- tbb-commits - lists.torproject.org

[Git][tpo/applications/tor-browser][tor-browser-140.3.0esr-15.0-1] fixup! TB 44032: YEC 2025 assets.
by Pier Angelo Vendrame (＠pierov) 23 Sep '25

23 Sep '25

Pier Angelo Vendrame pushed to branch tor-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 3a71327e by Pier Angelo Vendrame at 2025-09-23T11:42:44+02:00 fixup! TB 44032: YEC 2025 assets. TB 44216: Add a workaround to font CSP assertions. - - - - - 1 changed file: - dom/security/nsContentSecurityUtils.cpp Changes: ===================================== dom/security/nsContentSecurityUtils.cpp ===================================== @@ -1883,7 +1883,7 @@ void nsContentSecurityUtils::AssertAboutPageHasCSP(Document* aDocument) { if (dir.EqualsLiteral("default-src") || dir.EqualsLiteral("object-src") || dir.EqualsLiteral("script-src") || dir.EqualsLiteral("style-src") || dir.EqualsLiteral("img-src") || dir.EqualsLiteral("media-src") || - dir.EqualsLiteral("connect-src")) { + dir.EqualsLiteral("connect-src") || dir.EqualsLiteral("font-src")) { continue; } View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/3a71327… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/3a71327… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-140.3.0esr-15.0-1] fixup! MB 213: Customize the search engines list
by Pier Angelo Vendrame (＠pierov) 23 Sep '25

23 Sep '25

Pier Angelo Vendrame pushed to branch mullvad-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Mullvad Browser Commits: aaaa4b20 by Pier Angelo Vendrame at 2025-09-23T14:38:53+02:00 fixup! MB 213: Customize the search engines list BB 44153: Add search engine tests. - - - - - 1 changed file: - toolkit/components/search/tests/xpcshell/test_base_browser.js Changes: ===================================== toolkit/components/search/tests/xpcshell/test_base_browser.js ===================================== @@ -9,10 +9,14 @@ "use strict"; const expectedURLs = { - ddg: "https://duckduckgo.com/?q=test", + leta: "https://leta.mullvad.net/?q=test", + ddg: "https://duckduckgo.com/html/?q=test", + "ddg-html": "https://html.duckduckgo.com/html?q=test", + mojeek: "https://www.mojeek.com/search?q=test", + brave: "https://search.brave.com/search?q=test", startpage: "https://www.startpage.com/sp/search?q=test", }; -const defaultEngine = "ddg"; +const defaultEngine = "leta"; add_setup(async function setup() { await Services.search.init(); View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/aaa… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/aaa… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-140.3.0esr-15.0-1] 3 commits: fixup! BB 43525: Skip Remote Settings for search engine customization.
by Pier Angelo Vendrame (＠pierov) 23 Sep '25

23 Sep '25

Pier Angelo Vendrame pushed to branch mullvad-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Mullvad Browser Commits: a9f584b7 by Pier Angelo Vendrame at 2025-09-23T14:17:55+02:00 fixup! BB 43525: Skip Remote Settings for search engine customization. BB 44153: Add tests. - - - - - 0d376fac by Pier Angelo Vendrame at 2025-09-23T14:17:56+02:00 fixup! BB 40925: Implemented the Security Level component BB 44153: Add search engine customization tests. - - - - - 5d26d127 by Pier Angelo Vendrame at 2025-09-23T14:17:57+02:00 fixup! BB 31740: Remove some unnecessary RemoteSettings instances BB 44153: Add search engine customization tests. Change where we ignore upstream's block lists as the previous mechanism made tests timeout. - - - - - 4 changed files: - toolkit/components/search/SearchService.sys.mjs - + toolkit/components/search/tests/xpcshell/test_base_browser.js - + toolkit/components/search/tests/xpcshell/test_security_level.js - toolkit/components/search/tests/xpcshell/xpcshell.toml Changes: ===================================== toolkit/components/search/SearchService.sys.mjs ===================================== @@ -4,6 +4,7 @@ /* eslint no-shadow: error, mozilla/no-aArgs: error */ +import { AppConstants } from "resource://gre/modules/AppConstants.sys.mjs"; import { XPCOMUtils } from "resource://gre/modules/XPCOMUtils.sys.mjs"; const lazy = {}; @@ -1426,6 +1427,10 @@ export class SearchService { // start listening straight away. Services.obs.addObserver(this, lazy.Region.REGION_TOPIC); + this.#getIgnoreListAndSubscribe().catch(ex => + console.error(ex, "Search Service could not get the ignore list.") + ); + this.#engineSelector = new lazy.SearchEngineSelector( this.#handleConfigurationUpdated.bind(this) ); @@ -1568,7 +1573,6 @@ export class SearchService { * handled via a sync listener. * */ - // eslint-disable-next-line no-unused-private-class-members async #getIgnoreListAndSubscribe() { let listener = this.#handleIgnoreListUpdated.bind(this); const current = await lazy.IgnoreLists.getAndSubscribe(listener); @@ -1593,6 +1597,10 @@ export class SearchService { * The event in the format received from RemoteSettings. */ async #handleIgnoreListUpdated(eventData) { + if (AppConstants.BASE_BROWSER_VERSION) { + return; + } + lazy.logConsole.debug("#handleIgnoreListUpdated"); const { data: { current }, ===================================== toolkit/components/search/tests/xpcshell/test_base_browser.js ===================================== @@ -0,0 +1,47 @@ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +/** + * This tests the SearchService to check our override of the remote settings is + * working as expected. + */ + +"use strict"; + +const expectedURLs = { + ddg: "https://duckduckgo.com/?q=test", + startpage: "https://www.startpage.com/sp/search?q=test", +}; +const defaultEngine = "ddg"; + +add_setup(async function setup() { + await Services.search.init(); +}); + +add_task(async function test_listEngines() { + const { engines } = + await Services.search.wrappedJSObject._fetchEngineSelectorEngines(); + const foundIdentifiers = engines.map(e => e.identifier); + Assert.deepEqual(foundIdentifiers, Object.keys(expectedURLs)); +}); + +add_task(async function test_default() { + Assert.equal( + (await Services.search.getDefault()).id, + defaultEngine, + `${defaultEngine} is our default search engine in normal mode.` + ); + Assert.equal( + (await Services.search.getDefaultPrivate()).id, + defaultEngine, + `${defaultEngine} is our default search engine in PBM.` + ); +}); + +add_task(function test_checkSearchURLs() { + for (const [id, url] of Object.entries(expectedURLs)) { + const engine = Services.search.getEngineById(id); + const foundUrl = engine.getSubmission("test").uri.spec; + Assert.equal(foundUrl, url, `The URL of ${engine.name} is not altered.`); + } +}); ===================================== toolkit/components/search/tests/xpcshell/test_security_level.js ===================================== @@ -0,0 +1,22 @@ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +/** + * This tests that we use the HTML version of DuckDuckGo when in the safest + * security level. + */ + +"use strict"; + +const expectedURLs = { + ddg: "https://html.duckduckgo.com/html?q=test", +}; + +add_task(async function test_securityLevel() { + await Services.search.init(); + for (const [id, url] of Object.entries(expectedURLs)) { + const engine = Services.search.getEngineById(id); + const foundUrl = engine.getSubmission("test").uri.spec; + Assert.equal(foundUrl, url, `${engine.name} is in HTML mode.`); + } +}); ===================================== toolkit/components/search/tests/xpcshell/xpcshell.toml ===================================== @@ -38,6 +38,8 @@ tags = "remote-settings" ["test_async.js"] +["test_base_browser.js"] + ["test_configExpansion.js"] support-files = [ "../../schema/search-config-v2-schema.json", @@ -199,6 +201,9 @@ support-files = [ ["test_searchUrlDomain.js"] +["test_security_level.js"] +prefs = ["browser.security_level.security_slider=1"] + ["test_selectedEngine.js"] ["test_sendSubmissionURL.js"] View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/bb… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/bb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-140.3.0esr-15.0-1] 3 commits: fixup! BB 43525: Skip Remote Settings for search engine customization.
by Pier Angelo Vendrame (＠pierov) 23 Sep '25

23 Sep '25

Pier Angelo Vendrame pushed to branch base-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 825dd0b0 by Pier Angelo Vendrame at 2025-09-23T14:15:22+02:00 fixup! BB 43525: Skip Remote Settings for search engine customization. BB 44153: Add tests. - - - - - 53431beb by Pier Angelo Vendrame at 2025-09-23T14:15:36+02:00 fixup! BB 40925: Implemented the Security Level component BB 44153: Add search engine customization tests. - - - - - f9f42b6d by Pier Angelo Vendrame at 2025-09-23T14:15:48+02:00 fixup! BB 31740: Remove some unnecessary RemoteSettings instances BB 44153: Add search engine customization tests. Change where we ignore upstream's block lists as the previous mechanism made tests timeout. - - - - - 4 changed files: - toolkit/components/search/SearchService.sys.mjs - + toolkit/components/search/tests/xpcshell/test_base_browser.js - + toolkit/components/search/tests/xpcshell/test_security_level.js - toolkit/components/search/tests/xpcshell/xpcshell.toml Changes: ===================================== toolkit/components/search/SearchService.sys.mjs ===================================== @@ -4,6 +4,7 @@ /* eslint no-shadow: error, mozilla/no-aArgs: error */ +import { AppConstants } from "resource://gre/modules/AppConstants.sys.mjs"; import { XPCOMUtils } from "resource://gre/modules/XPCOMUtils.sys.mjs"; const lazy = {}; @@ -1426,6 +1427,10 @@ export class SearchService { // start listening straight away. Services.obs.addObserver(this, lazy.Region.REGION_TOPIC); + this.#getIgnoreListAndSubscribe().catch(ex => + console.error(ex, "Search Service could not get the ignore list.") + ); + this.#engineSelector = new lazy.SearchEngineSelector( this.#handleConfigurationUpdated.bind(this) ); @@ -1568,7 +1573,6 @@ export class SearchService { * handled via a sync listener. * */ - // eslint-disable-next-line no-unused-private-class-members async #getIgnoreListAndSubscribe() { let listener = this.#handleIgnoreListUpdated.bind(this); const current = await lazy.IgnoreLists.getAndSubscribe(listener); @@ -1593,6 +1597,10 @@ export class SearchService { * The event in the format received from RemoteSettings. */ async #handleIgnoreListUpdated(eventData) { + if (AppConstants.BASE_BROWSER_VERSION) { + return; + } + lazy.logConsole.debug("#handleIgnoreListUpdated"); const { data: { current }, ===================================== toolkit/components/search/tests/xpcshell/test_base_browser.js ===================================== @@ -0,0 +1,47 @@ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +/** + * This tests the SearchService to check our override of the remote settings is + * working as expected. + */ + +"use strict"; + +const expectedURLs = { + ddg: "https://duckduckgo.com/?q=test", + startpage: "https://www.startpage.com/sp/search?q=test", +}; +const defaultEngine = "ddg"; + +add_setup(async function setup() { + await Services.search.init(); +}); + +add_task(async function test_listEngines() { + const { engines } = + await Services.search.wrappedJSObject._fetchEngineSelectorEngines(); + const foundIdentifiers = engines.map(e => e.identifier); + Assert.deepEqual(foundIdentifiers, Object.keys(expectedURLs)); +}); + +add_task(async function test_default() { + Assert.equal( + (await Services.search.getDefault()).id, + defaultEngine, + `${defaultEngine} is our default search engine in normal mode.` + ); + Assert.equal( + (await Services.search.getDefaultPrivate()).id, + defaultEngine, + `${defaultEngine} is our default search engine in PBM.` + ); +}); + +add_task(function test_checkSearchURLs() { + for (const [id, url] of Object.entries(expectedURLs)) { + const engine = Services.search.getEngineById(id); + const foundUrl = engine.getSubmission("test").uri.spec; + Assert.equal(foundUrl, url, `The URL of ${engine.name} is not altered.`); + } +}); ===================================== toolkit/components/search/tests/xpcshell/test_security_level.js ===================================== @@ -0,0 +1,22 @@ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +/** + * This tests that we use the HTML version of DuckDuckGo when in the safest + * security level. + */ + +"use strict"; + +const expectedURLs = { + ddg: "https://html.duckduckgo.com/html?q=test", +}; + +add_task(async function test_securityLevel() { + await Services.search.init(); + for (const [id, url] of Object.entries(expectedURLs)) { + const engine = Services.search.getEngineById(id); + const foundUrl = engine.getSubmission("test").uri.spec; + Assert.equal(foundUrl, url, `${engine.name} is in HTML mode.`); + } +}); ===================================== toolkit/components/search/tests/xpcshell/xpcshell.toml ===================================== @@ -38,6 +38,8 @@ tags = "remote-settings" ["test_async.js"] +["test_base_browser.js"] + ["test_configExpansion.js"] support-files = [ "../../schema/search-config-v2-schema.json", @@ -199,6 +201,9 @@ support-files = [ ["test_searchUrlDomain.js"] +["test_security_level.js"] +prefs = ["browser.security_level.security_slider=1"] + ["test_selectedEngine.js"] ["test_sendSubmissionURL.js"] View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/8893f4… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/8893f4… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.3.0esr-15.0-1] 5 commits: dropme! TB 42891: Set the bundled search engine for Tor Browser.
by Pier Angelo Vendrame (＠pierov) 23 Sep '25

23 Sep '25

Pier Angelo Vendrame pushed to branch tor-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: b17d862b by Pier Angelo Vendrame at 2025-09-23T11:34:13+02:00 dropme! TB 42891: Set the bundled search engine for Tor Browser. Temporarily restore the Base Browser search engine configuration for running tests on it. - - - - - b1f4f5aa by Pier Angelo Vendrame at 2025-09-23T11:34:16+02:00 fixup! BB 43525: Skip Remote Settings for search engine customization. BB 44153: Add tests. - - - - - 030d4788 by Pier Angelo Vendrame at 2025-09-23T11:34:17+02:00 fixup! BB 40925: Implemented the Security Level component BB 44153: Add search engine customization tests. - - - - - cb434512 by Pier Angelo Vendrame at 2025-09-23T11:34:18+02:00 fixup! TB 42891: Set the bundled search engine for Tor Browser. BB 44153: Add search engine customization tests. - - - - - 2901ed30 by Pier Angelo Vendrame at 2025-09-23T11:34:19+02:00 fixup! BB 31740: Remove some unnecessary RemoteSettings instances BB 44153: Add search engine customization tests. Change where we ignore upstream's block lists as the previous mechanism made tests timeout. - - - - - 5 changed files: - toolkit/components/search/SearchService.sys.mjs - toolkit/components/search/content/base-browser-search-engines.json - + toolkit/components/search/tests/xpcshell/test_base_browser.js - + toolkit/components/search/tests/xpcshell/test_security_level.js - toolkit/components/search/tests/xpcshell/xpcshell.toml Changes: ===================================== toolkit/components/search/SearchService.sys.mjs ===================================== @@ -4,6 +4,7 @@ /* eslint no-shadow: error, mozilla/no-aArgs: error */ +import { AppConstants } from "resource://gre/modules/AppConstants.sys.mjs"; import { XPCOMUtils } from "resource://gre/modules/XPCOMUtils.sys.mjs"; const lazy = {}; @@ -1426,6 +1427,10 @@ export class SearchService { // start listening straight away. Services.obs.addObserver(this, lazy.Region.REGION_TOPIC); + this.#getIgnoreListAndSubscribe().catch(ex => + console.error(ex, "Search Service could not get the ignore list.") + ); + this.#engineSelector = new lazy.SearchEngineSelector( this.#handleConfigurationUpdated.bind(this) ); @@ -1568,7 +1573,6 @@ export class SearchService { * handled via a sync listener. * */ - // eslint-disable-next-line no-unused-private-class-members async #getIgnoreListAndSubscribe() { let listener = this.#handleIgnoreListUpdated.bind(this); const current = await lazy.IgnoreLists.getAndSubscribe(listener); @@ -1593,6 +1597,10 @@ export class SearchService { * The event in the format received from RemoteSettings. */ async #handleIgnoreListUpdated(eventData) { + if (AppConstants.BASE_BROWSER_VERSION) { + return; + } + lazy.logConsole.debug("#handleIgnoreListUpdated"); const { data: { current }, ===================================== toolkit/components/search/content/base-browser-search-engines.json ===================================== @@ -37,7 +37,7 @@ }, { "base": { - "aliases": ["startpage"], + "aliases": ["startpage", "sp"], "classification": "general", "name": "Startpage", "urls": { ===================================== toolkit/components/search/tests/xpcshell/test_base_browser.js ===================================== @@ -0,0 +1,52 @@ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +/** + * This tests the SearchService to check our override of the remote settings is + * working as expected. + */ + +"use strict"; + +const expectedURLs = { + ddg: "https://duckduckgo.com/?q=test", + "ddg-onion": + "https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/?q=t…", + startpage: "https://www.startpage.com/sp/search?q=test", + "startpage-onion": + "http://startpagel6srwcjlue4zgq3zevrujfaow726kjytqbbjyrswwmjzcqd.onion/sp/se…", + wikipedia: "https://en.wikipedia.org/wiki/Special:Search?search=test", +}; +const defaultEngine = "ddg"; + +add_setup(async function setup() { + await Services.search.init(); +}); + +add_task(async function test_listEngines() { + const { engines } = + await Services.search.wrappedJSObject._fetchEngineSelectorEngines(); + const foundIdentifiers = engines.map(e => e.identifier); + Assert.deepEqual(foundIdentifiers, Object.keys(expectedURLs)); +}); + +add_task(async function test_default() { + Assert.equal( + (await Services.search.getDefault()).id, + defaultEngine, + `${defaultEngine} is our default search engine in normal mode.` + ); + Assert.equal( + (await Services.search.getDefaultPrivate()).id, + defaultEngine, + `${defaultEngine} is our default search engine in PBM.` + ); +}); + +add_task(function test_checkSearchURLs() { + for (const [id, url] of Object.entries(expectedURLs)) { + const engine = Services.search.getEngineById(id); + const foundUrl = engine.getSubmission("test").uri.spec; + Assert.equal(foundUrl, url, `The URL of ${engine.name} is not altered.`); + } +}); ===================================== toolkit/components/search/tests/xpcshell/test_security_level.js ===================================== @@ -0,0 +1,24 @@ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +/** + * This tests that we use the HTML version of DuckDuckGo when in the safest + * security level. + */ + +"use strict"; + +const expectedURLs = { + ddg: "https://html.duckduckgo.com/html?q=test", + "ddg-onion": + "https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/html…", +}; + +add_task(async function test_securityLevel() { + await Services.search.init(); + for (const [id, url] of Object.entries(expectedURLs)) { + const engine = Services.search.getEngineById(id); + const foundUrl = engine.getSubmission("test").uri.spec; + Assert.equal(foundUrl, url, `${engine.name} is in HTML mode.`); + } +}); ===================================== toolkit/components/search/tests/xpcshell/xpcshell.toml ===================================== @@ -38,6 +38,8 @@ tags = "remote-settings" ["test_async.js"] +["test_base_browser.js"] + ["test_configExpansion.js"] support-files = [ "../../schema/search-config-v2-schema.json", @@ -199,6 +201,9 @@ support-files = [ ["test_searchUrlDomain.js"] +["test_security_level.js"] +prefs = ["browser.security_level.security_slider=1"] + ["test_selectedEngine.js"] ["test_sendSubmissionURL.js"] View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/c62f5d… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/c62f5d… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] 2 commits: Bug 41569: Include the channel name on .desktop files.
by Pier Angelo Vendrame (＠pierov) 22 Sep '25

22 Sep '25

Pier Angelo Vendrame pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: fc1adf49 by Pier Angelo Vendrame at 2025-09-22T18:53:24+02:00 Bug 41569: Include the channel name on .desktop files. But only for alpha/nightly. - - - - - 2f802636 by Pier Angelo Vendrame at 2025-09-22T18:53:24+02:00 Bug 41558: Share descriptions between Linux packages and archives. - - - - - 5 changed files: - projects/browser/RelativeLink/start-browser - projects/browser/RelativeLink/start-browser.desktop - projects/linux-packages/browser.desktop.in - projects/linux-packages/config - rbm.conf Changes: ===================================== projects/browser/RelativeLink/start-browser ===================================== @@ -241,7 +241,7 @@ if test -z "$system_install"; then # Fix up .desktop Icon and Exec Paths, and update the .desktop file from the # canonical version if it was changed by the updater. cp start-[% c('var/project-name') %].desktop ../ - sed -i -e "s,^Name=.*,Name=[% c('var/Project_Name') %],g" ../start-[% c('var/project-name') %].desktop + sed -i -e "s,^Name=.*,Name=[% c('var/display_name') %],g" ../start-[% c('var/project-name') %].desktop sed -i -e "s,^Icon=.*,Icon=$PWD/browser/chrome/icons/default/default128.png,g" ../start-[% c('var/project-name') %].desktop sed -i -e "s,^Icon=.*,Icon=$PWD/browser/chrome/icons/default/default128.png,g" start-[% c('var/project-name') %].desktop sed -i -e "s,^Exec=.*,Exec=sh -c '\"$PWD/start-[% c('var/project-name') %]\" || ([ ! -x \"$PWD/start-[% c('var/project-name') %]\" ] \&\& \"\$(dirname \"\$*\")\"/Browser/start-[% c('var/project-name') %])' dummy %k,g" ../start-[% c('var/project-name') %].desktop ===================================== projects/browser/RelativeLink/start-browser.desktop ===================================== @@ -24,9 +24,9 @@ [Desktop Entry] Type=Application -Name=[% c("var/Project_Name") %] Setup +Name=[% c("var/display_name") %] Setup GenericName=Web Browser -Comment=[% c("var/Project_Name") %] is +1 for privacy and −1 for mass surveillance +Comment=[% c("var/project_description") %] Categories=Network;WebBrowser;Security; Exec=sh -c '"$(dirname "$*")"/Browser/start-[% c("var/project-name") %] || ([ ! -x "$(dirname "$*")"/Browser/start-[% c("var/project-name") %] ] && "$(dirname "$*")"/start-[% c("var/project-name") %])' dummy %k X-[% c("var/ProjectName") %]-ExecShell=./Browser/start-[% c("var/project-name") %] --detach ===================================== projects/linux-packages/browser.desktop.in ===================================== @@ -1,7 +1,7 @@ [Desktop Entry] Version=1.0 Type=Application -Name=[% c("var/Project_Name") %] +Name=[% c("var/display_name") %] GenericName=Web Browser Comment=[% c("var/system_pkg/pkg_description") %] Categories=Network;WebBrowser; ===================================== projects/linux-packages/config ===================================== @@ -11,7 +11,7 @@ var: pkg_name: '[% c("var/project-name") %]-[% c("var/channel") %]' pkg_version: '[% c("var/torbrowser_version") %]' pkg_revision: '1' - pkg_description: '[% c("var/display_name") %]' + pkg_description: '[% c("var/project_description") %]' deb_release_date: '[% USE date; date.format(c("timestamp"), format = "%a, %d %b %Y 01:02:03 +0000", locale = "en_US") %]' # https://spdx.github.io/spdx-spec/v2.3/SPDX-license-expressions/ spdx_license: 'MPL-2.0 AND GPL-3.0-or-later AND OFL-1.1 AND Apache-2.0[% IF c("var/tor-browser") %] AND BSD-3-Clause AND CC0-1.0 AND MIT[% END %]' @@ -122,7 +122,6 @@ targets: var: browser_type: torbrowser system_pkg: - pkg_description: 'Tor Browser is a privacy-focused web browser designed to minimize tracking and fingerprinting, using the Tor network to protect your privacy and anonymity.' pkg_url: 'https://torproject.org/' basebrowser: var: @@ -131,7 +130,6 @@ targets: var: browser_type: mullvadbrowser system_pkg: - pkg_description: 'Mullvad Browser is a privacy-focused web browser designed to minimize tracking and fingerprinting.' pkg_url: 'https://mullvad.net/browser' release: ===================================== rbm.conf ===================================== @@ -348,6 +348,7 @@ targets: Project_Name: 'Tor Browser' ProjectName: TorBrowser project_initials: tb + project_description: 'Tor Browser is a privacy-focused web browser designed to minimize tracking and fingerprinting, using the Tor network to protect your privacy and anonymity.' basebrowser: var: @@ -366,6 +367,7 @@ targets: Project_Name: 'Mullvad Browser' ProjectName: MullvadBrowser project_initials: mb + project_description: 'Mullvad Browser is a privacy-focused web browser designed to minimize tracking and fingerprinting.' exe_name: mullvadbrowser mar_channel_id: '[% c("var/projectname") %]-mullvad-[% c("var/channel") %]' locales: View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 44167: Drop the nsis-uninstall patch
by boklm (＠boklm) 22 Sep '25

22 Sep '25

boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 8504804a by Beatriz Rizental at 2025-09-22T17:42:15+02:00 Bug 44167: Drop the nsis-uninstall patch - - - - - 3 changed files: - projects/firefox/build - projects/firefox/config - − projects/firefox/nsis-uninstall.patch Changes: ===================================== projects/firefox/build ===================================== @@ -78,7 +78,6 @@ MOZCONFIG_EOF [% IF c("var/windows") -%] # Make sure widl is not inserting random timestamps, see #21837. export WIDL_TIME_OVERRIDE="0" - patch -p1 < $rootdir/nsis-uninstall.patch # mingw-w64 does not support SEH on 32bit systems. Be explicit about that. export LDFLAGS="[% c('var/flag_noSEH') %]" [% END -%] ===================================== projects/firefox/config ===================================== @@ -195,8 +195,6 @@ input_files: enable: '[% c("var/has_l10n") && c("var/tor-browser") %]' - filename: fix-info-plist.py enable: '[% c("var/macos") %]' - - filename: nsis-uninstall.patch - enable: '[% c("var/windows") %]' - project: rust name: rust - project: cbindgen ===================================== projects/firefox/nsis-uninstall.patch deleted ===================================== @@ -1,40 +0,0 @@ -From 67c1d7d66d99494102832e12059a84fa439c88e0 Mon Sep 17 00:00:00 2001 -From: Sukhbir Singh <sukhbir(a)torproject.org> -Date: Tue, 12 Jun 2018 21:58:24 -0400 -Subject: [PATCH] Bug 26205: Don't build the uninstaller for Windows during - Firefox compilation - - -diff --git a/browser/Makefile.in b/browser/Makefile.in -index 364f590f5116d..6bda1c5aadaac 100644 ---- a/browser/Makefile.in -+++ b/browser/Makefile.in -@@ -6,10 +6,6 @@ include $(topsrcdir)/config/rules.mk - - ifdef MAKENSISU - --# For Windows build the uninstaller during the application build since the --# uninstaller is included with the application for mar file generation. --libs:: -- $(MAKE) -C installer/windows uninstaller - ifdef ENABLE_TESTS - $(MAKE) -C installer/windows install_deps - endif #ENABLE_TESTS -diff --git a/browser/installer/Makefile.in b/browser/installer/Makefile.in -index 3827c46cefa8e..f10451b8cada4 100644 ---- a/browser/installer/Makefile.in -+++ b/browser/installer/Makefile.in -@@ -88,10 +88,6 @@ ifdef NECKO_WIFI - DEFINES += -DNECKO_WIFI - endif - --ifdef MAKENSISU --DEFINES += -DHAVE_MAKENSISU=1 --endif -- - ifdef MOZ_DEFAULT_BROWSER_AGENT - DEFINES += -DMOZ_DEFAULT_BROWSER_AGENT=1 - endif --- -2.27.0 - View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/8… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/8… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-140.3.0esr-15.0-1] BB 44167: Don't build the uninstaller for Windows during Firefox compilation
by boklm (＠boklm) 22 Sep '25

22 Sep '25

boklm pushed to branch mullvad-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Mullvad Browser Commits: bbdd37bf by Sukhbir Singh at 2025-09-22T17:54:17+02:00 BB 44167: Don't build the uninstaller for Windows during Firefox compilation - - - - - 2 changed files: - browser/Makefile.in - browser/installer/Makefile.in Changes: ===================================== browser/Makefile.in ===================================== @@ -6,10 +6,6 @@ include $(topsrcdir)/config/rules.mk ifdef MAKENSISU -# For Windows build the uninstaller during the application build since the -# uninstaller is included with the application for mar file generation. -libs:: - $(MAKE) -C installer/windows uninstaller ifdef ENABLE_TESTS $(MAKE) -C installer/windows install_deps endif #ENABLE_TESTS ===================================== browser/installer/Makefile.in ===================================== @@ -88,10 +88,6 @@ ifdef NECKO_WIFI DEFINES += -DNECKO_WIFI endif -ifdef MAKENSISU -DEFINES += -DHAVE_MAKENSISU=1 -endif - ifdef MOZ_DEFAULT_BROWSER_AGENT DEFINES += -DMOZ_DEFAULT_BROWSER_AGENT=1 endif View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/bbd… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/bbd… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-140.3.0esr-15.0-1] BB 44167: Don't build the uninstaller for Windows during Firefox compilation
by boklm (＠boklm) 22 Sep '25

22 Sep '25

boklm pushed to branch base-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 8893f4a4 by Sukhbir Singh at 2025-09-22T17:52:11+02:00 BB 44167: Don't build the uninstaller for Windows during Firefox compilation - - - - - 2 changed files: - browser/Makefile.in - browser/installer/Makefile.in Changes: ===================================== browser/Makefile.in ===================================== @@ -6,10 +6,6 @@ include $(topsrcdir)/config/rules.mk ifdef MAKENSISU -# For Windows build the uninstaller during the application build since the -# uninstaller is included with the application for mar file generation. -libs:: - $(MAKE) -C installer/windows uninstaller ifdef ENABLE_TESTS $(MAKE) -C installer/windows install_deps endif #ENABLE_TESTS ===================================== browser/installer/Makefile.in ===================================== @@ -88,10 +88,6 @@ ifdef NECKO_WIFI DEFINES += -DNECKO_WIFI endif -ifdef MAKENSISU -DEFINES += -DHAVE_MAKENSISU=1 -endif - ifdef MOZ_DEFAULT_BROWSER_AGENT DEFINES += -DMOZ_DEFAULT_BROWSER_AGENT=1 endif View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/8893f4a… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/8893f4a… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.3.0esr-15.0-1] BB 44167: Don't build the uninstaller for Windows during Firefox compilation
by boklm (＠boklm) 22 Sep '25

22 Sep '25

boklm pushed to branch tor-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: c62f5d22 by Sukhbir Singh at 2025-09-22T17:49:17+02:00 BB 44167: Don't build the uninstaller for Windows during Firefox compilation - - - - - 2 changed files: - browser/Makefile.in - browser/installer/Makefile.in Changes: ===================================== browser/Makefile.in ===================================== @@ -6,10 +6,6 @@ include $(topsrcdir)/config/rules.mk ifdef MAKENSISU -# For Windows build the uninstaller during the application build since the -# uninstaller is included with the application for mar file generation. -libs:: - $(MAKE) -C installer/windows uninstaller ifdef ENABLE_TESTS $(MAKE) -C installer/windows install_deps endif #ENABLE_TESTS ===================================== browser/installer/Makefile.in ===================================== @@ -88,10 +88,6 @@ ifdef NECKO_WIFI DEFINES += -DNECKO_WIFI endif -ifdef MAKENSISU -DEFINES += -DHAVE_MAKENSISU=1 -endif - ifdef MOZ_DEFAULT_BROWSER_AGENT DEFINES += -DMOZ_DEFAULT_BROWSER_AGENT=1 endif View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/c62f5d2… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/c62f5d2… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-140.3.0esr-15.0-1] fixup! Firefox preference overrides.
by Pier Angelo Vendrame (＠pierov) 22 Sep '25

22 Sep '25

Pier Angelo Vendrame pushed to branch mullvad-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Mullvad Browser Commits: 956d63e7 by Pier Angelo Vendrame at 2025-09-22T17:32:01+02:00 fixup! Firefox preference overrides. BB 44187: Disable TLS session tickets. They are not available in PBM. - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -167,6 +167,10 @@ pref("security.ssl3.dhe_rsa_aes_256_sha", false, locked); // See tor-browser#40565. pref("security.tls.version.enable-deprecated", false, locked); +// tor-browser#44187: Disable session identifiers to make PBM and normal mode +// more similar. +pref("security.ssl.disable_session_identifiers", true); + // Misc privacy: Remote pref("browser.send_pings", false); // Space separated list of URLs that are allowed to send objects (instead of View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/956… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/956… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-140.3.0esr-15.0-1] fixup! Firefox preference overrides.
by Pier Angelo Vendrame (＠pierov) 22 Sep '25

22 Sep '25

Pier Angelo Vendrame pushed to branch base-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: b744cadf by Pier Angelo Vendrame at 2025-09-22T17:31:18+02:00 fixup! Firefox preference overrides. BB 44187: Disable TLS session tickets. They are not available in PBM. - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -167,6 +167,10 @@ pref("security.ssl3.dhe_rsa_aes_256_sha", false, locked); // See tor-browser#40565. pref("security.tls.version.enable-deprecated", false, locked); +// tor-browser#44187: Disable session identifiers to make PBM and normal mode +// more similar. +pref("security.ssl.disable_session_identifiers", true); + // Misc privacy: Remote pref("browser.send_pings", false); // Space separated list of URLs that are allowed to send objects (instead of View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/b744cad… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/b744cad… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.3.0esr-15.0-1] fixup! Firefox preference overrides.
by Pier Angelo Vendrame (＠pierov) 22 Sep '25

22 Sep '25

Pier Angelo Vendrame pushed to branch tor-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 360ba8c6 by Pier Angelo Vendrame at 2025-09-22T16:28:36+02:00 fixup! Firefox preference overrides. BB 44187: Disable TLS session tickets. They are not available in PBM. - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -167,6 +167,10 @@ pref("security.ssl3.dhe_rsa_aes_256_sha", false, locked); // See tor-browser#40565. pref("security.tls.version.enable-deprecated", false, locked); +// tor-browser#44187: Disable session identifiers to make PBM and normal mode +// more similar. +pref("security.ssl.disable_session_identifiers", true); + // Misc privacy: Remote pref("browser.send_pings", false); // Space separated list of URLs that are allowed to send objects (instead of View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/360ba8c… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/360ba8c… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41568: Update instructions for manually building 7zip
by boklm (＠boklm) 22 Sep '25

22 Sep '25

boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: b96ce013 by Nicolas Vigier at 2025-09-22T16:12:07+02:00 Bug 41568: Update instructions for manually building 7zip - - - - - 1 changed file: - tools/dmg2mar Changes: ===================================== tools/dmg2mar ===================================== @@ -5,28 +5,29 @@ # mar files. After code signing the dmg files, this script can be used # to update the mar files. # -# A recent version of p7zip is required to extract the dmg files, such -# as 15.14. The version in Debian Jessie (9.20) is not recent enough. -# It is possible to install the p7zip-full package from Debian testing, -# or build p7zip from sources: -# $ p7zipdir=/some_directory/p7zip +# A recent version of 7zip is required to extract the dmg files +# compressed with lzma, such as 24.09. If your distribution does not +# provide a recent version of 7zip, it is possible to build it from +# sources: +# $ p7zipdir=/some_directory/7zip # $ mkdir $p7zipdir # $ cd $p7zipdir -# $ wget http://snapshot.debian.org/archive/debian/20160417T044336Z/pool/main/p/p7zi… -# $ echo 'e9e696e2fa77b00445a4d85fa07506debeae01943fdc1bee1472152d7d1386af p7zip_15.14.1+dfsg.orig.tar.xz' | sha256sum -c -# $ wget http://snapshot.debian.org/archive/debian/20160515T161830Z/pool/main/p/p7zi… -# $ echo 'f4db6803535fc30b6ae9db5aabfd9f57a851c6773d72073847ec5e3731b7af37 p7zip_15.14.1+dfsg-2.debian.tar.xz' | sha256sum -c -# $ tar xvf p7zip_15.14.1+dfsg-2.debian.tar.xz -# $ tar xvf p7zip_15.14.1+dfsg.orig.tar.xz -# $ cd p7zip_15.14.1/ -# $ for patch in $(cat ../debian/patches/series ); do patch -p1 < ../debian/patches/$patch; done -# $ make 7z -# $ mkdir $p7zipdir/bin -# $ echo '#!/bin/sh' > $p7zipdir/bin/7z -# $ echo "export LD_LIBRARY_PATH=$PWD/bin" >> $p7zipdir/bin/7z -# $ echo "exec $PWD/bin/7z "'"$@"' >> $p7zipdir/bin/7z -# $ chmod +x $p7zipdir/bin/7z -# $ export "PATH=$p7zipdir/bin:$PATH" +# $ wget http://deb.debian.org/debian/pool/main/7/7zip/7zip_24.09+dfsg.orig.tar.xz +# $ echo 'bd5c61a206a83a5950410608df204550cab97e8609b62f9d7c368aaa682d649b 7zip_24.09+dfsg.orig.tar.xz' | sha256sum -c +# $ wget http://deb.debian.org/debian/pool/main/7/7zip/7zip_24.09+dfsg-8.debian.tar.… +# $ echo '1615b151dcddc861fbebc2fd418fd857d0704b1951a6f01384066756ae0ef25b 7zip_24.09+dfsg-8.debian.tar.xz' | sha256sum -c +# $ mkdir 7zip +# $ cd 7zip +# $ tar xvf ../7zip_24.09+dfsg.orig.tar.xz +# $ tar xvf ../7zip_24.09+dfsg-8.debian.tar.xz +# $ for patch in $(cat debian/patches/series ); do patch -p1 < debian/patches/$patch; done +# $ make -C CPP/7zip/Bundles/Alone2 -j 2 -f makefile.gcc DISABLE_RAR=1 +# $ bindir=~/mbin +# $ mkdir -p $bindir +# $ echo '#!/bin/sh' > $bindir/7z +# $ echo "exec $PWD/CPP/7zip/Bundles/Alone2/_o/7zz "'"$@"' >> $bindir/7z +# $ chmod +x $bindir/7z +# $ export "PATH=$bindir:$PATH" use strict; use Capture::Tiny qw(capture); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/b… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/b… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] 2 commits: Bug 44162: Move setup of dmg tools to a function
by boklm (＠boklm) 22 Sep '25

22 Sep '25

boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: c71f868f by Nicolas Vigier at 2025-09-19T13:57:23+02:00 Bug 44162: Move setup of dmg tools to a function Move the setup of dmg tools from gatekeeper-bundling.sh to a function, so we can re-use it in other scripts. - - - - - c24ab3b9 by hackademix at 2025-09-22T16:04:56+02:00 Bug 44162: Work-around to prevent older 7z versions to break rcodesign. Co-authored-by: Nicolas Vigier <boklm(a)torproject.org> - - - - - 7 changed files: - tools/signing/do-all-signing - + tools/signing/extract-dmg - + tools/signing/extract-dmg.mullvadbrowser - + tools/signing/extract-dmg.torbrowser - tools/signing/functions - tools/signing/gatekeeper-bundling.sh - tools/signing/linux-signer-rcodesign-sign Changes: ===================================== tools/signing/do-all-signing ===================================== @@ -99,6 +99,10 @@ function clean-build-artifacts { "$script_dir/clean-build-artifacts" } +function extract-dmg { + "$script_dir/extract-dmg" +} + function sync-before-linux-signer-rcodesign-sign { "$script_dir/sync-local-to-linux-signer" } @@ -245,6 +249,8 @@ do_step set-time-on-signing-machine do_step wait-for-finished-build do_step sync-builder-unsigned-to-local-signed do_step clean-build-artifacts +[ -n "$platform_macos" ] && \ + do_step extract-dmg do_step sync-scripts-to-linux-signer do_step sync-before-linux-signer-rcodesign-sign [ -n "$platform_macos" ] && \ ===================================== tools/signing/extract-dmg ===================================== @@ -0,0 +1,12 @@ +#!/bin/bash +set -e +script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) +source "$script_dir/functions" + +setup_dmg_tools + +# extract the hfs from the dmg archive preemptively to avoid an obsolete +# 7z version to break the rcodesign step +archive="$signed_version_dir/$(project-name)-macos-${tbb_version}" +dmg extract "$archive.dmg" "$archive.hfs" 0 +rm -f "$archive.dmg" ===================================== tools/signing/extract-dmg.mullvadbrowser ===================================== @@ -0,0 +1 @@ +extract-dmg \ No newline at end of file ===================================== tools/signing/extract-dmg.torbrowser ===================================== @@ -0,0 +1 @@ +extract-dmg \ No newline at end of file ===================================== tools/signing/functions ===================================== @@ -83,4 +83,24 @@ function rbm_showconf_boolean { echo '1' } +function setup_dmg_tools { + dmgtools_dir=$(mktemp -d) + trap "rm -Rf $dmgtools_dir" EXIT + local libdmg_file="$script_dir/../../out/libdmg-hfsplus/libdmg-hfsplus-d6287b5afc24-6f206c.tar.zst" + test -f "$libdmg_file" || \ + exit_error "$libdmg_file is missing." \ + "You can build it with:" \ + " ./rbm/rbm build --target no_containers libdmg-hfsplus" \ + "See var/deps in projects/libdmg-hfsplus/config for the list of build dependencies" + local hfstools_file="$script_dir/../../out/hfsplus-tools/hfsplus-tools-540.1.linux3-2acaa4.tar.zst" + test -f "$hfstools_file" || \ + exit_error "$hfstools_file is missing." \ + "You can build it with:" \ + " ./rbm/rbm build --target no_containers hfsplus-tools" \ + "You will need the clang and uuid-dev packages installed" + tar -C "$dmgtools_dir" -xf "$libdmg_file" + tar -C "$dmgtools_dir" -xf "$hfstools_file" + export PATH="$PATH:$dmgtools_dir/libdmg-hfsplus:$dmgtools_dir/hfsplus-tools" +} + . "$script_dir/set-config" ===================================== tools/signing/gatekeeper-bundling.sh ===================================== @@ -39,18 +39,8 @@ test -f $faketime_path || \ exit_error "$faketime_path is missing" test -d $macos_stapled_dir || \ exit_error "The stapled macos zip files should be placed in directory $macos_stapled_dir" -libdmg_file="$script_dir/../../out/libdmg-hfsplus/libdmg-hfsplus-d6287b5afc24-6f206c.tar.zst" -test -f "$libdmg_file" || \ - exit_error "$libdmg_file is missing." \ - "You can build it with:" \ - " ./rbm/rbm build --target no_containers libdmg-hfsplus" \ - "See var/deps in projects/libdmg-hfsplus/config for the list of build dependencies" -hfstools_file="$script_dir/../../out/hfsplus-tools/hfsplus-tools-540.1.linux3-2acaa4.tar.zst" -test -f "$hfstools_file" || \ - exit_error "$hfstools_file is missing." \ - "You can build it with:" \ - " ./rbm/rbm build --target no_containers hfsplus-tools" \ - "You will need the clang and uuid-dev packages installed" + +setup_dmg_tools ProjName=$(ProjectName) Proj_Name=$(Project_Name) @@ -66,10 +56,6 @@ rm -Rf "$tmpdir" mkdir "$tmpdir" cp -rT "$script_dir/../../projects/common/dmg-root/$ProjName.dmg" "$tmpdir/dmg" -tar -C "$tmpdir" -xf "$libdmg_file" -tar -C "$tmpdir" -xf "$hfstools_file" -export PATH="$PATH:$tmpdir/libdmg-hfsplus:$tmpdir/hfsplus-tools" - cd $tmpdir/dmg cp ${tbb_version_type}.DS_Store .DS_Store @@ -84,3 +70,5 @@ rm -Rf "$tmpdir" # move the signed+stapled dmgs to expected output directory for publishing and mar generation mv -vf "$macos_signed_dir"/"${proj_name}"-*.dmg "$signed_version_dir"/ +# Remove hfs file created in extract-dmg +rm -f "$signed_version_dir"/"${proj_name}"-*.hfs ===================================== tools/signing/linux-signer-rcodesign-sign ===================================== @@ -19,5 +19,8 @@ destdir=~/"$SIGNING_PROJECTNAME-$tbb_version-macos-signed" mkdir -p $destdir rm -f "$destdir/$output_file" -sudo -u signing-macos -- /signing/tor-browser-build/tools/signing/wrappers/sign-rcodesign-128 ~/"$SIGNING_PROJECTNAME-$tbb_version"/$(project-name)-macos-${tbb_version}.dmg "$display_name" +volume=~/"$SIGNING_PROJECTNAME-$tbb_version"/"$(project-name)-macos-${tbb_version}.hfs" +echo "Using $volume" +sudo -u signing-macos -- /signing/tor-browser-build/tools/signing/wrappers/sign-rcodesign-128 "$volume" "$display_name" cp "/home/signing-macos/last-signed-$display_name.tar.zst" "$destdir/$output_file" +rm -f "$volume" View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-140.3.0esr-15.0-1] fixup! BB 31575: Disable Firefox Home (Activity Stream)
by morgan (＠morgan) 22 Sep '25

22 Sep '25

morgan pushed to branch mullvad-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Mullvad Browser Commits: f574e094 by Henry Wilkes at 2025-09-22T13:55:33+00:00 fixup! BB 31575: Disable Firefox Home (Activity Stream) TB 44215: Hide Firefox home settings. - - - - - 1 changed file: - browser/components/preferences/home.inc.xhtml Changes: ===================================== browser/components/preferences/home.inc.xhtml ===================================== @@ -92,6 +92,7 @@ <groupbox id="homeContentsGroup" data-category="paneHome" data-subcategory="contents" + data-hidden-from-search="true" hidden="true"> <label><html:h2 data-l10n-id="home-prefs-content-header2" /></label> <description class="description-deemphasized" data-l10n-id="home-prefs-content-description2" /> View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/f57… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/f57… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-140.3.0esr-15.0-1] fixup! BB 31575: Disable Firefox Home (Activity Stream)
by morgan (＠morgan) 22 Sep '25

22 Sep '25

morgan pushed to branch base-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: c913607c by Henry Wilkes at 2025-09-22T13:50:03+00:00 fixup! BB 31575: Disable Firefox Home (Activity Stream) TB 44215: Hide Firefox home settings. - - - - - 1 changed file: - browser/components/preferences/home.inc.xhtml Changes: ===================================== browser/components/preferences/home.inc.xhtml ===================================== @@ -90,6 +90,7 @@ <groupbox id="homeContentsGroup" data-category="paneHome" data-subcategory="contents" + data-hidden-from-search="true" hidden="true"> <label><html:h2 data-l10n-id="home-prefs-content-header2" /></label> <description class="description-deemphasized" data-l10n-id="home-prefs-content-description2" /> View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/c913607… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/c913607… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.3.0esr-15.0-1] fixup! BB 31575: Disable Firefox Home (Activity Stream)
by morgan (＠morgan) 22 Sep '25

22 Sep '25

morgan pushed to branch tor-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 3318b445 by Henry Wilkes at 2025-09-22T13:44:02+00:00 fixup! BB 31575: Disable Firefox Home (Activity Stream) TB 44215: Hide Firefox home settings. - - - - - 1 changed file: - browser/components/preferences/home.inc.xhtml Changes: ===================================== browser/components/preferences/home.inc.xhtml ===================================== @@ -92,6 +92,7 @@ <groupbox id="homeContentsGroup" data-category="paneHome" data-subcategory="contents" + data-hidden-from-search="true" hidden="true"> <label><html:h2 data-l10n-id="home-prefs-content-header2" /></label> <description class="description-deemphasized" data-l10n-id="home-prefs-content-description2" /> View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/3318b44… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/3318b44… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-140.3.0esr-15.0-1] fixup! BB 43864: Modify the urlbar for Base Browser.
by henry (＠henry) 22 Sep '25

22 Sep '25

henry pushed to branch mullvad-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Mullvad Browser Commits: 5b8e7aea by henry at 2025-09-22T14:35:33+01:00 fixup! BB 43864: Modify the urlbar for Base Browser. TB 44177: Remove the logins and private window urlbar actions. (cherry picked from commit ad854cb76585cced30a0a9479006706f1299b872) Co-authored-by: Henry Wilkes <henry(a)torproject.org> - - - - - 1 changed file: - browser/components/urlbar/QuickActionsLoaderDefault.sys.mjs Changes: ===================================== browser/components/urlbar/QuickActionsLoaderDefault.sys.mjs ===================================== @@ -172,6 +172,10 @@ const DEFAULT_ACTIONS = { l10nCommands: ["quickactions-cmd-logins"], label: "quickactions-logins2", onPick: openUrlFun("about:logins"), + // Disabled in base browser since saved passwords is not well supported in + // Tor Browser, and should be disabled in Mullvad Browser. + // tor-browser#44177. + disabled: () => true, }, print: { l10nCommands: ["quickactions-cmd-print"], @@ -192,6 +196,10 @@ const DEFAULT_ACTIONS = { private: true, }); }, + // Disable in permanent private browsing. tor-browser#44177. + disabled: () => { + return lazy.PrivateBrowsingUtils.permanentPrivateBrowsing; + }, }, refresh: { l10nCommands: ["quickactions-cmd-refresh"], View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/5b8… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/5b8… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-140.3.0esr-15.0-1] fixup! BB 43864: Modify the urlbar for Base Browser.
by henry (＠henry) 22 Sep '25

22 Sep '25

henry pushed to branch base-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 5b77c883 by henry at 2025-09-22T13:34:04+00:00 fixup! BB 43864: Modify the urlbar for Base Browser. TB 44177: Remove the logins and private window urlbar actions. (cherry picked from commit ad854cb76585cced30a0a9479006706f1299b872) Co-authored-by: Henry Wilkes <henry(a)torproject.org> - - - - - 1 changed file: - browser/components/urlbar/QuickActionsLoaderDefault.sys.mjs Changes: ===================================== browser/components/urlbar/QuickActionsLoaderDefault.sys.mjs ===================================== @@ -172,6 +172,10 @@ const DEFAULT_ACTIONS = { l10nCommands: ["quickactions-cmd-logins"], label: "quickactions-logins2", onPick: openUrlFun("about:logins"), + // Disabled in base browser since saved passwords is not well supported in + // Tor Browser, and should be disabled in Mullvad Browser. + // tor-browser#44177. + disabled: () => true, }, print: { l10nCommands: ["quickactions-cmd-print"], @@ -192,6 +196,10 @@ const DEFAULT_ACTIONS = { private: true, }); }, + // Disable in permanent private browsing. tor-browser#44177. + disabled: () => { + return lazy.PrivateBrowsingUtils.permanentPrivateBrowsing; + }, }, refresh: { l10nCommands: ["quickactions-cmd-refresh"], View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/5b77c88… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/5b77c88… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.3.0esr-15.0-1] fixup! BB 43864: Modify the urlbar for Base Browser.
by henry (＠henry) 22 Sep '25

22 Sep '25

henry pushed to branch tor-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: ad854cb7 by Henry Wilkes at 2025-09-22T13:33:05+00:00 fixup! BB 43864: Modify the urlbar for Base Browser. TB 44177: Remove the logins and private window urlbar actions. - - - - - 1 changed file: - browser/components/urlbar/QuickActionsLoaderDefault.sys.mjs Changes: ===================================== browser/components/urlbar/QuickActionsLoaderDefault.sys.mjs ===================================== @@ -172,6 +172,10 @@ const DEFAULT_ACTIONS = { l10nCommands: ["quickactions-cmd-logins"], label: "quickactions-logins2", onPick: openUrlFun("about:logins"), + // Disabled in base browser since saved passwords is not well supported in + // Tor Browser, and should be disabled in Mullvad Browser. + // tor-browser#44177. + disabled: () => true, }, print: { l10nCommands: ["quickactions-cmd-print"], @@ -192,6 +196,10 @@ const DEFAULT_ACTIONS = { private: true, }); }, + // Disable in permanent private browsing. tor-browser#44177. + disabled: () => { + return lazy.PrivateBrowsingUtils.permanentPrivateBrowsing; + }, }, refresh: { l10nCommands: ["quickactions-cmd-refresh"], View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/ad854cb… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/ad854cb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-140.3.0esr-15.0-1] BB 44107: Re-include firefoxview asset view-opentabs.svg.
by henry (＠henry) 22 Sep '25

22 Sep '25

henry pushed to branch mullvad-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Mullvad Browser Commits: 5e00148c by henry at 2025-09-22T14:30:23+01:00 BB 44107: Re-include firefoxview asset view-opentabs.svg. Should be dropped after bugzilla bug 1987279 is resolved. (cherry picked from commit 4e313baeadcab5eafdc0c57ab09ce116d7aaa726) Co-authored-by: Henry Wilkes <henry(a)torproject.org> - - - - - 1 changed file: - browser/themes/shared/jar.inc.mn Changes: ===================================== browser/themes/shared/jar.inc.mn ===================================== @@ -7,6 +7,11 @@ # be specified once. As a result, the source file paths are relative # to the location of the actual manifest. +# Temporary work-around to include a single firefoxview asset needed for the +# "Switch to tab" search action. tor-browser#44107. +# Should be dropped after bugzilla bug 1987279. + content/browser/firefoxview/view-opentabs.svg (../../components/firefoxview/content/view-opentabs.svg) + skin/classic/browser/aboutFrameCrashed.css (../shared/aboutFrameCrashed.css) skin/classic/browser/aboutRestartRequired.css (../shared/aboutRestartRequired.css) skin/classic/browser/aboutSessionRestore.css (../shared/aboutSessionRestore.css) View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/5e0… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/5e0… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-140.3.0esr-15.0-1] BB 44107: Re-include firefoxview asset view-opentabs.svg.
by henry (＠henry) 22 Sep '25

22 Sep '25

henry pushed to branch base-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: f69a99bc by henry at 2025-09-22T13:28:50+00:00 BB 44107: Re-include firefoxview asset view-opentabs.svg. Should be dropped after bugzilla bug 1987279 is resolved. (cherry picked from commit 4e313baeadcab5eafdc0c57ab09ce116d7aaa726) Co-authored-by: Henry Wilkes <henry(a)torproject.org> - - - - - 1 changed file: - browser/themes/shared/jar.inc.mn Changes: ===================================== browser/themes/shared/jar.inc.mn ===================================== @@ -7,6 +7,11 @@ # be specified once. As a result, the source file paths are relative # to the location of the actual manifest. +# Temporary work-around to include a single firefoxview asset needed for the +# "Switch to tab" search action. tor-browser#44107. +# Should be dropped after bugzilla bug 1987279. + content/browser/firefoxview/view-opentabs.svg (../../components/firefoxview/content/view-opentabs.svg) + skin/classic/browser/aboutFrameCrashed.css (../shared/aboutFrameCrashed.css) skin/classic/browser/aboutRestartRequired.css (../shared/aboutRestartRequired.css) skin/classic/browser/aboutSessionRestore.css (../shared/aboutSessionRestore.css) View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/f69a99b… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/f69a99b… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.3.0esr-15.0-1] BB 44107: Re-include firefoxview asset view-opentabs.svg.
by henry (＠henry) 22 Sep '25

22 Sep '25

henry pushed to branch tor-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 4e313bae by Henry Wilkes at 2025-09-22T12:11:03+01:00 BB 44107: Re-include firefoxview asset view-opentabs.svg. Should be dropped after bugzilla bug 1987279 is resolved. - - - - - 1 changed file: - browser/themes/shared/jar.inc.mn Changes: ===================================== browser/themes/shared/jar.inc.mn ===================================== @@ -7,6 +7,11 @@ # be specified once. As a result, the source file paths are relative # to the location of the actual manifest. +# Temporary work-around to include a single firefoxview asset needed for the +# "Switch to tab" search action. tor-browser#44107. +# Should be dropped after bugzilla bug 1987279. + content/browser/firefoxview/view-opentabs.svg (../../components/firefoxview/content/view-opentabs.svg) + skin/classic/browser/aboutFrameCrashed.css (../shared/aboutFrameCrashed.css) skin/classic/browser/aboutRestartRequired.css (../shared/aboutRestartRequired.css) skin/classic/browser/aboutSessionRestore.css (../shared/aboutSessionRestore.css) View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/4e313ba… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/4e313ba… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-140.3.0esr-15.0-1] fixup! BB 42037: Disable about:firefoxview page
by henry (＠henry) 22 Sep '25

22 Sep '25

henry pushed to branch mullvad-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Mullvad Browser Commits: d334771e by henry at 2025-09-22T11:25:45+01:00 fixup! BB 42037: Disable about:firefoxview page TB 43900: Open a new tab rather than about:firefoxview when unloading the last tab. (cherry picked from commit f7e0a6109a96f327710680c7ebba4699fb303806) Co-authored-by: Henry Wilkes <henry(a)torproject.org> - - - - - 1 changed file: - browser/components/tabbrowser/content/tabbrowser.js Changes: ===================================== browser/components/tabbrowser/content/tabbrowser.js ===================================== @@ -5185,14 +5185,11 @@ this.selectedTab = newTab; } else { allTabsUnloaded = true; - // all tabs are unloaded - show Firefox View if it's present, otherwise open a new tab - if (FirefoxViewHandler.tab || FirefoxViewHandler.button) { - FirefoxViewHandler.openTab("opentabs"); - } else { - this.selectedTab = this.addTrustedTab(BROWSER_NEW_TAB_URL, { - skipAnimation: true, - }); - } + // We disable the firefoxview path in base browser. tor-browser#43900. + // Might be resolved by bugzilla bug 1989429. + this.selectedTab = this.addTrustedTab(BROWSER_NEW_TAB_URL, { + skipAnimation: true, + }); } } let memoryUsageBeforeUnload = await getTotalMemoryUsage(); View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/d33… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/d33… You're receiving this email because of your account on gitlab.torproject.org.

1 0