sets to ensure nothing *weird* happened during conflict resolution: - - [ ] diff of diffs: - - Do the diff between `current_patchset.diff` and `rebased_patchset.diff` with your preferred difftool and look at differences on lines that starts with + or - - - `git diff $(BASE_BROWSER_BRANCH_PREV_TAG)..$(MULLVAD_BROWSER_BRANCH_PREV) > current_patchset.diff` - - `git diff $(BASE_BROWSER_BRANCH_TAG)..HEAD > rebased_patchset.diff` - - diff `current_patchset.diff` and `rebased_patchset.diff` - - If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456` (unless the previous `base-browser` branch includes changes not included in the previous `mullvad-browser` branch) - - [ ] rangediff: `git range-diff $(BASE_BROWSER_BRANCH_PREV_TAG)..$(MULLVAD_BROWSER_BRANCH_PREV) $(BASE_BROWSER_BRANCH_TAG)..HEAD` - - **Example**: `git range-diff base-browser-102.7.0esr-12.5-1-build1..upstream/mullvad-browser-102.7.0esr-12.5-1 base-browser-102.8.0esr-12.5-1-build1..HEAD` -- [ ] Open MR for the `mullvad-browser` rebase -- [ ] Merge - -### **Sign and Tag** - -- [ ] Sign/Tag `HEAD` of the merged `mullvad-browser` branch: - - In **mullvad-browser.git**, checkout the new alpha `mullvad-browser` branch - - In **tor-browser-build.git**, run signing script: - ```bash - ./tools/browser/sign-tag.mullvadbrowser alpha build1 - ``` - - [ ] Push tag to `upstream` - -/label ~"Apps::Type::Rebase" ===================================== .gitlab/issue_templates/Rebase Browser - Rapid.md deleted ===================================== @@ -1,85 +0,0 @@ -**NOTE**: All examples in this template reference the rebase from Firefox 129.0a1 to 130.0a1, see the tor-browser `Rebase Browser - Rapid.md` template for further info - -<details> - <summary>Explanation of Variables</summary> - -- `$(NIGHTLY_VERSION)`: the Mozilla defined nightly version, used in various places for building tor-browser tags, labels, etc - - **Example**: `130.0a1` -- `$(NIGHTLY_TAG)`: the Mozilla defined hg (Mercurial) tag associated with `$(NIGHTLY_VERSION)` - - **Example**: `FIREFOX_NIGHTLY_130_END` -- `$(NIGHTLY_TAG_PREV)`: the Mozilla defined hg (Mercurial) tag associated with the previous nightly version when rebasing (ie, the nightly version we are rebasing from) - - **Example**: `FIREFOX_NIGHTLY_129_END` -- `$(BROWSER_VERSION)`: the browser version which will first be based on the next major ESR version this *Firefox* Nightly series is leading up to - - **Example**: `15` -- `$(BASE_BROWSER_BRANCH)`: the full name of the current `base-browser` branch based off of the Firefox Nightly channel - - **Example**: `base-browser-130.0a1-15.0-2` -- `$(BASE_BROWSER_BRANCH_TAG)`: the `base-browser` build tag used as base commit for `mullvad-browser` - - **Example**: `base-browser-130.0a1-15.0-2-build1` -- `$(BASE_BROWSER_BRANCH_PREV)`: the full name of the previous `base-browser` branch based off of the Firefox Nightly channel - - **Example**: `base-browser-129.0a1-15.0-2` -- `$(BASE_BROWSER_BRANCH_PREV_TAG)`: the `base-browser` build tag used as base commit for the previous `mullvad-browser` - - **Example**: `base-browser-129.0a1-15.0-2-build1` -- `$(MULLVAD_BROWSER_BRANCH)`: the full name of the current `mullvad-browser` branch - - **Example**: `mullvad-browser-130.0a1-15.0-2` -- `$(MULLVAD_BROWSER_BRANCH_PREV)`: the full name of the previous `mullvad-browser` branch - - **Example**: `mullvad-browser-129.0a1-15.0-2` -</details> - -**NOTE**: It is presuemd the equivalent Tor Browser rapid-release rebase has been completed, as this rebase depends on a rebased `base-browser` branch - -### Update Branch Protection Rules - -- [ ] In [Repository Settings](https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/…: - - [ ] Remove previous nightly `mullvad-browser` branch protection rules (this will prevent pushing new changes to the branches being rebased) - - [ ] Create new `mullvad-browser` branch protection rule: - - **Branch**: `mullvad-browser-$(NIGHTLY_VERSION)-$(BROWSER_VERSION)-*` - - **Example**: `mullvad-browser-130.0a1-15.0-*` - - **Allowed to merge**: `Maintainers` - - **Allowed to push and merge**: `Maintainers` - - **Allowed to force push**: `false` - - ⚠️ **IMPORTANT**: If you copied and pasted from old rules, double check you didn't add spaces at the end, as GitLab will not trim them! - -### **Create and Push New Branch** - -- [ ] Create new alpha `mullvad-browser` branch from this ESR's rapid `base-browser` tag - - Branch name in the form: `mullvad-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1` - - **Example**: `git branch mullvad-browser-130.0a1-15.0-2 base-browser-130.0a1-15.0-2-build1` -- [ ] Push new `mullvad-browser` branch to `upstream` -- [ ] Push the `base-browser` tag to `upstream` - -### **Rebase mullvad-browser** - -- [ ] Checkout a new local branch for the `mullvad-browser` rebase - - **Example**: `git branch mullvad-browser-rebase upstream/mullvad-browser-130.0a1-15.0-2` -- [ ] `mullvad-browser` rebase - - [ ] Cherry-pick the previous `mullvad-browser` rapid branch's commit range - - **Example**: `git cherry-pick base-browser-129.0a1-15.0-2-build1..mullvad-browser-129.0a1-15.0-2` - - [ ] Rebase and autosquash these newly cherry-picked commits - - **Example**: `git rebase --autosquash --interactive upstream/mullvad-browser-130.0a1-15.0-2` - - [ ] Cherry-pick the new `mullvad-browser` alpha commits (i.e. the new dangling commits which did not appear in the previous Mullvad Browser rapid channel): - - **Example** `git cherry-pick mullvad-browser-128.1.0esr-14.5-1-build1..upstream/mullvad-browser-128.1.0esr-14.5-1` - - [ ] Rebase and autosquash again, this time replacing all `fixup` and `squash` commands with `pick`. The goal here is to have all of the `fixup` and `squash` commits beside the commit which they modify, but kept un-squashed for easy debugging/bisecting. - - **Example**: `git rebase --autosquash --interactive upstream/mullvad-browser-130.0a1-15.0-2` -- [ ] Compare patch sets to ensure nothing *weird* happened during conflict resolution: - - [ ] diff of diffs: - - Do the diff between `current_patchset.diff` and `rebased_patchset.diff` with your preferred difftool and look at differences on lines that starts with + or - - - `git diff $(BASE_BROWSER_BRANCH_PREV_TAG)..$(MULLVAD_BROWSER_BRANCH_PREV) > current_patchset.diff` - - `git diff $(BASE_BROWSER_BRANCH_TAG)..HEAD > rebased_patchset.diff` - - diff `current_patchset.diff` and `rebased_patchset.diff` - - If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456` (unless the previous `base-browser` branch includes changes not included in the previous `mullvad-browser` branch) - - [ ] rangediff: `git range-diff $(BASE_BROWSER_BRANCH_PREV_TAG)..$(MULLVAD_BROWSER_BRANCH_PREV) $(BASE_BROWSER_BRANCH_TAG)..HEAD` - - **Example**: `git range-diff base-browser-129.0a1-15.0-2-build1..upstream/mullvad-browser-129.0a1-15.0-2 base-browser-130.0a1-15.0-2-build1..HEAD` -- [ ] Open MR for the `mullvad-browser` rebase -- [ ] Merge - -### **Sign and Tag** - -- [ ] Sign/Tag `HEAD` of the merged `mullvad-browser` branch: - - In **mullvad-browser.git**, checkout the new rapid `mullvad-browser` branch - - In **tor-browser-build.git**, run signing script: - ```bash - ./tools/browser/sign-tag.mullvadbrowser rapid build1 - ``` - - [ ] Push tag to `upstream` - -/label ~"Apps::Type::Rebase" ===================================== .gitlab/issue_templates/Rebase Browser - Stable.md deleted ===================================== @@ -1,89 +0,0 @@ -**NOTE:** All examples in this template reference the rebase from 102.7.0esr to 102.8.0esr - -<details> - <summary>Explanation of Variables</summary> - -- `$(ESR_VERSION)`: the Mozilla defined ESR version, used in various places for building mullvad-browser tags, labels, etc - - **Example**: `102.8.0` -- `$(ESR_TAG)`: the Mozilla defined hg (Mercurial) tag associated with `$(ESR_VERSION)` - - **Example**: `FIREFOX_102_8_0esr_RELEASE` -- `$(BROWSER_MAJOR)`: the browser major version - - **Example**: `12` -- `$(BROWSER_MINOR)`: the browser minor version - - **Example**: either `0` or `5`; Alpha's is always `(Stable + 5) % 10` -- `$(BASE_BROWSER_BRANCH)`: the full name of the current `base-browser` branch - - **Example**: `base-browser-102.8.0esr-12.0-1` -- `$(BASE_BROWSER_BRANCH_PREV)`: the full name of the previous `base-browser` branch - - **Example**: `base-browser-102.7.0esr-12.0-1` -- `$(BASE_BROWSER_BRANCH_TAG)`: the `base-browser` build tag used as base commit for `mullvad-browser` - - **Example**: `base-browser-102.8.0esr-12.0-1-build1` -- `$(BASE_BROWSER_BRANCH_PREV_TAG)`: the `base-browser` build tag used as base commit for the previous `mullvad-browser` - - **Example**: `base-browser-102.7.0esr-12.0-1-build1` -- `$(MULLVAD_BROWSER_BRANCH)`: the full name of the current `mullvad-browser` branch - - **Example**: `mullvad-browser-102.8.0esr-12.0-1` -- `$(MULLVAD_BROWSER_BRANCH_PREV)`: the full name of the previous `mullvad-browser` branch - - **Example**: `mullvad-browser-102.7.0esr-12.0-1` -</details> - -**NOTE:** It is assumed that we've already rebased and tagged `base-browser` stable - -### **Bookkeeping** - -- [ ] Link this issue to the appropriate [Release Prep](https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/is… issue. - -### Update Branch Protection Rules - -- [ ] In [Repository Settings](https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/…: - - [ ] Remove previous stable `mullvad-browser` branch protection rules (this will prevent pushing new changes to the branches being rebased) - - [ ] Create new `mullvad-browser` branch protection rule: - - **Branch**: `mullvad-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1*` - - **Example**: `mullvad-browser-102.8.0esr-12.0-1*` - - **Allowed to merge**: `Maintainers` - - **Allowed to push and merge**: `Maintainers` - - **Allowed to force push**: `false` - -### **Create and Push New Branch** - -- [ ] Create new stable `mullvad-browser` branch from this ESR's stable `base-browser` tag - - Branch name in the form: `mullvad-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1` - - **Example**: `git branch mullvad-browser-102.8.0esr-12.0-1 base-browser-102.8.0esr-12.0-1-build1` -- [ ] Push new `mullvad-browser` branch to `upstream` -- [ ] Push `base-browser` tag to `upstream` -- [ ] Push `$(ESR_TAG)` to `upstream` - -### **Rebase mullvad-browser** - -- [ ] Checkout a new local branch for the `mullvad-browser` rebase - - **Example**: `git branch mullvad-browser-rebase upstream/mullvad-browser-102.8.0esr-12.0-1` -- [ ] `mullvad-browser` rebase - - [ ] Cherry-pick the previous `mullvad-browser` branch's commit range up to the last `mullvad-browser` `build1` tag - - **Example**: `git cherry-pick base-browser-102.7.0esr-12.0-1-build1..mullvad-browser-102.7.0esr-12.0-1-build1` - - [ ] Rebase and autosquash these newly cherry-picked commits - - **Example**: `git rebase --autosquash --interactive upstream/mullvad-browser-102.8.0esr-12.0-1` - - [ ] Cherry-pick remainder of patches after the last `mullvad-browser` `buildN` tag - - **Example**: `git cherry-pick mullvad-browser-102.7.0esr-12.0-1-build1..upstream/mullvad-browser-102.7.0esr-12.0-1` - - [ ] Rebase and autosquash again, this time replacing all `fixup` and `squash` commands with `pick`. The goal here is to have all of the `fixup` and `squash` commits beside the commit which they modify, but kept un-squashed for easy debugging/bisecting. - - **Example**: `git rebase --autosquash --interactive upstream/mullvad-browser-102.8.0esr-12.0-1` -- [ ] Compare patch sets to ensure nothing *weird* happened during conflict resolution: - - [ ] diff of diffs: - - Do the diff between `current_patchset.diff` and `rebased_patchset.diff` with your preferred difftool and look at differences on lines that starts with + or - - - `git diff $(BASE_BROWSER_BRANCH_PREV_TAG)..$(MULLVAD_BROWSER_BRANCH_PREV) > current_patchset.diff` - - `git diff $(BASE_BROWSER_BRANCH_TAG)..HEAD > rebased_patchset.diff` - - diff `current_patchset.diff` and `rebased_patchset.diff` - - If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456` (unless the previous `base-browser` branch includes changes not included in the previous `mullvad-browser` branch) - - [ ] rangediff: `git range-diff $(BASE_BROWSER_BRANCH_PREV_TAG)..$(MULLVAD_BROWSER_BRANCH_PREV) $(BASE_BROWSER_BRANCH_TAG)..HEAD` - - **Example**: `git range-diff base-browser-102.7.0esr-12.0-1-build1..upstream/mullvad-browser-102.7.0esr-12.5-1 base-browser-102.8.0esr-12.5-1-build1..HEAD` -- [ ] Open MR for the `mullvad-browser` rebase -- [ ] Merge - -### **Sign and Tag** - -- [ ] Sign/Tag `HEAD` of the merged `mullvad-browser` branch: - - In **mullvad-browser.git**, checkout the new stable `mullvad-browser` branch - - In **tor-browser-build.git**, run signing script: - ```bash - ./tools/browser/sign-tag.mullvadbrowser stable build1 - ``` - - [ ] Push tag to `upstream` - -/label ~"Apps::Type::Rebase" View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/d1… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/d1… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-140.2.0esr-15.0-1] fixup! BB 43615: Add Gitlab Issue and Merge Request templates
by morgan (＠morgan) 27 Aug '25

27 Aug '25

morgan pushed to branch base-browser-140.2.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 08b956ff by Morgan at 2025-08-27T12:39:23+00:00 fixup! BB 43615: Add Gitlab Issue and Merge Request templates add Apps::Impact::High label to release prep issues - - - - - 3 changed files: - .gitlab/issue_templates/060 Rebase - Alpha.md - .gitlab/issue_templates/061 Rebase - Stable.md - .gitlab/issue_templates/063 Rebase - Rapid.md Changes: ===================================== .gitlab/issue_templates/060 Rebase - Alpha.md ===================================== @@ -151,4 +151,5 @@ /label ~"Apps::Product::TorBrowser" /label ~"Apps::Type::Rebase" +/label ~"Apps::Impact::High" /label ~"Priority::Blocker" ===================================== .gitlab/issue_templates/061 Rebase - Stable.md ===================================== @@ -114,4 +114,5 @@ /label ~"Apps::Product::TorBrowser" /label ~"Apps::Type::Rebase" +/label ~"Apps::Impact::High" /label ~"Priority::Blocker" ===================================== .gitlab/issue_templates/063 Rebase - Rapid.md ===================================== @@ -290,4 +290,5 @@ gitGraph: /label ~"Apps::Product::TorBrowser" /label ~"Apps::Type::Rebase" +/label ~"Apps::Impact::High" /label ~"Priority::High" View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/08b956f… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/08b956f… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-13.5] Bug 41432: Bump OpenSSL to 3.5.0.
by morgan (＠morgan) 27 Aug '25

27 Aug '25

morgan pushed to branch maint-13.5 at The Tor Project / Applications / tor-browser-build Commits: f1f615a4 by Pier Angelo Vendrame at 2025-08-27T12:19:51+00:00 Bug 41432: Bump OpenSSL to 3.5.0. Also, update relprep.py to take releases from that series. - - - - - 2 changed files: - projects/openssl/config - tools/relprep.py Changes: ===================================== projects/openssl/config ===================================== @@ -1,12 +1,9 @@ # vim: filetype=yaml sw=2 -version: 3.0.17 +version: 3.5.0 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' container: use_container: 1 -var: - openssldir: 'usr/local' - targets: linux-x86_64: var: @@ -36,5 +33,5 @@ input_files: - name: '[% c("var/compiler") %]' project: '[% c("var/compiler") %]' - URL: 'https://github.com/openssl/openssl/releases/download/openssl-[% c("version") %]/openssl-[% c("version") %].tar.gz' - sha256sum: dfdd77e4ea1b57ff3a6dbde6b0bdc3f31db5ac99e7fdd4eaf9e1fbb6ec2db8ce + sha256sum: 57e03c50feab5d31b152af2b764f10379aecd8ee92f16c985983ce4a99f7ef86 name: openssl ===================================== tools/relprep.py ===================================== @@ -401,7 +401,7 @@ class ReleasePreparation: def update_openssl(self): logger.info("Updating OpenSSL") config = self.load_config("openssl") - version = get_github_release("openssl/openssl", r"openssl-(3.0.\d+)") + version = get_github_release("openssl/openssl", r"openssl-(3.5.\d+)") if version == config["version"]: logger.debug("No need to update OpenSSL, keeping %s.", version) return View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/f… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/f… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-14.5] Bug 41432: Bump OpenSSL to 3.5.0.
by morgan (＠morgan) 27 Aug '25

27 Aug '25

morgan pushed to branch maint-14.5 at The Tor Project / Applications / tor-browser-build Commits: aa6938d9 by Pier Angelo Vendrame at 2025-08-27T12:17:30+00:00 Bug 41432: Bump OpenSSL to 3.5.0. Also, update relprep.py to take releases from that series. - - - - - 2 changed files: - projects/openssl/config - tools/relprep.py Changes: ===================================== projects/openssl/config ===================================== @@ -1,12 +1,9 @@ # vim: filetype=yaml sw=2 -version: 3.0.17 +version: 3.5.0 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' container: use_container: 1 -var: - openssldir: 'usr/local' - targets: linux-x86_64: var: @@ -36,5 +33,5 @@ input_files: - name: '[% c("var/compiler") %]' project: '[% c("var/compiler") %]' - URL: 'https://github.com/openssl/openssl/releases/download/openssl-[% c("version") %]/openssl-[% c("version") %].tar.gz' - sha256sum: dfdd77e4ea1b57ff3a6dbde6b0bdc3f31db5ac99e7fdd4eaf9e1fbb6ec2db8ce + sha256sum: 57e03c50feab5d31b152af2b764f10379aecd8ee92f16c985983ce4a99f7ef86 name: openssl ===================================== tools/relprep.py ===================================== @@ -381,7 +381,7 @@ class ReleasePreparation: def update_openssl(self): logger.info("Updating OpenSSL") config = self.load_config("openssl") - version = get_github_release("openssl/openssl", r"openssl-(3.0.\d+)") + version = get_github_release("openssl/openssl", r"openssl-(3.5.\d+)") if version == config["version"]: logger.debug("No need to update OpenSSL, keeping %s.", version) return View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/a… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/a… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Update application-services to -build4
by brizental (＠brizental) 27 Aug '25

27 Aug '25

brizental pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 4ed232a7 by Beatriz Rizental at 2025-08-27T09:49:23+02:00 Update application-services to -build4 - - - - - 1 changed file: - projects/application-services/config Changes: ===================================== projects/application-services/config ===================================== @@ -16,7 +16,7 @@ container: use_container: 1 var: - build_number: 3 + build_number: 4 # This should be updated when the list of gradle dependencies is changed. gradle_dependencies_version: 12 gradle_version: 8.13 View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.2.0esr-15.0-1] fixup! [android] Implement Android-native Connection Assist UI
by Dan Ballard (＠dan) 26 Aug '25

26 Aug '25

Dan Ballard pushed to branch tor-browser-140.2.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 1df86592 by clairehurst at 2025-08-26T14:27:58-07:00 fixup! [android] Implement Android-native Connection Assist UI Bug_44081: Swiping away the "private tabs" notification requires rebootstrapping. - - - - - 3 changed files: - mobile/android/android-components/components/support/base/src/main/java/mozilla/components/support/base/android/NotificationsDelegate.kt - mobile/android/fenix/app/src/main/java/org/mozilla/fenix/HomeActivity.kt - mobile/android/fenix/app/src/main/java/org/mozilla/fenix/session/PrivateNotificationService.kt Changes: ===================================== mobile/android/android-components/components/support/base/src/main/java/mozilla/components/support/base/android/NotificationsDelegate.kt ===================================== @@ -33,6 +33,15 @@ class NotificationsDelegate( var isRequestingPermission: Boolean = false private set + /** + * Defaults to true, normal behavior is to destroy the app when OnDestroy is called with isFinishing set to true + * + * A value of false indicates that the notification was just swiped away and the app should not shut down on it's behalf + * + * Workaround to make swiping the notification away not shutdown the app + */ + var shouldShutDownWithOnDestroyWhenIsFinishing: Boolean = true + @VisibleForTesting internal var permissionRequestsCount: Int = 0 ===================================== mobile/android/fenix/app/src/main/java/org/mozilla/fenix/HomeActivity.kt ===================================== @@ -821,10 +821,6 @@ open class HomeActivity : LocaleAwareAppCompatActivity(), NavHostActivity, TorAn super.onDestroy() - if (isFinishing) { - exitProcess(0) - } - // Diagnostic breadcrumb for "Display already aquired" crash: // https://github.com/mozilla-mobile/android-components/issues/7960 breadcrumb( @@ -852,6 +848,16 @@ open class HomeActivity : LocaleAwareAppCompatActivity(), NavHostActivity, TorAn stopMediaSession() } + if (applicationContext.components.notificationsDelegate.shouldShutDownWithOnDestroyWhenIsFinishing) { + if (isFinishing) { + shutDown() + } + } else { + // We only want to not shut down when the notification is swiped away, + // if we do not reset this value + applicationContext.components.notificationsDelegate.shouldShutDownWithOnDestroyWhenIsFinishing = true + } + components.core.engine.profiler?.addMarker( MarkersActivityLifecycleCallbacks.MARKER_NAME, startTimeProfiler, ===================================== mobile/android/fenix/app/src/main/java/org/mozilla/fenix/session/PrivateNotificationService.kt ===================================== @@ -79,6 +79,7 @@ class PrivateNotificationService : AbstractPrivateNotificationService() { @SuppressLint("MissingSuperCall") override fun erasePrivateTabs() { val inPrivateMode = store.state.selectedTab?.content?.private ?: false + notificationsDelegate.shouldShutDownWithOnDestroyWhenIsFinishing = false // Trigger use case directly for now (instead of calling super.erasePrivateTabs) // as otherwise SessionManager and the store will be out of sync. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/1df8659… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/1df8659… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.2.0esr-15.0-1] fixup! [android] Implement Android-native Connection Assist UI
by Dan Ballard (＠dan) 26 Aug '25

26 Aug '25

Dan Ballard pushed to branch tor-browser-140.2.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 8d6754e2 by clairehurst at 2025-08-26T13:54:34-07:00 fixup! [android] Implement Android-native Connection Assist UI Bug_43699: Properly clear dummy about pages - - - - - 1 changed file: - mobile/android/fenix/app/src/main/java/org/mozilla/fenix/tor/TorConnectionAssistViewModel.kt Changes: ===================================== mobile/android/fenix/app/src/main/java/org/mozilla/fenix/tor/TorConnectionAssistViewModel.kt ===================================== @@ -8,9 +8,13 @@ import android.app.Application import android.util.Log import androidx.lifecycle.AndroidViewModel import androidx.lifecycle.MutableLiveData +import androidx.lifecycle.viewModelScope +import kotlinx.coroutines.Dispatchers import kotlinx.coroutines.flow.MutableStateFlow import kotlinx.coroutines.flow.StateFlow +import kotlinx.coroutines.launch import mozilla.components.browser.state.ext.getUrl +import mozilla.components.browser.state.state.recover.TabState import org.mozilla.fenix.HomeActivity import org.mozilla.fenix.R import org.mozilla.fenix.ext.components @@ -30,22 +34,38 @@ class TorConnectionAssistViewModel( init { torAndroidIntegration.registerBootstrapStateChangeListener(this) - loadDummyPage() - } - - private fun loadDummyPage() { - // Load local url (it just needs to begin with "about:" to get past filter) to initialize the browser, - // Domain fronting needs Services.io.getProtocolHandler("http")... to actually work, and it - // does not till the browser/engine is initialized, and this is so far the easiest way to do that. - // Load early here so that it is ready when needed if we get to the step where DF is invoked - // Then later remove it in onCleared so it doesn't show for the user - components.useCases.tabsUseCases.addTab.invoke("about:") + loadAndUnloadDummyPage() + } + + private fun loadAndUnloadDummyPage() { + viewModelScope.launch(Dispatchers.IO) { + // Load local url (it just needs to begin with "about:" to get past filter) to initialize the browser, + // Domain fronting needs Services.io.getProtocolHandler("http")... to actually work, and it + // does not till the browser/engine is initialized, and this is so far the easiest way to do that. + // Load early here so that it is ready when needed if we get to the step where DF is invoked + // Then later remove it so it doesn't show for the user + components.useCases.tabsUseCases.addTab.invoke("about:") + // removeTabs doesn't work without a delay. + Thread.sleep(500) + // Remove loaded URL so it is never visible to the user + components.useCases.tabsUseCases.removeTabs.invoke( + components.core.store.state.tabs.filter { + it.getUrl() == "about:" || it.getUrl() == "about:blank" + }.map { it.id }, + ) + // recentlyClosedTabsStorage.value.removeAllTabs() doesn't seem to work, + // so instead we collect and iteratively remove all tabs from recent history. + // Nothing should ever show up in history so we remove everything, + // including old "about:" tabs that may have stacked up. + components.core.recentlyClosedTabsStorage.value.getTabs() + .collect { tabs: List<TabState> -> + for (tab in tabs) { + components.core.recentlyClosedTabsStorage.value.removeTab(tab) + } + } + } } - private fun clearDummyPage() { - // Remove loaded URL so it doesn't show up - components.useCases.tabsUseCases.removeTab.invoke(components.core.store.state.tabs.find {it.getUrl() == "about:"}?.id ?: "") - } fun fetchRegionNames() { torAndroidIntegration.regionNamesGet { regionNames : GeckoBundle? -> @@ -63,7 +83,6 @@ class TorConnectionAssistViewModel( override fun onCleared() { torAndroidIntegration.unregisterBootstrapStateChangeListener(this) - clearDummyPage() super.onCleared() } View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/8d6754e… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/8d6754e… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.2.0esr-15.0-1] TB 43901: Modify about:license for Tor Browser.
by morgan (＠morgan) 26 Aug '25

26 Aug '25

morgan pushed to branch tor-browser-140.2.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: c8d34a96 by Henry Wilkes at 2025-08-26T20:23:22+00:00 TB 43901: Modify about:license for Tor Browser. We also drop about:rights. - - - - - 4 changed files: - browser/base/moz.build - browser/components/about/AboutRedirector.cpp - browser/components/about/components.conf - toolkit/themes/shared/aboutLicense.css Changes: ===================================== browser/base/moz.build ===================================== @@ -79,7 +79,8 @@ PERFTESTS_MANIFESTS += ["content/test/perftest.toml"] DEFINES["MOZ_APP_VERSION"] = CONFIG["MOZ_APP_VERSION"] DEFINES["MOZ_APP_VERSION_DISPLAY"] = CONFIG["MOZ_APP_VERSION_DISPLAY"] -DEFINES["APP_LICENSE_BLOCK"] = "%s/content/overrides/app-license.html" % SRCDIR +# Do not include the Firefox app-license.html in about:license. +# tor-browser#43901. if CONFIG["BASE_BROWSER_UPDATE"]: DEFINES["BASE_BROWSER_UPDATE"] = True ===================================== browser/components/about/AboutRedirector.cpp ===================================== @@ -103,9 +103,7 @@ static const RedirEntry kRedirMap[] = { {"profiling", "chrome://devtools/content/performance-new/aboutprofiling/index.html", nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::IS_SECURE_CHROME_UI}, - {"rights", "https://www.mozilla.org/about/legal/terms/firefox/", - nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | - nsIAboutModule::URI_MUST_LOAD_IN_CHILD}, + // Drop about:rights. tor-browser#43901. #ifndef BASE_BROWSER_VERSION {"robots", "chrome://browser/content/aboutRobots.xhtml", nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | ===================================== browser/components/about/components.conf ===================================== @@ -23,6 +23,7 @@ pages = [ 'reader', 'restartrequired', 'rights', + # Removed 'rights'. tor-browser#43901. # Removed 'robots'. tor-browser#42831. 'rulesets', 'sessionrestore', ===================================== toolkit/themes/shared/aboutLicense.css ===================================== @@ -5,13 +5,9 @@ /* License Illustration */ .license-header { - background-image: url("chrome://global/skin/illustrations/about-license.svg"); - background-repeat: no-repeat; - background-position: right center; - min-height: 300px; - display: flex; - align-items: center; - padding-inline-end: 320px; + /* Adjust the header to remove the background, which is out of place without + * the app-license.html content. */ + align-self: start; } td:nth-child(1), View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/c8d34a9… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/c8d34a9… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-140.2.0esr-15.0-1] fixup! BB 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc.
by morgan (＠morgan) 26 Aug '25

26 Aug '25

morgan pushed to branch mullvad-browser-140.2.0esr-15.0-1 at The Tor Project / Applications / Mullvad Browser Commits: d19719f4 by Henry Wilkes at 2025-08-26T20:19:41+00:00 fixup! BB 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc. TB 44128: Fix about:logins to be able to hard disable the "new-login-button". - - - - - 3 changed files: - browser/components/aboutlogins/content/aboutLogins.mjs - browser/components/aboutlogins/content/components/login-command-button.mjs - browser/components/aboutlogins/content/components/login-list.mjs Changes: ===================================== browser/components/aboutlogins/content/aboutLogins.mjs ===================================== @@ -27,9 +27,6 @@ const gElements = { ".menuitem-remove-all-logins" ); }, - get createNewLoginButton() { - return this.loginList.shadowRoot.querySelector(".create-login-button"); - }, }; let numberOfLogins = 0; @@ -136,9 +133,7 @@ window.addEventListener("AboutLoginsChromeToContent", event => { gElements.loginList.setSortDirection(event.detail.value.selectedSort); document.documentElement.classList.add("initialized"); gElements.loginList.classList.add("initialized"); - if (!event.detail.value.canCreateLogins) { - gElements.createNewLoginButton.disabled = true; - } + gElements.loginList.canCreateLogins = event.detail.value.canCreateLogins; break; } case "ShowLoginItemError": { ===================================== browser/components/aboutlogins/content/components/login-command-button.mjs ===================================== @@ -48,6 +48,9 @@ export class CreateLoginButton extends MozLitElement { static get properties() { return { disabled: { type: Boolean, reflect: true }, + // Whether the button is disabled no matter if the "disabled" attribute is + // switched. + hardDisabled: { type: Boolean, reflect: true }, }; } @@ -62,7 +65,7 @@ export class CreateLoginButton extends MozLitElement { l10nId: "create-login-button", variant: "icon-button", icon: "chrome://global/skin/icons/plus.svg", - disabled: this.disabled, + disabled: this.disabled || this.hardDisabled, })} `; } ===================================== browser/components/aboutlogins/content/components/login-list.mjs ===================================== @@ -111,6 +111,28 @@ export default class LoginList extends HTMLElement { this._blankLoginListItem.hidden = true; } + /** + * Whether the user can create logins. + * + * @type {boolean} + */ + _canCreateLogins = false; + + get canCreateLogins() { + return this._canCreateLogins; + } + + set canCreateLogins(value) { + this._canCreateLogins = Boolean(value); + this._canCreateLoginsUpdate(); + } + + _canCreateLoginsUpdate() { + if (this._createLoginButton) { + this._createLoginButton.hardDisabled = !this.canCreateLogins; + } + } + connectedCallback() { if (this.shadowRoot) { return; @@ -122,6 +144,7 @@ export default class LoginList extends HTMLElement { this._count = shadowRoot.querySelector(".count"); this._createLoginButton = shadowRoot.querySelector("create-login-button"); + this._canCreateLoginsUpdate(); this._list = shadowRoot.querySelector("ol"); this._list.appendChild(this._blankLoginListItem); this._sortSelect = shadowRoot.querySelector("#login-sort"); @@ -426,7 +449,7 @@ export default class LoginList extends HTMLElement { break; } case "AboutLoginsShowBlankLogin": { - if (!event.defaultPrevented) { + if (!event.defaultPrevented && this.canCreateLogins) { this._selectedGuid = null; this._setListItemAsSelected(this._blankLoginListItem); } View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/d19… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/d19… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-140.2.0esr-15.0-1] fixup! BB 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc.
by morgan (＠morgan) 26 Aug '25

26 Aug '25

morgan pushed to branch base-browser-140.2.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: e95dea25 by Henry Wilkes at 2025-08-26T20:18:26+00:00 fixup! BB 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc. TB 44128: Fix about:logins to be able to hard disable the "new-login-button". - - - - - 3 changed files: - browser/components/aboutlogins/content/aboutLogins.mjs - browser/components/aboutlogins/content/components/login-command-button.mjs - browser/components/aboutlogins/content/components/login-list.mjs Changes: ===================================== browser/components/aboutlogins/content/aboutLogins.mjs ===================================== @@ -27,9 +27,6 @@ const gElements = { ".menuitem-remove-all-logins" ); }, - get createNewLoginButton() { - return this.loginList.shadowRoot.querySelector(".create-login-button"); - }, }; let numberOfLogins = 0; @@ -136,9 +133,7 @@ window.addEventListener("AboutLoginsChromeToContent", event => { gElements.loginList.setSortDirection(event.detail.value.selectedSort); document.documentElement.classList.add("initialized"); gElements.loginList.classList.add("initialized"); - if (!event.detail.value.canCreateLogins) { - gElements.createNewLoginButton.disabled = true; - } + gElements.loginList.canCreateLogins = event.detail.value.canCreateLogins; break; } case "ShowLoginItemError": { ===================================== browser/components/aboutlogins/content/components/login-command-button.mjs ===================================== @@ -48,6 +48,9 @@ export class CreateLoginButton extends MozLitElement { static get properties() { return { disabled: { type: Boolean, reflect: true }, + // Whether the button is disabled no matter if the "disabled" attribute is + // switched. + hardDisabled: { type: Boolean, reflect: true }, }; } @@ -62,7 +65,7 @@ export class CreateLoginButton extends MozLitElement { l10nId: "create-login-button", variant: "icon-button", icon: "chrome://global/skin/icons/plus.svg", - disabled: this.disabled, + disabled: this.disabled || this.hardDisabled, })} `; } ===================================== browser/components/aboutlogins/content/components/login-list.mjs ===================================== @@ -111,6 +111,28 @@ export default class LoginList extends HTMLElement { this._blankLoginListItem.hidden = true; } + /** + * Whether the user can create logins. + * + * @type {boolean} + */ + _canCreateLogins = false; + + get canCreateLogins() { + return this._canCreateLogins; + } + + set canCreateLogins(value) { + this._canCreateLogins = Boolean(value); + this._canCreateLoginsUpdate(); + } + + _canCreateLoginsUpdate() { + if (this._createLoginButton) { + this._createLoginButton.hardDisabled = !this.canCreateLogins; + } + } + connectedCallback() { if (this.shadowRoot) { return; @@ -122,6 +144,7 @@ export default class LoginList extends HTMLElement { this._count = shadowRoot.querySelector(".count"); this._createLoginButton = shadowRoot.querySelector("create-login-button"); + this._canCreateLoginsUpdate(); this._list = shadowRoot.querySelector("ol"); this._list.appendChild(this._blankLoginListItem); this._sortSelect = shadowRoot.querySelector("#login-sort"); @@ -426,7 +449,7 @@ export default class LoginList extends HTMLElement { break; } case "AboutLoginsShowBlankLogin": { - if (!event.defaultPrevented) { + if (!event.defaultPrevented && this.canCreateLogins) { this._selectedGuid = null; this._setListItemAsSelected(this._blankLoginListItem); } View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/e95dea2… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/e95dea2… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.2.0esr-15.0-1] fixup! BB 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc.
by morgan (＠morgan) 26 Aug '25

26 Aug '25

morgan pushed to branch tor-browser-140.2.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 6aaf40e2 by Henry Wilkes at 2025-08-26T20:12:02+00:00 fixup! BB 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc. TB 44128: Fix about:logins to be able to hard disable the "new-login-button". - - - - - 3 changed files: - browser/components/aboutlogins/content/aboutLogins.mjs - browser/components/aboutlogins/content/components/login-command-button.mjs - browser/components/aboutlogins/content/components/login-list.mjs Changes: ===================================== browser/components/aboutlogins/content/aboutLogins.mjs ===================================== @@ -27,9 +27,6 @@ const gElements = { ".menuitem-remove-all-logins" ); }, - get createNewLoginButton() { - return this.loginList.shadowRoot.querySelector(".create-login-button"); - }, }; let numberOfLogins = 0; @@ -136,9 +133,7 @@ window.addEventListener("AboutLoginsChromeToContent", event => { gElements.loginList.setSortDirection(event.detail.value.selectedSort); document.documentElement.classList.add("initialized"); gElements.loginList.classList.add("initialized"); - if (!event.detail.value.canCreateLogins) { - gElements.createNewLoginButton.disabled = true; - } + gElements.loginList.canCreateLogins = event.detail.value.canCreateLogins; break; } case "ShowLoginItemError": { ===================================== browser/components/aboutlogins/content/components/login-command-button.mjs ===================================== @@ -48,6 +48,9 @@ export class CreateLoginButton extends MozLitElement { static get properties() { return { disabled: { type: Boolean, reflect: true }, + // Whether the button is disabled no matter if the "disabled" attribute is + // switched. + hardDisabled: { type: Boolean, reflect: true }, }; } @@ -62,7 +65,7 @@ export class CreateLoginButton extends MozLitElement { l10nId: "create-login-button", variant: "icon-button", icon: "chrome://global/skin/icons/plus.svg", - disabled: this.disabled, + disabled: this.disabled || this.hardDisabled, })} `; } ===================================== browser/components/aboutlogins/content/components/login-list.mjs ===================================== @@ -111,6 +111,28 @@ export default class LoginList extends HTMLElement { this._blankLoginListItem.hidden = true; } + /** + * Whether the user can create logins. + * + * @type {boolean} + */ + _canCreateLogins = false; + + get canCreateLogins() { + return this._canCreateLogins; + } + + set canCreateLogins(value) { + this._canCreateLogins = Boolean(value); + this._canCreateLoginsUpdate(); + } + + _canCreateLoginsUpdate() { + if (this._createLoginButton) { + this._createLoginButton.hardDisabled = !this.canCreateLogins; + } + } + connectedCallback() { if (this.shadowRoot) { return; @@ -122,6 +144,7 @@ export default class LoginList extends HTMLElement { this._count = shadowRoot.querySelector(".count"); this._createLoginButton = shadowRoot.querySelector("create-login-button"); + this._canCreateLoginsUpdate(); this._list = shadowRoot.querySelector("ol"); this._list.appendChild(this._blankLoginListItem); this._sortSelect = shadowRoot.querySelector("#login-sort"); @@ -426,7 +449,7 @@ export default class LoginList extends HTMLElement { break; } case "AboutLoginsShowBlankLogin": { - if (!event.defaultPrevented) { + if (!event.defaultPrevented && this.canCreateLogins) { this._selectedGuid = null; this._setListItemAsSelected(this._blankLoginListItem); } View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/6aaf40e… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/6aaf40e… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.2.0esr-15.0-1] TB 44127: Do not show macOS Privacy hint on network error pages
by morgan (＠morgan) 26 Aug '25

26 Aug '25

morgan pushed to branch tor-browser-140.2.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: f0150ab6 by hackademix at 2025-08-26T12:08:34+02:00 TB 44127: Do not show macOS Privacy hint on network error pages - - - - - 1 changed file: - toolkit/actors/NetErrorChild.sys.mjs Changes: ===================================== toolkit/actors/NetErrorChild.sys.mjs ===================================== @@ -214,6 +214,9 @@ export class NetErrorChild extends RemotePageChild { } RPMShowOSXLocalNetworkPermissionWarning() { + // Short-circuit per tor-browser#44127 + return false; + /* if (!lazy.AppInfo.isMac) { return false; } @@ -225,5 +228,6 @@ export class NetErrorChild extends RemotePageChild { let version = parseInt(Services.sysinfo.getProperty("version")); // We only show this error on Sequoia or later return version >= 24; + */ } } View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/f0150ab… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/f0150ab… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.2.0esr-15.0-1] Bug 41197 - [android] Disable autofill
by brizental (＠brizental) 26 Aug '25

26 Aug '25

brizental pushed to branch tor-browser-140.2.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: b2184806 by Beatriz Rizental at 2025-08-25T19:17:01+02:00 Bug 41197 - [android] Disable autofill Firefox is an Autofill service. From the Android docs: > An autofill service is an app that makes it easier for users to fil > out forms by injecting data into the views of other apps. Autofill > services can also retrieve user data from the views in an app and > store it for use at a later time. Autofill services are usually > provided by apps that manage user data, such as password managers. Tor Browser is not an autofill service. All of the autofill backend is disabled at build time, since it lives in application-services. This commit disabled the client side of autofill. - - - - - 2 changed files: - mobile/android/android-components/components/feature/autofill/src/main/java/mozilla/components/feature/autofill/AutofillUseCases.kt - mobile/android/fenix/app/src/main/AndroidManifest.xml Changes: ===================================== mobile/android/android-components/components/feature/autofill/src/main/java/mozilla/components/feature/autofill/AutofillUseCases.kt ===================================== @@ -21,7 +21,7 @@ import mozilla.components.support.base.log.logger.Logger class AutofillUseCases( @VisibleForTesting sdkVersion: Int = Build.VERSION.SDK_INT, ) { - private val isAutofillAvailable = sdkVersion >= Build.VERSION_CODES.O + private val isAutofillAvailable = false private val logger = Logger("AutofillUseCases") /** ===================================== mobile/android/fenix/app/src/main/AndroidManifest.xml ===================================== @@ -683,19 +683,6 @@ android:name=".messaging.NotificationClickedReceiverActivity" android:exported="false" /> - <service android:name=".autofill.AutofillService" - tools:targetApi="o" - android:exported="true" - android:label="@string/app_name" - android:permission="android.permission.BIND_AUTOFILL_SERVICE"> - <intent-filter> - <action android:name="android.service.autofill.AutofillService"/> - </intent-filter> - <meta-data - android:name="android.autofill" - android:resource="@xml/autofill_configuration" /> - </service> - <service android:name=".media.MediaSessionService" android:foregroundServiceType="mediaPlayback" android:exported="false" /> View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/b218480… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/b218480… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-140.2.0esr-15.0-1] fixup! BB 42037: Disable about:firefoxview page
by morgan (＠morgan) 25 Aug '25

25 Aug '25

morgan pushed to branch mullvad-browser-140.2.0esr-15.0-1 at The Tor Project / Applications / Mullvad Browser Commits: 6e9e7cba by Henry Wilkes at 2025-08-25T12:27:15+00:00 fixup! BB 42037: Disable about:firefoxview page TB 43726: Drop comments about resolved bugzilla issues. - - - - - 1 changed file: - browser/themes/shared/tabbrowser/tabs.css Changes: ===================================== browser/themes/shared/tabbrowser/tabs.css ===================================== @@ -1734,9 +1734,7 @@ tab-group { /* about:firefoxview is disabled in Base Browser. See tor-browser#42037. * Therefore we always hide #firefox-view-button, regardless of private * browsing. Here we only want to draw the border if there is a non-hidden - * toolbar item before the tabs. - * NOTE: Expect merge conflict from bugzilla bug 1917595 and bug 1917599. In - * these cases we want to keep our selector as-is. */ + * toolbar item before the tabs. */ :root :is( toolbarbutton:not(#firefox-view-button), toolbarpaletteitem:not(#wrapper-firefox-view-button) @@ -1747,9 +1745,7 @@ tab-group { } /* about:firefoxview is disabled in Base Browser. Always hide the toolbar button - * and menu item regardless of private browsing. See tor-browser#42037. - * NOTE: Expect merge conflict from bugzilla bug 1903812 and bug 1917599. In - * these cases we want to keep our selector as-is. */ + * and menu item regardless of private browsing. See tor-browser#42037. */ #firefox-view-button, #menu_openFirefoxView { display: none; } View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/6e9… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/6e9… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-140.2.0esr-15.0-1] fixup! BB 42037: Disable about:firefoxview page
by morgan (＠morgan) 25 Aug '25

25 Aug '25

morgan pushed to branch base-browser-140.2.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 5f57ce1b by Henry Wilkes at 2025-08-25T12:22:43+00:00 fixup! BB 42037: Disable about:firefoxview page TB 43726: Drop comments about resolved bugzilla issues. - - - - - 1 changed file: - browser/themes/shared/tabbrowser/tabs.css Changes: ===================================== browser/themes/shared/tabbrowser/tabs.css ===================================== @@ -1734,9 +1734,7 @@ tab-group { /* about:firefoxview is disabled in Base Browser. See tor-browser#42037. * Therefore we always hide #firefox-view-button, regardless of private * browsing. Here we only want to draw the border if there is a non-hidden - * toolbar item before the tabs. - * NOTE: Expect merge conflict from bugzilla bug 1917595 and bug 1917599. In - * these cases we want to keep our selector as-is. */ + * toolbar item before the tabs. */ :root :is( toolbarbutton:not(#firefox-view-button), toolbarpaletteitem:not(#wrapper-firefox-view-button) @@ -1747,9 +1745,7 @@ tab-group { } /* about:firefoxview is disabled in Base Browser. Always hide the toolbar button - * and menu item regardless of private browsing. See tor-browser#42037. - * NOTE: Expect merge conflict from bugzilla bug 1903812 and bug 1917599. In - * these cases we want to keep our selector as-is. */ + * and menu item regardless of private browsing. See tor-browser#42037. */ #firefox-view-button, #menu_openFirefoxView { display: none; } View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/5f57ce1… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/5f57ce1… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.2.0esr-15.0-1] fixup! BB 42037: Disable about:firefoxview page
by morgan (＠morgan) 25 Aug '25

25 Aug '25

morgan pushed to branch tor-browser-140.2.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 3d5e7a2f by Henry Wilkes at 2025-08-25T11:17:59+01:00 fixup! BB 42037: Disable about:firefoxview page TB 43726: Drop comments about resolved bugzilla issues. - - - - - 1 changed file: - browser/themes/shared/tabbrowser/tabs.css Changes: ===================================== browser/themes/shared/tabbrowser/tabs.css ===================================== @@ -1734,9 +1734,7 @@ tab-group { /* about:firefoxview is disabled in Base Browser. See tor-browser#42037. * Therefore we always hide #firefox-view-button, regardless of private * browsing. Here we only want to draw the border if there is a non-hidden - * toolbar item before the tabs. - * NOTE: Expect merge conflict from bugzilla bug 1917595 and bug 1917599. In - * these cases we want to keep our selector as-is. */ + * toolbar item before the tabs. */ :root :is( toolbarbutton:not(#firefox-view-button), toolbarpaletteitem:not(#wrapper-firefox-view-button) @@ -1747,9 +1745,7 @@ tab-group { } /* about:firefoxview is disabled in Base Browser. Always hide the toolbar button - * and menu item regardless of private browsing. See tor-browser#42037. - * NOTE: Expect merge conflict from bugzilla bug 1903812 and bug 1917599. In - * these cases we want to keep our selector as-is. */ + * and menu item regardless of private browsing. See tor-browser#42037. */ #firefox-view-button, #menu_openFirefoxView { display: none; } View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/3d5e7a2… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/3d5e7a2… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 26408: Remove redundant check of macos code signature in update_responses
by morgan (＠morgan) 25 Aug '25

25 Aug '25

morgan pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 4e6d2832 by Nicolas Vigier at 2025-08-21T16:44:40+02:00 Bug 26408: Remove redundant check of macos code signature in update_responses When CHECK_CODESIGNATURE_EXISTS is set (we set it when re-generating incrementals for macos during the signing process), we were checking that both the mar files from previous and new versions are code signed. Checking that the mar file from the previous version is code signed is not necessary since it is checked just before even when the CHECK_CODESIGNATURE_EXISTS is not set. - - - - - 1 changed file: - tools/update-responses/update_responses Changes: ===================================== tools/update-responses/update_responses ===================================== @@ -261,11 +261,11 @@ sub create_incremental_mar { && ! -f "$tmpdir/A/Contents/_CodeSignature/CodeResources") { exit_error "Missing code signature in $from_version while creating $mar_file"; } + # Check that the version we update to is code signed (when re-generating + # incrementals for macos during the signing process) if ($ENV{CHECK_CODESIGNATURE_EXISTS}) { - unless (-f "$tmpdir/A/Contents/_CodeSignature/CodeResources" - && -f "$tmpdir/B/Contents/_CodeSignature/CodeResources") { - exit_error "Missing code signature while creating $mar_file"; - } + exit_error "Missing code signature while creating $mar_file" + unless -f "$tmpdir/B/Contents/_CodeSignature/CodeResources"; } local $ENV{MOZ_PRODUCT_VERSION} = $new_version; local $ENV{MAR_CHANNEL_ID} = get_config($config, $new_version, $os, 'mar_channel_id'); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.2.0esr-15.0-1] 2 commits: fixup! BB 43564: Modify ./mach bootstrap for Base Browser
by brizental (＠brizental) 21 Aug '25

21 Aug '25

brizental pushed to branch tor-browser-140.2.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 6b3510e9 by Beatriz Rizental at 2025-08-21T18:32:02+02:00 fixup! BB 43564: Modify ./mach bootstrap for Base Browser - - - - - 7b6cea75 by Beatriz Rizental at 2025-08-21T18:32:02+02:00 fixup! TB 43564: Modify ./mach bootstrap for Tor Browser - - - - - 1 changed file: - python/mozbuild/mozbuild/backend/base.py Changes: ===================================== python/mozbuild/mozbuild/backend/base.py ===================================== @@ -246,7 +246,7 @@ class BuildBackend(LoggingMixin): app = config.substs["MOZ_BUILD_APP"] noscript_target_filename = "{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi" - noscript_location = Path(config.substs["NOSCRIPT"]) + noscript_location = config.substs.get("NOSCRIPT") def _infallible_symlink(src, dst): try: @@ -280,30 +280,30 @@ class BuildBackend(LoggingMixin): "fonts": tbdir / "fonts", } - fonts_location = Path(config.substs["TOR_BROWSER_FONTS"]) - if fonts_location.is_dir(): + fonts_location = config.substs.get("TOR_BROWSER_FONTS") + if fonts_location: self.log( logging.INFO, "_setup_tor_browser_environment", { - "fonts_location": str(fonts_location), + "fonts_location": fonts_location, "fonts_target": str(paths["fonts"]), }, "Creating symlink for fonts files from {fonts_location} to {fonts_target}", ) - for file in fonts_location.iterdir(): + for file in Path(fonts_location).iterdir(): target = paths["fonts"] / file.name _infallible_symlink(file, target) # Set up NoScript extension - if noscript_location.is_file(): + if noscript_location: noscript_target = paths["exts"] / noscript_target_filename self.log( logging.INFO, "_setup_tor_browser_environment", { - "noscript_location": str(noscript_location), + "noscript_location": noscript_location, "noscript_target": str(noscript_target), }, "Creating symlink for NoScript from {noscript_location} to {noscript_target}", @@ -312,8 +312,12 @@ class BuildBackend(LoggingMixin): paths["exts"].mkdir(parents=True, exist_ok=True) _infallible_symlink(noscript_location, noscript_target) - expert_bundle_location = Path(config.substs["TOR_EXPERT_BUNDLE"]) - if expert_bundle_location.is_dir(): + expert_bundle_location = config.substs.get("TOR_EXPERT_BUNDLE") + if expert_bundle_location: + expert_bundle_location = Path(expert_bundle_location) + if not expert_bundle_location.is_dir(): + return + self.log( logging.INFO, "_setup_tor_browser_environment", @@ -353,9 +357,10 @@ class BuildBackend(LoggingMixin): _infallible_symlink(file, target) # Setup Tor binary - for item in (expert_bundle_location / "tor").iterdir(): + for item in Path(expert_bundle_location / "tor").iterdir(): target = paths["tor_bin"] / item.name - if target.is_file(): + + if item.is_file(): _infallible_symlink(item, target) # Set up licenses View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/c1827f… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/c1827f… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.2.0esr-15.0-1] 3 commits: BB 43564: Modify ./mach bootstrap for Base Browser
by brizental (＠brizental) 21 Aug '25

21 Aug '25

brizental pushed to branch tor-browser-140.2.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 5f6737f0 by Beatriz Rizental at 2025-08-21T15:13:13+02:00 BB 43564: Modify ./mach bootstrap for Base Browser - - - - - 2b7a0550 by Beatriz Rizental at 2025-08-21T15:13:16+02:00 fixup! BB 43564: Modify ./mach bootstrap for Base Browser EXTRA: Stop asking to configure git during bootstrap. - - - - - c1827fba by Beatriz Rizental at 2025-08-21T16:01:36+02:00 TB 43564: Modify ./mach bootstrap for Tor Browser - - - - - 10 changed files: - + build/moz.configure/basebrowser-resources.configure - build/moz.configure/bootstrap.configure - build/moz.configure/init.configure - + build/moz.configure/torbrowser-resources.configure - moz.configure - python/mozboot/mozboot/bootstrap.py - python/mozbuild/mozbuild/action/tooltool.py - python/mozbuild/mozbuild/artifact_commands.py - python/mozbuild/mozbuild/backend/base.py - + python/mozbuild/mozbuild/tbbutils.py Changes: ===================================== build/moz.configure/basebrowser-resources.configure ===================================== @@ -0,0 +1,88 @@ +# Helpers +# ------------------------------------------------- + + +@depends(build_project) +def is_desktop_build(build_project): + return build_project == "browser" + + +# Bootstrap resources +# ------------------------------------------------- + + +option( + "--with-noscript", + env="NOSCRIPT", + nargs=1, + default=None, + help="Path to noscript .xpi extension archive.", +) + + +@depends( + "--with-noscript", + mozbuild_state_path, + bootstrap_path( + "noscript", no_unpack=True, when=depends("--with-noscript")(lambda x: not x) + ), +) +@checking("for noscript") +@imports(_from="pathlib", _import="Path") +def noscript(value, mozbuild_state_path, _bootstrapped): + if value: + path = Path(value[0]) + if path.is_file() and path.suffix == ".xpi": + return value[0] + else: + die("--with-noscript must be an existing .xpi file") + + bootstrapped_location = Path(mozbuild_state_path) / "browser" + for file in bootstrapped_location.glob(f"*.xpi"): + if "noscript" in file.name: + return str(bootstrapped_location / file) + + # noscript is not required for building. + return None + + +set_config("NOSCRIPT", noscript) + + +option( + "--with-tor-browser-fonts", + env="TOR_BROWSER_FONTS", + nargs=1, + default=None, + help="Path to location of fonts directory.", +) + + +@depends( + "--with-tor-browser-fonts", + mozbuild_state_path, + bootstrap_path( + "fonts", + when=depends("--with-tor-browser-fonts")(lambda x: not x) & is_desktop_build, + ), +) +@checking("for tor-browser fonts directory") +@imports(_from="pathlib", _import="Path") +def tor_browser_fonts(value, mozbuild_state_path, _bootstrapped): + if value: + path = Path(value[0]) + # TODO: Do a more thorough check on the directory. + if path.is_dir(): + return value[0] + else: + die("--with-tor-browser-fonts must point to a real directory.") + + bootstrapped_location = Path(mozbuild_state_path) / "fonts" + if bootstrapped_location.is_dir(): + return str(bootstrapped_location) + + # tor browser fonts directory is not required for building. + return None + + +set_config("TOR_BROWSER_FONTS", tor_browser_fonts) ===================================== build/moz.configure/bootstrap.configure ===================================== @@ -4,6 +4,29 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. +option( + "--with-tor-browser-build-out", + env="TOR_BROWSER_BUILD_OUT", + nargs=1, + default="https://tb-build-06.torproject.org/~tb-builder/tor-browser-build/out", + help="URL pointing to a Tor Browser Build out folder, served over HTTP[S].", +) + + +@depends("--with-tor-browser-build-out") +def tor_browser_build_out(value): + if value: + return value[0] + + +option( + "--enable-tor-browser-build-only-bootstrap", + env="TBB_ONLY_BOOTSTRAP", + default=False, + help="Flag that disables bootstrapping any artifact from Mozilla's Taskcluster. Will only bootstrap artifacts from tor-browser-build.", +) + + option( env="MOZ_FETCHES_DIR", nargs=1, @@ -115,9 +138,10 @@ def bootstrap_toolchain_tasks(host): def bootstrap_path(path, **kwargs): when = kwargs.pop("when", None) allow_failure = kwargs.pop("allow_failure", None) + no_unpack = kwargs.pop("no_unpack", False) if kwargs: configure_error( - "bootstrap_path only takes `when` and `allow_failure` as a keyword argument" + "bootstrap_path only takes `when`, `allow_failure` and `no_unpack` as keyword arguments" ) @depends( @@ -129,11 +153,16 @@ def bootstrap_path(path, **kwargs): build_environment, dependable(path), dependable(allow_failure), + dependable(no_unpack), + tor_browser_build_out, + "--enable-tor-browser-build-only-bootstrap", + target, when=when, ) @imports("os") @imports("subprocess") @imports("sys") + @imports("mozbuild.tbbutils") @imports(_from="mozbuild.dirutils", _import="ensureParentDir") @imports(_from="importlib", _import="import_module") @imports(_from="shutil", _import="rmtree") @@ -148,6 +177,10 @@ def bootstrap_path(path, **kwargs): build_env, path, allow_failure, + no_unpack, + tor_browser_build_out, + tbb_only_bootstrap, + target, ): if not path: return @@ -158,6 +191,81 @@ def bootstrap_path(path, **kwargs): if path_parts[0] == "clang-tools": path_prefix = path_parts.pop(0) + # Small hack because noscript is inside the browser folder. + if path_parts[0] == "noscript": + path_prefix = "browser" + + def try_tbb_bootstrap(exists): + if not tor_browser_build_out: + return False + + # Tor browser build doesn't have artifacts for all targets supported + # by the Firefox build system. When this is empty it means we are + # building for a platform which tbb doesn't support. + if not target.tor_browser_build_alias: + return False + + artifact = mozbuild.tbbutils.get_artifact_name( + path_parts[0], target, tasks.prefix + ) + if not artifact: + log.info("%s is not mapped to a tbb artifact", path_parts[0]) + return False + + artifact_path = mozbuild.tbbutils.get_artifact_path( + tor_browser_build_out, artifact, target, prefix=path_prefix + ) + if not artifact_path: + log.info("no path found in tbb/out for %s", artifact) + return False + + # We will use the name of the artifact as the index. + # + # It's usually unique to the artifact version, but each artifact follows + # a different naming convention, so we can't really get more specific here. + artifact_index = artifact_path.rsplit("/", 1)[-1] + index_file = os.path.join(toolchains_base_dir, "indices", artifact) + try: + with open(index_file) as fh: + index = fh.read().strip() + except Exception: + index = None + if index == artifact_index and exists: + log.debug("%s is up-to-date", artifact) + return True + + command = ["artifact", "toolchain", "--from-url", artifact_path] + + if no_unpack: + command.append("--no-unpack") + + # Note to rebasers: + # From here on, it's a slightly modified copy/paste + # from the end of the try_bootstrap function + log.info( + "%s bootstrapped toolchain from TBB in %s", + "Updating" if exists else "Installing", + os.path.join(toolchains_base_dir, path_prefix, artifact), + ) + os.makedirs(os.path.join(toolchains_base_dir, path_prefix), exist_ok=True) + proc = subprocess.run( + [ + sys.executable, + os.path.join(build_env.topsrcdir, "mach"), + "--log-no-times", + ] + + command, + cwd=os.path.join(toolchains_base_dir, path_prefix), + check=not allow_failure, + ) + if proc.returncode != 0 and allow_failure: + return False + ensureParentDir(index_file) + with open(index_file, "w") as fh: + fh.write(artifact_index) + + return True + def try_bootstrap(exists): if not tasks: return False @@ -280,9 +388,10 @@ def bootstrap_path(path, **kwargs): try: # With --enable-bootstrap=no-update, we don't `try_bootstrap`, except # when the toolchain can't be found. - if ( - "no-update" not in enable_bootstrap or not exists - ) and not try_bootstrap(exists): + if ("no-update" not in enable_bootstrap or not exists) and not ( + try_tbb_bootstrap(exists) + or (not tbb_only_bootstrap and try_bootstrap(exists)) + ): # If there aren't toolchain artifacts to use for this build, # don't return a path. return None ===================================== build/moz.configure/init.configure ===================================== @@ -590,6 +590,21 @@ def split_triplet(triplet, allow_wasi=False): else: toolchain = "%s-%s" % (cpu, os) + # In tor-browser-build we use slightly different terminology for + # the supported platforms. Let's prepare that OS string here. + # + # Not all possible platforms listed here are supported in tbb, + # so this value will be empty sometimes. + tor_browser_build_alias = None + if canonical_os == "Android" and canonical_kernel == "Linux": + tor_browser_build_alias = f"android" + elif canonical_os == "GNU" and canonical_kernel == "Linux": + tor_browser_build_alias = f"linux" + elif canonical_os == "OSX" and canonical_kernel == "Darwin": + tor_browser_build_alias = f"macos" + elif canonical_os == "WINNT" and canonical_kernel == "WINNT": + tor_browser_build_alias = f"windows" + return namespace( alias=triplet, cpu=CPU(canonical_cpu), @@ -604,6 +619,7 @@ def split_triplet(triplet, allow_wasi=False): toolchain=toolchain, vendor=vendor, sub_configure_alias=sub_configure_alias, + tor_browser_build_alias=tor_browser_build_alias, ) ===================================== build/moz.configure/torbrowser-resources.configure ===================================== @@ -0,0 +1,37 @@ +option( + "--with-tor-expert-bundle", + env="TOR_EXPERT_BUNDLE", + nargs=1, + default=None, + help="Path to location of tor-expert-bundle directory.", +) + + +@depends( + "--with-tor-expert-bundle", + mozbuild_state_path, + bootstrap_path( + "tor-expert-bundle", + when=depends("--with-tor-expert-bundle")(lambda x: not x) & is_desktop_build, + ), +) +@checking("for tor-expert-bundle") +@imports(_from="pathlib", _import="Path") +def tor_expert_bundle(value, mozbuild_state_path, _bootstrapped): + if value: + path = Path(value[0]) + # TODO: Do a more thorough check on the directory. + if path.is_dir(): + return value[0] + else: + die("--with-tor-expert-bundle must point to a real directory.") + + bootstrapped_location = Path(mozbuild_state_path) / "tor-expert-bundle" + if bootstrapped_location.is_dir(): + return str(bootstrapped_location) + + # tor-expert-bundle is not required for building. + return None + + +set_config("TOR_EXPERT_BUNDLE", tor_expert_bundle) ===================================== moz.configure ===================================== @@ -229,6 +229,8 @@ check_prog("WGET", ("wget",), allow_missing=True) include("build/moz.configure/toolchain.configure", when="--enable-compile-environment") +include("build/moz.configure/basebrowser-resources.configure") +include("build/moz.configure/torbrowser-resources.configure") include("build/moz.configure/pkg.configure") include("build/moz.configure/memory.configure", when="--enable-compile-environment") ===================================== python/mozboot/mozboot/bootstrap.py ===================================== @@ -52,21 +52,28 @@ Note on Artifact Mode: Artifact builds download prebuilt C++ components rather than building them locally. Artifact builds are faster! -Artifact builds are recommended for people working on Firefox or -Firefox for Android frontends, or the GeckoView Java API. They are unsuitable +Artifact builds are recommended for people working on Tor Browser or +Tor Browser for Android frontends, or the GeckoView Java API. They are unsuitable for those working on C++ code. For more information see: https://firefox-source-docs.mozilla.org/contributing/build/artifact_builds.…. -Please choose the version of Firefox you want to build (see note above): +# Note to Tor Browser developers + +This is still highly experimental. Expect bugs! + +Please choose the version of Tor Browser you want to build (see note above): %s Your choice: """ APPLICATIONS = OrderedDict( [ - ("Firefox for Desktop Artifact Mode", "browser_artifact_mode"), - ("Firefox for Desktop", "browser"), - ("GeckoView/Firefox for Android Artifact Mode", "mobile_android_artifact_mode"), - ("GeckoView/Firefox for Android", "mobile_android"), + ("Tor Browser for Desktop Artifact Mode", "browser_artifact_mode"), + ("Tor Browser for Desktop", "browser"), + ( + "GeckoView/Tor Browser for Android Artifact Mode", + "mobile_android_artifact_mode", + ), + ("GeckoView/Tor Browser for Android", "mobile_android"), ("SpiderMonkey JavaScript engine", "js"), ] ) @@ -360,6 +367,8 @@ class Bootstrapper: getattr(self.instance, "ensure_%s_packages" % application)() def check_code_submission(self, checkout_root: Path): + return + if self.instance.no_interactive or which("moz-phab"): return @@ -474,8 +483,7 @@ class Bootstrapper: configure_mercurial(hg, state_dir) # Offer to configure Git, if the current checkout or repo type is Git. - elif git and checkout_type == "git": - should_configure_git = False + elif False and git and checkout_type == "git": if not self.instance.no_interactive: should_configure_git = self.instance.prompt_yesno(prompt=CONFIGURE_GIT) else: ===================================== python/mozbuild/mozbuild/action/tooltool.py ===================================== @@ -1029,14 +1029,29 @@ def unpack_file(filename): """Untar `filename`, assuming it is uncompressed or compressed with bzip2, xz, gzip, zst, or unzip a zip file. The file is assumed to contain a single directory with a name matching the base of the given filename. - Xz support is handled by shelling out to 'tar'.""" + Xz support is handled by shelling out to 'tar'. + + tor-browser#41564 - For supporting tor-browser-build artifacts that contain + multiple directories, the archive is extracted into a directory with the + same name as the base of the filename. This modification is only applied to + tar archives, because that is all that was necessary. + """ if os.path.isfile(filename) and tarfile.is_tarfile(filename): tar_file, zip_ext = os.path.splitext(filename) base_file, tar_ext = os.path.splitext(tar_file) clean_path(base_file) log.info('untarring "%s"' % filename) with TarFile.open(filename) as tar: - safe_extract(tar) + top_level_directories = set() + for name in tar.getnames(): + dir = name.split("/", 1)[0] + top_level_directories.add(dir) + if len(top_level_directories) == 1: + safe_extract(tar) + else: + safe_extract( + tar, path=os.path.join(os.path.dirname(filename), base_file) + ) elif os.path.isfile(filename) and filename.endswith(".tar.zst"): import zstandard ===================================== python/mozbuild/mozbuild/artifact_commands.py ===================================== @@ -244,6 +244,12 @@ def artifact_clear_cache(command_context, tree=None, job=None, verbose=False): nargs="+", help="Download toolchain artifact from a given task.", ) +@CommandArgument( + "--from-url", + metavar="URL", + nargs="+", + help="Download toolchain artifact from an arbitrary address.", +) @CommandArgument( "--tooltool-manifest", metavar="MANIFEST", @@ -273,6 +279,7 @@ def artifact_toolchain( skip_cache=False, from_build=(), from_task=(), + from_url=[], tooltool_manifest=None, no_unpack=False, retry=0, @@ -504,6 +511,13 @@ def artifact_toolchain( record = ArtifactRecord(task_id, name) records[record.filename] = record + if from_url: + for file in from_url: + record = DownloadRecord( + file, file.rsplit("/", 1)[-1], None, None, None, True + ) + records[record.filename] = record + for record in records.values(): command_context.log( logging.INFO, ===================================== python/mozbuild/mozbuild/backend/base.py ===================================== @@ -2,11 +2,14 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. +import errno import itertools +import logging import os import time from abc import ABCMeta, abstractmethod from contextlib import contextmanager +from pathlib import Path import mozpack.path as mozpath from mach.mixin.logging import LoggingMixin @@ -239,6 +242,129 @@ class BuildBackend(LoggingMixin): with open(mozpath.join(dir, ".purgecaches"), "w") as f: f.write("\n") + def _setup_tor_browser_environment(self, config): + app = config.substs["MOZ_BUILD_APP"] + + noscript_target_filename = "{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi" + noscript_location = Path(config.substs["NOSCRIPT"]) + + def _infallible_symlink(src, dst): + try: + os.symlink(src, dst) + except OSError as e: + if e.errno == errno.EEXIST: + # If the symlink already exists, remove it and try again. + os.remove(dst) + os.symlink(src, dst) + else: + return + + if app == "browser": + tbdir = Path(config.topobjdir) / "dist" / "bin" + + if config.substs.get("OS_TARGET") == "Darwin": + tbdir = next(tbdir.glob("*.app")) + paths = { + "docs": tbdir / "Contents/Resources/TorBrowser/Docs", + "exts": tbdir / "Contents/Resources/distribution/extensions", + "tor_bin": tbdir / "Contents/MacOS/tor", + "tor_config": tbdir / "Contents/Resources/TorBrowser/Tor", + "fonts": tbdir / "Resources/fonts", + } + else: + paths = { + "docs": tbdir / "TorBrowser/Docs", + "exts": tbdir / "distribution/extensions", + "tor_bin": tbdir / "TorBrowser/Tor", + "tor_config": tbdir / "TorBrowser/Data/Tor", + "fonts": tbdir / "fonts", + } + + fonts_location = Path(config.substs["TOR_BROWSER_FONTS"]) + if fonts_location.is_dir(): + self.log( + logging.INFO, + "_setup_tor_browser_environment", + { + "fonts_location": str(fonts_location), + "fonts_target": str(paths["fonts"]), + }, + "Creating symlink for fonts files from {fonts_location} to {fonts_target}", + ) + + for file in fonts_location.iterdir(): + target = paths["fonts"] / file.name + _infallible_symlink(file, target) + + # Set up NoScript extension + if noscript_location.is_file(): + noscript_target = paths["exts"] / noscript_target_filename + self.log( + logging.INFO, + "_setup_tor_browser_environment", + { + "noscript_location": str(noscript_location), + "noscript_target": str(noscript_target), + }, + "Creating symlink for NoScript from {noscript_location} to {noscript_target}", + ) + + paths["exts"].mkdir(parents=True, exist_ok=True) + _infallible_symlink(noscript_location, noscript_target) + + expert_bundle_location = Path(config.substs["TOR_EXPERT_BUNDLE"]) + if expert_bundle_location.is_dir(): + self.log( + logging.INFO, + "_setup_tor_browser_environment", + { + "expert_bundle_location": str(expert_bundle_location), + }, + "Setting up tor-expert-bundle resources from {expert_bundle_location}", + ) + + # Set up Tor configuration files + paths["tor_config"].mkdir(parents=True, exist_ok=True) + for file in ["geoip", "geoip6"]: + target = paths["tor_config"] / file + _infallible_symlink(expert_bundle_location / "data" / file, target) + + # Set up Conjure documentation + conjust_docs_location = paths["docs"] / "conjure" + conjust_docs_location.mkdir(parents=True, exist_ok=True) + conjure_readme = conjust_docs_location / "README.CONJURE.md" + _infallible_symlink( + expert_bundle_location + / "tor/pluggable_transports/README.CONJURE.md", + conjure_readme, + ) + + # Set up pluggable transports + paths["tor_bin"].mkdir(parents=True, exist_ok=True) + pluggable_transports_location = ( + expert_bundle_location / "tor/pluggable_transports" + ) + pluggable_transports_target = paths["tor_bin"] / "PluggableTransports" + pluggable_transports_target.mkdir(parents=True, exist_ok=True) + for file in pluggable_transports_location.iterdir(): + # We only want the PT executables. + if os.access(file, os.X_OK) or file.suffix.lower() == ".exe": + target = pluggable_transports_target / file.name + _infallible_symlink(file, target) + + # Setup Tor binary + for item in (expert_bundle_location / "tor").iterdir(): + target = paths["tor_bin"] / item.name + if target.is_file(): + _infallible_symlink(item, target) + + # Set up licenses + licenses_location = paths["docs"] / "Licenses" + licenses_location.mkdir(parents=True, exist_ok=True) + for item in (expert_bundle_location / "docs").iterdir(): + target = licenses_location / item.name + _infallible_symlink(item, target) + def post_build(self, config, output, jobs, verbose, status): """Called late during 'mach build' execution, after `build(...)` has finished. @@ -257,6 +383,9 @@ class BuildBackend(LoggingMixin): """ self._write_purgecaches(config) + if status == 0: + self._setup_tor_browser_environment(config) + return status @contextmanager ===================================== python/mozbuild/mozbuild/tbbutils.py ===================================== @@ -0,0 +1,97 @@ +import re +from urllib.request import Request, urlopen + + +def list_files_http(url): + try: + req = Request(url, method="GET") + with urlopen(req) as response: + if response.status != 200: + return [] + html = response.read().decode() + except Exception: + return [] + + links = [] + for href in re.findall(r'<a href="([^"]+)"', html): + if href == "../": + continue + + if "tor-expert-bundle" in href: + href = f"{href}/tor-expert-bundle.tar.gz" + + links.append(href) + + return links + + +TOR_BROWSER_BUILD_ARTIFACTS = [ + # Tor Browser Build-only artifacts, these artifacts are not common with Firefox. + "noscript", + "fonts", + "tor-expert-bundle", +] + +# Mapping of artifacts from taskcluster to tor-browser-build. +ARTIFACT_NAME_MAP = { + "cbindgen": "cbindgen", + # FIXME (tor-browser-build#41471): nasm is more or less ready to go, but it needs to have the + # executable in the root of the artifact folder instead of nasm/bin. + # "nasm": "nasm", + # FIXME (tor-browser-build#41421): the clang project as is, is not ready to use. It needs + # to be repackaged with a bunch of things that differ per platform. Fun stuff. + # "clang": "clang", + "node": "node", +} + + +def get_artifact_name(original_artifact_name, target, host): + # These are not build artifacts, they are pre-built artifacts to be added to the final build, + # therefore this check can come before the host check. + if original_artifact_name in TOR_BROWSER_BUILD_ARTIFACTS: + return original_artifact_name + + if host != "linux64": + # Tor browser build only has development artifacts for linux64 host systems. + return None + + return ARTIFACT_NAME_MAP.get(original_artifact_name) + + +def get_artifact_path(url, artifact, target, prefix=""): + if prefix: + path = prefix + else: + path = artifact + + # The `?C=M;O=D` parameters make it so links are ordered by + # the last modified date. This here to make us get the latest + # version of file in the case there are multiple and we just + # grab the first one. + files = list_files_http(f"{url}/{path}?C=M;O=D") + + if not files: + return None + + def filter_files(files, keyword): + return [file for file in files if keyword in file] + + artifact_files = filter_files(files, artifact) + + if len(artifact_files) == 1: + return f"{url}/{path}/{artifact_files[0]}" + + files_per_os = filter_files(artifact_files, target.tor_browser_build_alias) + + # If there are files in the folder, but they don't have the OS in the name + # it means we can get any of them because they can be used to build for any OS. + # So let's just get the first one. + if len(files_per_os) == 0: + return f"{url}/{artifact}/{artifact_files[0]}" + + elif len(files_per_os) == 1: + return f"{url}/{artifact}/{files_per_os[0]}" + + matches = filter_files(files_per_os, target.cpu) + + return f"{url}/{artifact}/{matches[0]}" if matches else None View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/1b6230… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/1b6230… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-140.2.0esr-15.0-1] fixup! BB 40926: Implemented the New Identity feature
by brizental (＠brizental) 21 Aug '25

21 Aug '25

brizental pushed to branch mullvad-browser-140.2.0esr-15.0-1 at The Tor Project / Applications / Mullvad Browser Commits: 64bcf3cf by Beatriz Rizental at 2025-08-21T15:40:41+02:00 fixup! BB 40926: Implemented the New Identity feature - - - - - 1 changed file: - browser/components/newidentity/content/newidentity.js Changes: ===================================== browser/components/newidentity/content/newidentity.js ===================================== @@ -418,22 +418,21 @@ ChromeUtils.defineLazyGetter(this, "NewIdentityButton", () => { tbl.onLocationChange = (...args) => { tbl.onLocationChange = onLocationChange; tbl.onLocationChange(...args); - let displayAddress; - try { - const url = new URL(homeURL); - displayAddress = url.hostname; - if (!displayAddress) { - // no host, use full address and truncate if too long - const MAX_LEN = 32; - displayAddress = url.href; - if (displayAddress.length > MAX_LEN) { - displayAddress = `${displayAddress.substring(0, MAX_LEN)}…`; - } - } - } catch (e) { + const url = URL.parse(homeURL); + if (!url) { // malformed URL, bail out return; } + + let displayAddress = url.hostname; + if (!displayAddress) { + // no host, use full address and truncate if too long + const MAX_LEN = 32; + displayAddress = url.href; + if (displayAddress.length > MAX_LEN) { + displayAddress = `${displayAddress.substring(0, MAX_LEN)}…`; + } + } const callback = () => { Services.prefs.setStringPref(trustedHomePref, homeURL); win.BrowserHome(); View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/64b… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/64b… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-140.2.0esr-15.0-1] fixup! BB 40926: Implemented the New Identity feature
by brizental (＠brizental) 21 Aug '25

21 Aug '25

brizental pushed to branch base-browser-140.2.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 4b154152 by Beatriz Rizental at 2025-08-21T15:39:24+02:00 fixup! BB 40926: Implemented the New Identity feature - - - - - 1 changed file: - browser/components/newidentity/content/newidentity.js Changes: ===================================== browser/components/newidentity/content/newidentity.js ===================================== @@ -418,22 +418,21 @@ ChromeUtils.defineLazyGetter(this, "NewIdentityButton", () => { tbl.onLocationChange = (...args) => { tbl.onLocationChange = onLocationChange; tbl.onLocationChange(...args); - let displayAddress; - try { - const url = new URL(homeURL); - displayAddress = url.hostname; - if (!displayAddress) { - // no host, use full address and truncate if too long - const MAX_LEN = 32; - displayAddress = url.href; - if (displayAddress.length > MAX_LEN) { - displayAddress = `${displayAddress.substring(0, MAX_LEN)}…`; - } - } - } catch (e) { + const url = URL.parse(homeURL); + if (!url) { // malformed URL, bail out return; } + + let displayAddress = url.hostname; + if (!displayAddress) { + // no host, use full address and truncate if too long + const MAX_LEN = 32; + displayAddress = url.href; + if (displayAddress.length > MAX_LEN) { + displayAddress = `${displayAddress.substring(0, MAX_LEN)}…`; + } + } const callback = () => { Services.prefs.setStringPref(trustedHomePref, homeURL); win.BrowserHome(); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/4b15415… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/4b15415… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] 2 commits: Bug 41548: Unify CFLAGS definition for Android.
by Pier Angelo Vendrame (＠pierov) 21 Aug '25

21 Aug '25

Pier Angelo Vendrame pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 0508c07b by Pier Angelo Vendrame at 2025-08-21T15:17:58+02:00 Bug 41548: Unify CFLAGS definition for Android. Avoid repeating -Oz, instead use a variable from rbm.conf. - - - - - 00f0cf66 by Pier Angelo Vendrame at 2025-08-21T15:19:57+02:00 Bug 41548: Set tor's visibility to hidden on Android. This helps to reduce the size of the tor binary on Android by almost 1MB uncompressed and 370kB compressed on x86. Add also other interesting linking options. - - - - - 6 changed files: - projects/libevent/config - projects/openssl/config - projects/tor/config - projects/zlib/build - projects/zstd/build - rbm.conf Changes: ===================================== projects/libevent/config ===================================== @@ -17,7 +17,7 @@ targets: configure_opt_project: --disable-shared android: var: - configure_opt_project: --disable-shared CFLAGS="-Oz" + configure_opt_project: --disable-shared CFLAGS="[% c('var/CFLAGS') %]" input_files: - project: container-image ===================================== projects/openssl/config ===================================== @@ -26,7 +26,7 @@ targets: configure_opts: '--cross-compile-prefix=[% c("var/build_target") %]- darwin64-[% c("var/macos_arch") %]-cc enable-ec_nistp_64_gcc_128' android: var: - configure_opts: 'CC=[% c("var/CC") %] android-[% c("var/toolchain_arch") %] -no-shared -D__ANDROID_API__=[% c("var/android_min_api") %] -Oz' + configure_opts: 'CC=[% c("var/CC") %] android-[% c("var/toolchain_arch") %] -no-shared -D__ANDROID_API__=[% c("var/android_min_api") %] [% c("var/CFLAGS") %]' input_files: - project: container-image ===================================== projects/tor/config ===================================== @@ -43,7 +43,7 @@ targets: android: var: - configure_opt_project: '--enable-android --enable-static-openssl --enable-static-libevent --enable-zstd --disable-tool-name-check --disable-system-torrc CFLAGS=-Oz' + configure_opt_project: '--enable-android --enable-static-openssl --enable-static-libevent --enable-zstd --disable-tool-name-check --disable-system-torrc CFLAGS="[% c("var/CFLAGS") %]" LDFLAGS="-Wl,--icf=safe -Wl,--pack-dyn-relocs=relr -Wl,--exclude-libs,ALL"' input_files: - project: container-image ===================================== projects/zlib/build ===================================== @@ -14,7 +14,7 @@ cd /var/tmp/build/[% project %]-[% c('version') %] [% IF c("var/android") -%] export CHOST=[% c("var/cross_prefix") %] export CC=[% c("var/CC") %] - export CFLAGS="-Oz" + export CFLAGS="[% c('var/CFLAGS') %]" ./configure --prefix=$distdir make -j[% c("num_procs") %] make -j[% c("num_procs") %] install ===================================== projects/zstd/build ===================================== @@ -8,7 +8,7 @@ tar -C /var/tmp/build -xf [% project %]-[% c('version') %].tar.[% c('compress_ta cd /var/tmp/build/[% project %]-[% c('version') %] export CPPFLAGS=-DZSTD_MULTITHREAD export CC=[% c("var/CC") %] -export CFLAGS="-Oz" +export CFLAGS="[% c('var/CFLAGS') %]" make -C lib -j[% c("num_procs") %] PREFIX=$distdir install # Only need static libraries rm $distdir/lib/libzstd.so* ===================================== rbm.conf ===================================== @@ -470,6 +470,7 @@ targets: compiler: android-toolchain android_min_api: 21 CC: '[% c("var/cross_prefix") %][% c("var/android_min_api") %]-clang' + CFLAGS: '-Oz -fvisibility=hidden' container: suite: bookworm arch: amd64 View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.2.0esr-15.0-1] 7 commits: fixup! BB 40926: Implemented the New Identity feature
by brizental (＠brizental) 21 Aug '25

21 Aug '25

brizental pushed to branch tor-browser-140.2.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 40fe2123 by Beatriz Rizental at 2025-08-21T14:45:59+02:00 fixup! BB 40926: Implemented the New Identity feature - - - - - ca116af7 by Beatriz Rizental at 2025-08-21T14:45:59+02:00 fixup! TB 8324: Prevent DNS proxy bypasses caused by Drag&Drop - - - - - 61f37354 by Beatriz Rizental at 2025-08-21T14:46:00+02:00 fixup! TB 27476: Implement about:torconnect captive portal within Tor Browser - - - - - db2882b1 by Beatriz Rizental at 2025-08-21T14:46:00+02:00 fixup! TB 7494: Create local home page for TBB. - - - - - 2e686601 by Beatriz Rizental at 2025-08-21T14:46:00+02:00 fixup! TB 23247: Communicating security expectations for .onion - - - - - 3e500e35 by Beatriz Rizental at 2025-08-21T14:46:01+02:00 fixup! TB 21952: Implement Onion-Location - - - - - 1b623002 by Beatriz Rizental at 2025-08-21T14:46:01+02:00 fixup! TB 40458: Implement .tor.onion aliases - - - - - 9 changed files: - browser/base/content/pageinfo/security.js - browser/components/abouttor/content/aboutTor.js - browser/components/newidentity/content/newidentity.js - browser/components/onionservices/OnionAliasStore.sys.mjs - browser/components/onionservices/OnionLocationChild.sys.mjs - browser/components/onionservices/TorRequestWatch.sys.mjs - browser/components/rulesets/content/aboutRulesets.js - toolkit/components/torconnect/TorConnectChild.sys.mjs - toolkit/modules/DragDropFilter.sys.mjs Changes: ===================================== browser/base/content/pageinfo/security.js ===================================== @@ -57,15 +57,15 @@ var security = { (Ci.nsIWebProgressListener.STATE_LOADED_MIXED_ACTIVE_CONTENT | Ci.nsIWebProgressListener.STATE_LOADED_MIXED_DISPLAY_CONTENT); var isEV = ui.state & Ci.nsIWebProgressListener.STATE_IDENTITY_EV_TOPLEVEL; - let uriInformation = new URL(gDocInfo.documentURIObject.spec); + let uriInformation = URL.parse(gDocInfo.documentURIObject.spec); // If the Onion site could not be loaded, the view-source will be also be // about:neterror. - if (uriInformation.protocol == "view-source:") { - uriInformation = new URL(uriInformation.pathname); + if (uriInformation?.protocol == "view-source:") { + uriInformation = URL.parse(uriInformation.pathname); } const isOnion = - ["http:", "https:"].includes(uriInformation.protocol) && - uriInformation.hostname.endsWith(".onion"); + ["http:", "https:"].includes(uriInformation?.protocol) && + uriInformation?.hostname.endsWith(".onion"); let retval = { cAName: "", ===================================== browser/components/abouttor/content/aboutTor.js ===================================== @@ -298,10 +298,11 @@ const SurveyArea = { */ init() { document.getElementById("survey-launch").addEventListener("click", () => { - if (!this._localeData) { + const url = URL.parse(this._urlBase); + if (!url || !this._localeData) { return; } - const url = new URL(this._urlBase); + url.searchParams.append("lang", this._localeData.urlCode); open(url.href); }); ===================================== browser/components/newidentity/content/newidentity.js ===================================== @@ -418,22 +418,21 @@ ChromeUtils.defineLazyGetter(this, "NewIdentityButton", () => { tbl.onLocationChange = (...args) => { tbl.onLocationChange = onLocationChange; tbl.onLocationChange(...args); - let displayAddress; - try { - const url = new URL(homeURL); - displayAddress = url.hostname; - if (!displayAddress) { - // no host, use full address and truncate if too long - const MAX_LEN = 32; - displayAddress = url.href; - if (displayAddress.length > MAX_LEN) { - displayAddress = `${displayAddress.substring(0, MAX_LEN)}…`; - } - } - } catch (e) { + const url = URL.parse(homeURL); + if (!url) { // malformed URL, bail out return; } + + let displayAddress = url.hostname; + if (!displayAddress) { + // no host, use full address and truncate if too long + const MAX_LEN = 32; + displayAddress = url.href; + if (displayAddress.length > MAX_LEN) { + displayAddress = `${displayAddress.substring(0, MAX_LEN)}…`; + } + } const callback = () => { Services.prefs.setStringPref(trustedHomePref, homeURL); win.BrowserHome(); ===================================== browser/components/onionservices/OnionAliasStore.sys.mjs ===================================== @@ -175,17 +175,15 @@ class Channel { ); return; } - let toHostname; - try { - const toUrl = new URL(rule.rule[0].to); - toHostname = toUrl.hostname; - } catch (err) { + const toHostname = URL.parse(rule.rule[0].to)?.hostname; + if (!toHostname) { log.error( - "Cannot detect the hostname from the to rule", - rule.rule[0].to, - err + "Unable to parse the URL and the hostname from the to rule", + rule.rule[0].to ); + return; } + let fromRe; try { fromRe = new RegExp(rule.rule[0].from); @@ -318,6 +316,7 @@ class _OnionAliasStore { throw Error("Name cannot be empty"); } + // This will throw if the URL is invalid. new URL(chanData.pathPrefix); const scope = new RegExp(chanData.scope); const ch = new Channel( ===================================== browser/components/onionservices/OnionLocationChild.sys.mjs ===================================== @@ -25,12 +25,12 @@ export class OnionLocationChild extends JSWindowActorChild { let onionLocationURI = doc.onionLocationURI; const refreshURI = docShell.QueryInterface(Ci.nsIRefreshURI); if (onionLocationURI && refreshURI) { - const docUrl = new URL(doc.URL); - let onionUrl = new URL(onionLocationURI.asciiSpec); + const docUrl = URL.parse(doc.URL); + let onionUrl = URL.parse(onionLocationURI.asciiSpec); // Keep consistent with Location - if (!onionUrl.hash && docUrl.hash) { + if (!onionUrl?.hash && docUrl?.hash) { onionUrl.hash = docUrl.hash; - onionLocationURI = Services.io.newURI(onionUrl.toString()); + onionLocationURI = Services.io.newURI(onionUrl?.toString() || ""); } refreshURI.refreshURI( onionLocationURI, ===================================== browser/components/onionservices/TorRequestWatch.sys.mjs ===================================== @@ -79,7 +79,14 @@ class RequestObserver { } isCrossOrigin(url1, url2) { - return new URL(url1).origin !== new URL(url2).origin; + const origin1 = URL.parse(url1)?.origin; + const origin2 = URL.parse(url2)?.origin; + + if (!origin1 || !origin2) { + return true; + } + + return origin1 !== origin2; } shouldBlindCrossOrigin(uri) { try { ===================================== browser/components/rulesets/content/aboutRulesets.js ===================================== @@ -210,8 +210,8 @@ class EditState { const pathPrefix = elements.pathPrefixInput.value.trim(); try { - const url = new URL(pathPrefix); - if (url.protocol !== "http:" && url.protocol !== "https:") { + const url = URL.parse(pathPrefix); + if (url?.protocol !== "http:" && url?.protocol !== "https:") { elements.pathPrefixInput.setCustomValidity( await document.l10n.formatValue("rulesets-details-path-input-invalid") ); ===================================== toolkit/components/torconnect/TorConnectChild.sys.mjs ===================================== @@ -30,20 +30,21 @@ export class TorConnectChild extends RemotePageChild { this.#redirected = true; const redirect = new URLSearchParams( - new URL(this.contentWindow.document.location.href).search + URL.parse(this.contentWindow.document.location.href)?.search ).get("redirect"); // Fallback in error cases: let replaceURI = "about:tor"; - try { - const url = new URL( - redirect - ? decodeURIComponent(redirect) - : // NOTE: We expect no redirect when address is entered manually, or - // about:torconnect is opened from preferences or urlbar. - // Go to the home page. - await this.sendQuery("torconnect:home-page") - ); + const url = URL.parse( + redirect + ? decodeURIComponent(redirect) + : // NOTE: We expect no redirect when address is entered manually, or + // about:torconnect is opened from preferences or urlbar. + // Go to the home page. + await this.sendQuery("torconnect:home-page") + ); + + if (url) { // Do not allow javascript URI. See tor-browser#41766 if ( ["about:", "file:", "https:", "http:"].includes(url.protocol) || @@ -55,8 +56,8 @@ export class TorConnectChild extends RemotePageChild { } else { console.error(`Scheme is not allowed "${redirect}"`); } - } catch (e) { - console.error(`Invalid redirect URL "${redirect}"`, e); + } else { + console.error(`Invalid redirect URL "${redirect}"`); } // Replace the destination to prevent "about:torconnect" entering the ===================================== toolkit/modules/DragDropFilter.sys.mjs ===================================== @@ -97,11 +97,7 @@ export const DragDropFilter = { const links = aDataTransfer.mozGetDataAt(urlType, i); // Skip DNS-safe URLs (no hostname, e.g. RFC 3966 tel:) const mayLeakDNS = links.split("\n").some(link => { - try { - return new URL(link).hostname; - } catch (e) { - return false; - } + return URL.parse(link)?.hostname ?? false; }); if (!mayLeakDNS) { continue; View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/c29f47… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/c29f47… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41523: Use custom glean in geckoview
by brizental (＠brizental) 21 Aug '25

21 Aug '25

brizental pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 6100c67a by Beatriz Rizental at 2025-08-21T14:41:56+02:00 Bug 41523: Use custom glean in geckoview - - - - - 5 changed files: - Makefile - projects/geckoview/build_common - projects/geckoview/config - projects/geckoview/gradle-dependencies-list.txt - projects/glean/config Changes: ===================================== Makefile ===================================== @@ -647,6 +647,9 @@ cargo_vendor-lox: submodule-update cargo_vendor-uniffi-rs: submodule-update $(rbm) build uniffi-rs --step cargo_vendor --target alpha --target torbrowser-linux-x86_64 +cargo_vendor-glean: submodule-update + $(rbm) build glean --step cargo_vendor --target alpha --target torbrowser-linux-x86_64 + go_vendor-conjure: submodule-update $(rbm) build conjure --step go_vendor --target alpha --target torbrowser-linux-x86_64 ===================================== projects/geckoview/build_common ===================================== @@ -14,6 +14,7 @@ export PATH="/var/tmp/dist/node/bin:$PATH" export LC_ALL=C.UTF-8 export LANG=C.UTF-8 +tar -xf [% c('input_files_by_name/glean') %] tar -xf [% c('input_files_by_name/application-services') %] export NIMBUS_FML=$rootdir/application-services/nimbus-fml @@ -34,6 +35,7 @@ export GRADLE_FLAGS="--no-daemon --offline -Dmaven.repo.local=$distdir/[% projec # standardized for reproducibility. mv $rootdir/[% c('input_files_by_name/gradle-dependencies') %] $gradle_repo cp -rl $rootdir/application-services/maven/* $gradle_repo +cp -rl $rootdir/glean/maven/* $gradle_repo cp -rl $gradle_repo/dl/android/maven2/* $gradle_repo || true cp -rl $gradle_repo/m2/* $gradle_repo || true cp -rl $gradle_repo/maven2/* $gradle_repo || true ===================================== projects/geckoview/config ===================================== @@ -37,7 +37,7 @@ var: - openjdk-17-jdk-headless # this should be updated when the list of gradle dependencies is changed # see doc/how-to-create-gradle-dependencies-list.txt - gradle_dependencies_version: 17 + gradle_dependencies_version: 18 gradle_version: 8.13 glean_parser: 14.0.1 # python/mozboot/mozboot/android.py @@ -77,6 +77,9 @@ steps: - project: application-services name: application-services pkg_type: build + - project: glean + name: glean + pkg_type: build - filename: 'gradle-dependencies-[% c("var/gradle_dependencies_version") %]' name: gradle-dependencies exec: '[% INCLUDE "fetch-gradle-dependencies" %]' @@ -162,6 +165,9 @@ input_files: - URL: '[% pc("glean-parser", "var/glean_wheels_url") %]' name: glean-wheels sha256sum: '[% pc("glean-parser", "var/glean_wheels_sha256sum") %]' + - project: glean + name: glean + pkg_type: build - project: oss-licenses-plugin name: oss-licenses-plugin - name: tor-expert-bundle-aar ===================================== projects/geckoview/gradle-dependencies-list.txt ===================================== @@ -1023,12 +1023,6 @@ dba74d6bf94647ee397bf7afb2ab07f6fe8d13157e56785fa540a2a13ed82c99 | https://maven d36f248782d4ab513d2ab2b6141799525211c37ba0941c4aa2e73ee00f1a14b2 | https://maven.google.com/com/google/firebase/firebase-messaging/24.1.1/fire… d001eb0ccbbfc8cb9eaa193a358e63712974639775647be949ab232c2b29b407 | https://maven.google.com/com/google/testing/platform/core-proto/0.0.9-alpha… 3bb45280df1dd1c96b9a01724a614566b7d60d33453fcd52c2c741f9999c3a4e | https://maven.google.com/com/google/testing/platform/core-proto/0.0.9-alpha… -7d66a1b1e51592eda1e77c44d5692192dbffc828ea3899ff92ae0161b681a336 | https://maven.mozilla.org/maven2/org/mozilla/telemetry/glean-gradle-plugin/… -07742881a447c577669139ed7548fc4a0e6c43c63aa28a6f4652ff2d163b94f6 | https://maven.mozilla.org/maven2/org/mozilla/telemetry/glean-gradle-plugin/… -79aa542e883553436721d40af661beb9ac09dad323b89afde057631c54fdf83c | https://maven.mozilla.org/maven2/org/mozilla/telemetry/glean-native/64.3.1/… -17ae368dcc12a965df8a9195e5d897fb70400159a87effcf65ee5c05790f814e | https://maven.mozilla.org/maven2/org/mozilla/telemetry/glean-native/64.3.1/… -cb1c7a04874d97c6bb1d3ba4ce009e1fde5f46225b45f6bb87559328573b530b | https://maven.mozilla.org/maven2/org/mozilla/telemetry/glean/64.3.1/glean-6… -5792a08566c294a46ea777939819154a945eeee8d5cb47d391f845d7c711013a | https://maven.mozilla.org/maven2/org/mozilla/telemetry/glean/64.3.1/glean-6… 243a64470fda0e86a6fddeb0af4c7aa9426ce84e68cbfe18d75ee5da4b7e0b92 | https://plugins.gradle.org/m2/com/almworks/sqlite4java/sqlite4java/1.0.392/… 139552c586a57bf6d98f87d6b7e23fef4db53cf74097be962f7868e3606c79d2 | https://plugins.gradle.org/m2/com/almworks/sqlite4java/sqlite4java/1.0.392/… 02a5b08a2b35d2d58eb2eaca9d84ac00fb341da725fdbd653ea3ed130437e95a | https://plugins.gradle.org/m2/com/caverock/androidsvg-aar/1.4/androidsvg-aa… ===================================== projects/glean/config ===================================== @@ -12,35 +12,37 @@ var: gradle_dependencies_version: 1 gradle_version: 8.13 -input_files: - - project: container-image - - project: '[% c("var/compiler") %]' - name: '[% c("var/compiler") %]' - # These versions of build tools and platform are not the same version needed - # by our other projects, therefore we download it only here instead of modifying - # the android-toolchain project. - - URL: 'https://dl.google.com/android/repository/build-tools_r35_linux.zip' - name: build_tools_35 - sha256sum: bd3a4966912eb8b30ed0d00b0cda6b6543b949d5ffe00bea54c04c81e1561d88 - - URL: 'https://dl.google.com/android/repository/platform-35_r02.zip' - name: platform_35 - sha256sum: 0988cacad01b38a18a47bac14a0695f246bc76c1b06c0eeb8eb0dc825ab0c8e0 - - project: gradle - name: gradle - - project: rust - name: rust - - project: uniffi-rs - name: uniffi-rs - - URL: '[% pc("glean-parser", "var/glean_wheels_url") %]' - name: glean-wheels - sha256sum: '[% pc("glean-parser", "var/glean_wheels_sha256sum") %]' - - name: cargo_vendor - project: glean - pkg_type: cargo_vendor - norec: - sha256sum: 0cb6a7093b93ecc8d8e13f02e5ec46a538b5eaf55ab027b46754bfbdeec2152e - - filename: 'gradle-dependencies-[% c("var/gradle_dependencies_version") %]' - name: gradle-dependencies - exec: '[% INCLUDE "fetch-gradle-dependencies" %]' - - filename: use-custom-gradle-repo.diff - - filename: use-uniffi-noop.diff +steps: + build: + input_files: + - project: container-image + - project: '[% c("var/compiler") %]' + name: '[% c("var/compiler") %]' + # These versions of build tools and platform are not the same version needed + # by our other projects, therefore we download it only here instead of modifying + # the android-toolchain project. + - URL: 'https://dl.google.com/android/repository/build-tools_r35_linux.zip' + name: build_tools_35 + sha256sum: bd3a4966912eb8b30ed0d00b0cda6b6543b949d5ffe00bea54c04c81e1561d88 + - URL: 'https://dl.google.com/android/repository/platform-35_r02.zip' + name: platform_35 + sha256sum: 0988cacad01b38a18a47bac14a0695f246bc76c1b06c0eeb8eb0dc825ab0c8e0 + - project: gradle + name: gradle + - project: rust + name: rust + - project: uniffi-rs + name: uniffi-rs + - URL: '[% pc("glean-parser", "var/glean_wheels_url") %]' + name: glean-wheels + sha256sum: '[% pc("glean-parser", "var/glean_wheels_sha256sum") %]' + - name: cargo_vendor + project: glean + pkg_type: cargo_vendor + norec: + sha256sum: 0cb6a7093b93ecc8d8e13f02e5ec46a538b5eaf55ab027b46754bfbdeec2152e + - filename: 'gradle-dependencies-[% c("var/gradle_dependencies_version") %]' + name: gradle-dependencies + exec: '[% INCLUDE "fetch-gradle-dependencies" %]' + - filename: use-custom-gradle-repo.diff + - filename: use-uniffi-noop.diff View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6… You're receiving this email because of your account on gitlab.torproject.org.

1 0