tor-browser-build merge requestshttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests2024-01-30T10:18:10Zhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/902Bug 41038: Add RPM dependencies to README.2024-01-30T10:18:10ZPier Angelo VendrameBug 41038: Add RPM dependencies to README.## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#xxxxx
- mullvad-browser#xxxxx
- tor-browser-build#41038
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#xxxxx
- mullvad-browser#xxxxx
- tor-browser-build#41038
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [ ] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [ ] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [x] **Other**: we could backport since the user says they verified also 13.0.
### Issue Tracking
- [x] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [x] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : clairehurst, dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **macos** : clairehurst, dan
- **nightly builds** : boklm
- **rebases/release-prep** : boklm, dan, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
### Change Description
Add the package required to use tor-browser-build on Fedora.
Originally sent as a `.patch` file by @NoisyCoil in #41038.
I've justified it to the 80 columns limit and added that it's been tested with Fedora 39 in the description.
So, I've created a MR for the patch, but since I result as the author, I think someone else should review it now.
#### How Tested
Not tested by me, the original author said it works.Pier Angelo VendramePier Angelo Vendramehttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/901Document required packages for container-less build2024-01-30T07:45:48ZMynacolDocument required packages for container-less buildAdd required packages for container-less
jq and 7zip are both absolutely required, 7zip just recently.
bison, tcl, gyp and python3-venv are scattered around as dependency.
wget is also definitely required, but it's not available in a m...Add required packages for container-less
jq and 7zip are both absolutely required, 7zip just recently.
bison, tcl, gyp and python3-venv are scattered around as dependency.
wget is also definitely required, but it's not available in a minimal
docker image.
Besides this, python3, not python2 is required, similarly jdk 11 instead
of 8.
#41073MynacolMynacolhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/899Bug 41051,41052: Tor,Mullvad Browser 13.5a4 Release Prep2024-01-29T18:11:16ZrichardBug 41051,41052: Tor,Mullvad Browser 13.5a4 Release Prep## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#41051
- tor-browser-build#41052
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ]...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#41051
- tor-browser-build#41052
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [x] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [ ] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Other**: please explain
### Issue Tracking
- [x] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [x] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : clairehurst, dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **macos** : clairehurst, dan
- **nightly builds** : boklm
- **rebases/release-prep** : boklm, dan, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
### Change Description
Release prep!
TODO -> sign+tag:
- tor-browser
- mullvad-browser
- firefox-android
<!-- Whatever context the reviewer needs to effectively review the patchset; if the patch includes UX updates be sure to include screenshots/video of how any new behaviour -->
#### How Tested
<!-- Description of steps taken to verify the change -->richardrichardhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/897Bug 41065: Cleanup the NSIS script2024-01-29T17:36:26ZPier Angelo VendrameBug 41065: Cleanup the NSIS script## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#xxxxx
- mullvad-browser#xxxxx
- tor-browser-build#41065
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#xxxxx
- mullvad-browser#xxxxx
- tor-browser-build#41065
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [x] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [ ] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Other**: please explain
### Issue Tracking
- [x] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [x] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : clairehurst, dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **macos** : clairehurst, dan
- **nightly builds** : boklm
- **rebases/release-prep** : boklm, dan, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
### Change Description
- Fixed the general styling of the NSIS script
- Added information about the original authors of the script and corrected the license (the comments were exactly the same as the NSIS examples, as well as the order of the languages, therefore I think we should consider it as derived from NSIS examples)
- Removed the languages we don't actually support in Tor Browser, added a few new ones, and sorted by language code (in the future we might create some map to populate the list automatically, but I'm wondering about removing the template items and using command line defines `-D` instead)
- Added the channel to the application name and default directory for anything that isn't release
- Since this changes a lot of lines, did a CRLF -> LF (NSIS is happy anyway), `--ignore-cr-at-eol` will be useful for review :slight_smile:. Probably a `--color-moved` could also be useful
- Removed anything about the system installer: we'll need a quite different script, so it'll be easier to have a different file, instead of using a lot of `[% IF system_install %]`
#### How Tested
Built a Mullvad Browser testbuild, checked it still installs as expected and that it displays Testbuild for testbuilds.Pier Angelo VendramePier Angelo Vendramehttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/894Bug 41066: Compress the APKs more2024-01-24T16:09:12ZPier Angelo VendrameBug 41066: Compress the APKs more## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#
- mullvad-browser#xxxxx
- tor-browser-build#41066
### Backporting
#### Timeline
- [x] **Immediate**: patchset needed as soon as p...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#
- mullvad-browser#xxxxx
- tor-browser-build#41066
### Backporting
#### Timeline
- [x] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [ ] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [ ] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [x] **Other**: unblock the release
### Issue Tracking
- [x] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [x] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : clairehurst, dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **macos** : clairehurst, dan
- **nightly builds** : boklm
- **rebases/release-prep** : boklm, dan, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
### Change Description
We need to shave a few MBs from our x86 APK, so I tried to re-compress it with 7-zip.
The `p7zip` package included in bullseye gave me a few problems (but maybe I was using a wrong command line, after all?).
There's also a `7zip` package.
It seems `p7zip` changes [were taken](https://www.phoronix.com/news/7-Zip-21.01-Initial-Linux) [upstream](https://www.7-zip.org/download.html), and in Trixie `p7zip` has recently become a transitional package.
Sadly, bullseye doesn't include a `7zip` package.
It does in backports, but I don't think we can use them, except for manually downloading the file and installing it as a prestep?
So, I moved the `browser` container to `bookworm` already, since `apksigner` works also on Java 17.
#### How Tested
Built with
```bash
rbm/rbm build browser --target torbrowser-android-x86 --target release
```
and:
1. noticed we have a reduced size: 115011751 -> 110845359
2. checked we're reproducible (I tested on my machine and in tb-build-02, but I used the same firefox-android artifact to avoid having to build everything - but I'll take for granted the contents were already reproducible)Pier Angelo VendramePier Angelo Vendramehttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/896Update release-prep template with startpage contact to notify on major ESR tr...2024-01-24T11:36:11ZrichardUpdate release-prep template with startpage contact to notify on major ESR transition## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs ...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [x] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [ ] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Other**: please explain
### Issue Tracking
- [ ] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [x] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : clairehurst, dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **macos** : clairehurst, dan
- **nightly builds** : boklm
- **rebases/release-prep** : boklm, dan, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
### Change Description
Update the Tor Browser Alpha Release template to add 'notify Startpage' step when the user-agent changes
#### How Tested
<!-- Description of steps taken to verify the change -->richardrichardhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/895Bug 41055: Prepare Tor Browser Stable 13.0.92024-01-23T11:01:40ZrichardBug 41055: Prepare Tor Browser Stable 13.0.9## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#41055
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Relea...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#41055
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [x] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [ ] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Other**: please explain
### Issue Tracking
- [ ] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [x] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : clairehurst, dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **macos** : clairehurst, dan
- **nightly builds** : boklm
- **rebases/release-prep** : boklm, dan, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
### Change Description
Updated changelog in preparationf or `-build2` tag for Tor Browser.
<!-- Whatever context the reviewer needs to effectively review the patchset; if the patch includes UX updates be sure to include screenshots/video of how any new behaviour -->
#### How Tested
<!-- Description of steps taken to verify the change -->richardrichardhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/893Bug 41055: Prepare Tor Browser Stable 13.0.92024-01-19T12:41:27ZrichardBug 41055: Prepare Tor Browser Stable 13.0.9## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#41055
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Relea...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#41055
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [x] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [ ] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Other**: please explain
### Issue Tracking
- [x] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [x] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : clairehurst, dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **macos** : clairehurst, dan
- **nightly builds** : boklm
- **rebases/release-prep** : boklm, dan, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
### Change Description
<!-- Whatever context the reviewer needs to effectively review the patchset; if the patch includes UX updates be sure to include screenshots/video of how any new behaviour -->
Changelog updates: fixed typo and added YEC removal issue
- Android has a revert commit in `firefox-android`, Desktop excluded the YEC commit during the `tor-browser` rebase
#### How Tested
<!-- Description of steps taken to verify the change -->richardrichardhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/892Bug 41037: Set time on signing machine before starting signing2024-01-18T10:32:35ZboklmBug 41037: Set time on signing machine before starting signing## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#41037
### Backporting
#### Timeline
- [x] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Relea...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#41037
### Backporting
#### Timeline
- [x] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [ ] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [x] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Other**: please explain
### Issue Tracking
- [ ] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [x] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : clairehurst, dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **macos** : clairehurst, dan
- **nightly builds** : boklm
- **rebases/release-prep** : boklm, dan, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
### Change Description
After a reboot, the time on our signing machine is incorrect. To avoid
signing a release with incorrect timestamps, we set the time on the
signing machine at the beginning of the signing process.
#### How Tested
Not tested yet. I will test it while signing MB-13.0.9 and remove the draft status if it worked.boklmboklmhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/891Bug 41034&41055: Prepare Tor Browser and Mullvad Browser 13.0.92024-01-16T14:46:59ZPier Angelo VendrameBug 41034&41055: Prepare Tor Browser and Mullvad Browser 13.0.9## Merge Info
### Related Issues
- tor-browser-build#41034
- tor-browser-build#41055
## Review
### Request Reviewer
- [ ] Request review from a release engineer: boklm, dan, ma1, pierov, richard
### Change Description
Tor Browser ...## Merge Info
### Related Issues
- tor-browser-build#41034
- tor-browser-build#41055
## Review
### Request Reviewer
- [ ] Request review from a release engineer: boklm, dan, ma1, pierov, richard
### Change Description
Tor Browser and Mullvad Browser 13.0.9.Pier Angelo VendramePier Angelo Vendramehttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/881Bug 41056: Make it possible to use templates in var/torbrowser_incremental_from2024-01-16T13:06:22ZboklmBug 41056: Make it possible to use templates in var/torbrowser_incremental_from## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#41056
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [x] **Next Minor Stable Relea...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#41056
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [x] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [ ] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [x] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Other**: please explain
### Issue Tracking
- [x] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [x] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : clairehurst, dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **macos** : clairehurst, dan
- **nightly builds** : boklm
- **rebases/release-prep** : boklm, dan, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
### Change Description
Makes it possible to use templates in var/torbrowser_incremental_from
#### How Tested
Tested with this change:
```
diff --git a/rbm.conf b/rbm.conf
index befb4d80b..e94ebb7d1 100644
--- a/rbm.conf
+++ b/rbm.conf
@@ -84,9 +84,11 @@ var:
torbrowser_version: '13.5a3'
torbrowser_build: 'build1'
torbrowser_incremental_from:
+ - '[% IF c("var/tor-browser") %]tb1[% END %]'
- '13.0a6'
- '13.5a1'
- '13.5a2'
+ - '[% c("var/project-name") %]'
updater_enabled: 1
build_mar: 1
mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]'
```
And:
```
$ ./rbm/rbm showconf release update_responses_config --step update_responses_config --target torbrowser --target alpha
[...]
incremental_from:
- tb1
- 13.0a6
- 13.5a1
- 13.5a2
- tor-browser
[...]
$ ./rbm/rbm showconf release update_responses_config --step update_responses_config --target mullvadbrowser --target alpha
[...]
incremental_from:
- 13.0a6
- 13.5a1
- 13.5a2
- mullvad-browser
[...]
```boklmboklmhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/889Bug 41063: Run "file $keyring" in tools/keyring/list-all-keyrings2024-01-11T15:29:23ZboklmBug 41063: Run "file $keyring" in tools/keyring/list-all-keyrings## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#41063
### Backporting
#### Timeline
- [x] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Relea...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#41063
### Backporting
#### Timeline
- [x] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [ ] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [x] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Other**: please explain
### Issue Tracking
- [x] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [x] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : clairehurst, dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **macos** : clairehurst, dan
- **nightly builds** : boklm
- **rebases/release-prep** : boklm, dan, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
### Change Description
<!-- Whatever context the reviewer needs to effectively review the patchset; if the patch includes UX updates be sure to include screenshots/video of how any new behaviour -->
#### How Tested
Tested by running `./tools/keyring/list-all-keyrings`.boklmboklmhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/888Bug 41059: Update keyring/torbrowser.gpg with updated key2024-01-10T15:55:10ZboklmBug 41059: Update keyring/torbrowser.gpg with updated key## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#41059
### Backporting
#### Timeline
- [x] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Relea...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#41059
### Backporting
#### Timeline
- [x] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [ ] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [x] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Other**: please explain
### Issue Tracking
- [x] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [x] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : clairehurst, dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **macos** : clairehurst, dan
- **nightly builds** : boklm
- **rebases/release-prep** : boklm, dan, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
### Change Description
Tor Browser gpg key has been updated with a new expiration date on its
current subkey.
#### How Tested
Running `./tools/keyring/list-all-keyrings` before and after the change:
```
--- /tmp/1.txt 2024-01-10 10:11:10.053000000 +0100
+++ /tmp/2.txt 2024-01-10 10:19:55.023000000 +0100
@@ -216,7 +216,7 @@
sub rsa4096/2E1AC68ED40814E0 2014-12-15 [S] [expired: 2017-08-25]
sub rsa4096/2D000988589839A3 2014-12-15 [S] [revoked: 2015-08-26]
sub rsa4096/D1483FA6C3C07136 2016-08-24 [S] [expired: 2018-08-24]
-sub rsa4096/E53D989A9E2D47BF 2021-09-17 [S] [expires: 2024-02-19]
+sub rsa4096/E53D989A9E2D47BF 2021-09-17 [S] [expires: 2024-08-23]
./keyring/ubuntu.gpg
--------------------
```
Also the output from `file` is still the same:
```
$ file keyring/torbrowser.gpg
keyring/torbrowser.gpg: PGP/GPG key public ring (v4) created Mon Dec 15 10:54:02 2014 RSA (Encrypt or Sign) 4096 bits MPI=0xd032cf90e5c02c85...
```boklmboklmhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/890Bug 40606&40900: Use Clang to compile NSIS and update it to 3.092024-01-10T13:30:38ZPier Angelo VendrameBug 40606&40900: Use Clang to compile NSIS and update it to 3.09## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#xxxxx
- mullvad-browser#xxxxx
- tor-browser-build#40606, #40900
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#xxxxx
- mullvad-browser#xxxxx
- tor-browser-build#40606, #40900
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [x] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [ ] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Other**: please explain
### Issue Tracking
- [x] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [x] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : clairehurst, dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **macos** : clairehurst, dan
- **nightly builds** : boklm
- **rebases/release-prep** : boklm, dan, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
### Change Description
With this MR we start building NSIS with Clang instead of GCC.
The trick I was missing the previous time I tried was adding binutils to the container.
Updating it to 3.09 allows us to drop our patches...
Except that we need a new one: one of the patches was for reproducibility, which upstream said they fixed with `SOURCE_DATE_EPOCH`.
However, they don't apply `SOURCE_DATE_EPOCH` to an example DLL, so the intermediate artifacts cannot be easily checked (one example file contains a file that has the timestamp at which you actually built it).
I've opened https://sourceforge.net/p/nsis/patches/312/ to get that solved, and in the meantime I thought of still keeping that patch in our codebase, even though I expect we could do without it.
#### How Tested
Ran:
```bash
rbm/rbm build nsis --target torbrowser-windows-x86_64 && rbm/rbm build nsis --target torbrowser-windows-i686
```
Checked that they succeed and that the output matches in my local machine and in our build servers:
```
835d10b2eb420989d50fbfdc60db35390f554283f0d6ec4ea4f33f25ea77ab46 out/nsis/nsis-3.09-windows-i686-ea2664.tar.zst
2dc1dcb12c096c41f48849a159182f4b1a8a1c4a3daad26964fc372998c02fd3 out/nsis/nsis-3.09-windows-x86_64-11c693.tar.zst
```
I didn't try to build a full browser to check reproducibility, but I hope that since the artifacts are matching we are okay (i.e., no regressions in NSIS itself).
I haven't tried to build a browser at all, I'll leave a build going and test it later.Pier Angelo VendramePier Angelo Vendramehttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/887Bug 41058: Update Snowflake to 2.8.12024-01-09T17:39:11ZrichardBug 41058: Update Snowflake to 2.8.1## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#41058
### Backporting
#### Timeline
- [x] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Relea...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#41058
### Backporting
#### Timeline
- [x] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [ ] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [x] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Other**: please explain
### Issue Tracking
- [x] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [x] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : clairehurst, dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **macos** : clairehurst, dan
- **nightly builds** : boklm
- **rebases/release-prep** : boklm, dan, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
### Change Description
Updates the Snowflake to tag v2.8.1 and enables gpg tag and anti-censorship.gpg keyring requirement to the project.
#### How Tested
Doing a local build now.
EDIT: verified linux builds the v2.8.1 tag and the sig is verified:
```
$ ./rbm/rbm build snowflake --target torbrowser-linux-x86_64
Using file /home/pospeselr/Projects/tor-browser-build-alpha/out/container-image/container-image_stretch-amd64-323180213d81.tar.gz
Using file /home/pospeselr/Projects/tor-browser-build-alpha/out/go/go-1.21.5-linux-x86_64-2d5332.tar.gz
Using file /home/pospeselr/Projects/tor-browser-build-alpha/out/snowflake/go_vendor/snowflake-vendor-a0e3e871c464-7eec2d.tar.gz
Tag v2.8.1 is signed with key 5A618CE840883942BAF1334F009DE379FD9B7B90
Created /home/pospeselr/Projects/tor-browser-build-alpha/tmp/rbm-GyaPFD/rbm-dqD0J/snowflake-a0e3e871c464.tar.gz
Build log: /home/pospeselr/Projects/tor-browser-build-alpha/logs/snowflake-linux-x86_64.log
```richardrichardhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/851Bug 41015&41016: Switch from bullseye to bookworm on macOS+Windows and update...2024-01-09T13:34:05ZPier Angelo VendrameBug 41015&41016: Switch from bullseye to bookworm on macOS+Windows and update libc++ configuration on Windows## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#xxxxx
- mullvad-browser#xxxxx
- tor-browser-build#41015, #41016
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#xxxxx
- mullvad-browser#xxxxx
- tor-browser-build#41015, #41016
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [x] **Eventually**: patchset that needs to be verified in alpha before backport
- [x] **No Backport (preferred)**: patchset for the next major stable
Up to the rest of the team.
It depends also on whether we want tor-browser!829 (or the MR it'll replace it) on 13.0.
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [x] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Other**: please explain
The changes for desktop aren't that big, so it'll be easy both to survive without them but also to just take them.
### Issue Tracking
- [ ] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [x] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : clairehurst, dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **macos** : clairehurst, dan
- **nightly builds** : boklm
- **rebases/release-prep** : dan, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
#### Change Description
In this MR I resolve two issues:
- #41015: enable std::filesystem on Windows.
- It's needed to work around limitation of the Path* API we can use (there are newer functions that don't have these limits but aren't compatible with Windows 7).
- Mozilla has a similar patch in which they explicitly set the support to `ON` on CMake options. I think it's `ON` by default, but I followed anyway, and also explicitly set it to on for us.
- #41016: update from bullseye to bookworm
- since we're rebuilding everything on Windows, I thought of doing also this change, to avoid an additional full rebuild.
- On Windows, I had reproduciblity issues on `tor`, because the new version of `strip` adds timestamps (or maybe the new version of `install` is preferring `strip` to `llvm-strip`). I explicitly switched to `llvm-strip`, which solved the problem (`strip -p` should also work)
- no problems on macOS
- I've delayed the switch on Android because of the missing OpenJDK 11 package (see more information in the issue)
#### How Tested
Built on tb-build-02 (macOS), tb-build-03 (Windows) and my local machine (all, to check for reproduciblity).
Links:
- https://tb-build-02.torproject.org/~pierov/torbrowser/alpha/unsigned/13.5a1-build12/
- https://tb-build-03.torproject.org/~pierov/torbrowser/alpha/unsigned/13.5a1-build12/
I've done a very quick test (tried to launch and bootstrap, and some easy browsing) on Windows x86_64, Windows i686 (but on a 64-bit OS in a 64-bit VM), macOS (x86_64).
I haven't tested macOS aarch64.
PTs binaries haven't changed from 13.5a1 built with bullseye, so I haven't tried bridges.
In general, I don't think these changes are risky.
For the std::filesystem part, I've written this small program, and tested it builds with the new compiler and works:
```c++
#include <filesystem>
#include <iostream>
using namespace std;
namespace fs = std::filesystem;
int main(int argc, char *argv[]) {
fs::path p = fs::canonical(argv[0]);
cout << p.parent_path() << endl;
}
```Pier Angelo VendramePier Angelo Vendramehttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/879Bug 41053: Use Go 1.20 on Windows, except for Snowflake2024-01-08T17:36:11ZPier Angelo VendrameBug 41053: Use Go 1.20 on Windows, except for Snowflake## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#42179
- mullvad-browser#xxxxx
- tor-browser-build#41053
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#42179
- mullvad-browser#xxxxx
- tor-browser-build#41053
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [x] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [ ] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [x] **Censorship event**: patchset enables censorship circumvention
- [x] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [ ] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Other**: please explain
Some Windows 7/8 users are without PTs, and Go 1.21.5 might have made the situation worse.
### Issue Tracking
- [x] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [x] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : clairehurst, dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **macos** : clairehurst, dan
- **nightly builds** : boklm
- **rebases/release-prep** : boklm, dan, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
### Change Description
Up until 8867fa20d797dd8797d88948f2d9584077181724, we used two different Go versions for Android and desktop.
So, I've started from that situation and adapted to use Go 1.20 on Windows, except for Snowflake.
By checking the AC team repos, it seems to me Lyrebird requires 1.20, Conjure 1.17 and Webtunnel 1.18. Only Snowflake requires 1.21.
But since we got reports only for Windows, for other platforms I kept 1.21.
#### How Tested
Ran the following commands and verified they use the expected Go version:
```bash
rbm/rbm build lyrebird --target alpha --target torbrowser-windows-x86_64 # 1.20.12
rbm/rbm build snowflake --target alpha --target torbrowser-windows-x86_64 # 1.21.5
rbm/rbm build conjure --target alpha --target torbrowser-windows-x86_64 # 1.20.12
rbm/rbm build lyrebird --target alpha --target torbrowser-linux-x86_64 # 1.21.5
```Pier Angelo VendramePier Angelo Vendramehttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/885Bug 42343 (TB): Pass pt_config.json to the browser2024-01-08T14:16:23ZPier Angelo VendrameBug 42343 (TB): Pass pt_config.json to the browser## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#42343
- mullvad-browser#xxxxx
- tor-browser-build#xxxxx
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#42343
- mullvad-browser#xxxxx
- tor-browser-build#xxxxx
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [x] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [ ] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Other**: please explain
### Issue Tracking
- [ ] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [x] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : clairehurst, dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **macos** : clairehurst, dan
- **nightly builds** : boklm
- **rebases/release-prep** : boklm, dan, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
### Change Description
We're modifying TorSettings to consume the bridge lines from `pt_config.json`.
So, we need to provide the `pt_config.json` to Firefox and GeckoView, which we do with this MR.
**WARNING**: This MR should not be merged if we decide we don't want !877.
#### How Tested
Built for Linux and macOS with Firefox's git_hash set to the HEAD of tor-browser!877, then:
1. checked that `chrome://global/content/pt_config.json` doesn't have the special comment that we added for the developer builds
2. checked that we can still use built-in PTs
Didn't check on Windows, but it's usually very similar to Linux (whereas macOS uses a different path for `omni.ja`).
For Android, I've copied the changes on top of `tbb13.5a2-build1`, because I didn't have time to build the whole updated GV, then I checked the file was added in `assets/omni.ja` (you need to extract the APK first).Pier Angelo VendramePier Angelo Vendramehttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/886Bug 41021: Prepare Tor Browser Alpha 13.5a2-build2.2023-12-22T08:59:37ZPier Angelo VendrameBug 41021: Prepare Tor Browser Alpha 13.5a2-build2.## Merge Info
### Related Issues
- tor-browser-build#41021
- tor-browser-build#xxxxx
## Review
### Request Reviewer
- [x] Request review from a release engineer: boklm, dan, ma1, pierov, richard
### Change Description
Bumping only...## Merge Info
### Related Issues
- tor-browser-build#41021
- tor-browser-build#xxxxx
## Review
### Request Reviewer
- [x] Request review from a release engineer: boklm, dan, ma1, pierov, richard
### Change Description
Bumping only the GeckoView tag because it includes only Java changes, so it doesn't make trigger a Firefox rebuild.
I expect that we could `make torbrowser-alpha torbrowser-incrementals-alpha` and get desktop builds without acutally building them.Pier Angelo VendramePier Angelo Vendramehttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/884fixup! Bug 41021,41022: Prepare Tor+Mullvad Browser Alpha 13.5a32023-12-21T22:53:28Zrichardfixup! Bug 41021,41022: Prepare Tor+Mullvad Browser Alpha 13.5a3## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#41021
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Relea...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#41021
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [x] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [ ] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Other**: please explain
### Issue Tracking
- [ ] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [ ] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : clairehurst, dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **macos** : clairehurst, dan
- **nightly builds** : boklm
- **rebases/release-prep** : boklm, dan, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
### Change Description
Changelog update.
<!-- Whatever context the reviewer needs to effectively review the patchset; if the patch includes UX updates be sure to include screenshots/video of how any new behaviour -->
#### How Tested
<!-- Description of steps taken to verify the change -->richardrichard