[tor-project] Tor Browser Team Meeting Notes, 2 December 2019
sysrqb at torproject.org
Mon Dec 9 18:25:24 UTC 2019
Last Monday we held our weekly Tor Browser Team Meeting. The notes are
We briefly talked about team/ticket maintenance, and we are looking at
allocating funding for fixing bugs using the Bug Smashing funds we
received in August (yay!).
We held a conversation about what purpose the .mozconfig* files within
the tor-browser repository should have. We decided they should be
useful/usable for developers now, and we may change how they are
maintained in the future.
Finally we discussed a problem with localized Tor Browser installations,
where the locale of the browser may leak to websites, therefore people
who use locales that are not very popular may place themselves in small
anonymity sets. Should we warn users about this before/after they
download the browser? When and how should we do it? These are open
questions, and we're still looking for some help answering them.
- December ticket assignment and Reviewers
- #32602 (Consider what to do about locales used by very few people)
- US thanksgiving holiday travel fun
- more flu!
- 9.0.2-build2 build ->
- Mozila 1594455 uplifting progress (letterboxing improvements)
- Prototype patch for #32325 (add option to disable letterboxing
- going to try and get this uplifted to firefox directly to
avoid having to write two rather different patches to handle our
disparate localization systems
- screenshot: https://share.riseup.net/#Mgnlm4ZlDQO9mlUtGGZ5fg
- update #32116 patch with comments pointing devs to actual
mozconfig's in tor-browser-build
- submit #32325 patch to Mozilla
- review/comment on #32645 (Update URL bar onion indicators)
- nail down UX design on #30570
boklm: (might be afk during meeting)
- Finished first part for #25101 (Generate incremental mar files
for nightly builds)
- Helped with build of new releases
- Added test for #27265 (In some cases, rbm will download files
in the wrong project directory)
- Updated patch for #32475 (Reduce the number of locales we
provide updates for in nightly)
- Reviewed #31130 (Use Debian 10 for our Android container
- Looked at blog comments
- Will be at Reproducible Builds summit the next 3 days
- Help with publishing of the new releases
- Work on:
- #31988 (Generate a mar signing key for nightly builds)
- #25102 (Add script to sign nightly build mar files)
- Try to find some time to test rebased patch for #30334
(build_go_lib for executables)
- more work on #32053 (made good progress; a patch is hopefully
ready later this week), #31597 (made good progress), and #25021 (made
not so good progress :( )
- wrote patches for #32556, #32505, 32618
- reviews (#32616, #32498, #32255, #32475, #25101, #32365, #32606,
- release prep
- work on apple signing infrastructure update (#32173, #32556)
- more RLBox investigation in my spare time
- #32053, #31597, #25021
- start with the BIG ticket triage
- more RLBox work in spare time
mcs and brade:
- Enjoyed some time off for the U.S. Thanksgiving holiday.
- Sponsor 27 work: #19757 (permanent storage of client auth keys
and associated management UI).
- Code reviews:
- #32498 (Update MAR_CHANNEL_ID for nightly build).
- #32505 (Tighten our rules in our entitlements file for
- Reviewed recent Mozilla updater changes and worked on #32616
(disable GetSecureOutputDirectoryPath() functionality).
- More work on #19757 (permanent storage of client auth keys and
associated management UI).
- Code reviews.
- Decided to be a subversive by not taking time off for
- Tested boklm's patch for #32527.
- Debugged #32520 a bit, submitted a patch that doesn't need
- Spent most of my dev time on non-Tor things while I'm waiting
for more feedback to show up for #30558.
- Address whatever review happens on #30558.
- @pili Would it be beneficial for me to attend S27-related
meetings to provide a Namecoin perspective? If there's stuff happening
there that's relevant, I'm happy to attend; if it's not going to be
relevant; then that's fine too and I can save my time for other things.
Release prep and building
Some ticket reviews
Sending some overdue emails
tor browser spec updates
android signing key documentation
- opened #32645 Update URL bar onion indicators
- reviewed #21952 Onion location
- reviewed #32325 Allow letterboxing opt-in/out
- reviewed #30570 Implement per-site security settings support
- #31130 - Buster Support - small change to use snapshot repo.
Tested Android variant build
- #32476 - Review/Comments of JNI services
- #32534 - Review/Comment on new jtorctl implementation
- #32501 - Fixed formatting in TorSettings interface (TOPL) - ready
- #32516 - Write methods in TorConfigBuilder - fixed a number of
issues to make methods cleaner, more consistent.
- #32405 - Crash after bootstrap - fixed/merged
- Thanksgiving holiday
- test buster on different variants
- #28704 Compile Tor and dependencies (#28764 SSL, #28765 LibEvent)
- S9 Phase 2 report
- Catching up on roadmap and projects after reporting season
- Please start tagging bugs with "BugSmashFund" and adding
points to it so we can start "using" the pot of money :)
- Please update your November Actual Points
- Reminder about moving off Storm and into NextCloud - please
move any documents you want to keep to Nextcloud
More information about the tor-project