Bug 41015&41016: Switch from bullseye to bookworm on macOS+Windows and update libc++ configuration on Windows

Merge Info

Related Issues

• tor-browser#xxxxx
• mullvad-browser#xxxxx
• #41015 (closed), #41016 (closed)

Backporting

Timeline

• Immediate: patchset needed as soon as possible
• Next Minor Stable Release: patchset that needs to be verified in nightly before backport
• Eventually: patchset that needs to be verified in alpha before backport
• No Backport (preferred): patchset for the next major stable

Up to the rest of the team.

It depends also on whether we want tor-browser!829 (closed) (or the MR it'll replace it) on 13.0.

(Optional) Justification

• Emergency security update: patchset fixes CVEs, 0-days, etc
• Censorship event: patchset enables censorship circumvention
• Critical bug-fix: patchset fixes a bug in core-functionality
• Consistency: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
• Sponsor required: patchset required for sponsor
• Other: please explain

The changes for desktop aren't that big, so it'll be easy both to survive without them but also to just take them.

Issue Tracking

• Link resolved issues with appropriate Release Prep issue for changelog generation

Review

Request Reviewer

• Request review from an applications developer depending on modified system:
  • NOTE: if the MR modifies multiple areas, please /cc all the relevant reviewers (since gitlab only allows 1 reviewer)
  • accessibility : henry
  • android : clairehurst, dan
  • build system : boklm
  • extensions : ma1
  • firefox internals (XUL/JS/XPCOM) : ma1
  • fonts : pierov
  • frontend (implementation) : henry
  • frontend (review) : donuts, richard
  • localization : henry, pierov
  • macos : clairehurst, dan
  • nightly builds : boklm
  • rebases/release-prep : dan, ma1, pierov, richard
  • security : ma1
  • signing : boklm, richard
  • updater : pierov
  • misc/other : pierov, richard

Change Description

In this MR I resolve two issues:

• #41015 (closed): enable std::filesystem on Windows.
  • It's needed to work around limitation of the Path* API we can use (there are newer functions that don't have these limits but aren't compatible with Windows 7).
  • Mozilla has a similar patch in which they explicitly set the support to ON on CMake options. I think it's ON by default, but I followed anyway, and also explicitly set it to on for us.
• #41016 (closed): update from bullseye to bookworm
  • since we're rebuilding everything on Windows, I thought of doing also this change, to avoid an additional full rebuild.
  • On Windows, I had reproduciblity issues on tor, because the new version of strip adds timestamps (or maybe the new version of install is preferring strip to llvm-strip). I explicitly switched to llvm-strip, which solved the problem (strip -p should also work)
  • no problems on macOS
  • I've delayed the switch on Android because of the missing OpenJDK 11 package (see more information in the issue)

How Tested

Built on tb-build-02 (macOS), tb-build-03 (Windows) and my local machine (all, to check for reproduciblity).

Links:

• https://tb-build-02.torproject.org/~pierov/torbrowser/alpha/unsigned/13.5a1-build12/
• https://tb-build-03.torproject.org/~pierov/torbrowser/alpha/unsigned/13.5a1-build12/

I've done a very quick test (tried to launch and bootstrap, and some easy browsing) on Windows x86_64, Windows i686 (but on a 64-bit OS in a 64-bit VM), macOS (x86_64). I haven't tested macOS aarch64.

PTs binaries haven't changed from 13.5a1 built with bullseye, so I haven't tried bridges.

In general, I don't think these changes are risky.

For the std::filesystem part, I've written this small program, and tested it builds with the new compiler and works:

#include <filesystem>
#include <iostream>

using namespace std;
namespace fs = std::filesystem;

int main(int argc, char *argv[]) {
  fs::path p = fs::canonical(argv[0]);
  cout << p.parent_path() << endl;
}