Hi!

Here come the notes from our last two meetings, held on 12 and 19 August. The IRC logs can be found at:

http://meetbot.debian.net/tor-meeting2/2019/tor-meeting2.2019-08-12-17.30.lo... http://meetbot.debian.net/tor-meeting2/2019/tor-meeting2.2019-08-19-17.30.tx...

The status updates and discussion items for both meetings are:

Week of August 19, 2019 Discussion - next alpha release (switch to esr68? what about the notarization bug (#30126))? [GeKo: decision is postponed for next week, while targetting alpha as expected] - transition to gitlab - what are the browser team requirements for this? [GeKo: We'll pick the discussion up once Tor Browser 9 is out (end of October)]

GeKo: Last Week: - afk This Week: - backlog - CCCamp - getting remaining toolchains ready for nightly builds (I have a patch for macOS shortly) - browser meetup (sysrqb/pospeselr: can I ignore all the related mails or do you need anything from me here? Something good to read I guess: https://webkit.org/tracking-prevention-policy/ and John Wilander's presentation at USENIX was good as well I heard) [sysrqb: yes, I think you can ignore them. They don't have much info.] - reviews (#30429 and related bugs/patches) - desktop toolchains (#30323, where I do a final test, windows (#28238, #28716 etc.)) - I need to prep for the talk at CCCamp

mcs and brade: Last week: - #30429 (ESR 68 Rebase). - finished rebasing the updater patches. - tested the ESR68-based updater on Linux and macOS. - posted patches for review. - Helped with triage of incoming tickets. This week/upcoming: - We have several family commitments during the week of August 26th and will only be working Tuesday & Wednesday (27-Aug and 28-Aug). - We will be away from keyboard on September 5th and 6th (and Monday September 2 is a U.S. holiday). - #30429 (ESR 68 Rebase) — rebase updater patches. - test the ESR68-based updater on Windows. - revise the patches in response to acat’s feedback. - #29430: Use uTLS for meek TLS camouflage in Tor Browser. - #30126 (Make Tor Browser on macOS compatible with Apple's notarization). - Respond to Antonela's comments in #30237 (Onion Services client auth prompt).

sysrqb: Last week: Identified cause of #31140 - crash on aarch64 Android More progress on #31010 68esr rebase This week: More progress on #31010 Start writing OrfoxRIP blog post

boklm: Last week: - afk - made patch for #31447 (adding a comment about why we install the python package) This week: - Work on fix for #31449 (Signing tools for 32bit Linux are 64bit now) - Investigate #31448 (gold and lld break linking 32bit Linux bundles we need to resort to bfd) - Review #30334 (build_go_lib for executables) and #31264 (tar.gz output files contain nonreproducible timestamps) - Review/help with other toolchain updates

Pili: Last week: - afk This week: - Orfox RIP blogpost - Team capacity, time estimations and task re-org - sent an email - S27 meeting

acat: Last week: - Review latest updater patches (#30429) - Security slider translation deduplication (#24653). - Investigated why search icons disappear in nightly This week: - Investigate #31396. - Port #30683 to esr68 (and probably backport #31298 together) - Add missing commits from tor-browser-60.8.0esr-9.0-1 to #30429 - Fix regression for https://bugzilla.mozilla.org/show_bug.cgi?id=467035 - Investigate why onboarding does not work in nightly. - Maybe do style fixing pass for #30429

tjr - No report I can think of

Antonela - Guardian Project is planning their future work with Onion Browser, and they want to get closer with feature/UI matching to TBA. I put some notes here, could you help me to list what am i missing? https://pad.riseup.net/p/TBA9 [GeKo: I can take a look] - Network Settings (#31286) - are we good using the Tor Browser icon in Tor network settings? Thanks for your comment at the issue folks!

sisbell: Last Week: - #31293: grade version 4.1 fails if network not enabled from rbm conf. Disabling network ok for 4.10 - got build working all the way through release for arm using new toolchain - generated new gradle dependencies - detailed diffs between Firefox esr68 build and our version, Only sig difference is we are picking up rust 1.34 vs their 1.35, although both supported This week - Testing of new build (some Firefox doc that arm may not work with NDK 17 build) - add additional android arch support - updated gradle dependency doc on how to update since this changes with 4.10

pospeselr: - Last Week: - booked (and rebooked) travel to silicon valley downtown sf - finished the xul layout for bridge settings in about:preferences - This week: - browser privacy meeting background prep - start wiring up preferences xul to tor launcher logic

Week of August 12, 2019

Discussion

pospeselr: Last Week: - office build machine setup fun - a bit of #31293 investigation ( broken tor-onion-proxy-library build ) - #31286 work ( network settings, new settings panel prototyped) This Week: - more #31286 (get all the visual elements laid out, then work on making it functional) - travel prep

tjr: - Got a couple of patches uplifted to 68 \o/ - Worked on the alloc/dealloc mismatch. Had a working solution, it wasn't fully conceptually complete, working on that aspect. - Note: an x86 mingw-clang build of -esr68 with jemalloc enabled WILL crash.

mcs and brade: Last week: - #30126 (Make Tor Browser on macOS compatible with Apple's notarization). - completed another round of testing. - #30429 (ESR 68 Rebase) — rebase updater patches. - posted a rebased #13252 patch for review. - made progress on other patches. - Provided some feedback for #31286 (Include bridge configuration into about:preferences). - Participated in discussions r.e. grant proposal. - Helped with code reviews and some bug triage. This week/upcoming: - #30429 (ESR 68 Rebase) — rebase updater patches. - finished initial rebasing of patches. - test the ESR68-based updater on all desktop platforms. - #29430: Use uTLS for meek TLS camouflage in Tor Browser. - #30126 (Make Tor Browser on macOS compatible with Apple's notarization). - Respond to Antonela's comments in #30237 (Onion Services client auth prompt).

sysrqb: Last week: Android 68ESR patches (#31010) aarch64 crash debugging (#31140) A little fiddling with gradle failure (#31293) This week: Android 68ESR patches (#31010) aarch64 crash debugging (#31140)

acat: Last week: - Review Android patches (#31010) - Address review comments for #30429 - Fix about:tor assertion failure in esr68 linux debug builds (#31322) - Review one updater patch in #30429 This week: - Review more updater patches? (#30429) - Security slider translation deduplication (#24653). - style fixing pass for #30429 - general testing for nightly, report issues+investigate if there is time

antonela: Last week: - worked in TB usage survey recap, will share this week - working in Network Settings (#31286) - kickoff S30 with the anti-censorship team (mostly bridges UX in Tor Browser for this team) This week: - more on Network Settings (#31286)

sisbell: Last Week: - Investigated #31293 - gradle failure when probing interfaces. Finally managed to reproduce. At time of query, no interface is not available in the container. Grade 4.1 throws NPE as a result (this has been fixed in gradle 4.10). I am unable to fix from gradle side. Could find no commits in config files that may be causing this issue. Blocked. - #31388 - Rust - added config needed for armv7 builds - #31389 - Clang - commit for using clang built in tbb - Working on issue with JNI phase failing in Firefox build This Week - Continue working through Firefox android build issues

Georg