The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2023-12-07T15:22:34Zhttps://gitlab.torproject.org/tpo/tpa/team/-/issues/41431migrate gitlab-02 to new gnt-dal cluster2023-12-07T15:22:34Zanarcatmigrate gitlab-02 to new gnt-dal clusterwe're going to host more and more gitlab stuff in object storage (e.g. #41425) and already have runners there. it makes sense to move gitlab-02 to the new gnt-dal cluster, which has faster disks and more powerful CPUs.
this should help ...we're going to host more and more gitlab stuff in object storage (e.g. #41425) and already have runners there. it makes sense to move gitlab-02 to the new gnt-dal cluster, which has faster disks and more powerful CPUs.
this should help us deal with the current overload in the gnt-fsn cluster as well (incident #41429).https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42321Draw new icons for built-in bridges: obfs4, snowflake, and meek-azure2024-01-30T19:23:26ZnicobDraw new icons for built-in bridges: obfs4, snowflake, and meek-azureWe need custom icons for built-in bridges to :sparkles: jazz up :sparkles: the bridge cards.
@donuts off the bat do you have any suggestions for obfs4 and meek-azure conceptually?We need custom icons for built-in bridges to :sparkles: jazz up :sparkles: the bridge cards.
@donuts off the bat do you have any suggestions for obfs4 and meek-azure conceptually?Sponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibetnicobnicobhttps://gitlab.torproject.org/tpo/web/donate-neo/-/issues/12Integrate new front-end with lektor2023-12-05T22:03:00ZdonutsIntegrate new front-end with lektorThe current donate portal's content and config options are spread across multiple lektor files. This ticket is to log each file, review their content and provide direction for the modifications required to support the new front-end templ...The current donate portal's content and config options are spread across multiple lektor files. This ticket is to log each file, review their content and provide direction for the modifications required to support the new front-end templates.
**Donate**: https://gitlab.torproject.org/tpo/web/donate-static/-/blob/master/content/contents.lr
Lektor file for the [donate form](https://donate.torproject.org/).
- [x] Review config options and produce new specification (@duncan)
- [ ] Replace with a new, streamlined file covering all three tabs (@eric, TBC)
**Champions of Privacy**: https://gitlab.torproject.org/tpo/web/donate-static/-/blob/master/content/champions-of-privacy/contents.lr
Lektor file for the [Champions of Privacy landing page](https://donate.torproject.org/champions-of-privacy/).
- [ ] Replace with a modified version of the new Donate lektor file when ready (@eric, TBC)
**Defenders of Privacy**: https://gitlab.torproject.org/tpo/web/donate-static/-/blob/master/content/monthly-giving/contents.lr
Lektor file for the [monthly giving landing page](https://donate.torproject.org/monthly-giving/).
- [ ] Replace with a modified version of the new Donate lektor file when ready (@eric, TBC)
**Cryptocurrency**: https://gitlab.torproject.org/tpo/web/donate-static/-/tree/master/content/cryptocurrency
Lektor file for the [Cryptocurrency landing page](https://donate.torproject.org/cryptocurrency/).
- [ ] Fold into the new Donate lektor file (no further action necessary)
**Donate Thank You**: https://gitlab.torproject.org/tpo/web/donate-static/-/tree/master/content/donate-thank-you
Lektor file for the donate form's [thank you page](https://donate.torproject.org/donate-thank-you/).
- [ ] Review config options and produce new specification (@duncan)
- [ ] Replace with three new lektor files – one for each thank you page (@eric, TBC)
**Donor FAQ**: https://gitlab.torproject.org/tpo/web/donate-static/-/blob/master/content/donor-faq/contents.lr
Lektor file for the [Donor FAQs](https://donate.torproject.org/donor-faq/).
- [ ] Review content and suggest reasonable changes (@smith): https://gitlab.torproject.org/tpo/web/donate-static/-/issues/35
- [x] Convert template to markdown (@kez)
**Donor Privacy Policy**: https://gitlab.torproject.org/tpo/web/donate-static/-/blob/master/content/privacy-policy/contents.lr
- Lektor file for the [Privacy Policy](https://donate.torproject.org/privacy-policy/).
- [x] Convert template to markdown (@kez)
**State disclosures**: https://gitlab.torproject.org/tpo/web/donate-static/-/blob/master/content/state-disclosures/contents.lr
- [x] Confirm what this is for, if it's still required, and where it lives (@smith?)
**Brave rewards**: https://gitlab.torproject.org/tpo/web/donate-static/-/blob/master/content/well-known/contents.lr
- [ ] Scope out technical considerations, i.e. does this file need referenced somewhere on the main donate page (@duncan)Redesign donate.torproject.orgstephenstephenhttps://gitlab.torproject.org/tpo/web/donate-neo/-/issues/10Integrate new front-end with lektor, Civi & payment processors2023-12-05T22:03:29ZdonutsIntegrate new front-end with lektor, Civi & payment processorsRedesign donate.torproject.orghttps://gitlab.torproject.org/tpo/web/donate-neo/-/issues/8Design high-fidelity mockups of new donate templates2024-01-29T19:01:55ZdonutsDesign high-fidelity mockups of new donate templatesDesign high-fidelity mockups that support our compatibility requirements for screen size & resolution:
> The donate portal should make use of the latest responsive design techniques with mainstream adoption among our target browsers (se...Design high-fidelity mockups that support our compatibility requirements for screen size & resolution:
> The donate portal should make use of the latest responsive design techniques with mainstream adoption among our target browsers (see 'Browser support') to provide user-friendly layouts that adapt to the user's screen size. At minimum, the donate portal should support screens of 320px wide, with no defined upper limit beyond the maximum width of the site's container.
>
> Text and other elements may be reduced in size at smaller screen sizes to reflect higher pixel densities and reduced viewing distances.
In addition, the new designs should align with our commitment to AA compliance with the WCAG 2.1 accessibility standard:
> The donate portal should strive to meet, at minimum, the [WCAG 2.1's success criteria for Level AA compliance](https://www.w3.org/TR/WCAG21/). Should it not be possible for a particular element to meet the criteria for AA compliance, an alternative should be provided or an exemption agreed with the Tor Project.
>
> At a glance, particular care should be taken to meet the following requirements as laid out in more detail in the [WCAG 2.1 technical specification](https://www.w3.org/WAI/standards-guidelines/wcag/glance/):
>
> **Perceivable**
> Provide text alternatives for non-text content.
> Provide captions and other alternatives for multimedia.
> Create content that can be presented in different ways, including by assistive technologies, without losing meaning.
> Make it easier for users to see and hear content.
>
> **Operable**
> Make all functionality available from a keyboard.
> Give users enough time to read and use content.
> Do not use content that causes seizures or physical reactions.
> Help users navigate and find content.
> Make it easier to use inputs other than keyboard.
>
> **Understandable**
> Make text readable and understandable.
> Make content appear and operate in predictable ways.
> Help users avoid and correct mistakes.
>
> **Robust**
> Maximize compatibility with current and future user tools.
**Todo list:**
- [x] Credit card template
- [x] PayPal template
- [x] Cryptocurrency template
- [x] Noscript template
- [x] Thank you page template
- [ ] ~~Supporter, Defender & Champion states~~ ← Removed from the scope for the MVP
- [ ] Campaign takeover example
- [ ] Active, inactive, focus and selected states
- [ ] Error states
On the following formats:
- [x] Desktop
- [ ] Mobile
**High-fidelity mockups**
- [Figma / Marble Style guide / Donate-dot](https://www.figma.com/file/nIpahk0b9VMaeEnubiO33g/Marble-style-guide?type=design&node-id=447%3A3457&mode=design&t=WtHoL3Xw8Yau9G4a-1)Redesign donate.torproject.orgdonutsdonutshttps://gitlab.torproject.org/tpo/core/arti/-/issues/1149HsCircPool: Launch multiple background circuits in parallel.2023-12-05T14:10:19ZNick MathewsonHsCircPool: Launch multiple background circuits in parallel.Right now there is an opportunity to launch more circuits at once in HsCircPool.
1. In `launch_hs_circuits_as_needed`, when we find that we have fewer circuits than we would like, we only build one circuit at a time, even if we would li...Right now there is an opportunity to launch more circuits at once in HsCircPool.
1. In `launch_hs_circuits_as_needed`, when we find that we have fewer circuits than we would like, we only build one circuit at a time, even if we would like to have a much larger number of circuits.
2. In `take_or_launch_stub_circuit`, when we find that we have no circuits left in our pool, we only build a single circuit at a time.
Launching multiple circuits in parallel here could improve performance by letting us take whichever circuit is ready first. (But should we think about delay-based attacks, where an attacker slows down some of our circuits in hopes that other circuits that it likes better will get finished first?)https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42317Update "Security Settings" menu item2023-12-05T01:52:34ZdonutsUpdate "Security Settings" menu itemOn Android, the menu item that links to the Security level page is labeled "Security Settings". Could we update both the menu item and title of the page to "Security level", in sentence case please?
Also, could the menu item reflect the...On Android, the menu item that links to the Security level page is labeled "Security Settings". Could we update both the menu item and title of the page to "Security level", in sentence case please?
Also, could the menu item reflect the current selection too—e.g.
```
**Security level**
Standard
```
In the same way that other options like Search, Tabs, HTTPS-Only Mode and Notifications do?clairehurstclairehursthttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42316TorConnect might restore old settings that were changed from the preferences2024-03-28T15:46:20ZPier Angelo VendrameTorConnect might restore old settings that were changed from the preferencesIn TorConnect we get a copy of the original settings (`this.originalSettings = TorSettings.getSettings();`) only once before trying all the settings we've received from Moat (and we bootstrap for each settings set, so the browser might t...In TorConnect we get a copy of the original settings (`this.originalSettings = TorSettings.getSettings();`) only once before trying all the settings we've received from Moat (and we bootstrap for each settings set, so the browser might take a long time to do stuff).
If the user changes settings, and we failed to bootstrap, we restore the settings we had before, which might be surprising.
So, we should check if the settings we're about to overwrite when we restore the old settings.
As a sequence of events:
1. TorConnect backup configuration A before contacting Moat
2. TorConnect sets the config B it received from Moat
3. While the bootstrap is happening, the user changes settings, producing config C
4. The boostrap fails: TorConnect restores config A!
Also, since we might receive many configuration sets, we might also apply config D, E, F and so on and possibly replace settings from configuration C.
On Android this cannot happen because going to settings stops the bootstrap, and we intend to keep this behavior at least for starters, when implementing the connection assist there.
However, on desktop is more difficult, because we have tabs.
Therefore, we might do something else, e.g., disable all the settings while we're bootstrapping, and display a message bar telling something like "The bootstrap is going on. Cancel it to unlock the settings".
## Design estimate:
* Complexity: medium (3 days)
* Figure out the appropriate solution. Should we prevent people from accessing the Settings on desktop just like on Android? Or do we create a warning for people that their settings might be overwritten?
* Create designs that solve the issue.
* Uncertainty level: moderate (1.5)
* I imagine trying to figure out which solution we should apply and how we apply it can take time.
* Total: 3-4.5 dayshttps://gitlab.torproject.org/tpo/core/torspec/-/issues/246Make sure we describe the importance of introduce replay detection accurately2023-12-04T13:36:40ZNick MathewsonMake sure we describe the importance of introduce replay detection accuratelySee analysis at https://gitlab.torproject.org/tpo/core/arti/-/issues/725#note_2960032
If this is right, we should mention it in the spec.See analysis at https://gitlab.torproject.org/tpo/core/arti/-/issues/725#note_2960032
If this is right, we should mention it in the spec.https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/41035Replace make list_translation_updates-release with make update_translation_gi...2024-01-09T15:00:07ZboklmReplace make list_translation_updates-release with make update_translation_git_hash-release```
* ma1 wonders why make list_translation_updates-release just tells you about the updated hashes rather than patching projects/translations/config directly
< boklm> ma1: I think because it was more work, but that looks like an impro...```
* ma1 wonders why make list_translation_updates-release just tells you about the updated hashes rather than patching projects/translations/config directly
< boklm> ma1: I think because it was more work, but that looks like an improvement we can do
```https://gitlab.torproject.org/tpo/core/arti/-/issues/1144Migrate to std::backtrace2023-11-30T14:29:35ZNick MathewsonMigrate to std::backtraceRust 1.65 introduced std::backtrace; perhaps we can use it in place of our previous reliance on the `backtrace` crate.
Current `backtrace` users are `arti::logging`, `tor-rtmock::task`, and `tor_error::internal`.Rust 1.65 introduced std::backtrace; perhaps we can use it in place of our previous reliance on the `backtrace` crate.
Current `backtrace` users are `arti::logging`, `tor-rtmock::task`, and `tor_error::internal`.https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/41032Add command to compare sha256sums-unsigned-build.txt from local build and dow...2024-01-09T14:59:40ZboklmAdd command to compare sha256sums-unsigned-build.txt from local build and downloaded buildFor #40997, in order to make it easier to check that a local build is
matching the published build, we can add some commands that will:
- download published build from archive.tpo
- compare `sha256sums-unsigned-build.txt` and
`sha256su...For #40997, in order to make it easier to check that a local build is
matching the published build, we can add some commands that will:
- download published build from archive.tpo
- compare `sha256sums-unsigned-build.txt` and
`sha256sums-unsigned-build.incrementals.txt` from local and downloaded
builds
- compare signed and unsigned exe files (#41030)
- compare signed and unsigned mar files (#41031)boklmboklmhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42311Firfox doesn't like the embedded PNG in tor-browser-logo.svg2024-01-09T14:38:33ZPier Angelo VendrameFirfox doesn't like the embedded PNG in tor-browser-logo.svgI was checking if the suggestion for the patch to resolve debug problems worked, and I stumbled upon about:tor dying for the assertion in `image/imgLoader.cpp:2474`:
```
MOZ_ASSERT(NS_UsePrivateBrowsing(newChannel) == mRespectPrivacy);
...I was checking if the suggestion for the patch to resolve debug problems worked, and I stumbled upon about:tor dying for the assertion in `image/imgLoader.cpp:2474`:
```
MOZ_ASSERT(NS_UsePrivateBrowsing(newChannel) == mRespectPrivacy);
```
<details><summary>Call stack</summary>
```
__GI___clock_nanosleep (@clock_nanosleep@GLIBC_2.2.5:29)
__GI___nanosleep (@__nanosleep:9)
__sleep (@sleep:17)
common_crap_handler(int, void const*) (/home/piero/Tor/tor-browser/toolkit/xre/nsSigHandlers.cpp:96)
child_ah_crap_handler(int) (/home/piero/Tor/tor-browser/toolkit/xre/nsSigHandlers.cpp:110)
WasmTrapHandler(int, siginfo_t*, void*) (/home/piero/Tor/tor-browser/js/src/wasm/WasmSignalHandlers.cpp:799)
__restore_rt (@__restore_rt:3)
imgLoader::LoadImage(nsIURI*, nsIURI*, nsIReferrerInfo*, nsIPrincipal*, unsigned long, nsILoadGroup*, imgINotificationObserver*, nsINode*, mozilla::dom::Document*, unsigned int, nsISupports*, nsIContentPolicy::nsContentPolicyType, nsTSubstring<char16_t> const&, bool, bool, unsigned long, imgRequestProxy**) (/home/piero/Tor/tor-browser/image/imgLoader.cpp:2474)
nsContentUtils::LoadImage(nsIURI*, nsINode*, mozilla::dom::Document*, nsIPrincipal*, unsigned long, nsIReferrerInfo*, imgINotificationObserver*, int, nsTSubstring<char16_t> const&, imgRequestProxy**, nsIContentPolicy::nsContentPolicyType, bool, bool, unsigned long) (/home/piero/Tor/tor-browser/dom/base/nsContentUtils.cpp:4004)
nsImageLoadingContent::LoadImage(nsIURI*, bool, bool, nsImageLoadingContent::ImageLoadType, unsigned int, mozilla::dom::Document*, nsIPrincipal*) (/home/piero/Tor/tor-browser/dom/base/nsImageLoadingContent.cpp:1143)
nsImageLoadingContent::LoadImage(nsTSubstring<char16_t> const&, bool, bool, nsImageLoadingContent::ImageLoadType, nsIPrincipal*) (/home/piero/Tor/tor-browser/dom/base/nsImageLoadingContent.cpp:1027)
mozilla::dom::SVGImageElement::LoadSVGImage(bool, bool) (/home/piero/Tor/tor-browser/dom/svg/SVGImageElement.cpp:146)
mozilla::dom::SVGImageElement::AfterSetAttr(int, nsAtom*, nsAttrValue const*, nsAttrValue const*, nsIPrincipal*, bool) (/home/piero/Tor/tor-browser/dom/svg/SVGImageElement.cpp:215)
mozilla::dom::Element::SetAttrAndNotify(int, nsAtom*, nsAtom*, nsAttrValue const*, nsAttrValue&, nsIPrincipal*, unsigned char, bool, bool, bool, mozilla::dom::Document*, mozAutoDocUpdate const&) (/home/piero/Tor/tor-browser/dom/base/Element.cpp:2653)
mozilla::dom::Element::SetAttr(int, nsAtom*, nsAtom*, nsTSubstring<char16_t> const&, nsIPrincipal*, bool) (/home/piero/Tor/tor-browser/dom/base/Element.cpp:2506)
mozilla::dom::Element::SetAttr(int, nsAtom*, nsAtom*, nsTSubstring<char16_t> const&, bool) (/home/piero/Tor/tor-browser/obj-x86_64-pc-linux-gnu/dist/include/mozilla/dom/Element.h:1000)
nsXMLContentSink::AddAttributes(char16_t const**, mozilla::dom::Element*) (/home/piero/Tor/tor-browser/dom/xml/nsXMLContentSink.cpp:1376)
nsXMLContentSink::HandleStartElement(char16_t const*, char16_t const**, unsigned int, unsigned int, unsigned int, bool) (/home/piero/Tor/tor-browser/dom/xml/nsXMLContentSink.cpp:957)
nsXMLContentSink::HandleStartElement(char16_t const*, char16_t const**, unsigned int, unsigned int, unsigned int) (/home/piero/Tor/tor-browser/dom/xml/nsXMLContentSink.cpp:903)
non-virtual thunk to nsXMLContentSink::HandleStartElement(char16_t const*, char16_t const**, unsigned int, unsigned int, unsigned int) (/home/piero/Tor/tor-browser/dom/xml/nsXMLContentSink.cpp:0)
nsExpatDriver::HandleStartElement(rlbox::rlbox_sandbox<rlbox::rlbox_noop_sandbox>&, rlbox::tainted<void*, rlbox::rlbox_noop_sandbox>, rlbox::tainted<char16_t const*, rlbox::rlbox_noop_sandbox>, rlbox::tainted<char16_t const**, rlbox::rlbox_noop_sandbox>) (/home/piero/Tor/tor-browser/parser/htmlparser/nsExpatDriver.cpp:477)
doContentInternal (/home/piero/Tor/tor-browser/parser/expat/lib/xmlparse.c:2920)
doContent (/home/piero/Tor/tor-browser/parser/expat/lib/xmlparse.c:2664)
contentProcessor (/home/piero/Tor/tor-browser/parser/expat/lib/xmlparse.c:2540)
MOZ_XML_ParseBuffer (/home/piero/Tor/tor-browser/parser/expat/lib/xmlparse.c:2004)
auto rlbox::rlbox_noop_sandbox::impl_invoke_with_func_ptr<XML_Status (XML_ParserStruct*, char const*, int, int), XML_Status (void*, void*, int, int), void*, void*, unsigned long, bool>(XML_Status (*)(void*, void*, int, int), void*&&, void*&&, unsigned long&&, bool&&) (/home/piero/Tor/tor-browser/obj-x86_64-pc-linux-gnu/dist/include/mozilla/rlbox/rlbox_noop_sandbox.hpp:188)
auto rlbox::rlbox_sandbox<rlbox::rlbox_noop_sandbox>::INTERNAL_invoke_with_func_ptr<XML_Status (XML_ParserStruct*, char const*, int, int), rlbox::tainted<XML_ParserStruct*, rlbox::rlbox_noop_sandbox>&, rlbox::tainted<char const*, rlbox::rlbox_noop_sandbox>, unsigned long, bool>(char const*, void*, rlbox::tainted<XML_ParserStruct*, rlbox::rlbox_noop_sandbox>&, rlbox::tainted<char const*, rlbox::rlbox_noop_sandbox>&&, unsigned long&&, bool&&) (/home/piero/Tor/tor-browser/obj-x86_64-pc-linux-gnu/dist/include/mozilla/rlbox/rlbox_sandbox.hpp:790)
nsExpatDriver::ParseChunk(char16_t const*, unsigned int, nsExpatDriver::ChunkOrBufferIsFinal, unsigned int*, unsigned long*) (/home/piero/Tor/tor-browser/parser/htmlparser/nsExpatDriver.cpp:1248)
nsExpatDriver::ChunkAndParseBuffer(char16_t const*, unsigned int, bool, unsigned int*, unsigned int*, unsigned long*) (/home/piero/Tor/tor-browser/parser/htmlparser/nsExpatDriver.cpp:1204)
nsExpatDriver::ResumeParse(nsScanner&, bool) (/home/piero/Tor/tor-browser/parser/htmlparser/nsExpatDriver.cpp:1352)
nsParser::ResumeParse(bool, bool, bool) (/home/piero/Tor/tor-browser/parser/htmlparser/nsParser.cpp:716)
nsParser::OnDataAvailable(nsIRequest*, nsIInputStream*, unsigned long, unsigned int) (/home/piero/Tor/tor-browser/parser/htmlparser/nsParser.cpp:1027)
imgRequest::OnDataAvailable(nsIRequest*, nsIInputStream*, unsigned long, unsigned int) (/home/piero/Tor/tor-browser/image/imgRequest.cpp:1068)
nsJARChannel::OnDataAvailable(nsIRequest*, nsIInputStream*, unsigned long, unsigned int) (/home/piero/Tor/tor-browser/modules/libjar/nsJARChannel.cpp:1312)
nsInputStreamPump::OnStateTransfer() (/home/piero/Tor/tor-browser/netwerk/base/nsInputStreamPump.cpp:584)
nsInputStreamPump::OnInputStreamReady(nsIAsyncInputStream*) (/home/piero/Tor/tor-browser/netwerk/base/nsInputStreamPump.cpp:411)
non-virtual thunk to nsInputStreamPump::OnInputStreamReady(nsIAsyncInputStream*) (/home/piero/Tor/tor-browser/netwerk/base/nsInputStreamPump.cpp:0)
CallbackHolder::CallbackHolder(nsIAsyncInputStream*, nsIInputStreamCallback*, unsigned int, nsIEventTarget*)::'lambda'()::operator()() const (/home/piero/Tor/tor-browser/xpcom/io/nsPipe3.cpp:73)
already_AddRefed<mozilla::CancelableRunnable> NS_NewCancelableRunnableFunction<CallbackHolder::CallbackHolder(nsIAsyncInputStream*, nsIInputStreamCallback*, unsigned int, nsIEventTarget*)::'lambda'()>(char const*, CallbackHolder::CallbackHolder(nsIAsyncInputStream*, nsIInputStreamCallback*, unsigned int, nsIEventTarget*)::'lambda'()&&)::FuncCancelableRunnable::Run() (/home/piero/Tor/tor-browser/obj-x86_64-pc-linux-gnu/dist/include/nsThreadUtils.h:667)
mozilla::RunnableTask::Run() (/home/piero/Tor/tor-browser/xpcom/threads/TaskController.cpp:555)
mozilla::TaskController::DoExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) (/home/piero/Tor/tor-browser/xpcom/threads/TaskController.cpp:879)
mozilla::TaskController::ExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) (/home/piero/Tor/tor-browser/xpcom/threads/TaskController.cpp:702)
mozilla::TaskController::ProcessPendingMTTask(bool) (/home/piero/Tor/tor-browser/xpcom/threads/TaskController.cpp:491)
mozilla::TaskController::TaskController()::$_0::operator()() const (/home/piero/Tor/tor-browser/xpcom/threads/TaskController.cpp:218)
mozilla::detail::RunnableFunction<mozilla::TaskController::TaskController()::$_0>::Run() (/home/piero/Tor/tor-browser/xpcom/threads/nsThreadUtils.h:548)
nsThread::ProcessNextEvent(bool, bool*) (/home/piero/Tor/tor-browser/xpcom/threads/nsThread.cpp:1240)
NS_ProcessNextEvent(nsIThread*, bool) (/home/piero/Tor/tor-browser/xpcom/threads/nsThreadUtils.cpp:479)
mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate*) (/home/piero/Tor/tor-browser/ipc/glue/MessagePump.cpp:85)
MessageLoop::RunHandler() (/home/piero/Tor/tor-browser/ipc/chromium/src/base/message_loop.cc:361)
MessageLoop::Run() (/home/piero/Tor/tor-browser/ipc/chromium/src/base/message_loop.cc:343)
nsBaseAppShell::Run() (/home/piero/Tor/tor-browser/widget/nsBaseAppShell.cpp:148)
XRE_RunAppShell() (/home/piero/Tor/tor-browser/toolkit/xre/nsEmbedFunctions.cpp:724)
mozilla::ipc::MessagePumpForChildProcess::Run(base::MessagePump::Delegate*) (/home/piero/Tor/tor-browser/ipc/glue/MessagePump.cpp:235)
MessageLoop::RunHandler() (/home/piero/Tor/tor-browser/ipc/chromium/src/base/message_loop.cc:361)
MessageLoop::Run() (/home/piero/Tor/tor-browser/ipc/chromium/src/base/message_loop.cc:343)
XRE_InitChildProcess(int, char**, XREChildData const*) (/home/piero/Tor/tor-browser/toolkit/xre/nsEmbedFunctions.cpp:659)
content_process_main(mozilla::Bootstrap*, int, char**) (/home/piero/Tor/tor-browser/ipc/contentproc/plugin-container.cpp:57)
main (/home/piero/Tor/tor-browser/browser/app/nsBrowserApp.cpp:375)
__libc_start_call_main (@__libc_start_call_main:26)
__libc_start_main_impl (@__libc_start_main@@GLIBC_2.34:43)
_start (@_start:14)
```
</details>
I'm trying an optimized build with asserts on, so many variables have been optimized out.
However, I managed to see that it was this PNG by checking `href` at the end of `mozilla::dom::SVGImageElement::LoadSVGImage`.
FWIW, I think this is a peculiarity of the YEC homepage.https://gitlab.torproject.org/tpo/tpa/team/-/issues/41415design and implement backup strategy for MinIO buckets or the entire server2024-01-19T18:57:23Zanarcatdesign and implement backup strategy for MinIO buckets or the entire serverWe're considering using MinIO for more and more things, mainly GitLab (artifacts storage in #41403 and gitaly backups in #40518) but possibly other (e.g. metrics storage in tpo/network-health/metrics/collector#40023).
Right now, we don'...We're considering using MinIO for more and more things, mainly GitLab (artifacts storage in #41403 and gitaly backups in #40518) but possibly other (e.g. metrics storage in tpo/network-health/metrics/collector#40023).
Right now, we don't have any backups of that server, which is probably fine: we only store container images there, which can be regenerated in case of a catastrophe. But if we start storing gitaly backups and gitlab artifacts, it needs to be permanent now.
Research how backups can be performed, develop a policy and implement it.
Next steps:
* [x] research articles anarcat found on the topic (see wallabag)
* [x] discuss the idea in the network
* [x] decide if we want this per bucket or per site
* [ ] write up a proposal
* [ ] implement proposal
* [ ] document and test backup/restore proceduresanarcatanarcathttps://gitlab.torproject.org/tpo/core/arti/-/issues/1139Create fs-mistrust wrapper for WalkDir2024-01-17T20:23:21Zgabi-250Create fs-mistrust wrapper for WalkDirWe need an `fs-mistrust`-based alternative to [`WalkDir`](https://crates.io/crates/walkdir).
This is a follow-up from !1769 (see [discussion](https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1769#note_2970121))We need an `fs-mistrust`-based alternative to [`WalkDir`](https://crates.io/crates/walkdir).
This is a follow-up from !1769 (see [discussion](https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1769#note_2970121))Nick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42307Consider adjusting Nightly app icon color for a11y2024-01-29T19:18:54ZThorinConsider adjusting Nightly app icon color for a11yI used https://www.color-blindness.com/coblis-color-blindness-simulator/ cc @donuts to triage
![colors](/uploads/9a40f550015248dda2a429d6ad58843e/colors.png)I used https://www.color-blindness.com/coblis-color-blindness-simulator/ cc @donuts to triage
![colors](/uploads/9a40f550015248dda2a429d6ad58843e/colors.png)nicobnicobhttps://gitlab.torproject.org/tpo/core/arti/-/issues/1138Shall we start setting the Host header in our HTTP requests?2023-11-27T14:46:20ZNick MathewsonShall we start setting the Host header in our HTTP requests?We only claim to be speaking HTTP 1.0, so we aren't strictly required to set the Host header. (The Host header became mandatory in HTTP 1.1.) Nonetheless, C tor sets the Host header unconditionally; it may be that we want to do so as we...We only claim to be speaking HTTP 1.0, so we aren't strictly required to set the Host header. (The Host header became mandatory in HTTP 1.1.) Nonetheless, C tor sets the Host header unconditionally; it may be that we want to do so as well.
See #1024 for a little discussion.https://gitlab.torproject.org/tpo/network-health/metrics/descriptorParser/-/issues/62Add `dirauth_nickname` as label in Victoria Metrics2024-01-16T13:49:10ZjugaAdd `dirauth_nickname` as label in Victoria Metricsto be able to filter by bwauth, in a similar way we can filter by `fingeprint` and `node`. This needs #61to be able to filter by bwauth, in a similar way we can filter by `fingeprint` and `node`. This needs #61https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42300Do not store logs inside TorProvider2023-12-21T09:04:03ZPier Angelo VendrameDo not store logs inside TorProviderDropping the entire `TorProvider` in case of failure has some advantages, but also a big disadvantage: logs are stored in the `TorProvider` object.
When we drop it we also drop logs.
If Tor died for an actual bug/problem, we remove the ...Dropping the entire `TorProvider` in case of failure has some advantages, but also a big disadvantage: logs are stored in the `TorProvider` object.
When we drop it we also drop logs.
If Tor died for an actual bug/problem, we remove the way of knowing that.
So, we shouldn't store the logs in the provider, but store them elsewhere.
/related #41921https://gitlab.torproject.org/tpo/tpa/team/-/issues/41412fail2ban ineffective on submit-012023-11-22T18:01:51Zanarcatfail2ban ineffective on submit-01We're seeing repeated failed authentication attempts in the postfix logs and they do not seem to get picked up by fail2ban, investigate.We're seeing repeated failed authentication attempts in the postfix logs and they do not seem to get picked up by fail2ban, investigate.