[tor-dev] Marker branch for current tor release(s)

teor teor2345 at gmail.com
Sun Jan 7 13:49:16 UTC 2018 

Hi,

Tor branches are a question for tor-dev@, I am directing all responses there.
Also, I fixed the top-post.

> On Jan 5, 2018 00:48, "Andreas Krey" <a.krey at gmx.de> wrote:
> 
> https://www.torproject.org/download/download.html.en in the source code 'tab'
> states the current stable and alpha version of tor.
> 
> Would it be possible to publish the current states as branches 'stable' and
> 'alpha' (or 'testing', or 'unstable') in the git repo?

What do you mean by "alpha" and "stable" ?

When tor 0.3.2.9 is released next week, there will be no alpha version.
When this happens, do you want master, or the latest stable?

When there are multiple supported tor versions, which one should be stable?
At the moment, we support 0.2.5 and 0.2.9 as long-term support, and 0.3.0 and
0.3.1 as regular releases.

Should stable be 0.3.1 (and change to 0.3.2 next week)?

Do you want a long-term support branch as well?
Should it be 0.2.5 or 0.2.9?

> That would help us tor-from-source builders to just fetch the repo, and
> if the respective branch changes, to rebuild and redeploy. Looking for a
> new release tag or screen-scraping said web page is a bit hairy, and feels
> unnecessary.

If you want something that's easier to scrape, and signed, check for
new source releases at:

https://dist.torproject.org/

We provide the latest Tor Browser version through a URL (which I can't
remember right now). Maybe we could do the same thing with Tor.

> On 5 Jan 2018, at 23:17, Chad MILLER <chad at cornsilk.net> wrote:
> 
> I second this.
> 
> There's a recommended-versions list in the consensus, but you have to already have Tor available and running to get it.

No, you don't need Tor:

$ curl http://197.231.221.211:9030/tor/status-vote/current/consensus-microdesc | grep server-versions | tr "," "\n" | tail -1
0.3.2.8-rc

Or you can do this far more reliably in Python using stem:

https://stem.torproject.org/

> Maybe also publish in a DNS TXT record or something?

Is that secure?
Can you sign a TXT record?

T

--
Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n
xmpp: teor at torproject dot org
------------------------------------------------------------------------



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20180108/a597a74e/attachment.sig>

More information about the tor-dev mailing list