- tbb-commits - lists.torproject.org

[Git][tpo/applications/tor-browser-build] Pushed new tag tbb-13.5.13-build1
by Pier Angelo Vendrame (＠pierov) 03 Mar '25

03 Mar '25

Pier Angelo Vendrame pushed new tag tbb-13.5.13-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/tbb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-13.5] Bug 41366: Prepare Tor Browser Legacy 13.5.13
by Pier Angelo Vendrame (＠pierov) 03 Mar '25

03 Mar '25

Pier Angelo Vendrame pushed to branch maint-13.5 at The Tor Project / Applications / tor-browser-build Commits: a92d6071 by Pier Angelo Vendrame at 2025-03-03T18:33:56+01:00 Bug 41366: Prepare Tor Browser Legacy 13.5.13 - - - - - 6 changed files: - projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt - projects/firefox/config - projects/openssl/config - projects/tor/config - projects/translation/config - rbm.conf Changes: ===================================== projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt ===================================== @@ -1,3 +1,18 @@ +Tor Browser 13.5.13 - March 04 2025 + * All Platforms + * Updated Firefox to 115.21.0esr + * Updated Tor to 0.4.8.14 + * Updated OpenSSL to 3.0.16 + * Bug 43168: Review ESR 115 expiry date for legacy OS message [tor-browser] + * Bug 43530: Rebase Tor Browser legacy onto 115.21.0esr [tor-browser] + * Bug 41362: Remove meek azure from the builtin bridges [tor-browser-build] + * Build System + * All Platforms + * Bug 41380: Update kick-devmole script to use Mullvad's new GitHub action [tor-browser-build] + * Bug 41384: OpenSSL hash files have changed format [tor-browser-build] + * macOS + * Bug 41367: Backport to legacy: Bug 41314: Add tools/setup-martools and use it in dmg2mar and update_response scripts [tor-browser-build] + Tor Browser 13.5.12 - February 04 2025 * All Platforms * Updated Firefox to 115.20.0esr @@ -14,7 +29,6 @@ Tor Browser 13.5.11 - July 01 2025 * All Platforms * Updated Firefox to 115.19.0esr * Updated NoScript to 12.1.1 - * Updated GeckoView to 115.19.0esr * Bug 43176: noscript-marker CSP warnings in the console [tor-browser] * Bug 43269: NoScript localization issue [tor-browser] * Bug 43282: Unable to click/tap/select anything adjacent the WebGL placeholders [tor-browser] ===================================== projects/firefox/config ===================================== @@ -14,12 +14,12 @@ container: use_container: 1 var: - firefox_platform_version: 115.20.0 + firefox_platform_version: 115.21.0 firefox_version: '[% c("var/firefox_platform_version") %]esr' browser_series: '13.5' browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' - browser_build: 3 + browser_build: 2 branding_directory_prefix: 'tb' copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-[% c("var/osname") %]' ===================================== projects/openssl/config ===================================== @@ -1,5 +1,5 @@ # vim: filetype=yaml sw=2 -version: 3.0.15 +version: 3.0.16 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' container: use_container: 1 @@ -36,5 +36,5 @@ input_files: - name: '[% c("var/compiler") %]' project: '[% c("var/compiler") %]' - URL: 'https://github.com/openssl/openssl/releases/download/openssl-[% c("version") %]/openssl-[% c("version") %].tar.gz' - sha256sum: 23c666d0edf20f14249b3d8f0368acaee9ab585b09e1de82107c66e1f3ec9533 + sha256sum: 57e03c50feab5d31b152af2b764f10379aecd8ee92f16c985983ce4a99f7ef86 name: openssl ===================================== projects/tor/config ===================================== @@ -1,6 +1,6 @@ # vim: filetype=yaml sw=2 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' -version: 0.4.8.13 +version: 0.4.8.14 git_hash: 'tor-[% c("version") %]' git_url: https://gitlab.torproject.org/tpo/core/tor.git git_submodule: 1 ===================================== projects/translation/config ===================================== @@ -12,13 +12,13 @@ compress_tar: 'gz' steps: base-browser: base-browser: '[% INCLUDE build %]' - git_hash: 93eddbd3888852c09e130d536fb3c9bd7e4e6f57 + git_hash: 21fed48fc58df9e6c4d9f67b048fcae831df50c9 targets: nightly: git_hash: 'base-browser' tor-browser: tor-browser: '[% INCLUDE build %]' - git_hash: dd30508387040bf0a1217a1eb9edb80ac21926f2 + git_hash: 100908b702f92bc001b69cdd70f96a6e63134516 targets: nightly: git_hash: 'tor-browser' ===================================== rbm.conf ===================================== @@ -73,18 +73,18 @@ buildconf: git_signtag_opt: '-s' var: - torbrowser_version: '13.5.12' + torbrowser_version: '13.5.13' torbrowser_build: 'build1' # This should be the date of when the build is started. For the build # to be reproducible, browser_release_date should always be in the past. - browser_release_date: '2025/02/03 10:30:01' + browser_release_date: '2025/03/03 17:00:00' browser_release_date_timestamp: '[% USE date; date.format(c("var/browser_release_date"), "%s") %]' updater_enabled: 1 build_mar: 1 torbrowser_incremental_from: + - 13.5.12 - 13.5.11 - 13.5.10 - - 13.5.9 mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]' # By default, we sort the list of installed packages. This allows sharing View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/a… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/a… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-13.5] Bug 41384: Fix the way we fetch OpenSSL sha256.
by Pier Angelo Vendrame (＠pierov) 03 Mar '25

03 Mar '25

Pier Angelo Vendrame pushed to branch maint-13.5 at The Tor Project / Applications / tor-browser-build Commits: 6ea176f3 by Pier Angelo Vendrame at 2025-03-03T18:33:04+01:00 Bug 41384: Fix the way we fetch OpenSSL sha256. OpenSSL used to have only the hash of the source archive in their .sha256 file, without the archive name. At a certain point, they moved to the format generated by sha256sum, so we need to update relprep.py to take that into account. - - - - - 1 changed file: - tools/relprep.py Changes: ===================================== tools/relprep.py ===================================== @@ -413,7 +413,7 @@ class ReleasePreparation: hash_url = f"https://github.com/openssl/openssl/releases/download/openssl-{version}/open…" r = requests.get(hash_url) r.raise_for_status() - source["sha256sum"] = r.text.strip() + source["sha256sum"] = r.text.strip()[:64] self.save_config("openssl", config) logger.debug("Updated OpenSSL to %s and config saved.", version) View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-14.0] Bug 41384: Fix the way we fetch OpenSSL sha256.
by Pier Angelo Vendrame (＠pierov) 03 Mar '25

03 Mar '25

Pier Angelo Vendrame pushed to branch maint-14.0 at The Tor Project / Applications / tor-browser-build Commits: 7fa2c5e4 by Pier Angelo Vendrame at 2025-03-03T18:31:34+01:00 Bug 41384: Fix the way we fetch OpenSSL sha256. OpenSSL used to have only the hash of the source archive in their .sha256 file, without the archive name. At a certain point, they moved to the format generated by sha256sum, so we need to update relprep.py to take that into account. - - - - - 1 changed file: - tools/relprep.py Changes: ===================================== tools/relprep.py ===================================== @@ -392,7 +392,7 @@ class ReleasePreparation: hash_url = f"https://github.com/openssl/openssl/releases/download/openssl-{version}/open…" r = requests.get(hash_url) r.raise_for_status() - source["sha256sum"] = r.text.strip() + source["sha256sum"] = r.text.strip()[:64] self.save_config("openssl", config) logger.debug("Updated OpenSSL to %s and config saved.", version) View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/7… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/7… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41384: Fix the way we fetch OpenSSL sha256.
by Pier Angelo Vendrame (＠pierov) 03 Mar '25

03 Mar '25

Pier Angelo Vendrame pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 06902e0b by Pier Angelo Vendrame at 2025-03-03T17:53:17+01:00 Bug 41384: Fix the way we fetch OpenSSL sha256. OpenSSL used to have only the hash of the source archive in their .sha256 file, without the archive name. At a certain point, they moved to the format generated by sha256sum, so we need to update relprep.py to take that into account. - - - - - 1 changed file: - tools/relprep.py Changes: ===================================== tools/relprep.py ===================================== @@ -392,7 +392,7 @@ class ReleasePreparation: hash_url = f"https://github.com/openssl/openssl/releases/download/openssl-{version}/open…" r = requests.get(hash_url) r.raise_for_status() - source["sha256sum"] = r.text.strip() + source["sha256sum"] = r.text.strip()[:64] self.save_config("openssl", config) logger.debug("Updated OpenSSL to %s and config saved.", version) View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/0… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/0… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag tbb-14.0.7-build2
by ma1 (＠ma1) 03 Mar '25

03 Mar '25

ma1 pushed new tag tbb-14.0.7-build2 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/tbb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-14.0] Bug 41360,41361 (build2): Prepare Tor,Mullvad Browsers 14.0.7
by ma1 (＠ma1) 03 Mar '25

03 Mar '25

ma1 pushed to branch maint-14.0 at The Tor Project / Applications / tor-browser-build Commits: 5a3864d5 by hackademix at 2025-03-03T16:46:45+01:00 Bug 41360,41361 (build2): Prepare Tor,Mullvad Browsers 14.0.7 - - - - - 2 changed files: - projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt - rbm.conf Changes: ===================================== projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt ===================================== @@ -12,6 +12,8 @@ Mullvad Browser 14.0.7 - March 04 2025 * Build System * All Platforms * Bug 41380: Update kick-devmole script to use Mullvad's new GitHub action [tor-browser-build] + * Linux + * Bug 41385: Copy only libstdc++.so.6 on Linux [tor-browser-build] Mullvad Browser 14.0.5 - February 04 2025 * All Platforms ===================================== rbm.conf ===================================== @@ -74,7 +74,7 @@ buildconf: var: torbrowser_version: '14.0.7' - torbrowser_build: 'build1' + torbrowser_build: 'build2' # This should be the date of when the build is started. For the build # to be reproducible, browser_release_date should always be in the past. browser_release_date: '2025/03/03 09:37:02' View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/5… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/5… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-14.0] Bug 41385: Copy libstdc++.so.6 only.
by ma1 (＠ma1) 03 Mar '25

03 Mar '25

ma1 pushed to branch maint-14.0 at The Tor Project / Applications / tor-browser-build Commits: 023c79bb by hackademix at 2025-03-03T16:21:10+01:00 Bug 41385: Copy libstdc++.so.6 only. - - - - - 1 changed file: - projects/firefox/build Changes: ===================================== projects/firefox/build ===================================== @@ -333,7 +333,7 @@ END; mkdir -p "$libdest" # Not copying libstdc++.so.* as that dups with the full libstdc++.so.6.0.xx the .6 links to # and libstdc++.so.6.0.28-gdb.py which is also not needed - cp /var/tmp/dist/gcc/[% c("var/libdir") %]/libstdc++.so.* "$libdest" + cp /var/tmp/dist/gcc/[% c("var/libdir") %]/libstdc++.so.6 "$libdest" [% IF c("var/asan") -%] cp /var/tmp/dist/gcc/[% c("var/libdir") %]/libasan.so.* "$libdest" cp /var/tmp/dist/gcc/[% c("var/libdir") %]/libubsan.so.* "$libdest" View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/0… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/0… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-14.0] Bug 41360 (fix): Update legacy version numbers.
by ma1 (＠ma1) 03 Mar '25

03 Mar '25

ma1 pushed to branch maint-14.0 at The Tor Project / Applications / tor-browser-build Commits: f86855dd by hackademix at 2025-03-03T14:18:24+01:00 Bug 41360 (fix): Update legacy version numbers. - - - - - 1 changed file: - rbm.conf Changes: ===================================== rbm.conf ===================================== @@ -88,8 +88,8 @@ var: - '[% IF c("var/mullvad-browser") %]14.0.3[% END %]' mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]' - torbrowser_legacy_version: 13.5.12 - torbrowser_legacy_platform_version: 115.20.0 + torbrowser_legacy_version: 13.5.13 + torbrowser_legacy_platform_version: 115.21.0 # By default, we sort the list of installed packages. This allows sharing # containers with identical list of packages, even if they are not listed View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/f… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/f… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag tbb-14.0.7-build1
by ma1 (＠ma1) 03 Mar '25

03 Mar '25

ma1 pushed new tag tbb-14.0.7-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/tbb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-14.0] 3 commits: Disable Go updating to stay on 1.22 for macOS 10.15 compat.
by ma1 (＠ma1) 03 Mar '25

03 Mar '25

ma1 pushed to branch maint-14.0 at The Tor Project / Applications / tor-browser-build Commits: 81c8abba by hackademix at 2025-03-03T10:34:30+01:00 Disable Go updating to stay on 1.22 for macOS 10.15 compat. - - - - - 7de2da28 by hackademix at 2025-03-03T11:35:27+01:00 Bug 41337 (fix) Use strip instead of $STRIP (undefined). - - - - - 3d341fde by hackademix at 2025-03-03T11:35:27+01:00 Bug 41360,41361: Prepare Tor,Mullvad Browsers 14.0.7 - - - - - 10 changed files: - projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt - projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt - projects/firefox/build - projects/firefox/config - projects/geckoview/config - projects/openssl/config - projects/translation/config - projects/zstd/config - rbm.conf - tools/relprep.py Changes: ===================================== projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt ===================================== @@ -1,3 +1,18 @@ +Mullvad Browser 14.0.7 - March 04 2025 + * All Platforms + * Updated Firefox to 128.8.0esr + * Bug 395: Set Mullvad Leta as default search engine [mullvad-browser] + * Bug 398: Rebase Mullvad Browser release onto Firefox 128.8.0esr [mullvad-browser] + * Bug 403: Backport Bugzilla 1915093: Don't prefetch HTTPS RR if proxyDNS is enabled [mullvad-browser] + * Bug 43536: Backport security fixes from Firefox 136 [tor-browser] + * macOS + * Bug 43468: ScreenCaptureKit framework should be a weak link [tor-browser] + * Linux + * Bug 394: Missing package when try to install Mullvad Browser in Debian Trixie [mullvad-browser] + * Build System + * All Platforms + * Bug 41380: Update kick-devmole script to use Mullvad's new GitHub action [tor-browser-build] + Mullvad Browser 14.0.5 - February 04 2025 * All Platforms * Updated Firefox to 128.7.0esr ===================================== projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt ===================================== @@ -1,3 +1,17 @@ +Tor Browser 14.0.7 - March 04 2025 + * All Platforms + * Updated OpenSSL to 3.0.16 + * Bug 43522: Rebase Tor Browser release onto 128.0.8esr [tor-browser] + * Bug 43536: Backport security fixes from Firefox 136 [tor-browser] + * Windows + macOS + Linux + * Updated Firefox to 128.8.0esr + * Android + * Updated GeckoView to 128.8.0esr + * Updated Zstandard to 1.5.7 + * Build System + * All Platforms + * Bug 41380: Update kick-devmole script to use Mullvad's new GitHub action [tor-browser-build] + Tor Browser 14.0.6 - February 07 2025 * All Platforms * Updated Tor to 0.4.8.14 ===================================== projects/firefox/build ===================================== @@ -341,7 +341,7 @@ END; # Strip and generate debuginfo for libs for LIB in "$libdest"/*so* do - "$STRIP" "$LIB" + strip "$LIB" done [% END -%] ===================================== projects/firefox/config ===================================== @@ -14,12 +14,12 @@ container: use_container: 1 var: - firefox_platform_version: '128.7.0' + firefox_platform_version: '128.8.0' firefox_version: '[% c("var/firefox_platform_version") %]esr' browser_series: '14.0' browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' - browser_build: 3 + browser_build: 2 branding_directory_prefix: 'tb' copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-[% c("var/osname") %]' ===================================== projects/geckoview/config ===================================== @@ -16,12 +16,12 @@ container: build_apk: 1 var: - firefox_platform_version: '128.7.0' + firefox_platform_version: '128.8.0' geckoview_version: '[% c("var/firefox_platform_version") %]esr' browser_series: '14.0' browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' - browser_build: 3 + browser_build: 2 copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' gitlab_project: https://gitlab.torproject.org/tpo/applications/tor-browser git_commit: '[% exec("git rev-parse HEAD") %]' ===================================== projects/openssl/config ===================================== @@ -1,5 +1,5 @@ # vim: filetype=yaml sw=2 -version: 3.0.15 +version: 3.0.16 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' container: use_container: 1 @@ -36,5 +36,5 @@ input_files: - name: '[% c("var/compiler") %]' project: '[% c("var/compiler") %]' - URL: 'https://github.com/openssl/openssl/releases/download/openssl-[% c("version") %]/openssl-[% c("version") %].tar.gz' - sha256sum: 23c666d0edf20f14249b3d8f0368acaee9ab585b09e1de82107c66e1f3ec9533 + sha256sum: 57e03c50feab5d31b152af2b764f10379aecd8ee92f16c985983ce4a99f7ef86 name: openssl ===================================== projects/translation/config ===================================== @@ -12,19 +12,19 @@ compress_tar: 'gz' steps: base-browser: base-browser: '[% INCLUDE build %]' - git_hash: 93eddbd3888852c09e130d536fb3c9bd7e4e6f57 + git_hash: 21fed48fc58df9e6c4d9f67b048fcae831df50c9 targets: nightly: git_hash: 'base-browser' tor-browser: tor-browser: '[% INCLUDE build %]' - git_hash: dd30508387040bf0a1217a1eb9edb80ac21926f2 + git_hash: 100908b702f92bc001b69cdd70f96a6e63134516 targets: nightly: git_hash: 'tor-browser' mullvad-browser: mullvad-browser: '[% INCLUDE build %]' - git_hash: 6a1ef41c664a5185e25ca2c4bbf5d7447bd888a7 + git_hash: d279ce2add9a5bb3fc71f24b55679e3e0706f0eb targets: nightly: git_hash: 'mullvad-browser' @@ -32,7 +32,7 @@ steps: fenix: '[% INCLUDE build %]' # We need to bump the commit before releasing but just pointing to a branch # might cause too much rebuidling of the Firefox part. - git_hash: e4f5825b1125e2c8c2aa8d4fdaa7e002d8f2934a + git_hash: 75d7b65ebdcde2bb5b8788d13a33373fc4084965 compress_tar: 'zst' targets: nightly: ===================================== projects/zstd/config ===================================== @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 -version: 1.5.6 +version: 1.5.7 git_url: https://github.com/facebook/zstd.git -git_hash: 794ea1b0afca0f020f4e57b6732332231fb23c70 +git_hash: f8745da6ff1ad1e7bab384bd1f9d742439278e99 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' container: ===================================== rbm.conf ===================================== @@ -73,18 +73,19 @@ buildconf: git_signtag_opt: '-s' var: - torbrowser_version: '14.0.6' + torbrowser_version: '14.0.7' torbrowser_build: 'build1' # This should be the date of when the build is started. For the build # to be reproducible, browser_release_date should always be in the past. - browser_release_date: '2025/02/06 18:43:58' + browser_release_date: '2025/03/03 09:37:02' browser_release_date_timestamp: '[% USE date; date.format(c("var/browser_release_date"), "%s") %]' updater_enabled: 1 build_mar: 1 torbrowser_incremental_from: + - '[% IF c("var/tor-browser") %]14.0.6[% END %]' - 14.0.5 - 14.0.4 - - 14.0.3 + - '[% IF c("var/mullvad-browser") %]14.0.3[% END %]' mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]' torbrowser_legacy_version: 13.5.12 ===================================== tools/relprep.py ===================================== @@ -135,7 +135,7 @@ class ReleasePreparation: self.update_zlib() if self.android: self.update_zstd() - self.update_go() + # self.update_go() self.update_manual() self.update_changelogs() View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new tag mullvad-browser-128.8.0esr-14.0-1-build2
by ma1 (＠ma1) 03 Mar '25

03 Mar '25

ma1 pushed new tag mullvad-browser-128.8.0esr-14.0-1-build2 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-128.8.0esr-14.0-1] 5 commits: Bug 1908488 - Improve dialogs. r=android-reviewers,gmalekpour, a=dmeehan [bp]
by ma1 (＠ma1) 03 Mar '25

03 Mar '25

ma1 pushed to branch mullvad-browser-128.8.0esr-14.0-1 at The Tor Project / Applications / Mullvad Browser Commits: 955c81f6 by Tara at 2025-03-03T10:15:09+01:00 Bug 1908488 - Improve dialogs. r=android-reviewers,gmalekpour, a=dmeehan [bp] Differential Revision: https://phabricator.services.mozilla.com/D236606 - - - - - 7377c502 by John Schanck at 2025-03-03T10:15:10+01:00 Bug 1922357 - disallow the fido: URI scheme. a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D237313 Differential Revision: https://phabricator.services.mozilla.com/D238681 - - - - - bddb7190 by Jeff Boek at 2025-03-03T10:15:11+01:00 Bug 1928334 - Handles animating activities a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D238342 Differential Revision: https://phabricator.services.mozilla.com/D238845 - - - - - 43064cfd by Tom Schuster at 2025-03-03T10:15:12+01:00 Bug 1942022 - Improve the about:protections CSP. r=firefox-desktop-core-reviewers ,mossop Differential Revision: https://phabricator.services.mozilla.com/D234507 - - - - - 64d9c395 by Tom Schuster at 2025-03-03T10:15:13+01:00 Bug 1942025 - Improve the about:privatebrowsing CSP. r=firefox-desktop-core-reviewers ,Gijs Differential Revision: https://phabricator.services.mozilla.com/D234508 - - - - - 11 changed files: - browser/components/privatebrowsing/content/aboutPrivateBrowsing.html - browser/components/protections/content/protections.html - mobile/android/android-components/components/browser/engine-gecko/src/main/java/mozilla/components/browser/engine/gecko/GeckoEngineSession.kt - mobile/android/android-components/components/browser/engine-gecko/src/test/java/mozilla/components/browser/engine/gecko/GeckoEngineSessionTest.kt - mobile/android/android-components/components/feature/app-links/src/main/java/mozilla/components/feature/app/links/AppLinksUseCases.kt - mobile/android/android-components/components/feature/app-links/src/test/java/mozilla/components/feature/app/links/AppLinksUseCasesTest.kt - mobile/android/android-components/components/feature/prompts/src/main/java/mozilla/components/feature/prompts/PromptFeature.kt - mobile/android/fenix/app/src/main/java/org/mozilla/fenix/HomeActivity.kt - mobile/android/fenix/app/src/main/java/org/mozilla/fenix/customtabs/ExternalAppBrowserActivity.kt - mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/IntentUtils.java - mobile/android/geckoview/src/test/java/org/mozilla/gecko/util/IntentUtilsTest.java Changes: ===================================== browser/components/privatebrowsing/content/aboutPrivateBrowsing.html ===================================== @@ -10,7 +10,7 @@ <meta charset="utf-8" /> <meta http-equiv="Content-Security-Policy" - content="default-src chrome: blob:; object-src 'none'" + content="default-src chrome:; img-src chrome: blob:; object-src 'none';" /> <meta name="color-scheme" content="light dark" /> <link rel="icon" href="chrome://browser/skin/privatebrowsing/favicon.svg" /> ===================================== browser/components/protections/content/protections.html ===================================== @@ -8,7 +8,7 @@ <meta charset="utf-8" /> <meta http-equiv="Content-Security-Policy" - content="default-src chrome: blob:; object-src 'none'" + content="default-src chrome:; object-src 'none'" /> <meta name="color-scheme" content="light dark" /> <link rel="localization" href="branding/brand.ftl" /> ===================================== mobile/android/android-components/components/browser/engine-gecko/src/main/java/mozilla/components/browser/engine/gecko/GeckoEngineSession.kt ===================================== @@ -1818,7 +1818,7 @@ class GeckoEngineSession( internal const val ABOUT_BLANK = "about:blank" internal const val JS_SCHEME = "javascript" internal val BLOCKED_SCHEMES = - listOf("file", "resource", JS_SCHEME) // See 1684761 and 1684947 + listOf("file", "resource", "fido", JS_SCHEME) // See 1684761 and 1684947 /** * Provides an ErrorType corresponding to the error code provided. ===================================== mobile/android/android-components/components/browser/engine-gecko/src/test/java/mozilla/components/browser/engine/gecko/GeckoEngineSessionTest.kt ===================================== @@ -631,6 +631,11 @@ class GeckoEngineSessionTest { engineSession.loadUrl("RESOURCE://package/test.text") verify(geckoSession, never()).load(GeckoSession.Loader().uri("resource://package/test.text")) verify(geckoSession, never()).load(GeckoSession.Loader().uri("RESOURCE://package/test.text")) + + engineSession.loadUrl("fido:/12345678") + engineSession.loadUrl("FIDO:/12345678") + verify(geckoSession, never()).load(GeckoSession.Loader().uri("fido:/12345678")) + verify(geckoSession, never()).load(GeckoSession.Loader().uri("FIDO:/12345678")) } @Test ===================================== mobile/android/android-components/components/feature/app-links/src/main/java/mozilla/components/feature/app/links/AppLinksUseCases.kt ===================================== @@ -313,6 +313,7 @@ class AppLinksUseCases( "https", "moz-extension", "moz-safe-about", "resource", "view-source", "ws", "wss", "blob", ) - internal val ALWAYS_DENY_SCHEMES: Set<String> = setOf("jar", "file", "javascript", "data", "about", "content") + internal val ALWAYS_DENY_SCHEMES: Set<String> = + setOf("jar", "file", "javascript", "data", "about", "content", "fido") } } ===================================== mobile/android/android-components/components/feature/app-links/src/test/java/mozilla/components/feature/app/links/AppLinksUseCasesTest.kt ===================================== @@ -47,6 +47,7 @@ class AppLinksUseCasesTest { private val javascriptUrl = "javascript:'hello, world'" private val jarUrl = "jar:file://some/path/test.html" private val contentUrl = "content://media/external_primary/downloads/12345" + private val fidoPath = "fido:12345678" private val fileType = "audio/mpeg" private val layerUrl = "https://example.com" private val layerPackage = "com.example.app" @@ -215,6 +216,15 @@ class AppLinksUseCasesTest { assertFalse(redirect.isRedirect()) } + @Test + fun `A fido url is not an app link`() { + val context = createContext(Triple(fidoPath, appPackage, "")) + val subject = AppLinksUseCases(context, { true }) + + val redirect = subject.interceptedAppLinkRedirect(fidoPath) + assertFalse(redirect.isRedirect()) + } + @Test fun `Will not redirect app link if browser option set to false and scheme is supported`() { val context = createContext(Triple(appUrl, appPackage, "")) ===================================== mobile/android/android-components/components/feature/prompts/src/main/java/mozilla/components/feature/prompts/PromptFeature.kt ===================================== @@ -9,6 +9,7 @@ import android.content.Intent import androidx.annotation.VisibleForTesting import androidx.annotation.VisibleForTesting.Companion.PRIVATE import androidx.core.view.isVisible +import androidx.fragment.app.DialogFragment import androidx.fragment.app.Fragment import androidx.fragment.app.FragmentManager import kotlinx.coroutines.CoroutineScope @@ -1094,7 +1095,15 @@ class PromptFeature private constructor( emitPromptDismissedFact(promptName = promptRequest::class.simpleName.ifNullOrEmpty { "" }) } + @VisibleForTesting + internal fun redirectDialogFragmentIsActive() = + (fragmentManager.findFragmentByTag("SHOULD_OPEN_APP_LINK_PROMPT_DIALOG") as? DialogFragment) != null + private fun canShowThisPrompt(promptRequest: PromptRequest): Boolean { + if (redirectDialogFragmentIsActive()) { + return false + } + return when (promptRequest) { is SingleChoice, is MultipleChoice, ===================================== mobile/android/fenix/app/src/main/java/org/mozilla/fenix/HomeActivity.kt ===================================== @@ -798,7 +798,7 @@ open class HomeActivity : LocaleAwareAppCompatActivity(), NavHostActivity { return false } - final override fun dispatchTouchEvent(ev: MotionEvent?): Boolean { + override fun dispatchTouchEvent(ev: MotionEvent?): Boolean { ProfilerMarkers.addForDispatchTouchEvent(components.core.engine.profiler, ev) return super.dispatchTouchEvent(ev) } ===================================== mobile/android/fenix/app/src/main/java/org/mozilla/fenix/customtabs/ExternalAppBrowserActivity.kt ===================================== @@ -7,6 +7,7 @@ package org.mozilla.fenix.customtabs import android.app.assist.AssistContent import android.net.Uri import android.os.Build +import android.view.MotionEvent import androidx.annotation.RequiresApi import androidx.annotation.VisibleForTesting import mozilla.components.browser.state.selector.findCustomTab @@ -24,6 +25,8 @@ const val EXTRA_IS_SANDBOX_CUSTOM_TAB = "org.mozilla.fenix.customtabs.EXTRA_IS_S */ @Suppress("TooManyFunctions") open class ExternalAppBrowserActivity : HomeActivity() { + var isFinishedAnimating = false + override fun onResume() { super.onResume() @@ -74,4 +77,17 @@ open class ExternalAppBrowserActivity : HomeActivity() { val currentTabUrl = getExternalTab()?.content?.url outContent?.webUri = currentTabUrl?.let { Uri.parse(it) } } + + override fun dispatchTouchEvent(ev: MotionEvent?): Boolean { + if (!isFinishedAnimating) { + return true + } + + return super.dispatchTouchEvent(ev) + } + + override fun onEnterAnimationComplete() { + super.onEnterAnimationComplete() + isFinishedAnimating = true + } } ===================================== mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/IntentUtils.java ===================================== @@ -76,6 +76,10 @@ public class IntentUtils { return getSafeIntent(aUri) != null; } + if ("fido".equals(scheme)) { + return false; + } + return true; } ===================================== mobile/android/geckoview/src/test/java/org/mozilla/gecko/util/IntentUtilsTest.java ===================================== @@ -63,4 +63,10 @@ public class IntentUtilsTest { final String uri = "intent:non_scheme_intent#Intent;end"; assertTrue(IntentUtils.isUriSafeForScheme(uri)); } + + @Test + public void unsafeFidoUri() { + final String uri = "fido:/12345678"; + assertFalse(IntentUtils.isUriSafeForScheme(uri)); + } } View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/cd… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/cd… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag base-browser-128.8.0esr-14.0-1-build2
by ma1 (＠ma1) 03 Mar '25

03 Mar '25

ma1 pushed new tag base-browser-128.8.0esr-14.0-1-build2 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/base-brow… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-128.8.0esr-14.0-1] 5 commits: Bug 1908488 - Improve dialogs. r=android-reviewers,gmalekpour, a=dmeehan [bp]
by ma1 (＠ma1) 03 Mar '25

03 Mar '25

ma1 pushed to branch base-browser-128.8.0esr-14.0-1 at The Tor Project / Applications / Tor Browser Commits: 8ada94b2 by Tara at 2025-03-03T10:09:21+01:00 Bug 1908488 - Improve dialogs. r=android-reviewers,gmalekpour, a=dmeehan [bp] Differential Revision: https://phabricator.services.mozilla.com/D236606 - - - - - ed4eb7c6 by John Schanck at 2025-03-03T10:09:22+01:00 Bug 1922357 - disallow the fido: URI scheme. a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D237313 Differential Revision: https://phabricator.services.mozilla.com/D238681 - - - - - f53d7d49 by Jeff Boek at 2025-03-03T10:09:23+01:00 Bug 1928334 - Handles animating activities a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D238342 Differential Revision: https://phabricator.services.mozilla.com/D238845 - - - - - bc8d56ec by Tom Schuster at 2025-03-03T10:09:24+01:00 Bug 1942022 - Improve the about:protections CSP. r=firefox-desktop-core-reviewers ,mossop Differential Revision: https://phabricator.services.mozilla.com/D234507 - - - - - 276610d2 by Tom Schuster at 2025-03-03T10:09:25+01:00 Bug 1942025 - Improve the about:privatebrowsing CSP. r=firefox-desktop-core-reviewers ,Gijs Differential Revision: https://phabricator.services.mozilla.com/D234508 - - - - - 11 changed files: - browser/components/privatebrowsing/content/aboutPrivateBrowsing.html - browser/components/protections/content/protections.html - mobile/android/android-components/components/browser/engine-gecko/src/main/java/mozilla/components/browser/engine/gecko/GeckoEngineSession.kt - mobile/android/android-components/components/browser/engine-gecko/src/test/java/mozilla/components/browser/engine/gecko/GeckoEngineSessionTest.kt - mobile/android/android-components/components/feature/app-links/src/main/java/mozilla/components/feature/app/links/AppLinksUseCases.kt - mobile/android/android-components/components/feature/app-links/src/test/java/mozilla/components/feature/app/links/AppLinksUseCasesTest.kt - mobile/android/android-components/components/feature/prompts/src/main/java/mozilla/components/feature/prompts/PromptFeature.kt - mobile/android/fenix/app/src/main/java/org/mozilla/fenix/HomeActivity.kt - mobile/android/fenix/app/src/main/java/org/mozilla/fenix/customtabs/ExternalAppBrowserActivity.kt - mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/IntentUtils.java - mobile/android/geckoview/src/test/java/org/mozilla/gecko/util/IntentUtilsTest.java Changes: ===================================== browser/components/privatebrowsing/content/aboutPrivateBrowsing.html ===================================== @@ -10,7 +10,7 @@ <meta charset="utf-8" /> <meta http-equiv="Content-Security-Policy" - content="default-src chrome: blob:; object-src 'none'" + content="default-src chrome:; img-src chrome: blob:; object-src 'none';" /> <meta name="color-scheme" content="light dark" /> <link rel="icon" href="chrome://browser/skin/privatebrowsing/favicon.svg" /> ===================================== browser/components/protections/content/protections.html ===================================== @@ -8,7 +8,7 @@ <meta charset="utf-8" /> <meta http-equiv="Content-Security-Policy" - content="default-src chrome: blob:; object-src 'none'" + content="default-src chrome:; object-src 'none'" /> <meta name="color-scheme" content="light dark" /> <link rel="localization" href="branding/brand.ftl" /> ===================================== mobile/android/android-components/components/browser/engine-gecko/src/main/java/mozilla/components/browser/engine/gecko/GeckoEngineSession.kt ===================================== @@ -1818,7 +1818,7 @@ class GeckoEngineSession( internal const val ABOUT_BLANK = "about:blank" internal const val JS_SCHEME = "javascript" internal val BLOCKED_SCHEMES = - listOf("file", "resource", JS_SCHEME) // See 1684761 and 1684947 + listOf("file", "resource", "fido", JS_SCHEME) // See 1684761 and 1684947 /** * Provides an ErrorType corresponding to the error code provided. ===================================== mobile/android/android-components/components/browser/engine-gecko/src/test/java/mozilla/components/browser/engine/gecko/GeckoEngineSessionTest.kt ===================================== @@ -631,6 +631,11 @@ class GeckoEngineSessionTest { engineSession.loadUrl("RESOURCE://package/test.text") verify(geckoSession, never()).load(GeckoSession.Loader().uri("resource://package/test.text")) verify(geckoSession, never()).load(GeckoSession.Loader().uri("RESOURCE://package/test.text")) + + engineSession.loadUrl("fido:/12345678") + engineSession.loadUrl("FIDO:/12345678") + verify(geckoSession, never()).load(GeckoSession.Loader().uri("fido:/12345678")) + verify(geckoSession, never()).load(GeckoSession.Loader().uri("FIDO:/12345678")) } @Test ===================================== mobile/android/android-components/components/feature/app-links/src/main/java/mozilla/components/feature/app/links/AppLinksUseCases.kt ===================================== @@ -313,6 +313,7 @@ class AppLinksUseCases( "https", "moz-extension", "moz-safe-about", "resource", "view-source", "ws", "wss", "blob", ) - internal val ALWAYS_DENY_SCHEMES: Set<String> = setOf("jar", "file", "javascript", "data", "about", "content") + internal val ALWAYS_DENY_SCHEMES: Set<String> = + setOf("jar", "file", "javascript", "data", "about", "content", "fido") } } ===================================== mobile/android/android-components/components/feature/app-links/src/test/java/mozilla/components/feature/app/links/AppLinksUseCasesTest.kt ===================================== @@ -47,6 +47,7 @@ class AppLinksUseCasesTest { private val javascriptUrl = "javascript:'hello, world'" private val jarUrl = "jar:file://some/path/test.html" private val contentUrl = "content://media/external_primary/downloads/12345" + private val fidoPath = "fido:12345678" private val fileType = "audio/mpeg" private val layerUrl = "https://example.com" private val layerPackage = "com.example.app" @@ -215,6 +216,15 @@ class AppLinksUseCasesTest { assertFalse(redirect.isRedirect()) } + @Test + fun `A fido url is not an app link`() { + val context = createContext(Triple(fidoPath, appPackage, "")) + val subject = AppLinksUseCases(context, { true }) + + val redirect = subject.interceptedAppLinkRedirect(fidoPath) + assertFalse(redirect.isRedirect()) + } + @Test fun `Will not redirect app link if browser option set to false and scheme is supported`() { val context = createContext(Triple(appUrl, appPackage, "")) ===================================== mobile/android/android-components/components/feature/prompts/src/main/java/mozilla/components/feature/prompts/PromptFeature.kt ===================================== @@ -9,6 +9,7 @@ import android.content.Intent import androidx.annotation.VisibleForTesting import androidx.annotation.VisibleForTesting.Companion.PRIVATE import androidx.core.view.isVisible +import androidx.fragment.app.DialogFragment import androidx.fragment.app.Fragment import androidx.fragment.app.FragmentManager import kotlinx.coroutines.CoroutineScope @@ -1094,7 +1095,15 @@ class PromptFeature private constructor( emitPromptDismissedFact(promptName = promptRequest::class.simpleName.ifNullOrEmpty { "" }) } + @VisibleForTesting + internal fun redirectDialogFragmentIsActive() = + (fragmentManager.findFragmentByTag("SHOULD_OPEN_APP_LINK_PROMPT_DIALOG") as? DialogFragment) != null + private fun canShowThisPrompt(promptRequest: PromptRequest): Boolean { + if (redirectDialogFragmentIsActive()) { + return false + } + return when (promptRequest) { is SingleChoice, is MultipleChoice, ===================================== mobile/android/fenix/app/src/main/java/org/mozilla/fenix/HomeActivity.kt ===================================== @@ -798,7 +798,7 @@ open class HomeActivity : LocaleAwareAppCompatActivity(), NavHostActivity { return false } - final override fun dispatchTouchEvent(ev: MotionEvent?): Boolean { + override fun dispatchTouchEvent(ev: MotionEvent?): Boolean { ProfilerMarkers.addForDispatchTouchEvent(components.core.engine.profiler, ev) return super.dispatchTouchEvent(ev) } ===================================== mobile/android/fenix/app/src/main/java/org/mozilla/fenix/customtabs/ExternalAppBrowserActivity.kt ===================================== @@ -7,6 +7,7 @@ package org.mozilla.fenix.customtabs import android.app.assist.AssistContent import android.net.Uri import android.os.Build +import android.view.MotionEvent import androidx.annotation.RequiresApi import androidx.annotation.VisibleForTesting import mozilla.components.browser.state.selector.findCustomTab @@ -24,6 +25,8 @@ const val EXTRA_IS_SANDBOX_CUSTOM_TAB = "org.mozilla.fenix.customtabs.EXTRA_IS_S */ @Suppress("TooManyFunctions") open class ExternalAppBrowserActivity : HomeActivity() { + var isFinishedAnimating = false + override fun onResume() { super.onResume() @@ -74,4 +77,17 @@ open class ExternalAppBrowserActivity : HomeActivity() { val currentTabUrl = getExternalTab()?.content?.url outContent?.webUri = currentTabUrl?.let { Uri.parse(it) } } + + override fun dispatchTouchEvent(ev: MotionEvent?): Boolean { + if (!isFinishedAnimating) { + return true + } + + return super.dispatchTouchEvent(ev) + } + + override fun onEnterAnimationComplete() { + super.onEnterAnimationComplete() + isFinishedAnimating = true + } } ===================================== mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/IntentUtils.java ===================================== @@ -76,6 +76,10 @@ public class IntentUtils { return getSafeIntent(aUri) != null; } + if ("fido".equals(scheme)) { + return false; + } + return true; } ===================================== mobile/android/geckoview/src/test/java/org/mozilla/gecko/util/IntentUtilsTest.java ===================================== @@ -63,4 +63,10 @@ public class IntentUtilsTest { final String uri = "intent:non_scheme_intent#Intent;end"; assertTrue(IntentUtils.isUriSafeForScheme(uri)); } + + @Test + public void unsafeFidoUri() { + final String uri = "fido:/12345678"; + assertFalse(IntentUtils.isUriSafeForScheme(uri)); + } } View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/10ea66… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/10ea66… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-115.21.0esr-13.5-1-build2
by ma1 (＠ma1) 03 Mar '25

03 Mar '25

ma1 pushed new tag tor-browser-115.21.0esr-13.5-1-build2 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.21.0esr-13.5-1] 5 commits: Bug 1866661 - Tests, a=dmeehan
by ma1 (＠ma1) 03 Mar '25

03 Mar '25

ma1 pushed to branch tor-browser-115.21.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: dc7ca927 by Emma Zuehlcke at 2025-03-02T22:59:10+01:00 Bug 1866661 - Tests, a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D237737 - - - - - 5f732399 by Rob Wu at 2025-03-02T23:50:30+01:00 Bug 1939087 - Truncate long name and log warning a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D233025 Differential Revision: https://phabricator.services.mozilla.com/D236900 - - - - - 4642da84 by Tom Schuster at 2025-03-02T23:55:34+01:00 Bug 1942022 - Improve the about:protections CSP. r=firefox-desktop-core-reviewers ,mossop Differential Revision: https://phabricator.services.mozilla.com/D234507 - - - - - 5d037355 by Tom Schuster at 2025-03-03T00:00:34+01:00 Bug 1942025 - Improve the about:privatebrowsing CSP. r=firefox-desktop-core-reviewers ,Gijs Differential Revision: https://phabricator.services.mozilla.com/D234508 - - - - - 6b0945a7 by Nazım Can Altınova at 2025-03-03T00:11:34+01:00 Bug 1943912 - Do not reset the chunk manager while shutdown a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D235642 Differential Revision: https://phabricator.services.mozilla.com/D237219 - - - - - 10 changed files: - browser/components/privatebrowsing/content/aboutPrivateBrowsing.html - browser/components/protections/content/protections.html - browser/components/protocolhandler/test/browser/browser_registerProtocolHandler_notification.js - toolkit/components/extensions/Extension.sys.mjs - toolkit/components/extensions/schemas/manifest.json - toolkit/components/extensions/test/xpcshell/test_ext_manifest.js - toolkit/mozapps/extensions/internal/XPIInstall.jsm - toolkit/mozapps/extensions/test/xpcshell/test_locale.js - tools/profiler/gecko/ProfilerChild.cpp - tools/profiler/public/ProfilerChild.h Changes: ===================================== browser/components/privatebrowsing/content/aboutPrivateBrowsing.html ===================================== @@ -10,7 +10,7 @@ <meta charset="utf-8" /> <meta http-equiv="Content-Security-Policy" - content="default-src chrome: blob:; object-src 'none'" + content="default-src chrome:; img-src chrome: blob:; object-src 'none';" /> <meta name="color-scheme" content="light dark" /> <link rel="icon" href="chrome://browser/skin/privatebrowsing/favicon.svg" /> ===================================== browser/components/protections/content/protections.html ===================================== @@ -8,7 +8,7 @@ <meta charset="utf-8" /> <meta http-equiv="Content-Security-Policy" - content="default-src chrome: blob:; object-src 'none'" + content="default-src chrome:; object-src 'none'" /> <meta name="color-scheme" content="light dark" /> <link rel="localization" href="branding/brand.ftl" /> ===================================== browser/components/protocolhandler/test/browser/browser_registerProtocolHandler_notification.js ===================================== @@ -6,7 +6,16 @@ const TEST_PATH = getRootDirectory(gTestPath).replace( "chrome://mochitests/content", "https://example.com" ); + +const SECURITY_DELAY = 3000; + add_task(async function () { + // Set a custom, higher security delay for the test to avoid races on slow + // builds. + await SpecialPowers.pushPrefEnv({ + set: [["security.notification_enable_delay", SECURITY_DELAY]], + }); + let notificationValue = "Protocol Registration: web+testprotocol"; let testURI = TEST_PATH + "browser_registerProtocolHandler_notification.html"; @@ -58,4 +67,16 @@ add_task(async function () { let button = buttons[0]; isnot(button.label, null, "We expect the add button to have a label."); todo(button.accesskey, "We expect the add button to have a accesskey."); + + ok(button.disabled, "We expect the button to be disabled initially."); + + let timeoutMS = SECURITY_DELAY + 100; + info(`Wait ${timeoutMS}ms for the button to enable.`); + // eslint-disable-next-line mozilla/no-arbitrary-setTimeout + await new Promise(resolve => setTimeout(resolve, SECURITY_DELAY + 100)); + + ok( + !button.disabled, + "We expect the button to be enabled after the security delay." + ); }); ===================================== toolkit/components/extensions/Extension.sys.mjs ===================================== @@ -1367,6 +1367,17 @@ export class ExtensionData { ); } + // AMO enforces a maximum length of 45 on the name since at least 2017, via + // https://github.com/mozilla/addons-linter/blame/c4507688899aaafe29c522f1b1ae… + // added in https://github.com/mozilla/addons-linter/pull/1169 + // To avoid breaking add-ons that do not go through AMO (e.g. temporarily + // loaded extensions), we enforce the limit by truncating and warning if + // needed, instead enforcing a maxLength on "name" in schemas/manifest.json. + // + // We set the limit to 75, which is a safe limit that matches the CWS, + // see https://bugzilla.mozilla.org/show_bug.cgi?id=1939087#c5 + static EXT_NAME_MAX_LEN = 75; + async initializeAddonTypeAndID() { if (this.type) { // Already initialized. @@ -1486,6 +1497,14 @@ export class ExtensionData { } } + if (manifest.name.length > ExtensionData.EXT_NAME_MAX_LEN) { + // Truncate and warn - see comment in EXT_NAME_MAX_LEN. + manifest.name = manifest.name.slice(0, ExtensionData.EXT_NAME_MAX_LEN); + this.manifestWarning( + `Warning processing "name": must be shorter than ${ExtensionData.EXT_NAME_MAX_LEN}` + ); + } + if ( this.manifestVersion < 3 && manifest.background && ===================================== toolkit/components/extensions/schemas/manifest.json ===================================== @@ -29,6 +29,7 @@ "name": { "type": "string", + "description": "Name must be at least 2, at should be at most 75 characters", "optional": false, "preprocess": "localize" }, ===================================== toolkit/components/extensions/test/xpcshell/test_ext_manifest.js ===================================== @@ -156,6 +156,28 @@ add_task( } ); +add_task(async function test_name_too_long() { + let extension = ExtensionTestUtils.loadExtension({ + manifest: { + // This length is 80, which exceeds ExtensionData.EXT_NAME_MAX_LEN: + name: "123456789_".repeat(8), + }, + }); + await extension.startup(); + equal( + extension.extension.name, + "123456789_123456789_123456789_123456789_123456789_123456789_123456789_12345", + "Name should be truncated" + ); + Assert.deepEqual( + extension.extension.warnings, + ['Reading manifest: Warning processing "name": must be shorter than 75'], + "Expected error message when the name is too long" + ); + + await extension.unload(); +}); + add_task(async function test_simpler_version_format() { const TEST_CASES = [ // Valid cases ===================================== toolkit/mozapps/extensions/internal/XPIInstall.jsm ===================================== @@ -560,6 +560,11 @@ async function loadManifestFromWebManifest(aPackage, aLocation) { contributors: null, locales: [aLocale], }; + if (result.name.length > lazy.ExtensionData.EXT_NAME_MAX_LEN) { + // See comment at EXT_NAME_MAX_LEN in Extension.sys.mjs. + logger.warn(`Truncating add-on name ${addon.id} for locale ${aLocale}`); + result.name = result.name.slice(0, lazy.ExtensionData.EXT_NAME_MAX_LEN); + } return result; } ===================================== toolkit/mozapps/extensions/test/xpcshell/test_locale.js ===================================== @@ -51,6 +51,13 @@ add_task(async function test_1() { description: "name", }, }, + "_locales/es-ES/messages.json": { + name: { + // This length is 80, which exceeds ExtensionData.EXT_NAME_MAX_LEN: + message: "123456789_".repeat(8), + description: "name with 80 chars, should truncate to 75", + }, + }, }, }); @@ -101,3 +108,18 @@ add_task(async function test_6() { await addon.enable(); }); + +add_task(async function test_name_too_long() { + await restartWithLocales(["es-ES"]); + + let addon = await AddonManager.getAddonByID("addon1(a)tests.mozilla.org"); + Assert.notEqual(addon, null); + + Assert.equal( + addon.name, + "123456789_123456789_123456789_123456789_123456789_123456789_123456789_12345", + "Name should be truncated" + ); + + await addon.enable(); +}); ===================================== tools/profiler/gecko/ProfilerChild.cpp ===================================== @@ -139,6 +139,12 @@ void ProfilerChild::SetupChunkManager() { }); } +/* static */ void ProfilerChild::ClearPendingUpdate() { + auto lockedUpdate = sPendingChunkManagerUpdate.Lock(); + lockedUpdate->mProfilerChild = nullptr; + lockedUpdate->mUpdate.Clear(); +} + void ProfilerChild::ResetChunkManager() { if (!mChunkManager) { return; @@ -149,9 +155,7 @@ void ProfilerChild::ResetChunkManager() { mChunkManager->SetUpdateCallback({}); // Clear the pending update. - auto lockedUpdate = sPendingChunkManagerUpdate.Lock(); - lockedUpdate->mProfilerChild = nullptr; - lockedUpdate->mUpdate.Clear(); + ClearPendingUpdate(); // And process a final update right now. ProcessChunkManagerUpdate( ProfileBufferControlledChunkManager::Update(nullptr)); @@ -483,7 +487,7 @@ void ProfilerChild::ActorDestroy(ActorDestroyReason aActorDestroyReason) { } void ProfilerChild::Destroy() { - ResetChunkManager(); + ClearPendingUpdate(); if (!mDestroyed) { Close(); } ===================================== tools/profiler/public/ProfilerChild.h ===================================== @@ -81,6 +81,8 @@ class ProfilerChild final : public PProfilerChild, void ProcessChunkManagerUpdate( ProfileBufferControlledChunkManager::Update&& aUpdate); + static void ClearPendingUpdate(); + static void GatherProfileThreadFunction(void* already_AddRefedParameters); nsCOMPtr<nsIThread> mThread; View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/48d984… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/48d984… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Deleted branch sec/tor-browser-115.21.0esr-13.5-1
by ma1 (＠ma1) 03 Mar '25

03 Mar '25

ma1 deleted branch sec/tor-browser-115.21.0esr-13.5-1 at The Tor Project / Applications / Tor Browser -- You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new branch sec/tor-browser-115.21.0esr-13.5-1
by ma1 (＠ma1) 03 Mar '25

03 Mar '25

ma1 pushed new branch sec/tor-browser-115.21.0esr-13.5-1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/sec/tor-b… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-128.8.0esr-14.0-1-build2
by ma1 (＠ma1) 03 Mar '25

03 Mar '25

ma1 pushed new tag tor-browser-128.8.0esr-14.0-1-build2 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.8.0esr-14.0-1] 5 commits: Bug 1908488 - Improve dialogs. r=android-reviewers,gmalekpour, a=dmeehan [bp]
by ma1 (＠ma1) 03 Mar '25

03 Mar '25

ma1 pushed to branch tor-browser-128.8.0esr-14.0-1 at The Tor Project / Applications / Tor Browser Commits: eb2f9e50 by Tara at 2025-03-02T23:38:07+01:00 Bug 1908488 - Improve dialogs. r=android-reviewers,gmalekpour, a=dmeehan [bp] Differential Revision: https://phabricator.services.mozilla.com/D236606 - - - - - 913be926 by John Schanck at 2025-03-02T23:42:15+01:00 Bug 1922357 - disallow the fido: URI scheme. a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D237313 Differential Revision: https://phabricator.services.mozilla.com/D238681 - - - - - 6eb75b58 by Jeff Boek at 2025-03-02T23:44:03+01:00 Bug 1928334 - Handles animating activities a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D238342 Differential Revision: https://phabricator.services.mozilla.com/D238845 - - - - - d7bd10bb by Tom Schuster at 2025-03-02T23:54:33+01:00 Bug 1942022 - Improve the about:protections CSP. r=firefox-desktop-core-reviewers ,mossop Differential Revision: https://phabricator.services.mozilla.com/D234507 - - - - - fada429d by Tom Schuster at 2025-03-02T23:59:43+01:00 Bug 1942025 - Improve the about:privatebrowsing CSP. r=firefox-desktop-core-reviewers ,Gijs Differential Revision: https://phabricator.services.mozilla.com/D234508 - - - - - 11 changed files: - browser/components/privatebrowsing/content/aboutPrivateBrowsing.html - browser/components/protections/content/protections.html - mobile/android/android-components/components/browser/engine-gecko/src/main/java/mozilla/components/browser/engine/gecko/GeckoEngineSession.kt - mobile/android/android-components/components/browser/engine-gecko/src/test/java/mozilla/components/browser/engine/gecko/GeckoEngineSessionTest.kt - mobile/android/android-components/components/feature/app-links/src/main/java/mozilla/components/feature/app/links/AppLinksUseCases.kt - mobile/android/android-components/components/feature/app-links/src/test/java/mozilla/components/feature/app/links/AppLinksUseCasesTest.kt - mobile/android/android-components/components/feature/prompts/src/main/java/mozilla/components/feature/prompts/PromptFeature.kt - mobile/android/fenix/app/src/main/java/org/mozilla/fenix/HomeActivity.kt - mobile/android/fenix/app/src/main/java/org/mozilla/fenix/customtabs/ExternalAppBrowserActivity.kt - mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/IntentUtils.java - mobile/android/geckoview/src/test/java/org/mozilla/gecko/util/IntentUtilsTest.java Changes: ===================================== browser/components/privatebrowsing/content/aboutPrivateBrowsing.html ===================================== @@ -10,7 +10,7 @@ <meta charset="utf-8" /> <meta http-equiv="Content-Security-Policy" - content="default-src chrome: blob:; object-src 'none'" + content="default-src chrome:; img-src chrome: blob:; object-src 'none';" /> <meta name="color-scheme" content="light dark" /> <link rel="icon" href="chrome://browser/skin/privatebrowsing/favicon.svg" /> ===================================== browser/components/protections/content/protections.html ===================================== @@ -8,7 +8,7 @@ <meta charset="utf-8" /> <meta http-equiv="Content-Security-Policy" - content="default-src chrome: blob:; object-src 'none'" + content="default-src chrome:; object-src 'none'" /> <meta name="color-scheme" content="light dark" /> <link rel="localization" href="branding/brand.ftl" /> ===================================== mobile/android/android-components/components/browser/engine-gecko/src/main/java/mozilla/components/browser/engine/gecko/GeckoEngineSession.kt ===================================== @@ -1822,7 +1822,7 @@ class GeckoEngineSession( internal const val ABOUT_BLANK = "about:blank" internal const val JS_SCHEME = "javascript" internal val BLOCKED_SCHEMES = - listOf("file", "resource", JS_SCHEME) // See 1684761 and 1684947 + listOf("file", "resource", "fido", JS_SCHEME) // See 1684761 and 1684947 /** * Provides an ErrorType corresponding to the error code provided. ===================================== mobile/android/android-components/components/browser/engine-gecko/src/test/java/mozilla/components/browser/engine/gecko/GeckoEngineSessionTest.kt ===================================== @@ -631,6 +631,11 @@ class GeckoEngineSessionTest { engineSession.loadUrl("RESOURCE://package/test.text") verify(geckoSession, never()).load(GeckoSession.Loader().uri("resource://package/test.text")) verify(geckoSession, never()).load(GeckoSession.Loader().uri("RESOURCE://package/test.text")) + + engineSession.loadUrl("fido:/12345678") + engineSession.loadUrl("FIDO:/12345678") + verify(geckoSession, never()).load(GeckoSession.Loader().uri("fido:/12345678")) + verify(geckoSession, never()).load(GeckoSession.Loader().uri("FIDO:/12345678")) } @Test ===================================== mobile/android/android-components/components/feature/app-links/src/main/java/mozilla/components/feature/app/links/AppLinksUseCases.kt ===================================== @@ -314,6 +314,7 @@ class AppLinksUseCases( "https", "moz-extension", "moz-safe-about", "resource", "view-source", "ws", "wss", "blob", ) - internal val ALWAYS_DENY_SCHEMES: Set<String> = setOf("jar", "file", "javascript", "data", "about", "content") + internal val ALWAYS_DENY_SCHEMES: Set<String> = + setOf("jar", "file", "javascript", "data", "about", "content", "fido") } } ===================================== mobile/android/android-components/components/feature/app-links/src/test/java/mozilla/components/feature/app/links/AppLinksUseCasesTest.kt ===================================== @@ -47,6 +47,7 @@ class AppLinksUseCasesTest { private val javascriptUrl = "javascript:'hello, world'" private val jarUrl = "jar:file://some/path/test.html" private val contentUrl = "content://media/external_primary/downloads/12345" + private val fidoPath = "fido:12345678" private val fileType = "audio/mpeg" private val layerUrl = "https://example.com" private val layerPackage = "com.example.app" @@ -215,6 +216,15 @@ class AppLinksUseCasesTest { assertFalse(redirect.isRedirect()) } + @Test + fun `A fido url is not an app link`() { + val context = createContext(Triple(fidoPath, appPackage, "")) + val subject = AppLinksUseCases(context, { true }) + + val redirect = subject.interceptedAppLinkRedirect(fidoPath) + assertFalse(redirect.isRedirect()) + } + @Test fun `Will not redirect app link if browser option set to false and scheme is supported`() { val context = createContext(Triple(appUrl, appPackage, "")) ===================================== mobile/android/android-components/components/feature/prompts/src/main/java/mozilla/components/feature/prompts/PromptFeature.kt ===================================== @@ -9,6 +9,7 @@ import android.content.Intent import androidx.annotation.VisibleForTesting import androidx.annotation.VisibleForTesting.Companion.PRIVATE import androidx.core.view.isVisible +import androidx.fragment.app.DialogFragment import androidx.fragment.app.Fragment import androidx.fragment.app.FragmentManager import kotlinx.coroutines.CoroutineScope @@ -1094,7 +1095,15 @@ class PromptFeature private constructor( emitPromptDismissedFact(promptName = promptRequest::class.simpleName.ifNullOrEmpty { "" }) } + @VisibleForTesting + internal fun redirectDialogFragmentIsActive() = + (fragmentManager.findFragmentByTag("SHOULD_OPEN_APP_LINK_PROMPT_DIALOG") as? DialogFragment) != null + private fun canShowThisPrompt(promptRequest: PromptRequest): Boolean { + if (redirectDialogFragmentIsActive()) { + return false + } + return when (promptRequest) { is SingleChoice, is MultipleChoice, ===================================== mobile/android/fenix/app/src/main/java/org/mozilla/fenix/HomeActivity.kt ===================================== @@ -903,7 +903,7 @@ open class HomeActivity : LocaleAwareAppCompatActivity(), NavHostActivity, TorIn return false } - final override fun dispatchTouchEvent(ev: MotionEvent?): Boolean { + override fun dispatchTouchEvent(ev: MotionEvent?): Boolean { ProfilerMarkers.addForDispatchTouchEvent(components.core.engine.profiler, ev) return super.dispatchTouchEvent(ev) } ===================================== mobile/android/fenix/app/src/main/java/org/mozilla/fenix/customtabs/ExternalAppBrowserActivity.kt ===================================== @@ -7,6 +7,7 @@ package org.mozilla.fenix.customtabs import android.app.assist.AssistContent import android.net.Uri import android.os.Build +import android.view.MotionEvent import androidx.annotation.RequiresApi import androidx.annotation.VisibleForTesting import mozilla.components.browser.state.selector.findCustomTab @@ -24,6 +25,8 @@ const val EXTRA_IS_SANDBOX_CUSTOM_TAB = "org.mozilla.fenix.customtabs.EXTRA_IS_S */ @Suppress("TooManyFunctions") open class ExternalAppBrowserActivity : HomeActivity() { + var isFinishedAnimating = false + override fun onResume() { super.onResume() @@ -74,4 +77,17 @@ open class ExternalAppBrowserActivity : HomeActivity() { val currentTabUrl = getExternalTab()?.content?.url outContent?.webUri = currentTabUrl?.let { Uri.parse(it) } } + + override fun dispatchTouchEvent(ev: MotionEvent?): Boolean { + if (!isFinishedAnimating) { + return true + } + + return super.dispatchTouchEvent(ev) + } + + override fun onEnterAnimationComplete() { + super.onEnterAnimationComplete() + isFinishedAnimating = true + } } ===================================== mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/IntentUtils.java ===================================== @@ -76,6 +76,10 @@ public class IntentUtils { return getSafeIntent(aUri) != null; } + if ("fido".equals(scheme)) { + return false; + } + return true; } ===================================== mobile/android/geckoview/src/test/java/org/mozilla/gecko/util/IntentUtilsTest.java ===================================== @@ -63,4 +63,10 @@ public class IntentUtilsTest { final String uri = "intent:non_scheme_intent#Intent;end"; assertTrue(IntentUtils.isUriSafeForScheme(uri)); } + + @Test + public void unsafeFidoUri() { + final String uri = "fido:/12345678"; + assertFalse(IntentUtils.isUriSafeForScheme(uri)); + } } View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/62d35a… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/62d35a… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-115.21.0esr-13.5-1-build1
by ma1 (＠ma1) 27 Feb '25

27 Feb '25

ma1 pushed new tag tor-browser-115.21.0esr-13.5-1-build1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new branch tor-browser-128.8.0esr-14.5-1
by clairehurst (＠clairehurst) 27 Feb '25

27 Feb '25

clairehurst pushed new branch tor-browser-128.8.0esr-14.5-1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-128.8.0esr-14.5-1] 49 commits: No bug - Tagging f3783ad20bf40a11fb4b7ed088236c1a9f7be362 with...
by clairehurst (＠clairehurst) 27 Feb '25

27 Feb '25

clairehurst pushed to branch base-browser-128.8.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 1e0489eb by Mozilla Releng Treescript at 2025-01-27T19:42:42+00:00 No bug - Tagging f3783ad20bf40a11fb4b7ed088236c1a9f7be362 with FIREFOX_128_7_0esr_BUILD1 a=release CLOSED TREE DONTBUILD - - - - - 7a2dc51e by Mozilla Releng Treescript at 2025-02-03T16:18:10+00:00 Update configs. IGNORE BROKEN CHANGESETS CLOSED TREE NO BUG a=release ba=release - - - - - f89561a1 by Mozilla Releng Treescript at 2025-02-04T13:18:39+00:00 No bug - Tagging f3783ad20bf40a11fb4b7ed088236c1a9f7be362 with FIREFOX_128_7_0esr_RELEASE a=release CLOSED TREE DONTBUILD - - - - - a8cf861b by Francesco Lodolo (:flod) at 2025-02-05T18:09:44+00:00 Bug 1944233 - Update localization shipping in ESR128, r=bolsson a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D235741 - - - - - 4f80e557 by ffxbld at 2025-02-06T13:04:48+00:00 No Bug, mozilla-esr128 repo-update HSTS HPKP remote-settings tld-suffixes - a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D237018 - - - - - 09639b06 by Rob Wu at 2025-02-06T14:16:44+00:00 Bug 1939087 - Truncate long name and log warning a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D233025 Differential Revision: https://phabricator.services.mozilla.com/D236900 - - - - - 0d315ac6 by Matthew Gregan at 2025-02-06T14:23:42+00:00 Bug 1944150 - Remove WASAPI stream shutdown timeout. r=cubeb-reviewers,padenot a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D236070 - - - - - 879ae06a by Gabriele Svelto at 2025-02-03T15:31:33+00:00 Bug 1944784 - Fix collecting the errors encountered when generating minidumps r=cmartin, a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D236202 - - - - - 836cb2bb by Randell Jesup at 2025-02-03T18:40:56+00:00 Bug 1944126: Update WebTransportChild r=saschanaz, a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D236002 - - - - - 9ca51377 by alwu at 2025-02-03T18:22:27+00:00 Bug 1922889 - add mutex. r=media-playback-reviewers,aosmond, a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D226398 - - - - - c3b0d15c by Nicolas B. Pierron at 2025-02-07T14:16:53+00:00 Bug 1940716 - convertDoubleToInt32: Clobber destination register when zero. a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D234893 Differential Revision: https://phabricator.services.mozilla.com/D236700 - - - - - a03dc5f4 by Rob Wu at 2025-02-07T18:08:44+00:00 Bug 1942259 - Move telnetlib import to BaseEmulator a=dmeehan emulator.py currently has an unconditional telnetlib import, but the file can also be imported when the functionality is not needed. Because telnetlib was removed from Python 3.13, this unconditional import breaks use cases that do not even care about telnet. As a stopgap measure until a better fix is available, move the import to the function that relies on telnet. Original Revision: https://phabricator.services.mozilla.com/D227995 Differential Revision: https://phabricator.services.mozilla.com/D236164 - - - - - b6a806fd by Rob Wu at 2025-02-07T18:08:44+00:00 Bug 1942259 - Replace pipes imports a=dmeehan pipes does not exist in Python 3.11 any more Original Revision: https://phabricator.services.mozilla.com/D227964 Differential Revision: https://phabricator.services.mozilla.com/D236165 - - - - - 97dfb547 by Bob Owen at 2025-02-07T20:23:56+00:00 Bug 1943586: Don't collect information in profiler_shutdown when we won't use it. a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D236346 Differential Revision: https://phabricator.services.mozilla.com/D237235 - - - - - ade99491 by Nazım Can Altınova at 2025-02-07T20:25:55+00:00 Bug 1943912 - Do not reset the chunk manager while shutdown a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D235642 Differential Revision: https://phabricator.services.mozilla.com/D237219 - - - - - 811f17ca by André Bargull at 2025-02-08T13:30:24+00:00 Bug 1945535: Update to tzdata 2025a (ESR128). r=spidermonkey-reviewers,dminor a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D236566 - - - - - 8b6f2a74 by Rob Wu at 2025-02-08T13:31:59+00:00 Bug 1826867 - Use NS_GetFinalChannelURI instead of GetURI in SessionHistoryEntry a=dmeehan When redirects are involved, `DocumentLoadListener::DoOnStartRequest` may call `ReplaceLoadingSessionHistoryEntryForLoad`, which updates the history entry with the destination of a redirect. But if the redirection target is a `moz-extension:`-URL, the URL becomes a jar:file:/file: URL. This is because SessionHistoryInfo (in SessionHistoryEntry.cpp) looks up the URL with `nsIChannel::GetURI`. For `moz-extension:`-URLs, the underlying channel has a `jar:file:` or `file:` URL, as provided by ExtensionProtocolHandler (via SubstitutingProtocolHandler::NewChannel). For details, see https://bugzilla.mozilla.org/show_bug.cgi?id=1826867#c7 To fix this, this patch switches to `NS_GetFinalChannelURI` instead. For more history on this type of bug and SessionHistoryInfo, see https://bugzilla.mozilla.org/show_bug.cgi?id=1826867#c9 Original Revision: https://phabricator.services.mozilla.com/D234333 Differential Revision: https://phabricator.services.mozilla.com/D236901 - - - - - f05fe128 by smayya at 2025-02-04T15:48:43+00:00 Bug 1938471 - Backed out changeset dcfa4149aaf3. r=necko-reviewers,kershaw, a=dmeehan Please see the explaination for the fix in the bug [[ https://bugzilla.mozilla.org/show_bug.cgi?id=1938471#c16 | comment ]] Differential Revision: https://phabricator.services.mozilla.com/D235761 - - - - - 90e6ebd6 by smayya at 2025-02-04T15:48:43+00:00 Bug 1938471 - synchronize access to FetchDriver::mObserver. r=necko-reviewers,kershaw, a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D235762 - - - - - 26960c9b by Peter Van der Beken at 2025-02-04T17:28:39+00:00 Bug 1944313 - Propagate XSLT expression failure correctly. r=farre, a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D235895 - - - - - 1594f8f8 by Iain Ireland at 2025-02-03T21:49:54+00:00 Bug 1942881: Remove RRegExpMatcher r=jandem, a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D236071 - - - - - 1efaf9ba by Lee Salzman at 2025-02-10T14:49:37+00:00 Bug 1945624. r=aosmond a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D236664 - - - - - 16e879ac by ffxbld at 2025-02-10T14:52:32+00:00 No Bug, mozilla-esr128 repo-update HSTS HPKP remote-settings tld-suffixes - a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D237538 - - - - - f44b9c99 by Kershaw Chang at 2025-02-10T18:02:23+00:00 Bug 1935004 - Remove res_ninit, a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D236345 Differential Revision: https://phabricator.services.mozilla.com/D237572 - - - - - 79e4b8e5 by Thomas Wisniewski at 2025-02-11T14:44:28+00:00 Bug 697151 - distinguish between SYNC and ASYNC XMLHttpRequests in nsIContentPolicy types, and have ChannelEventQueue::MaybeSuspendIfEventsAreSuppressed only suspend async ones; a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D213516 Differential Revision: https://phabricator.services.mozilla.com/D237613 - - - - - 9e1c0c56 by Francesco Lodolo (:flod) at 2025-02-12T01:15:35+00:00 Bug 1946647 - Fix icons in Panic button for history and new window, a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D237177 Differential Revision: https://phabricator.services.mozilla.com/D237320 - - - - - 7ab72cf9 by Valentin Gosu at 2025-02-12T14:38:27+00:00 Bug 1940027 - Use nsACString in jar code a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D237704 - - - - - 44335e4a by Emma Zuehlcke at 2025-02-12T15:30:13+00:00 Bug 1866661, a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D237567 - - - - - a4f13ef0 by Emma Zuehlcke at 2025-02-12T15:30:13+00:00 Bug 1866661 - Tests, a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D237737 - - - - - 6591785c by Emma Zuehlcke at 2025-02-12T15:30:14+00:00 Bug 1946105, a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D237570 - - - - - 4e2c99bb by Emma Zuehlcke at 2025-02-12T15:30:14+00:00 Bug 1946105 - Test, a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D237571 - - - - - b2095689 by Sean at 2025-02-13T00:23:02+00:00 Bug 1930742 - Add a glean probe for SSO cookie parsing success/failure a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D228715 Differential Revision: https://phabricator.services.mozilla.com/D237074 - - - - - 941b037a by Sean at 2025-02-13T00:23:02+00:00 Bug 1934271 - Remove GetQuery check in Entra SSO for SAML use cases a=dmeehan The [initial motivation](https://phabricator.services.mozilla.com/D216560#inline-1215772) behind checking whether the query is empty or not is to ensure that we don't perform SSO for URIs like `https://login.microsoft.com/`. However, we observed that Entra SSO can operate via SAML using the URI `https://login.microsoftonline.com/XXXXXX/saml2`. To address this, we decided to remove the check like in Windows Original Revision: https://phabricator.services.mozilla.com/D230714 Differential Revision: https://phabricator.services.mozilla.com/D237075 - - - - - 3c844788 by Sean at 2025-02-13T00:23:03+00:00 Bug 1944119 - Refactor MicrosoftEntraSSOUtils.mm a=dmeehan Currently, the delegate uses nested if statements. The patch simplifies this by replacing them with return/continues. Original Revision: https://phabricator.services.mozilla.com/D235688 Differential Revision: https://phabricator.services.mozilla.com/D237076 - - - - - 6d62493b by Sean at 2025-02-13T00:23:03+00:00 Bug 1945596 - Firefox should be still sending headers even if there are missing ones a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D236568 Differential Revision: https://phabricator.services.mozilla.com/D237077 - - - - - 55f838ff by Julian Descottes at 2025-01-31T11:01:49+00:00 Bug 1830888 - [devtools] Skip frequent macos intermittent browser_dbg-event-breakpoints.js r=devtools-reviewers,nchevobbe a=test-only DONTBUILD This test only seems to fail on macos, and is high frequency on this platform. - - - - - 29dc8d27 by ffxbld at 2025-02-13T13:01:10+00:00 No Bug, mozilla-esr128 repo-update HSTS HPKP remote-settings tld-suffixes - a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D238022 - - - - - a8224879 by Yannis Juglaret at 2025-02-14T14:36:16+00:00 Bug 1936749 - Disable ACG if we detect MpDetours.dll injection. a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D236890 Differential Revision: https://phabricator.services.mozilla.com/D238183 - - - - - 6d4b3a2d by ffxbld at 2025-02-17T12:06:42+00:00 No Bug, mozilla-esr128 repo-update HSTS HPKP remote-settings - a=pascalc Differential Revision: https://phabricator.services.mozilla.com/D238436 - - - - - 18e5ad73 by Iain Ireland at 2025-02-11T19:54:15+00:00 Bug 1947140: Compare against correct length in visitCompareSSingle r=jandem, a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D237658 - - - - - 2292a1e8 by Jan de Mooij at 2025-02-13T12:21:29+00:00 Bug 1946004 - Widen i32 return values in GenerateJitEntry. r=rhunt, a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D237530 - - - - - 3823e702 by Ben Hearsum at 2025-02-06T01:35:07+00:00 Bug 1940974: update verify should fail when the updater fails to download r=releng-reviewers,gabriel, a=dmeehan DONTBUILD Differential Revision: https://phabricator.services.mozilla.com/D236885 - - - - - 61730456 by ffxbld at 2025-02-20T12:54:56+00:00 No Bug, mozilla-esr128 repo-update HSTS HPKP remote-settings tld-suffixes - a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D238938 - - - - - e942f3ef by Andrew McCreight at 2025-02-20T12:59:23+00:00 Bug 1937634 - Make txMozillaXSLTProcessor::mStylesheetDocument strong. a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D232262 Differential Revision: https://phabricator.services.mozilla.com/D238777 - - - - - 37a3ea49 by Mike Kaply at 2025-02-20T13:16:27+00:00 Bug 1640931 - Allow policy to force addons in private browsing. a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D228607 Differential Revision: https://phabricator.services.mozilla.com/D238839 - - - - - 144f5c31 by Sandor Molnar at 2025-02-20T16:27:07+02:00 Bug 1640931 - Fix lint failures. a=lint-fix - - - - - 558ef1b0 by Jan Varga at 2025-02-20T08:35:22+00:00 Bug 1948111 - Don't re-initialize IndexedDatabaseManager::mLocale; r=dom-storage-reviewers,asuth, a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D238593 - - - - - 6d97cb78 by ffxbld at 2025-02-24T12:57:24+00:00 No Bug, mozilla-esr128 repo-update HSTS HPKP remote-settings tld-suffixes - a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D239319 - - - - - 0ab79d6e by Mozilla Releng Treescript at 2025-02-24T17:01:40+00:00 No bug - Tagging c685d5844a0e4f99ac535b6ffc641fbd07696c68 with FIREFOX_128_8_0esr_BUILD1 a=release CLOSED TREE DONTBUILD - - - - - 134 changed files: - .hgtags - CLOBBER - browser/base/content/browser.js - browser/components/enterprisepolicies/schemas/policies-schema.json - browser/components/enterprisepolicies/tests/browser/browser_policy_extensionsettings2.js - + browser/components/enterprisepolicies/tests/xpcshell/.eslintrc.js - browser/components/enterprisepolicies/tests/xpcshell/test_extensionsettings.js - browser/components/protocolhandler/test/browser/browser_registerProtocolHandler_notification.js - browser/components/tabbrowser/content/tabbrowser.js - browser/config/version.txt - browser/config/version_display.txt - browser/locales/l10n-changesets.json - browser/themes/shared/customizableui/panelUI-shared.css - config/external/icu/data/icudt73l.dat - config/milestone.txt - devtools/client/debugger/test/mochitest/browser_aj.toml - docshell/shistory/SessionHistoryEntry.cpp - dom/base/nsContentPolicyUtils.h - dom/base/nsContentUtils.h - dom/base/nsIContentPolicy.idl - dom/cache/DBSchema.cpp - dom/fetch/FetchDriver.cpp - dom/fetch/FetchDriver.h - dom/fetch/InternalRequest.cpp - dom/indexedDB/IndexedDatabaseManager.cpp - dom/indexedDB/IndexedDatabaseManager.h - dom/media/ipc/MFCDMChild.cpp - dom/media/ipc/MFCDMChild.h - dom/security/SecFetch.cpp - dom/security/nsCSPUtils.cpp - dom/webtransport/child/WebTransportChild.cpp - dom/xhr/XMLHttpRequestMainThread.cpp - dom/xslt/xml/txXMLParser.cpp - dom/xslt/xslt/txMozillaXSLTProcessor.cpp - dom/xslt/xslt/txMozillaXSLTProcessor.h - dom/xslt/xslt/txNodeSorter.cpp - dom/xslt/xslt/txNodeSorter.h - dom/xslt/xslt/txXPathResultComparator.cpp - dom/xslt/xslt/txXPathResultComparator.h - gfx/skia/skia/src/core/SkRegion.cpp - gfx/thebes/gfxFT2FontList.cpp - intl/hyphenation/glue/nsHyphenator.cpp - intl/locale/LocaleService.cpp - intl/tzdata/GIT-INFO - intl/tzdata/VERSION - intl/tzdata/source/be/metaZones.res - intl/tzdata/source/be/timezoneTypes.res - intl/tzdata/source/be/windowsZones.res - intl/tzdata/source/be/zoneinfo64.res - intl/tzdata/source/ee/metaZones.res - intl/tzdata/source/ee/timezoneTypes.res - intl/tzdata/source/ee/windowsZones.res - intl/tzdata/source/ee/zoneinfo64.res - intl/tzdata/source/le/metaZones.res - intl/tzdata/source/le/timezoneTypes.res - intl/tzdata/source/le/windowsZones.res - intl/tzdata/source/le/zoneinfo64.res - intl/tzdata/source/metaZones.txt - intl/tzdata/source/timezoneTypes.txt - intl/tzdata/source/windowsZones.txt - intl/tzdata/source/zoneinfo64.txt - js/src/builtin/intl/TimeZoneDataGenerated.h - + js/src/jit-test/tests/ion/bug1947140.js - js/src/jit/CodeGenerator.cpp - js/src/jit/MIROps.yaml - js/src/jit/Recover.cpp - js/src/jit/Recover.h - js/src/jit/arm/MacroAssembler-arm.cpp - js/src/jit/arm64/MacroAssembler-arm64.h - js/src/tests/lib/results.py - js/src/tests/non262/Intl/DateTimeFormat/timeZone_backward_links.js - js/src/tests/non262/Intl/DateTimeFormat/timeZone_backzone.js - js/src/tests/non262/Intl/DateTimeFormat/timeZone_backzone_links.js - js/src/tests/non262/Intl/DateTimeFormat/timeZone_notbackward_links.js - js/src/tests/non262/Intl/DateTimeFormat/timeZone_version.js - js/src/tests/non262/Intl/supportedValuesOf-timeZones-canonical.js - js/src/wasm/WasmStubs.cpp - js/xpconnect/loader/URLPreloader.cpp - + media/libcubeb/0005-remove-wasapi-timeout.patch - media/libcubeb/moz.yaml - media/libcubeb/src/cubeb_wasapi.cpp - modules/libjar/nsJAR.cpp - modules/libjar/nsJARInputStream.cpp - modules/libjar/nsZipArchive.cpp - modules/libjar/nsZipArchive.h - netwerk/dns/effective_tld_names.dat - netwerk/dns/nsHostResolver.cpp - netwerk/ipc/ChannelEventQueue.cpp - netwerk/ipc/ChannelEventQueue.h - netwerk/metrics.yaml - netwerk/protocol/http/MicrosoftEntraSSOUtils.mm - netwerk/protocol/http/nsHttpChannel.cpp - netwerk/test/fuzz/TestHttpFuzzing.cpp - security/manager/ssl/StaticHPKPins.h - security/manager/ssl/nsSTSPreloadList.inc - security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp - services/settings/dumps/blocklists/addons-bloomfilters.json - services/settings/dumps/blocklists/addons-bloomfilters/addons-mlbf.bin - services/settings/dumps/blocklists/addons-bloomfilters/addons-mlbf.bin.meta.json - services/settings/dumps/main/devtools-compatibility-browsers.json - services/settings/dumps/main/password-rules.json - services/settings/dumps/main/search-config-v2.json - services/settings/dumps/main/search-telemetry-v2.json - services/settings/dumps/main/translations-models.json - services/settings/dumps/main/url-classifier-skip-urls.json - services/settings/dumps/main/websites-with-shared-credential-backends.json - services/settings/dumps/security-state/intermediates.json - testing/mozbase/mozdevice/mozdevice/adb.py - testing/mozbase/mozrunner/mozrunner/devices/emulator.py - testing/web-platform/meta/xhr/send-sync-blocks-async.htm.ini - testing/web-platform/tests/tools/pytest.ini - testing/xpcshell/runxpcshelltests.py - toolkit/components/extensions/Extension.sys.mjs - toolkit/components/extensions/schemas/manifest.json - + toolkit/components/extensions/test/xpcshell/test_ext_dnr_redirect_main_frame.js - toolkit/components/extensions/test/xpcshell/test_ext_manifest.js - toolkit/components/extensions/test/xpcshell/xpcshell-common.toml - toolkit/content/widgets/notificationbox.js - toolkit/crashreporter/nsExceptionHandler.cpp - toolkit/mozapps/extensions/AddonManagerStartup.cpp - toolkit/mozapps/extensions/internal/XPIDatabase.sys.mjs - toolkit/mozapps/extensions/internal/XPIInstall.sys.mjs - toolkit/mozapps/extensions/test/xpcshell/test_builtin_location.js - toolkit/mozapps/extensions/test/xpcshell/test_locale.js - toolkit/mozapps/extensions/test/xpcshell/test_system_profile_location.js - tools/(a)types/lib.gecko.xpcom.d.ts - tools/profiler/core/platform.cpp - tools/profiler/gecko/ProfilerChild.cpp - tools/profiler/public/ProfilerChild.h - tools/update-verify/release/updates/verify.sh - xpcom/build/FileLocation.cpp - xpcom/build/FileLocation.h - xpcom/build/Omnijar.cpp - xpcom/components/nsComponentManager.cpp The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/2d8989… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/2d8989… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new branch base-browser-128.8.0esr-14.5-1
by clairehurst (＠clairehurst) 27 Feb '25

27 Feb '25

clairehurst pushed new branch base-browser-128.8.0esr-14.5-1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/base-brow… You're receiving this email because of your account on gitlab.torproject.org.

1 0