Trac issueshttps://gitlab.torproject.org/legacy/trac/-/issues2020-06-16T00:52:22Zhttps://gitlab.torproject.org/legacy/trac/-/issues/28157Upstream neersighted's patch for cross-compiling Rust for Windows2020-06-16T00:52:22ZGeorg KoppenUpstream neersighted's patch for cross-compiling Rust for Windowsneersighted's Rust patch for cross-compiling Rust for Windows which we ship (https://gitweb.torproject.org/builders/tor-browser-build.git/tree/projects/rust/unwind.patch?h=maint-8.0) is working for us and we should upstream it.neersighted's Rust patch for cross-compiling Rust for Windows which we ship (https://gitweb.torproject.org/builders/tor-browser-build.git/tree/projects/rust/unwind.patch?h=maint-8.0) is working for us and we should upstream it.https://gitlab.torproject.org/legacy/trac/-/issues/28104Backport Android security fixes for Tor Browser for Android 1.0a32020-06-16T00:52:12ZGeorg KoppenBackport Android security fixes for Tor Browser for Android 1.0a3We got notified about a bunch of security/privacy related fixes for Android we might want to backport, in particular:
https://bugzilla.mozilla.org/show_bug.cgi?id=1441345
https://bugzilla.mozilla.org/show_bug.cgi?id=1448014
https://bugz...We got notified about a bunch of security/privacy related fixes for Android we might want to backport, in particular:
https://bugzilla.mozilla.org/show_bug.cgi?id=1441345
https://bugzilla.mozilla.org/show_bug.cgi?id=1448014
https://bugzilla.mozilla.org/show_bug.cgi?id=1448305
https://bugzilla.mozilla.org/show_bug.cgi?id=1458905
We should do so for the upcoming, on 60.3.0esr based release.https://gitlab.torproject.org/legacy/trac/-/issues/28075Torbutton WARN: no SOCKS credentials found for current document.2020-06-16T00:52:09ZtraumschuleTorbutton WARN: no SOCKS credentials found for current document.This warning appears in the log quite often. It might be benign and can probably be downgraded to INFO or DEBUG.
> Torbutton WARN: no SOCKS credentials found for current document.
I can trigger this message setting `app.update.log` to ...This warning appears in the log quite often. It might be benign and can probably be downgraded to INFO or DEBUG.
> Torbutton WARN: no SOCKS credentials found for current document.
I can trigger this message setting `app.update.log` to true in about:config and opening the noscript settings.
found this also in #27828, #27221, #26579, #25946, #24654, #24263, #20195, #18138
Another message that appears on moz-extension://ff54e967-998f-4b5d-84b4-1aedfa73532d/ui/options.html:
>JavaScript error: moz-extension://ff54e967-998f-4b5d-84b4-1aedfa73532d/lib/Messages.js, line 0: Error: Message broadcastSettings {"tabId":-1,"__meta":{"name":"broadcastSettings","recipientInfo":null},"_messageName":"broadcastSettings"} looping to its sender (moz-extension://ff54e967-998f-4b5d-84b4-1aedfa73532d/ui/options.html#;tab-main-tabs=3)
(can't remember to have seen this before so it could have been introduced in Noscript 10.1.9.9)https://gitlab.torproject.org/legacy/trac/-/issues/28039Tor Browser log is not shown anymore in terminal since Tor Browser 8.5a22020-06-16T00:52:03ZGeorg KoppenTor Browser log is not shown anymore in terminal since Tor Browser 8.5a2Starting with Tor Browser 8.5a2 no log is shown anymore in the terminal on Linux.
STR:
1) Start Tor Browser with `./start-tor-browser.desktop --debug`
2) Open `about:config` and set `extensions.torbutton.loglevel` to `3` and `extension...Starting with Tor Browser 8.5a2 no log is shown anymore in the terminal on Linux.
STR:
1) Start Tor Browser with `./start-tor-browser.desktop --debug`
2) Open `about:config` and set `extensions.torbutton.loglevel` to `3` and `extensions.torbutton.logmethod` to `0`
3) Go to torproject.org
Expected: See circuit building related output in terminal
Actual: No log messages show up.https://gitlab.torproject.org/legacy/trac/-/issues/28022Use "/usr/bin/env bash" instead of "/bin/bash" in Browser/execdesktop2020-06-16T00:52:02ZTracUse "/usr/bin/env bash" instead of "/bin/bash" in Browser/execdesktopSome Linux distributions (like mine) don't use the "standard/debian application paths". Normally "/usr/bin/env ${app}" does the trick on most obscure systems.
So changing the interpreter in Browser/execdesktop from "/bin/bash" to "/usr/...Some Linux distributions (like mine) don't use the "standard/debian application paths". Normally "/usr/bin/env ${app}" does the trick on most obscure systems.
So changing the interpreter in Browser/execdesktop from "/bin/bash" to "/usr/bin/env bash" would be the solution.
**Trac**:
**Username**: readingflowerhttps://gitlab.torproject.org/legacy/trac/-/issues/26475ESR60-based Tor Browser bundles are not built reproducibly with Stylo enabled...2020-06-16T00:47:30ZGeorg KoppenESR60-based Tor Browser bundles are not built reproducibly with Stylo enabled using rustc > 1.25.0Contrary to our testing results the .dmg bundles we produce for 8.0a9 are differing on two machines. And it turns out Linux bundles are affected as well (see: #27937 for the original Linux bug report).Contrary to our testing results the .dmg bundles we produce for 8.0a9 are differing on two machines. And it turns out Linux bundles are affected as well (see: #27937 for the original Linux bug report).https://gitlab.torproject.org/legacy/trac/-/issues/25030Update release process document for Tor Browser 8.02020-06-16T00:43:38ZGeorg KoppenUpdate release process document for Tor Browser 8.0With Tor Browser 7.5 we switched to a reproducible build system based on `rbm`/`tor-browser-build`. We should update our release process document taking this change into account. Additionally, we should add all the things that got fixed ...With Tor Browser 7.5 we switched to a reproducible build system based on `rbm`/`tor-browser-build`. We should update our release process document taking this change into account. Additionally, we should add all the things that got fixed in Tor Browser 8.0https://gitlab.torproject.org/legacy/trac/-/issues/20648Migrate tickets from "Tor bundles" component and then shut it down2020-06-13T16:52:05ZRoger DingledineMigrate tickets from "Tor bundles" component and then shut it downI just gave #20645 a plausible component ("tor bundles"), and it turns out that Erinn is the default owner of that component still. I bet she isn't really going to tackle all of those tickets.
Should the component go away? Should we giv...I just gave #20645 a plausible component ("tor bundles"), and it turns out that Erinn is the default owner of that component still. I bet she isn't really going to tackle all of those tickets.
Should the component go away? Should we give it somebody else, like somebody from the Tor Browser team?Jens KubiezielJens Kubieziel