[tor-project] Tor Browser team meeting notes 20 May 2019

Georg Koppen gk at torproject.org
Tue May 21 16:36:00 UTC 2019


We had our weekly Tor Browser team meeting yesterday. As usual our IRC
log can be found on meetbot.debian.net:


The meeting notes are pasted below:

    - Meeting next week? (on next Monday is public holiday in the US)

        - Same time (17:30UTC) on Tuesday 28th May

    Last week:
       -  reviews (#29982, #30489, #30162, #30166, #30518, #30404, #30284)
        - release prep
        - feedback mails
        - work on toolchain update for esr68 (Go update (#30536), macOS
building on Stretch (#30491), Windows toolchain update for Firefox (#28238))
        - work on getting ro and mk bundles in alpha series (#30468, #30469)
        - work on adding donation link to about:tor page (#30497)
        - work on testing IPv6 support on alpha (#29641)
        - work on getting letterboxing support into alpha (#30372)
        - Stockholm Internet Forum
        - HackerOne admin work
        - looked into WebGL-related bug reports (#30531, #30537)
    This week:
        - help with the release (sysrqb: the 8.5 bundles are signed in
my build dir; I'd need *.apks signed with the shiny new key for the
website to GPG sign them)
        - Windows toolchain update (#28238)
        - monitor potential 8.5 issues
        - look over acat's proposal for #10760
        - work on ro and mk bundles in alpha series (#30468, #30469)
        - reviews

    Last week:
        Discussed a little the Final Orfox update with n8fr8 (#29955)
        Debugged white screen Preference bug on older android versions
        Patched TOPL with additional torrc options (#30518)
        Reviewed GeKo's patch for empty control file on Android 4.4 (#30284)
        Reviewed BridgeDB ticket
        Extended lifetime of Tor Browser stable apk signing certificate
        Tested Tor Browser 8.5 stable
        Uplifted bugs 1480877 and 1478438
        Created internal testing release for Tor Browser on Google Play
    This week
        Tor Browser 8.5 release
        Followup on bmo bugs
        F-Droid deployment (#27539)
        Fastlane deployment (#26844)
        Maybe begin creating final Orfox update (#29955)
        Add a link for the new stable version (#30540)

  Last week:
   - #30284: Tor startup was broken on KitKat. Provided and tested fix
   - Reviewed last 6 months of Orbot commits. Only one affected
tor-android-service and it was addressed by sysrqb in #30518 - missing
command line options
   - Opened #30501 BridgesList is overload field (in tor-android-service)
   - Submitted PR for TOPL changes (Accepted on 14th)
   - Had laptop failure that required reinstall and backup
   - Submitted feedback
  This Week:
   - #30460, #30461 Use new Android Toolchain
   - Submit PR to TOPL with KitKat fix

mcs and brade:
    Last week:
        - Worked on #30000 (Integrating client-side authorization to
onion services v3).
            - Investigated adding new NS_ERROR codes for the SOCKS5
errors that tor will soon return (#14389).
            - Researched various ways of implementing the client auth
prompt (#30237).
        - Reviewed and commented on the Torbutton integration proposal
        - Code reviews.
        - Submitted peer and team lead feedback.
        - Took a couple of days off for family things.
    This week:
        - #30000 (Integrating client-side authorization to onion
services v3).
            - Start to implement support for new SOCKS5 error codes in
the browser.
            - Make more progress on the client auth prompt
implementation. Please read and respond to
https://trac.torproject.org/projects/tor/ticket/30237#comment:6 if you
care about this kind of thing.
            - More thoroughly review the UX proposal in #30237.

 - Have a patch for the letterboxing FindBar/DevTools, will land and
request uplift to 68: https://bugzilla.mozilla.org/show_bug.cgi?id=1546832
 - r+ on the binutils removal, will land and request uplift to 68:
 - Investigated RDD process failures in MinGW. Didn't get far.
    - I think I am going to disable the (stronger) security mitigations
for MinGW, get the process working.
    - Then have bugs for investigating and fixing the mitigations
 - Read acat's proposal. No comments.

    Last week:
         - Finished and sent draft proposal for Torbutton integration.
         - Some reviews.
         - Started rebasing patches for ESR68 (#30429).
    This week:
        - Keep rebasing patches (#30429).

    Last week:
        - made a patch for #30480 (rbm should check that a signed tag
object contains the expected tag name)
        - helped with building new releases
        - worked on #28672 (Android reproducible build of Snowflake)
        - sent feedback emails
    This week:
        - help with publishing new releases
        - continue work on #28672 (Android reproducible build of Snowflake)
        - look at remaining failing testsuite tests
        - some reviews
        - look at #29697 (archive.tpo running out of space)

    Last week:
        - not much Tor Browser related :)
    This week:
        - Talking with Okthanks about Tor brand usage for iOS apps
        - S27bi-weekly meeting

Last week:
        - #30024
        - #30497 - `about:tor` Donate link
This week:
        - waiting for review at #30237
        - #30024 - first approach on suggesting Onions ->
        - should review the UX impact on #28044 and #10760
        - Tor Browser 8.5 stable:
            - make sure that https://tb-manual.torproject.org/ gets
updated with security settings docs
            - provide gifs/images for the announcement

    Last week:
        finished (?) widl patches fixing the 5 bugs blocking valid tlb
        made a quick windows build, demonstrated ia2 interfaces are now
being exposed cross process (so the tlb seem to be working)
        some of the interface methods are causing tabs to crash, NVDA
causes tab to crash immediately on mouse-over
           - IA2 Table related methods for sure cause crash, but not
sure why
    This week:
        figure out which methods are crashing and why
           - odds are this is an issue with some of widl's generated code
           - will do a quick comparison of the generated .h/.c files and
see if anything obvious stands out
           - failing that, will create a test harness to walk the IA2
'DOM' to track down what specifically is triggering the crash


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20190521/e0e37e6d/attachment-0001.sig>

More information about the tor-project mailing list