Skip to content

GitLab

Explore

Sign in

The Tor Project
Applications
tor-browser-build
Merge requests
!923

Bug 41093: Add a patch to unsign APKs.

Review changes
Download
Patches
Plain diff

Pier Angelo Vendrame requested to merge pierov/tor-browser-build:bug_41093 into main Feb 27, 2024

Overview 3
Commits 1
Changes 4

Merge Info

Related Issues

tor-browser#xxxxx
mullvad-browser#xxxxx
#41093 (closed)

Backporting

Timeline

Immediate: patchset needed as soon as possible
Next Minor Stable Release: patchset that needs to be verified in nightly before backport
Eventually: patchset that needs to be verified in alpha before backport
No Backport (preferred): patchset for the next major stable

(Optional) Justification

Emergency security update: patchset fixes CVEs, 0-days, etc
Censorship event: patchset enables censorship circumvention
Critical bug-fix: patchset fixes a bug in core-functionality
Consistency: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- This patch is trivial enough and it might be appreciated by rebuilders. We'll have to check for the signing part though.
Sponsor required: patchset required for sponsor
Other: please explain

Issue Tracking

Link resolved issues with appropriate Release Prep issue for changelog generation

Review

Request Reviewer

Request review from an applications developer depending on modified system:
- NOTE: if the MR modifies multiple areas, please /cc all the relevant reviewers (since gitlab only allows 1 reviewer)
- accessibility : henry
- android : clairehurst, dan
- build system : boklm
- extensions : ma1
- firefox internals (XUL/JS/XPCOM) : ma1
- fonts : pierov
- frontend (implementation) : henry
- frontend (review) : donuts, richard
- localization : henry, pierov
- macos : clairehurst, dan
- nightly builds : boklm
- rebases/release-prep : boklm, dan, ma1, pierov, richard
- security : ma1
- signing : boklm, richard
- updater : pierov
- misc/other : pierov, richard

Change Description

With this commit we export a binary patch to strip the signature from the QA-signed APKs.

Another MR will consume this patch in the signing scripts.

How Tested

Built rbm/rbm browser --target alpha --target torbrowser-android-$arch and checked we get the expected files in our output directory.

Still to check:

the release projects actually include the hashes of the diff files (build in progress)
the new files are reproducible

so, marking as draft until I verify also this.

Edited Feb 27, 2024 by Pier Angelo Vendrame

Merge request reports

Assignee

Select assignees

Reviewers

Request review from

Time tracking