Hi! Our weekly meeting just ended, this time without meetbot as it was sick. Thus, here come just notes from the pad this time: Discussion: -browser dev hiring (GeKo: We'll do the next interview on IRC but think it's generally good to "get to know" folks we never met before via a video call before hiring) pospeselr: Last week: #25658 security level patch 29120 uplift investigated #29554, #23359 This week: #25658 fixes: right-to-left language support #29554 patch (fix about:preferences links not working correctly) #23359 patch (https everywhere adds itself back to toolbar on second launch, probably related to our torbutton code pointed out by intrigeri) tjr (probably absent) - Letterboxing: (GeKo: I'll write an email to tbb-dev, probably tomorrow, trying to get answers to all of your questions :) ) My goal for March is to do more data analysis on screen resolutions and put forward a proposal for 'We should use these set of dimensions' Before I do that; I'd like to get confirmation that this is something Tor Browser wants to at last try to ship in Alpha. My questions: - if it was ready in a 60-based Alpha would you ship it then or would you want to wait until 68? - what is the minimal viable product user experience wise? - does the margin needed different color or watermark? - do you need a button to disable it globally or after an individual resize? - do you need it to work on mobile? - for very low resolution - under 100 pixels in a dimension - does it need to do something intelligent or just not do any margins at all? - does it need a user walkthrough explainer? (Probably I think... maybe you can start thinking of how that would look?) - My current analysis is of the form https://ritter.vg/misc/ff/Content%20Resolution%20Analysis.html - See next steps in particular about defining a ftness function) - Is this an appropriate path forward? How often do you want me to stop and get review and from whom? - (I'm optimistic that this python based analysis it Is flexible enough that it can be easily changed, so I could to perform most of the analysis without bugging people) Reminder, it is in Nightly under the pref (you must add it) privacy.resistFingerprinting.letterboxing mcs and brade: Last week: - Fixed #29445 (Tor Browser is denying ESR policies.json). - Fixed #22402 (Improve the "For assistance" link). - Posted patches for #29440 (Update about:tor when Tor Browser is updated). - Posted a revised patch for #29627 (Moat: add support for obfsproxy's meek_lite). - Reviewed the Tor Launcher patch in #29430 (Use uTLS for meek TLS camouflage in Tor Browser). - Started review of #25658 (security slider replacement). - Helped with triage of incoming bugs. This week/soon: - Review #25658 (security slider replacement). - Work on #28628 (Introduce New Security Settings to users). - Investigate #29630 (TorBrowser creates empty directory in "/tmp”). - Investigate #27484 comment:13 (DDG onboarding doorhanger disappears after tab switch). - For #28044, revise proposal 102 to take into account intrigeri’s comments as well as some things we learned during implementation. - Review the Firefox updater security audit report. GeKo: Last Week: -reviews (#29194, #27486, #29445, #22402, #28329, #29572, #29440) - updated my patch for #28802 - investigated broken git repo updating in our build system (#29572) - finish begin-of-the-month team admin stuff This week: - release prep - help with reviews for the alpha release - antonela: we could need some UI guidance for the New Identity for Android feature (#28800) - how do we introduce the new security slider feature to users that already have done the UI tour? After all the bubble just says: "New to Tor Browser? Let's get started." Do we in general need a different pointer for newly introduced features? (GeKo: Antonela updates the ticket (#28628) with points that came up during the discussion) [tjr] Moz did that for the new tracking protection, it was a three step tutorial thing sisbell: Last week: - 29313: tor-android-service browser build (ready for review) - removed native build, added back in classes that Firefox android app needs - 29574 Configure Orbot project to use TOPL (ready for review) - fixes for duplicate class errors - 29575 Configure Firefox project to use TOPL (ready for review) - tested integrated APK - opened a couple of issues at TOPL project, opened issue at Orbot project regarding moving android resources from orbotservice to app module - looking to move tor-android-service project hosted on GitHub to guardianproject or torproject This Week: - Resolve bug where final bootstrap is not updating in UI in Android Browser - Work on moving resources out of orbotservice and tor-android-service libraries - submit PR for various fixes to TOPL project - respond to any code reviews antonela: Last week: - #29440 Update about:tor UI review - #25658 Security Settings UI review - #28628 Introducing the new Security Settings This week: - Mozilla/Tor monthly meeting: Anything we want to show? - 8.5 Review, TBA and TB - #28800 - New Identity - Letterboxing sysrqb: - Last week: #28329 (TBA configuration UI) BridgeDB patch review - This week #28329 testing and integration Release prep boklm: Last week: - made some patches for: - #25876 (Source release tarballs for Tor Browser) - #29572 (Fetching latest commits fails when building testbuilds) - #29675 (Nightly build should fail if "make fetch" fails) - #29667 (Add android-x86 to nightly builds) - updated patch for #26323 after review comments (Build 32bit Linux bundles on 64bit systems) This week: - continue work on #27137 and testsuite - some reviews - work on #25623 (Disable network during build) - help with build of new releases pili: Last week: - Outreachy application - UX ticket triage This week: - Start thinking about capacity planning for browser team - Start planning for OTF Onion Services proposal - Sponsor 8 Final report - Tor Browser 2 year vision write up - still very late with this!! - More UX ticket triage Georg