Keep track of Mozilla's entitlements files
Right now we use the entitlements file Mozilla shipped with ESR 68 when we transitioned to it. However, we are about to harden that one/those (see: #32505 (moved) and #32506 (moved)) and Mozilla is pushing changes to it on the ESR 68 branch, too. It's even conceivable that security fixes get deployed that way.
Activity
Trac:
Parent Ticket: #32173 (moved)
What I think we should do is having our entitlements files somewhere under version control and making sure we are using an up-to-date one when signing/notarizing bundles. This can be done as part of the rebase: the one who is rebasing is updating our entitelment files if needed. Later on, the one who is signing is making sure they are using the latest version in our repo.
Trac:
Owner: tbb-team to gk
Cc: tbb-team to tbb-team, boklm, sysrqb
Status: new to assigned-
Trac:
Description: Right now we use the entitlements file Mozilla shipped with ESR 68 when we transitioned to it. However, we are about to harden that one/those (see: #32505 (moved) and #32506 (moved)) and Mozilla is pushing changes to it [on the ESR 68 branch, https://hg.mozilla.org/releases/mozilla-esr68/rev/f43123e865f1deba61c80036b483dc6dccf64ee0 too]. It's even conceivable that security fixes get deployed that way.to
Right now we use the entitlements file Mozilla shipped with ESR 68 when we transitioned to it. However, we are about to harden that one/those (see: #32505 (moved) and #32506 (moved)) and Mozilla is pushing changes to it on the ESR 68 branch, too. It's even conceivable that security fixes get deployed that way.
-
Okay, boklm seems to be good with putting the files under
tor-browser-build/tools/signing. I added a bunch of script templates we are currently using for signing as well, as a first start. There is room for improvement, though. :)masterhas the changes (boklm looked over them): commit f1cc6bc762c337d9cbc7187d2958dcb54007f9ff.Trac:
Resolution: N/A to fixed
Status: assigned to closed
Actualpoints: N/A to 0.2 mentioned in issue #32173 (moved)