morgan pushed to branch tor-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser
Commits:
a83dddb9 by Henry Wilkes at 2024-11-13T19:54:08+00:00
fixup! Bug 30237: Add v3 onion services client authentication prompt
Bug 43263: Add some alert semantics for onion site keys.
Also use `spoof-button-disabled` to better manage focus for temporarily
disabled buttons.
- - - - -
2073c1fa by Henry Wilkes at 2024-11-13T19:54:08+00:00
fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection
Bug 43263: Update `spoof-button-disabled` buttons to use tabIndex=-1.
Also remove aria-live="assertive" from role="alert" since it should
already be implied by default.
- - - - -
10 changed files:
- browser/components/onionservices/content/authPopup.inc.xhtml
- browser/components/onionservices/content/authPreferences.css
- browser/components/onionservices/content/authPrompt.js
- browser/components/onionservices/content/savedKeysDialog.js
- browser/components/onionservices/content/savedKeysDialog.xhtml
- browser/components/torpreferences/content/connectionPane.js
- browser/components/torpreferences/content/loxInviteDialog.js
- browser/components/torpreferences/content/provideBridgeDialog.js
- browser/components/torpreferences/content/provideBridgeDialog.xhtml
- browser/components/torpreferences/content/torPreferences.css
Changes:
=====================================
browser/components/onionservices/content/authPopup.inc.xhtml
=====================================
@@ -11,12 +11,27 @@
data-l10n-id="onion-site-authentication-prompt-learn-more"
/>
<html:div>
+ <!-- NOTE: Orca 46.2 will not say "invalid" for "type=password". See
+ - https://gitlab.gnome.org/GNOME/orca/-/issues/550
+ - Moreover, it will ignore the aria-errormessage relation when we are
+ - not in a document context. See related bugzilla bug 1820765. -->
<html:input
id="tor-clientauth-notification-key"
type="password"
data-l10n-id="onion-site-authentication-prompt-key-input"
+ aria-errormessage="tor-clientauth-warning"
/>
- <html:div id="tor-clientauth-warning"></html:div>
+ <html:div
+ id="tor-clientauth-warning"
+ role="alert"
+ aria-labelledby="tor-clientauth-warning-text"
+ >
+ <!-- NOTE: Orca 46.2 treats this notification as non-document context.
+ - As such it seems to only read out the alert content if it contains
+ - a <xul:label>, <html:label> or if it has an accessible name.
+ - We use aria-labelledby here. -->
+ <html:span id="tor-clientauth-warning-text"></html:span>
+ </html:div>
<checkbox
id="tor-clientauth-persistkey-checkbox"
data-l10n-id="onion-site-authentication-prompt-remember-checkbox"
=====================================
browser/components/onionservices/content/authPreferences.css
=====================================
@@ -23,3 +23,15 @@
-moz-context-properties: fill;
fill: var(--in-content-warning-icon-color);
}
+
+/* Make a button appear disabled, whilst still allowing it to keep keyboard
+ * focus.
+ * Duplicate of rule in torPreferences.css.
+ * TODO: Replace with moz-button when it handles this for us. See
+ * tor-browser#43275. */
+button.spoof-button-disabled {
+ /* Borrow the :disabled rule from common-shared.css */
+ opacity: 0.4;
+ /* Also ensure it does not get hover or active styling. */
+ pointer-events: none;
+}
=====================================
browser/components/onionservices/content/authPrompt.js
=====================================
@@ -32,6 +32,8 @@ var OnionAuthPrompt = {
/**
* The currently shown details in the prompt.
+ *
+ * @type {?PromptDetails}
*/
_shownDetails: null,
@@ -264,16 +266,18 @@ var OnionAuthPrompt = {
*/
_showWarning(warningMessageId) {
this._logger.debug(`Showing warning: ${warningMessageId}`);
+
if (warningMessageId) {
- document.l10n.setAttributes(this._warningEl, warningMessageId);
+ document.l10n.setAttributes(this._warningTextEl, warningMessageId);
this._warningEl.removeAttribute("hidden");
this._keyInput.classList.add("invalid");
+ this._keyInput.setAttribute("aria-invalid", "true");
} else {
- // Clean up.
- this._warningEl.removeAttribute("data-l10n-id");
- this._warningEl.textContent = "";
+ this._warningTextEl.removeAttribute("data-l10n-id");
+ this._warningTextEl.textContent = "";
this._warningEl.setAttribute("hidden", "true");
this._keyInput.classList.remove("invalid");
+ this._keyInput.removeAttribute("aria-invalid");
}
},
@@ -344,6 +348,9 @@ var OnionAuthPrompt = {
"tor-clientauth-persistkey-checkbox"
);
this._warningEl = document.getElementById("tor-clientauth-warning");
+ this._warningTextEl = document.getElementById(
+ "tor-clientauth-warning-text"
+ );
this._descriptionEl = document.getElementById(
"tor-clientauth-notification-desc"
);
=====================================
browser/components/onionservices/content/savedKeysDialog.js
=====================================
@@ -14,6 +14,20 @@ var gOnionServicesSavedKeysDialog = {
return this._busyCount > 0;
},
+ /**
+ * Whether the "remove selected" button is disabled.
+ *
+ * @type {boolean}
+ */
+ _removeSelectedDisabled: true,
+
+ /**
+ * Whether the "remove all" button is disabled.
+ *
+ * @type {boolean}
+ */
+ _removeAllDisabled: true,
+
async _deleteSelectedKeys() {
this._showError(null);
this._withBusy(async () => {
@@ -36,6 +50,15 @@ var gOnionServicesSavedKeysDialog = {
for (let i = indexesToDelete.length - 1; i >= 0; --i) {
await this._deleteOneKey(provider, indexesToDelete[i]);
}
+ // If successful and the user focus is still on the buttons move focus
+ // to the table with the updated state. We do this before calling
+ // _updateButtonState and potentially making the buttons disabled.
+ if (
+ this._removeButton.contains(document.activeElement) ||
+ this._removeAllButton.contains(document.activeElement)
+ ) {
+ this._tree.focus();
+ }
} catch (e) {
console.error("Removing a saved key failed", e);
this._showError(
@@ -51,10 +74,37 @@ var gOnionServicesSavedKeysDialog = {
await this._deleteSelectedKeys();
},
+ /**
+ * Show the given button as being disabled or enabled.
+ *
+ * @param {Button} button - The button to change.
+ * @param {boolean} disable - Whether to show the button as disabled or
+ * enabled.
+ */
+ _disableButton(button, disable) {
+ // If we are disabled we show the button as disabled, and we also remove it
+ // from the tab focus cycle using `tabIndex = -1`.
+ // This is similar to using the `disabled` attribute, except that
+ // `tabIndex = -1` still allows the button to be focusable. I.e. not part of
+ // the focus cycle but can *keep* existing focus when the button becomes
+ // disabled to avoid loosing focus to the top of the dialog.
+ // TODO: Replace with moz-button when it handles this for us. See
+ // tor-browser#43275.
+ button.classList.toggle("spoof-button-disabled", disable);
+ button.tabIndex = disable ? -1 : 0;
+ if (disable) {
+ this._removeButton.setAttribute("aria-disabled", "true");
+ } else {
+ this._removeButton.removeAttribute("aria-disabled");
+ }
+ },
+
_updateButtonsState() {
const haveSelection = this._tree.view.selection.getRangeCount() > 0;
- this._removeButton.disabled = this._isBusy || !haveSelection;
- this._removeAllButton.disabled = this._isBusy || this.rowCount === 0;
+ this._removeSelectedDisabled = this._isBusy || !haveSelection;
+ this._removeAllDisabled = this._isBusy || this.rowCount === 0;
+ this._disableButton(this._removeButton, this._removeSelectedDisabled);
+ this._disableButton(this._removeAllButton, this._removeAllDisabled);
},
// Private functions.
@@ -79,12 +129,18 @@ var gOnionServicesSavedKeysDialog = {
"onionservices-savedkeys-remove"
);
this._removeButton.addEventListener("click", () => {
+ if (this._removeSelectedDisabled) {
+ return;
+ }
this._deleteSelectedKeys();
});
this._removeAllButton = document.getElementById(
"onionservices-savedkeys-removeall"
);
this._removeAllButton.addEventListener("click", () => {
+ if (this._removeAllDisabled) {
+ return;
+ }
this._deleteAllKeys();
});
=====================================
browser/components/onionservices/content/savedKeysDialog.xhtml
=====================================
@@ -49,7 +49,11 @@
</treecols>
<treechildren />
</tree>
- <hbox id="onionservices-savedkeys-errorContainer" align="center">
+ <hbox
+ id="onionservices-savedkeys-errorContainer"
+ align="center"
+ role="alert"
+ >
<image id="onionservices-savedkeys-errorIcon" />
<description id="onionservices-savedkeys-errorMessage" flex="1" />
</hbox>
@@ -57,7 +61,6 @@
<hbox id="onionservices-savedkeys-buttons">
<html:button
id="onionservices-savedkeys-remove"
- disabled="true"
data-l10n-id="onion-site-saved-keys-dialog-remove-button"
></html:button>
<html:button
=====================================
browser/components/torpreferences/content/connectionPane.js
=====================================
@@ -2354,8 +2354,11 @@ const gNetworkStatus = {
this._internetTestDisabled = true;
// We use "aria-disabled" rather than the "disabled" attribute so that the
// button can remain focusable during the test.
+ // TODO: Replace with moz-button when it handles this for us. See
+ // tor-browser#43275.
this._internetTestButton.setAttribute("aria-disabled", "true");
this._internetTestButton.classList.add("spoof-button-disabled");
+ this._internetTestButton.tabIndex = -1;
try {
this._updateInternetStatus("testing");
const mrpc = new MoatRPC();
@@ -2376,6 +2379,7 @@ const gNetworkStatus = {
} finally {
this._internetTestButton.removeAttribute("aria-disabled");
this._internetTestButton.classList.remove("spoof-button-disabled");
+ this._internetTestButton.tabIndex = 0;
this._internetTestDisabled = false;
}
},
=====================================
browser/components/torpreferences/content/loxInviteDialog.js
=====================================
@@ -255,15 +255,11 @@ const gLoxInvites = {
// When generating we use "aria-disabled" rather than the "disabled"
// attribute so that the button can remain focusable whilst we generate
// invites.
- // NOTE: When we generate the invite the focus will move to the invite list,
- // so it should be safe to make the button non-focusable in this case.
- const spoofDisabled = this._generating;
- this._generateButton.disabled = disabled && !spoofDisabled;
- this._generateButton.classList.toggle(
- "spoof-button-disabled",
- spoofDisabled
- );
- if (spoofDisabled) {
+ // TODO: Replace with moz-button when it handles this for us. See
+ // tor-browser#43275.
+ this._generateButton.classList.toggle("spoof-button-disabled", disabled);
+ this._generateButton.tabIndex = disabled ? -1 : 0;
+ if (disabled) {
this._generateButton.setAttribute("aria-disabled", "true");
} else {
this._generateButton.removeAttribute("aria-disabled");
=====================================
browser/components/torpreferences/content/provideBridgeDialog.js
=====================================
@@ -215,7 +215,10 @@ const gProvideBridgeDialog = {
this._acceptDisabled = disabled;
// Spoof the button to look and act as if it is disabled, but still allow
// keyboard focus so the user can sit on this button whilst we are loading.
+ // TODO: Replace with moz-button when it handles this for us. See
+ // tor-browser#43275.
this._acceptButton.classList.toggle("spoof-button-disabled", disabled);
+ this._acceptButton.tabIndex = disabled ? -1 : 0;
if (disabled) {
this._acceptButton.setAttribute("aria-disabled", "true");
} else {
=====================================
browser/components/torpreferences/content/provideBridgeDialog.xhtml
=====================================
@@ -55,7 +55,6 @@
<html:span
id="user-provide-bridge-error-message"
role="alert"
- aria-live="assertive"
></html:span>
<img
id="user-provide-bridge-loading-icon"
=====================================
browser/components/torpreferences/content/torPreferences.css
=====================================
@@ -6,7 +6,9 @@
}
/* Make a button appear disabled, whilst still allowing it to keep keyboard
- * focus. */
+ * focus.
+ * TODO: Replace with moz-button when it handles this for us. See
+ * tor-browser#43275. */
button.spoof-button-disabled {
/* Borrow the :disabled rule from common-shared.css */
opacity: 0.4;
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/b66037…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/b66037…
You're receiving this email because of your account on gitlab.torproject.org.
morgan pushed to branch mullvad-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Mullvad Browser
Commits:
b518f02a by Pier Angelo Vendrame at 2024-11-13T19:50:58+00:00
fixup! Firefox preference overrides.
Bug 43165: Disable Microsoft SSO on macOS.
- - - - -
1 changed file:
- browser/app/profile/001-base-profile.js
Changes:
=====================================
browser/app/profile/001-base-profile.js
=====================================
@@ -455,6 +455,9 @@ pref("network.http.referer.defaultPolicy.pbmode", 2);
pref("network.http.referer.XOriginTrimmingPolicy", 2); // Bug 17228: Force trim referer to scheme+host+port in cross-origin requests
// Bug 40463: Disable Windows SSO
pref("network.http.windows-sso.enabled", false, locked);
+// Bug 43165: Disable Microsoft SSO on macOS
+pref("network.http.microsoft-entra-sso.enabled", false);
+pref("network.microsoft-sso-authority-list", "");
// tor-browser#40424
pref("pdfjs.enableScripting", false);
#if MOZ_UPDATE_CHANNEL == release
View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/b51…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/b51…
You're receiving this email because of your account on gitlab.torproject.org.
morgan pushed to branch mullvad-browser-128.4.0esr-14.0-1 at The Tor Project / Applications / Mullvad Browser
Commits:
3850c827 by Pier Angelo Vendrame at 2024-11-13T19:50:20+00:00
fixup! Firefox preference overrides.
Bug 43165: Disable Microsoft SSO on macOS.
- - - - -
1 changed file:
- browser/app/profile/001-base-profile.js
Changes:
=====================================
browser/app/profile/001-base-profile.js
=====================================
@@ -447,6 +447,9 @@ pref("network.http.referer.defaultPolicy.pbmode", 2);
pref("network.http.referer.XOriginTrimmingPolicy", 2); // Bug 17228: Force trim referer to scheme+host+port in cross-origin requests
// Bug 40463: Disable Windows SSO
pref("network.http.windows-sso.enabled", false, locked);
+// Bug 43165: Disable Microsoft SSO on macOS
+pref("network.http.microsoft-entra-sso.enabled", false);
+pref("network.microsoft-sso-authority-list", "");
// tor-browser#40424
pref("pdfjs.enableScripting", false);
#if MOZ_UPDATE_CHANNEL == release
View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/385…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/385…
You're receiving this email because of your account on gitlab.torproject.org.
morgan pushed to branch tor-browser-128.4.0esr-14.0-1 at The Tor Project / Applications / Tor Browser
Commits:
47f93bf5 by Pier Angelo Vendrame at 2024-11-13T19:48:31+00:00
fixup! Firefox preference overrides.
Bug 43165: Disable Microsoft SSO on macOS.
- - - - -
1 changed file:
- browser/app/profile/001-base-profile.js
Changes:
=====================================
browser/app/profile/001-base-profile.js
=====================================
@@ -447,6 +447,9 @@ pref("network.http.referer.defaultPolicy.pbmode", 2);
pref("network.http.referer.XOriginTrimmingPolicy", 2); // Bug 17228: Force trim referer to scheme+host+port in cross-origin requests
// Bug 40463: Disable Windows SSO
pref("network.http.windows-sso.enabled", false, locked);
+// Bug 43165: Disable Microsoft SSO on macOS
+pref("network.http.microsoft-entra-sso.enabled", false);
+pref("network.microsoft-sso-authority-list", "");
// tor-browser#40424
pref("pdfjs.enableScripting", false);
#if MOZ_UPDATE_CHANNEL == release
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/47f93bf…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/47f93bf…
You're receiving this email because of your account on gitlab.torproject.org.
morgan pushed to branch base-browser-128.4.0esr-14.0-1 at The Tor Project / Applications / Tor Browser
Commits:
ccf8f463 by Pier Angelo Vendrame at 2024-11-13T19:49:07+00:00
fixup! Firefox preference overrides.
Bug 43165: Disable Microsoft SSO on macOS.
- - - - -
1 changed file:
- browser/app/profile/001-base-profile.js
Changes:
=====================================
browser/app/profile/001-base-profile.js
=====================================
@@ -447,6 +447,9 @@ pref("network.http.referer.defaultPolicy.pbmode", 2);
pref("network.http.referer.XOriginTrimmingPolicy", 2); // Bug 17228: Force trim referer to scheme+host+port in cross-origin requests
// Bug 40463: Disable Windows SSO
pref("network.http.windows-sso.enabled", false, locked);
+// Bug 43165: Disable Microsoft SSO on macOS
+pref("network.http.microsoft-entra-sso.enabled", false);
+pref("network.microsoft-sso-authority-list", "");
// tor-browser#40424
pref("pdfjs.enableScripting", false);
#if MOZ_UPDATE_CHANNEL == release
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/ccf8f46…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/ccf8f46…
You're receiving this email because of your account on gitlab.torproject.org.
morgan pushed to branch base-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser
Commits:
729f901e by Pier Angelo Vendrame at 2024-11-13T19:47:49+00:00
fixup! Firefox preference overrides.
Bug 43165: Disable Microsoft SSO on macOS.
- - - - -
1 changed file:
- browser/app/profile/001-base-profile.js
Changes:
=====================================
browser/app/profile/001-base-profile.js
=====================================
@@ -455,6 +455,9 @@ pref("network.http.referer.defaultPolicy.pbmode", 2);
pref("network.http.referer.XOriginTrimmingPolicy", 2); // Bug 17228: Force trim referer to scheme+host+port in cross-origin requests
// Bug 40463: Disable Windows SSO
pref("network.http.windows-sso.enabled", false, locked);
+// Bug 43165: Disable Microsoft SSO on macOS
+pref("network.http.microsoft-entra-sso.enabled", false);
+pref("network.microsoft-sso-authority-list", "");
// tor-browser#40424
pref("pdfjs.enableScripting", false);
#if MOZ_UPDATE_CHANNEL == release
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/729f901…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/729f901…
You're receiving this email because of your account on gitlab.torproject.org.
morgan pushed to branch tor-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser
Commits:
b66037f7 by Pier Angelo Vendrame at 2024-11-13T19:41:55+00:00
fixup! Firefox preference overrides.
Bug 43165: Disable Microsoft SSO on macOS.
- - - - -
1 changed file:
- browser/app/profile/001-base-profile.js
Changes:
=====================================
browser/app/profile/001-base-profile.js
=====================================
@@ -452,6 +452,9 @@ pref("network.http.referer.defaultPolicy.pbmode", 2);
pref("network.http.referer.XOriginTrimmingPolicy", 2); // Bug 17228: Force trim referer to scheme+host+port in cross-origin requests
// Bug 40463: Disable Windows SSO
pref("network.http.windows-sso.enabled", false, locked);
+// Bug 43165: Disable Microsoft SSO on macOS
+pref("network.http.microsoft-entra-sso.enabled", false);
+pref("network.microsoft-sso-authority-list", "");
// tor-browser#40424
pref("pdfjs.enableScripting", false);
#if MOZ_UPDATE_CHANNEL == release
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/b66037f…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/b66037f…
You're receiving this email because of your account on gitlab.torproject.org.
morgan pushed to branch maint-14.0 at The Tor Project / Applications / tor-browser-build
Commits:
0665c022 by Morgan at 2024-11-13T18:48:38+00:00
Bug 41299: Prepare Mullvad Browser 14.0
- - - - -
4 changed files:
- projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt
- projects/browser/config
- projects/firefox/config
- rbm.conf
Changes:
=====================================
projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt
=====================================
@@ -1,3 +1,114 @@
+Mullvad Browser 14.0 - November 13 2024
+ * All Platforms
+ * Updated Firefox to 128.4.0esr
+ * Updated NoScript to 11.5.2
+ * Updated Mullvad Browser Extension to 0.9.3
+ * Bug 328: Provide search engine icons [mullvad-browser]
+ * Bug 329: Remove the Security Levels icon from the toolbar [mullvad-browser]
+ * Bug 344: set media.navigator.enabled = true [mullvad-browser]
+ * Bug 349: Tidy up mullvad Fluent files [mullvad-browser]
+ * Bug 30543: compat: make spoofed orientation reflect spoofed screen dimensions [1607032 + 1918202] [tor-browser]
+ * Bug 30862: 10ms time precision via EXSLT date-time function [tor-browser]
+ * Bug 32668: NoScript default whitelist re-appears on clicking NoScript Options / Reset [tor-browser]
+ * Bug 40147: Re-enable Picture-in-Picture mode [tor-browser]
+ * Bug 41309: Re-enable screenshots component [tor-browser]
+ * Bug 41817: Add more color aliases that take dark mode into account [tor-browser]
+ * Bug 42070: Backport Bugzilla 1834307 and hide smooth-scroll UX [tor-browser]
+ * Bug 42255: pdfjs.disabled used to be part of RFP until Bug 1838415; lock pref to false in stable [tor-browser]
+ * Bug 42356: Review 000-tor-browser.js and 001-base-profile.js for 128 [tor-browser]
+ * Bug 42362: "New window" missing from File menu [tor-browser]
+ * Bug 42596: Several console errors: Console.maxLogLevelPref used with a non-existing pref: [tor-browser]
+ * Bug 42601: Check Bug 1894779: Allow font-face urls to be resource:// urls and relax CORS for resource:// URLs [tor-browser]
+ * Bug 42603: Remove safebrowsing URLs [tor-browser]
+ * Bug 42611: Set clipboard.imageAsFile.enabled to false [tor-browser]
+ * Bug 42617: Restore the HTML form on DDG when using safest in 128 [tor-browser]
+ * Bug 42630: Review LaterRun in 128 [tor-browser]
+ * Bug 42640: Disable Firefox Flame button due to unknown interactions with New Identity [tor-browser]
+ * Bug 42641: Move from panel-footer class to moz-button-group [tor-browser]
+ * Bug 42644: toolbar rules in panelUI-shared.css are unneccessary [tor-browser]
+ * Bug 42646: Remove migrations for security.certerrors.mitm.auto_enable_enterprise_roots [tor-browser]
+ * Bug 42647: "Switching to a new device" regressed on 128 [tor-browser]
+ * Bug 42653: The Neterror page has a checkbox to report iframe origin errors to TPO [tor-browser]
+ * Bug 42665: Drop "Learn More" spacing [tor-browser]
+ * Bug 42667: Add description-deemphasized class to our additions to about:preferences [tor-browser]
+ * Bug 42679: Use a more robust approach to hide the "tracking protection" urlbar button [tor-browser]
+ * Bug 42683: Create script to generate issue triage csv's from bugzilla query and git scraping [tor-browser]
+ * Bug 42684: Disable network prefetch [tor-browser]
+ * Bug 42685: compat: ESR128: enable textmetrics [tor-browser]
+ * Bug 42687: Disable Privacy-Preserving Attribution [tor-browser]
+ * Bug 42699: Drop level="top" attribute from panels [tor-browser]
+ * Bug 42704: Drop the badged="true" attribute from security level button [tor-browser]
+ * Bug 42705: Update our preferences to account for new line height [tor-browser]
+ * Bug 42718: Remove the firefox-view button from UI, even when always-on private-browsing mode is disabled [tor-browser]
+ * Bug 42730: Make RemoteSettings use only local dumps [tor-browser]
+ * Bug 42735: Disable recent search suggestions [tor-browser]
+ * Bug 42740: Stop trying to hide "Restore previous session" [tor-browser]
+ * Bug 42742: Inconsistent use of "New private window" vs "New window" [tor-browser]
+ * Bug 42745: Remove some residuals from update scripts [tor-browser]
+ * Bug 42764: Unconditionally disable find-bar transition animation [tor-browser]
+ * Bug 42777: Remove 'Website Privacy Preferences' and ensure sensible default prefs [tor-browser]
+ * Bug 42814: Opt out from Firefox relay by default. [tor-browser]
+ * Bug 42831: Remove the shopping components [tor-browser]
+ * Bug 42867: Disable contentRelevancy component [tor-browser]
+ * Bug 42872: Disable translations until audited and solved the UX problems [tor-browser]
+ * Bug 43054: check bounceTrackingProtection in PB mode does not persist to disk [tor-browser]
+ * Bug 43072: moz-message-bar does not get announced on Orca screen-reader [tor-browser]
+ * Bug 43083: Backport fix for Mozilla 1436462 [tor-browser]
+ * Bug 43103: Verify whether an update is unsupported before choosing one [tor-browser]
+ * Bug 43109: Remove mention of Firefox Relay from settings [tor-browser]
+ * Bug 43117: Hide 'Always underline links' option [tor-browser]
+ * Bug 43134: Backport Bugzilla 1436226 Hardcode VP8/VP9 [tor-browser]
+ * Bug 43144: Ensure non-privacy browsing also sets the GPC header [tor-browser]
+ * Bug 43163: Disable offscreen canvas until verified it is not fingerprintable [tor-browser]
+ * Bug 43164: Prevent search-bar from being auto-hidden when not used for awhile [tor-browser]
+ * Bug 43178: Audit fingerprinting overrides (MozBug 1834274) [tor-browser]
+ * Bug 43184: Backport Bugzilla 1922294: RFP: fixup square spoofed orientation [tor-browser]
+ * Bug 43197: Disable automatic exception for HTTPS-First [tor-browser]
+ * Bug 43209: UI freezes when clipboard is empty after screen lock [tor-browser]
+ * Bug 43217: Fullscreen videos have rounded letterboxing corners [tor-browser]
+ * Bug 43257: NoScript-blocked content placeholders causing slow downs [tor-browser]
+ * Bug 43258: NoScript Lifecycle error on extension updates [tor-browser]
+ * Bug 41248: Check and update bundled font versions [tor-browser-build]
+ * Windows + macOS
+ * Bug 43021: Revert the OS deprecation notification introduced in #42347 [tor-browser]
+ * Windows
+ * Bug 43051: windows: remove UI for "open Tor Browser automatically when computer starts" [tor-browser]
+ * macOS
+ * Bug 42494: mac: add Arial Black and Arial Narrow to allowlist [tor-browser]
+ * Linux
+ * Bug 42773: Replace ~ with the original HOME [tor-browser]
+ * Bug 43092: Disable Wayland by default in 14.0 [tor-browser]
+ * Bug 43101: Security features warning links to Firefox installation support page with incomplete info [tor-browser]
+ * Bug 43141: Hardcode Arimo as a system-ui font [tor-browser]
+ * Bug 43196: Remove the vendor name from the "is playing media" notification on Linux [tor-browser]
+ * Bug 41237: Add some aliases to our Linux font config for compatibility [tor-browser-build]
+ * Build System
+ * All Platforms
+ * Bug 43157: Move tb-dev to base-browser [tor-browser]
+ * Bug 41096: Set SOURCE_DATE_EPOCH in the default env variables [tor-browser-build]
+ * Bug 41155: Update toolchains for ESR128 [tor-browser-build]
+ * Bug 41156: Split the Rust configuration options [tor-browser-build]
+ * Bug 41176: Update list of people with github commit access in MB issue templates [tor-browser-build]
+ * Bug 41188: Upgrade binutils to 2.41 [tor-browser-build]
+ * Bug 41236: Remove binutils when not needed [tor-browser-build]
+ * Bug 41256: tools/signing/upload-update_responses-to-staticiforme should regenerate update-responses when it already exists [tor-browser-build]
+ * Bug 41259: Skip versions which don't set incremental_from when generating incrementals [tor-browser-build]
+ * Bug 41260: Don't set legacy version for Mullvad Browser [tor-browser-build]
+ * Bug 41274: Improve fetch_changelogs.py for major releases [tor-browser-build]
+ * Bug 41279: Add @pierov and @ma1 as new signers [tor-browser-build]
+ * Bug 41289: Fix single-browser in relprep.py [tor-browser-build]
+ * Windows + macOS
+ * Bug 41197: Modify update-responses to prevent upgrades on unsupported Windows and macOS versions [tor-browser-build]
+ * Windows
+ * Bug 29318: Drop mingw-w64/gcc toolchain [tor-browser-build]
+ * Bug 29320: Use mingw-w64/clang toolchain to build Rust [tor-browser-build]
+ * Bug 41296: Implement missing Windows headers required for building cross-compiling WebRTC with mingw [tor-browser-build]
+ * Linux
+ * Bug 41013: Add a README to each project [tor-browser-build]
+ * Bug 41222: link_old_mar_filenames still referenced in torbrowser-incrementals-{release,alpha}-unsigned [tor-browser-build]
+ * Bug 41243: Add own apparmor profile to deb package [tor-browser-build]
+ * Bug 41282: Add SSL to our custom Python for MozBug 1924022 [tor-browser-build]
+
Mullvad Browser 14.0a10 - November 01 2024
* All Platforms
* Updated Firefox to 128.4.0esr
=====================================
projects/browser/config
=====================================
@@ -115,9 +115,9 @@ input_files:
name: ublock-origin
sha256sum: e2cda9b2a1b0a7f6e5ef0da9f87f28df52f8560587ba2e51a3003121cfb81600
enable: '[% c("var/mullvad-browser") %]'
- - URL: https://cdn.mullvad.net/browser-extension/0.9.0/mullvad-browser-extension-0…
+ - URL: https://cdn.mullvad.net/browser-extension/0.9.3/mullvad-browser-extension-0…
name: mullvad-extension
- sha256sum: 65bf235aa1015054ae0a54a40c5a663e67fe1d0f0799e7b4726f98cccc7f3eab
+ sha256sum: fc6bc7c850adf8845fec15b7ea06324f65f843155e2cc5dbd8719e34436512af
enable: '[% c("var/mullvad-browser") %]'
- filename: 'gtk3-settings.ini'
enable: '[% c("var/linux") %]'
=====================================
projects/firefox/config
=====================================
@@ -107,6 +107,7 @@ targets:
gitlab_project: https://gitlab.torproject.org/tpo/applications/mullvad-browser
updater_url: 'https://cdn.mullvad.net/browser/update_responses/update_1/'
nightly_updates_publish_dir_prefix: mullvadbrowser-
+ browser_build: 2
linux-x86_64:
var:
=====================================
rbm.conf
=====================================
@@ -73,21 +73,20 @@ buildconf:
git_signtag_opt: '-s'
var:
- torbrowser_version: '[% IF c("var/tor-browser") %]14.0.2[% ELSE %]14.0a10[% END %]'
+ torbrowser_version: '[% IF c("var/tor-browser") %]14.0.2[% ELSE %]14.0[% END %]'
torbrowser_build: 'build1'
# This should be the date of when the build is started. For the build
# to be reproducible, browser_release_date should always be in the past.
- browser_release_date: '2024/11/12 18:50:24'
+ browser_release_date: '2024/11/12 20:16:21'
browser_release_date_timestamp: '[% USE date; date.format(c("var/browser_release_date"), "%s") %]'
updater_enabled: 1
build_mar: 1
torbrowser_incremental_from:
- - '[% IF c("var/mullvad-browser") %]14.0a9[% END %]'
- - '[% IF c("var/mullvad-browser") %]14.0a8[% END %]'
- - '[% IF c("var/mullvad-browser") %]14.0a7[% END %]'
- '[% IF c("var/tor-browser") %]14.0.1[% END %]'
- '[% IF c("var/tor-browser") %]14.0[% END %]'
- - '[% IF c("var/tor-browser") %]13.5.7[% END %]'
+ - '[% IF c("var/mullvad-browser") %]13.5.9[% END %]'
+ - '13.5.7'
+ - '[% IF c("var/mullvad-browser") %]13.5.6[% END %]'
mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]'
torbrowser_legacy_version: 13.5.9
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/0…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/0…
You're receiving this email because of your account on gitlab.torproject.org.
morgan pushed to branch maint-14.0 at The Tor Project / Applications / tor-browser-build
Commits:
fd194a5d by Morgan at 2024-11-13T18:08:55+00:00
Bug 41299: Prepare Mullvad Browser 14.0.2
- - - - -
4 changed files:
- projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt
- projects/browser/config
- projects/firefox/config
- rbm.conf
Changes:
=====================================
projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt
=====================================
@@ -1,3 +1,114 @@
+Mullvad Browser 14.0 - November 13 2024
+ * All Platforms
+ * Updated Firefox to 128.4.0esr
+ * Updated NoScript to 11.5.2
+ * Updated Mullvad Browser Extension to 0.9.3
+ * Bug 328: Provide search engine icons [mullvad-browser]
+ * Bug 329: Remove the Security Levels icon from the toolbar [mullvad-browser]
+ * Bug 344: set media.navigator.enabled = true [mullvad-browser]
+ * Bug 349: Tidy up mullvad Fluent files [mullvad-browser]
+ * Bug 30543: compat: make spoofed orientation reflect spoofed screen dimensions [1607032 + 1918202] [tor-browser]
+ * Bug 30862: 10ms time precision via EXSLT date-time function [tor-browser]
+ * Bug 32668: NoScript default whitelist re-appears on clicking NoScript Options / Reset [tor-browser]
+ * Bug 40147: Re-enable Picture-in-Picture mode [tor-browser]
+ * Bug 41309: Re-enable screenshots component [tor-browser]
+ * Bug 41817: Add more color aliases that take dark mode into account [tor-browser]
+ * Bug 42070: Backport Bugzilla 1834307 and hide smooth-scroll UX [tor-browser]
+ * Bug 42255: pdfjs.disabled used to be part of RFP until Bug 1838415; lock pref to false in stable [tor-browser]
+ * Bug 42356: Review 000-tor-browser.js and 001-base-profile.js for 128 [tor-browser]
+ * Bug 42362: "New window" missing from File menu [tor-browser]
+ * Bug 42596: Several console errors: Console.maxLogLevelPref used with a non-existing pref: [tor-browser]
+ * Bug 42601: Check Bug 1894779: Allow font-face urls to be resource:// urls and relax CORS for resource:// URLs [tor-browser]
+ * Bug 42603: Remove safebrowsing URLs [tor-browser]
+ * Bug 42611: Set clipboard.imageAsFile.enabled to false [tor-browser]
+ * Bug 42617: Restore the HTML form on DDG when using safest in 128 [tor-browser]
+ * Bug 42630: Review LaterRun in 128 [tor-browser]
+ * Bug 42640: Disable Firefox Flame button due to unknown interactions with New Identity [tor-browser]
+ * Bug 42641: Move from panel-footer class to moz-button-group [tor-browser]
+ * Bug 42644: toolbar rules in panelUI-shared.css are unneccessary [tor-browser]
+ * Bug 42646: Remove migrations for security.certerrors.mitm.auto_enable_enterprise_roots [tor-browser]
+ * Bug 42647: "Switching to a new device" regressed on 128 [tor-browser]
+ * Bug 42653: The Neterror page has a checkbox to report iframe origin errors to TPO [tor-browser]
+ * Bug 42665: Drop "Learn More" spacing [tor-browser]
+ * Bug 42667: Add description-deemphasized class to our additions to about:preferences [tor-browser]
+ * Bug 42679: Use a more robust approach to hide the "tracking protection" urlbar button [tor-browser]
+ * Bug 42683: Create script to generate issue triage csv's from bugzilla query and git scraping [tor-browser]
+ * Bug 42684: Disable network prefetch [tor-browser]
+ * Bug 42685: compat: ESR128: enable textmetrics [tor-browser]
+ * Bug 42687: Disable Privacy-Preserving Attribution [tor-browser]
+ * Bug 42699: Drop level="top" attribute from panels [tor-browser]
+ * Bug 42704: Drop the badged="true" attribute from security level button [tor-browser]
+ * Bug 42705: Update our preferences to account for new line height [tor-browser]
+ * Bug 42718: Remove the firefox-view button from UI, even when always-on private-browsing mode is disabled [tor-browser]
+ * Bug 42730: Make RemoteSettings use only local dumps [tor-browser]
+ * Bug 42735: Disable recent search suggestions [tor-browser]
+ * Bug 42740: Stop trying to hide "Restore previous session" [tor-browser]
+ * Bug 42742: Inconsistent use of "New private window" vs "New window" [tor-browser]
+ * Bug 42745: Remove some residuals from update scripts [tor-browser]
+ * Bug 42764: Unconditionally disable find-bar transition animation [tor-browser]
+ * Bug 42777: Remove 'Website Privacy Preferences' and ensure sensible default prefs [tor-browser]
+ * Bug 42814: Opt out from Firefox relay by default. [tor-browser]
+ * Bug 42831: Remove the shopping components [tor-browser]
+ * Bug 42867: Disable contentRelevancy component [tor-browser]
+ * Bug 42872: Disable translations until audited and solved the UX problems [tor-browser]
+ * Bug 43054: check bounceTrackingProtection in PB mode does not persist to disk [tor-browser]
+ * Bug 43072: moz-message-bar does not get announced on Orca screen-reader [tor-browser]
+ * Bug 43083: Backport fix for Mozilla 1436462 [tor-browser]
+ * Bug 43103: Verify whether an update is unsupported before choosing one [tor-browser]
+ * Bug 43109: Remove mention of Firefox Relay from settings [tor-browser]
+ * Bug 43117: Hide 'Always underline links' option [tor-browser]
+ * Bug 43134: Backport Bugzilla 1436226 Hardcode VP8/VP9 [tor-browser]
+ * Bug 43144: Ensure non-privacy browsing also sets the GPC header [tor-browser]
+ * Bug 43163: Disable offscreen canvas until verified it is not fingerprintable [tor-browser]
+ * Bug 43164: Prevent search-bar from being auto-hidden when not used for awhile [tor-browser]
+ * Bug 43178: Audit fingerprinting overrides (MozBug 1834274) [tor-browser]
+ * Bug 43184: Backport Bugzilla 1922294: RFP: fixup square spoofed orientation [tor-browser]
+ * Bug 43197: Disable automatic exception for HTTPS-First [tor-browser]
+ * Bug 43209: UI freezes when clipboard is empty after screen lock [tor-browser]
+ * Bug 43217: Fullscreen videos have rounded letterboxing corners [tor-browser]
+ * Bug 43257: NoScript-blocked content placeholders causing slow downs [tor-browser]
+ * Bug 43258: NoScript Lifecycle error on extension updates [tor-browser]
+ * Bug 41248: Check and update bundled font versions [tor-browser-build]
+ * Windows + macOS
+ * Bug 43021: Revert the OS deprecation notification introduced in #42347 [tor-browser]
+ * Windows
+ * Bug 43051: windows: remove UI for "open Tor Browser automatically when computer starts" [tor-browser]
+ * macOS
+ * Bug 42494: mac: add Arial Black and Arial Narrow to allowlist [tor-browser]
+ * Linux
+ * Bug 42773: Replace ~ with the original HOME [tor-browser]
+ * Bug 43092: Disable Wayland by default in 14.0 [tor-browser]
+ * Bug 43101: Security features warning links to Firefox installation support page with incomplete info [tor-browser]
+ * Bug 43141: Hardcode Arimo as a system-ui font [tor-browser]
+ * Bug 43196: Remove the vendor name from the "is playing media" notification on Linux [tor-browser]
+ * Bug 41237: Add some aliases to our Linux font config for compatibility [tor-browser-build]
+ * Build System
+ * All Platforms
+ * Bug 43157: Move tb-dev to base-browser [tor-browser]
+ * Bug 41096: Set SOURCE_DATE_EPOCH in the default env variables [tor-browser-build]
+ * Bug 41155: Update toolchains for ESR128 [tor-browser-build]
+ * Bug 41156: Split the Rust configuration options [tor-browser-build]
+ * Bug 41176: Update list of people with github commit access in MB issue templates [tor-browser-build]
+ * Bug 41188: Upgrade binutils to 2.41 [tor-browser-build]
+ * Bug 41236: Remove binutils when not needed [tor-browser-build]
+ * Bug 41256: tools/signing/upload-update_responses-to-staticiforme should regenerate update-responses when it already exists [tor-browser-build]
+ * Bug 41259: Skip versions which don't set incremental_from when generating incrementals [tor-browser-build]
+ * Bug 41260: Don't set legacy version for Mullvad Browser [tor-browser-build]
+ * Bug 41274: Improve fetch_changelogs.py for major releases [tor-browser-build]
+ * Bug 41279: Add @pierov and @ma1 as new signers [tor-browser-build]
+ * Bug 41289: Fix single-browser in relprep.py [tor-browser-build]
+ * Windows + macOS
+ * Bug 41197: Modify update-responses to prevent upgrades on unsupported Windows and macOS versions [tor-browser-build]
+ * Windows
+ * Bug 29318: Drop mingw-w64/gcc toolchain [tor-browser-build]
+ * Bug 29320: Use mingw-w64/clang toolchain to build Rust [tor-browser-build]
+ * Bug 41296: Implement missing Windows headers required for building cross-compiling WebRTC with mingw [tor-browser-build]
+ * Linux
+ * Bug 41013: Add a README to each project [tor-browser-build]
+ * Bug 41222: link_old_mar_filenames still referenced in torbrowser-incrementals-{release,alpha}-unsigned [tor-browser-build]
+ * Bug 41243: Add own apparmor profile to deb package [tor-browser-build]
+ * Bug 41282: Add SSL to our custom Python for MozBug 1924022 [tor-browser-build]
+
Mullvad Browser 14.0a10 - November 01 2024
* All Platforms
* Updated Firefox to 128.4.0esr
=====================================
projects/browser/config
=====================================
@@ -115,9 +115,9 @@ input_files:
name: ublock-origin
sha256sum: e2cda9b2a1b0a7f6e5ef0da9f87f28df52f8560587ba2e51a3003121cfb81600
enable: '[% c("var/mullvad-browser") %]'
- - URL: https://cdn.mullvad.net/browser-extension/0.9.0/mullvad-browser-extension-0…
+ - URL: https://cdn.mullvad.net/browser-extension/0.9.3/mullvad-browser-extension-0…
name: mullvad-extension
- sha256sum: 65bf235aa1015054ae0a54a40c5a663e67fe1d0f0799e7b4726f98cccc7f3eab
+ sha256sum: fc6bc7c850adf8845fec15b7ea06324f65f843155e2cc5dbd8719e34436512af
enable: '[% c("var/mullvad-browser") %]'
- filename: 'gtk3-settings.ini'
enable: '[% c("var/linux") %]'
=====================================
projects/firefox/config
=====================================
@@ -107,6 +107,7 @@ targets:
gitlab_project: https://gitlab.torproject.org/tpo/applications/mullvad-browser
updater_url: 'https://cdn.mullvad.net/browser/update_responses/update_1/'
nightly_updates_publish_dir_prefix: mullvadbrowser-
+ browser_build: 2
linux-x86_64:
var:
=====================================
rbm.conf
=====================================
@@ -73,21 +73,20 @@ buildconf:
git_signtag_opt: '-s'
var:
- torbrowser_version: '[% IF c("var/tor-browser") %]14.0.2[% ELSE %]14.0a10[% END %]'
+ torbrowser_version: '[% IF c("var/tor-browser") %]14.0.2[% ELSE %]14.0[% END %]'
torbrowser_build: 'build1'
# This should be the date of when the build is started. For the build
# to be reproducible, browser_release_date should always be in the past.
- browser_release_date: '2024/11/12 18:50:24'
+ browser_release_date: '2024/11/12 20:16:21'
browser_release_date_timestamp: '[% USE date; date.format(c("var/browser_release_date"), "%s") %]'
updater_enabled: 1
build_mar: 1
torbrowser_incremental_from:
- - '[% IF c("var/mullvad-browser") %]14.0a9[% END %]'
- - '[% IF c("var/mullvad-browser") %]14.0a8[% END %]'
- - '[% IF c("var/mullvad-browser") %]14.0a7[% END %]'
- '[% IF c("var/tor-browser") %]14.0.1[% END %]'
- '[% IF c("var/tor-browser") %]14.0[% END %]'
- - '[% IF c("var/tor-browser") %]13.5.7[% END %]'
+ - '[% IF c("var/mullvad-browser") %]13.5.9[% END %]'
+ - '13.5.7'
+ - '[% IF c("var/mullvad-browser") %]13.5.6[% END %]'
mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]'
torbrowser_legacy_version: 13.5.9
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/f…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/f…
You're receiving this email because of your account on gitlab.torproject.org.