- tbb-commits - lists.torproject.org

[Git][tpo/applications/tor-browser-build][maint-13.5] Bug 41324: Improve build signing ergonomics
by ma1 (＠ma1) 21 Jan '25

21 Jan '25

ma1 pushed to branch maint-13.5 at The Tor Project / Applications / tor-browser-build Commits: 311a9672 by hackademix at 2025-01-21T09:48:21+01:00 Bug 41324: Improve build signing ergonomics - - - - - 2 changed files: - tools/signing/do-all-signing - + tools/signing/set-config.passwords Changes: ===================================== tools/signing/do-all-signing ===================================== @@ -3,29 +3,59 @@ set -e script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) source "$script_dir/functions" source "$script_dir/set-config.update-responses" - NON_INTERACTIVE=1 steps_dir="$signed_version_dir.steps" test -d "$steps_dir" || mkdir -p "$steps_dir" -test -f "$steps_dir/linux-signer-rcodesign-sign.done" || +function get_sekrit { + echo "$SEKRITS" | grep -A1 "$1:" | tail -n1 +} + +[ -f "$script_dir/set-config.passwords" ] && . "$script_dir/set-config.passwords" 2>/dev/null + +if [[ $1 = "-p" ]]; then + shift + passwords_gpg_file="$1" + shift +fi + +is_project torbrowser && nssdb=torbrowser-nssdb7 +is_project mullvadbrowser && nssdb=mullvadbrowser-nssdb1 + +if [ -f "$passwords_gpg_file" ]; then + echo "Reading passwords from $passwords_gpg_file" + SEKRITS=$(gpg --decrypt "$passwords_gpg_file") + RCODESIGN_PW=$(get_sekrit 'rcodesign') + NSSPASS=$(get_sekrit "$nssdb (mar signing)") + KSPASS=$(get_sekrit "android apk ($tbb_version_type)") + YUBIPASS=$(get_sekrit "windows authenticode") + GPG_PASS=$(get_sekrit "gpg") +else + echo "Rather than entering all the password manually, you may want to provide a gpg-encrypted file either on the command line (-p <filepath>) or in set-config.passwords." +fi + +test -f "$steps_dir/linux-signer-rcodesign-sign.done" || [ -n "$RCODESIGN_PW" ] || read -sp "Enter rcodesign passphrase for key-1: " RCODESIGN_PW echo -is_project torbrowser && nssdb=torbrowser-nssdb7 -is_project mullvadbrowser && nssdb=mullvadbrowser-nssdb-1 -test -f "$steps_dir/linux-signer-signmars.done" || + +test -f "$steps_dir/linux-signer-signmars.done" || [ -n "$NSSPASS" ] || read -sp "Enter $nssdb (mar signing) passphrase: " NSSPASS echo -test -f "$steps_dir/linux-signer-authenticode-signing.done" || +if is_project torbrowser; then + test -f "$steps_dir/linux-signer-sign-android-apks.done" || [ -n "$KSPASS" ] || + read -sp "Enter android apk signing password ($tbb_version_type): " KSPASS + echo +fi +test -f "$steps_dir/linux-signer-authenticode-signing.done" || [ -n "$YUBIPASS" ] || read -sp "Enter windows authenticode passphrase: " YUBIPASS echo -test -f "$steps_dir/linux-signer-gpg-sign.done" || +test -f "$steps_dir/linux-signer-gpg-sign.done" || [ -n "$GPG_PASS" ] || read -sp "Enter gpg passphrase: " GPG_PASS echo function set-time-on-signing-machine { - local current_time=$(date -u) + local current_time=$(date -u -Iseconds) ssh "$ssh_host_linux_signer" sudo /usr/bin/date -s "'$current_time'" } @@ -169,6 +199,10 @@ function do_step { echo "$(date -Iseconds) - Finished step: $1" } +function is_legacy { + [[ "$tbb_version" = 13.* ]] +} + export SIGNING_PROJECTNAME do_step set-time-on-signing-machine @@ -185,6 +219,10 @@ do_step sync-scripts-to-linux-signer do_step sync-before-linux-signer-signmars do_step linux-signer-signmars do_step sync-after-signmars +is_project torbrowser && ! is_legacy && \ + do_step linux-signer-sign-android-apks +is_project torbrowser && ! is_legacy && \ + do_step sync-after-sign-android-apks do_step linux-signer-authenticode-signing do_step sync-after-authenticode-signing do_step authenticode-timestamping @@ -197,6 +235,6 @@ do_step download-unsigned-sha256sums-gpg-signatures-from-people-tpo do_step sync-local-to-staticiforme do_step sync-scripts-to-staticiforme do_step staticiforme-prepare-cdn-dist-upload -is_project mullvadbrowser && \ +! is_legacy && do_step upload-update_responses-to-staticiforme do_step finished-signing-clean-linux-signer ===================================== tools/signing/set-config.passwords ===================================== @@ -0,0 +1,2 @@ +# Path to a gpg-encrypted cache of passwords not to be asked on each run +passwords_gpg_file=~/.tor-browser-signing/tor-browser-passwords.txt.gpg View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/3… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/3… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-14.0] Bug 41324: Improve build signing ergonomics
by ma1 (＠ma1) 21 Jan '25

21 Jan '25

ma1 pushed to branch maint-14.0 at The Tor Project / Applications / tor-browser-build Commits: 27887a68 by hackademix at 2025-01-21T09:36:51+01:00 Bug 41324: Improve build signing ergonomics - - - - - 2 changed files: - tools/signing/do-all-signing - + tools/signing/set-config.passwords Changes: ===================================== tools/signing/do-all-signing ===================================== @@ -3,34 +3,59 @@ set -e script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) source "$script_dir/functions" source "$script_dir/set-config.update-responses" - NON_INTERACTIVE=1 steps_dir="$signed_version_dir.steps" test -d "$steps_dir" || mkdir -p "$steps_dir" -test -f "$steps_dir/linux-signer-rcodesign-sign.done" || +function get_sekrit { + echo "$SEKRITS" | grep -A1 "$1:" | tail -n1 +} + +[ -f "$script_dir/set-config.passwords" ] && . "$script_dir/set-config.passwords" 2>/dev/null + +if [[ $1 = "-p" ]]; then + shift + passwords_gpg_file="$1" + shift +fi + +is_project torbrowser && nssdb=torbrowser-nssdb7 +is_project mullvadbrowser && nssdb=mullvadbrowser-nssdb1 + +if [ -f "$passwords_gpg_file" ]; then + echo "Reading passwords from $passwords_gpg_file" + SEKRITS=$(gpg --decrypt "$passwords_gpg_file") + RCODESIGN_PW=$(get_sekrit 'rcodesign') + NSSPASS=$(get_sekrit "$nssdb (mar signing)") + KSPASS=$(get_sekrit "android apk ($tbb_version_type)") + YUBIPASS=$(get_sekrit "windows authenticode") + GPG_PASS=$(get_sekrit "gpg") +else + echo "Rather than entering all the password manually, you may want to provide a gpg-encrypted file either on the command line (-p <filepath>) or in set-config.passwords." +fi + +test -f "$steps_dir/linux-signer-rcodesign-sign.done" || [ -n "$RCODESIGN_PW" ] || read -sp "Enter rcodesign passphrase for key-1: " RCODESIGN_PW echo -is_project torbrowser && nssdb=torbrowser-nssdb7 -is_project mullvadbrowser && nssdb=mullvadbrowser-nssdb-1 -test -f "$steps_dir/linux-signer-signmars.done" || + +test -f "$steps_dir/linux-signer-signmars.done" || [ -n "$NSSPASS" ] || read -sp "Enter $nssdb (mar signing) passphrase: " NSSPASS echo if is_project torbrowser; then - test -f "$steps_dir/linux-signer-sign-android-apks.done" || + test -f "$steps_dir/linux-signer-sign-android-apks.done" || [ -n "$KSPASS" ] || read -sp "Enter android apk signing password ($tbb_version_type): " KSPASS echo fi -test -f "$steps_dir/linux-signer-authenticode-signing.done" || +test -f "$steps_dir/linux-signer-authenticode-signing.done" || [ -n "$YUBIPASS" ] || read -sp "Enter windows authenticode passphrase: " YUBIPASS echo -test -f "$steps_dir/linux-signer-gpg-sign.done" || +test -f "$steps_dir/linux-signer-gpg-sign.done" || [ -n "$GPG_PASS" ] || read -sp "Enter gpg passphrase: " GPG_PASS echo function set-time-on-signing-machine { - local current_time=$(date -u) + local current_time=$(date -u -Iseconds) ssh "$ssh_host_linux_signer" sudo /usr/bin/date -s "'$current_time'" } @@ -178,6 +203,10 @@ function do_step { echo "$(date -Iseconds) - Finished step: $1" } +function is_legacy { + [[ "$tbb_version" = 13.* ]] +} + export SIGNING_PROJECTNAME do_step set-time-on-signing-machine @@ -195,9 +224,9 @@ do_step sync-scripts-to-linux-signer do_step sync-before-linux-signer-signmars do_step linux-signer-signmars do_step sync-after-signmars -is_project torbrowser && \ +is_project torbrowser && ! is_legacy && \ do_step linux-signer-sign-android-apks -is_project torbrowser && \ +is_project torbrowser && ! is_legacy && \ do_step sync-after-sign-android-apks do_step linux-signer-authenticode-signing do_step sync-after-authenticode-signing @@ -211,5 +240,6 @@ do_step download-unsigned-sha256sums-gpg-signatures-from-people-tpo do_step sync-local-to-staticiforme do_step sync-scripts-to-staticiforme do_step staticiforme-prepare-cdn-dist-upload -do_step upload-update_responses-to-staticiforme +! is_legacy && + do_step upload-update_responses-to-staticiforme do_step finished-signing-clean-linux-signer ===================================== tools/signing/set-config.passwords ===================================== @@ -0,0 +1,2 @@ +# Path to a gpg-encrypted cache of passwords not to be asked on each run +passwords_gpg_file=~/.tor-browser-signing/tor-browser-passwords.txt.gpg View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/2… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/2… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41324: Improve build signing ergonomics
by ma1 (＠ma1) 20 Jan '25

20 Jan '25

ma1 pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 3af0e5b3 by hackademix at 2025-01-20T18:16:36+01:00 Bug 41324: Improve build signing ergonomics - - - - - 7 changed files: - .gitlab/issue_templates/Release Prep - Mullvad Browser Alpha.md - .gitlab/issue_templates/Release Prep - Mullvad Browser Stable.md - .gitlab/issue_templates/Release Prep - Tor Browser Alpha.md - .gitlab/issue_templates/Release Prep - Tor Browser Legacy.md - .gitlab/issue_templates/Release Prep - Tor Browser Stable.md - tools/signing/do-all-signing - + tools/signing/set-config.passwords Changes: ===================================== .gitlab/issue_templates/Release Prep - Mullvad Browser Alpha.md ===================================== @@ -208,7 +208,7 @@ Mullvad Browser Alpha (and Nightly) are on the `main` branch ``` - **Subject** ``` - New build: Mullvad Browser ${MULLVAD_BROWSER_VERION} (signed) + New build: Mullvad Browser ${MULLVAD_BROWSER_VERSION} (signed) ``` - **Body** ``` @@ -219,6 +219,8 @@ Mullvad Browser Alpha (and Nightly) are on the `main` branch - signed builds: https://dist.torproject.org/mullvadbrowser/${MULLVAD_BROWSER_VERSION} - update_response hashes: ${MULLVAD_UPDATE_RESPONSES_HASH} + * https://gitlab.torproject.org/tpo/applications/mullvad-browser-update-respo… + changelog: # paste changelog as quote here ... ===================================== .gitlab/issue_templates/Release Prep - Mullvad Browser Stable.md ===================================== @@ -208,7 +208,7 @@ Mullvad Browser Stable is on the `maint-${MULLVAD_BROWSER_MAJOR}.${MULLVAD_BROWS ``` - **Subject** ``` - New build: Mullvad Browser ${MULLVAD_BROWSER_VERION} (signed) + New build: Mullvad Browser ${MULLVAD_BROWSER_VERSION} (signed) ``` - **Body** ``` @@ -217,7 +217,9 @@ Mullvad Browser Stable is on the `maint-${MULLVAD_BROWSER_MAJOR}.${MULLVAD_BROWS Branch+Tags have been pushed to Mullvad's GitHub repo. - signed builds: https://dist.torproject.org/mullvadbrowser/${MULLVAD_BROWSER_VERSION} - - update_response hashes: ${MULLVAD_UPDATE_RESPONSES_HASH} + - update_response hashes: ${MULLVAD_UPDATE_RESPONSES_HASH}* + + * https://gitlab.torproject.org/tpo/applications/mullvad-browser-update-respo… changelog: # paste changelog as quote here ===================================== .gitlab/issue_templates/Release Prep - Tor Browser Alpha.md ===================================== @@ -223,9 +223,9 @@ Tor Browser Alpha (and Nightly) are on the `main` branch ```bash # Point OSSLSIGNCODE to your osslsigncode binary -pushd tor-browser-build/${channel}/signed/$TORBROWSER_VERSION +pushd tor-browser-build/torbrowser/${channel}/signed/$TORBROWSER_VERSION OSSLSIGNCODE=/path/to/osslsigncode -../../../tools/authenticode_check.sh +../../../../tools/authenticode_check.sh popd ``` @@ -234,14 +234,15 @@ popd <summary>Check whether the MAR files got properly signed</summary> ```bash -# Point NSSDB to your nssdb containing the mar signing certificate +# Point NSS_DB_DIR to your nssdb dir containing the mar signing certificate +# (check tools/marsigning_check.sh source code for details) # Point SIGNMAR to your signmar binary # Point LD_LIBRARY_PATH to your mar-tools directory -pushd tor-browser-build/${channel}/signed/$TORBROWSER_VERSION +pushd tor-browser-build/torbrowser/${channel}/signed/$TORBROWSER_VERSION NSSDB=/path/to/nssdb SIGNMAR=/path/to/mar-tools/signmar LD_LIBRARY_PATH=/path/to/mar-tools/ -../../../tools/marsigning_check.sh +../../../../tools/marsigning_check.sh popd ``` ===================================== .gitlab/issue_templates/Release Prep - Tor Browser Legacy.md ===================================== @@ -203,9 +203,9 @@ Tor Browser Legacy is on the `maint-13.5` branch ```bash # Point OSSLSIGNCODE to your osslsigncode binary -pushd tor-browser-build/${channel}/signed/$TORBROWSER_VERSION +pushd tor-browser-build/torbrowser/${channel}/signed/$TORBROWSER_VERSION OSSLSIGNCODE=/path/to/osslsigncode -../../../tools/authenticode_check.sh +../../../../tools/authenticode_check.sh popd ``` @@ -217,11 +217,11 @@ popd # Point NSSDB to your nssdb containing the mar signing certificate # Point SIGNMAR to your signmar binary # Point LD_LIBRARY_PATH to your mar-tools directory -pushd tor-browser-build/${channel}/signed/$TORBROWSER_VERSION +pushd tor-browser-build/torbrowser/${channel}/signed/$TORBROWSER_VERSION NSSDB=/path/to/nssdb SIGNMAR=/path/to/mar-tools/signmar LD_LIBRARY_PATH=/path/to/mar-tools/ -../../../tools/marsigning_check.sh +../../../../tools/marsigning_check.sh popd ``` ===================================== .gitlab/issue_templates/Release Prep - Tor Browser Stable.md ===================================== @@ -228,9 +228,9 @@ Tor Browser Stable is on the `maint-${TOR_BROWSER_MAJOR}.${TOR_BROWSER_MINOR}` b ```bash # Point OSSLSIGNCODE to your osslsigncode binary -pushd tor-browser-build/${channel}/signed/$TORBROWSER_VERSION +pushd tor-browser-build/torbrowser/${channel}/signed/$TORBROWSER_VERSION OSSLSIGNCODE=/path/to/osslsigncode -../../../tools/authenticode_check.sh +../../../../tools/authenticode_check.sh popd ``` @@ -242,11 +242,11 @@ popd # Point NSSDB to your nssdb containing the mar signing certificate # Point SIGNMAR to your signmar binary # Point LD_LIBRARY_PATH to your mar-tools directory -pushd tor-browser-build/${channel}/signed/$TORBROWSER_VERSION +pushd tor-browser-build/torbrowser/${channel}/signed/$TORBROWSER_VERSION NSSDB=/path/to/nssdb SIGNMAR=/path/to/mar-tools/signmar LD_LIBRARY_PATH=/path/to/mar-tools/ -../../../tools/marsigning_check.sh +../../../../tools/marsigning_check.sh popd ``` ===================================== tools/signing/do-all-signing ===================================== @@ -3,34 +3,59 @@ set -e script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) source "$script_dir/functions" source "$script_dir/set-config.update-responses" - NON_INTERACTIVE=1 steps_dir="$signed_version_dir.steps" test -d "$steps_dir" || mkdir -p "$steps_dir" -test -f "$steps_dir/linux-signer-rcodesign-sign.done" || +function get_sekrit { + echo "$SEKRITS" | grep -A1 "$1:" | tail -n1 +} + +[ -f "$script_dir/set-config.passwords" ] && . "$script_dir/set-config.passwords" 2>/dev/null + +if [[ $1 = "-p" ]]; then + shift + passwords_gpg_file="$1" + shift +fi + +is_project torbrowser && nssdb=torbrowser-nssdb7 +is_project mullvadbrowser && nssdb=mullvadbrowser-nssdb1 + +if [ -f "$passwords_gpg_file" ]; then + echo "Reading passwords from $passwords_gpg_file" + SEKRITS=$(gpg --decrypt "$passwords_gpg_file") + RCODESIGN_PW=$(get_sekrit 'rcodesign') + NSSPASS=$(get_sekrit "$nssdb (mar signing)") + KSPASS=$(get_sekrit "android apk ($tbb_version_type)") + YUBIPASS=$(get_sekrit "windows authenticode") + GPG_PASS=$(get_sekrit "gpg") +else + echo "Rather than entering all the password manually, you may want to provide a gpg-encrypted file either on the command line (-p <filepath>) or in set-config.passwords." +fi + +test -f "$steps_dir/linux-signer-rcodesign-sign.done" || [ -n "$RCODESIGN_PW" ] || read -sp "Enter rcodesign passphrase for key-1: " RCODESIGN_PW echo -is_project torbrowser && nssdb=torbrowser-nssdb7 -is_project mullvadbrowser && nssdb=mullvadbrowser-nssdb-1 -test -f "$steps_dir/linux-signer-signmars.done" || + +test -f "$steps_dir/linux-signer-signmars.done" || [ -n "$NSSPASS" ] || read -sp "Enter $nssdb (mar signing) passphrase: " NSSPASS echo if is_project torbrowser; then - test -f "$steps_dir/linux-signer-sign-android-apks.done" || + test -f "$steps_dir/linux-signer-sign-android-apks.done" || [ -n "$KSPASS" ] || read -sp "Enter android apk signing password ($tbb_version_type): " KSPASS echo fi -test -f "$steps_dir/linux-signer-authenticode-signing.done" || +test -f "$steps_dir/linux-signer-authenticode-signing.done" || [ -n "$YUBIPASS" ] || read -sp "Enter windows authenticode passphrase: " YUBIPASS echo -test -f "$steps_dir/linux-signer-gpg-sign.done" || +test -f "$steps_dir/linux-signer-gpg-sign.done" || [ -n "$GPG_PASS" ] || read -sp "Enter gpg passphrase: " GPG_PASS echo function set-time-on-signing-machine { - local current_time=$(date -u) + local current_time=$(date -u -Iseconds) ssh "$ssh_host_linux_signer" sudo /usr/bin/date -s "'$current_time'" } @@ -178,6 +203,10 @@ function do_step { echo "$(date -Iseconds) - Finished step: $1" } +function is_legacy { + [[ "$tbb_version" = 13.* ]] +} + export SIGNING_PROJECTNAME do_step set-time-on-signing-machine @@ -195,9 +224,9 @@ do_step sync-scripts-to-linux-signer do_step sync-before-linux-signer-signmars do_step linux-signer-signmars do_step sync-after-signmars -is_project torbrowser && \ +is_project torbrowser && ! is_legacy && \ do_step linux-signer-sign-android-apks -is_project torbrowser && \ +is_project torbrowser && ! is_legacy && \ do_step sync-after-sign-android-apks do_step linux-signer-authenticode-signing do_step sync-after-authenticode-signing @@ -211,5 +240,6 @@ do_step download-unsigned-sha256sums-gpg-signatures-from-people-tpo do_step sync-local-to-staticiforme do_step sync-scripts-to-staticiforme do_step staticiforme-prepare-cdn-dist-upload -do_step upload-update_responses-to-staticiforme +! is_legacy && + do_step upload-update_responses-to-staticiforme do_step finished-signing-clean-linux-signer ===================================== tools/signing/set-config.passwords ===================================== @@ -0,0 +1,2 @@ +# Path to a gpg-encrypted cache of passwords not to be asked on each run +passwords_gpg_file=~/.tor-browser-signing/tor-browser-passwords.txt.gpg View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/3… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/3… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.6.0esr-14.5-1] 3 commits: fixup! TB 40597: Implement TorSettings module
by Pier Angelo Vendrame (＠pierov) 20 Jan '25

20 Jan '25

Pier Angelo Vendrame pushed to branch tor-browser-128.6.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 0b42b720 by Henry Wilkes at 2025-01-20T17:57:59+00:00 fixup! TB 40597: Implement TorSettings module TB 41921: Return only the bridge settings from Moat. Rather than return { bridges: enabled: true, ... } from MoatRPC API, we just return the relevant parts. This should make it clearer that Moat can *only* change TorSettings.bridges, and nothing else. - - - - - 7129f408 by Henry Wilkes at 2025-01-20T17:57:59+00:00 fixup! TB 40597: Implement TorSettings module TB 41921: Have Moat bridges pass through TorSettings rather than using TorProvider directly. TorSettings should be the only caller to TorProvider.writeSettings, so we can establish more control over which bridges are in use at any given moment in one place. Also add some sanitation to the Moat response. - - - - - 6ea6bd74 by Henry Wilkes at 2025-01-20T17:57:59+00:00 fixup! TB 40933: Add tor-launcher functionality TB 41921: Use temporary bridges for TorProvider initialisation. It is unlikely that temporary bridges would be present when TorProvider is initialised, but it should be using whatever TorSettings.applySettings uses. - - - - - 4 changed files: - toolkit/components/tor-launcher/TorProvider.sys.mjs - toolkit/modules/Moat.sys.mjs - toolkit/modules/TorConnect.sys.mjs - toolkit/modules/TorSettings.sys.mjs Changes: ===================================== toolkit/components/tor-launcher/TorProvider.sys.mjs ===================================== @@ -227,7 +227,7 @@ export class TorProvider { if (this.ownsTorDaemon) { try { await lazy.TorSettings.initializedPromise; - await this.writeSettings(lazy.TorSettings.getSettings()); + await this.writeSettings(); } catch (e) { logger.warn( "Failed to initialize TorSettings or to write our initial settings. Continuing the initialization anyway.", @@ -269,11 +269,13 @@ export class TorProvider { /** * Send settings to the tor daemon. * - * @param {object} settings A settings object, as returned by - * TorSettings.getSettings(). This allow to try settings without passing - * through TorSettings. + * This should only be called internally or by the TorSettings module. */ - async writeSettings(settings) { + async writeSettings() { + // Fetch the current settings. + // We set the useTemporary parameter since we want to apply temporary + // bridges if they are available. + const settings = lazy.TorSettings.getSettings(true); logger.debug("TorProvider.writeSettings", settings); const torSettings = new Map(); ===================================== toolkit/modules/Moat.sys.mjs ===================================== @@ -13,7 +13,6 @@ ChromeUtils.defineESModuleGetters(lazy, { DomainFrontRequestBuilder: "resource://gre/modules/DomainFrontedRequests.sys.mjs", TorBridgeSource: "resource://gre/modules/TorSettings.sys.mjs", - TorSettings: "resource://gre/modules/TorSettings.sys.mjs", }); const TorLauncherPrefs = Object.freeze({ @@ -73,6 +72,25 @@ class InternetTestResponseListener { } } +/** + * @typedef {Object} MoatBridges + * + * Bridge settings that can be passed to TorSettings.bridges. + * + * @property {number} source - The `TorBridgeSource` type. + * @property {string} [builtin_type] - The built-in bridge type. + * @property {string[]} [bridge_strings] - The bridge lines. + */ + +/** + * @typedef {Object} MoatSettings + * + * The settings returned by Moat. + * + * @property {MoatBridges[]} bridgesList - The list of bridges found. + * @property {string} [country] - The detected country (region). + */ + /** * Constructs JSON objects and sends requests over Moat. * The documentation about the JSON schemas to use are available at @@ -213,37 +231,31 @@ export class MoatRPC { return { bridges, qrcode: qrcodeImg }; } - // Convert received settings object to format used by TorSettings module. - #fixupSettings(settings) { + /** + * Extract bridges from the received Moat settings object. + * + * @param {Object} settings - The received settings. + * @return {MoatBridge} The extracted bridges. + */ + #extractBridges(settings) { if (!("bridges" in settings)) { throw new Error("Expected to find `bridges` in the settings object."); } - const retval = { - bridges: { - enabled: true, - }, - }; + const bridges = {}; switch (settings.bridges.source) { case "builtin": - retval.bridges.source = lazy.TorBridgeSource.BuiltIn; - retval.bridges.builtin_type = settings.bridges.type; - // TorSettings will ignore strings for built-in bridges, and use the - // ones it already knows, instead. However, when we try these settings - // in the connect assist, we skip TorSettings. Therefore, we set the - // lines also here (the ones we already know, not the ones we receive - // from Moat). This needs TorSettings to be initialized, which by now - // should have already happened (this method is used only by TorConnect, - // that needs TorSettings to be initialized). - // In any case, getBuiltinBridges will throw if the data is not ready, - // yet. - retval.bridges.bridge_strings = lazy.TorSettings.getBuiltinBridges( - settings.bridges.type - ); + bridges.source = lazy.TorBridgeSource.BuiltIn; + bridges.builtin_type = String(settings.bridges.type); + // Ignore the bridge_strings argument since we will use our built-in + // bridge strings instead. break; case "bridgedb": - retval.bridges.source = lazy.TorBridgeSource.BridgeDB; - if (settings.bridges.bridge_strings) { - retval.bridges.bridge_strings = settings.bridges.bridge_strings; + bridges.source = lazy.TorBridgeSource.BridgeDB; + if (settings.bridges.bridge_strings?.length) { + bridges.bridge_strings = Array.from( + settings.bridges.bridge_strings, + item => String(item) + ); } else { throw new Error( "Received no bridge-strings for BridgeDB bridge source" @@ -255,37 +267,38 @@ export class MoatRPC { `Unexpected bridge source '${settings.bridges.source}'` ); } - return retval; + return bridges; } - // Converts a list of settings objects received from BridgeDB to a list of - // settings objects understood by the TorSettings module. - // In the event of error, returns an empty list. - #fixupSettingsList(settingsList) { - const retval = []; + /** + * Extract a list of bridges from the received Moat settings object. + * + * @param {Object} settings - The received settings. + * @return {MoatBridge[]} The list of extracted bridges. + */ + #extractBridgesList(settingsList) { + const bridgesList = []; for (const settings of settingsList) { try { - retval.push(this.#fixupSettings(settings)); + bridgesList.push(this.#extractBridges(settings)); } catch (ex) { log.error(ex); } } - return retval; + return bridgesList; } - // Request tor settings for the user optionally based on their location - // (derived from their IP). Takes the following parameters: - // - transports: optional, an array of transports available to the client; if - // empty (or not given) returns settings using all working transports known - // to the server - // - country: optional, an ISO 3166-1 alpha-2 country code to request settings - // for; if not provided the country is determined by the user's IP address - // - // Returns an object with the detected country code and an array of settings - // in a format that can be passed to the TorSettings module. This array might - // be empty if the country has no associated settings. - // If the server cannot determine the user's country (and no country code is - // provided), then null is returned instead of the object. + /** + * Request tor settings for the user optionally based on their location + * (derived from their IP). Takes the following parameters: + * + * @param {string[]} transports - A list of transports we support. + * @param {?string} country - The region to request bridges for, as an + * ISO 3166-1 alpha-2 region code, or `null` to have the server + * automatically determine the region. + * @returns {?MoatSettings} - The returned settings from the server, or `null` + * if the region could not be determined by the server. + */ async circumvention_settings(transports, country) { const args = { transports: transports ? transports : [], @@ -306,7 +319,7 @@ export class MoatRPC { throw new Error(`MoatRPC: ${detail} (${code})`); } else if ("settings" in response) { - settings.settings = this.#fixupSettingsList(response.settings); + settings.bridgesList = this.#extractBridgesList(response.settings); } if ("country" in response) { settings.country = response.country; @@ -349,14 +362,12 @@ export class MoatRPC { return map; } - // Request a copy of the defaul/fallback bridge settings, takes the following - // parameters: - // - transports: optional, an array of transports available to the client; if - // empty (or not given) returns settings using all working transports known - // to the server - // - // returns an array of settings objects in roughly the same format as the - // _settings object on the TorSettings module + /** + * Request a copy of the default/fallback bridge settings. + * + * @param {string[]} transports - A list of transports we support. + * @returns {MoatBridges[]} - The list of bridges found. + */ async circumvention_defaults(transports) { const args = { transports: transports ? transports : [], @@ -367,7 +378,7 @@ export class MoatRPC { const detail = response.errors[0].detail; throw new Error(`MoatRPC: ${detail} (${code})`); } else if ("settings" in response) { - return this.#fixupSettingsList(response.settings); + return this.#extractBridgesList(response.settings); } return []; } ===================================== toolkit/modules/TorConnect.sys.mjs ===================================== @@ -103,11 +103,12 @@ export const TorConnectTopics = Object.freeze({ * failing bootstrap. * @property {integer} [options.simulateDelay] - The delay in microseconds to * apply to simulated bootstraps. - * @property {object} [options.simulateMoatResponse] - Simulate a Moat response - * for circumvention settings. Should include a "settings" property, and - * optionally a "country" property. You may add a "simulateCensorship" - * property to some of the settings to make only their bootstrap attempts - * fail. + * @property {MoatSettings} [options.simulateMoatResponse] - Simulate a Moat + * response for circumvention settings. Should include a "bridgesList" + * property, and optionally a "country" property. The "bridgesList" property + * should be an Array of MoatBridges objects that match the bridge settings + * accepted by TorSettings.bridges, plus you may add a "simulateCensorship" + * property to make only their bootstrap attempts fail. * @property {boolean} [options.testInternet] - Whether to also test the * internet connection. * @property {boolean} [options.simulateOffline] - Whether to simulate an @@ -214,6 +215,14 @@ class BootstrapAttempt { return promise; } + /** + * Method to call just after the Bootstrapped stage is set in response to this + * bootstrap attempt. + */ + postBootstrapped() { + // Nothing to do. + } + /** * Run the attempt. * @@ -395,17 +404,11 @@ class AutoBootstrapAttempt { */ #cancelledPromise = null; /** - * The found settings from Moat. - * - * @type {?object[]} - */ - #settings = null; - /** - * The last settings that have been applied to the TorProvider, if any. + * The list of bridge configurations from Moat. * - * @type {?object} + * @type {?MoatBridges[]} */ - #changedSetting = null; + #bridgesList = null; /** * The detected region code returned by Moat, if any. * @@ -438,13 +441,8 @@ class AutoBootstrapAttempt { // Run cleanup before we resolve the promise to ensure two instances // of AutoBootstrapAttempt are not trying to change the settings at // the same time. - if (this.#changedSetting) { - if (arg.result === "complete") { - // Persist the current settings to preferences. - lazy.TorSettings.setSettings(this.#changedSetting); - lazy.TorSettings.saveToPrefs(); - } // else, applySettings will restore the current settings. - await lazy.TorSettings.applySettings(); + if (arg.result !== "complete") { + await lazy.TorSettings.clearTemporaryBridges(); } } catch (error) { lazy.logger.error("Unexpected error in auto-bootstrap cleanup", error); @@ -466,6 +464,15 @@ class AutoBootstrapAttempt { return promise; } + /** + * Method to call just after the Bootstrapped stage is set in response to this + * bootstrap attempt. + */ + postBootstrapped() { + // Persist the current settings to preferences. + lazy.TorSettings.saveTemporaryBridges(); + } + /** * Run the attempt. * @@ -477,12 +484,12 @@ class AutoBootstrapAttempt { * @param {BootstrapOptions} options - Options to apply to the bootstrap. */ async #runInternal(progressCallback, options) { - await this.#fetchSettings(options); + await this.#fetchBridges(options); if (this.#cancelled || this.#resolved) { return; } - if (!this.#settings?.length) { + if (!this.#bridgesList?.length) { this.#resolveRun({ error: new TorConnectError( options.regionCode === "automatic" && !this.detectedRegion @@ -493,14 +500,14 @@ class AutoBootstrapAttempt { } // Apply each of our settings and try to bootstrap with each. - for (const [index, currentSetting] of this.#settings.entries()) { + for (const [index, bridges] of this.#bridgesList.entries()) { lazy.logger.info( `Attempting Bootstrap with configuration ${index + 1}/${ - this.#settings.length + this.#bridgesList.length }` ); - await this.#trySetting(currentSetting, progressCallback, options); + await this.#tryBridges(bridges, progressCallback, options); if (this.#cancelled || this.#resolved) { return; @@ -518,7 +525,7 @@ class AutoBootstrapAttempt { * * @param {BootstrapOptions} options - Options to apply to the bootstrap. */ - async #fetchSettings(options) { + async #fetchBridges(options) { if (options.simulateMoatResponse) { await Promise.race([ new Promise(res => setTimeout(res, options.simulateDelay || 0)), @@ -530,7 +537,7 @@ class AutoBootstrapAttempt { } this.detectedRegion = options.simulateMoatResponse.country || null; - this.#settings = options.simulateMoatResponse.settings ?? null; + this.#bridgesList = options.simulateMoatResponse.bridgesList ?? null; return; } @@ -564,16 +571,16 @@ class AutoBootstrapAttempt { this.detectedRegion = maybeSettings?.country || null; - if (maybeSettings?.settings?.length) { - this.#settings = maybeSettings.settings; + if (maybeSettings?.bridgesList?.length) { + this.#bridgesList = maybeSettings.bridgesList; } else { // Keep consistency with the other call. - this.#settings = await Promise.race([ + this.#bridgesList = await Promise.race([ moat.circumvention_defaults([ ...lazy.TorSettings.builtinBridgeTypes, "vanilla", ]), - // This might set this.#settings to undefined. + // This might set this.#bridgesList to undefined. this.#cancelledPromise, ]); } @@ -586,21 +593,21 @@ class AutoBootstrapAttempt { /** * Try to apply the settings we fetched. * - * @param {object} setting - The setting to try. + * @param {MoatBridges} bridges - The bridges to try. * @param {ProgressCallback} progressCallback - The callback to invoke with * the bootstrap progress. * @param {BootstrapOptions} options - Options to apply to the bootstrap. */ - async #trySetting(setting, progressCallback, options) { + async #tryBridges(bridges, progressCallback, options) { if (this.#cancelled || this.#resolved) { return; } - if (options.simulateMoatResponse && setting.simulateCensorship) { + if (options.simulateMoatResponse && bridges.simulateCensorship) { // Move the simulateCensorship option to the options for the next // BootstrapAttempt. - setting = structuredClone(setting); - delete setting.simulateCensorship; + bridges = structuredClone(bridges); + delete bridges.simulateCensorship; options = { ...options, simulateCensorship: true }; } @@ -616,14 +623,7 @@ class AutoBootstrapAttempt { // Another idea (maybe easier to implement) is to disable the settings // UI while *any* bootstrap is going on. // This is also documented in tor-browser#41921. - const provider = await lazy.TorProviderBuilder.build(); - this.#changedSetting = setting; - // We need to merge with old settings, in case the user is using a proxy - // or is behind a firewall. - await provider.writeSettings({ - ...lazy.TorSettings.getSettings(), - ...setting, - }); + await lazy.TorSettings.applyTemporaryBridges(bridges); if (this.#cancelled || this.#resolved) { return; @@ -642,7 +642,7 @@ class AutoBootstrapAttempt { error instanceof TorConnectError && error.code === TorConnectError.BootstrapError ) { - lazy.logger.info("TorConnect setting failed", setting, error); + lazy.logger.info("TorConnect setting failed", bridges, error); // Try with the next settings. // NOTE: We do not restore the user settings in between these runs. // Instead we wait for #resolveRun callback to do so. @@ -1459,6 +1459,12 @@ export const TorConnect = { } this._setStage(TorConnectStage.Bootstrapped); Services.obs.notifyObservers(null, TorConnectTopics.BootstrapComplete); + + // Now call the postBootstrapped method. We do this after changing the + // stage to ensure that AutoBootstrapAttempt.postBootstrapped call to + // saveTemporaryBridges does not trigger SettingsChanged too early and + // cancel itself. + bootstrapAttempt.postBootstrapped(); return; } ===================================== toolkit/modules/TorSettings.sys.mjs ===================================== @@ -198,6 +198,14 @@ class TorSettingsImpl { allowed_ports: [], }, }; + + /** + * Temporary bridge settings to apply instead of #settings.bridges. + * + * @type {?Object} + */ + #temporaryBridgeSettings = null; + /** * Accumulated errors from trying to set settings. * @@ -713,6 +721,8 @@ class TorSettingsImpl { try { this.#allowUninitialized = true; this.#loadFromPrefs(); + // We do not pass on the loaded settings to the TorProvider yet. Instead + // TorProvider will ask for these once it has initialised. } finally { this.#allowUninitialized = false; this.#notificationQueue.clear(); @@ -971,7 +981,7 @@ class TorSettingsImpl { async applySettings() { this.#checkIfInitialized(); const provider = await lazy.TorProviderBuilder.build(); - await provider.writeSettings(this.getSettings()); + await provider.writeSettings(); } /** @@ -1073,12 +1083,20 @@ class TorSettingsImpl { /** * Get a copy of all our settings. * + * @param {boolean} [useTemporary=false] - Whether the returned settings + * should use the temporary bridge settings, if any, instead. + * * @returns {object} A copy of the settings object */ - getSettings() { + getSettings(useTemporary = false) { lazy.logger.debug("getSettings()"); this.#checkIfInitialized(); - return structuredClone(this.#settings); + const settings = structuredClone(this.#settings); + if (useTemporary && this.#temporaryBridgeSettings) { + // Override the bridge settings with our temporary ones. + settings.bridges = structuredClone(this.#temporaryBridgeSettings); + } + return settings; } /** @@ -1097,6 +1115,83 @@ class TorSettingsImpl { } return types; } + + /** + * Apply some Moat bridges temporarily. + * + * These bridges will not yet be saved to settings. + * + * @param {MoatBridges} bridges - The bridges to apply. + */ + async applyTemporaryBridges(bridges) { + this.#checkIfInitialized(); + + if ( + bridges.source !== TorBridgeSource.BuiltIn && + bridges.source !== TorBridgeSource.BridgeDB + ) { + throw new Error(`Invalid bridge source ${bridges.source}`); + } + + const bridgeSettings = { + enabled: true, + source: bridges.source, + }; + + if (bridges.source === TorBridgeSource.BuiltIn) { + if (!bridges.builtin_type) { + throw Error("Missing a built-in type"); + } + bridgeSettings.builtin_type = String(bridges.builtin_type); + const bridgeStrings = this.getBuiltinBridges(bridgeSettings.builtin_type); + if (!bridgeStrings.length) { + throw new Error(`No builtin bridges for type ${bridges.builtin_type}`); + } + bridgeSettings.bridge_strings = bridgeStrings; + } else { + // BridgeDB. + if (!bridges.bridge_strings?.length) { + throw new Error("Missing bridges strings"); + } + // TODO: Can we safely verify the format of the bridge addresses sent from + // Moat? + bridgeSettings.bridge_strings = Array.from(bridges.bridge_strings, item => + String(item) + ); + } + + // After checks are complete, we commit them. + this.#temporaryBridgeSettings = bridgeSettings; + await this.applySettings(); + } + + /** + * Save to current temporary bridges to be permanent instead. + */ + async saveTemporaryBridges() { + this.#checkIfInitialized(); + if (!this.#temporaryBridgeSettings) { + lazy.logger.warn("No temporary bridges to save"); + return; + } + this.setSettings({ bridges: this.#temporaryBridgeSettings }); + this.#temporaryBridgeSettings = null; + this.saveToPrefs(); + await this.applySettings(); + } + + /** + * Clear the current temporary bridges. + */ + async clearTemporaryBridges() { + this.#checkIfInitialized(); + if (!this.#temporaryBridgeSettings) { + lazy.logger.debug("No temporary bridges to clear"); + return; + } + this.#temporaryBridgeSettings = null; + await this.applySettings(); + } } export const TorSettings = new TorSettingsImpl(); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/9e5f76… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/9e5f76… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-128.6.0esr-14.5-1] fixup! Firefox preference overrides.
by Pier Angelo Vendrame (＠pierov) 20 Jan '25

20 Jan '25

Pier Angelo Vendrame pushed to branch mullvad-browser-128.6.0esr-14.5-1 at The Tor Project / Applications / Mullvad Browser Commits: 76d1293f by Pier Angelo Vendrame at 2025-01-20T18:42:58+01:00 fixup! Firefox preference overrides. BB 43402: set browser.startup.blankWindow false. - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -454,6 +454,9 @@ pref("privacy.resistFingerprinting.letterboxing.gradient", true); pref("privacy.resistFingerprinting.letterboxing.rememberSize", false); // tor-browser#41695: How many warnings we show if user closes them without restoring the window size pref("privacy.resistFingerprinting.resizeWarnings", 3); +// tor-browser#43402: Avoid a resize from the skeleton to the newwin size. +// Should be fixed in ESR-140 with Bug 1448423. +pref("browser.startup.blankWindow", false); // Enforce Network Information API as disabled pref("dom.netinfo.enabled", false); pref("network.http.referer.defaultPolicy", 2); // Bug 32948: Make referer behavior consistent regardless of private browing mode status View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/76d… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/76d… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-128.6.0esr-14.5-1] fixup! Firefox preference overrides.
by Pier Angelo Vendrame (＠pierov) 20 Jan '25

20 Jan '25

Pier Angelo Vendrame pushed to branch base-browser-128.6.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 186910c7 by Pier Angelo Vendrame at 2025-01-20T18:42:24+01:00 fixup! Firefox preference overrides. BB 43402: set browser.startup.blankWindow false. - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -454,6 +454,9 @@ pref("privacy.resistFingerprinting.letterboxing.gradient", true); pref("privacy.resistFingerprinting.letterboxing.rememberSize", false); // tor-browser#41695: How many warnings we show if user closes them without restoring the window size pref("privacy.resistFingerprinting.resizeWarnings", 3); +// tor-browser#43402: Avoid a resize from the skeleton to the newwin size. +// Should be fixed in ESR-140 with Bug 1448423. +pref("browser.startup.blankWindow", false); // Enforce Network Information API as disabled pref("dom.netinfo.enabled", false); pref("network.http.referer.defaultPolicy", 2); // Bug 32948: Make referer behavior consistent regardless of private browing mode status View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/186910c… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/186910c… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.6.0esr-14.5-1] fixup! Firefox preference overrides.
by Pier Angelo Vendrame (＠pierov) 20 Jan '25

20 Jan '25

Pier Angelo Vendrame pushed to branch tor-browser-128.6.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 9e5f7638 by Pier Angelo Vendrame at 2025-01-20T14:39:01+01:00 fixup! Firefox preference overrides. BB 43402: set browser.startup.blankWindow false. - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -454,6 +454,9 @@ pref("privacy.resistFingerprinting.letterboxing.gradient", true); pref("privacy.resistFingerprinting.letterboxing.rememberSize", false); // tor-browser#41695: How many warnings we show if user closes them without restoring the window size pref("privacy.resistFingerprinting.resizeWarnings", 3); +// tor-browser#43402: Avoid a resize from the skeleton to the newwin size. +// Should be fixed in ESR-140 with Bug 1448423. +pref("browser.startup.blankWindow", false); // Enforce Network Information API as disabled pref("dom.netinfo.enabled", false); pref("network.http.referer.defaultPolicy", 2); // Bug 32948: Make referer behavior consistent regardless of private browing mode status View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/9e5f763… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/9e5f763… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-14.0] Bug 41350: Increase timeout in rcodesign-notary-submit to 6000s
by boklm (＠boklm) 16 Jan '25

16 Jan '25

boklm pushed to branch maint-14.0 at The Tor Project / Applications / tor-browser-build Commits: a4137090 by Nicolas Vigier at 2025-01-16T16:44:34+01:00 Bug 41350: Increase timeout in rcodesign-notary-submit to 6000s - - - - - 1 changed file: - tools/signing/rcodesign-notary-submit Changes: ===================================== tools/signing/rcodesign-notary-submit ===================================== @@ -21,7 +21,7 @@ display_name=$(display_name) tar -C "$tmpdir" -xf "$macos_rcodesign_signed_tar_dir/$(project-name)-macos-${tbb_version}-rcodesign-signed.tar.zst" -"$script_dir/../local/rcodesign-128/rcodesign" notary-submit --api-key-path "$appstoreconnect_api_key_path" --staple "$tmpdir/$display_name.app" +"$script_dir/../local/rcodesign-128/rcodesign" notary-submit --max-wait-seconds 6000 --api-key-path "$appstoreconnect_api_key_path" --staple "$tmpdir/$display_name.app" output_file="$(project-name)-${tbb_version}-notarized+stapled.tar.zst" tar -C "$tmpdir" -caf "$tmpdir/$output_file" "$display_name.app" View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/a… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/a… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41350: Increase timeout in rcodesign-notary-submit to 6000s
by boklm (＠boklm) 16 Jan '25

16 Jan '25

boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 4e8172c9 by Nicolas Vigier at 2025-01-16T16:31:56+01:00 Bug 41350: Increase timeout in rcodesign-notary-submit to 6000s - - - - - 1 changed file: - tools/signing/rcodesign-notary-submit Changes: ===================================== tools/signing/rcodesign-notary-submit ===================================== @@ -21,7 +21,7 @@ display_name=$(display_name) tar -C "$tmpdir" -xf "$macos_rcodesign_signed_tar_dir/$(project-name)-macos-${tbb_version}-rcodesign-signed.tar.zst" -"$script_dir/../local/rcodesign-128/rcodesign" notary-submit --api-key-path "$appstoreconnect_api_key_path" --staple "$tmpdir/$display_name.app" +"$script_dir/../local/rcodesign-128/rcodesign" notary-submit --max-wait-seconds 6000 --api-key-path "$appstoreconnect_api_key_path" --staple "$tmpdir/$display_name.app" output_file="$(project-name)-${tbb_version}-notarized+stapled.tar.zst" tar -C "$tmpdir" -caf "$tmpdir/$output_file" "$display_name.app" View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-14.0] Bug 41345: Set GOTOOLCHAIN=local
by boklm (＠boklm) 16 Jan '25

16 Jan '25

boklm pushed to branch maint-14.0 at The Tor Project / Applications / tor-browser-build Commits: ff2c7ff4 by Nicolas Vigier at 2025-01-16T16:26:40+01:00 Bug 41345: Set GOTOOLCHAIN=local - - - - - 1 changed file: - projects/go/build Changes: ===================================== projects/go/build ===================================== @@ -51,6 +51,10 @@ cd /var/tmp/dist/go/src # so remove it to preserve reproducibility of the output. rm -rf /var/tmp/dist/go/pkg/obj/go-build/ +# Disable go autoupdates (tor-browser-build#41345) +# See https://go.dev/doc/toolchain +sed -i -e 's/^GOTOOLCHAIN=.*/GOTOOLCHAIN=local/' /var/tmp/dist/go/go.env + cd /var/tmp/dist [% c('tar', { tar_src => [ project ], View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/f… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/f… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41345: Set GOTOOLCHAIN=local
by boklm (＠boklm) 16 Jan '25

16 Jan '25

boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: bd681918 by Nicolas Vigier at 2025-01-16T16:25:25+01:00 Bug 41345: Set GOTOOLCHAIN=local - - - - - 1 changed file: - projects/go/build Changes: ===================================== projects/go/build ===================================== @@ -51,6 +51,10 @@ cd /var/tmp/dist/go/src # so remove it to preserve reproducibility of the output. rm -rf /var/tmp/dist/go/pkg/obj/go-build/ +# Disable go autoupdates (tor-browser-build#41345) +# See https://go.dev/doc/toolchain +sed -i -e 's/^GOTOOLCHAIN=.*/GOTOOLCHAIN=local/' /var/tmp/dist/go/go.env + cd /var/tmp/dist [% c('tar', { tar_src => [ project ], View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/b… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/b… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser-update-responses][main] alpha: new version, 14.5a2
by ma1 (＠ma1) 15 Jan '25

15 Jan '25

ma1 pushed to branch main at The Tor Project / Applications / mullvad-browser-update-responses Commits: 5e153b0f by hackademix at 2025-01-15T19:45:07+01:00 alpha: new version, 14.5a2 - - - - - 29 changed files: - update_1/alpha/.htaccess - − update_1/alpha/14.0a10-14.5a1-linux-x86_64-ALL.xml - − update_1/alpha/14.0a10-14.5a1-macos-ALL.xml - − update_1/alpha/14.0a10-14.5a1-windows-x86_64-ALL.xml - + update_1/alpha/14.0a10-14.5a2-linux-x86_64-ALL.xml - + update_1/alpha/14.0a10-14.5a2-macos-ALL.xml - + update_1/alpha/14.0a10-14.5a2-windows-x86_64-ALL.xml - − update_1/alpha/14.0a8-14.5a1-linux-x86_64-ALL.xml - − update_1/alpha/14.0a8-14.5a1-macos-ALL.xml - − update_1/alpha/14.0a8-14.5a1-windows-x86_64-ALL.xml - − update_1/alpha/14.0a9-14.5a1-linux-x86_64-ALL.xml - − update_1/alpha/14.0a9-14.5a1-macos-ALL.xml - − update_1/alpha/14.0a9-14.5a1-windows-x86_64-ALL.xml - + update_1/alpha/14.0a9-14.5a2-linux-x86_64-ALL.xml - + update_1/alpha/14.0a9-14.5a2-macos-ALL.xml - + update_1/alpha/14.0a9-14.5a2-windows-x86_64-ALL.xml - + update_1/alpha/14.5a1-14.5a2-linux-x86_64-ALL.xml - + update_1/alpha/14.5a1-14.5a2-macos-ALL.xml - + update_1/alpha/14.5a1-14.5a2-windows-x86_64-ALL.xml - − update_1/alpha/14.5a1-linux-x86_64-ALL.xml - − update_1/alpha/14.5a1-macos-ALL.xml - − update_1/alpha/14.5a1-windows-x86_64-ALL.xml - + update_1/alpha/14.5a2-linux-x86_64-ALL.xml - + update_1/alpha/14.5a2-macos-ALL.xml - + update_1/alpha/14.5a2-windows-x86_64-ALL.xml - update_1/alpha/download-linux-x86_64.json - update_1/alpha/download-macos.json - update_1/alpha/download-windows-x86_64.json - update_1/alpha/downloads.json Changes: ===================================== update_1/alpha/.htaccess ===================================== @@ -1,22 +1,22 @@ RewriteEngine On -RewriteRule ^[^/]+/14.5a1/ no-update.xml [last] -RewriteRule ^Linux_x86_64-gcc3/14.0a10/ALL 14.0a10-14.5a1-linux-x86_64-ALL.xml [last] -RewriteRule ^Linux_x86_64-gcc3/14.0a8/ALL 14.0a8-14.5a1-linux-x86_64-ALL.xml [last] -RewriteRule ^Linux_x86_64-gcc3/14.0a9/ALL 14.0a9-14.5a1-linux-x86_64-ALL.xml [last] -RewriteRule ^Linux_x86_64-gcc3/[^/]+/ALL 14.5a1-linux-x86_64-ALL.xml [last] -RewriteRule ^Linux_x86_64-gcc3/ 14.5a1-linux-x86_64-ALL.xml [last] -RewriteRule ^Darwin_x86_64-gcc3/14.0a10/ALL 14.0a10-14.5a1-macos-ALL.xml [last] -RewriteRule ^Darwin_x86_64-gcc3/14.0a8/ALL 14.0a8-14.5a1-macos-ALL.xml [last] -RewriteRule ^Darwin_x86_64-gcc3/14.0a9/ALL 14.0a9-14.5a1-macos-ALL.xml [last] -RewriteRule ^Darwin_x86_64-gcc3/[^/]+/ALL 14.5a1-macos-ALL.xml [last] -RewriteRule ^Darwin_x86_64-gcc3/ 14.5a1-macos-ALL.xml [last] -RewriteRule ^Darwin_aarch64-gcc3/14.0a10/ALL 14.0a10-14.5a1-macos-ALL.xml [last] -RewriteRule ^Darwin_aarch64-gcc3/14.0a8/ALL 14.0a8-14.5a1-macos-ALL.xml [last] -RewriteRule ^Darwin_aarch64-gcc3/14.0a9/ALL 14.0a9-14.5a1-macos-ALL.xml [last] -RewriteRule ^Darwin_aarch64-gcc3/[^/]+/ALL 14.5a1-macos-ALL.xml [last] -RewriteRule ^Darwin_aarch64-gcc3/ 14.5a1-macos-ALL.xml [last] -RewriteRule ^WINNT_x86_64-gcc3-x64/14.0a10/ALL 14.0a10-14.5a1-windows-x86_64-ALL.xml [last] -RewriteRule ^WINNT_x86_64-gcc3-x64/14.0a8/ALL 14.0a8-14.5a1-windows-x86_64-ALL.xml [last] -RewriteRule ^WINNT_x86_64-gcc3-x64/14.0a9/ALL 14.0a9-14.5a1-windows-x86_64-ALL.xml [last] -RewriteRule ^WINNT_x86_64-gcc3-x64/[^/]+/ALL 14.5a1-windows-x86_64-ALL.xml [last] -RewriteRule ^WINNT_x86_64-gcc3-x64/ 14.5a1-windows-x86_64-ALL.xml [last] +RewriteRule ^[^/]+/14.5a2/ no-update.xml [last] +RewriteRule ^Linux_x86_64-gcc3/14.0a10/ALL 14.0a10-14.5a2-linux-x86_64-ALL.xml [last] +RewriteRule ^Linux_x86_64-gcc3/14.0a9/ALL 14.0a9-14.5a2-linux-x86_64-ALL.xml [last] +RewriteRule ^Linux_x86_64-gcc3/14.5a1/ALL 14.5a1-14.5a2-linux-x86_64-ALL.xml [last] +RewriteRule ^Linux_x86_64-gcc3/[^/]+/ALL 14.5a2-linux-x86_64-ALL.xml [last] +RewriteRule ^Linux_x86_64-gcc3/ 14.5a2-linux-x86_64-ALL.xml [last] +RewriteRule ^Darwin_x86_64-gcc3/14.0a10/ALL 14.0a10-14.5a2-macos-ALL.xml [last] +RewriteRule ^Darwin_x86_64-gcc3/14.0a9/ALL 14.0a9-14.5a2-macos-ALL.xml [last] +RewriteRule ^Darwin_x86_64-gcc3/14.5a1/ALL 14.5a1-14.5a2-macos-ALL.xml [last] +RewriteRule ^Darwin_x86_64-gcc3/[^/]+/ALL 14.5a2-macos-ALL.xml [last] +RewriteRule ^Darwin_x86_64-gcc3/ 14.5a2-macos-ALL.xml [last] +RewriteRule ^Darwin_aarch64-gcc3/14.0a10/ALL 14.0a10-14.5a2-macos-ALL.xml [last] +RewriteRule ^Darwin_aarch64-gcc3/14.0a9/ALL 14.0a9-14.5a2-macos-ALL.xml [last] +RewriteRule ^Darwin_aarch64-gcc3/14.5a1/ALL 14.5a1-14.5a2-macos-ALL.xml [last] +RewriteRule ^Darwin_aarch64-gcc3/[^/]+/ALL 14.5a2-macos-ALL.xml [last] +RewriteRule ^Darwin_aarch64-gcc3/ 14.5a2-macos-ALL.xml [last] +RewriteRule ^WINNT_x86_64-gcc3-x64/14.0a10/ALL 14.0a10-14.5a2-windows-x86_64-ALL.xml [last] +RewriteRule ^WINNT_x86_64-gcc3-x64/14.0a9/ALL 14.0a9-14.5a2-windows-x86_64-ALL.xml [last] +RewriteRule ^WINNT_x86_64-gcc3-x64/14.5a1/ALL 14.5a1-14.5a2-windows-x86_64-ALL.xml [last] +RewriteRule ^WINNT_x86_64-gcc3-x64/[^/]+/ALL 14.5a2-windows-x86_64-ALL.xml [last] +RewriteRule ^WINNT_x86_64-gcc3-x64/ 14.5a2-windows-x86_64-ALL.xml [last] ===================================== update_1/alpha/14.0a10-14.5a1-linux-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="14.5a1" appVersion="14.5a1" platformVersion="128.5.0" buildID="20241125235826" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.5a1" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.5a1" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-linux-x86_64-14.5a1_…" size="114201508" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-linux-x86_64--14.0a1…" size="10719344" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a10-14.5a1-macos-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="14.5a1" appVersion="14.5a1" platformVersion="128.5.0" buildID="20241125235826" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.5a1" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.5a1" minSupportedOSVersion="19.0.0"><patch URL="https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-macos-14.5a1_ALL.mar" size="129310766" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-macos--14.0a10-14.5a…" size="15200549" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a10-14.5a1-windows-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="14.5a1" appVersion="14.5a1" platformVersion="128.5.0" buildID="20241125235826" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.5a1" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.5a1" minSupportedOSVersion="10.0"><patch URL="https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-windows-x86_64-14.5a…" size="97655960" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-windows-x86_64--14.0…" size="11109032" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a10-14.5a2-linux-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.5a2" appVersion="14.5a2" platformVersion="128.6.0" buildID="20250113190000" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.5a2" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.5a2" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-linux-x86_64-14.5a2_…" size="114333352" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-linux-x86_64--14.0a1…" size="11287432" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a10-14.5a2-macos-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.5a2" appVersion="14.5a2" platformVersion="128.6.0" buildID="20250113190000" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.5a2" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.5a2" minSupportedOSVersion="19.0.0"><patch URL="https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-macos-14.5a2_ALL.mar" size="129444826" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-macos--14.0a10-14.5a…" size="16169041" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a10-14.5a2-windows-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.5a2" appVersion="14.5a2" platformVersion="128.6.0" buildID="20250113190000" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.5a2" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.5a2" minSupportedOSVersion="10.0"><patch URL="https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-windows-x86_64-14.5a…" size="97749356" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-windows-x86_64--14.0…" size="11795240" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a8-14.5a1-linux-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="14.5a1" appVersion="14.5a1" platformVersion="128.5.0" buildID="20241125235826" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.5a1" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.5a1" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-linux-x86_64-14.5a1_…" size="114201508" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-linux-x86_64--14.0a8…" size="13246900" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a8-14.5a1-macos-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="14.5a1" appVersion="14.5a1" platformVersion="128.5.0" buildID="20241125235826" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.5a1" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.5a1" minSupportedOSVersion="19.0.0"><patch URL="https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-macos-14.5a1_ALL.mar" size="129310766" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-macos--14.0a8-14.5a1…" size="18726861" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a8-14.5a1-windows-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="14.5a1" appVersion="14.5a1" platformVersion="128.5.0" buildID="20241125235826" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.5a1" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.5a1" minSupportedOSVersion="10.0"><patch URL="https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-windows-x86_64-14.5a…" size="97655960" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-windows-x86_64--14.0…" size="17093460" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a9-14.5a1-linux-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="14.5a1" appVersion="14.5a1" platformVersion="128.5.0" buildID="20241125235826" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.5a1" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.5a1" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-linux-x86_64-14.5a1_…" size="114201508" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-linux-x86_64--14.0a9…" size="13241088" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a9-14.5a1-macos-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="14.5a1" appVersion="14.5a1" platformVersion="128.5.0" buildID="20241125235826" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.5a1" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.5a1" minSupportedOSVersion="19.0.0"><patch URL="https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-macos-14.5a1_ALL.mar" size="129310766" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-macos--14.0a9-14.5a1…" size="18706709" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a9-14.5a1-windows-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="14.5a1" appVersion="14.5a1" platformVersion="128.5.0" buildID="20241125235826" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.5a1" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.5a1" minSupportedOSVersion="10.0"><patch URL="https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-windows-x86_64-14.5a…" size="97655960" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-windows-x86_64--14.0…" size="17106048" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a9-14.5a2-linux-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.5a2" appVersion="14.5a2" platformVersion="128.6.0" buildID="20250113190000" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.5a2" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.5a2" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-linux-x86_64-14.5a2_…" size="114333352" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-linux-x86_64--14.0a9…" size="13533872" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a9-14.5a2-macos-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.5a2" appVersion="14.5a2" platformVersion="128.6.0" buildID="20250113190000" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.5a2" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.5a2" minSupportedOSVersion="19.0.0"><patch URL="https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-macos-14.5a2_ALL.mar" size="129444826" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-macos--14.0a9-14.5a2…" size="19049341" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.0a9-14.5a2-windows-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.5a2" appVersion="14.5a2" platformVersion="128.6.0" buildID="20250113190000" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.5a2" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.5a2" minSupportedOSVersion="10.0"><patch URL="https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-windows-x86_64-14.5a…" size="97749356" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-windows-x86_64--14.0…" size="17370808" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.5a1-14.5a2-linux-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.5a2" appVersion="14.5a2" platformVersion="128.6.0" buildID="20250113190000" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.5a2" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.5a2" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-linux-x86_64-14.5a2_…" size="114333352" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-linux-x86_64--14.5a1…" size="6787525" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.5a1-14.5a2-macos-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.5a2" appVersion="14.5a2" platformVersion="128.6.0" buildID="20250113190000" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.5a2" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.5a2" minSupportedOSVersion="19.0.0"><patch URL="https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-macos-14.5a2_ALL.mar" size="129444826" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-macos--14.5a1-14.5a2…" size="11557520" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.5a1-14.5a2-windows-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.5a2" appVersion="14.5a2" platformVersion="128.6.0" buildID="20250113190000" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.5a2" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.5a2" minSupportedOSVersion="10.0"><patch URL="https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-windows-x86_64-14.5a…" size="97749356" type="complete"></patch><patch URL="https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-windows-x86_64--14.5…" size="7252942" type="partial"></patch></update></updates> ===================================== update_1/alpha/14.5a1-linux-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="14.5a1" appVersion="14.5a1" platformVersion="128.5.0" buildID="20241125235826" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.5a1" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.5a1" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-linux-x86_64-14.5a1_…" size="114201508" type="complete"></patch></update></updates> ===================================== update_1/alpha/14.5a1-macos-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="14.5a1" appVersion="14.5a1" platformVersion="128.5.0" buildID="20241125235826" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.5a1" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.5a1" minSupportedOSVersion="19.0.0"><patch URL="https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-macos-14.5a1_ALL.mar" size="129310766" type="complete"></patch></update></updates> ===================================== update_1/alpha/14.5a1-windows-x86_64-ALL.xml deleted ===================================== @@ -1,2 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="14.5a1" appVersion="14.5a1" platformVersion="128.5.0" buildID="20241125235826" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.5a1" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.5a1" minSupportedOSVersion="10.0"><patch URL="https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-windows-x86_64-14.5a…" size="97655960" type="complete"></patch></update></updates> ===================================== update_1/alpha/14.5a2-linux-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.5a2" appVersion="14.5a2" platformVersion="128.6.0" buildID="20250113190000" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.5a2" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.5a2" minSupportedInstructionSet="SSE2"><patch URL="https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-linux-x86_64-14.5a2_…" size="114333352" type="complete"></patch></update></updates> ===================================== update_1/alpha/14.5a2-macos-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.5a2" appVersion="14.5a2" platformVersion="128.6.0" buildID="20250113190000" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.5a2" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.5a2" minSupportedOSVersion="19.0.0"><patch URL="https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-macos-14.5a2_ALL.mar" size="129444826" type="complete"></patch></update></updates> ===================================== update_1/alpha/14.5a2-windows-x86_64-ALL.xml ===================================== @@ -0,0 +1,2 @@ +<?xml version="1.0" encoding="UTF-8"?> +<updates><update type="minor" displayVersion="14.5a2" appVersion="14.5a2" platformVersion="128.6.0" buildID="20250113190000" detailsURL="https://github.com/mullvad/mullvad-browser/releases/14.5a2" actions="showURL" openURL="https://github.com/mullvad/mullvad-browser/releases/14.5a2" minSupportedOSVersion="10.0"><patch URL="https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-windows-x86_64-14.5a…" size="97749356" type="complete"></patch></update></updates> ===================================== update_1/alpha/download-linux-x86_64.json ===================================== @@ -1 +1 @@ -{"binary":"https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-linux-x86_64-14.5a1.…","git_tag":"mb-14.5a1-build1","sig":"https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-linux-x86_64-14.5a1.…","version":"14.5a1"} \ No newline at end of file +{"binary":"https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-linux-x86_64-14.5a2.…","git_tag":"mb-14.5a2-build2","sig":"https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-linux-x86_64-14.5a2.…","version":"14.5a2"} \ No newline at end of file ===================================== update_1/alpha/download-macos.json ===================================== @@ -1 +1 @@ -{"binary":"https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-macos-14.5a1.dmg","git_tag":"mb-14.5a1-build1","sig":"https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-macos-14.5a1.dmg.asc","version":"14.5a1"} \ No newline at end of file +{"binary":"https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-macos-14.5a2.dmg","git_tag":"mb-14.5a2-build2","sig":"https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-macos-14.5a2.dmg.asc","version":"14.5a2"} \ No newline at end of file ===================================== update_1/alpha/download-windows-x86_64.json ===================================== @@ -1 +1 @@ -{"binary":"https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-windows-x86_64-14.5a…","git_tag":"mb-14.5a1-build1","sig":"https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-windows-x86_64-14.5a…","version":"14.5a1"} \ No newline at end of file +{"binary":"https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-windows-x86_64-14.5a…","git_tag":"mb-14.5a2-build2","sig":"https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-windows-x86_64-14.5a…","version":"14.5a2"} \ No newline at end of file ===================================== update_1/alpha/downloads.json ===================================== @@ -1 +1 @@ -{"downloads":{"linux-x86_64":{"ALL":{"binary":"https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-linux-x86_64-14.5a1.…","sig":"https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-linux-x86_64-14.5a1.…"}},"macos":{"ALL":{"binary":"https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-macos-14.5a1.dmg","sig":"https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-macos-14.5a1.dmg.asc"}},"win64":{"ALL":{"binary":"https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-windows-x86_64-14.5a…","sig":"https://cdn.mullvad.net/browser/14.5a1/mullvad-browser-windows-x86_64-14.5a…"}}},"tag":"mb-14.5a1-build1","version":"14.5a1"} \ No newline at end of file +{"downloads":{"linux-x86_64":{"ALL":{"binary":"https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-linux-x86_64-14.5a2.…","sig":"https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-linux-x86_64-14.5a2.…"}},"macos":{"ALL":{"binary":"https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-macos-14.5a2.dmg","sig":"https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-macos-14.5a2.dmg.asc"}},"win64":{"ALL":{"binary":"https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-windows-x86_64-14.5a…","sig":"https://cdn.mullvad.net/browser/14.5a2/mullvad-browser-windows-x86_64-14.5a…"}}},"tag":"mb-14.5a2-build2","version":"14.5a2"} \ No newline at end of file View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser-update-respo… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser-update-respo… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-128.6.0esr-14.5-1] fixup! Firefox preference overrides.
by morgan (＠morgan) 15 Jan '25

15 Jan '25

morgan pushed to branch mullvad-browser-128.6.0esr-14.5-1 at The Tor Project / Applications / Mullvad Browser Commits: 701cc572 by Pier Angelo Vendrame at 2025-01-15T15:49:07+00:00 fixup! Firefox preference overrides. BB 41065: Hardcode the limit of storage quota. Currently, we return min(10GB, 0.2 * available space in the fs). This is bad for systems that have less than 50GB free, especially live systems, such as Tails. Set a pref to replace the available space with a hardcoded limit (5GiB). - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -87,6 +87,15 @@ pref("browser.sessionstore.privacy_level", 2); // Use the in-memory media cache and increase its maximum size (#29120) pref("browser.privatebrowsing.forceMediaMemoryCache", true); pref("media.memory_cache_max_size", 65536); +// tor-browser#41065: lie about the available quota. +// This value is in KiB, and will be divided by 5. Currently: 50GiB, to be +// coherent with Firefox's usual value. However, this might be too much for live +// systems. +// This will be the limit also after granting the persistent storage permission, +// but we are not interested in it, since we support only PBM. +// We can come back to it, and hardcode the two spaced differently, if we ever +// think we need it. +pref("dom.quotaManager.temporaryStorage.fixedLimit", 52428800); // Disable restore in case of crash (tor-browser#41503) // This should not be needed in PBM, but we added it anyway like other options. pref("browser.sessionstore.resume_from_crash", false); View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/701… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/701… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-128.6.0esr-14.5-1] fixup! Firefox preference overrides.
by morgan (＠morgan) 15 Jan '25

15 Jan '25

morgan pushed to branch base-browser-128.6.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 3a015664 by Pier Angelo Vendrame at 2025-01-15T15:47:59+00:00 fixup! Firefox preference overrides. BB 41065: Hardcode the limit of storage quota. Currently, we return min(10GB, 0.2 * available space in the fs). This is bad for systems that have less than 50GB free, especially live systems, such as Tails. Set a pref to replace the available space with a hardcoded limit (5GiB). - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -87,6 +87,15 @@ pref("browser.sessionstore.privacy_level", 2); // Use the in-memory media cache and increase its maximum size (#29120) pref("browser.privatebrowsing.forceMediaMemoryCache", true); pref("media.memory_cache_max_size", 65536); +// tor-browser#41065: lie about the available quota. +// This value is in KiB, and will be divided by 5. Currently: 50GiB, to be +// coherent with Firefox's usual value. However, this might be too much for live +// systems. +// This will be the limit also after granting the persistent storage permission, +// but we are not interested in it, since we support only PBM. +// We can come back to it, and hardcode the two spaced differently, if we ever +// think we need it. +pref("dom.quotaManager.temporaryStorage.fixedLimit", 52428800); // Disable restore in case of crash (tor-browser#41503) // This should not be needed in PBM, but we added it anyway like other options. pref("browser.sessionstore.resume_from_crash", false); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/3a01566… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/3a01566… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.6.0esr-14.5-1] fixup! Firefox preference overrides.
by morgan (＠morgan) 15 Jan '25

15 Jan '25

morgan pushed to branch tor-browser-128.6.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 3ee46ad9 by Pier Angelo Vendrame at 2025-01-15T14:13:53+00:00 fixup! Firefox preference overrides. BB 41065: Hardcode the limit of storage quota. Currently, we return min(10GB, 0.2 * available space in the fs). This is bad for systems that have less than 50GB free, especially live systems, such as Tails. Set a pref to replace the available space with a hardcoded limit (5GiB). - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -87,6 +87,15 @@ pref("browser.sessionstore.privacy_level", 2); // Use the in-memory media cache and increase its maximum size (#29120) pref("browser.privatebrowsing.forceMediaMemoryCache", true); pref("media.memory_cache_max_size", 65536); +// tor-browser#41065: lie about the available quota. +// This value is in KiB, and will be divided by 5. Currently: 50GiB, to be +// coherent with Firefox's usual value. However, this might be too much for live +// systems. +// This will be the limit also after granting the persistent storage permission, +// but we are not interested in it, since we support only PBM. +// We can come back to it, and hardcode the two spaced differently, if we ever +// think we need it. +pref("dom.quotaManager.temporaryStorage.fixedLimit", 52428800); // Disable restore in case of crash (tor-browser#41503) // This should not be needed in PBM, but we added it anyway like other options. pref("browser.sessionstore.resume_from_crash", false); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/3ee46ad… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/3ee46ad… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.6.0esr-14.5-1] fixup! Add CI for Tor Browser
by Pier Angelo Vendrame (＠pierov) 15 Jan '25

15 Jan '25

Pier Angelo Vendrame pushed to branch tor-browser-128.6.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 583b1391 by Beatriz Rizental at 2025-01-14T19:49:35+01:00 fixup! Add CI for Tor Browser - - - - - 1 changed file: - .gitlab/ci/jobs/startup-test/startup-test.yml Changes: ===================================== .gitlab/ci/jobs/startup-test/startup-test.yml ===================================== @@ -11,7 +11,7 @@ # - x86-win11 # script: # - ./mach python testing/mozbase/setup_development.py -# - ./mach python .gitlab/ci/jobs/startup-test/startup-test.py --platform windows --arch x86_64 --browser tor +# - ./mach python .gitlab/ci/jobs/startup-test/startup-test.py --platform windows --arch x86_64 --browser $BROWSER # rules: # - if: $CI_PIPELINE_SOURCE == "schedule" @@ -28,7 +28,7 @@ # - x86-macos # script: # - ./mach python testing/mozbase/setup_development.py -# - ./mach python .gitlab/ci/jobs/startup-test/startup-test.py --platform macos --arch x86_64 --browser tor +# - ./mach python .gitlab/ci/jobs/startup-test/startup-test.py --platform macos --arch x86_64 --browser $BROWSER # rules: # - if: $CI_PIPELINE_SOURCE == "schedule" @@ -46,6 +46,6 @@ startup-test-linux: - Xvfb :99 -screen 0 1400x900x24 & - export DISPLAY=:99 - ./mach python testing/mozbase/setup_development.py - - ./mach python .gitlab/ci/jobs/startup-test/startup-test.py --platform linux --arch x86_64 --browser tor + - ./mach python .gitlab/ci/jobs/startup-test/startup-test.py --platform linux --arch x86_64 --browser $BROWSER rules: - if: $CI_PIPELINE_SOURCE == "schedule" View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/583b139… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/583b139… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-update-responses][main] alpha: new version, 14.5a2
by ma1 (＠ma1) 15 Jan '25

15 Jan '25

ma1 pushed to branch main at The Tor Project / Applications / Tor Browser update responses Commits: 7cda591f by hackademix at 2025-01-15T09:15:55+01:00 alpha: new version, 14.5a2 - - - - - 39 changed files: - update_3/alpha/.htaccess - − update_3/alpha/14.0a7-14.5a1-windows-i686-ALL.xml - − update_3/alpha/14.0a7-14.5a1-windows-x86_64-ALL.xml - − update_3/alpha/14.0a8-14.5a1-windows-i686-ALL.xml - − update_3/alpha/14.0a8-14.5a1-windows-x86_64-ALL.xml - update_3/alpha/14.0a7-14.5a1-linux-i686-ALL.xml → update_3/alpha/14.0a8-14.5a2-linux-i686-ALL.xml - update_3/alpha/14.0a9-14.5a1-linux-x86_64-ALL.xml → update_3/alpha/14.0a8-14.5a2-linux-x86_64-ALL.xml - update_3/alpha/14.0a8-14.5a1-macos-ALL.xml → update_3/alpha/14.0a8-14.5a2-macos-ALL.xml - + update_3/alpha/14.0a8-14.5a2-windows-i686-ALL.xml - + update_3/alpha/14.0a8-14.5a2-windows-x86_64-ALL.xml - − update_3/alpha/14.0a9-14.5a1-windows-i686-ALL.xml - − update_3/alpha/14.0a9-14.5a1-windows-x86_64-ALL.xml - update_3/alpha/14.0a9-14.5a1-linux-i686-ALL.xml → update_3/alpha/14.0a9-14.5a2-linux-i686-ALL.xml - update_3/alpha/14.0a7-14.5a1-linux-x86_64-ALL.xml → update_3/alpha/14.0a9-14.5a2-linux-x86_64-ALL.xml - update_3/alpha/14.0a9-14.5a1-macos-ALL.xml → update_3/alpha/14.0a9-14.5a2-macos-ALL.xml - + update_3/alpha/14.0a9-14.5a2-windows-i686-ALL.xml - + update_3/alpha/14.0a9-14.5a2-windows-x86_64-ALL.xml - update_3/alpha/14.0a8-14.5a1-linux-i686-ALL.xml → update_3/alpha/14.5a1-14.5a2-linux-i686-ALL.xml - update_3/alpha/14.0a8-14.5a1-linux-x86_64-ALL.xml → update_3/alpha/14.5a1-14.5a2-linux-x86_64-ALL.xml - update_3/alpha/14.0a7-14.5a1-macos-ALL.xml → update_3/alpha/14.5a1-14.5a2-macos-ALL.xml - + update_3/alpha/14.5a1-14.5a2-windows-i686-ALL.xml - + update_3/alpha/14.5a1-14.5a2-windows-x86_64-ALL.xml - − update_3/alpha/14.5a1-windows-i686-ALL.xml - − update_3/alpha/14.5a1-windows-x86_64-ALL.xml - update_3/alpha/14.5a1-linux-i686-ALL.xml → update_3/alpha/14.5a2-linux-i686-ALL.xml - update_3/alpha/14.5a1-linux-x86_64-ALL.xml → update_3/alpha/14.5a2-linux-x86_64-ALL.xml - update_3/alpha/14.5a1-macos-ALL.xml → update_3/alpha/14.5a2-macos-ALL.xml - + update_3/alpha/14.5a2-windows-i686-ALL.xml - + update_3/alpha/14.5a2-windows-x86_64-ALL.xml - update_3/alpha/download-android-aarch64.json - update_3/alpha/download-android-armv7.json - update_3/alpha/download-android-x86.json - update_3/alpha/download-android-x86_64.json - update_3/alpha/download-linux-i686.json - update_3/alpha/download-linux-x86_64.json - update_3/alpha/download-macos.json - update_3/alpha/download-windows-i686.json - update_3/alpha/download-windows-x86_64.json - update_3/alpha/downloads.json The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.6.0esr-14.5-1] [android] Bug_43351: Add function to disable forcing ALL CAPS for the fenix...
by Pier Angelo Vendrame (＠pierov) 14 Jan '25

14 Jan '25

Pier Angelo Vendrame pushed to branch tor-browser-128.6.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 9891ea34 by clairehurst at 2025-01-14T18:24:40+00:00 [android] Bug_43351: Add function to disable forcing ALL CAPS for the fenix snackbar action button text This is needed because the default snackbar will force all caps, which can cause problems in some languages. See tor-browser#43351 and bugzilla bug 1935387. TODO: Remove once the forced all caps is removed by mozilla. - - - - - 2 changed files: - mobile/android/fenix/app/src/main/java/org/mozilla/fenix/HomeActivity.kt - mobile/android/fenix/app/src/main/java/org/mozilla/fenix/components/FenixSnackbar.kt Changes: ===================================== mobile/android/fenix/app/src/main/java/org/mozilla/fenix/HomeActivity.kt ===================================== @@ -1121,6 +1121,7 @@ open class HomeActivity : LocaleAwareAppCompatActivity(), NavHostActivity, TorIn isDisplayedWithBrowserToolbar = true, ) .setText(getString(R.string.connection_assist_connect_to_tor_before_opening_links)) + .setAllCapsForActionButton(false) .setAction(getString(R.string.connection_assist_connect_to_tor_before_opening_links_confirmation)) { torConnectionAssistViewModel.handleConnect(searchTermOrURL) if (navHost.navController.previousBackStackEntry?.destination?.id == R.id.torConnectionAssistFragment) { ===================================== mobile/android/fenix/app/src/main/java/org/mozilla/fenix/components/FenixSnackbar.kt ===================================== @@ -100,6 +100,14 @@ class FenixSnackbar private constructor( } } + /** + * @param textAllCaps Present the text in ALL CAPS. This may use a small-caps form when available. + * Overwrites the default value set in fenix_snackbar.xml + */ + fun setAllCapsForActionButton(textAllCaps: Boolean) = this.apply { + binding.snackbarBtn.isAllCaps = textAllCaps + } + companion object { const val LENGTH_LONG = Snackbar.LENGTH_LONG const val LENGTH_SHORT = Snackbar.LENGTH_SHORT View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/9891ea3… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/9891ea3… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag mb-14.5a2-build2
by Pier Angelo Vendrame (＠pierov) 14 Jan '25

14 Jan '25

Pier Angelo Vendrame pushed new tag mb-14.5a2-build2 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/mb-… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag tbb-14.5a2-build2
by Pier Angelo Vendrame (＠pierov) 14 Jan '25

14 Jan '25

Pier Angelo Vendrame pushed new tag tbb-14.5a2-build2 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/tbb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] 2 commits: Bug 41349: Fix var/copyright_year in Firefox.
by Pier Angelo Vendrame (＠pierov) 14 Jan '25

14 Jan '25

Pier Angelo Vendrame pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 3c1aed30 by Pier Angelo Vendrame at 2025-01-14T17:47:19+01:00 Bug 41349: Fix var/copyright_year in Firefox. GeckoView had the same problem, but the variable is not used anymore, so I removed the line rather than fix it. - - - - - 8880f6fa by Pier Angelo Vendrame at 2025-01-14T17:47:21+01:00 Bug 41349: Bump 14.5a2 to build2 for reproducibility issues. - - - - - 5 changed files: - projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt - projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt - projects/firefox/config - projects/geckoview/config - rbm.conf Changes: ===================================== projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt ===================================== @@ -21,7 +21,10 @@ Mullvad Browser 14.5a2 - January 14 2025 * All Platforms * Bug 43373: Do not run all CI jobs for scheduled jobs. [tor-browser] * Bug 41340: Update kick_devmole_build script with Mullvad's new GitHub workflow endpoint [tor-browser-build] + * Bug 41343: Add signing step to clean some files such as test artifacts [tor-browser-build] * Bug 40081: Support apt option for not installing recommended dependencies [rbm] + * Windows + macOS + * Bug 41349: Wrong copyright year makes build non-reproducible [tor-browser-build] * macOS * Bug 41325: Newer versions of 7z fail to extract our dmg files because of the /Applications symlink [tor-browser-build] * Bug 41327: Print more logs when make_full_update.sh failed to generate mar file in dmg2mar [tor-browser-build] ===================================== projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt ===================================== @@ -41,7 +41,10 @@ Tor Browser 14.5a2 - January 14 2025 * Bug 43374: Run the `update-translations` jobs independent of others [tor-browser] * Bug 41326: Remove var/torbrowser_legacy_version from rbm.conf in alpha/nightly [tor-browser-build] * Bug 41340: Update kick_devmole_build script with Mullvad's new GitHub workflow endpoint [tor-browser-build] + * Bug 41343: Add signing step to clean some files such as test artifacts [tor-browser-build] * Bug 40081: Support apt option for not installing recommended dependencies [rbm] + * Windows + macOS + * Bug 41349: Wrong copyright year makes build non-reproducible [tor-browser-build] * macOS * Bug 41325: Newer versions of 7z fail to extract our dmg files because of the /Applications symlink [tor-browser-build] * Bug 41327: Print more logs when make_full_update.sh failed to generate mar file in dmg2mar [tor-browser-build] ===================================== projects/firefox/config ===================================== @@ -21,7 +21,7 @@ var: browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' browser_build: 2 branding_directory_prefix: 'tb' - copyright_year: '[% exec("git show -s --format=%ci" _ c("git_hash") _ "^{commit}", { exec_noco => 1 }).remove("-.*") %]' + copyright_year: '[% exec("git show -s --format=%ci " _ c("git_hash") _ "^{commit}", { exec_noco => 1 }).remove("-.*") %]' nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-[% c("var/osname") %]' gitlab_project: https://gitlab.torproject.org/tpo/applications/tor-browser git_commit: '[% exec("git rev-parse " _ c("git_hash") _ "^{commit}", { exec_noco => 1 }) %]' ===================================== projects/geckoview/config ===================================== @@ -22,7 +22,6 @@ var: browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' browser_build: 2 - copyright_year: '[% exec("git show -s --format=%ci" _ c("git_hash") _ "^{commit}", { exec_noco => 1 }).remove("-.*") %]' gitlab_project: https://gitlab.torproject.org/tpo/applications/tor-browser git_commit: '[% exec("git rev-parse " _ c("git_hash") _ "^{commit}", { exec_noco => 1 }) %]' deps: ===================================== rbm.conf ===================================== @@ -74,7 +74,7 @@ buildconf: var: torbrowser_version: '14.5a2' - torbrowser_build: 'build1' + torbrowser_build: 'build2' # This should be the date of when the build is started. For the build # to be reproducible, browser_release_date should always be in the past. browser_release_date: '2025/01/13 19:00:00' View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-128.6.0esr-14.5-1] BB 43386: Use Firefox in the UA in RFP-exempt request.
by morgan (＠morgan) 14 Jan '25

14 Jan '25

morgan pushed to branch base-browser-128.6.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 6702da42 by Pier Angelo Vendrame at 2025-01-14T12:56:03+00:00 BB 43386: Use Firefox in the UA in RFP-exempt request. XHR requests initiated by extensions are exempt from RFP. Therefore, they report the actual app name, instead of Firefox, and the actual Firefox minor version. This happens whenever the app name has been customized and does not match a hardcoded "Firefox". - - - - - 1 changed file: - netwerk/protocol/http/nsHttpHandler.cpp Changes: ===================================== netwerk/protocol/http/nsHttpHandler.cpp ===================================== @@ -863,7 +863,7 @@ void nsHttpHandler::BuildUserAgent() { mUserAgent += '/'; mUserAgent += mProductSub; - bool isFirefox = mAppName.EqualsLiteral("Firefox"); + bool isFirefox = true; if (isFirefox || mCompatFirefoxEnabled) { // "Firefox/x.y" (compatibility) app token mUserAgent += ' '; View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/6702da4… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/6702da4… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.6.0esr-14.5-1] BB 43386: Use Firefox in the UA in RFP-exempt request.
by morgan (＠morgan) 14 Jan '25

14 Jan '25

morgan pushed to branch tor-browser-128.6.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 25998bbb by Pier Angelo Vendrame at 2025-01-14T12:54:50+00:00 BB 43386: Use Firefox in the UA in RFP-exempt request. XHR requests initiated by extensions are exempt from RFP. Therefore, they report the actual app name, instead of Firefox, and the actual Firefox minor version. This happens whenever the app name has been customized and does not match a hardcoded "Firefox". - - - - - 1 changed file: - netwerk/protocol/http/nsHttpHandler.cpp Changes: ===================================== netwerk/protocol/http/nsHttpHandler.cpp ===================================== @@ -863,7 +863,7 @@ void nsHttpHandler::BuildUserAgent() { mUserAgent += '/'; mUserAgent += mProductSub; - bool isFirefox = mAppName.EqualsLiteral("Firefox"); + bool isFirefox = true; if (isFirefox || mCompatFirefoxEnabled) { // "Firefox/x.y" (compatibility) app token mUserAgent += ' '; View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/25998bb… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/25998bb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-128.6.0esr-14.5-1] BB 43386: Use Firefox in the UA in RFP-exempt request.
by morgan (＠morgan) 14 Jan '25

14 Jan '25

morgan pushed to branch mullvad-browser-128.6.0esr-14.5-1 at The Tor Project / Applications / Mullvad Browser Commits: 9d9fe343 by Pier Angelo Vendrame at 2025-01-14T12:37:59+00:00 BB 43386: Use Firefox in the UA in RFP-exempt request. XHR requests initiated by extensions are exempt from RFP. Therefore, they report the actual app name, instead of Firefox, and the actual Firefox minor version. This happens whenever the app name has been customized and does not match a hardcoded "Firefox". - - - - - 1 changed file: - netwerk/protocol/http/nsHttpHandler.cpp Changes: ===================================== netwerk/protocol/http/nsHttpHandler.cpp ===================================== @@ -863,7 +863,7 @@ void nsHttpHandler::BuildUserAgent() { mUserAgent += '/'; mUserAgent += mProductSub; - bool isFirefox = mAppName.EqualsLiteral("Firefox"); + bool isFirefox = true; if (isFirefox || mCompatFirefoxEnabled) { // "Firefox/x.y" (compatibility) app token mUserAgent += ' '; View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/9d9… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/9d9… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-14.0] Bug 41343: Add clean-build-artifacts signing step
by boklm (＠boklm) 14 Jan '25

14 Jan '25

boklm pushed to branch maint-14.0 at The Tor Project / Applications / tor-browser-build Commits: f3ce729e by Nicolas Vigier at 2025-01-14T12:15:55+01:00 Bug 41343: Add clean-build-artifacts signing step Add step to remove Android test artifacts (added in tor-browser-build#41342) that we don't need to publish on dist.tpo. - - - - - 2 changed files: - + tools/signing/clean-build-artifacts - tools/signing/do-all-signing Changes: ===================================== tools/signing/clean-build-artifacts ===================================== @@ -0,0 +1,13 @@ +#!/bin/bash + +# This script removes some files we don't need to publish on dist.tpo + +set -e + +script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) +source "$script_dir/functions" + +cd "$signed_version_dir" + +# Remove Android test artifacts (tor-browser-build#41342) +rm -f -- *-androidTest.apk *-noopt-*.apk ===================================== tools/signing/do-all-signing ===================================== @@ -42,6 +42,10 @@ function sync-builder-unsigned-to-local-signed { "$script_dir/sync-builder-unsigned-to-local-signed" } +function clean-build-artifacts { + "$script_dir/clean-build-artifacts" +} + function sync-before-linux-signer-rcodesign-sign { "$script_dir/sync-local-to-linux-signer" } @@ -179,6 +183,7 @@ export SIGNING_PROJECTNAME do_step set-time-on-signing-machine do_step wait-for-finished-build do_step sync-builder-unsigned-to-local-signed +do_step clean-build-artifacts do_step sync-scripts-to-linux-signer do_step sync-before-linux-signer-rcodesign-sign do_step linux-signer-rcodesign-sign View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/f… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/f… You're receiving this email because of your account on gitlab.torproject.org.

1 0