Consider adding a readme to the fonts directory

We could add a readme.txt to the font directory, in which we explain users that they aren't supposed to add fonts on their own, sum up the risk, and link some FAQ page.

added Fonts label

added Documentation First Contribution labels

changed milestone to %Sponsor 131 - Phase 5 - Ongoing Maintenance

added Roadmap::Future label

Also, there are really a lot of files in that directory. We could call the file 000_readme.txt or use some other profile, to make sure it's visible.

I'm about to start working on this, though I'm not 100% confident I agree that will make things more readable, since most people will be browsing the code through their handy dandy git server in their handy dandy web browser. The git server should know about README.md or README.txt, but will not know about 000_readme.txt, though I do agree that lifting it with a number like that would make it more visible for people viewing the files via an ls command from their terminal. Part of me wants to say we should have a hand curated README.md and a 000_readme.txt that's copied as part of the build process. Obviously, I'm new here, so I'll leave it to your judgement, but these are just some thoughts I have about things to consider that make the repository as accessible as possible

since most people will be browsing the code through their handy dandy git server in their handy dandy web browser.

That directory isn't shown in GitLab, unless people start uploading binaries in repositories.

The directory is created during the build process in projects/fonts/build, and then extracted into Firefox files when we build the final installers/packages.

Part of me wants to say we should have a hand curated README.md and a 000_readme.txt that's copied as part of the build process.

We can do it: have a README.txt in projects/fonts, and then copy it as 000_README.txt in projects/fonts/build.

But to be honest, I don't expect people to actually change stuff on this build repository only to include more fonts in their browser.

Also, the description of the projects/fonts and Browser/fonts directories would be very different: the former is the directory with scripts we use to download and bundle the files in the packages. The latter is a directory officially supported by Firefox to look for fonts that it should make available without having the user to install them in all their system.

Got it. Thanks for the help understanding the moving parts at play here

changed milestone to %Sponsor 131 - Phase 2 - Privacy Browser

added Sponsor 131 label

added Task label

added Desktop label

Hello @pierov

I would like to understand this better. Can you please explain the issue, and what we are trying to achieve here?

Thank you

Hi! Sorry for the delay, I was on vacation .

We don't want users to add fonts to Tor Browser, because it's very dangerous (it can change your fingerprint).

So, we want to add a README.txt to the fonts directory that tells users not to do it. Maybe we could also reference some authoritative source that explains font fingerprinting.

The fonts directory contains bundled fonts. We create it with the fonts project in this repository, and then we consume it in the browser project.

Usually, the documentation lives in the browser project, so we could add the readme there, and move it to the font directory just after extracting the fonts input (see projects/browser/build).

The alternative is to add the readme in the fonts projects, so that it's automatically added when extracting it.

mentioned in merge request !763 (merged)

marked this issue as related to #40901 (closed)

marked this issue as related to #40902 (closed)

closed

removed Roadmap::Future label

mentioned in issue #40901 (closed)

removed Desktop label

added Build System Desktop labels

marked this issue as related to #40965 (closed)

marked this issue as related to #40966 (closed)