- tbb-commits - lists.torproject.org

[Git][tpo/applications/tor-browser][tor-browser-115.21.0esr-13.5-1] Bug 1956398 - Avoid duplicating pseudo-handles in ipc_channel_win.cc.
by morgan (＠morgan) 26 Mar '25

26 Mar '25

morgan pushed to branch tor-browser-115.21.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 2299557b by Yannis Juglaret at 2025-03-26T21:53:05+00:00 Bug 1956398 - Avoid duplicating pseudo-handles in ipc_channel_win.cc. Differential Revision: https://phabricator.services.mozilla.com/D243189 - - - - - 1 changed file: - ipc/chromium/src/chrome/common/ipc_channel_win.cc Changes: ===================================== ipc/chromium/src/chrome/common/ipc_channel_win.cc ===================================== @@ -27,6 +27,34 @@ using namespace mozilla::ipc; +namespace { + +// This logic is borrowed from Chromium's `base/win/win_util.h`. It allows us +// to distinguish pseudo-handle values, such as returned by GetCurrentProcess() +// (-1), GetCurrentThread() (-2), and potentially more. The code there claims +// that fuzzers have found issues up until -12 with DuplicateHandle. +// +// https://source.chromium.org/chromium/chromium/src/+/36dbbf38697dd1e23ef8944… +inline bool IsPseudoHandle(HANDLE handle) { + auto handleValue = static_cast<int32_t>(reinterpret_cast<uintptr_t>(handle)); + return -12 <= handleValue && handleValue < 0; +} + +// A real handle is a handle that is not a pseudo-handle. Always preferably use +// this variant over ::DuplicateHandle. Only use stock ::DuplicateHandle if you +// explicitly need the ability to duplicate a pseudo-handle. +inline bool DuplicateRealHandle(HANDLE source_process, HANDLE source_handle, + HANDLE target_process, LPHANDLE target_handle, + DWORD desired_access, BOOL inherit_handle, + DWORD options) { + MOZ_RELEASE_ASSERT(!IsPseudoHandle(source_handle)); + return static_cast<bool>(::DuplicateHandle( + source_process, source_handle, target_process, target_handle, + desired_access, inherit_handle, options)); +} + +} // namespace + namespace IPC { //------------------------------------------------------------------------------ @@ -732,9 +760,9 @@ bool Channel::ChannelImpl::AcceptHandles(Message& msg) { CHROMIUM_LOG(ERROR) << "other_process_ is invalid in AcceptHandles"; return false; } - if (!::DuplicateHandle(other_process_, handle, GetCurrentProcess(), - &handle, 0, FALSE, - DUPLICATE_SAME_ACCESS | DUPLICATE_CLOSE_SOURCE)) { + if (!::DuplicateRealHandle( + other_process_, handle, GetCurrentProcess(), &handle, 0, FALSE, + DUPLICATE_SAME_ACCESS | DUPLICATE_CLOSE_SOURCE)) { CHROMIUM_LOG(ERROR) << "DuplicateHandle failed for handle " << handle << " in AcceptHandles"; return false; @@ -787,9 +815,9 @@ bool Channel::ChannelImpl::TransferHandles(Message& msg) { CHROMIUM_LOG(ERROR) << "other_process_ is invalid in TransferHandles"; return false; } - if (!::DuplicateHandle(GetCurrentProcess(), handle, other_process_, - &handle, 0, FALSE, - DUPLICATE_SAME_ACCESS | DUPLICATE_CLOSE_SOURCE)) { + if (!::DuplicateRealHandle( + GetCurrentProcess(), handle, other_process_, &handle, 0, FALSE, + DUPLICATE_SAME_ACCESS | DUPLICATE_CLOSE_SOURCE)) { CHROMIUM_LOG(ERROR) << "DuplicateHandle failed for handle " << handle << " in TransferHandles"; return false; View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/2299557… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/2299557… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag mb-14.0.8-build1
by morgan (＠morgan) 26 Mar '25

26 Mar '25

morgan pushed new tag mb-14.0.8-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/mb-… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag tbb-14.0.8-build1
by morgan (＠morgan) 26 Mar '25

26 Mar '25

morgan pushed new tag tbb-14.0.8-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/tbb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-14.0] Prepare Tor,Mullvad Browser 14.0.8 (Windows only)
by morgan (＠morgan) 26 Mar '25

26 Mar '25

morgan pushed to branch maint-14.0 at The Tor Project / Applications / tor-browser-build Commits: e6c2f5cd by Morgan at 2025-03-26T21:47:20+00:00 Prepare Tor,Mullvad Browser 14.0.8 (Windows only) - - - - - 4 changed files: - projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt - projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt - projects/firefox/config - rbm.conf Changes: ===================================== projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt ===================================== @@ -1,3 +1,13 @@ +Mullvad Browser 14.0.8 - March 27 2025 + * Windows + * Bug 404: Incorrect information in `about:rights` [mullvad-browser] + * Bug 43592: Backport security fixes from Firefox 128.8.1esr [tor-browser] + * Build System + * Windows + * Bug 41375: Backport Bug 41374+40799: Remove support for migrate_archs and migrate_langs in update_responses + Remove legacy locale iteration in update-responses and dmg2mar [tor-browser-build] + * Bug 41378: Backport Bug 41363: Make separate update_responses commit for each platform [tor-browser-build] + * Bug 41383: Add clairehurst to list of accepted firefox/geckoview signers [tor-browser-build] + Mullvad Browser 14.0.7 - March 04 2025 * All Platforms * Updated Firefox to 128.8.0esr ===================================== projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt ===================================== @@ -1,3 +1,15 @@ +Tor Browser 14.0.8 - March 27 2025 + * Windows + * Bug 43553: Backport tor-browser#43504: Implement User Survey UX (Desktop) [tor-browser] + * Bug 43592: Backport security fixes from Firefox 128.8.1esr [tor-browser] + * Build System + * Windows + * Bug 41375: Backport Bug 41374+40799: Remove support for migrate_archs and migrate_langs in update_responses + Remove legacy locale iteration in update-responses and dmg2mar [tor-browser-build] + * Bug 41383: Add clairehurst to list of accepted firefox/geckoview signers [tor-browser-build] + * Bug 41384: OpenSSL hash files have changed format [tor-browser-build] + * Bug 41399: Update snowflake to 2.11.0 and lyrebird to 0.6.0 [tor-browser-build] + * Bug 41378: Backport Bug 41363: Make separate update_responses commit for each platform [tor-browser-build] + Tor Browser 14.0.7 - March 04 2025 * All Platforms * Updated OpenSSL to 3.0.16 ===================================== projects/firefox/config ===================================== @@ -20,7 +20,7 @@ var: browser_series: '14.0' browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' - browser_build: 2 + browser_build: 3 branding_directory_prefix: 'tb' copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-[% c("var/osname") %]' ===================================== rbm.conf ===================================== @@ -73,22 +73,22 @@ buildconf: git_signtag_opt: '-s' var: - torbrowser_version: '14.0.7' - torbrowser_build: 'build2' + torbrowser_version: '14.0.8' + torbrowser_build: 'build1' # This should be the date of when the build is started. For the build # to be reproducible, browser_release_date should always be in the past. - browser_release_date: '2025/03/03 09:37:02' + browser_release_date: '2025/03/26 21:32:35' browser_release_date_timestamp: '[% USE date; date.format(c("var/browser_release_date"), "%s") %]' updater_enabled: 1 build_mar: 1 torbrowser_incremental_from: + - 14.0.7 - '[% IF c("var/tor-browser") %]14.0.6[% END %]' - 14.0.5 - - 14.0.4 - - '[% IF c("var/mullvad-browser") %]14.0.3[% END %]' + - '[% IF c("var/mullvad-browser") %]14.0.4[% END %]' mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]' - torbrowser_legacy_version: 13.5.13 + torbrowser_legacy_version: 13.5.14 torbrowser_legacy_platform_version: 115.21.0 # By default, we sort the list of installed packages. This allows sharing View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/e… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/e… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-128.8.0esr-14.0-1] Bug 1956398 - Avoid duplicating pseudo-handles in ipc_channel_win.cc. r=nika a=RyanVM
by morgan (＠morgan) 26 Mar '25

26 Mar '25

morgan pushed to branch mullvad-browser-128.8.0esr-14.0-1 at The Tor Project / Applications / Mullvad Browser Commits: d922b3f0 by Yannis Juglaret at 2025-03-26T20:48:42+00:00 Bug 1956398 - Avoid duplicating pseudo-handles in ipc_channel_win.cc. r=nika a=RyanVM Differential Revision: https://phabricator.services.mozilla.com/D243135 - - - - - 1 changed file: - ipc/chromium/src/chrome/common/ipc_channel_win.cc Changes: ===================================== ipc/chromium/src/chrome/common/ipc_channel_win.cc ===================================== @@ -30,6 +30,34 @@ using namespace mozilla::ipc; +namespace { + +// This logic is borrowed from Chromium's `base/win/win_util.h`. It allows us +// to distinguish pseudo-handle values, such as returned by GetCurrentProcess() +// (-1), GetCurrentThread() (-2), and potentially more. The code there claims +// that fuzzers have found issues up until -12 with DuplicateHandle. +// +// https://source.chromium.org/chromium/chromium/src/+/36dbbf38697dd1e23ef8944… +inline bool IsPseudoHandle(HANDLE handle) { + auto handleValue = static_cast<int32_t>(reinterpret_cast<uintptr_t>(handle)); + return -12 <= handleValue && handleValue < 0; +} + +// A real handle is a handle that is not a pseudo-handle. Always preferably use +// this variant over ::DuplicateHandle. Only use stock ::DuplicateHandle if you +// explicitly need the ability to duplicate a pseudo-handle. +inline bool DuplicateRealHandle(HANDLE source_process, HANDLE source_handle, + HANDLE target_process, LPHANDLE target_handle, + DWORD desired_access, BOOL inherit_handle, + DWORD options) { + MOZ_RELEASE_ASSERT(!IsPseudoHandle(source_handle)); + return static_cast<bool>(::DuplicateHandle( + source_process, source_handle, target_process, target_handle, + desired_access, inherit_handle, options)); +} + +} // namespace + namespace IPC { //------------------------------------------------------------------------------ @@ -595,7 +623,7 @@ bool Channel::ChannelImpl::AcceptHandles(Message& msg) { nsTArray<mozilla::UniqueFileHandle> handles(num_handles); for (uint32_t handleValue : payload) { HANDLE ipc_handle = Uint32ToHandle(handleValue); - if (!ipc_handle || ipc_handle == INVALID_HANDLE_VALUE) { + if (!ipc_handle || IsPseudoHandle(ipc_handle)) { CHROMIUM_LOG(ERROR) << "Attempt to accept invalid or null handle from process " << other_pid_ << " for message " << msg.name() << " in AcceptHandles"; @@ -613,9 +641,10 @@ bool Channel::ChannelImpl::AcceptHandles(Message& msg) { CHROMIUM_LOG(ERROR) << "other_process_ is invalid in AcceptHandles"; return false; } - if (!::DuplicateHandle(other_process_, ipc_handle, GetCurrentProcess(), - getter_Transfers(local_handle), 0, FALSE, - DUPLICATE_SAME_ACCESS | DUPLICATE_CLOSE_SOURCE)) { + if (!DuplicateRealHandle( + other_process_, ipc_handle, GetCurrentProcess(), + getter_Transfers(local_handle), 0, FALSE, + DUPLICATE_SAME_ACCESS | DUPLICATE_CLOSE_SOURCE)) { DWORD err = GetLastError(); // Don't log out a scary looking error if this failed due to the target // process terminating. @@ -688,9 +717,9 @@ bool Channel::ChannelImpl::TransferHandles(Message& msg) { CHROMIUM_LOG(ERROR) << "other_process_ is invalid in TransferHandles"; return false; } - if (!::DuplicateHandle(GetCurrentProcess(), local_handle.get(), - other_process_, &ipc_handle, 0, FALSE, - DUPLICATE_SAME_ACCESS)) { + if (!DuplicateRealHandle(GetCurrentProcess(), local_handle.get(), + other_process_, &ipc_handle, 0, FALSE, + DUPLICATE_SAME_ACCESS)) { DWORD err = GetLastError(); // Don't log out a scary looking error if this failed due to the target // process terminating. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/d92… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/d92… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new tag mullvad-browser-128.8.0esr-14.0-1-build3
by morgan (＠morgan) 26 Mar '25

26 Mar '25

morgan pushed new tag mullvad-browser-128.8.0esr-14.0-1-build3 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-128.8.0esr-14.5-1] 2 commits: fixup! MB 39: Add home page about:mullvad-browser
by Pier Angelo Vendrame (＠pierov) 26 Mar '25

26 Mar '25

Pier Angelo Vendrame pushed to branch mullvad-browser-128.8.0esr-14.5-1 at The Tor Project / Applications / Mullvad Browser Commits: 4ac56788 by Henry Wilkes at 2025-03-24T13:40:55+00:00 fixup! MB 39: Add home page about:mullvad-browser MB 410: Update learn more link text. - - - - - c4649816 by Henry Wilkes at 2025-03-24T13:40:56+00:00 fixup! Mullvad Browser strings MB 410: Update learn more link text. - - - - - 2 changed files: - browser/components/mullvad-browser/content/aboutMullvadBrowser.html - toolkit/locales/en-US/toolkit/global/mullvad-browser.ftl Changes: ===================================== browser/components/mullvad-browser/content/aboutMullvadBrowser.html ===================================== @@ -72,7 +72,7 @@ <a data-l10n-name="with-vpn-link" href="https://mullvad.net"></a> - + <a data-l10n-name="learn-more-link" href="https://mullvad.net/browser" ===================================== toolkit/locales/en-US/toolkit/global/mullvad-browser.ftl ===================================== @@ -15,7 +15,7 @@ mullvad-about-telemetryLink = Telemetry about-mullvad-browser-developed-by = Developed in collaboration between the <a data-l10n-name="tor-project-link">Tor Project</a> and <a data-l10n-name="mullvad-vpn-link">Mullvad VPN</a> about-mullvad-browser-use-vpn = Get more privacy by using the browser <a data-l10n-name="with-vpn-link">with Mullvad VPN</a>. -about-mullvad-browser-learn-more = Curious to learn more about the browser? <a data-l10n-name="learn-more-link">Take a dive into the mole hole</a>. +about-mullvad-browser-learn-more2 = Curious to learn more about the browser? <a data-l10n-name="learn-more-link">Read more on our website</a>. # Update message. # <a data-l10n-name="update-link"> should contain the link text and close with </a>. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/77… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/77… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Deleted tag mullvad-browser-128.8.0esr-14.5-1-build4
by morgan (＠morgan) 26 Mar '25

26 Mar '25

morgan deleted tag mullvad-browser-128.8.0esr-14.5-1-build4 at The Tor Project / Applications / Mullvad Browser -- You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-128.8.0esr-14.5-1] Deleted 2 commits: fixup! MB 39: Add home page about:mullvad-browser
by morgan (＠morgan) 26 Mar '25

26 Mar '25

morgan pushed to branch mullvad-browser-128.8.0esr-14.5-1 at The Tor Project / Applications / Mullvad Browser WARNING: The push did not contain any new commits, but force pushed to delete the commits and changes below. Deleted commits: 4ac56788 by Henry Wilkes at 2025-03-24T13:40:55+00:00 fixup! MB 39: Add home page about:mullvad-browser MB 410: Update learn more link text. - - - - - c4649816 by Henry Wilkes at 2025-03-24T13:40:56+00:00 fixup! Mullvad Browser strings MB 410: Update learn more link text. - - - - - 2 changed files: - browser/components/mullvad-browser/content/aboutMullvadBrowser.html - toolkit/locales/en-US/toolkit/global/mullvad-browser.ftl Changes: ===================================== browser/components/mullvad-browser/content/aboutMullvadBrowser.html ===================================== @@ -72,7 +72,7 @@ <a data-l10n-name="with-vpn-link" href="https://mullvad.net"></a> - + <a data-l10n-name="learn-more-link" href="https://mullvad.net/browser" ===================================== toolkit/locales/en-US/toolkit/global/mullvad-browser.ftl ===================================== @@ -15,7 +15,7 @@ mullvad-about-telemetryLink = Telemetry about-mullvad-browser-developed-by = Developed in collaboration between the <a data-l10n-name="tor-project-link">Tor Project</a> and <a data-l10n-name="mullvad-vpn-link">Mullvad VPN</a> about-mullvad-browser-use-vpn = Get more privacy by using the browser <a data-l10n-name="with-vpn-link">with Mullvad VPN</a>. -about-mullvad-browser-learn-more = Curious to learn more about the browser? <a data-l10n-name="learn-more-link">Take a dive into the mole hole</a>. +about-mullvad-browser-learn-more2 = Curious to learn more about the browser? <a data-l10n-name="learn-more-link">Read more on our website</a>. # Update message. # <a data-l10n-name="update-link"> should contain the link text and close with </a>. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/77… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/77… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new tag mullvad-browser-128.8.0esr-14.5-1-build4
by morgan (＠morgan) 26 Mar '25

26 Mar '25

morgan pushed new tag mullvad-browser-128.8.0esr-14.5-1-build4 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-128.8.0esr-14.0-1-build3
by morgan (＠morgan) 26 Mar '25

26 Mar '25

morgan pushed new tag tor-browser-128.8.0esr-14.0-1-build3 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.8.0esr-14.0-1] Bug 1956398 - Avoid duplicating pseudo-handles in ipc_channel_win.cc. r=nika a=RyanVM
by morgan (＠morgan) 26 Mar '25

26 Mar '25

morgan pushed to branch tor-browser-128.8.0esr-14.0-1 at The Tor Project / Applications / Tor Browser Commits: cb0f7b5c by Yannis Juglaret at 2025-03-26T20:28:42+00:00 Bug 1956398 - Avoid duplicating pseudo-handles in ipc_channel_win.cc. r=nika a=RyanVM Differential Revision: https://phabricator.services.mozilla.com/D243135 - - - - - 1 changed file: - ipc/chromium/src/chrome/common/ipc_channel_win.cc Changes: ===================================== ipc/chromium/src/chrome/common/ipc_channel_win.cc ===================================== @@ -30,6 +30,34 @@ using namespace mozilla::ipc; +namespace { + +// This logic is borrowed from Chromium's `base/win/win_util.h`. It allows us +// to distinguish pseudo-handle values, such as returned by GetCurrentProcess() +// (-1), GetCurrentThread() (-2), and potentially more. The code there claims +// that fuzzers have found issues up until -12 with DuplicateHandle. +// +// https://source.chromium.org/chromium/chromium/src/+/36dbbf38697dd1e23ef8944… +inline bool IsPseudoHandle(HANDLE handle) { + auto handleValue = static_cast<int32_t>(reinterpret_cast<uintptr_t>(handle)); + return -12 <= handleValue && handleValue < 0; +} + +// A real handle is a handle that is not a pseudo-handle. Always preferably use +// this variant over ::DuplicateHandle. Only use stock ::DuplicateHandle if you +// explicitly need the ability to duplicate a pseudo-handle. +inline bool DuplicateRealHandle(HANDLE source_process, HANDLE source_handle, + HANDLE target_process, LPHANDLE target_handle, + DWORD desired_access, BOOL inherit_handle, + DWORD options) { + MOZ_RELEASE_ASSERT(!IsPseudoHandle(source_handle)); + return static_cast<bool>(::DuplicateHandle( + source_process, source_handle, target_process, target_handle, + desired_access, inherit_handle, options)); +} + +} // namespace + namespace IPC { //------------------------------------------------------------------------------ @@ -595,7 +623,7 @@ bool Channel::ChannelImpl::AcceptHandles(Message& msg) { nsTArray<mozilla::UniqueFileHandle> handles(num_handles); for (uint32_t handleValue : payload) { HANDLE ipc_handle = Uint32ToHandle(handleValue); - if (!ipc_handle || ipc_handle == INVALID_HANDLE_VALUE) { + if (!ipc_handle || IsPseudoHandle(ipc_handle)) { CHROMIUM_LOG(ERROR) << "Attempt to accept invalid or null handle from process " << other_pid_ << " for message " << msg.name() << " in AcceptHandles"; @@ -613,9 +641,10 @@ bool Channel::ChannelImpl::AcceptHandles(Message& msg) { CHROMIUM_LOG(ERROR) << "other_process_ is invalid in AcceptHandles"; return false; } - if (!::DuplicateHandle(other_process_, ipc_handle, GetCurrentProcess(), - getter_Transfers(local_handle), 0, FALSE, - DUPLICATE_SAME_ACCESS | DUPLICATE_CLOSE_SOURCE)) { + if (!DuplicateRealHandle( + other_process_, ipc_handle, GetCurrentProcess(), + getter_Transfers(local_handle), 0, FALSE, + DUPLICATE_SAME_ACCESS | DUPLICATE_CLOSE_SOURCE)) { DWORD err = GetLastError(); // Don't log out a scary looking error if this failed due to the target // process terminating. @@ -688,9 +717,9 @@ bool Channel::ChannelImpl::TransferHandles(Message& msg) { CHROMIUM_LOG(ERROR) << "other_process_ is invalid in TransferHandles"; return false; } - if (!::DuplicateHandle(GetCurrentProcess(), local_handle.get(), - other_process_, &ipc_handle, 0, FALSE, - DUPLICATE_SAME_ACCESS)) { + if (!DuplicateRealHandle(GetCurrentProcess(), local_handle.get(), + other_process_, &ipc_handle, 0, FALSE, + DUPLICATE_SAME_ACCESS)) { DWORD err = GetLastError(); // Don't log out a scary looking error if this failed due to the target // process terminating. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/cb0f7b5… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/cb0f7b5… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41365: Indent download*.json files
by morgan (＠morgan) 26 Mar '25

26 Mar '25

morgan pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: b1128a7e by Nicolas Vigier at 2025-03-26T17:14:40+00:00 Bug 41365: Indent download*.json files - - - - - 1 changed file: - tools/update-responses/update_responses Changes: ===================================== tools/update-responses/update_responses ===================================== @@ -465,11 +465,11 @@ sub write_downloads_json { downloads => get_version_downloads($config, $version), }; write_htdocs($channel, '.', 'downloads.json', - JSON->new->utf8->canonical->encode($data)); + JSON->new->utf8->canonical->pretty->encode($data)); my $pp_downloads = get_perplatform_downloads($config, $version, $tag); foreach my $os (keys %{$pp_downloads}) { write_htdocs($channel, '.', "download-$os.json", - JSON->new->utf8->canonical->encode($pp_downloads->{$os})); + JSON->new->utf8->canonical->pretty->encode($pp_downloads->{$os})); } } View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/b… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/b… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.8.0esr-14.5-1] 2 commits: fixup! TB 41878: [android] Add standalone Tor Bootstrap
by Pier Angelo Vendrame (＠pierov) 26 Mar '25

26 Mar '25

Pier Angelo Vendrame pushed to branch tor-browser-128.8.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 7db308d0 by Pier Angelo Vendrame at 2025-03-25T19:28:43+01:00 fixup! TB 41878: [android] Add standalone Tor Bootstrap TBB 41407: Use Lyrebird also for Snowflake. TBB 41410: Use the libLyrebird.so name. - - - - - 14f451f7 by Pier Angelo Vendrame at 2025-03-26T12:32:40+01:00 fixup! TB 40597: Implement TorSettings module Sync pt_config.json after tor-browser-build#41407. - - - - - 2 changed files: - mobile/android/fenix/app/src/main/assets/common/torrc-defaults - toolkit/content/pt_config.json Changes: ===================================== mobile/android/fenix/app/src/main/assets/common/torrc-defaults ===================================== @@ -4,6 +4,5 @@ AvoidDiskWrites 1 Log notice stdout CookieAuthentication 1 DormantCanceledByStartup 1 -ClientTransportPlugin meek_lite,obfs2,obfs3,obfs4,scramblesuit,webtunnel exec ./libObfs4proxy.so -ClientTransportPlugin snowflake exec ./libSnowflake.so +ClientTransportPlugin meek_lite,obfs2,obfs3,obfs4,scramblesuit,snowflake,webtunnel exec ./libLyrebird.so ClientTransportPlugin conjure exec ./libConjure.so -registerURL https://registration.refraction.network/api ===================================== toolkit/content/pt_config.json ===================================== @@ -1,14 +1,12 @@ { - "_comment": "Used for dev build, replaced for release builds in tor-browser-build. This file is copied from tor-browser-build 4ffa9e31:projects/tor-expert-bundle/pt_config.json", + "_comment": "Used for dev build, replaced for release builds in tor-browser-build. This file is copied from tor-browser-build efdc0f34475ac8e4df241d3c8ff7253e8470019f:projects/tor-expert-bundle/pt_config.json", "recommendedDefault" : "obfs4", "pluggableTransports" : { - "lyrebird" : "ClientTransportPlugin meek_lite,obfs2,obfs3,obfs4,scramblesuit,webtunnel exec ${pt_path}lyrebird${pt_extension}", - "snowflake" : "ClientTransportPlugin snowflake exec ${pt_path}snowflake-client${pt_extension}", + "lyrebird" : "ClientTransportPlugin meek_lite,obfs2,obfs3,obfs4,scramblesuit,snowflake,webtunnel exec ${pt_path}lyrebird${pt_extension}", "conjure" : "ClientTransportPlugin conjure exec ${pt_path}conjure-client${pt_extension} -registerURL https://registration.refraction.network/api" }, "bridges" : { "meek-azure" : [ - "meek_lite 192.0.2.18:80 BE776A53492E1E044A26F17306E1BC46A55A1625 url=https://meek.azureedge.net/ front=ajax.aspnetcdn.com", "meek_lite 192.0.2.20:80 url=https://1314488750.rsc.cdn77.org front=www.phpmyadmin.net utls=HelloRandomizedALPN" ], "obfs4" : [ View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/8fe2d6… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/8fe2d6… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] 2 commits: Bug 41407: Use Lyrebird for the Snowflake transport.
by Pier Angelo Vendrame (＠pierov) 26 Mar '25

26 Mar '25

Pier Angelo Vendrame pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: efdc0f34 by Pier Angelo Vendrame at 2025-03-26T12:21:51+01:00 Bug 41407: Use Lyrebird for the Snowflake transport. - - - - - 912bbd1d by Pier Angelo Vendrame at 2025-03-26T12:21:52+01:00 Bug 41410: Use the Lyrebird name on Android. We were still using the libObfs4proxy.so name for compatibility with the legacy Tor integration. However, this was deleted some time ago, so we can switch to the Lyrebird name. - - - - - 8 changed files: - − projects/browser/Bundle-Data/Docs-TBB/Licenses/PluggableTransports/LICENSE.SNOWFLAKE - projects/browser/build - − projects/snowflake/README.md - − projects/snowflake/build - − projects/snowflake/config - projects/tor-expert-bundle/build - projects/tor-expert-bundle/config - projects/tor-expert-bundle/pt_config.json Changes: ===================================== projects/browser/Bundle-Data/Docs-TBB/Licenses/PluggableTransports/LICENSE.SNOWFLAKE deleted ===================================== @@ -1,32 +0,0 @@ - This file contains the license for "Snowflake" - a free software project which provides a WebRTC pluggable transport. - -================================================================================ -Copyright (c) 2016, Serene Han, Arlo Breault -All rights reserved. - -Redistribution and use in source and binary forms, with or without modification, -are permitted provided that the following conditions are met: - - * Redistributions of source code must retain the above copyright notice, this -list of conditions and the following disclaimer. - - * Redistributions in binary form must reproduce the above copyright notice, -this list of conditions and the following disclaimer in the documentation and/or -other materials provided with the distribution. - - * Neither the names of the copyright owners nor the names of its -contributors may be used to endorse or promote products derived from this -software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR -ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON -ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -================================================================================ ===================================== projects/browser/build ===================================== @@ -108,9 +108,7 @@ mv [% c('input_files_by_name/noscript') %] "$TBDIR/$EXTSPATH/{73a6fe31-595d-460b [% END -%] # Move READMEs from tor-expert-bundle to the doc dir - mkdir -p "$TBDIR/$DOCSPATH/snowflake" [% IF c("var/macos_universal") %]"$TBDIR_AARCH64/$DOCSPATH/snowflake"[% END %] mkdir -p "$TBDIR/$DOCSPATH/conjure" [% IF c("var/macos_universal") %]"$TBDIR_AARCH64/$DOCSPATH/conjure"[% END %] - mv_tbdir tor/pluggable_transports/README.SNOWFLAKE.md "$DOCSPATH/snowflake/README.md" mv_tbdir tor/pluggable_transports/README.CONJURE.md "$DOCSPATH/conjure/README.md" # Move the PTs to where TB expects them ===================================== projects/snowflake/README.md deleted ===================================== @@ -1,7 +0,0 @@ -This is the Snowflake pluggable transport. - -# Vendored dependencies - -Snowflake is written in Go, and we version the expected hash of the vendored -dependencies. Please refer to `doc/how-to-update-go-dependencies.txt` for -further information on how we manage dependencies of Go projects. ===================================== projects/snowflake/build deleted ===================================== @@ -1,31 +0,0 @@ -#!/bin/bash -[% c("var/set_default_env") -%] -[% pc('go', 'var/setup', { go_tarfile => c('input_files_by_name/go') }) %] -distdir=/var/tmp/dist/[% project %] -mkdir -p $distdir - -[% IF c("var/android") -%] - [% pc(c('var/compiler'), 'var/setup', { compiler_tarfile => c('input_files_by_name/' _ c('var/compiler')) }) %] - # We need to explicitly set CGO_ENABLED with Go 1.13.x as the Android build - # breaks otherwise. - export CGO_ENABLED=1 -[% END -%] - -mkdir -p /var/tmp/build -tar -C /var/tmp/build -xf [% project %]-[% c('version') %].tar.[% c('compress_tar') %] -cd /var/tmp/build/[% project %]-[% c('version') %] - -tar -xf $rootdir/[% c('input_files_by_name/go_vendor') %] - -cd client -go build -ldflags '-s[% IF c("var/android") %] -checklinkname=0[% END %]' -tags 'nopshufb,noasm,packetioSizeHardlimit,purego,safe,appengine,disableunsafe' -cp -a client[% IF c("var/windows") %].exe[% END %] $distdir/snowflake-client[% IF c("var/windows") %].exe[% END %] - -cd .. -cp -a README.md $distdir/README.SNOWFLAKE.md - -cd $distdir -[% c('tar', { - tar_src => [ '.' ], - tar_args => '-caf ' _ dest_dir _ '/' _ c('filename'), - }) %] ===================================== projects/snowflake/config deleted ===================================== @@ -1,38 +0,0 @@ -# vim: filetype=yaml sw=2 -version: '2.11.0' -git_url: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… -git_hash: 'v[% c("version") %]' -gpg_keyring: anti-censorship.gpg -tag_gpg_id: 1 - -container: - use_container: 1 - -var: - go_vendor_sha256sum: 4c21a75c2fd0997a13fc5bb99991ff2c7149fb2342b857b06c70a18c4cb2ac89 - -targets: - nightly: - git_hash: main - version: '[% c("abbrev") %]' - tag_gpg_id: 0 - var: - go_vendor_sha256sum: '' - -steps: - build: - filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' - input_files: - - project: container-image - - name: go - project: go - - name: '[% c("var/compiler") %]' - project: '[% c("var/compiler") %]' - enable: '[% c("var/android") %]' - - name: go_vendor - pkg_type: go_vendor - project: snowflake - norec: - sha256sum: '[% c("var/go_vendor_sha256sum") %]' - target_replace: - '^torbrowser-(?!testbuild).*': 'torbrowser-linux-x86_64' ===================================== projects/tor-expert-bundle/build ===================================== @@ -14,7 +14,6 @@ cd tor mkdir pluggable_transports && cd pluggable_transports tar -xkf $rootdir/[% c('input_files_by_name/lyrebird') %] -tar -xkf $rootdir/[% c('input_files_by_name/snowflake') %] [% IF c('input_files_by_name/conjure') -%] tar -xkf $rootdir/[% c('input_files_by_name/conjure') %] [% END -%] @@ -35,8 +34,7 @@ cd $distdir mkdir -p aar/assets/common cp -a tor/libTor.so aar/jni/$abi/ - cp -a tor/pluggable_transports/lyrebird aar/jni/$abi/libObfs4proxy.so - cp -a tor/pluggable_transports/snowflake-client aar/jni/$abi/libSnowflake.so + cp -a tor/pluggable_transports/lyrebird aar/jni/$abi/libLyrebird.so [% IF c('input_files_by_name/conjure') -%] cp -a tor/pluggable_transports/conjure-client aar/jni/$abi/libConjure.so [% END -%] ===================================== projects/tor-expert-bundle/config ===================================== @@ -16,8 +16,6 @@ input_files: project: tor - name: lyrebird project: lyrebird - - name: snowflake - project: snowflake - name: conjure project: conjure enable: '[% !c("var/android-x86") && !c("var/android-x86_64") %]' ===================================== projects/tor-expert-bundle/pt_config.json ===================================== @@ -1,8 +1,7 @@ { "recommendedDefault" : "obfs4", "pluggableTransports" : { - "lyrebird" : "ClientTransportPlugin meek_lite,obfs2,obfs3,obfs4,scramblesuit,webtunnel exec ${pt_path}lyrebird${pt_extension}", - "snowflake" : "ClientTransportPlugin snowflake exec ${pt_path}snowflake-client${pt_extension}", + "lyrebird" : "ClientTransportPlugin meek_lite,obfs2,obfs3,obfs4,scramblesuit,snowflake,webtunnel exec ${pt_path}lyrebird${pt_extension}", "conjure" : "ClientTransportPlugin conjure exec ${pt_path}conjure-client${pt_extension} -registerURL https://registration.refraction.network/api" }, "bridges" : { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] 3 commits: Bug 41406: Remove the browser-all-target target (unused)
by boklm (＠boklm) 26 Mar '25

26 Mar '25

boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: c60ebc0d by Nicolas Vigier at 2025-03-26T11:15:29+01:00 Bug 41406: Remove the browser-all-target target (unused) - - - - - 7b70ee42 by Nicolas Vigier at 2025-03-26T12:04:33+01:00 Bug 41406: Restore -desktop and -android Makefile targets - - - - - a74ebd9f by Nicolas Vigier at 2025-03-26T12:04:34+01:00 Bug 41406: Update README and doc/MAKEFILE.txt for makefile changes - - - - - 4 changed files: - Makefile - README - doc/MAKEFILE.txt - projects/release/config Changes: ===================================== Makefile ===================================== @@ -17,6 +17,12 @@ torbrowser: submodule-update torbrowser-release: submodule-update $(rbm) build release --target release --target browser-all --target torbrowser +torbrowser-release-desktop: submodule-update + $(rbm) build release --target release --target browser-all-desktop --target torbrowser + +torbrowser-release-android: submodule-update + $(rbm) build release --target release --target browser-all-android --target torbrowser + torbrowser-release-android-armv7: submodule-update $(rbm) build release --target release --target browser-single-platform --target browser-android-armv7 --target torbrowser @@ -56,6 +62,12 @@ torbrowser-release-src: submodule-update torbrowser-alpha: submodule-update $(rbm) build release --target alpha --target browser-all --target torbrowser +torbrowser-alpha-desktop: submodule-update + $(rbm) build release --target alpha --target browser-all-desktop --target torbrowser + +torbrowser-alpha-android: submodule-update + $(rbm) build release --target alpha --target browser-all-android --target torbrowser + torbrowser-alpha-android-armv7: submodule-update $(rbm) build release --target alpha --target browser-single-platform --target browser-android-armv7 --target torbrowser @@ -95,6 +107,12 @@ torbrowser-alpha-src: submodule-update torbrowser-nightly: submodule-update $(rbm) build release --target nightly --target browser-all --target torbrowser +torbrowser-nightly-desktop: submodule-update + $(rbm) build release --target nightly --target browser-all-desktop --target torbrowser + +torbrowser-nightly-android: submodule-update + $(rbm) build release --target nightly --target browser-all-android --target torbrowser + torbrowser-nightly-android-armv7: submodule-update $(rbm) build release --target nightly --target browser-single-platform --target browser-android-armv7 --target torbrowser @@ -134,6 +152,12 @@ torbrowser-nightly-src: submodule-update torbrowser-testbuild: submodule-update $(rbm) build release --target testbuild --target browser-all --target torbrowser +torbrowser-testbuild-desktop: submodule-update + $(rbm) build release --target testbuild --target browser-all-desktop --target torbrowser + +torbrowser-testbuild-android: submodule-update + $(rbm) build release --target testbuild --target browser-all-android --target torbrowser + torbrowser-testbuild-android-armv7: submodule-update $(rbm) build release --target testbuild --target browser-single-platform --target browser-android-armv7 --target torbrowser ===================================== README ===================================== @@ -101,8 +101,14 @@ the subuid(5) and subgid(5) man pages. Starting a build ---------------- -To start a build, run one of the following commands, depending on the -channel you want to build: +To start a build, run the following command, to build the default +channel (which should be `alpha` on the main branch, and `release` on +the maint-* branches, as defined in var/browser_default_channel): + + $ make torbrowser + +If you want to build an other channel, you can also use one of the +following commands: $ make torbrowser-release $ make torbrowser-alpha @@ -134,9 +140,9 @@ mar file will be created. If you want to base your testbuild on the latest nightly code insted, rename rbm.local.conf.example to rbm.local.conf and adapt the torbrowser-testbuild option accordingly. -Similar makefile targets exist for building Base Browser and Privacy Browser +Similar makefile targets exist for building Base Browser and Mullvad Browser instead of Tor Browser. To build Base Browser, replace `torbrowser` by -`basebrowser` in the target name. For Privacy Browser, use `privacybrowser`. +`basebrowser` in the target name. For Mullvad Browser, use `mullvadbrowser`. Updating git sources ===================================== doc/MAKEFILE.txt ===================================== @@ -1,11 +1,18 @@ Description of makefile rules ============================= +torbrowser +---------- +Build Tor Browser for the default channel, defined in +var/browser_default_channel, and platforms, defined in +var/browser_platforms. After the build, this target also generates the +incrementals. torbrowser-release ------------------ -Build Tor Browser for the release channel, for all supported platforms. -The resulting build can be found in directory torbrowser/release/$version. +Build Tor Browser for the release channel, for all supported platforms +(defined in var/browser_platforms). The resulting build can be found in +directory torbrowser/release/$version. torbrowser-release-{linux-x86_64,linux-i686,windows-i686,macos, android-armv7, android-x86,android-x86_64, @@ -78,7 +85,7 @@ Base Browser. mullvadbrowser-* ---------------- The same rules for building Tor Browser also exist for building -Privacy Browser. +Mullvad Browser. fetch ----- ===================================== projects/release/config ===================================== @@ -14,7 +14,18 @@ var: targets: browser-all: - browser-src - - browser-all-target + browser-all-desktop: + var: + browser-src: '[% ! c("var/testbuild") %]' + browser_platforms: + is_android_release: 0 + is_desktop_release: 1 + browser-all-android: + var: + browser-src: '[% ! c("var/testbuild") %]' + browser_platforms: + is_android_release: 1 + is_desktop_release: 0 browser-single-platform: var: browser_platforms: @@ -79,9 +90,6 @@ targets: browser-src-testbuild: var: browser-src: 1 - browser-all-target: - var: - browser-all-target: 1 notarget: - torbrowser View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new tag mullvad-browser-128.9.0esr-14.0-1-build1
by Pier Angelo Vendrame (＠pierov) 26 Mar '25

26 Mar '25

Pier Angelo Vendrame pushed new tag mullvad-browser-128.9.0esr-14.0-1-build1 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-128.9.0esr-14.0-1] 24 commits: MB 38: Mullvad Browser configuration
by Dan Ballard (＠dan) 25 Mar '25

25 Mar '25

Dan Ballard pushed to branch mullvad-browser-128.9.0esr-14.0-1 at The Tor Project / Applications / Mullvad Browser Commits: 9f47b825 by Pier Angelo Vendrame at 2025-03-25T09:58:44+01:00 MB 38: Mullvad Browser configuration - - - - - 0248ed1a by Pier Angelo Vendrame at 2025-03-25T09:58:44+01:00 MB 1: Mullvad Browser branding See also: mullvad-browser#5: Product name and directory customization mullvad-browser#12: Create new branding directories and integrate Mullvad icons+branding mullvad-browser#14: Remove Default Built-in bookmarks mullvad-browser#35: Add custom PDF icons for Windows builds mullvad-browser#48: Replace Mozilla copyright and legal trademarks in mullvadbrowser.exe metadata mullvad-browser#51: Update trademark string mullvad-browser#104: Update shipped dll metadata copyright/licensing info mullvad-browser#107: Add alpha and nightly icons - - - - - 4e3d81d3 by Henry Wilkes at 2025-03-25T09:58:45+01:00 Mullvad Browser strings This commit adds strings needed by the following Mullvad Browser patches. - - - - - bc39bc43 by Pier Angelo Vendrame at 2025-03-25T09:58:45+01:00 MB 20: Allow packaged-addons in PBM. We install a few addons from the distribution directory, but they are not automatically enabled for PBM mode. This commit modifies the code that installs them to also add the PBM permission to the known ones. - - - - - f6a360cf by Pier Angelo Vendrame at 2025-03-25T09:58:45+01:00 MB 63: Customize some about pages for Mullvad Browser Also: mullvad-browser#57: Purge unneeded about: pages - - - - - e340d58c by Henry Wilkes at 2025-03-25T09:59:42+01:00 fixup! MB 63: Customize some about pages for Mullvad Browser MB 404: Use aboutRightsMullvad.xhtml in place of aboutRights.xhtml. - - - - - f1c4a970 by Pier Angelo Vendrame at 2025-03-25T09:59:42+01:00 MB 37: Customization for the about dialog - - - - - 8f07c29a by Henry Wilkes at 2025-03-25T09:59:42+01:00 MB 39: Add home page about:mullvad-browser - - - - - 3bffbd34 by hackademix at 2025-03-25T09:59:43+01:00 MB 97: Remove UI cues to install new extensions. - - - - - 5afa788f by hackademix at 2025-03-25T09:59:43+01:00 MB 47: uBlock Origin customization - - - - - 0673c953 by Pier Angelo Vendrame at 2025-03-25T09:59:43+01:00 MB 21: Disable the password manager This commit disables the about:login page and removes the "Login and Password" section of about:preferences. We do not do anything to the real password manager of Firefox, that is in toolkit: it contains C++ parts that make it difficult to actually prevent it from being built.. Finally, we modify the the function that opens about:login to report an error in the console so that we can quickly get a backtrace to the code that tries to use it. - - - - - 62b05dc9 by Pier Angelo Vendrame at 2025-03-25T09:59:43+01:00 MB 112: Updater customization for Mullvad Browser MB 71: Set the updater base URL to Mullvad domain - - - - - d6276db3 by Nicolas Vigier at 2025-03-25T09:59:44+01:00 MB 79: Add Mullvad Browser MAR signing keys MB 256: Add mullvad-browser nightly mar signing key - - - - - 87ccaafe by Pier Angelo Vendrame at 2025-03-25T09:59:44+01:00 MB 34: Hide unsafe and unwanted preferences UI about:preferences allow to override some of our defaults, that could be fingeprintable or have some other unwanted consequences. - - - - - 2bdfa2d5 by Pier Angelo Vendrame at 2025-03-25T09:59:44+01:00 MB 160: Disable the cookie exceptions button Besides disabling the "Delete on close checkbox", disable also the "Manage Exceptions" button when always using PBM. - - - - - cec77e0e by hackademix at 2025-03-25T09:59:44+01:00 MB 163: prevent uBlock Origin from being uninstalled/disabled - - - - - 55ac485c by Richard Pospesel at 2025-03-25T09:59:44+01:00 MB 188: Customize Gitlab Issue and Merge templates - - - - - 49dcf68c by rui hildt at 2025-03-25T09:59:45+01:00 MB 213: Customize the search engines list MB 328: Refactor the search engine patch. Upstream switched to a completely different search engine configuration between ESR 115 and ESR 128. We moved our configuration to a couple of JSON files that do not follow upstream's schemas, as they are overcomplicated for our needs. Also, we keep the old search engine extensions for now, as upstream also kept them, and planned of removing them with Bug 1885953. - - - - - 054a42a3 by Pier Angelo Vendrame at 2025-03-25T09:59:45+01:00 fixup! MB 213: Customize the search engines list MB 395: Make Leta the default search engine. - - - - - efd2d9c8 by hackademix at 2025-03-25T09:59:45+01:00 MB 214: Enable cross-tab identity leak protection in "quiet" mode - - - - - 55d94e06 by Pier Angelo Vendrame at 2025-03-25T09:59:45+01:00 MB 80: Enable Mullvad Browser as a default browser - - - - - 10ae1f8c by Pier Angelo Vendrame at 2025-03-25T09:59:46+01:00 MB 320: Temporarily disable WebRTC and WDBA on Windows. WebRTC should be re-enabled when tor-browser#42758 is resolved, and and the default browser agent when in general we make this feature work again. - - - - - dca5b269 by Henry Wilkes at 2025-03-25T09:59:46+01:00 MB 329: Customize toolbar for mullvad-browser. - - - - - 07034fc1 by Kershaw Chang at 2025-03-25T09:59:46+01:00 Bug 1910593 - Don't prefetch HTTPS RR if proxyDNS is enabled, r=necko-reviewers,valentin Differential Revision: https://phabricator.services.mozilla.com/D219528 - - - - - 265 changed files: - .gitlab/issue_templates/Emergency Security Issue.md - + .gitlab/issue_templates/Rebase Browser - Alpha.md - + .gitlab/issue_templates/Rebase Browser - Stable.md - .gitlab/merge_request_templates/default.md - browser/app/Makefile.in - browser/app/macbuild/Contents/Info.plist.in - browser/app/module.ver - browser/app/firefox.exe.manifest → browser/app/mullvadbrowser.exe.manifest - + browser/app/profile/000-mullvad-browser.js - browser/app/profile/001-base-profile.js - browser/base/content/aboutDialog.xhtml - browser/base/content/appmenu-viewcache.inc.xhtml - browser/base/content/browser-menubar.inc - browser/base/content/browser-places.js - browser/base/content/browser.js - browser/base/content/default-bookmarks.html - browser/base/content/nsContextMenu.js - browser/base/content/overrides/app-license.html - browser/base/content/pageinfo/pageInfo.xhtml - browser/base/content/utilityOverlay.js - browser/branding/branding-common.mozbuild - + browser/branding/mb-alpha/VisualElements_150.png - + browser/branding/mb-alpha/VisualElements_70.png - + browser/branding/mb-alpha/configure.sh - + browser/branding/mb-alpha/content/about-logo.png - + browser/branding/mb-alpha/content/about-logo.svg - + browser/branding/mb-alpha/content/about-logo(a)2x.png - + browser/branding/mb-alpha/content/about-wordmark.svg - + browser/branding/mb-alpha/content/about.png - + browser/branding/mb-alpha/content/aboutDialog.css - + browser/branding/mb-alpha/content/firefox-wordmark.svg - + browser/branding/mb-alpha/content/icon128.png - + browser/branding/mb-alpha/content/icon16.png - + browser/branding/mb-alpha/content/icon256.png - + browser/branding/mb-alpha/content/icon32.png - + browser/branding/mb-alpha/content/icon48.png - + browser/branding/mb-alpha/content/icon64.png - + browser/branding/mb-alpha/content/jar.mn - + browser/branding/mb-alpha/content/moz.build - + browser/branding/mb-alpha/default128.png - + browser/branding/mb-alpha/default16.png - + browser/branding/mb-alpha/default22.png - + browser/branding/mb-alpha/default24.png - + browser/branding/mb-alpha/default256.png - + browser/branding/mb-alpha/default32.png - + browser/branding/mb-alpha/default48.png - + browser/branding/mb-alpha/default64.png - + browser/branding/mb-alpha/document.icns - + browser/branding/mb-alpha/document.ico - + browser/branding/mb-alpha/document_pdf.ico - + browser/branding/mb-alpha/firefox.icns - + browser/branding/mb-alpha/firefox.ico - + browser/branding/mb-alpha/firefox.svg - + browser/branding/mb-alpha/locales/en-US/brand.ftl - + browser/branding/mb-alpha/locales/en-US/brand.properties - + browser/branding/mb-alpha/locales/jar.mn - + browser/branding/mb-alpha/locales/moz.build - + browser/branding/mb-alpha/moz.build - + browser/branding/mb-alpha/mullvadbrowser.VisualElementsManifest.xml - + browser/branding/mb-alpha/newtab.ico - + browser/branding/mb-alpha/newwindow.ico - + browser/branding/mb-alpha/pbmode.ico - + browser/branding/mb-alpha/pref/firefox-branding.js - + browser/branding/mb-nightly/VisualElements_150.png - + browser/branding/mb-nightly/VisualElements_70.png - + browser/branding/mb-nightly/configure.sh - + browser/branding/mb-nightly/content/about-logo.png - + browser/branding/mb-nightly/content/about-logo.svg - + browser/branding/mb-nightly/content/about-logo(a)2x.png - + browser/branding/mb-nightly/content/about-wordmark.svg - + browser/branding/mb-nightly/content/about.png - + browser/branding/mb-nightly/content/aboutDialog.css - + browser/branding/mb-nightly/content/firefox-wordmark.svg - + browser/branding/mb-nightly/content/icon128.png - + browser/branding/mb-nightly/content/icon16.png - + browser/branding/mb-nightly/content/icon256.png - + browser/branding/mb-nightly/content/icon32.png - + browser/branding/mb-nightly/content/icon48.png - + browser/branding/mb-nightly/content/icon64.png - + browser/branding/mb-nightly/content/jar.mn - + browser/branding/mb-nightly/content/moz.build - + browser/branding/mb-nightly/default128.png - + browser/branding/mb-nightly/default16.png - + browser/branding/mb-nightly/default22.png - + browser/branding/mb-nightly/default24.png - + browser/branding/mb-nightly/default256.png - + browser/branding/mb-nightly/default32.png - + browser/branding/mb-nightly/default48.png - + browser/branding/mb-nightly/default64.png - + browser/branding/mb-nightly/document.icns - + browser/branding/mb-nightly/document.ico - + browser/branding/mb-nightly/document_pdf.ico - + browser/branding/mb-nightly/firefox.icns - + browser/branding/mb-nightly/firefox.ico - + browser/branding/mb-nightly/firefox.svg - + browser/branding/mb-nightly/locales/en-US/brand.ftl - + browser/branding/mb-nightly/locales/en-US/brand.properties - + browser/branding/mb-nightly/locales/jar.mn - + browser/branding/mb-nightly/locales/moz.build - + browser/branding/mb-nightly/moz.build - + browser/branding/mb-nightly/mullvadbrowser.VisualElementsManifest.xml - + browser/branding/mb-nightly/newtab.ico - + browser/branding/mb-nightly/newwindow.ico - + browser/branding/mb-nightly/pbmode.ico - + browser/branding/mb-nightly/pref/firefox-branding.js - + browser/branding/mb-release/VisualElements_150.png - + browser/branding/mb-release/VisualElements_70.png - + browser/branding/mb-release/configure.sh - + browser/branding/mb-release/content/about-logo.png - + browser/branding/mb-release/content/about-logo.svg - + browser/branding/mb-release/content/about-logo(a)2x.png - + browser/branding/mb-release/content/about-wordmark.svg - + browser/branding/mb-release/content/about.png - + browser/branding/mb-release/content/aboutDialog.css - + browser/branding/mb-release/content/firefox-wordmark.svg - + browser/branding/mb-release/content/icon128.png - + browser/branding/mb-release/content/icon16.png - + browser/branding/mb-release/content/icon256.png - + browser/branding/mb-release/content/icon32.png - + browser/branding/mb-release/content/icon48.png - + browser/branding/mb-release/content/icon64.png - + browser/branding/mb-release/content/jar.mn - + browser/branding/mb-release/content/moz.build - + browser/branding/mb-release/default128.png - + browser/branding/mb-release/default16.png - + browser/branding/mb-release/default22.png - + browser/branding/mb-release/default24.png - + browser/branding/mb-release/default256.png - + browser/branding/mb-release/default32.png - + browser/branding/mb-release/default48.png - + browser/branding/mb-release/default64.png - + browser/branding/mb-release/document.icns - + browser/branding/mb-release/document.ico - + browser/branding/mb-release/document_pdf.ico - + browser/branding/mb-release/firefox.icns - + browser/branding/mb-release/firefox.ico - + browser/branding/mb-release/firefox.svg - + browser/branding/mb-release/locales/en-US/brand.ftl - + browser/branding/mb-release/locales/en-US/brand.properties - + browser/branding/mb-release/locales/jar.mn - + browser/branding/mb-release/locales/moz.build - + browser/branding/mb-release/moz.build - + browser/branding/mb-release/mullvadbrowser.VisualElementsManifest.xml - + browser/branding/mb-release/newtab.ico - + browser/branding/mb-release/newwindow.ico - + browser/branding/mb-release/pbmode.ico - + browser/branding/mb-release/pref/firefox-branding.js - browser/components/BrowserContentHandler.sys.mjs - browser/components/BrowserGlue.sys.mjs - browser/components/about/AboutRedirector.cpp - browser/components/about/components.conf - browser/components/customizableui/CustomizableUI.sys.mjs - browser/components/moz.build - + browser/components/mullvad-browser/AboutMullvadBrowserChild.sys.mjs - + browser/components/mullvad-browser/AboutMullvadBrowserParent.sys.mjs - + browser/components/mullvad-browser/content/2728-sparkles.svg - + browser/components/mullvad-browser/content/aboutMullvadBrowser.css - + browser/components/mullvad-browser/content/aboutMullvadBrowser.js - + browser/components/mullvad-browser/content/aboutMullvadBrowser.xhtml - + browser/components/mullvad-browser/content/mullvadBrowserFont.css - + browser/components/mullvad-browser/jar.mn - + browser/components/mullvad-browser/moz.build - browser/components/newtab/AboutNewTabService.sys.mjs - browser/components/preferences/home.inc.xhtml - browser/components/preferences/main.js - browser/components/preferences/preferences.xhtml - browser/components/preferences/privacy.inc.xhtml - browser/components/preferences/privacy.js - browser/components/preferences/search.inc.xhtml - + browser/components/search/extensions/brave/favicon.svg - + browser/components/search/extensions/brave/manifest.json - + browser/components/search/extensions/ddg-html/favicon.ico - + browser/components/search/extensions/ddg-html/manifest.json - browser/components/search/extensions/ddg/manifest.json - + browser/components/search/extensions/metager/favicon.ico - + browser/components/search/extensions/metager/manifest.json - + browser/components/search/extensions/mojeek/favicon.ico - + browser/components/search/extensions/mojeek/manifest.json - + browser/components/search/extensions/mullvad-leta/favicon.svg - + browser/components/search/extensions/mullvad-leta/manifest.json - + browser/components/search/extensions/startpage/favicon.png - + browser/components/search/extensions/startpage/manifest.json - browser/components/shell/ShellService.sys.mjs - browser/components/shell/WindowsDefaultBrowser.cpp - browser/components/shell/nsWindowsShellService.cpp - browser/config/mozconfigs/base-browser - + browser/config/mozconfigs/mullvad-browser - browser/confvars.sh - browser/installer/package-manifest.in - browser/installer/windows/nsis/updater_append.ini - browser/modules/HomePage.sys.mjs - browser/moz.build - config/create_rc.py - devtools/client/aboutdebugging/src/actions/runtimes.js - devtools/client/aboutdebugging/src/components/sidebar/Sidebar.js - devtools/client/jar.mn - devtools/client/themes/images/aboutdebugging-firefox-aurora.svg - devtools/client/themes/images/aboutdebugging-firefox-beta.svg - devtools/client/themes/images/aboutdebugging-firefox-logo.svg - devtools/client/themes/images/aboutdebugging-firefox-nightly.svg - devtools/client/themes/images/aboutdebugging-firefox-release.svg - + devtools/client/themes/images/aboutdebugging-mullvadbrowser-logo.svg - docshell/base/nsAboutRedirector.cpp - docshell/build/components.conf - dom/chrome-webidl/NetDashboard.webidl - moz.configure - mozconfig-linux-aarch64 - mozconfig-linux-x86_64 - mozconfig-linux-x86_64-asan - mozconfig-linux-x86_64-dev - mozconfig-macos - mozconfig-macos-dev - mozconfig-windows-x86_64 - netwerk/base/Dashboard.cpp - netwerk/base/DashboardTypes.h - netwerk/dns/nsHostResolver.cpp - netwerk/protocol/http/nsHttp.cpp - netwerk/protocol/http/nsHttp.h - netwerk/protocol/http/nsHttpChannel.cpp - netwerk/protocol/http/nsHttpChannel.h - netwerk/protocol/http/nsHttpConnectionInfo.h - netwerk/protocol/http/nsHttpConnectionMgr.cpp - netwerk/protocol/http/nsHttpHandler.cpp - netwerk/protocol/http/nsHttpHandler.h - + netwerk/test/unit/test_proxyDNS_leak.js - netwerk/test/unit/xpcshell.toml - + other-licenses/nsis/Contrib/ApplicationID/Makefile - + other-licenses/nsis/Contrib/CityHash/Makefile - toolkit/components/extensions/child/ext-storage.js - toolkit/components/extensions/parent/ext-storage.js - toolkit/components/passwordmgr/LoginHelper.sys.mjs - toolkit/components/search/AppProvidedSearchEngine.sys.mjs - toolkit/components/search/SearchService.sys.mjs - + toolkit/components/search/content/brave.svg - + toolkit/components/search/content/duckduckgo.ico - + toolkit/components/search/content/metager.ico - + toolkit/components/search/content/mojeek.ico - + toolkit/components/search/content/mullvad-leta.svg - + toolkit/components/search/content/mullvadBrowserSearchEngineIcons.json - + toolkit/components/search/content/mullvadBrowserSearchEngines.json - + toolkit/components/search/content/startpage.png - + toolkit/components/search/jar.mn - toolkit/components/search/moz.build - toolkit/components/securitylevel/SecurityLevel.sys.mjs - toolkit/content/aboutNetworking.js - + toolkit/content/aboutRightsMullvad.xhtml - + toolkit/content/aboutTelemetryMullvad.xhtml - toolkit/content/jar.mn - toolkit/content/license.html - toolkit/content/widgets/moz-support-link/moz-support-link.mjs - + toolkit/locales/en-US/toolkit/global/mullvad-browser.ftl - toolkit/mozapps/defaultagent/EventLog.h - toolkit/mozapps/defaultagent/SetDefaultBrowser.cpp - toolkit/mozapps/extensions/AddonManager.sys.mjs - toolkit/mozapps/extensions/content/aboutaddons.css - toolkit/mozapps/extensions/internal/XPIDatabase.sys.mjs - toolkit/mozapps/extensions/internal/XPIProvider.sys.mjs - toolkit/mozapps/update/updater/nightly_aurora_level3_primary.der - toolkit/mozapps/update/updater/nightly_aurora_level3_secondary.der - toolkit/mozapps/update/updater/release_primary.der - toolkit/mozapps/update/updater/release_secondary.der - toolkit/xre/nsAppRunner.cpp - tools/lint/fluent-lint/exclusions.yml - widget/windows/WinTaskbar.cpp - widget/windows/moz.build The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/75… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/75… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41400: Add our localization to GeckoView.
by Pier Angelo Vendrame (＠pierov) 25 Mar '25

25 Mar '25

Pier Angelo Vendrame pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 6257416f by Pier Angelo Vendrame at 2025-03-25T18:07:01+01:00 Bug 41400: Add our localization to GeckoView. We need our branding files as not having them prevents us from debugging our official builds from about:debugging. Rather than duplicating the code for l10n (even more), in this commit we move the string files setup from firefox to a shared script. - - - - - 10 changed files: - + projects/common/browser-localization - projects/firefox/rename-branding-strings.py → projects/common/rename-branding-strings.py - projects/firefox/build - projects/firefox/config - projects/geckoview/build - projects/geckoview/build_ac_fenix - projects/geckoview/build_apk - projects/geckoview/build_common - projects/geckoview/config - rbm.conf Changes: ===================================== projects/common/browser-localization ===================================== @@ -0,0 +1,106 @@ +branding_dir=[% IF c('var/android') %]mobile/android[% ELSE %]browser[% END %]/branding/[% c("var/project_initials") %]-[% c("var/channel") %] + +[% IF c("var/has_l10n") -%] + [% IF !c("var/android") -%] + supported_locales="[% tmpl(c('var/locales').join(' ')) %]" + [% ELSE -%] + supported_locales="[% tmpl(c('var/locales_mobile').join(' ')).replace('-r', '-').replace('in', 'id').replace('iw', 'he') %]" + [% END %] + + l10ncentral="$HOME/.mozbuild/l10n-central" + mkdir "$l10ncentral" + [% IF c('input_files_by_name/firefox-l10n') -%] + for tarball in $rootdir/[% c('input_files_by_name/firefox-l10n') %]/*; do + tar -C "$l10ncentral" -xf "$tarball" + done + [% END -%] + + [% IF c('input_files_by_name/translation-base-browser') -%] + tar -C "$rootdir" -xf "$rootdir/[% c('input_files_by_name/translation-base-browser') %]" + pushd "$rootdir/translation-base-browser" + ln -s ja ja-JP-mac + for lang in $supported_locales; do + mv $lang/base-browser.ftl "$l10ncentral/$lang/toolkit/toolkit/global/" + done + popd + [% END -%] + + [% IF c('input_files_by_name/translation-tor-browser') -%] + tar -C "$rootdir" -xf "$rootdir/[% c('input_files_by_name/translation-tor-browser') %]" + + [%# + # For the purpose of Weblate, all releases share a single brand.ftl and + # brand.properties file per locale in the translations repository. + # See tor-browser-build#41372. + # In brand.ftl, both `-brand-short-name` and `-brand-full-name` should + # differ between releases. As such, they have additional entries in the + # translations repository file (Weblate): + # -brand-short-name for the stable release. + # -brand-short-name_alpha for the alpha release. + # -brand-short-name_nightly for the nightly release. + # And similarly for -brand-full-name. + # For the final build, we only want to keep the string that matches the + # built release, and remove its suffix if it has one. So for the stable + # release we want to keep -brand-short-name. For the alpha release we want + # to keep -brand-short-name_alpha instead, and rename it to be + # -brand-short-name. + # + # As such, we parse the brand.ftl file to rename these strings to keep the + # version we want using rename-branding-strings.py. + # + # We do a similar thing with brandShortName and brandFullName in + # brand.properties. + -%] + + # For the stable release, the suffix is empty. + # I.e. we want to select `-brand-short-name` directly. + [% IF !c("var/release"); branding_string_suffix = '_' _ c('var/channel'); END -%] + + # Instructions for the script to perform the renames. + brand_ftl_renames='{ + "suffix": "[% branding_string_suffix %]", + "ids": ["-brand-short-name", "-brand-full-name"] + }' + brand_properties_renames='{ + "suffix": "[% branding_string_suffix %]", + "ids": ["brandShortName", "brandFullName"] + }' + + pushd "$rootdir/translation-tor-browser" + ln -s ja ja-JP-mac + for lang in $supported_locales; do + mv $lang/tor-browser.ftl "$l10ncentral/$lang/toolkit/toolkit/global/" + # Branding. + l10n_branding_dir="$l10ncentral/$lang/$branding_dir/" + mkdir -p "$l10n_branding_dir" + # Convert the translations repository branding files into files that work + # for this specific build. + python3 $rootdir/rename-branding-strings.py $lang/branding/brand.ftl "$brand_ftl_renames" > "$l10n_branding_dir/brand.ftl" + python3 $rootdir/rename-branding-strings.py $lang/brand.properties "$brand_properties_renames" > "$l10n_branding_dir/brand.properties" + done + popd + + [% IF !c('var/android') -%] + # torbutton properties files. + # TODO: Remove once we no longer have torbutton locale files. + torbutton_locales="toolkit/torbutton/chrome/locale/" + torbutton_jar="toolkit/torbutton/jar.mn" + for lang in $supported_locales; do + mkdir -p "$torbutton_locales/$lang" + mv "$rootdir/translation-tor-browser/$lang"/*.properties "$torbutton_locales/$lang/" + echo "% locale torbutton $lang %locale/$lang/" >> "$torbutton_jar" + echo " locale/$lang (chrome/locale/$lang/*)" >> "$torbutton_jar" + done + [% END -%] + [% ELSIF c('input_files_by_name/translation-mullvad-browser') -%] + tar -C "$rootdir" -xf "$rootdir/[% c('input_files_by_name/translation-mullvad-browser') %]" + pushd "$rootdir/translation-mullvad-browser" + ln -s ja ja-JP-mac + for lang in $supported_locales; do + cp -Lr $lang "$l10ncentral/" + done + popd + [% END -%] +[% ELSE -%] + supported_locales="" +[% END -%] ===================================== projects/firefox/rename-branding-strings.py → projects/common/rename-branding-strings.py ===================================== ===================================== projects/firefox/build ===================================== @@ -114,97 +114,7 @@ export MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE=system # Create .mozbuild to avoid interactive prompt in configure mkdir "$HOME/.mozbuild" -branding_dir=browser/branding/[% c("var/branding_directory_prefix") %]-[% c("var/channel") %] - -[% IF c("var/has_l10n") -%] - supported_locales="[% tmpl(c('var/locales').join(' ')) %]" - - l10ncentral="$HOME/.mozbuild/l10n-central" - mkdir "$l10ncentral" - for tarball in $rootdir/[% c('input_files_by_name/firefox-l10n') %]/*; do - tar -C "$l10ncentral" -xf "$tarball" - done - - tar -C "$rootdir" -xf "$rootdir/[% c('input_files_by_name/translation-base-browser') %]" - pushd "$rootdir/translation-base-browser" - ln -s ja ja-JP-mac - for lang in $supported_locales; do - # Fluent - mv $lang/base-browser.ftl "$l10ncentral/$lang/toolkit/toolkit/global/" - done - popd - - [% IF c("var/tor-browser") -%] - tar -C "$rootdir" -xf "$rootdir/[% c('input_files_by_name/translation-tor-browser') %]" - - # For the purpose of Weblate, all releases share a single brand.ftl and - # brand.properties file per locale in the translations repository. - # See tor-browser-build#41372. - # In brand.ftl, both `-brand-short-name` and `-brand-full-name` should - # differ between releases. As such, they have additional entries in the - # translations repository file (Weblate): - # -brand-short-name for the stable release. - # -brand-short-name_alpha for the alpha release. - # -brand-short-name_nightly for the nightly release. - # And similarly for -brand-full-name. - # For the final build, we only want to keep the string that matches the - # built release, and remove its suffix if it has one. So for the stable - # release we want to keep -brand-short-name. For the alpha release we want - # to keep -brand-short-name_alpha instead, and rename it to be - # -brand-short-name. - # - # As such, we parse the brand.ftl file to rename these strings to keep the - # version we want using rename-branding-strings.py. - # - # We do a similar thing with brandShortName and brandFullName in - # brand.properties. - - # Instructions for the script to perform the renames. - brand_ftl_renames='{ - "suffix": "[% c("var/branding_string_suffix") %]", - "ids": ["-brand-short-name", "-brand-full-name"] - }' - brand_properties_renames='{ - "suffix": "[% c("var/branding_string_suffix") %]", - "ids": ["brandShortName", "brandFullName"] - }' - - pushd "$rootdir/translation-tor-browser" - ln -s ja ja-JP-mac - for lang in $supported_locales; do - mv $lang/tor-browser.ftl "$l10ncentral/$lang/toolkit/toolkit/global/" - # Branding. - l10n_branding_dir="$l10ncentral/$lang/$branding_dir/" - mkdir -p "$l10n_branding_dir" - # Convert the translations repository branding files into files that work - # for this specific build. - python3 $rootdir/rename-branding-strings.py $lang/branding/brand.ftl "$brand_ftl_renames" > "$l10n_branding_dir/brand.ftl" - python3 $rootdir/rename-branding-strings.py $lang/brand.properties "$brand_properties_renames" > "$l10n_branding_dir/brand.properties" - done - popd - - # torbutton properties files. - # TODO: Remove once we no longer have torbutton locale files. - torbutton_locales="toolkit/torbutton/chrome/locale/" - torbutton_jar="toolkit/torbutton/jar.mn" - for lang in $supported_locales; do - mkdir -p "$torbutton_locales/$lang" - mv "$rootdir/translation-tor-browser/$lang"/*.properties "$torbutton_locales/$lang/" - echo "% locale torbutton $lang %locale/$lang/" >> "$torbutton_jar" - echo " locale/$lang (chrome/locale/$lang/*)" >> "$torbutton_jar" - done - [% ELSIF c("var/mullvad-browser") -%] - tar -C "$rootdir" -xf "$rootdir/[% c('input_files_by_name/translation-mullvad-browser') %]" - pushd "$rootdir/translation-mullvad-browser" - ln -s ja ja-JP-mac - for lang in $supported_locales; do - cp -Lr $lang "$l10ncentral/" - done - popd - [% END -%] -[% ELSE -%] - supported_locales="" -[% END -%] +[% INCLUDE 'browser-localization' %] # PyYAML tries to read files as ASCII, otherwise export LC_ALL=C.UTF-8 ===================================== projects/firefox/config ===================================== @@ -21,7 +21,6 @@ var: browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' browser_build: 3 - branding_directory_prefix: 'tb' copyright_year: '[% exec("git show -s --format=%ci " _ c("git_hash") _ "^{commit}", { exec_noco => 1 }).remove("-.*") %]' nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-[% c("var/osname") %]' gitlab_project: https://gitlab.torproject.org/tpo/applications/tor-browser @@ -55,10 +54,6 @@ var: rm -Rf "$rezip_tmpdir" l10n-changesets: '[% exec("git --no-pager show " _ c("git_hash") _ ":browser/locales/l10n-changesets.json", { exec_noco => 1 }) %]' - # The branding_string_suffix for the alpha and nightly should be - # '_alpha' and '_nightly', matching the "suffix" chosen in the - # tor-browser:update-translations.yml file. - branding_string_suffix: '_[% c("var/channel") %]' steps: src-tarballs: @@ -99,12 +94,6 @@ targets: var: nightly_updates_publish_dir_prefix: basebrowser- - release: - var: - # For the stable release, the suffix is empty. - # I.e. we want to select `-brand-short-name` directly. - branding_string_suffix: '' - nightly: git_hash: '[% c("var/project-name") %]-[% c("var/firefox_version") %]-[% c("var/browser_branch") %]' tag_gpg_id: 0 @@ -114,7 +103,6 @@ targets: mullvadbrowser: git_url: https://gitlab.torproject.org/tpo/applications/mullvad-browser.git var: - branding_directory_prefix: 'mb' gitlab_project: https://gitlab.torproject.org/tpo/applications/mullvad-browser updater_url: 'https://cdn.mullvad.net/browser/update_responses/update_1/' nightly_updates_publish_dir_prefix: mullvadbrowser- ===================================== projects/geckoview/build ===================================== @@ -33,6 +33,7 @@ export MOZ_SOURCE_CHANGESET=[% c("var/git_commit") %] ac_add_options --enable-update-channel=[% c("var/variant") %] MOZCONFIG_EOF +echo "ac_add_options --with-branding=$branding_dir" >> .mozconfig echo "Starting ./mach configure $(date)" ./mach configure \ ===================================== projects/geckoview/build_ac_fenix ===================================== @@ -1,15 +1,5 @@ [% IF c('var/has_l10n') -%] echo "Injecting the Firefox's localization to GV $(date)" - supported_locales="[% tmpl(c('var/locales_mobile').join(' ')).replace('-r', '-').replace('in', 'id').replace('iw', 'he') %]" - l10ncentral="$HOME/.mozbuild/l10n-central" - mkdir "$l10ncentral" - for tarball in $rootdir/[% c('input_files_by_name/firefox-l10n') %]/*; do - tar -C "$l10ncentral" -xf "$tarball" - done - - # Do not setup our localization files, as we do not provide any frontend - # through GeckoView. - # No quotes on purpose, to pass each locale as an additional argument. ./mach package-multi-locale --locales en-US $supported_locales [% END -%] ===================================== projects/geckoview/build_apk ===================================== @@ -24,7 +24,10 @@ mk_add_options MOZ_PARALLEL_BUILD=[% c("num_procs") %] export MOZ_INCLUDE_SOURCE_INFO=1 export MOZ_SOURCE_REPO="[% c('var/gitlab_project') %]" export MOZ_SOURCE_CHANGESET=[% c("var/git_commit") %] + +ac_add_options --enable-update-channel=[% c("var/variant") %] MOZCONFIG_EOF +echo "ac_add_options --with-branding=$branding_dir" >> mozconfig-android-all # We still need to specify --tor-browser-version due to bug 34005. ./mach configure \ ===================================== projects/geckoview/build_common ===================================== @@ -47,3 +47,5 @@ cp -rl oss-licenses-plugin/. $gradle_repo export MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE=system # Create .mozbuild to avoid interactive prompt in configure mkdir "$HOME/.mozbuild" + +[% INCLUDE 'browser-localization' %] ===================================== projects/geckoview/config ===================================== @@ -106,6 +106,11 @@ steps: project: translation pkg_type: fenix enable: '[% c("var/has_l10n") %]' + - name: translation-tor-browser + project: translation + pkg_type: tor-browser + enable: '[% c("var/has_l10n") %]' + - filename: rename-branding-strings.py - URL: '[% pc("glean", "var/glean_wheels_url/" _ c("var/glean_parser"), { error_if_undef => 1 }) %]' name: glean-wheels sha256sum: '[% pc("glean", "var/glean_wheels_sha256sum/" _ c("var/glean_parser"), { error_if_undef => 1 }) %]' @@ -164,3 +169,8 @@ input_files: project: translation pkg_type: fenix enable: '[% c("var/android_single_arch") && c("var/has_l10n") %]' + - name: translation-tor-browser + project: translation + pkg_type: tor-browser + enable: '[% c("var/android_single_arch") && c("var/has_l10n") %]' + - filename: rename-branding-strings.py ===================================== rbm.conf ===================================== @@ -299,6 +299,7 @@ targets: projectname: torbrowser Project_Name: 'Tor Browser' ProjectName: TorBrowser + project_initials: tb basebrowser: var: @@ -316,6 +317,7 @@ targets: projectname: mullvadbrowser Project_Name: 'Mullvad Browser' ProjectName: MullvadBrowser + project_initials: mb exe_name: mullvadbrowser mar_channel_id: '[% c("var/projectname") %]-mullvad-[% c("var/channel") %]' locales: View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.8.0esr-14.5-1] 3 commits: fixup! TB 2176: Rebrand Firefox to TorBrowser
by Pier Angelo Vendrame (＠pierov) 25 Mar '25

25 Mar '25

Pier Angelo Vendrame pushed to branch tor-browser-128.8.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 74132877 by Pier Angelo Vendrame at 2025-03-25T17:56:32+01:00 fixup! TB 2176: Rebrand Firefox to TorBrowser TB 43464: Add Android branding Remove any previous customization to mobile/android/branding. - - - - - 09981fcd by Pier Angelo Vendrame at 2025-03-25T17:56:34+01:00 fixup! TB 2176: Rebrand Firefox to TorBrowser TB 43464: Add Android branding Add Tor Browser branding for Android. - - - - - 8fe2d60a by Pier Angelo Vendrame at 2025-03-25T17:56:34+01:00 fixup! TB3: Tor Browser's official .mozconfigs. TB 43464: Add Android branding Use tb-nightly branding for dev builds. - - - - - 35 changed files: - browser/config/mozconfigs/tor-browser-android - mobile/android/branding/beta/locales/jar.mn - mobile/android/branding/nightly/locales/jar.mn - mobile/android/branding/official/locales/jar.mn - + mobile/android/branding/tb-alpha/configure.sh - + mobile/android/branding/tb-alpha/content/favicon32.png - + mobile/android/branding/tb-alpha/content/favicon64.png - + mobile/android/branding/tb-alpha/content/jar.mn - + mobile/android/branding/tb-alpha/content/moz.build - + mobile/android/branding/tb-alpha/locales/en-US/brand.ftl - + mobile/android/branding/tb-alpha/locales/en-US/brand.properties - + mobile/android/branding/tb-alpha/locales/jar.mn - + mobile/android/branding/tb-alpha/locales/moz.build - + mobile/android/branding/tb-alpha/moz.build - + mobile/android/branding/tb-nightly/configure.sh - + mobile/android/branding/tb-nightly/content/favicon32.png - + mobile/android/branding/tb-nightly/content/favicon64.png - + mobile/android/branding/tb-nightly/content/jar.mn - + mobile/android/branding/tb-nightly/content/moz.build - + mobile/android/branding/tb-nightly/locales/en-US/brand.ftl - + mobile/android/branding/tb-nightly/locales/en-US/brand.properties - + mobile/android/branding/tb-nightly/locales/jar.mn - + mobile/android/branding/tb-nightly/locales/moz.build - + mobile/android/branding/tb-nightly/moz.build - + mobile/android/branding/tb-release/configure.sh - + mobile/android/branding/tb-release/content/favicon32.png - + mobile/android/branding/tb-release/content/favicon64.png - + mobile/android/branding/tb-release/content/jar.mn - + mobile/android/branding/tb-release/content/moz.build - + mobile/android/branding/tb-release/locales/en-US/brand.ftl - + mobile/android/branding/tb-release/locales/en-US/brand.properties - + mobile/android/branding/tb-release/locales/jar.mn - + mobile/android/branding/tb-release/locales/moz.build - + mobile/android/branding/tb-release/moz.build - mobile/android/branding/unofficial/locales/jar.mn The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/586046… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/586046… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new branch tor-browser-115.22.0esr-13.5-1
by Pier Angelo Vendrame (＠pierov) 25 Mar '25

25 Mar '25

Pier Angelo Vendrame pushed new branch tor-browser-115.22.0esr-13.5-1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new branch mullvad-browser-128.9.0esr-14.0-1
by Pier Angelo Vendrame (＠pierov) 25 Mar '25

25 Mar '25

Pier Angelo Vendrame pushed new branch mullvad-browser-128.9.0esr-14.0-1 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new tag base-browser-128.9.0esr-14.0-1-build1
by Pier Angelo Vendrame (＠pierov) 25 Mar '25

25 Mar '25

Pier Angelo Vendrame pushed new tag base-browser-128.9.0esr-14.0-1-build1 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/base-… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag base-browser-128.9.0esr-14.0-1-build1
by Pier Angelo Vendrame (＠pierov) 25 Mar '25

25 Mar '25

Pier Angelo Vendrame pushed new tag base-browser-128.9.0esr-14.0-1-build1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/base-brow… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new branch base-browser-128.9.0esr-14.0-1
by Pier Angelo Vendrame (＠pierov) 25 Mar '25

25 Mar '25

Pier Angelo Vendrame pushed new branch base-browser-128.9.0esr-14.0-1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/base-brow… You're receiving this email because of your account on gitlab.torproject.org.

1 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

tbb-commits