- tbb-commits - lists.torproject.org

[Git][tpo/applications/tor-browser][tor-browser-115.16.0esr-13.5-1] fixup! Firefox preference overrides.
by ma1 (＠ma1) 07 Oct '24

07 Oct '24

ma1 pushed to branch tor-browser-115.16.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 70c7a53e by hackademix at 2024-10-07T13:20:44+02:00 fixup! Firefox preference overrides. MB361: Disable only cyphersuites using SH1 for signing (ECDSA). - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -121,16 +121,13 @@ pref("network.http.referer.hideOnionSource", true); // [4] https://www.ssllabs.com/ssl-pulse/ pref("security.ssl.require_safe_negotiation", true); -// Bug 40183: Disable TLS ciphersuites using SHA-1 -// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40183 +// mullvad-browser#361: Disable TLS cyphersuites using SHA1 for signing (ECDSA) +// see https://bugzilla.mozilla.org/show_bug.cgi?id=1600437 +pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false); +pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false); +// lock those disabled by https://bugzilla.mozilla.org/show_bug.cgi?id=1036765 pref("security.ssl3.dhe_rsa_aes_128_sha", false, locked); pref("security.ssl3.dhe_rsa_aes_256_sha", false, locked); -pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false, locked); -pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false, locked); -pref("security.ssl3.ecdhe_rsa_aes_128_sha", false, locked); -pref("security.ssl3.ecdhe_rsa_aes_256_sha", false, locked); -pref("security.ssl3.rsa_aes_128_sha", false, locked); -pref("security.ssl3.rsa_aes_256_sha", false, locked); // Wrapping a static pref to lock it and prevent changing. // See tor-browser#40565. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/70c7a53… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/70c7a53… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-128.3.0esr-14.0-1] fixup! Firefox preference overrides.
by ma1 (＠ma1) 07 Oct '24

07 Oct '24

ma1 pushed to branch mullvad-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Mullvad Browser Commits: f2211840 by hackademix at 2024-10-07T13:20:13+02:00 fixup! Firefox preference overrides. MB361: Disable only cyphersuites using SH1 for signing (ECDSA). - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -139,16 +139,13 @@ pref("network.http.referer.hideOnionSource", true); // [4] https://www.ssllabs.com/ssl-pulse/ pref("security.ssl.require_safe_negotiation", true); -// Bug 40183: Disable TLS ciphersuites using SHA-1 -// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40183 +// mullvad-browser#361: Disable TLS cyphersuites using SHA1 for signing (ECDSA) +// see https://bugzilla.mozilla.org/show_bug.cgi?id=1600437 +pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false); +pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false); +// lock those disabled by https://bugzilla.mozilla.org/show_bug.cgi?id=1036765 pref("security.ssl3.dhe_rsa_aes_128_sha", false, locked); pref("security.ssl3.dhe_rsa_aes_256_sha", false, locked); -pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false, locked); -pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false, locked); -pref("security.ssl3.ecdhe_rsa_aes_128_sha", false, locked); -pref("security.ssl3.ecdhe_rsa_aes_256_sha", false, locked); -pref("security.ssl3.rsa_aes_128_sha", false, locked); -pref("security.ssl3.rsa_aes_256_sha", false, locked); // Wrapping a static pref to lock it and prevent changing. // See tor-browser#40565. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/f22… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/f22… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-128.3.0esr-14.0-1] fixup! Firefox preference overrides.
by ma1 (＠ma1) 07 Oct '24

07 Oct '24

ma1 pushed to branch base-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Tor Browser Commits: 70534c90 by hackademix at 2024-10-07T13:20:06+02:00 fixup! Firefox preference overrides. MB361: Disable only cyphersuites using SH1 for signing (ECDSA). - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -139,16 +139,13 @@ pref("network.http.referer.hideOnionSource", true); // [4] https://www.ssllabs.com/ssl-pulse/ pref("security.ssl.require_safe_negotiation", true); -// Bug 40183: Disable TLS ciphersuites using SHA-1 -// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40183 +// mullvad-browser#361: Disable TLS cyphersuites using SHA1 for signing (ECDSA) +// see https://bugzilla.mozilla.org/show_bug.cgi?id=1600437 +pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false); +pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false); +// lock those disabled by https://bugzilla.mozilla.org/show_bug.cgi?id=1036765 pref("security.ssl3.dhe_rsa_aes_128_sha", false, locked); pref("security.ssl3.dhe_rsa_aes_256_sha", false, locked); -pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false, locked); -pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false, locked); -pref("security.ssl3.ecdhe_rsa_aes_128_sha", false, locked); -pref("security.ssl3.ecdhe_rsa_aes_256_sha", false, locked); -pref("security.ssl3.rsa_aes_128_sha", false, locked); -pref("security.ssl3.rsa_aes_256_sha", false, locked); // Wrapping a static pref to lock it and prevent changing. // See tor-browser#40565. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/70534c9… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/70534c9… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.3.0esr-14.0-1] fixup! Firefox preference overrides.
by ma1 (＠ma1) 07 Oct '24

07 Oct '24

ma1 pushed to branch tor-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Tor Browser Commits: bbf13ec2 by hackademix at 2024-10-07T12:54:36+02:00 fixup! Firefox preference overrides. MB361: Disable only cyphersuites using SH1 for signing (ECDSA). - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -139,16 +139,13 @@ pref("network.http.referer.hideOnionSource", true); // [4] https://www.ssllabs.com/ssl-pulse/ pref("security.ssl.require_safe_negotiation", true); -// Bug 40183: Disable TLS ciphersuites using SHA-1 -// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40183 +// mullvad-browser#361: Disable TLS cyphersuites using SHA1 for signing (ECDSA) +// see https://bugzilla.mozilla.org/show_bug.cgi?id=1600437 +pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false); +pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false); +// lock those disabled by https://bugzilla.mozilla.org/show_bug.cgi?id=1036765 pref("security.ssl3.dhe_rsa_aes_128_sha", false, locked); pref("security.ssl3.dhe_rsa_aes_256_sha", false, locked); -pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false, locked); -pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false, locked); -pref("security.ssl3.ecdhe_rsa_aes_128_sha", false, locked); -pref("security.ssl3.ecdhe_rsa_aes_256_sha", false, locked); -pref("security.ssl3.rsa_aes_128_sha", false, locked); -pref("security.ssl3.rsa_aes_256_sha", false, locked); // Wrapping a static pref to lock it and prevent changing. // See tor-browser#40565. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/bbf13ec… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/bbf13ec… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/torbrowser-launcher][main] 2 commits: Update/Add Additional Abstractions for AppArmor
by asciiwolf (＠asciiwolf) 05 Oct '24

05 Oct '24

asciiwolf pushed to branch main at The Tor Project / Applications / torbrowser-launcher Commits: e049fdcc by Thomas Ward at 2024-10-05T10:14:32+00:00 Update/Add Additional Abstractions for AppArmor - - - - - 851ff330 by asciiwolf at 2024-10-05T10:14:32+00:00 There are two abstraction sets added. - The first is D-Bus session abstractions. There are D-Bus denies for opening dialog boxes and file open boxes, which need D-Bus abstractions to access the user sessions. Fixed by including abstractions/dbus-session (which also implicitly imports abstractions/dbus-session-strict for systemd user sessions) in the AppArmor rules, if the abstractions exist. The abstractions/dbus-session rule also requires adding an AppArmor owner rule for the ~/.cache/ibus/dbus-* socket. Otherwise, keyboard input will stop working. - The second is X abstractions. Observed initially in #588, systems that do NOT have GNOME installed on them, such as Lubuntu which uses LXQt and has ZERO GNOME components, will have issues accessing X11 sockets. In such systems, the implied abstractions/gnome already part of the AppArmor profile do not exist. Therefore, AppArmor will not import abstractions/gnome which includes the X abstractions because the GNOME abstractions definition does not exist. In such cases, components of the UI will not properly function with dialog boxes. This is why this is separately explicitly required, despite GNOME abstractions including X abstractions. - - - - - 1 changed file: - apparmor/torbrowser.Browser.firefox Changes: ===================================== apparmor/torbrowser.Browser.firefox ===================================== @@ -11,6 +11,8 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} { #include <abstractions/mesa> #include <abstractions/opencl> #include if exists <abstractions/vulkan> + #include if exists <abstractions/dbus-session> + #include if exists <abstractions/X> deny capability sys_ptrace, @@ -26,6 +28,9 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} { network netlink raw, network tcp, + # ibus socket + owner @{HOME}/.cache/ibus/dbus-* rw, + ptrace (trace) peer=@{profile_name}, signal (receive, send) set=("term") peer=@{profile_name}, View it on GitLab: https://gitlab.torproject.org/tpo/applications/torbrowser-launcher/-/compar… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/torbrowser-launcher/-/compar… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-13.5] Bug 41254: Stop copying cryptoSafetyPrompt.properties.
by Pier Angelo Vendrame (＠pierov) 04 Oct '24

04 Oct '24

Pier Angelo Vendrame pushed to branch maint-13.5 at The Tor Project / Applications / tor-browser-build Commits: cf68476c by Pier Angelo Vendrame at 2024-10-04T09:27:55+02:00 Bug 41254: Stop copying cryptoSafetyPrompt.properties. That file is not used anymore, and it was supposed to not exist, but it has been deleted only from the en-US directory in translation.git. - - - - - 1 changed file: - projects/firefox/build Changes: ===================================== projects/firefox/build ===================================== @@ -140,7 +140,6 @@ mkdir "$HOME/.mozbuild" fi [% END -%] mv "$transl_tor_browser/$source_lang/tor-browser.ftl" "$l10ncentral/$lang/toolkit/toolkit/global/" - mv "$transl_tor_browser/$source_lang/cryptoSafetyPrompt.properties" "$l10ncentral/$lang/browser/chrome/browser/" mv "$transl_tor_browser/$source_lang" "$torbutton_locales/$lang" echo "% locale torbutton $lang %locale/$lang/" >> "$torbutton_jar" echo " locale/$lang (chrome/locale/$lang/*)" >> "$torbutton_jar" View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/c… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/c… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag mb-14.0a8-build1
by morgan (＠morgan) 03 Oct '24

03 Oct '24

morgan pushed new tag mb-14.0a8-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/mb-… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag tbb-14.0a8-build1
by morgan (＠morgan) 03 Oct '24

03 Oct '24

morgan pushed new tag tbb-14.0a8-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/tbb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41249, 41250: Prepare Tor, Mullvad Browser 14.0a8
by morgan (＠morgan) 03 Oct '24

03 Oct '24

morgan pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: ab31d942 by Morgan at 2024-10-04T00:41:05+00:00 Bug 41249,41250: Prepare Tor,Mullvad Browser 14.0a8 - - - - - 8 changed files: - projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt - projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt - projects/browser/config - projects/firefox/config - projects/geckoview/config - projects/go/config - projects/translation/config - rbm.conf Changes: ===================================== projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt ===================================== @@ -1,3 +1,31 @@ +Mullvad Browser 14.0a8 - October 03 2024 + * All Platforms + * Updated uBlock Origin to 1.60.0 + * Bug 349: Tidy up mullvad Fluent files [mullvad-browser] + * Bug 30543: compat: make spoofed orientation reflect spoofed screen dimensions [1607032 + 1918202] [tor-browser] + * Bug 42054: ESR128: investigate - thorin's list [tor-browser] + * Bug 43164: Prevent search-bar from being auto-hidden when not used for awhile [tor-browser] + * Bug 43169: compat: align userAgent in navigator + HTTP Header [tor-browser] + * Bug 43173: Backport security fixes from Firefox 131 [tor-browser] + * Bug 43178: Audit fingerprinting overrides (MozBug 1834274) [tor-browser] + * Build System + * All Platforms + * Bug 43157: Move tb-dev to base-browser [tor-browser] + * Bug 41256: tools/signing/upload-update_responses-to-staticiforme should regenerate update-responses when it already exists [tor-browser-build] + +Mullvad Browser 13.5.6 - September 30 2024 + * All Platforms + * Updated Firefox to 115.16.0esr + * Updated NoScript to 11.4.40 + * Bug 356: Rebase Mullvad Browser Release onto Firefox 115.16.0esr [mullvad-browser] + * Bug 42832: Download spam prevention should not affect browser extensions [tor-browser] + * Bug 43173: Backport security fixes from Firefox 131 [tor-browser] + * Linux + * Bug 334: When set as default browser on Linux in standard mode, links don't open correctly [mullvad-browser] + * Build System + * macOS + * Bug 41231: Use var/browser_release_date in tools/signing/gatekeeper-bundling.sh [tor-browser-build] + Mullvad Browser 14.0a7 - September 27 2024 * All Platforms * Updated Firefox to 128.3.0esr ===================================== projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt ===================================== @@ -1,3 +1,54 @@ +Tor Browser 14.0a8 - October 03 2024 + * All Platforms + * Bug 30543: compat: make spoofed orientation reflect spoofed screen dimensions [1607032 + 1918202] [tor-browser] + * Bug 42054: ESR128: investigate - thorin's list [tor-browser] + * Bug 42716: Disable unwanted about:* pages [tor-browser] + * Bug 43170: Disable user-agent spoofing in HTTP header [tor-browser] + * Bug 43173: Backport security fixes from Firefox 131 [tor-browser] + * Bug 43178: Audit fingerprinting overrides (MozBug 1834274) [tor-browser] + * Windows + macOS + Linux + * Updated Firefox to 128.3.0esr + * Bug 43098: YEC 2024 Takeover for Desktop Stable [tor-browser] + * Bug 43149: Update donate URL in YEC 2024 desktop [tor-browser] + * Bug 43164: Prevent search-bar from being auto-hidden when not used for awhile [tor-browser] + * Bug 43169: compat: align userAgent in navigator + HTTP Header [tor-browser] + * Android + * Updated GeckoView to 128.3.0esr + * Bug 42660: Review the patch on Android's ProxySelector [tor-browser] + * Bug 43102: Android notifications tell to make Firefox your default browser + * Bug 43151: MOZ_DATA_REPORTING, MOZ_TELEMETRY_REPORTING, MOZ_CRASHREPORTER, and MOZ_BACKGROUNDTASKS enabled on Android [tor-browser] + * Build System + * All Platforms + * Updated Go to 1.23.2 + * Bug 43156: Update translation CI to account for the extended 13.5 release [tor-browser] + * Bug 43157: Move tb-dev to base-browser [tor-browser] + * Bug 43181: Run translation CI if there is a change in a string.xml file [tor-browser] + * Windows + macOS + Linux + * Bug 41247: Adapt tools/update-responses/update_responses to support multiple versions in the same xml files [tor-browser-build] + * Bug 41256: tools/signing/upload-update_responses-to-staticiforme should regenerate update-responses when it already exists [tor-browser-build] + +Tor Browser 13.5a11 - October 01 2024 + * All Platforms + * Bug 41252: Disable updating update_responses in 13.5-legacy branch [tor-browser-build] + * Windows + macOS + Linux + * Updated Firefox to 115.16.0esr + +Tor Browser 13.5.6 - September 30 2024 + * All Platforms + * Updated NoScript to 11.4.40 + * Bug 42832: Download spam prevention should not affect browser extensions [tor-browser] + * Bug 43167: Rebase Tor Browser Stable onto 115.16.0esr [tor-browser] + * Bug 43173: Backport security fixes from Firefox 131 [tor-browser] + * Windows + macOS + Linux + * Updated Firefox to 115.16.0esr + * Bug 42737: Drop the hash check on updates [tor-browser] + * Bug 43098: YEC 2024 Takeover for Desktop Stable [tor-browser] + * Windows + macOS + * Bug 42747: Windows 7/8 and macOS 10.12-10.14 Legacy/Maintenance [tor-browser] + * Android + * Updated GeckoView to 115.16.0esr + * Bug 43099: YEC 2024 Takeover for Android Stable [tor-browser] + Tor Browser 14.0a7 - September 27 2024 * All Platforms * Updated NoScript to 11.4.40 @@ -31,6 +82,12 @@ Tor Browser 13.5a10 - September 25 2024 * Windows + macOS + Linux * Updated Go to 1.21.12 +Tor Browser 13.5.5 - September 25 2024 + * Windows + macOS + * Bug 43125: Update message for legacy OS (windows ≤8.1, macOS ≤10.14) users [tor-browser] + * Linux + * Bug 334: When set as default browser on Linux in standard mode, links don't open correctly [mullvad-browser] + Tor Browser 14.0a6 - September 19 2024 * All Platforms * Bug 42831: Remove the shopping components [tor-browser] ===================================== projects/browser/config ===================================== @@ -111,9 +111,9 @@ input_files: - URL: https://addons.mozilla.org/firefox/downloads/file/4357325/noscript-11.4.40.… name: noscript sha256sum: 242ead426159d871480a13062cbee08abc97da746cdc5c643aee2692e9adbbb2 - - URL: https://addons.mozilla.org/firefox/downloads/file/4328681/ublock_origin-1.5… + - URL: https://addons.mozilla.org/firefox/downloads/file/4359936/ublock_origin-1.6… name: ublock-origin - sha256sum: 1db9c676a07d141f8d36dbbc24f9e3d64a6cc2340dbfc6c848bc4395f96cfb14 + sha256sum: e2cda9b2a1b0a7f6e5ef0da9f87f28df52f8560587ba2e51a3003121cfb81600 enable: '[% c("var/mullvad-browser") %]' - URL: https://cdn.mullvad.net/browser-extension/0.9.0/mullvad-browser-extension-0… name: mullvad-extension ===================================== projects/firefox/config ===================================== @@ -19,7 +19,7 @@ var: browser_series: '14.0' browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' - browser_build: 2 + browser_build: 3 branding_directory_prefix: 'tb' copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-[% c("var/osname") %]' @@ -107,7 +107,7 @@ targets: gitlab_project: https://gitlab.torproject.org/tpo/applications/mullvad-browser updater_url: 'https://cdn.mullvad.net/browser/update_responses/update_1/' nightly_updates_publish_dir_prefix: mullvadbrowser- - browser_build: 1 + browser_build: 2 linux-x86_64: var: ===================================== projects/geckoview/config ===================================== @@ -21,7 +21,7 @@ var: browser_series: '14.0' browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' - browser_build: 2 + browser_build: 3 copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' gitlab_project: https://gitlab.torproject.org/tpo/applications/tor-browser git_commit: '[% exec("git rev-parse HEAD") %]' ===================================== projects/go/config ===================================== @@ -1,5 +1,5 @@ # vim: filetype=yaml sw=2 -version: '1.23.1' +version: '1.23.2' filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' container: use_container: 1 @@ -126,7 +126,7 @@ input_files: enable: '[% ! c("var/linux") %]' - URL: 'https://go.dev/dl/go[% c("version") %].src.tar.gz' name: go - sha256sum: 6ee44e298379d146a5e5aa6b1c5b5d5f5d0a3365eabdd70741e6e21340ec3b0d + sha256sum: 36930162a93df417d90bd22c6e14daff4705baac2b02418edda671cdfa9cd07f - project: go-bootstrap name: go-bootstrap target_replace: ===================================== projects/translation/config ===================================== @@ -12,19 +12,19 @@ compress_tar: 'gz' steps: base-browser: base-browser: '[% INCLUDE build %]' - git_hash: 16446c485b3be4198a7e79bfcac6510784a18506 + git_hash: b7ce711e8ed8cf7b0cdf25a3055cf84bab5b7a1f targets: nightly: git_hash: 'base-browser' tor-browser: tor-browser: '[% INCLUDE build %]' - git_hash: 816fcde248e0e25c8ad921d25ec97a374a59ed94 + git_hash: 59037afe137abb612bc185ce438ac3a3c657def7 targets: nightly: git_hash: 'tor-browser' mullvad-browser: mullvad-browser: '[% INCLUDE build %]' - git_hash: 78212a3da2439e436ac5f73d8e3eb908145c3ece + git_hash: 2f7d98b46ce480cdb4d7e9ddab912650c8673d6c targets: nightly: git_hash: 'mullvad-browser' @@ -32,7 +32,7 @@ steps: fenix: '[% INCLUDE build %]' # We need to bump the commit before releasing but just pointing to a branch # might cause too much rebuidling of the Firefox part. - git_hash: 12b033e4192448315794f5fe8203fe91dcc29a8c + git_hash: 11f4fdc77fa45fe6ff0d47d1586dea0779b354ee compress_tar: 'zst' targets: nightly: ===================================== rbm.conf ===================================== @@ -73,18 +73,18 @@ buildconf: git_signtag_opt: '-s' var: - torbrowser_version: '14.0a7' + torbrowser_version: '14.0a8' torbrowser_build: 'build1' # This should be the date of when the build is started. For the build # to be reproducible, browser_release_date should always be in the past. - browser_release_date: '2024/09/27 00:19:33' + browser_release_date: '2024/10/03 19:27:08' browser_release_date_timestamp: '[% USE date; date.format(c("var/browser_release_date"), "%s") %]' updater_enabled: 1 build_mar: 1 torbrowser_incremental_from: + - 14.0a7 - 14.0a6 - 14.0a5 - - 14.0a4 mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]' torbrowser_legacy_version: 13.5a11 View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/a… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/a… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new tag mullvad-browser-128.3.0esr-14.0-1-build2
by morgan (＠morgan) 03 Oct '24

03 Oct '24

morgan pushed new tag mullvad-browser-128.3.0esr-14.0-1-build2 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-128.3.0esr-14.0-1-build3
by morgan (＠morgan) 03 Oct '24

03 Oct '24

morgan pushed new tag tor-browser-128.3.0esr-14.0-1-build3 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.3.0esr-14.0-1] fixup! Bug 40562: Added Tor Browser preferences to 000-tor-browser.js
by morgan (＠morgan) 03 Oct '24

03 Oct '24

morgan pushed to branch tor-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Tor Browser Commits: ba2f51a4 by Morgan at 2024-10-04T00:41:54+00:00 fixup! Bug 40562: Added Tor Browser preferences to 000-tor-browser.js Bug 43170: Disable user-agent spoofing in HTTP header - - - - - 1 changed file: - browser/app/profile/000-tor-browser.js Changes: ===================================== browser/app/profile/000-tor-browser.js ===================================== @@ -52,9 +52,8 @@ pref("network.http.connection-retry-timeout", 0); // be reduced to the strictly required time). pref("extensions.torbutton.use_nontor_proxy", false); -// tor-browser#42647: Make OS HTTP User-Agent OS spoofing configurable by pref -// TODO: flip to false when we're happy this is not a privacy issue -pref("privacy.resistFingerprinting.spoofOsInUserAgentHeader", true); +// tor-browser#43170: Disable user-agent spoofing in HTTP header +pref("privacy.resistFingerprinting.spoofOsInUserAgentHeader", false); // Browser home page: pref("browser.startup.homepage", "about:tor"); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/ba2f51a… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/ba2f51a… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.3.0esr-14.0-1] fixup! [android] Use NimbusDisabled
by morgan (＠morgan) 03 Oct '24

03 Oct '24

morgan pushed to branch tor-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Tor Browser Commits: 183d35fc by clairehurst at 2024-10-03T14:55:59-06:00 fixup! [android] Use NimbusDisabled - - - - - 3 changed files: - mobile/android/android-components/components/service/nimbus/src/main/java/mozilla/components/service/nimbus/messaging/NimbusMessagingController.kt - mobile/android/android-components/components/service/nimbus/src/main/java/mozilla/components/service/nimbus/messaging/NimbusMessagingStorage.kt - mobile/android/fenix/app/src/main/java/org/mozilla/fenix/components/NimbusComponents.kt Changes: ===================================== mobile/android/android-components/components/service/nimbus/src/main/java/mozilla/components/service/nimbus/messaging/NimbusMessagingController.kt ===================================== @@ -101,36 +101,36 @@ open class NimbusMessagingController( * creates a URI string for the message action. */ @VisibleForTesting(otherwise = VisibleForTesting.PRIVATE) - fun processMessageActionToUri(message: Message): Uri { + open fun processMessageActionToUri(message: Message): Uri { val (uuid, action) = messagingStorage.generateUuidAndFormatMessage(message) sendClickedMessageTelemetry(message.id, uuid) return convertActionIntoDeepLinkSchemeUri(action) } - private fun sendDismissedMessageTelemetry(messageId: String) { + open fun sendDismissedMessageTelemetry(messageId: String) { GleanMessaging.messageDismissed.record(GleanMessaging.MessageDismissedExtra(messageId)) } - private fun sendShownMessageTelemetry(messageId: String) { + open fun sendShownMessageTelemetry(messageId: String) { GleanMessaging.messageShown.record(GleanMessaging.MessageShownExtra(messageId)) } - private fun sendExpiredMessageTelemetry(messageId: String) { + open fun sendExpiredMessageTelemetry(messageId: String) { GleanMessaging.messageExpired.record(GleanMessaging.MessageExpiredExtra(messageId)) } - private fun sendClickedMessageTelemetry(messageId: String, uuid: String?) { + open fun sendClickedMessageTelemetry(messageId: String, uuid: String?) { GleanMessaging.messageClicked.record( GleanMessaging.MessageClickedExtra(messageKey = messageId, actionUuid = uuid), ) } - private fun sendMicrosurveyCompletedTelemetry(messageId: String, answer: String?) { + open fun sendMicrosurveyCompletedTelemetry(messageId: String, answer: String?) { MicroSurvey.response.record(MicroSurvey.ResponseExtra(surveyId = messageId, userSelection = answer)) } - private fun convertActionIntoDeepLinkSchemeUri(action: String): Uri = + open fun convertActionIntoDeepLinkSchemeUri(action: String): Uri = if (action.startsWith("://")) { "$deepLinkScheme$action".toUri() } else { ===================================== mobile/android/android-components/components/service/nimbus/src/main/java/mozilla/components/service/nimbus/messaging/NimbusMessagingStorage.kt ===================================== @@ -33,7 +33,7 @@ const val MESSAGING_FEATURE_ID = "messaging" /** * Provides messages from [messagingFeature] and combine with the metadata store on [metadataStorage]. */ -class NimbusMessagingStorage( +open class NimbusMessagingStorage( private val context: Context, private val metadataStorage: MessageMetadataStorage, private val onMalformedMessage: (String) -> Unit = { ===================================== mobile/android/fenix/app/src/main/java/org/mozilla/fenix/components/NimbusComponents.kt ===================================== @@ -5,15 +5,21 @@ package org.mozilla.fenix.components import android.content.Context +import android.content.Intent +import android.net.Uri import mozilla.components.service.nimbus.NimbusApi import mozilla.components.service.nimbus.NimbusDisabled import mozilla.components.service.nimbus.messaging.FxNimbusMessaging import mozilla.components.service.nimbus.messaging.Message +import mozilla.components.service.nimbus.messaging.Message.Metadata +import mozilla.components.service.nimbus.messaging.MessageData import mozilla.components.service.nimbus.messaging.MessageMetadataStorage +import mozilla.components.service.nimbus.messaging.MessageSurfaceId import mozilla.components.service.nimbus.messaging.NimbusMessagingController import mozilla.components.service.nimbus.messaging.NimbusMessagingControllerInterface import mozilla.components.service.nimbus.messaging.NimbusMessagingStorage import mozilla.components.service.nimbus.messaging.OnDiskMessageMetadataStorage +import mozilla.components.service.nimbus.messaging.StyleData import org.mozilla.experiments.nimbus.NimbusEventStore import org.mozilla.experiments.nimbus.NimbusMessagingHelperInterface import org.mozilla.experiments.nimbus.NullNimbus @@ -91,7 +97,7 @@ class NimbusComponents(private val context: Context) { * from the Nimbus Messaging component. */ val messaging: NimbusMessagingControllerInterface by lazyMonitored { - NimbusMessagingController( + NullNimbusMessagingController( messagingStorage = messagingStorage, deepLinkScheme = BuildConfig.DEEP_LINK_SCHEME, ) @@ -127,3 +133,110 @@ class NullMessageMetadataStorage(): MessageMetadataStorage { // noop } } + +class NullNimbusMessagingController( + messagingStorage: NimbusMessagingStorage, + deepLinkScheme: String, +) : NimbusMessagingController(messagingStorage, deepLinkScheme) { + + private val nullMessage: Message = Message( + id = "", + data = MessageData(), + action = "", + style = StyleData(), + triggerIfAll = listOf(), + excludeIfAny = listOf(), + metadata = Metadata(""), + ) + + override suspend fun onMessageDisplayed(displayedMessage: Message, bootIdentifier: String?): Message { + return nullMessage + } + + /** + * Called when a message has been dismissed by the user. + * + * Records a messageDismissed event, and records that the message + * has been dismissed. + */ + override suspend fun onMessageDismissed(message: Message) { + return + } + + /** + * Called when a microsurvey attached to a message has been completed by the user. + * + * @param message The message containing the microsurvey that was completed. + * @param answer The user's response to the microsurvey question. + */ + override suspend fun onMicrosurveyCompleted(message: Message, answer: String) { + return + } + + /** + * Called once the user has clicked on a message. + * + * This records that the message has been clicked on, but does not record a + * glean event. That should be done via [processMessageActionToUri]. + */ + override suspend fun onMessageClicked(message: Message) { + return + } + + /** + * Create and return the relevant [Intent] for the given [Message]. + * + * @param message the [Message] to create the [Intent] for. + * @return an [Intent] using the processed [Message]. + */ + override fun getIntentForMessage(message: Message) = Intent() + + /** + * Will attempt to get the [Message] for the given [id]. + * + * @param id the [Message.id] of the [Message] to try to match. + * @return the [Message] with a matching [id], or null if no [Message] has a matching [id]. + */ + override suspend fun getMessage(id: String): Message? { + return nullMessage + } + + /** + * The [message] action needs to be examined for string substitutions + * and any `uuid` needs to be recorded in the Glean event. + * + * We call this `process` as it has a side effect of logging a Glean event while it + * creates a URI string for the message action. + */ + override fun processMessageActionToUri(message: Message): Uri { + return Uri.EMPTY + } + + override fun sendDismissedMessageTelemetry(messageId: String) { + return + } + + override fun sendShownMessageTelemetry(messageId: String) { + return + } + + override fun sendExpiredMessageTelemetry(messageId: String) { + return + } + + override fun sendClickedMessageTelemetry(messageId: String, uuid: String?) { + return + } + + override fun sendMicrosurveyCompletedTelemetry(messageId: String, answer: String?) { + return + } + + override fun convertActionIntoDeepLinkSchemeUri(action: String): Uri = Uri.EMPTY + + override suspend fun getMessages(): List<Message> = listOf() + + override suspend fun getNextMessage(surfaceId: MessageSurfaceId) = nullMessage + + override fun getNextMessage(surfaceId: MessageSurfaceId, messages: List<Message>) = nullMessage +} View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/183d35f… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/183d35f… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41256: Re-generate update-responses in upload-update_responses-to-staticiforme
by morgan (＠morgan) 03 Oct '24

03 Oct '24

morgan pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 3f075f68 by Nicolas Vigier at 2024-10-03T18:09:53+00:00 Bug 41256: Re-generate update-responses in upload-update_responses-to-staticiforme The script was not re-generating update-responses if it had been generated before. In some case this can be a problem: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4… - - - - - 1 changed file: - tools/signing/upload-update_responses-to-staticiforme Changes: ===================================== tools/signing/upload-update_responses-to-staticiforme ===================================== @@ -8,15 +8,12 @@ check_torbrowser_version_var update_responses_tar_filename="update-responses-$tbb_version_type-$tbb_version.tar" update_responses_tar="$script_dir/../../$SIGNING_PROJECTNAME/$tbb_version_type/update-responses/$update_responses_tar_filename" -if test -f "$update_responses_tar" -then - echo "$update_responses_tar_filename already exists: not running 'make $SIGNING_PROJECTNAME-update_responses-$tbb_version_type'" -else - echo "Running 'make $SIGNING_PROJECTNAME-update_responses-$tbb_version_type'" - pushd "$script_dir/../.." > /dev/null - make $SIGNING_PROJECTNAME-update_responses-$tbb_version_type - popd > /dev/null -fi +test -f "$update_responses_tar" && \ + echo "warning: $update_responses_tar_filename already exists. It will be re-generated." +echo "Running 'make $SIGNING_PROJECTNAME-update_responses-$tbb_version_type'" +pushd "$script_dir/../.." > /dev/null +make $SIGNING_PROJECTNAME-update_responses-$tbb_version_type +popd > /dev/null cd $update_responses_repository_dir git checkout main View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/3… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/3… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-128.3.0esr-14.0-1] fixup! Base Browser's .mozconfigs.
by morgan (＠morgan) 03 Oct '24

03 Oct '24

morgan pushed to branch mullvad-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Mullvad Browser Commits: b4eaca29 by Pier Angelo Vendrame at 2024-10-03T17:57:36+00:00 fixup! Base Browser's .mozconfigs. Bug 43151: Uniform the behavior of the android-all mozconfig. - - - - - 2 changed files: - browser/config/mozconfigs/base-browser-android - mozconfig-android-all Changes: ===================================== browser/config/mozconfigs/base-browser-android ===================================== @@ -1,3 +1,6 @@ +# Changes on this file might need to be synchronized with mozconfig-android-all! +# See also tor-browser#43151. + export MOZILLA_OFFICIAL=1 ac_add_options --enable-optimize @@ -29,6 +32,9 @@ ac_add_options --disable-parental-controls ac_add_options --enable-proxy-bypass-protection ac_add_options --disable-system-policies +# See tor-browser#41131 +ac_add_options --disable-backgroundtasks + # Disable telemetry ac_add_options MOZ_TELEMETRY_REPORTING= ===================================== mozconfig-android-all ===================================== @@ -1,18 +1,41 @@ +# Changes on this file might need to be synchronized with +# browser/config/mozconfigs/base-browser-android! +# See also tor-browser#43151. + export MOZILLA_OFFICIAL=1 ac_add_options --enable-application=mobile/android + ac_add_options --disable-compile-environment +ac_add_options --with-java-bin-path=$JAVA_HOME/bin +ac_add_options --with-android-sdk=$ANDROID_HOME +ac_add_options --with-gradle=$GRADLE_HOME/bin/gradle + +ac_add_options --disable-tests +ac_add_options --disable-debug + +ac_add_options --disable-updater +ac_add_options --disable-crashreporter +ac_add_options --disable-webrtc +ac_add_options --disable-parental-controls + +ac_add_options --enable-proxy-bypass-protection +ac_add_options --disable-system-policies + +# See tor-browser#41131 +ac_add_options --disable-backgroundtasks + +# Disable telemetry +ac_add_options MOZ_TELEMETRY_REPORTING= + if test -n "$LOCAL_DEV_BUILD"; then # You must use the "default" bogus channel for dev builds ac_add_options --enable-update-channel=default - ac_add_options --without-wasm-sandboxed-libraries ac_add_options --with-base-browser-version=dev-build ac_add_options --disable-minify fi -ac_add_options --with-tor-browser-version=dev-build - -ac_add_options --with-java-bin-path=$JAVA_HOME/bin -ac_add_options --with-android-sdk=$ANDROID_HOME -ac_add_options --with-gradle=$GRADLE_HOME/bin/gradle +if test -z "$WASI_SYSROOT"; then + ac_add_options --without-wasm-sandboxed-libraries +fi View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/b4e… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/b4e… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-128.3.0esr-14.0-1] fixup! Base Browser's .mozconfigs.
by morgan (＠morgan) 03 Oct '24

03 Oct '24

morgan pushed to branch base-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Tor Browser Commits: 0287abcb by Pier Angelo Vendrame at 2024-10-03T17:56:38+00:00 fixup! Base Browser's .mozconfigs. Bug 43151: Uniform the behavior of the android-all mozconfig. - - - - - 2 changed files: - browser/config/mozconfigs/base-browser-android - mozconfig-android-all Changes: ===================================== browser/config/mozconfigs/base-browser-android ===================================== @@ -1,3 +1,6 @@ +# Changes on this file might need to be synchronized with mozconfig-android-all! +# See also tor-browser#43151. + export MOZILLA_OFFICIAL=1 ac_add_options --enable-optimize @@ -29,6 +32,9 @@ ac_add_options --disable-parental-controls ac_add_options --enable-proxy-bypass-protection ac_add_options --disable-system-policies +# See tor-browser#41131 +ac_add_options --disable-backgroundtasks + # Disable telemetry ac_add_options MOZ_TELEMETRY_REPORTING= ===================================== mozconfig-android-all ===================================== @@ -1,18 +1,41 @@ +# Changes on this file might need to be synchronized with +# browser/config/mozconfigs/base-browser-android! +# See also tor-browser#43151. + export MOZILLA_OFFICIAL=1 ac_add_options --enable-application=mobile/android + ac_add_options --disable-compile-environment +ac_add_options --with-java-bin-path=$JAVA_HOME/bin +ac_add_options --with-android-sdk=$ANDROID_HOME +ac_add_options --with-gradle=$GRADLE_HOME/bin/gradle + +ac_add_options --disable-tests +ac_add_options --disable-debug + +ac_add_options --disable-updater +ac_add_options --disable-crashreporter +ac_add_options --disable-webrtc +ac_add_options --disable-parental-controls + +ac_add_options --enable-proxy-bypass-protection +ac_add_options --disable-system-policies + +# See tor-browser#41131 +ac_add_options --disable-backgroundtasks + +# Disable telemetry +ac_add_options MOZ_TELEMETRY_REPORTING= + if test -n "$LOCAL_DEV_BUILD"; then # You must use the "default" bogus channel for dev builds ac_add_options --enable-update-channel=default - ac_add_options --without-wasm-sandboxed-libraries ac_add_options --with-base-browser-version=dev-build ac_add_options --disable-minify fi -ac_add_options --with-tor-browser-version=dev-build - -ac_add_options --with-java-bin-path=$JAVA_HOME/bin -ac_add_options --with-android-sdk=$ANDROID_HOME -ac_add_options --with-gradle=$GRADLE_HOME/bin/gradle +if test -z "$WASI_SYSROOT"; then + ac_add_options --without-wasm-sandboxed-libraries +fi View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/0287abc… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/0287abc… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.3.0esr-14.0-1] 2 commits: fixup! TB3: Tor Browser's official .mozconfigs.
by morgan (＠morgan) 03 Oct '24

03 Oct '24

morgan pushed to branch tor-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Tor Browser Commits: 72a8c0c8 by Pier Angelo Vendrame at 2024-10-03T17:44:50+00:00 fixup! TB3: Tor Browser's official .mozconfigs. Bug 43151: Uniform the behavior of the android-all mozconfig. - - - - - 58271a0c by Pier Angelo Vendrame at 2024-10-03T17:44:50+00:00 fixup! Base Browser's .mozconfigs. Bug 43151: Uniform the behavior of the android-all mozconfig. - - - - - 2 changed files: - browser/config/mozconfigs/base-browser-android - mozconfig-android-all Changes: ===================================== browser/config/mozconfigs/base-browser-android ===================================== @@ -1,3 +1,6 @@ +# Changes on this file might need to be synchronized with mozconfig-android-all! +# See also tor-browser#43151. + export MOZILLA_OFFICIAL=1 ac_add_options --enable-optimize @@ -29,6 +32,9 @@ ac_add_options --disable-parental-controls ac_add_options --enable-proxy-bypass-protection ac_add_options --disable-system-policies +# See tor-browser#41131 +ac_add_options --disable-backgroundtasks + # Disable telemetry ac_add_options MOZ_TELEMETRY_REPORTING= ===================================== mozconfig-android-all ===================================== @@ -1,16 +1,41 @@ +# Changes on this file might need to be synchronized with +# browser/config/mozconfigs/base-browser-android! +# See also tor-browser#43151. + export MOZILLA_OFFICIAL=1 ac_add_options --enable-application=mobile/android + ac_add_options --disable-compile-environment +ac_add_options --with-java-bin-path=$JAVA_HOME/bin +ac_add_options --with-android-sdk=$ANDROID_HOME +ac_add_options --with-gradle=$GRADLE_HOME/bin/gradle + +ac_add_options --disable-tests +ac_add_options --disable-debug + +ac_add_options --disable-updater +ac_add_options --disable-crashreporter +ac_add_options --disable-webrtc +ac_add_options --disable-parental-controls + +ac_add_options --enable-proxy-bypass-protection +ac_add_options --disable-system-policies + +# See tor-browser#41131 +ac_add_options --disable-backgroundtasks + +# Disable telemetry +ac_add_options MOZ_TELEMETRY_REPORTING= + if test -n "$LOCAL_DEV_BUILD"; then # You must use the "default" bogus channel for dev builds ac_add_options --enable-update-channel=default - ac_add_options --without-wasm-sandboxed-libraries ac_add_options --with-base-browser-version=dev-build ac_add_options --disable-minify fi -ac_add_options --with-java-bin-path=$JAVA_HOME/bin -ac_add_options --with-android-sdk=$ANDROID_HOME -ac_add_options --with-gradle=$GRADLE_HOME/bin/gradle +if test -z "$WASI_SYSROOT"; then + ac_add_options --without-wasm-sandboxed-libraries +fi View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/816dae… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/816dae… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-update-responses][main] alpha: new version, 13.5a11
by morgan (＠morgan) 03 Oct '24

03 Oct '24

morgan pushed to branch main at The Tor Project / Applications / Tor Browser update responses Commits: da8075e4 by Morgan at 2024-10-03T17:00:16+00:00 alpha: new version, 13.5a11 - - - - - 30 changed files: - update_3/alpha/.htaccess - update_3/alpha/14.0a5-14.0a7-linux-x86_64-ALL.xml → update_3/alpha/13.5a10-14.0a7+13.5a11-linux-i686-ALL.xml - + update_3/alpha/13.5a10-14.0a7+13.5a11-linux-x86_64-ALL.xml - + update_3/alpha/13.5a10-14.0a7+13.5a11-macos-ALL.xml - + update_3/alpha/13.5a10-14.0a7+13.5a11-windows-i686-ALL.xml - update_3/alpha/14.0a7-windows-x86_64-ALL.xml → update_3/alpha/13.5a10-14.0a7+13.5a11-windows-x86_64-ALL.xml - + update_3/alpha/13.5a8-14.0a7+13.5a11-linux-i686-ALL.xml - + update_3/alpha/13.5a8-14.0a7+13.5a11-linux-x86_64-ALL.xml - + update_3/alpha/13.5a8-14.0a7+13.5a11-macos-ALL.xml - + update_3/alpha/13.5a8-14.0a7+13.5a11-windows-i686-ALL.xml - + update_3/alpha/13.5a8-14.0a7+13.5a11-windows-x86_64-ALL.xml - + update_3/alpha/13.5a9-14.0a7+13.5a11-linux-i686-ALL.xml - + update_3/alpha/13.5a9-14.0a7+13.5a11-linux-x86_64-ALL.xml - + update_3/alpha/13.5a9-14.0a7+13.5a11-macos-ALL.xml - + update_3/alpha/13.5a9-14.0a7+13.5a11-windows-i686-ALL.xml - + update_3/alpha/13.5a9-14.0a7+13.5a11-windows-x86_64-ALL.xml - update_3/alpha/14.0a4-14.0a7-linux-i686-ALL.xml → update_3/alpha/14.0a4-14.0a7+13.5a11-linux-i686-ALL.xml - + update_3/alpha/14.0a4-14.0a7+13.5a11-linux-x86_64-ALL.xml - update_3/alpha/14.0a6-14.0a7-macos-ALL.xml → update_3/alpha/14.0a4-14.0a7+13.5a11-macos-ALL.xml - + update_3/alpha/14.0a4-14.0a7+13.5a11-windows-i686-ALL.xml - + update_3/alpha/14.0a4-14.0a7+13.5a11-windows-x86_64-ALL.xml - update_3/alpha/14.0a4-14.0a7-linux-x86_64-ALL.xml → update_3/alpha/14.0a5-14.0a7+13.5a11-linux-i686-ALL.xml - + update_3/alpha/14.0a5-14.0a7+13.5a11-linux-x86_64-ALL.xml - update_3/alpha/14.0a5-14.0a7-macos-ALL.xml → update_3/alpha/14.0a5-14.0a7+13.5a11-macos-ALL.xml - update_3/alpha/14.0a5-14.0a7-windows-x86_64-ALL.xml → update_3/alpha/14.0a5-14.0a7+13.5a11-windows-i686-ALL.xml - + update_3/alpha/14.0a5-14.0a7+13.5a11-windows-x86_64-ALL.xml - update_3/alpha/14.0a5-14.0a7-linux-i686-ALL.xml → update_3/alpha/14.0a6-14.0a7+13.5a11-linux-i686-ALL.xml - + update_3/alpha/14.0a6-14.0a7+13.5a11-linux-x86_64-ALL.xml - update_3/alpha/14.0a4-14.0a7-macos-ALL.xml → update_3/alpha/14.0a6-14.0a7+13.5a11-macos-ALL.xml - update_3/alpha/14.0a4-14.0a7-windows-i686-ALL.xml → update_3/alpha/14.0a6-14.0a7+13.5a11-windows-i686-ALL.xml The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] 4 commits: Bug 41247: Simplify tools/update-responses/update_responses
by morgan (＠morgan) 03 Oct '24

03 Oct '24

morgan pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 7b2ef30f by Nicolas Vigier at 2024-10-03T10:17:59+02:00 Bug 41247: Simplify tools/update-responses/update_responses Most commands implemented in update_responses expect the channel to be an optional argument, doing the operation on all channels if no channel is provided. However we don't really need that feature. In this commit we simplify the script by making the channel a required argument. At the same time we remove the get_channel_version command, which was not used anywhere. - - - - - 97935517 by Nicolas Vigier at 2024-10-03T10:18:01+02:00 Bug 41247: Add support for multiple versions in update_responses - - - - - 0a476854 by Nicolas Vigier at 2024-10-03T16:19:53+02:00 Bug 41247: Add torbrowser_legacy_version to update-responses - - - - - d64bc351 by Nicolas Vigier at 2024-10-03T16:19:55+02:00 Bug 41247: Drop sha512 hash from update_responses files (except for nightly) With tor-browser#42737, the sha512 hash included in the update_responses files is not checked anymore. Since we're doing a watershed update, support for older versions checking the hash is not needed. However since we don't do watershed updates in nightly, we'll keep the sha512 hash in nightly for a little more time. - - - - - 8 changed files: - .gitlab/issue_templates/Release Prep - Tor Browser Stable.md - projects/release/create_update_responses_tar - projects/release/update_responses_config.yml - rbm.conf - tools/signing/nightly/config.yml - tools/signing/nightly/sign-nightly - − tools/update-responses/get_channel_version - tools/update-responses/update_responses Changes: ===================================== .gitlab/issue_templates/Release Prep - Tor Browser Stable.md ===================================== @@ -39,6 +39,8 @@ Tor Browser Stable lives in the various `maint-$(TOR_BROWSER_MAJOR).$(TOR_BROWSE - [ ] `var/torbrowser_version` : update to next version - [ ] `var/torbrowser_build` : update to `$(TOR_BROWSER_BUILD_N)` - [ ] `var/browser_release_date` : update to build date. For the build to be reproducible, the date should be in the past when building. + - [ ] `var/torbrowser_legacy_version` : update to next version in the legacy-13.5 branch + - [ ] `var/torbrowser_legacy_platform_version` : update to firefox platform version in the legacy-13.5 branch - [ ] ***(Desktop Only)***`var/torbrowser_incremental_from` : update to previous Desktop version - **NOTE**: We try to build incrementals for the previous 3 desktop versions except in the case of a watershed update - **IMPORTANT**: Really *actually* make sure this is the previous Desktop version or else the `make torbrowser-incrementals-*` step will fail ===================================== projects/release/create_update_responses_tar ===================================== @@ -1,8 +1,8 @@ #!/bin/bash [% c("var/set_default_env") -%] -[% shell_quote(c("basedir")) %]/tools/update-responses/update_responses -mkdir -p [% shell_quote(path(dest_dir)) %]/update-responses [% SET channel = c('var/channel') -%] +[% shell_quote(c("basedir")) %]/tools/update-responses/update_responses [% channel %] +mkdir -p [% shell_quote(path(dest_dir)) %]/update-responses mv [% shell_quote(c("basedir")) %]/tools/update-responses/htdocs/[% channel %] [% channel %] chmod 775 [% channel %] chmod 664 [% channel %]/.htaccess [% channel %]/* ===================================== projects/release/update_responses_config.yml ===================================== @@ -27,7 +27,11 @@ build_targets: - Darwin_x86_64-gcc3 - Darwin_aarch64-gcc3 channels: - [% c('var/channel') %]: [% c("var/torbrowser_version") %] + [% c('var/channel') %]: + - [% c("var/torbrowser_version") %] +[% IF c("var/torbrowser_legacy_version") -%] + - [% c("var/torbrowser_legacy_version") %] +[% END -%] versions: [% c("var/torbrowser_version") %]: [% IF c("var/create_unsigned_incrementals") -%] @@ -68,6 +72,26 @@ versions: minSupportedInstructionSet: SSE2 linux-x86_64: minSupportedInstructionSet: SSE2 +[% IF c("var/torbrowser_legacy_version") -%] + [% c("var/torbrowser_legacy_version") %]: + mar_channel_id: [% c('var/mar_channel_id') %] + platformVersion: [% c('var/torbrowser_legacy_platform_version') %] + detailsURL: https://blog.torproject.org/new[% IF c("var/alpha") %]-alpha[% END %]-release-tor-browser-[% c("var/torbrowser_legacy_version") FILTER remove('\.') %] + incremental_from: [] + # minSupportedOsVersion on macOS corresponds to the Darwin version ( https://en.wikipedia.org/wiki/Darwin_(operating_system) ) + macos: + # macOS v10.12.0 + minSupportedOSVersion: 16.0.0 + # minSupportedOsVersion on Windows corresponds to the operating system version ( https://docs.microsoft.com/en-us/windows/win32/sysinfo/operating-system-ver… ) + windows-i686: + # Windows 7 + minSupportedOSVersion: 6.1 + minSupportedInstructionSet: SSE2 + windows-x86_64: + # Windows 7 + minSupportedOSVersion: 6.1 + minSupportedInstructionSet: SSE2 +[% END -%] mar_compression: xz [% IF c("var/tor-browser") -%] tag: 'tbb-[% c("var/torbrowser_version") %]-[% c("var/torbrowser_build") %]' ===================================== rbm.conf ===================================== @@ -87,6 +87,9 @@ var: - 14.0a4 mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]' + torbrowser_legacy_version: 13.5a11 + torbrowser_legacy_platform_version: 115.16.0 + # By default, we sort the list of installed packages. This allows sharing # containers with identical list of packages, even if they are not listed # in the same order. In the cases where the installation order is ===================================== tools/signing/nightly/config.yml ===================================== @@ -1,4 +1,5 @@ --- +hashes_in_responses: 1 martools_version: 9.0.2 martools_url: https://archive.torproject.org/tor-package-archive/torbrowser/ martools_gpg_keyring: keyring/torbrowser.gpg ===================================== tools/signing/nightly/sign-nightly ===================================== @@ -256,7 +256,7 @@ sub update_responses { my $htdocsdir = "$topdir/tools/update-responses/htdocs/nightly"; path($htdocsdir)->remove_tree({ safe => 0 }); exit_error "Error running update_responses for $publish_dir" unless - system("$topdir/tools/update-responses/update_responses") == 0; + system("$topdir/tools/update-responses/update_responses", 'nightly') == 0; path("$topdir/nightly/updates/$publish_dir/nightly")->remove_tree({ safe => 0 }); make_path("$topdir/nightly/updates/$publish_dir"); dirmove($htdocsdir, "$topdir/nightly/updates/$publish_dir/nightly") ===================================== tools/update-responses/get_channel_version deleted ===================================== @@ -1 +0,0 @@ -update_responses \ No newline at end of file ===================================== tools/update-responses/update_responses ===================================== @@ -42,6 +42,10 @@ sub exit_error { exit (exists $_[1] ? $_[1] : 1); } +sub as_array { + ref $_[0] eq 'ARRAY' ? $_[0] : [ $_[0] ]; +} + sub get_tmpdir { my ($config) = @_; return File::Temp->newdir($config->{tmp_dir} ? @@ -72,13 +76,11 @@ sub write_htdocs { } sub clean_htdocs { - my (@channels) = @_; - foreach my $channel (@channels) { - opendir(my $d, "$htdocsdir/$channel"); - my @files = grep { ! $htdocsfiles{$channel}->{$_} } readdir $d; - closedir $d; - unlink map { "$htdocsdir/$channel/$_" } @files; - } + my ($channel) = @_; + opendir(my $d, "$htdocsdir/$channel"); + my @files = grep { ! $htdocsfiles{$channel}->{$_} } readdir $d; + closedir $d; + unlink map { "$htdocsdir/$channel/$_" } @files; } sub get_sha512_hex_of_file { @@ -105,8 +107,10 @@ sub get_version_files { type => 'complete', URL => "$download_url/$file", size => -s "$vdir/$file", - hashFunction => 'SHA512', - hashValue => get_sha512_hex_of_file("$vdir/$file"), + $config->{hashes_in_responses} ? ( + hashFunction => 'SHA512', + hashValue => get_sha512_hex_of_file("$vdir/$file"), + ) : (), }; next; } @@ -116,9 +120,11 @@ sub get_version_files { type => 'partial', URL => "$download_url/$file", size => -s "$vdir/$file", - hashFunction => 'SHA512', - hashValue => get_sha512_hex_of_file("$vdir/$file"), - } + $config->{hashes_in_responses} ? ( + hashFunction => 'SHA512', + hashValue => get_sha512_hex_of_file("$vdir/$file"), + ) : (), + }; } } closedir $d; @@ -239,8 +245,10 @@ sub create_incremental_mar { type => 'partial', URL => "$download_url/$mar_file", size => -s $mar_file_path, - hashFunction => 'SHA512', - hashValue => get_sha512_hex_of_file($mar_file_path), + $config->{hashes_in_responses} ? ( + hashFunction => 'SHA512', + hashValue => get_sha512_hex_of_file($mar_file_path), + ) : (), }; }; return if $pm->start($finished_file); @@ -307,16 +315,6 @@ sub version_dir { return get_config($config, $version, 'any', 'releases_dir') . "/$version"; } -sub channel_to_version { - my ($config, @channels) = @_; - return values %{$config->{channels}} unless @channels; - foreach my $channel (@channels) { - exit_error "Unknown channel $channel" - unless $config->{channels}{$channel}; - } - return map { $config->{channels}{$_} } @channels; -} - sub get_buildinfos { my ($config, $version) = @_; return if exists $config->{versions}{$version}{buildID}; @@ -347,49 +345,58 @@ sub get_buildinfos { } sub get_response { - my ($config, $version, $os, @patches) = @_; + my ($config, $versions, $os, $lang, $from_version) = @_; my $res; my $writer = XML::Writer->new(OUTPUT => \$res, ENCODING => 'UTF-8'); $writer->xmlDecl; $writer->startTag('updates'); - if (get_config($config, $version, $os, 'unsupported')) { + foreach my $version (@$versions) { + if (get_config($config, $version, $os, 'unsupported')) { + $writer->startTag('update', + unsupported => 'true', + detailsURL => get_config($config, $version, $os, 'detailsURL'), + ); + goto CLOSETAGS; + } + my $minversion = get_config($config, $version, $os, 'minSupportedOSVersion'); + my $mininstruc = get_config($config, $version, $os, 'minSupportedInstructionSet'); $writer->startTag('update', - unsupported => 'true', + type => 'minor', + displayVersion => $version, + appVersion => $version, + platformVersion => get_config($config, $version, $os, 'platformVersion'), + buildID => get_config($config, $version, $os, 'buildID'), detailsURL => get_config($config, $version, $os, 'detailsURL'), + actions => 'showURL', + openURL => get_config($config, $version, $os, 'detailsURL'), + defined $minversion ? ( minSupportedOSVersion => $minversion ) : (), + defined $mininstruc ? ( minSupportedInstructionSet => $mininstruc ) : (), ); - goto CLOSETAGS; - } - my $minversion = get_config($config, $version, $os, 'minSupportedOSVersion'); - my $mininstruc = get_config($config, $version, $os, 'minSupportedInstructionSet'); - $writer->startTag('update', - type => 'minor', - displayVersion => $version, - appVersion => $version, - platformVersion => get_config($config, $version, $os, 'platformVersion'), - buildID => get_config($config, $version, $os, 'buildID'), - detailsURL => get_config($config, $version, $os, 'detailsURL'), - actions => 'showURL', - openURL => get_config($config, $version, $os, 'detailsURL'), - defined $minversion ? ( minSupportedOSVersion => $minversion ) : (), - defined $mininstruc ? ( minSupportedInstructionSet => $mininstruc ) : (), - ); - foreach my $patch (@patches) { - my @sorted_patch = map { $_ => $patch->{$_} } sort keys %$patch; - $writer->startTag('patch', @sorted_patch); - $writer->endTag('patch'); + if (my $patch = $config->{versions}{$version}{files}{$os}{$lang}{complete}) { + my @sorted_patch = map { $_ => $patch->{$_} } sort keys %$patch; + $writer->startTag('patch', @sorted_patch); + $writer->endTag('patch'); + } + if ($from_version) { + if (my $patch = $config->{versions}{$version}{files}{$os}{$lang}{partial}{$from_version}) { + my @sorted_patch = map { $_ => $patch->{$_} } sort keys %$patch; + $writer->startTag('patch', @sorted_patch); + $writer->endTag('patch'); + } + } + CLOSETAGS: + $writer->endTag('update'); } - CLOSETAGS: - $writer->endTag('update'); $writer->endTag('updates'); $writer->end; return $res; } sub write_responses { - my ($config, @channels) = @_; - @channels = keys %{$config->{channels}} unless @channels; - foreach my $channel (@channels) { - my $version = $config->{channels}{$channel}; + my ($config, $channel) = @_; + my $versions = as_array($config->{channels}{$channel}); + my (%oses, %langs, %from_versions); + foreach my $version (@$versions) { get_version_files($config, $version); get_buildinfos($config, $version); my $files = $config->{versions}{$version}{files}; @@ -398,79 +405,96 @@ sub write_responses { my $new_os = $migrate_archs->{$old_os}; foreach my $lang (keys %{$files->{$new_os}}) { $files->{$old_os}{$lang}{complete} = - $files->{$new_os}{$lang}{complete}; + $files->{$new_os}{$lang}{complete}; } } foreach my $os (keys %$files) { + $oses{$os} = 1; foreach my $lang (keys %{$files->{$os}}) { - my $resp = get_response($config, $version, $os, - $files->{$os}{$lang}{complete}); - write_htdocs($channel, "$version-$os-$lang.xml", $resp); + $langs{$lang} = 1; foreach my $from_version (keys %{$files->{$os}{$lang}{partial}}) { - $resp = get_response($config, $version, $os, - $files->{$os}{$lang}{complete}, - $files->{$os}{$lang}{partial}{$from_version}); - write_htdocs($channel, "$from_version-$version-$os-$lang.xml", $resp); + $from_versions{$from_version} = 1; } } } - write_htdocs($channel, 'no-update.xml', - '<?xml version="1.0" encoding="UTF-8"?>' - . "\n<updates></updates>\n"); } + my $versions_str = join('+', @$versions); + foreach my $os (keys %oses) { + foreach my $lang (keys %langs) { + my $resp = get_response($config, $versions, $os, $lang); + write_htdocs($channel, "$versions_str-$os-$lang.xml", $resp); + foreach my $from_version (keys %from_versions) { + $resp = get_response($config, $versions, $os, $lang, $from_version); + write_htdocs($channel, "$from_version-$versions_str-$os-$lang.xml", $resp); + } + } + } + write_htdocs($channel, 'no-update.xml', + '<?xml version="1.0" encoding="UTF-8"?>' + . "\n<updates></updates>\n"); } sub write_htaccess { - my ($config, @channels) = @_; - @channels = keys %{$config->{channels}} unless @channels; + my ($config, $channel) = @_; my $flags = "[last]"; - foreach my $channel (@channels) { - my $htaccess = "RewriteEngine On\n"; - $htaccess .= $config->{htaccess_rewrite_rules}{$channel} // ''; - my $version = $config->{channels}{$channel}; - my $migrate_langs = $config->{versions}{$version}{migrate_langs} // {}; + my $htaccess = "RewriteEngine On\n"; + $htaccess .= $config->{htaccess_rewrite_rules}{$channel} // ''; + my $versions = as_array($config->{channels}{$channel}); + my $versions_str = join('+', @$versions); + my (%oses, %langs, %from_versions); + my $migrate_langs; + foreach my $version (@$versions) { + $migrate_langs = $config->{versions}{$version}{migrate_langs} + if $config->{versions}{$version}{migrate_langs}; my $files = $config->{versions}{$version}{files}; - $htaccess .= "RewriteRule ^[^\/]+/$version/ no-update.xml $flags\n"; - foreach my $os (sort keys %$files) { - foreach my $bt (build_targets_by_os($os)) { - foreach my $lang (sort keys %{$files->{$os}}) { - foreach my $from_version (sort keys %{$files->{$os}{$lang}{partial}}) { - $htaccess .= "RewriteRule ^$bt/$from_version/$lang " - . "$from_version-$version-$os-$lang.xml $flags\n"; - } - $htaccess .= "RewriteRule ^$bt/[^\/]+/$lang " - . "$version-$os-$lang.xml $flags\n"; + foreach my $os (keys %$files) { + $oses{$os} = 1; + foreach my $lang (keys %{$files->{$os}}) { + $langs{$lang} = 1; + foreach my $from_version (keys %{$files->{$os}{$lang}{partial}}) { + $from_versions{$from_version} = 1; } - foreach my $lang (sort keys %$migrate_langs) { - $htaccess .= "RewriteRule ^$bt/[^\/]+/$lang " - . "$version-$os-$migrate_langs->{$lang}.xml $flags\n"; + } + } + $htaccess .= "RewriteRule ^[^\/]+/$version/ no-update.xml $flags\n"; + } + foreach my $os (sort keys %oses) { + foreach my $bt (build_targets_by_os($os)) { + foreach my $lang (sort keys %langs) { + foreach my $from_version (sort keys %from_versions) { + $htaccess .= "RewriteRule ^$bt/$from_version/$lang " + . "$from_version-$versions_str-$os-$lang.xml $flags\n"; } - $htaccess .= "RewriteRule ^$bt/ $version-$os-ALL.xml $flags\n"; + $htaccess .= "RewriteRule ^$bt/[^\/]+/$lang " + . "$versions_str-$os-$lang.xml $flags\n"; + } + foreach my $lang (sort keys %$migrate_langs) { + $htaccess .= "RewriteRule ^$bt/[^\/]+/$lang " + . "$versions_str-$os-$migrate_langs->{$lang}.xml $flags\n"; } + $htaccess .= "RewriteRule ^$bt/ $versions_str-$os-ALL.xml $flags\n"; } - write_htdocs($channel, '.htaccess', $htaccess); } + write_htdocs($channel, '.htaccess', $htaccess); } sub write_downloads_json { - my ($config, @channels) = @_; + my ($config, $channel) = @_; return unless $config->{create_downloads_json}; - @channels = keys %{$config->{channels}} unless @channels; - foreach my $channel (@channels) { - my $version = $config->{channels}{$channel}; - my $tag = get_config($config, $version, 'any', 'tag'); - my $data = { - version => "$version", - tag => "$tag", - downloads => get_version_downloads($config, $version), - }; - write_htdocs($channel, 'downloads.json', - JSON->new->utf8->canonical->encode($data)); - my $pp_downloads = get_perplatform_downloads($config, $version, $tag); - foreach my $os (keys %{$pp_downloads}) { - write_htdocs($channel, "download-$os.json", + my $versions = as_array($config->{channels}{$channel}); + my ($version) = @$versions; + my $tag = get_config($config, $version, 'any', 'tag'); + my $data = { + version => "$version", + tag => "$tag", + downloads => get_version_downloads($config, $version), + }; + write_htdocs($channel, 'downloads.json', + JSON->new->utf8->canonical->encode($data)); + my $pp_downloads = get_perplatform_downloads($config, $version, $tag); + foreach my $os (keys %{$pp_downloads}) { + write_htdocs($channel, "download-$os.json", JSON->new->utf8->canonical->encode($pp_downloads->{$os})); - } } } @@ -486,8 +510,10 @@ sub marzip_path { } my $martools_tmpdir; +my $extracted_martools; sub extract_martools { my ($config, $version) = @_; + return if $extracted_martools; my $marzip = marzip_path($config, $version); $martools_tmpdir = get_tmpdir($config); my $old_cwd = getcwd; @@ -503,6 +529,7 @@ sub extract_martools { } else { $ENV{LD_LIBRARY_PATH} = "$martools_tmpdir/mar-tools"; } + $extracted_martools = 1; } sub log_step { @@ -559,7 +586,8 @@ sub build_targets_list { sub check_update_responses_channel { my ($config, $base_url, $channel) = @_; - my $channel_version = $config->{channels}{$channel}; + my $channel_versions = as_array($config->{channels}{$channel}); + my ($channel_version) = @$channel_versions; foreach my $build_target (build_targets_list()) { foreach my $lang (qw(en-US de)) { my $url = "$base_url/$channel/$build_target/1.0/$lang"; @@ -621,11 +649,11 @@ sub download_version { } sub download_missing_versions { - my ($config, @channels) = @_; - foreach my $channel (@channels) { - exit_error "Unknown channel $channel" - unless $config->{channels}{$channel}; - my $cversion = $config->{channels}{$channel}; + my ($config, $channel) = @_; + exit_error "Unknown channel $channel" + unless $config->{channels}{$channel}; + my $cversions = as_array($config->{channels}{$channel}); + foreach my $cversion (@$cversions) { next unless $config->{versions}{$cversion}{incremental_from}; foreach my $version (@{$config->{versions}{$cversion}{incremental_from}}) { next if -d version_dir($config, $version); @@ -636,11 +664,9 @@ sub download_missing_versions { sub check_update_responses { my ($config) = @_; - exit_error "usage: $PROGRAM_NAME <base_url> [channels...]" unless @ARGV; - my ($base_url, @channels) = @ARGV; - foreach my $channel (@channels ? @channels : keys %{$config->{channels}}) { - check_update_responses_channel($config, $base_url, $channel); - } + exit_error "usage: $PROGRAM_NAME <base_url> <channel>" unless @ARGV; + my ($base_url, $channel) = @ARGV; + check_update_responses_channel($config, $base_url, $channel); if (!@check_errors) { print "\n\nNo errors\n"; return; @@ -660,38 +686,34 @@ sub check_update_responses { my %actions = ( update_responses => sub { my ($config) = @_; - my @channels = @ARGV ? @ARGV : keys %{$config->{channels}}; - foreach my $channel (@channels) { - exit_error "Unknown channel $channel" - unless $config->{channels}{$channel}; - $htdocsfiles{$channel} = { '.' => 1, '..' => 1 }; - } - write_responses($config, @channels); - write_htaccess($config, @channels); - write_downloads_json($config, @channels); - clean_htdocs(@channels); + exit_error "Wrong arguments" unless @ARGV == 1; + my $channel = $ARGV[0]; + exit_error "Unknown channel $channel" unless $config->{channels}{$channel}; + $htdocsfiles{$channel} = { '.' => 1, '..' => 1 }; + write_responses($config, $channel); + write_htaccess($config, $channel); + write_downloads_json($config, $channel); + clean_htdocs($channel); }, gen_incrementals => sub { my ($config) = @_; - foreach my $channel (@ARGV) { - my ($version) = channel_to_version($config, $channel); + exit_error "Wrong arguments" unless @ARGV == 1; + my $channel = $ARGV[0]; + exit_error "Unknown channel" unless $config->{channels}{$channel}; + my $versions = as_array($config->{channels}{$channel}); + foreach my $version (@$versions) { extract_martools($config, $version); get_version_files($config, $version); create_incremental_mars_for_version($config, $version, $channel); } }, download_missing_versions => sub { - my ($config) = @_; - my @channels = @ARGV ? @ARGV : keys %{$config->{channels}}; - download_missing_versions($config, @channels); - }, - check_update_responses_deployement => \&check_update_responses, - get_channel_version => sub { my ($config) = @_; exit_error "Wrong arguments" unless @ARGV == 1; - exit_error "Unknown channel" unless $config->{channels}{$ARGV[0]}; - print $config->{channels}{$ARGV[0]}, "\n"; + my $channel = $ARGV[0]; + download_missing_versions($config, $channel); }, + check_update_responses_deployement => \&check_update_responses, ); my $action = fileparse($PROGRAM_NAME); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-update-responses][main] Fix 13.5.6 update
by boklm (＠boklm) 03 Oct '24

03 Oct '24

boklm pushed to branch main at The Tor Project / Applications / Tor Browser update responses Commits: e6568d28 by Nicolas Vigier at 2024-10-03T15:17:16+02:00 Fix 13.5.6 update https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4… - - - - - 8 changed files: - update_3/release/13.5.3-13.5.6-macos-ALL.xml - update_3/release/13.5.4-13.5.6-macos-ALL.xml - update_3/release/13.5.5-13.5.6-macos-ALL.xml - update_3/release/13.5.6-macos-ALL.xml - update_3/release/download-android-aarch64.json - update_3/release/download-android-armv7.json - update_3/release/download-android-x86.json - update_3/release/download-android-x86_64.json Changes: ===================================== update_3/release/13.5.3-13.5.6-macos-ALL.xml ===================================== @@ -1,2 +1,2 @@ <?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5.6" appVersion="13.5.6" platformVersion="115.16.0" buildID="20240930230510" detailsURL="https://blog.torproject.org/new-release-tor-browser-1356" actions="showURL" openURL="https://blog.torproject.org/new-release-tor-browser-1356" minSupportedOSVersion="16.0.0"><patch URL="https://cdn.torproject.org/aus1/torbrowser/13.5.6/tor-browser-macos-13.5.6_…" hashFunction="SHA512" hashValue="3812e78c7002ed4b8fe4ab326dd6f665b7948513d95dc1539eb3dd427122f35edd23a80601bca3ec1bcb3a6d1e2186c4f73afa5158fd2804c9c3ab3cb129803f" size="169711162" type="complete"></patch><patch URL="https://cdn.torproject.org/aus1/torbrowser/13.5.6/tor-browser-macos--13.5.3…" hashFunction="SHA512" hashValue="0e1f434b7a7cb2b05299ca20c909242401e486b04816b22338820530069822e95f352ef4010b60c8663d5870064410dcb9878cacd9d82e50560776a245992a3a" size="9024392" type="partial"></patch></update></updates> +<updates><update type="minor" displayVersion="13.5.6" appVersion="13.5.6" platformVersion="115.16.0" buildID="20240930230510" detailsURL="https://blog.torproject.org/new-release-tor-browser-1356" actions="showURL" openURL="https://blog.torproject.org/new-release-tor-browser-1356" minSupportedOSVersion="16.0.0"><patch URL="https://cdn.torproject.org/aus1/torbrowser/13.5.6/tor-browser-macos-13.5.6_…" hashFunction="SHA512" hashValue="1e5b00a0e4d078647f8e04c967703e1d0e5ae8171108f2012ca36106c7bf76a41bb50766b79de6e4eabb1d1454f70754d731d1048ad96a20046221ed06677fce" size="169713986" type="complete"></patch><patch URL="https://cdn.torproject.org/aus1/torbrowser/13.5.6/tor-browser-macos--13.5.3…" hashFunction="SHA512" hashValue="10252334829fa21b7ec10154606cd1079482ef2cc65db6c41dd1ff293a06012b8321f53accb50876f9d53771f16ec666404088d8c42ee43b5ccbec14b76f99bb" size="9029180" type="partial"></patch></update></updates> ===================================== update_3/release/13.5.4-13.5.6-macos-ALL.xml ===================================== @@ -1,2 +1,2 @@ <?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5.6" appVersion="13.5.6" platformVersion="115.16.0" buildID="20240930230510" detailsURL="https://blog.torproject.org/new-release-tor-browser-1356" actions="showURL" openURL="https://blog.torproject.org/new-release-tor-browser-1356" minSupportedOSVersion="16.0.0"><patch URL="https://cdn.torproject.org/aus1/torbrowser/13.5.6/tor-browser-macos-13.5.6_…" hashFunction="SHA512" hashValue="3812e78c7002ed4b8fe4ab326dd6f665b7948513d95dc1539eb3dd427122f35edd23a80601bca3ec1bcb3a6d1e2186c4f73afa5158fd2804c9c3ab3cb129803f" size="169711162" type="complete"></patch><patch URL="https://cdn.torproject.org/aus1/torbrowser/13.5.6/tor-browser-macos--13.5.4…" hashFunction="SHA512" hashValue="bb89e1aacae8732d0e8a5f5e9ca78d089871edbad9dc7e6f73e1ba5dfdf2ee09e483833fcfa31c25ab38549b0753c95bd77c78180ba3b2a6de579943fa3e1638" size="8537264" type="partial"></patch></update></updates> +<updates><update type="minor" displayVersion="13.5.6" appVersion="13.5.6" platformVersion="115.16.0" buildID="20240930230510" detailsURL="https://blog.torproject.org/new-release-tor-browser-1356" actions="showURL" openURL="https://blog.torproject.org/new-release-tor-browser-1356" minSupportedOSVersion="16.0.0"><patch URL="https://cdn.torproject.org/aus1/torbrowser/13.5.6/tor-browser-macos-13.5.6_…" hashFunction="SHA512" hashValue="1e5b00a0e4d078647f8e04c967703e1d0e5ae8171108f2012ca36106c7bf76a41bb50766b79de6e4eabb1d1454f70754d731d1048ad96a20046221ed06677fce" size="169713986" type="complete"></patch><patch URL="https://cdn.torproject.org/aus1/torbrowser/13.5.6/tor-browser-macos--13.5.4…" hashFunction="SHA512" hashValue="bb7d500f431022b5ce5b1b7385ef3db44217681b992ba4fc790b9db0c52ee797c6f54a3d47cb43b8e5d8879330dcc6bbd5e10d6c522563717b74fd50fd55cdaf" size="8534004" type="partial"></patch></update></updates> ===================================== update_3/release/13.5.5-13.5.6-macos-ALL.xml ===================================== @@ -1,2 +1,2 @@ <?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5.6" appVersion="13.5.6" platformVersion="115.16.0" buildID="20240930230510" detailsURL="https://blog.torproject.org/new-release-tor-browser-1356" actions="showURL" openURL="https://blog.torproject.org/new-release-tor-browser-1356" minSupportedOSVersion="16.0.0"><patch URL="https://cdn.torproject.org/aus1/torbrowser/13.5.6/tor-browser-macos-13.5.6_…" hashFunction="SHA512" hashValue="3812e78c7002ed4b8fe4ab326dd6f665b7948513d95dc1539eb3dd427122f35edd23a80601bca3ec1bcb3a6d1e2186c4f73afa5158fd2804c9c3ab3cb129803f" size="169711162" type="complete"></patch><patch URL="https://cdn.torproject.org/aus1/torbrowser/13.5.6/tor-browser-macos--13.5.5…" hashFunction="SHA512" hashValue="e4b7087c41afe1fd942f0e439e2ce7b175d10c4dc6c027af81e90204edcf8811b19bda84ee2eed70a1fe09c117303c8ba0d196b263965c2d7c6af01e6852f919" size="8476716" type="partial"></patch></update></updates> +<updates><update type="minor" displayVersion="13.5.6" appVersion="13.5.6" platformVersion="115.16.0" buildID="20240930230510" detailsURL="https://blog.torproject.org/new-release-tor-browser-1356" actions="showURL" openURL="https://blog.torproject.org/new-release-tor-browser-1356" minSupportedOSVersion="16.0.0"><patch URL="https://cdn.torproject.org/aus1/torbrowser/13.5.6/tor-browser-macos-13.5.6_…" hashFunction="SHA512" hashValue="1e5b00a0e4d078647f8e04c967703e1d0e5ae8171108f2012ca36106c7bf76a41bb50766b79de6e4eabb1d1454f70754d731d1048ad96a20046221ed06677fce" size="169713986" type="complete"></patch><patch URL="https://cdn.torproject.org/aus1/torbrowser/13.5.6/tor-browser-macos--13.5.5…" hashFunction="SHA512" hashValue="d0848e8628a720a24c837dd2f53f93c9805083bd5aa1988bbb3d01cc8c52584bad06975b062e4ce14ab67dd7884a31c7453f4840243f750394733eaa2097662d" size="8478964" type="partial"></patch></update></updates> ===================================== update_3/release/13.5.6-macos-ALL.xml ===================================== @@ -1,2 +1,2 @@ <?xml version="1.0" encoding="UTF-8"?> -<updates><update type="minor" displayVersion="13.5.6" appVersion="13.5.6" platformVersion="115.16.0" buildID="20240930230510" detailsURL="https://blog.torproject.org/new-release-tor-browser-1356" actions="showURL" openURL="https://blog.torproject.org/new-release-tor-browser-1356" minSupportedOSVersion="16.0.0"><patch URL="https://cdn.torproject.org/aus1/torbrowser/13.5.6/tor-browser-macos-13.5.6_…" hashFunction="SHA512" hashValue="3812e78c7002ed4b8fe4ab326dd6f665b7948513d95dc1539eb3dd427122f35edd23a80601bca3ec1bcb3a6d1e2186c4f73afa5158fd2804c9c3ab3cb129803f" size="169711162" type="complete"></patch></update></updates> +<updates><update type="minor" displayVersion="13.5.6" appVersion="13.5.6" platformVersion="115.16.0" buildID="20240930230510" detailsURL="https://blog.torproject.org/new-release-tor-browser-1356" actions="showURL" openURL="https://blog.torproject.org/new-release-tor-browser-1356" minSupportedOSVersion="16.0.0"><patch URL="https://cdn.torproject.org/aus1/torbrowser/13.5.6/tor-browser-macos-13.5.6_…" hashFunction="SHA512" hashValue="1e5b00a0e4d078647f8e04c967703e1d0e5ae8171108f2012ca36106c7bf76a41bb50766b79de6e4eabb1d1454f70754d731d1048ad96a20046221ed06677fce" size="169713986" type="complete"></patch></update></updates> ===================================== update_3/release/download-android-aarch64.json ===================================== @@ -1 +1 @@ -{"binary":"https://dist.torproject.org/torbrowser/13.5.4/tor-browser-android-aarch64-1…","git_tag":"tbb-13.5.4-build1","sig":"https://dist.torproject.org/torbrowser/13.5.4/tor-browser-android-aarch64-1…","version":"13.5.4"} \ No newline at end of file +{"binary":"https://dist.torproject.org/torbrowser/13.5.6/tor-browser-android-aarch64-1…","git_tag":"tbb-13.5.6-build1","sig":"https://dist.torproject.org/torbrowser/13.5.6/tor-browser-android-aarch64-1…","version":"13.5.6"} \ No newline at end of file ===================================== update_3/release/download-android-armv7.json ===================================== @@ -1 +1 @@ -{"binary":"https://dist.torproject.org/torbrowser/13.5.4/tor-browser-android-armv7-13.…","git_tag":"tbb-13.5.4-build1","sig":"https://dist.torproject.org/torbrowser/13.5.4/tor-browser-android-armv7-13.…","version":"13.5.4"} \ No newline at end of file +{"binary":"https://dist.torproject.org/torbrowser/13.5.6/tor-browser-android-armv7-13.…","git_tag":"tbb-13.5.6-build1","sig":"https://dist.torproject.org/torbrowser/13.5.6/tor-browser-android-armv7-13.…","version":"13.5.6"} \ No newline at end of file ===================================== update_3/release/download-android-x86.json ===================================== @@ -1 +1 @@ -{"binary":"https://dist.torproject.org/torbrowser/13.5.4/tor-browser-android-x86-13.5.…","git_tag":"tbb-13.5.4-build1","sig":"https://dist.torproject.org/torbrowser/13.5.4/tor-browser-android-x86-13.5.…","version":"13.5.4"} \ No newline at end of file +{"binary":"https://dist.torproject.org/torbrowser/13.5.6/tor-browser-android-x86-13.5.…","git_tag":"tbb-13.5.6-build1","sig":"https://dist.torproject.org/torbrowser/13.5.6/tor-browser-android-x86-13.5.…","version":"13.5.6"} \ No newline at end of file ===================================== update_3/release/download-android-x86_64.json ===================================== @@ -1 +1 @@ -{"binary":"https://dist.torproject.org/torbrowser/13.5.4/tor-browser-android-x86_64-13…","git_tag":"tbb-13.5.4-build1","sig":"https://dist.torproject.org/torbrowser/13.5.4/tor-browser-android-x86_64-13…","version":"13.5.4"} \ No newline at end of file +{"binary":"https://dist.torproject.org/torbrowser/13.5.6/tor-browser-android-x86_64-13…","git_tag":"tbb-13.5.6-build1","sig":"https://dist.torproject.org/torbrowser/13.5.6/tor-browser-android-x86_64-13…","version":"13.5.6"} \ No newline at end of file View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-128.3.0esr-14.0-1] fixup! Firefox preference overrides.
by morgan (＠morgan) 02 Oct '24

02 Oct '24

morgan pushed to branch mullvad-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Mullvad Browser Commits: 8523387b by Pier Angelo Vendrame at 2024-10-02T19:53:07+00:00 fixup! Firefox preference overrides. Bug 42054: ESR128: investigate - thorin's list. Set or remove some preferences as suggested by Thorin. - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -101,6 +101,12 @@ pref("browser.pagethumbnails.capturing_disabled", true); // pref("privacy.exposeContentTitleInWindow", false); // pref("privacy.exposeContentTitleInWindow.pbm", false); +// tor-browser#42054: Opt-out from any built-in backup system, even though +// local, as it might be a violation of our standalone mode. +// Users can still opt-in if they wish. +pref("browser.backup.enabled", false); +pref("browser.backup.scheduled.enabled", false); + // Empty clipboard content from private windows on exit (tor-browser#42154) pref("browser.privatebrowsing.preserveClipboard", false); @@ -251,6 +257,9 @@ pref("privacy.trackingprotection.fingerprinting.enabled", false); pref("privacy.trackingprotection.socialtracking.enabled", false); pref("privacy.socialtracking.block_cookies.enabled", false); pref("privacy.annotate_channels.strict_list.enabled", false); +// tor-browser#43178: for defense-in-depth, avoid remote overrides to FPP. +// Notice that it should not apply to RFP anyway... +pref("privacy.fingerprintingProtection.remoteOverrides.enabled", false); // Disable the Pocket extension (Bug #18886 and #31602) pref("extensions.pocket.enabled", false); @@ -284,6 +293,9 @@ pref("browser.newtabpage.activity-stream.asrouter.providers.messaging-experiment // Disable fetching asrouter.ftl and related console errors (tor-browser#40763). pref("browser.newtabpage.activity-stream.asrouter.useRemoteL10n", false); +// tor-browser#42054: make sure search result telemetry is disabled. +pref("browser.search.serpEventTelemetryCategorization.enabled", false); + // tor-browser#42872, #42555: Disable translations. // Translation have a bad UX in 128 (and with our config). Maybe we will // re-enable after auditing and fixing the UX. @@ -444,9 +456,6 @@ pref("pdfjs.disabled", false, locked); #endif // Bug 40057: Ensure system colors are not used for CSS4 colors pref("browser.display.use_system_colors", false); -// Enforce non-native widget theme (true by default, defense in depth). -// Provides a uniform look and feel across platforms. Added with tor-browser#41496. -pref("widget.non-native-theme.enabled", true); // tor-browser#41676: Set the TZ environment variable as a defense-in-depth. // TODO: Remove this in ESR-128, as it has been removed in 116 with Bug 1837582. pref("privacy.resistFingerprinting.testing.setTZtoUTC", true); @@ -524,7 +533,9 @@ pref("network.http.http2.websockets", true, locked); pref("network.http.http2.enable-hpack-dump", false, locked); // tor-browser#23044: Make sure we don't have any GIO supported protocols -// (defense in depth measure) +// (defense in depth measure). +// As of Firefox 118 (Bug 1843763), upstream does not add any protocol by +// default, but setting it to blank seems a good idea (tor-browser#42054). pref("network.gio.supported-protocols", ""); // Mullvad Browser enables WebRTC by default, meaning that there the following prefs // are first-line defense, rather than "in depth" (mullvad-browser#40) @@ -627,9 +638,6 @@ pref("security.cert_pinning.enforcement_level", 2); // Don't load OS client certs. pref("security.osclientcerts.autoload", false); -// Don't allow MitM via Microsoft Family Safety, see bug 21686 -pref("security.family_safety.mode", 0); - // Don't allow MitM via enterprise roots, see bug 30681 pref("security.enterprise_roots.enabled", false); View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/852… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/852… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-128.3.0esr-14.0-1] fixup! Firefox preference overrides.
by morgan (＠morgan) 02 Oct '24

02 Oct '24

morgan pushed to branch base-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Tor Browser Commits: b8610ea4 by Pier Angelo Vendrame at 2024-10-02T19:52:38+00:00 fixup! Firefox preference overrides. Bug 42054: ESR128: investigate - thorin's list. Set or remove some preferences as suggested by Thorin. - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -101,6 +101,12 @@ pref("browser.pagethumbnails.capturing_disabled", true); // pref("privacy.exposeContentTitleInWindow", false); // pref("privacy.exposeContentTitleInWindow.pbm", false); +// tor-browser#42054: Opt-out from any built-in backup system, even though +// local, as it might be a violation of our standalone mode. +// Users can still opt-in if they wish. +pref("browser.backup.enabled", false); +pref("browser.backup.scheduled.enabled", false); + // Empty clipboard content from private windows on exit (tor-browser#42154) pref("browser.privatebrowsing.preserveClipboard", false); @@ -251,6 +257,9 @@ pref("privacy.trackingprotection.fingerprinting.enabled", false); pref("privacy.trackingprotection.socialtracking.enabled", false); pref("privacy.socialtracking.block_cookies.enabled", false); pref("privacy.annotate_channels.strict_list.enabled", false); +// tor-browser#43178: for defense-in-depth, avoid remote overrides to FPP. +// Notice that it should not apply to RFP anyway... +pref("privacy.fingerprintingProtection.remoteOverrides.enabled", false); // Disable the Pocket extension (Bug #18886 and #31602) pref("extensions.pocket.enabled", false); @@ -284,6 +293,9 @@ pref("browser.newtabpage.activity-stream.asrouter.providers.messaging-experiment // Disable fetching asrouter.ftl and related console errors (tor-browser#40763). pref("browser.newtabpage.activity-stream.asrouter.useRemoteL10n", false); +// tor-browser#42054: make sure search result telemetry is disabled. +pref("browser.search.serpEventTelemetryCategorization.enabled", false); + // tor-browser#42872, #42555: Disable translations. // Translation have a bad UX in 128 (and with our config). Maybe we will // re-enable after auditing and fixing the UX. @@ -444,9 +456,6 @@ pref("pdfjs.disabled", false, locked); #endif // Bug 40057: Ensure system colors are not used for CSS4 colors pref("browser.display.use_system_colors", false); -// Enforce non-native widget theme (true by default, defense in depth). -// Provides a uniform look and feel across platforms. Added with tor-browser#41496. -pref("widget.non-native-theme.enabled", true); // tor-browser#41676: Set the TZ environment variable as a defense-in-depth. // TODO: Remove this in ESR-128, as it has been removed in 116 with Bug 1837582. pref("privacy.resistFingerprinting.testing.setTZtoUTC", true); @@ -524,7 +533,9 @@ pref("network.http.http2.websockets", true, locked); pref("network.http.http2.enable-hpack-dump", false, locked); // tor-browser#23044: Make sure we don't have any GIO supported protocols -// (defense in depth measure) +// (defense in depth measure). +// As of Firefox 118 (Bug 1843763), upstream does not add any protocol by +// default, but setting it to blank seems a good idea (tor-browser#42054). pref("network.gio.supported-protocols", ""); pref("media.peerconnection.enabled", false); // Disable WebRTC interfaces // Mullvad Browser enables WebRTC by default, meaning that there the following prefs @@ -631,9 +642,6 @@ pref("security.cert_pinning.enforcement_level", 2); // Don't load OS client certs. pref("security.osclientcerts.autoload", false); -// Don't allow MitM via Microsoft Family Safety, see bug 21686 -pref("security.family_safety.mode", 0); - // Don't allow MitM via enterprise roots, see bug 30681 pref("security.enterprise_roots.enabled", false); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/b8610ea… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/b8610ea… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.3.0esr-14.0-1] fixup! Firefox preference overrides.
by morgan (＠morgan) 02 Oct '24

02 Oct '24

morgan pushed to branch tor-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Tor Browser Commits: 816dae39 by Pier Angelo Vendrame at 2024-10-02T19:32:59+00:00 fixup! Firefox preference overrides. Bug 42054: ESR128: investigate - thorin's list. Set or remove some preferences as suggested by Thorin. - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -101,6 +101,12 @@ pref("browser.pagethumbnails.capturing_disabled", true); // pref("privacy.exposeContentTitleInWindow", false); // pref("privacy.exposeContentTitleInWindow.pbm", false); +// tor-browser#42054: Opt-out from any built-in backup system, even though +// local, as it might be a violation of our standalone mode. +// Users can still opt-in if they wish. +pref("browser.backup.enabled", false); +pref("browser.backup.scheduled.enabled", false); + // Empty clipboard content from private windows on exit (tor-browser#42154) pref("browser.privatebrowsing.preserveClipboard", false); @@ -251,6 +257,9 @@ pref("privacy.trackingprotection.fingerprinting.enabled", false); pref("privacy.trackingprotection.socialtracking.enabled", false); pref("privacy.socialtracking.block_cookies.enabled", false); pref("privacy.annotate_channels.strict_list.enabled", false); +// tor-browser#43178: for defense-in-depth, avoid remote overrides to FPP. +// Notice that it should not apply to RFP anyway... +pref("privacy.fingerprintingProtection.remoteOverrides.enabled", false); // Disable the Pocket extension (Bug #18886 and #31602) pref("extensions.pocket.enabled", false); @@ -284,6 +293,9 @@ pref("browser.newtabpage.activity-stream.asrouter.providers.messaging-experiment // Disable fetching asrouter.ftl and related console errors (tor-browser#40763). pref("browser.newtabpage.activity-stream.asrouter.useRemoteL10n", false); +// tor-browser#42054: make sure search result telemetry is disabled. +pref("browser.search.serpEventTelemetryCategorization.enabled", false); + // tor-browser#42872, #42555: Disable translations. // Translation have a bad UX in 128 (and with our config). Maybe we will // re-enable after auditing and fixing the UX. @@ -444,9 +456,6 @@ pref("pdfjs.disabled", false, locked); #endif // Bug 40057: Ensure system colors are not used for CSS4 colors pref("browser.display.use_system_colors", false); -// Enforce non-native widget theme (true by default, defense in depth). -// Provides a uniform look and feel across platforms. Added with tor-browser#41496. -pref("widget.non-native-theme.enabled", true); // tor-browser#41676: Set the TZ environment variable as a defense-in-depth. // TODO: Remove this in ESR-128, as it has been removed in 116 with Bug 1837582. pref("privacy.resistFingerprinting.testing.setTZtoUTC", true); @@ -524,7 +533,9 @@ pref("network.http.http2.websockets", true, locked); pref("network.http.http2.enable-hpack-dump", false, locked); // tor-browser#23044: Make sure we don't have any GIO supported protocols -// (defense in depth measure) +// (defense in depth measure). +// As of Firefox 118 (Bug 1843763), upstream does not add any protocol by +// default, but setting it to blank seems a good idea (tor-browser#42054). pref("network.gio.supported-protocols", ""); pref("media.peerconnection.enabled", false); // Disable WebRTC interfaces // Mullvad Browser enables WebRTC by default, meaning that there the following prefs @@ -631,9 +642,6 @@ pref("security.cert_pinning.enforcement_level", 2); // Don't load OS client certs. pref("security.osclientcerts.autoload", false); -// Don't allow MitM via Microsoft Family Safety, see bug 21686 -pref("security.family_safety.mode", 0); - // Don't allow MitM via enterprise roots, see bug 30681 pref("security.enterprise_roots.enabled", false); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/816dae3… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/816dae3… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-128.3.0esr-14.0-1] 2 commits: Bug 1607032: Spoof screen orientation and angle to primary values. r=tjr, geckoview-reviewers, owlish
by morgan (＠morgan) 02 Oct '24

02 Oct '24

morgan pushed to branch mullvad-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Mullvad Browser Commits: 0c49d19c by Fatih at 2024-10-02T19:27:24+00:00 Bug 1607032: Spoof screen orientation and angle to primary values. r=tjr,geckoview-reviewers,owlish Differential Revision: https://phabricator.services.mozilla.com/D220904 - - - - - 0fb83408 by Fatih at 2024-10-02T19:27:24+00:00 Bug 1918202: Spoof orientation based on screen size. r=tjr Differential Revision: https://phabricator.services.mozilla.com/D221863 - - - - - 6 changed files: - dom/base/ScreenOrientation.cpp - dom/base/nsGlobalWindowInner.cpp - dom/base/test/chrome/bug418986-1.js - hal/android/AndroidHal.cpp - toolkit/components/resistfingerprinting/nsRFPService.cpp - toolkit/components/resistfingerprinting/nsRFPService.h Changes: ===================================== dom/base/ScreenOrientation.cpp ===================================== @@ -626,7 +626,13 @@ void ScreenOrientation::CleanupFullscreenListener() { OrientationType ScreenOrientation::DeviceType(CallerType aCallerType) const { if (nsContentUtils::ShouldResistFingerprinting( aCallerType, GetOwnerGlobal(), RFPTarget::ScreenOrientation)) { - return OrientationType::Landscape_primary; + Document* doc = GetResponsibleDocument(); + BrowsingContext* bc = doc ? doc->GetBrowsingContext() : nullptr; + if (!bc) { + return nsRFPService::GetDefaultOrientationType(); + } + CSSIntSize size = bc->GetTopInnerSizeForRFP(); + return nsRFPService::ViewportSizeToOrientationType(size.width, size.height); } return mType; } @@ -634,18 +640,19 @@ OrientationType ScreenOrientation::DeviceType(CallerType aCallerType) const { uint16_t ScreenOrientation::DeviceAngle(CallerType aCallerType) const { if (nsContentUtils::ShouldResistFingerprinting( aCallerType, GetOwnerGlobal(), RFPTarget::ScreenOrientation)) { - return 0; + Document* doc = GetResponsibleDocument(); + BrowsingContext* bc = doc ? doc->GetBrowsingContext() : nullptr; + if (!bc) { + return 0; + } + CSSIntSize size = bc->GetTopInnerSizeForRFP(); + return nsRFPService::ViewportSizeToAngle(size.width, size.height); } return mAngle; } OrientationType ScreenOrientation::GetType(CallerType aCallerType, ErrorResult& aRv) const { - if (nsContentUtils::ShouldResistFingerprinting( - aCallerType, GetOwnerGlobal(), RFPTarget::ScreenOrientation)) { - return OrientationType::Landscape_primary; - } - Document* doc = GetResponsibleDocument(); BrowsingContext* bc = doc ? doc->GetBrowsingContext() : nullptr; if (!bc) { @@ -653,16 +660,17 @@ OrientationType ScreenOrientation::GetType(CallerType aCallerType, return OrientationType::Portrait_primary; } - return bc->GetCurrentOrientationType(); -} - -uint16_t ScreenOrientation::GetAngle(CallerType aCallerType, - ErrorResult& aRv) const { + OrientationType orientation = bc->GetCurrentOrientationType(); if (nsContentUtils::ShouldResistFingerprinting( aCallerType, GetOwnerGlobal(), RFPTarget::ScreenOrientation)) { - return 0; + CSSIntSize size = bc->GetTopInnerSizeForRFP(); + return nsRFPService::ViewportSizeToOrientationType(size.width, size.height); } + return orientation; +} +uint16_t ScreenOrientation::GetAngle(CallerType aCallerType, + ErrorResult& aRv) const { Document* doc = GetResponsibleDocument(); BrowsingContext* bc = doc ? doc->GetBrowsingContext() : nullptr; if (!bc) { @@ -670,7 +678,13 @@ uint16_t ScreenOrientation::GetAngle(CallerType aCallerType, return 0; } - return bc->GetCurrentOrientationAngle(); + uint16_t angle = static_cast<uint16_t>(bc->GetCurrentOrientationAngle()); + if (nsContentUtils::ShouldResistFingerprinting( + aCallerType, GetOwnerGlobal(), RFPTarget::ScreenOrientation)) { + CSSIntSize size = bc->GetTopInnerSizeForRFP(); + return nsRFPService::ViewportSizeToAngle(size.width, size.height); + } + return angle; } ScreenOrientation::LockPermission ===================================== dom/base/nsGlobalWindowInner.cpp ===================================== @@ -7306,11 +7306,13 @@ void nsGlobalWindowInner::InitWasOffline() { mWasOffline = NS_IsOffline(); } int16_t nsGlobalWindowInner::Orientation(CallerType aCallerType) { // GetOrientationAngle() returns 0, 90, 180 or 270. // window.orientation returns -90, 0, 90 or 180. + uint16_t screenAngle = Screen()->GetOrientationAngle(); if (nsIGlobalObject::ShouldResistFingerprinting( aCallerType, RFPTarget::ScreenOrientation)) { - return 0; + CSSIntSize size = mBrowsingContext->GetTopInnerSizeForRFP(); + screenAngle = nsRFPService::ViewportSizeToAngle(size.width, size.height); } - int16_t angle = AssertedCast<int16_t>(Screen()->GetOrientationAngle()); + int16_t angle = AssertedCast<int16_t>(screenAngle); return angle <= 180 ? angle : angle - 360; } ===================================== dom/base/test/chrome/bug418986-1.js ===================================== @@ -32,9 +32,6 @@ var test = function (isContent) { ["screen.availTop", 0], ["screen.width", "outerWidth"], ["screen.height", "outerHeight"], - ["screen.orientation.type", "'landscape-primary'"], - ["screen.orientation.angle", 0], - ["screen.mozOrientation", "'landscape-primary'"], ["devicePixelRatio", 2], ]; ===================================== hal/android/AndroidHal.cpp ===================================== @@ -79,19 +79,20 @@ void GetCurrentNetworkInformation(hal::NetworkInformation* aNetworkInfo) { static bool IsSupportedScreenOrientation(hal::ScreenOrientation aOrientation) { // The Android backend only supports these orientations. - static constexpr ScreenOrientation kSupportedOrientations[] = { - ScreenOrientation::PortraitPrimary, - ScreenOrientation::PortraitSecondary, - ScreenOrientation::PortraitPrimary | ScreenOrientation::PortraitSecondary, - ScreenOrientation::LandscapePrimary, - ScreenOrientation::LandscapeSecondary, - ScreenOrientation::LandscapePrimary | - ScreenOrientation::LandscapeSecondary, - ScreenOrientation::PortraitPrimary | - ScreenOrientation::PortraitSecondary | - ScreenOrientation::LandscapePrimary | - ScreenOrientation::LandscapeSecondary, - ScreenOrientation::Default, + static constexpr hal::ScreenOrientation kSupportedOrientations[] = { + hal::ScreenOrientation::PortraitPrimary, + hal::ScreenOrientation::PortraitSecondary, + hal::ScreenOrientation::PortraitPrimary | + hal::ScreenOrientation::PortraitSecondary, + hal::ScreenOrientation::LandscapePrimary, + hal::ScreenOrientation::LandscapeSecondary, + hal::ScreenOrientation::LandscapePrimary | + hal::ScreenOrientation::LandscapeSecondary, + hal::ScreenOrientation::PortraitPrimary | + hal::ScreenOrientation::PortraitSecondary | + hal::ScreenOrientation::LandscapePrimary | + hal::ScreenOrientation::LandscapeSecondary, + hal::ScreenOrientation::Default, }; for (auto supportedOrientation : kSupportedOrientations) { if (aOrientation == supportedOrientation) { ===================================== toolkit/components/resistfingerprinting/nsRFPService.cpp ===================================== @@ -2284,3 +2284,34 @@ Maybe<RFPTarget> nsRFPService::GetOverriddenFingerprintingSettingsForURI( return result; } + +/* static */ +uint16_t nsRFPService::ViewportSizeToAngle(int32_t aWidth, int32_t aHeight) { +#ifdef MOZ_WIDGET_ANDROID + bool neutral = aHeight >= aWidth; +#else + bool neutral = aWidth >= aHeight; +#endif + if (neutral) { + return 0; + } + return 90; +} + +/* static */ +dom::OrientationType nsRFPService::ViewportSizeToOrientationType( + int32_t aWidth, int32_t aHeight) { + if (aWidth >= aHeight) { + return dom::OrientationType::Landscape_primary; + } + return dom::OrientationType::Portrait_primary; +} + +/* static */ +dom::OrientationType nsRFPService::GetDefaultOrientationType() { +#ifdef MOZ_WIDGET_ANDROID + return dom::OrientationType::Portrait_primary; +#else + return dom::OrientationType::Landscape_primary; +#endif +} ===================================== toolkit/components/resistfingerprinting/nsRFPService.h ===================================== @@ -14,6 +14,7 @@ #include "mozilla/ContentBlockingLog.h" #include "mozilla/gfx/Types.h" #include "mozilla/TypedEnumBits.h" +#include "mozilla/dom/ScreenOrientationBinding.h" #include "js/RealmOptions.h" #include "nsHashtablesFwd.h" #include "nsICookieJarSettings.h" @@ -368,6 +369,16 @@ class nsRFPService final : public nsIObserver, public nsIRFPService { static bool CheckSuspiciousFingerprintingActivity( nsTArray<ContentBlockingLog::LogEntry>& aLogs); + // Converts the viewport size to the angle. + static uint16_t ViewportSizeToAngle(int32_t aWidth, int32_t aHeight); + + // Converts the viewport size to the orientation type. + static dom::OrientationType ViewportSizeToOrientationType(int32_t aWidth, + int32_t aHeight); + + // Returns the default orientation type for the given platform. + static dom::OrientationType GetDefaultOrientationType(); + private: nsresult Init(); View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/92… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/92… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-128.3.0esr-14.0-1] 2 commits: Bug 1607032: Spoof screen orientation and angle to primary values. r=tjr, geckoview-reviewers, owlish
by morgan (＠morgan) 02 Oct '24

02 Oct '24

morgan pushed to branch base-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Tor Browser Commits: 9f066a06 by Fatih at 2024-10-02T19:25:48+00:00 Bug 1607032: Spoof screen orientation and angle to primary values. r=tjr,geckoview-reviewers,owlish Differential Revision: https://phabricator.services.mozilla.com/D220904 - - - - - 6112a1c3 by Fatih at 2024-10-02T19:25:48+00:00 Bug 1918202: Spoof orientation based on screen size. r=tjr Differential Revision: https://phabricator.services.mozilla.com/D221863 - - - - - 6 changed files: - dom/base/ScreenOrientation.cpp - dom/base/nsGlobalWindowInner.cpp - dom/base/test/chrome/bug418986-1.js - hal/android/AndroidHal.cpp - toolkit/components/resistfingerprinting/nsRFPService.cpp - toolkit/components/resistfingerprinting/nsRFPService.h Changes: ===================================== dom/base/ScreenOrientation.cpp ===================================== @@ -626,7 +626,13 @@ void ScreenOrientation::CleanupFullscreenListener() { OrientationType ScreenOrientation::DeviceType(CallerType aCallerType) const { if (nsContentUtils::ShouldResistFingerprinting( aCallerType, GetOwnerGlobal(), RFPTarget::ScreenOrientation)) { - return OrientationType::Landscape_primary; + Document* doc = GetResponsibleDocument(); + BrowsingContext* bc = doc ? doc->GetBrowsingContext() : nullptr; + if (!bc) { + return nsRFPService::GetDefaultOrientationType(); + } + CSSIntSize size = bc->GetTopInnerSizeForRFP(); + return nsRFPService::ViewportSizeToOrientationType(size.width, size.height); } return mType; } @@ -634,18 +640,19 @@ OrientationType ScreenOrientation::DeviceType(CallerType aCallerType) const { uint16_t ScreenOrientation::DeviceAngle(CallerType aCallerType) const { if (nsContentUtils::ShouldResistFingerprinting( aCallerType, GetOwnerGlobal(), RFPTarget::ScreenOrientation)) { - return 0; + Document* doc = GetResponsibleDocument(); + BrowsingContext* bc = doc ? doc->GetBrowsingContext() : nullptr; + if (!bc) { + return 0; + } + CSSIntSize size = bc->GetTopInnerSizeForRFP(); + return nsRFPService::ViewportSizeToAngle(size.width, size.height); } return mAngle; } OrientationType ScreenOrientation::GetType(CallerType aCallerType, ErrorResult& aRv) const { - if (nsContentUtils::ShouldResistFingerprinting( - aCallerType, GetOwnerGlobal(), RFPTarget::ScreenOrientation)) { - return OrientationType::Landscape_primary; - } - Document* doc = GetResponsibleDocument(); BrowsingContext* bc = doc ? doc->GetBrowsingContext() : nullptr; if (!bc) { @@ -653,16 +660,17 @@ OrientationType ScreenOrientation::GetType(CallerType aCallerType, return OrientationType::Portrait_primary; } - return bc->GetCurrentOrientationType(); -} - -uint16_t ScreenOrientation::GetAngle(CallerType aCallerType, - ErrorResult& aRv) const { + OrientationType orientation = bc->GetCurrentOrientationType(); if (nsContentUtils::ShouldResistFingerprinting( aCallerType, GetOwnerGlobal(), RFPTarget::ScreenOrientation)) { - return 0; + CSSIntSize size = bc->GetTopInnerSizeForRFP(); + return nsRFPService::ViewportSizeToOrientationType(size.width, size.height); } + return orientation; +} +uint16_t ScreenOrientation::GetAngle(CallerType aCallerType, + ErrorResult& aRv) const { Document* doc = GetResponsibleDocument(); BrowsingContext* bc = doc ? doc->GetBrowsingContext() : nullptr; if (!bc) { @@ -670,7 +678,13 @@ uint16_t ScreenOrientation::GetAngle(CallerType aCallerType, return 0; } - return bc->GetCurrentOrientationAngle(); + uint16_t angle = static_cast<uint16_t>(bc->GetCurrentOrientationAngle()); + if (nsContentUtils::ShouldResistFingerprinting( + aCallerType, GetOwnerGlobal(), RFPTarget::ScreenOrientation)) { + CSSIntSize size = bc->GetTopInnerSizeForRFP(); + return nsRFPService::ViewportSizeToAngle(size.width, size.height); + } + return angle; } ScreenOrientation::LockPermission ===================================== dom/base/nsGlobalWindowInner.cpp ===================================== @@ -7306,11 +7306,13 @@ void nsGlobalWindowInner::InitWasOffline() { mWasOffline = NS_IsOffline(); } int16_t nsGlobalWindowInner::Orientation(CallerType aCallerType) { // GetOrientationAngle() returns 0, 90, 180 or 270. // window.orientation returns -90, 0, 90 or 180. + uint16_t screenAngle = Screen()->GetOrientationAngle(); if (nsIGlobalObject::ShouldResistFingerprinting( aCallerType, RFPTarget::ScreenOrientation)) { - return 0; + CSSIntSize size = mBrowsingContext->GetTopInnerSizeForRFP(); + screenAngle = nsRFPService::ViewportSizeToAngle(size.width, size.height); } - int16_t angle = AssertedCast<int16_t>(Screen()->GetOrientationAngle()); + int16_t angle = AssertedCast<int16_t>(screenAngle); return angle <= 180 ? angle : angle - 360; } ===================================== dom/base/test/chrome/bug418986-1.js ===================================== @@ -32,9 +32,6 @@ var test = function (isContent) { ["screen.availTop", 0], ["screen.width", "outerWidth"], ["screen.height", "outerHeight"], - ["screen.orientation.type", "'landscape-primary'"], - ["screen.orientation.angle", 0], - ["screen.mozOrientation", "'landscape-primary'"], ["devicePixelRatio", 2], ]; ===================================== hal/android/AndroidHal.cpp ===================================== @@ -79,19 +79,20 @@ void GetCurrentNetworkInformation(hal::NetworkInformation* aNetworkInfo) { static bool IsSupportedScreenOrientation(hal::ScreenOrientation aOrientation) { // The Android backend only supports these orientations. - static constexpr ScreenOrientation kSupportedOrientations[] = { - ScreenOrientation::PortraitPrimary, - ScreenOrientation::PortraitSecondary, - ScreenOrientation::PortraitPrimary | ScreenOrientation::PortraitSecondary, - ScreenOrientation::LandscapePrimary, - ScreenOrientation::LandscapeSecondary, - ScreenOrientation::LandscapePrimary | - ScreenOrientation::LandscapeSecondary, - ScreenOrientation::PortraitPrimary | - ScreenOrientation::PortraitSecondary | - ScreenOrientation::LandscapePrimary | - ScreenOrientation::LandscapeSecondary, - ScreenOrientation::Default, + static constexpr hal::ScreenOrientation kSupportedOrientations[] = { + hal::ScreenOrientation::PortraitPrimary, + hal::ScreenOrientation::PortraitSecondary, + hal::ScreenOrientation::PortraitPrimary | + hal::ScreenOrientation::PortraitSecondary, + hal::ScreenOrientation::LandscapePrimary, + hal::ScreenOrientation::LandscapeSecondary, + hal::ScreenOrientation::LandscapePrimary | + hal::ScreenOrientation::LandscapeSecondary, + hal::ScreenOrientation::PortraitPrimary | + hal::ScreenOrientation::PortraitSecondary | + hal::ScreenOrientation::LandscapePrimary | + hal::ScreenOrientation::LandscapeSecondary, + hal::ScreenOrientation::Default, }; for (auto supportedOrientation : kSupportedOrientations) { if (aOrientation == supportedOrientation) { ===================================== toolkit/components/resistfingerprinting/nsRFPService.cpp ===================================== @@ -2284,3 +2284,34 @@ Maybe<RFPTarget> nsRFPService::GetOverriddenFingerprintingSettingsForURI( return result; } + +/* static */ +uint16_t nsRFPService::ViewportSizeToAngle(int32_t aWidth, int32_t aHeight) { +#ifdef MOZ_WIDGET_ANDROID + bool neutral = aHeight >= aWidth; +#else + bool neutral = aWidth >= aHeight; +#endif + if (neutral) { + return 0; + } + return 90; +} + +/* static */ +dom::OrientationType nsRFPService::ViewportSizeToOrientationType( + int32_t aWidth, int32_t aHeight) { + if (aWidth >= aHeight) { + return dom::OrientationType::Landscape_primary; + } + return dom::OrientationType::Portrait_primary; +} + +/* static */ +dom::OrientationType nsRFPService::GetDefaultOrientationType() { +#ifdef MOZ_WIDGET_ANDROID + return dom::OrientationType::Portrait_primary; +#else + return dom::OrientationType::Landscape_primary; +#endif +} ===================================== toolkit/components/resistfingerprinting/nsRFPService.h ===================================== @@ -14,6 +14,7 @@ #include "mozilla/ContentBlockingLog.h" #include "mozilla/gfx/Types.h" #include "mozilla/TypedEnumBits.h" +#include "mozilla/dom/ScreenOrientationBinding.h" #include "js/RealmOptions.h" #include "nsHashtablesFwd.h" #include "nsICookieJarSettings.h" @@ -368,6 +369,16 @@ class nsRFPService final : public nsIObserver, public nsIRFPService { static bool CheckSuspiciousFingerprintingActivity( nsTArray<ContentBlockingLog::LogEntry>& aLogs); + // Converts the viewport size to the angle. + static uint16_t ViewportSizeToAngle(int32_t aWidth, int32_t aHeight); + + // Converts the viewport size to the orientation type. + static dom::OrientationType ViewportSizeToOrientationType(int32_t aWidth, + int32_t aHeight); + + // Returns the default orientation type for the given platform. + static dom::OrientationType GetDefaultOrientationType(); + private: nsresult Init(); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/dbdddf… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/dbdddf… You're receiving this email because of your account on gitlab.torproject.org.

1 0