tor-browser-build merge requestshttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests2024-03-28T08:10:53Zhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/942Bug 41094,41095: Tor,Mullvad Browser 13.5a6 Release Prep2024-03-28T08:10:53ZrichardBug 41094,41095: Tor,Mullvad Browser 13.5a6 Release Prep## Merge Info
### Related Issues
- tor-browser-build#41094
- tor-browser-build#41095
## Review
### Request Reviewer
- [x] Request review from a release engineer: boklm, dan, ma1, pierov, richard
### Change Description
Pending tags...## Merge Info
### Related Issues
- tor-browser-build#41094
- tor-browser-build#41095
## Review
### Request Reviewer
- [x] Request review from a release engineer: boklm, dan, ma1, pierov, richard
### Change Description
Pending tags:
- `tor-browser-115.9.0esr-13.5-1-build2`
- `firefox-android-115.2.1-13.5-1-build8`
- `mullvad-browser-115.9.0esr-13.5-1-build2`
Pending patches:
- https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/41111
/cc @boklm @clairehurst @dan @henry @ma1 @pierov pleaes have a look at the proposed changelists and see if any of your work is missing!richardrichardhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/940Bug 41108, 41109: Prepare Tor and Mullvad Browser Stable 13.0.132024-03-22T13:11:13ZrichardBug 41108, 41109: Prepare Tor and Mullvad Browser Stable 13.0.13## Merge Info
### Related Issues
- tor-browser-build#41108
- tor-browser-build#41109
## Review
### Request Reviewer
- [x] Request review from a release engineer: boklm, dan, ma1, pierov, richard
### Change Description
Preemptive r...## Merge Info
### Related Issues
- tor-browser-build#41108
- tor-browser-build#41109
## Review
### Request Reviewer
- [x] Request review from a release engineer: boklm, dan, ma1, pierov, richard
### Change Description
Preemptive release prep presuming we have a 115.9.1 Friday. Only update firefox presuming we are not shipping Android.
@pierov @ma1: Can you inform @ruihildt once/if :upside_down: we have matching (unsigned!) Mullvad Browser builds Friday?
@ruihildt: I'll let you know asap once we have signed builds to publish.richardrichardhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/925Bug 41093: Unsign APKs before signing them2024-02-28T15:19:13ZboklmBug 41093: Unsign APKs before signing them## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#41093
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Relea...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#41093
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [x] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [ ] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Other**: please explain
### Issue Tracking
- [x] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [x] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : clairehurst, dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **macos** : clairehurst, dan
- **nightly builds** : boklm
- **rebases/release-prep** : boklm, dan, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
### Change Description
Signing script changes for #41093.
#### How Tested
Not tested yet. I will test while signing the release tomorrow.boklmboklmhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/920Draft: Tor and Mullvad Browser for linux-arm64 (native and cross builds)2024-03-27T21:50:48ZNoisyCoilDraft: Tor and Mullvad Browser for linux-arm64 (native and cross builds)## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#12631
- tor-browser-build#32355
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ]...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#12631
- tor-browser-build#32355
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [x] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [ ] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [x] **Other**: new feature
### Issue Tracking
- [ ] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [ ] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : clairehurst, dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **macos** : clairehurst, dan
- **nightly builds** : boklm
- **rebases/release-prep** : boklm, dan, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
### Change Description
This MR adds linux-arm64 support to the Tor and Mullvad Browsers. The `{tor,mullvad,base}browser-$CHANNEL-linux-arm64` targets support both x86_64 cross-compilation and arm64 native builds (with a caveat, more on this ahead). Cross-compilation is the default. Native compilation is enabled by setting `targets/linux-arm64/var/linux-cross` to `0` in `rbm.conf`. Both the browsers currently build on both platforms and run on Fedora Asahi Remix 39 (Fedora on Apple Silicon). I didn't test the `basebrowser`, but since the other two work, that one should too. The Tor Browser is able to connect to onion sites, and to connect via bridges too.
To set up cross-compilation, I took control of an apparently unused build variable: `var/linux-cross`. This is set to `0` in all but the `{tor,base}browser-arm` targets, which in turn are never built. Of course, if I am mistaken and that variable was actually used, the code can be refactored to a separate path. When possible I recycled the old `var/linux-cross == 1` content.
#### Toolchain
`nasm` is not built as it is not needed for arm64.
When cross-compiling:
- two sets of `binutils` + `gcc` are built, native x86_64 and cross arm64
- `clang` and `rust` are built only once with native x86_64 and cross arm64 support
- `python`, `cbindgen` and `node` are built only for x86_64
- `go` can automatically compile for both x86_64 and arm64, so there was nothing to do here
When compiling natively:
- bootstrapping `go` from C code (as you know) requires building Go 1.4, which did not support arm64 as the host architecture. Thanks to a patch by Heikki Lindholm, we can however compile an arm (as in "32-bit arm") `go1.4`, which in turn can compile an arm64 `go1.19`. As it stands, therefore, the Tor Browser can be natively compiled only on arm64 platforms which support running 32-bit arm instructions, which excludes e.g. Apple Silicon. To natively build the Tor Browser on Asahi Linux, have a look at the instructions [here](https://gitlab.com/NoisyCoil/tor-browser-build/-/wikis/Building-on-Asahi-Linux) and use my [linux-arm64-asahi](https://gitlab.torproject.org/NoisyCoil/tor-browser-build/-/tree/linux-arm64-asahi?ref_type=heads) branch.
#### Things that need to be worked out
- ~I was unable to template the target replacements in `go` projects, so I had to remove those replacements. This breaks non-linux builds, so it must be fixed as a priority.~ (Fixed)
- ~When and only when cross-compiling arm64 from x86_64, most of the binaries in the `tor-expert-bundle` are dynamically linked to `libssp.so` for stack-protection. My system does not have that library, so I had to include it in the bundle to be loaded via `LD_LIBRARY_PATH` to make the Tor Browser work. I suspect the reason why `libssp.so` is pulled in is I'm compiling the `gcc` cross-compiler without hardening (following a hint I found in `projects/gcc/build` itself; native builds, on the other hand, have hardening enabled when compiling `gcc`). One could try building the cross compiler with hardening enabled to see what happens.~ (I was wrong, hardening the compiler itself had nothing to do with this. The issue was caused by the fact that the cross `gcc` didn't know the target `glibc` version at configure time, so it couldn't assume that `libssp.so` is not needed and linked against it when hardening the binaries in `tor-expert-bundle`. This is fixed now.)
- I was unable to use `clang` as the linker for the `aarch64-linux-gnu` target while compiling `rust` from x86_64. When I selected clang, it tried to pull in the native x86_64 GNU `ld` when linking arm64 binaries, so it understandably failed. To solve this, I had to explicitly select `aarch64-linux-gnu-gcc` as the linker for the `aarch64-linux-gnu` target. This is not necessarily a bad thing, but I thought I should mention it anyway.
- Most of the patches in `projects/firefox` should really go into the respective Tor or Mullvad Browser repos.
- Choosing whether to compile natively or to cross-compile should be more user-friendly, e.g. it should be decided via an option in `rbm.local.conf`. I was unable to template an integer to put in `rbm.conf`'s `targets/linux-arm64/var/linux-cross`.
#### Credits
While I rewrote most of the arm64 enablement from scratch, a huge thanks goes to Heikki Lindholm both for years of maintenance and builds of the Tor Browser for arm64, and for the content of some of the patches that went into this MR - most notably the `go-bootstrap`, `browser` and parts of the `firefox` patches. Also, I had good knowledge of his patchset, so in many cases I ended up doing what he is doing (e.g. the target replacement suppression).
#### How Tested
Tor and Mullvad Browser, cross and native, nightly and alpha builds tested, the browsers run on Debian 9 (Stretch) and Fedora Asahi Remix 39 with no apparent issues.NoisyCoilNoisyCoilhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/811Updated default merge request template (tor-browser-build)2023-09-15T17:09:21ZrichardUpdated default merge request template (tor-browser-build)## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- None
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- None
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [x] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [ ] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Other**: please explain
### Issue Tracking
- [ ] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [x] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **nightly builds** : boklm
- **rebases/release-prep** : dan_b, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
#### Change Description
<!-- Whatever context the reviewer needs to effectively review the patchset; if the patch includes UX updates be sure to include screenshots/video of how any new behaviour -->
Updated the MR template to include @clairehurst and added a cheeky testing sectionrichardrichardhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/741Bug 40730: Tor Browser 12.5.02023-06-21T13:01:41ZrichardBug 40730: Tor Browser 12.5.0## Merge Info
<!-- Bookkeeping information for release management -->
- ### Related Issues
- tor-browser-build#40730
- ### Backport Timeline
- [ ] **Immediate** - patchsets for critical bug fixes or other major blocker (e.g. fixes...## Merge Info
<!-- Bookkeeping information for release management -->
- ### Related Issues
- tor-browser-build#40730
- ### Backport Timeline
- [ ] **Immediate** - patchsets for critical bug fixes or other major blocker (e.g. fixes for a 0-day exploit) OR patchsets with trivial changes which do not need testing (e.g. fixes for typos or fixes easily verified in a local developer build)
- [ ] **Next Minor Stable Release** - patchset that needs to be verified in nightly before backport
- [ ] **Eventually** - patchset that needs to be verified in alpha before backport
- [x] **No Backport** - patchset for the next major stable
- ### Issue Tracking
- [x] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
## Change Description
First pass at a 12.5 release prep MR.
I've removed conjure and webtunnel PTs from the tor-expert-bundle, so they should no longer be packaged in the final browser (EDIT: I realise now that we need to do more here for Android, will force push a new version in a second).
The firefox and geckoview projects presume we will have another build3 tag in the tor-browser-102.12.0esr-12.5-1 branch which does not exist yet.
Please have a look at the Changelog an make sure ther earen't any obvious errors. I derived this changelog via the existing 12.5 alpha and 12.0 stable changelogs plus manual pruning, so any errors there will have propagated.
/cc @boklm @dan @henry @ma1 @pierov @donutsrichardrichardhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/738Bug 40855 (and more): Toolchain updates for Mozilla 1152023-07-20T14:33:10ZPier Angelo VendrameBug 40855 (and more): Toolchain updates for Mozilla 115## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#40855
- #40854
- #40487
- #40410
- #40802
- #31588
- #40832
### Backport Timeline
- [ ] **Immediate** - ...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#40855
- #40854
- #40487
- #40410
- #40802
- #31588
- #40832
### Backport Timeline
- [ ] **Immediate** - patchsets for critical bug fixes or other major blocker (e.g. fixes for a 0-day exploit) OR patchsets with trivial changes which do not need testing (e.g. fixes for typos or fixes easily verified in a local developer build)
- [ ] **Next Minor Stable Release** - patchset that needs to be verified in nightly before backport
- [ ] **Eventually** - patchset that needs to be verified in alpha before backport
- [x] **No Backport** - patchset for the next major stable
### Issue Tracking
- [x] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
## Change Description
First pass for the Mozilla 115 update.
Leaving a final commit with the various trees until the MRs are accepted, so that it's possible to build the browsers in the meantime.
Android will need a big cleanup.
Only GV is buildable for now.
We need #40102 to be solved and merged before this one.
I cherry-picked its commit partially to unblock me, but ideally I should remove it.
/cc @boklm @richardPier Angelo VendramePier Angelo Vendramehttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/737Bug 40851+40875+40878: signing changes for 12.5a72023-06-12T20:20:38ZboklmBug 40851+40875+40878: signing changes for 12.5a7## Merge Info
<!-- Bookkeeping information for release management -->
- ### Related Issues
- Closes #40851
- Closes #40875
- Closes #40878
- ### Backport Timeline (for `maint-12.0-mullvad`)
- [x] **Immediate** - patchsets for...## Merge Info
<!-- Bookkeeping information for release management -->
- ### Related Issues
- Closes #40851
- Closes #40875
- Closes #40878
- ### Backport Timeline (for `maint-12.0-mullvad`)
- [x] **Immediate** - patchsets for critical bug fixes or other major blocker (e.g. fixes for a 0-day exploit) OR patchsets with trivial changes which do not need testing (e.g. fixes for typos or fixes easily verified in a local developer build)
- ### Issue Tracking
- [ ] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
## Change Description
<!-- Whatever context the reviewer needs to effectively review the patchset -->
I used this to sign 12.5a7.boklmboklmhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/727Bug 40869: Temporarily set obfs4 to a fixed commit2023-06-01T15:57:17ZboklmBug 40869: Temporarily set obfs4 to a fixed commit## Merge Info
<!-- Bookkeeping information for release management -->
- ### Related Issues
- #40869
- ### Backport Timeline
- [ ] **Immediate** - patchsets for critical bug fixes or other major blocker (e.g. fixes for a 0-day ex...## Merge Info
<!-- Bookkeeping information for release management -->
- ### Related Issues
- #40869
- ### Backport Timeline
- [ ] **Immediate** - patchsets for critical bug fixes or other major blocker (e.g. fixes for a 0-day exploit) OR patchsets with trivial changes which do not need testing (e.g. fixes for typos or fixes easily verified in a local developer build)
- [ ] **Next Minor Stable Release** - patchset that needs to be verified in nightly before backport
- [ ] **Eventually** - patchset that needs to be verified in alpha before backport
- [x] **No Backport** - patchset for the next major stable
- ### Issue Tracking
- [ ] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
## Change Description
<!-- Whatever context the reviewer needs to effectively review the patchset -->
To avoid broken nightly builds, we set obfs4 nightly to a fixed commit,
until the changes required by the renaming from obfs4 to lyrebird are
done.
/cc @meskioboklmboklmhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/701Update Mullvad Browser release prep templates to include communications with ...2023-04-20T18:07:58ZrichardUpdate Mullvad Browser release prep templates to include communications with downstream package maintainers## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
### Backport Timeline
- [ ] **Immediate** - patchsets for critical bug fixes or other major blocker (e.g. fixes for a 0-day exploit) OR patchs...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
### Backport Timeline
- [ ] **Immediate** - patchsets for critical bug fixes or other major blocker (e.g. fixes for a 0-day exploit) OR patchsets with trivial changes which do not need testing (e.g. fixes for typos or fixes easily verified in a local developer build)
- [ ] **Next Minor Stable Release** - patchset that needs to be verified in nightly before backport
- [ ] **Eventually** - patchset that needs to be verified in alpha before backport
- [x] **No Backport** - patchset for the next major stable
### Issue Tracking
- [ ] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
## Change Description
So far we have (at least) the following downstream packages for Mullvad Browser being maintained:
- Linx:
- arch - https://aur.archlinux.org/packages/mullvad-browser-bin
- flatpack - https://github.com/flathub/flathub/pull/4052/commits
- macOS:
- homebrew - https://github.com/Homebrew/homebrew-cask/blob/master/Casks/mullvad-browser.rb
Don't have the contact info yet for the homebrew maintainer but to keep it up to date would just require a version bump to the configuration.
/cc @ruihildt fyirichardrichardhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/691Bug 40828: Use archive.debian.org mirror for jessie2023-03-27T17:18:02ZboklmBug 40828: Use archive.debian.org mirror for jessie## Merge Info
<!-- Bookkeeping information for release management -->
- ### Related Issues
- Closes #40828
- ### Backport Timeline
- [x] **Immediate** - patchsets for critical bug fixes or other major blocker (e.g. fixes for a 0-d...## Merge Info
<!-- Bookkeeping information for release management -->
- ### Related Issues
- Closes #40828
- ### Backport Timeline
- [x] **Immediate** - patchsets for critical bug fixes or other major blocker (e.g. fixes for a 0-day exploit) OR patchsets with trivial changes which do not need testing (e.g. fixes for typos or fixes easily verified in a local developer build)
- [ ] **Next Minor Stable Release** - patchset that needs to be verified in nightly before backport
- [ ] **Eventually** - patchset that needs to be verified in alpha before backport
- [ ] **No Backport** - patchset for the next major stable
- ### Issue Tracking
- [x] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
## Change Description
<!-- Whatever context the reviewer needs to effectively review the patchset -->boklmboklmhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/678Big 40810: Enable Finnish localization2023-03-13T13:37:54ZPier Angelo VendrameBig 40810: Enable Finnish localization## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#40810
### Backport Timeline
- [ ] **Immediate** - patchsets for critical bug fixes or other major blocker (e.g. fixes for...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#40810
### Backport Timeline
- [ ] **Immediate** - patchsets for critical bug fixes or other major blocker (e.g. fixes for a 0-day exploit) OR patchsets with trivial changes which do not need testing (e.g. fixes for typos or fixes easily verified in a local developer build)
- [ ] **Next Minor Stable Release** - patchset that needs to be verified in nightly before backport
- [ ] **Eventually** - patchset that needs to be verified in alpha before backport
- [x] **No Backport** - patchset for the next major stable
### Issue Tracking
- [x] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
## Change Description
Enable Finnish localization in nightlies and in the next alpha (12.5a4).Pier Angelo VendramePier Angelo Vendramehttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/672Bug 40750: Solve rlbox reproducibility problems2023-03-06T08:58:28ZPier Angelo VendrameBug 40750: Solve rlbox reproducibility problems## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#40750
- tor-browser-build#40353
### Backport Timeline
- [ ] **Immediate** - patchsets for critical bug fixes or other m...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser-build#40750
- tor-browser-build#40353
### Backport Timeline
- [ ] **Immediate** - patchsets for critical bug fixes or other major blocker (e.g. fixes for a 0-day exploit) OR patchsets with trivial changes which do not need testing (e.g. fixes for typos or fixes easily verified in a local developer build)
- [ ] **Next Minor Stable Release** - patchset that needs to be verified in nightly before backport
- [ ] **Eventually** - patchset that needs to be verified in alpha before backport
- [x] **No Backport** - patchset for the next major stable
### Issue Tracking
- [ ] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
## Change Description
The problem with reproducibility seems to be related to `libc.a` not being built in a reproducible way.
I've added a script to re-create this archive, as the trivial changes to `libc`'s `Makefile` aren't enough.
For the reviewer: let's build an alpha testbuild for all platforms with `make torbrowser-testbuild` (remember to disable nightly in `rbm.local.conf`).
Upstream issue: https://github.com/WebAssembly/wasi-libc/issues/398Pier Angelo VendramePier Angelo Vendramehttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/610Bug 40717: Create a script to prepare changelogs2022-12-20T10:39:11ZPier Angelo VendrameBug 40717: Create a script to prepare changelogsStill missing the ability to move issues to "Build System", but we can work on that.
Closes #40717.Still missing the ability to move issues to "Build System", but we can work on that.
Closes #40717.Pier Angelo VendramePier Angelo Vendramehttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/564Bug 40646: Don't build Español AR anymore2022-10-28T07:14:31ZrichardBug 40646: Don't build Español AR anymore/cc @emmapeel/cc @emmapeelrichardrichardhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/540Enable uTLS and use the full bridge line for snowflake2023-09-04T12:01:08Zmeskiomeskio@torproject.orgEnable uTLS and use the full bridge line for snowflakeResolves #40654
In some networks they block snowflake on mobile phones by it's TLS
fingerprint, let's use uTLS by default.
Including the full bridge line helps for other clients that don't have
the default params already configured whe...Resolves #40654
In some networks they block snowflake on mobile phones by it's TLS
fingerprint, let's use uTLS by default.
Including the full bridge line helps for other clients that don't have
the default params already configured when launching snowflake client.
Related:
https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/101
https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/96meskiomeskio@torproject.orgmeskiomeskio@torproject.orghttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/532Bug 40585: Prune the manual more2022-10-12T16:47:34ZPier Angelo VendrameBug 40585: Prune the manual moreThis is huge: 24.9MB -> 5.4MB for the gzipped tarball!!
I've removed the fonts, even if they are referenced, because they cannot be used (for some security reason).
However, we have enough fonts to render the manual anyway, maybe we hav...This is huge: 24.9MB -> 5.4MB for the gzipped tarball!!
I've removed the fonts, even if they are referenced, because they cannot be used (for some security reason).
However, we have enough fonts to render the manual anyway, maybe we have a slightly worse result, as we don't pack many weights.
I don't know how much we'll save on the final packages, but let's hope that we can get multi-lingual without an increased size with this.
I've preferred to add `[% c("var/build_id") %]` to the filename, to prevent conflicts with the tarballs created with the old script (even though old versions should never conflict, since people build with the tag).
We should ping the web team, and ask them if some of these files could be completely removed from their repos.
Closes #40585.Pier Angelo VendramePier Angelo Vendramehttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/522Bug 40631: Stop bundling HTTPS Everywhere on Android.2022-10-10T09:14:03Zma1Bug 40631: Stop bundling HTTPS Everywhere on Android.tor-browser-build part of tor-browser#41160.tor-browser-build part of tor-browser#41160.ma1ma1https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/427Bug 40186: fonts: Download .zip archive instead of Git clone2022-03-28T10:26:31ZJeremyRandBug 40186: fonts: Download .zip archive instead of Git cloneReduces storage usage from >6 GiB to <40 MiB.
Fixes #40186Reduces storage usage from >6 GiB to <40 MiB.
Fixes #40186JeremyRandJeremyRandhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/413Bug 40436: Use intermediate files for default bridge lines2022-02-28T13:08:47ZboklmBug 40436: Use intermediate files for default bridge linesCloses #40436.
With this patch the list of bridges can be found in the following files, with one bridge per line:
- projects/common/bridges_list.obfs4.txt
- projects/common/bridges_list.meek-azure.txt
- projects/common/bridges_list.snow...Closes #40436.
With this patch the list of bridges can be found in the following files, with one bridge per line:
- projects/common/bridges_list.obfs4.txt
- projects/common/bridges_list.meek-azure.txt
- projects/common/bridges_list.snowflake.txt
/cc @meskio
I did not finish building with this patch yet, so this is still a draft.boklmboklm