GitLab

at 2024-11-14T02:01:24+00:00

fixup! MB 188: Customize Gitlab Issue and Merge templates

fixup! Adding issue and merge request templates

Bug 43295: Update MR templates

fixup! MB 188: Customize Gitlab Issue and Merge templates

Bug 43295: Update MR templates

 ### Type of Issue: What are we dealing with?

 - [ ] Security (sandbox escape, remote code execution, etc)

-- [ ] Cross-Site Linkability (correlating sessions across websites)

+- [ ] Proxy Bypass (traffic contents becoming MITM'able)

+- [ ] De-Anonymization (otherwise identifying which website a user is visiting)

+- [ ] Cross-Site Linkability (correlating sessions across circuits and websites)

 - [ ] Disk Leak (persisting session information to disk)

 - [ ] Other (please explain)

   - [ ] **richard** : signing, release

   - [ ] **thorin** : fingerprinting

 - [ ] Other Engineering Teams

+  - [ ] Networking (**ahf**, **dgoulet**)

+  - [ ] Anti-Censorship (**meskio**, **cohosh**)

   - [ ] UX (**donuts**)

   - [ ] TPA (**anarcat**, **lavamind**)

 - [ ] External Tor Partners

-  - [ ] Mozilla (**tjr**)

-  - [ ] Mullvad (**ruihildt**)

+  - [ ] Mozilla

+  - [ ] Mullvad

+  - [ ] Brave

+  - [ ] Guardian Project (Orbot, Onion Browser)

+  - [ ] Tails

   - [ ] Other (please list)

 ### Urgency: When do we need to act?

 - [ ] Start an initial email thread with the following people:

   - [ ] **bella**

-  - [ ] **ruihildt**, **support@mullvadvpn.net**

   - [ ] Relevant Applications Developers

   - [ ] **(Optional)** **micah**

     - if there are considerations or asks outside the Applications Team

 /cc @ma1

 /cc @micah

 /cc @richard

-/cc @ruihildt

 /confidential

-**NOTE:** All examples in this template reference the rebase from 102.7.0esr to 102.8.0esr

-

-<details>

-  <summary>Explanation of Variables</summary>

-

-- `$(ESR_VERSION)`: the Mozilla defined ESR version, used in various places for building mullvad-browser tags, labels, etc

-  - **Example**: `102.8.0`

-- `$(ESR_TAG)`: the Mozilla defined hg (Mercurial) tag associated with `$(ESR_VERSION)`

-  - **Example**: `FIREFOX_102_8_0esr_RELEASE`

-- `$(BROWSER_MAJOR)`: the browser major version

-  - **Example**: `12`

-- `$(BROWSER_MINOR)`: the browser minor version

-  - **Example**: either `0` or `5`; Alpha's is always `(Stable + 5) % 10`

-- `$(BASE_BROWSER_BRANCH)`: the full name of the current `base-browser` branch

-  - **Example**: `base-browser-102.8.0esr-12.5-1`

-- `$(BASE_BROWSER_BRANCH_PREV)`: the full name of the previous `base-browser` branch

-  - **Example**: `base-browser-102.7.0esr-12.5-1`

-- `$(BASE_BROWSER_BRANCH_TAG)`: the `base-browser` build tag used as base commit for `mullvad-browser`

-  - **Example**: `base-browser-102.8.0esr-12.5-1-build1`

-- `$(BASE_BROWSER_BRANCH_PREV_TAG)`: the `base-browser` build tag used as base commit for the previous `mullvad-browser`

-  - **Example**: `base-browser-102.7.0esr-12.5-1-build1`

-- `$(MULLVAD_BROWSER_BRANCH)`: the full name of the current `mullvad-browser` branch

-  - **Example**: `mullvad-browser-102.8.0esr-12.5-1`

-- `$(MULLVAD_BROWSER_BRANCH_PREV)`: the full name of the previous `mullvad-browser` branch

-  - **Example**: `mullvad-browser-102.7.0esr-12.5-1`

-</details>

-

-**NOTE:** It is assumed that we've already rebased and tagged `base-browser` alpha and that we've already rebased `mullvad-browser` stable

-

-### **Bookkeeping**

-

-- [ ] Link this issue to the appropriate [Release Prep](https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep) issue.

-

-### Update Branch Protection Rules

-

-- [ ] In [Repository Settings](https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/settings/repository):

-  - [ ] Remove previous alpha `mullvad-browser` branch protection rules (this will prevent pushing new changes to the branches being rebased)

-  - [ ] Create new `mullvad-browser` branch protection rule:

-    - **Branch**: `mullvad-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1*`

-      - **Example**: `mullvad-browser-102.8.0esr-12.5-1*`

-    - **Allowed to merge**: `Maintainers`

-    - **Allowed to push and merge**: `Maintainers`

-    - **Allowed to force push**: `false`

-

-### **Create and Push New Branch**

-

-- [ ] Create new alpha `mullvad-browser` branch from this ESR's alpha `base-browser` tag

-  - Branch name in the form: `mullvad-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1`

-  - **Example**: `git branch mullvad-browser-102.8.0esr-12.5-1 base-browser-102.8.0esr-12.5-1-build1`

-- [ ] Push new `mullvad-browser` branch to `upstream`

-- [ ] Push `base-browser` tag to `upstream`

-

-### **Rebase tor-browser**

-

-- [ ] Checkout a new local branch for the `mullvad-browser` rebase

-  - **Example**: `git branch mullvad-browser-rebase upstream/mullvad-browser-102.8.0esr-12.5-1`

-- [ ] `mullvad-browser` rebase

-  - [ ] Cherry-pick the previous `mullvad-browser` branch's commit range up to the last `mullvad-browser` `build1` tag

-    - **Example**: `git cherry-pick base-browser-102.7.0esr-12.5-1-build1..mullvad-browser-102.7.0esr-12.5-1-build1`

-  - [ ] Rebase and autosquash these newly cherry-picked commits

-    - **Example**: `git rebase --autosquash --interactive upstream/mullvad-browser-102.8.0esr-12.5-1`

-  - [ ] Cherry-pick remainder of patches after the last `mullvad-browser` `buildN` tag

-    - **Example**: `git cherry-pick mullvad-browser-102.7.0esr-12.5-1-build1..upstream/mulvad-browser-102.7.0esr-12.5-1`

-  - [ ] Rebase and autosquash again, this time replacing all `fixup` and `squash` commands with `pick`. The goal here is to have all of the `fixup` and `squash` commits beside the commit which they modify, but kept un-squashed for easy debugging/bisecting.

-    - **Example**: `git rebase --autosquash --interactive upstream/mullvad-browser-102.8.0esr-12.5-1`

-- [ ] Compare patch sets to ensure nothing *weird* happened during conflict resolution:

-  - [ ] diff of diffs:

-    -  Do the diff between `current_patchset.diff` and `rebased_patchset.diff` with your preferred difftool and look at differences on lines that starts with + or -

-    - `git diff $(BASE_BROWSER_BRANCH_PREV_TAG)..$(MULLVAD_BROWSER_BRANCH_PREV) > current_patchset.diff`

-    - `git diff $(BASE_BROWSER_BRANCH_TAG)..HEAD > rebased_patchset.diff`

-    - diff `current_patchset.diff` and `rebased_patchset.diff`

-      - If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456` (unless the previous `base-browser` branch includes changes not included in the previous `mullvad-browser` branch)

-  - [ ] rangediff: `git range-diff $(BASE_BROWSER_BRANCH_PREV_TAG)..$(MULLVAD_BROWSER_BRANCH_PREV) $(BASE_BROWSER_BRANCH_TAG)..HEAD`

-    - **Example**: `git range-diff base-browser-102.7.0esr-12.5-1-build1..upstream/mullvad-browser-102.7.0esr-12.5-1 base-browser-102.8.0esr-12.5-1-build1..HEAD`

-- [ ] Open MR for the `mullvad-browser` rebase

-- [ ] Merge

-

-### **Sign and Tag**

-

-- [ ] Sign/Tag `HEAD` of the merged `mullvad-browser` branch:

-  - **Tag**: `mullvad-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1-build1`

-  - **Message**: `Tagging build1 for $(ESR_VERSION)esr-based stable`

-  - [ ] Push tag to `upstream`
-**NOTE:** All examples in this template reference the rebase from 102.7.0esr to 102.8.0esr

-

-<details>

-  <summary>Explanation of Variables</summary>

-

-- `$(ESR_VERSION)`: the Mozilla defined ESR version, used in various places for building mullvad-browser tags, labels, etc

-  - **Example**: `102.8.0`

-- `$(ESR_TAG)`: the Mozilla defined hg (Mercurial) tag associated with `$(ESR_VERSION)`

-  - **Example**: `FIREFOX_102_8_0esr_RELEASE`

-- `$(BROWSER_MAJOR)`: the browser major version

-  - **Example**: `12`

-- `$(BROWSER_MINOR)`: the browser minor version

-  - **Example**: either `0` or `5`; Alpha's is always `(Stable + 5) % 10`

-- `$(BASE_BROWSER_BRANCH)`: the full name of the current `base-browser` branch

-  - **Example**: `base-browser-102.8.0esr-12.0-1`

-- `$(BASE_BROWSER_BRANCH_PREV)`: the full name of the previous `base-browser` branch

-  - **Example**: `base-browser-102.7.0esr-12.0-1`

-- `$(BASE_BROWSER_BRANCH_TAG)`: the `base-browser` build tag used as base commit for `mullvad-browser`

-  - **Example**: `base-browser-102.8.0esr-12.0-1-build1`

-- `$(BASE_BROWSER_BRANCH_PREV_TAG)`: the `base-browser` build tag used as base commit for the previous `mullvad-browser`

-  - **Example**: `base-browser-102.7.0esr-12.0-1-build1`

-- `$(MULLVAD_BROWSER_BRANCH)`: the full name of the current `mullvad-browser` branch

-  - **Example**: `mullvad-browser-102.8.0esr-12.0-1`

-- `$(MULLVAD_BROWSER_BRANCH_PREV)`: the full name of the previous `mullvad-browser` branch

-  - **Example**: `mullvad-browser-102.7.0esr-12.0-1`

-</details>

-

-**NOTE:** It is assumed that we've already rebased and tagged `base-browser` stable

-

-### **Bookkeeping**

-

-- [ ] Link this issue to the appropriate [Release Prep](https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep) issue.

-

-### Update Branch Protection Rules

-

-- [ ] In [Repository Settings](https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/settings/repository):

-  - [ ] Remove previous stable `mullvad-browser` branch protection rules (this will prevent pushing new changes to the branches being rebased)

-  - [ ] Create new `mullvad-browser` branch protection rule:

-    - **Branch**: `mullvad-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1*`

-      - **Example**: `mullvad-browser-102.8.0esr-12.0-1*`

-    - **Allowed to merge**: `Maintainers`

-    - **Allowed to push and merge**: `Maintainers`

-    - **Allowed to force push**: `false`

-

-### **Create and Push New Branch**

-

-- [ ] Create new stable `mullvad-browser` branch from this ESR's stable `base-browser` tag

-  - Branch name in the form: `mullvad-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1`

-  - **Example**: `git branch mullvad-browser-102.8.0esr-12.0-1 base-browser-102.8.0esr-12.0-1-build1`

-- [ ] Push new `mullvad-browser` branch to `upstream`

-- [ ] Push `base-browser` tag to `upstream`

-- [ ] Push `$(ESR_TAG)` to `upstream`

-

-### **Rebase mullvad-browser**

-

-- [ ] Checkout a new local branch for the `mullvad-browser` rebase

-  - **Example**: `git branch mullvad-browser-rebase upstream/mullvad-browser-102.8.0esr-12.0-1`

-- [ ] `mullvad-browser` rebase

-  - [ ] Cherry-pick the previous `mullvad-browser` branch's commit range up to the last `mullvad-browser` `build1` tag

-    - **Example**: `git cherry-pick base-browser-102.7.0esr-12.0-1-build1..mullvad-browser-102.7.0esr-12.0-1-build1`

-  - [ ] Rebase and autosquash these newly cherry-picked commits

-     - **Example**: `git rebase --autosquash --interactive upstream/mullvad-browser-102.8.0esr-12.0-1`

-  - [ ] Cherry-pick remainder of patches after the last `mullvad-browser` `buildN` tag

-    - **Example**: `git cherry-pick mullvad-browser-102.7.0esr-12.0-1-build1..upstream/mullvad-browser-102.7.0esr-12.0-1`

-  - [ ] Rebase and autosquash again, this time replacing all `fixup` and `squash` commands with `pick`. The goal here is to have all of the `fixup` and `squash` commits beside the commit which they modify, but kept un-squashed for easy debugging/bisecting.

-    - **Example**: `git rebase --autosquash --interactive upstream/mullvad-browser-102.8.0esr-12.0-1`

-- [ ] Compare patch sets to ensure nothing *weird* happened during conflict resolution:

-  - [ ] diff of diffs:

-    -  Do the diff between `current_patchset.diff` and `rebased_patchset.diff` with your preferred difftool and look at differences on lines that starts with + or -

-    - `git diff $(BASE_BROWSER_BRANCH_PREV_TAG)..$(MULLVAD_BROWSER_BRANCH_PREV) > current_patchset.diff`

-    - `git diff $(BASE_BROWSER_BRANCH_TAG)..HEAD > rebased_patchset.diff`

-    - diff `current_patchset.diff` and `rebased_patchset.diff`

-      - If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456` (unless the previous `base-browser` branch includes changes not included in the previous `mullvad-browser` branch)

-  - [ ] rangediff: `git range-diff $(BASE_BROWSER_BRANCH_PREV_TAG)..$(MULLVAD_BROWSER_BRANCH_PREV) $(BASE_BROWSER_BRANCH_TAG)..HEAD`

-    - **Example**: `git range-diff base-browser-102.7.0esr-12.0-1-build1..upstream/mullvad-browser-102.7.0esr-12.5-1 base-browser-102.8.0esr-12.5-1-build1..HEAD`

-- [ ] Open MR for the `mullvad-browser` rebase

-- [ ] Merge

-

-### **Sign and Tag**

-

-- [ ] Sign/Tag `HEAD` of the merged `mullvad-browser` branch:

-  - **Tag**: `mullvad-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1-build1`

-  - **Message**: `Tagging build1 for $(ESR_VERSION)esr-based stable`

-  - [ ] Push tag to `upstream`

 <!-- Bookkeeping information for release management -->

-### Related Issues

+### Issues

+

+#### Resolves

+- mullvad-browser#xxxxx

 - tor-browser#xxxxx

+- tor-browser-build#xxxxx

+

+#### Related

+

 - mullvad-browser#xxxxx

+- tor-browser#xxxxx

 - tor-browser-build#xxxxx

+### Merging

+

+<!-- This block tells the merger where commits need to be merged and future code archaeologists where commits were *supposed* to be merged -->

+

+#### Target Branches

+

+- [ ] **`mullvad-browser`** - `!fixups` to `mullvad-browser`-specific commits, new features, security backports

+- [ ] **`base-browser`** *and* **`tor-browser`** - `!fixups` to `base-browser`-specific commits or new features to be shared with `tor-browser`

+  - ⚠️ **IMPORTANT**: Please list the `base-browser`-specific commits which need to be cherry-picked to the `base-browser` and `tor-browser` branches here

+

+#### Target Channels

+

+- [ ] **Alpha**: esr128-14.5

+- [ ] **Stable**: esr128-14.0

+

 ### Backporting

 #### Timeline

+- [ ] **No Backport (preferred)**: patchset for the next major stable

 - [ ] **Immediate**: patchset needed as soon as possible

 - [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport

 - [ ] **Eventually**: patchset that needs to be verified in alpha before backport

-- [ ] **No Backport (preferred)**: patchset for the next major stable

 #### (Optional) Justification

 - [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc

 - [ ] **Localization**: typos and other localization changes that should be also in the release branch

 - [ ] **Other**: please explain

-### Merging

-- [ ] Merge to `mullvad-browser` - `!fixups` to `mullvad-browser`-specific commits, new features, security backports

-- [ ] Merge to `base-browser` -`!fixups` to `base-browser`-specific commits, new features to be shared with `tor-browser`

-  - **NOTE**: if your changeset includes patches to both `base-browser` and `mullvad-browser` please clearly label in the change description which commits should be cherry-picked to `base-browser` after merging

-

 ### Issue Tracking

 - [ ] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation

 #### Request Reviewer

 - [ ] Request review from an applications developer depending on modified system:

-  - **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)

+  - **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since Gitlab only allows 1 reviewer)

   - **accessibility** : henry

   - **android** : clairehurst, dan

   - **build system** : boklm

   - **firefox internals (XUL/JS/XPCOM)** : jwilde, ma1

   - **fonts** : pierov

   - **frontend (implementation)** : henry

-  - **frontend (review)** : donuts, richard

+  - **frontend (review)** : donuts, morgan

   - **localization** : henry, pierov

   - **macOS** : clairehurst, dan

   - **nightly builds** : boklm

-  - **rebases/release-prep** : dan, ma1, pierov, richard

+  - **rebases/release-prep** : dan, ma1, pierov, morgan

   - **security** : jwilde, ma1

-  - **signing** : boklm, richard

+  - **signing** : boklm, morgan

   - **updater** : pierov

-  - **windows** : jwilde, richard

-  - **misc/other** : pierov, richard

+  - **windows** : jwilde, morgan

+  - **misc/other** : pierov, morgan

 #### Change Description

 <!-- Whatever context the reviewer needs to effectively review the patchset; if the patch includes UX updates be sure to include screenshots/video of how any new behaviour -->

+

 #### How Tested

 <!-- Description of steps taken to verify the change -->

morgan pushed to branch mullvad-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Mullvad Browser

Commits:

4 changed files:

Changes: