Skip to content
Snippets Groups Projects
Commit e8ef8c15 authored by morgan's avatar morgan :smile_cat: Committed by Pier Angelo Vendrame
Browse files

fixup! TB 43616: Customize Gitlab Issue and Merge Request templates 

Tor Browser specific updates
parent 60973dbc
Branches
Tags
1 merge request!1505BB/TB 43416: Rebased onto 135.0a1
Show whitespace changes
Inline Side-by-side
Showing
with 202 additions and 149 deletions
.gitlab/issue_templates/062 Rebase - Legacy.md
+ 8
0
View file @ e8ef8c15
# ⤵️ Rebase Legacy
**NOTE:** All examples in this template reference the rebase from 115.17.0esr to 115.18.0esr
<details>
......@@ -110,4 +112,10 @@
```
- [ ] Push tag to `upstream`
<!-- Do not edit beneath this line <3 -->
---
/label ~"Apps::Product::TorBrowser"
/label ~"Apps::Type::Rebase"
/label ~"Apps::Priority::Blocker"
.gitlab/issue_templates/070 Uplift.md
+ 12
8
View file @ e8ef8c15
# ⬆️ **Uplift**
<!--
Title:
Uplift tor-browser#12345: Title of Issue
......@@ -5,22 +6,25 @@ Title:
This is an issue for tracking uplift of a patch-set to Firefox
-->
## Uplift Patchset
## Book-keeping
### Book-keeping
#### Gitlab Issue(s)
### Gitlab Issue(s)
- tor-browser#12345
- mullvad-browser#123
#### Merge Request(s)
### Merge Request(s)
- tor-browser!123
#### Upstream Mozilla Issue(s):
### Upstream Mozilla Issue(s):
- https://bugzilla.mozilla.org/show_bug.cgi?id=12345
### Notes
## Notes
<!--
Whatever additional info, context, etc that would be helpful for uplifting -->
<!-- Do not edit beneath this line <3 -->
<!-- whatever additional info, context, etc that would be helpful for uplifting -->
---
/label ~"Apps::Product::TorBrowser"
/label ~"Apps::Type::Uplift"
.gitlab/issue_templates/080 Security Backports.md
+ 22
77
View file @ e8ef8c15
# 🛡️ **Security Backports**
<details>
<summary>Explanation of Variables</summary>
......@@ -16,20 +18,14 @@
**NOTE:** It is assumed the `tor-browser` rebases (stable and alpha) have already happened and there exists a `build1` build tags for both `base-browser` and `tor-browser` (stable and alpha)
### **Bookkeeping**
## **Bookkeeping**
- [ ] Link this issue to the appropriate [Release Prep](https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Apps%3A%3AType%3A%3AReleasePreparation) issues (stable and alpha).
- [ ] Link this issue to the appropriate [Release Prep](https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Apps%3A%3AType%3A%3AReleasePreparation) issues (alpha, stable, and legacy).
### **Security Vulnerabilities Report**: https://www.mozilla.org/en-US/security/advisories/
## **Security Vulnerabilities Report**: https://www.mozilla.org/en-US/security/advisories/
- Potentially Affected Components:
- `firefox`/`geckoview`: https://github.com/mozilla/gecko-dev
- `application-services`: https://github.com/mozilla/application-services
- `android-components` (ESR 102 only): https://github.com/mozilla-mobile/firefox-android
- `fenix` (ESR 102 only): https://github.com/mozilla-mobile/firefox-android
- `firefox-android`: https://github.com/mozilla-mobile/firefox-android
**NOTE:** `android-components` and `fenix` used to have their own repos, but since November 2022 they have converged to a single `firefox-android` repo. Any backports will require manually porting patches over to our legacy repos until we have transitioned to ESR 115.
- [ ] Go through the `Security Vulnerabilities fixed in Firefox $(RR_VERSION)` report and create a candidate list of CVEs which potentially need to be backported in this issue:
- CVEs which are explicitly labeled as 'Android' only
......@@ -43,100 +39,49 @@
- To find the `gecko-dev` version of a `mozilla-central`, search for a unique string in the relevant `mozilla-central` commit message in the `gecko-dev/release` branch log.
- **NOTE:** This process is unfortunately somewhat poorly defined/ad-hoc given the general variation in how Bugzilla issues are labeled and resolved. In general this is going to involve a bit of hunting to identify needed commits or determining whether or not the fix is relevant.
### CVEs
## CVEs
<!-- CVE Resolution Template, foreach CVE to investigate add an entry in the form:
- [ ] https://www.mozilla.org/en-US/security/advisories/mfsaYYYY-NN/#CVE-YYYY-XXXXX // CVE description
- https://bugzilla.mozilla.org/show_bug.cgi?id=NNNNNN // Bugzilla issue
- **Note**: Any relevant info about this fix, justification for why it is not necessary, etc
- **Patches**
- firefox-android: https://link.to/relevant/patch
- firefox: https://link.to/relevant/patch
-->
### **tor-browser**: https://gitlab.torproject.org/tpo/applications/tor-browser.git
## **tor-browser**: https://gitlab.torproject.org/tpo/applications/tor-browser.git
- [ ] Backport any Android-specific security fixes from Firefox rapid-release
- [ ] Backport patches to `tor-browser` stable branch
- [ ] Open MR
- [ ] Merge
- [ ] Rebase patches onto:
- [ ] cherry-pick patches onto:
- [ ] `base-browser` stable
- [ ] `mullvad-browser` stable
- [ ] `tor-browser` alpha
- [ ] `base-browser` alpha
- [ ] `mullvad-browser` alpha
- [ ] Sign/Tag commits:
- **Tag**: `$(PROJECT_NAME)-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)`
- **Message**: `Tagging $(BUILD_N) for $(ESR_VERSION)-based stable|alpha)`
- In **tor-browser-build.git**, run signing script:
```bash
./tools/browser/sign-tag.${PROJECT_NAME} ${CHANNEL} ${BUILD_N}
```
- [ ] `base-browser` stable
- [ ] `tor-browser` stable
- [ ] `mullvad-browser` stable
- [ ] `base-browser` alpha
- [ ] `tor-browser` alpha
- [ ] Push tags to `upstream`
- **OR**
- [ ] No backports
- [ ] `mullvad-browser` alpha
### **application-services**: https://gitlab.torproject.org/tpo/applications/application-services
- **NOTE**: we will need to setup a gitlab copy of this repo and update `tor-browser-build` before we can apply security backports here
- [ ] Backport any Android-specific security fixes from Firefox rapid-release
- [ ] Backport patches to `application-services` stable branch
- [ ] Open MR
- [ ] Merge
- [ ] Rebase patches onto `application-services` alpha
- [ ] Sign/Tag commits:
- **Tag**: `application-services-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)`
- **Message**: `Tagging $(BUILD_N) for $(ESR_VERSION)-based stable|alpha`
- [ ] `application-services` stable
- [ ] `application-services` alpha
- [ ] Push tags to `upstream`
- **OR**
- [ ] No backports
<!-- Do not edit beneath this line <3 -->
### **android-components (Optional, ESR 102)**: https://gitlab.torproject.org/tpo/applications/android-components.git
- [ ] Backport any Android-specific security fixes from Firefox rapid-release
- **NOTE**: Since November 2022, this repo has been merged with `fenix` into a singular `firefox-android` repo: https://github.com/mozilla-mobile/firefox-android. Any backport will require a patch rewrite to apply to our legacy `android-components` project.
- [ ] Backport patches to `android-components` stable branch
- [ ] Open MR
- [ ] Merge
- [ ] Rebase patches onto `android-components` alpha
- [ ] Sign/Tag commits:
- **Tag**: `android-components-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)`
- **Message**: `Tagging $(BUILD_N) for $(ESR_VERSION)-based stable|alpha)`
- [ ] `android-components` stable
- [ ] `android-components` alpha
- [ ] Push tags to `upstream`
- **OR**
- [ ] No backports
### **fenix (Optional, ESR 102)**: https://gitlab.torproject.org/tpo/applications/fenix.git
- [ ] Backport any Android-specific security fixes from Firefox rapid-release
- **NOTE**: Since February 2023, this repo has been merged with `android-components` into a singular `firefox-android` repo: https://github.com/mozilla-mobile/firefox-android. Any backport will require a patch rewrite to apply to our legacy `fenix` project.
- [ ] Backport patches to `fenix` stable branch
- [ ] Open MR
- [ ] Merge
- [ ] Rebase patches onto `fenix` alpha
- [ ] Sign/Tag commits:
- **Tag**: `tor-browser-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)`
- **Message**: `Tagging $(BUILD_N) for $(ESR_VERSION)-based stable|alpha)`
- [ ] `fenix` stable
- [ ] `fenix` alpha
- [ ] Push tags to `upstream`
- **OR**
- [ ] No backports
### **firefox-android**: https://gitlab.torproject.org/tpo/applications/firefox-android
- [ ] Backport any Android-specific security fixes from Firefox rapid-release
- [ ] Backport patches to `firefox-android` stable branch
- [ ] Open MR
- [ ] Merge
- [ ] Rebase patches onto `fenix` alpha
- [ ] Sign/Tag commits:
- **Tag**: `firefox-android-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)`
- **Message**: `Tagging $(BUILD_N) for $(ESR_VERSION)-based stable|alpha)`
- [ ] `firefox-android` stable
- [ ] `firefox-android` alpha
- [ ] Push tags to `upstream`
- **OR**
- [ ] No backports
---
/confidential
/label ~"Apps::Product::TorBrowser"
/label ~"Apps::Product::MullvadBrowser"
/label ~"Apps::Type::Backport"
/label ~"Apps::Priority::Blocker"
.gitlab/issue_templates/100 Release QA - Desktop.md
+ 57
9
View file @ e8ef8c15
# ✅ Release QA - Desktop
Manual QA test check-list for major desktop releases. Please copy/paste form into your own comment, fill out relevant info and run through the checklist!
<details>
<summary>Tor Browser Desktop QA Checklist</summary>
```markdown
```
# System Information
- Version: Tor Browser XXX
......@@ -25,6 +27,8 @@ Manual QA test check-list for major desktop releases. Please copy/paste form int
- [ ] Language notification/message bar
- [ ] Spoof English
- [ ] Check especially the recently added strings
- [ ] New Locales
- [ ] Bulgarian, Belarusian, Portuguese (PT)
- [ ] UI Customisations:
- [ ] New Identity
- [ ] Toolbar icon
......@@ -53,6 +57,7 @@ Manual QA test check-list for major desktop releases. Please copy/paste form int
- [ ] Betterboxing
- [ ] Reuse last window size
- [ ] Content alignment
- [ ] Window size indicator on window resize
- [ ] No letterboxing:
- [ ] empty tabs or privileged pages (eg: about:blank, about:about)
- [ ] full-screen video
......@@ -96,8 +101,9 @@ Manual QA test check-list for major desktop releases. Please copy/paste form int
## Connectivity + Anti-Censorship
- [ ] Tor daemon config by environment variables
- https://gitlab.torproject.org/tpo/applications/team/-/wikis/Environment-variables-and-related-preferences
- [ ] Internet Test ( about:preferences#connection )
- [ ] Fails when offline
- [ ] Internet Test ( bootstrap, also visible in about:preferences#connection )
- [ ] Fails when offline (Goes to offline about:neterror)
- **NOTE**: platform dependent, expected that Linux will just try to bootstrap forever
- [ ] Succeeds when online
- [ ] Bridges:
- Bootstrap
......@@ -122,7 +128,8 @@ Manual QA test check-list for major desktop releases. Please copy/paste form int
- [ ] Succeeds when not bootstrapped
- **TODO**: Lox
- [ ] Connect Assist
- Useful pref: `torbrowser.debug.censorship_level`
- Useful pref: `torbrowser.debug.censorship_level` (0-5; least to most censored)
- [ ] Connect Automatically checkbox triggers bootstrapping after one successful bootstrap attempt
- [ ] Auto-bootstrap updates Tor connection settings on success
- [ ] Auto-bootstrap restore previous Tor connection settings on failure
......@@ -147,10 +154,14 @@ Manual QA test check-list for major desktop releases. Please copy/paste form int
- **TODO** client auth
- [ ] **TODO**: .securedrop.tor.onion
- [ ] **TODO**: onion-service alt-svc
- [ ] HTML5 Video: https://tekeye.uk/html/html5-video-test-page
- [ ] MPEG4
- [ ] WebM
- [ ] Ogg
- [ ] HTML5 Video: https://onion-tests.pierov.org/video.html
- [ ] H264
- [ ] VP9
- [ ] VP8
- [ ] AV1
- [ ] Theora
- [ ] MPEG4 + mp3: only audio should work
- [ ] HEVC + AAC: should not work
- [ ] WebSocket Test: https://websocketking.com/
## External Components
......@@ -159,6 +170,43 @@ Manual QA test check-list for major desktop releases. Please copy/paste form int
- [ ] Not removable from about:addons
- [ ] Tests: https://test-data.tbb.torproject.org/test-data/noscript/
- **TODO**: fix test pages
## Tor Settings (about:preferences#connection)
- [ ] Proxy
- [ ] Bad Proxy Address Reports Error; e.g. any bad bad proxy address/port/etc
- [ ] On initial failure gives error modal
- [ ] On browser restart, will also give an error if provided a bad setting
- [ ] Good Proxy Works
- [ ] SOCKS5
- [ ] Bridge
- [ ] Bad Bridge Fails with error modal; eg: `0:0`
- [ ] Modifying Bridges *during* bootstrap should cancel bootstrap
- [ ] Firewall
- [ ] UI shouldn't accept bad ports (e.g. invalid port numbers, non-numbers, etc)
- [ ] Each individual setting type has it's own validation (i.e. not all or nothing anymore)
```
</details>
Please lay claim to a platform in the comments:
- Windows
- Windows 10, Windows 11
- x86
- x86_64
- macOS
- 10.15, 15.x
- x86_64
- aarch64
- Linux
- x86
- x86_64
<!-- Do not edit beneath this line <3 -->
---
/label ~"Apps::Product::TorBrowser"
/label ~"Apps::Type::Test"
/label ~"Apps::Priority::Blocker"
.gitlab/issue_templates/101 Release QA - Android.md
+ 41
5
View file @ e8ef8c15
# ✅ Release QA - Android
Manual QA test check-list for major android releases. Please copy/paste form into your own comment, fill out relevant info and run through the checklist!
<details>
<summary>Tor Browser Android QA Checklist</summary>
```markdown
```
# System Information
- Version: Tor Browser XXX
......@@ -19,6 +23,11 @@ Manual QA test check-list for major android releases. Please copy/paste form int
- [ ] Fingerprinting resistance: https://arkenfox.github.io/TZP/tzp.html
- [ ] Security level (Standard, Safer, Safest)
- **TODO**: test pages verifying correct behaviour
- [ ] Bookmarks: for now ensure adding/removing/etc work as expected and doesn't busy-spin
### Localisation
- [ ] New Locales
- [ ] Bulgarian, Belarusian, Portuguese (PT)
## Proxy safety
- [ ] Tor exit test: https://check.torproject.org
......@@ -30,6 +39,8 @@ Manual QA test check-list for major android releases. Please copy/paste form int
- [ ] DNS leaks: https://dnsleaktest.com
## Connectivity + Anti-Censorship
- [ ] Internet Test (try connect assist while actually offline)
- [ ] We expect this to fail but we should see what it actually does
- [ ] Bridges:
- Bootstrap
- Browse: https://check.torproject.org
......@@ -41,6 +52,11 @@ Manual QA test check-list for major android releases. Please copy/paste form int
- [ ] obfs4 from https://bridges.torproject.org
- [ ] webtunnel from https://bridges.torproject.org
- [ ] conjure from [gitlab](https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conjure/-/blob/main/client/torrc?ref_type=heads#L6)
- [ ] Connect Assist
- Useful pref: `torbrowser.debug.censorship_level` (0-5; least to most censored)
- [ ] Connect Automatically checkbox triggers bootstrapping after one successful bootstrap attempt
- [ ] Auto-bootstrap updates Tor connection settings on success
- [ ] Auto-bootstrap restore previous Tor connection settings on failure
## Web Browsing
- [ ] HTTPS-Only: http://http.badssl.com
......@@ -54,10 +70,14 @@ Manual QA test check-list for major android releases. Please copy/paste form int
- **TODO** client auth
- [ ] **TODO**: .securedrop.tor.onion
- [ ] **TODO**: onion-service alt-svc
- [ ] HTML5 Video: https://tekeye.uk/html/html5-video-test-page
- [ ] MPEG4
- [ ] WebM
- [ ] Ogg
- [ ] HTML5 Video: https://onion-tests.pierov.org/video.html
- [ ] H264
- [ ] VP9
- [ ] VP8
- [ ] AV1
- [ ] Theora
- [ ] MPEG4 + mp3: only audio should work
- [ ] HEVC + AAC: should not work
- [ ] WebSocket Test: https://websocketking.com/
## External Components
......@@ -69,3 +89,19 @@ Manual QA test check-list for major android releases. Please copy/paste form int
```
</details>
Please lay claim to an architecture in the comments:
Architectures:
- x86
- x86_64
- arm32
- aarch64
<!-- Do not edit beneath this line <3 -->
---
/label ~"Apps::Product::TorBrowser"
/label ~"Apps::Type::Test"
/label ~"Apps::Priority::Blocker"
.gitlab/issue_templates/110 Bugzilla Triage.md
+ 52
47
View file @ e8ef8c15
# Bugzilla Triage
# 📋 Bugzilla Triage
**NOTE** This issue presumes the branches and tags for the next Firefox release have already been created in tor-browser.git
......@@ -49,3 +49,8 @@
- [ ] morgan
- [ ] reviewer 1 <!-- replace with reviewer name :) -->
- [ ] reviewer 2 <!-- replace with reviewer name :) -->
/label ~"esr-140"
/label ~"Apps::Product::TorBrowser"
/label ~"Apps::Type::Audit"
/label ~"Apps::Priority::Blocker"
.gitlab/issue_templates/120 Bugzilla Audit.md
+ 10
3
View file @ e8ef8c15
# 🔍 Bugzilla Audit
<!--
Title:
Review Mozilla <bugzilla-num>: <bugzilla-description>
......@@ -5,10 +6,16 @@ Title:
**Bugzilla**: https://bugzilla.mozilla.org/show_bug.cgi?id=
<!-- briefly describe why this issue needs further review -->
## Description
<!-- Briefly describe why this issue needs further review -->
<!-- Do not edit beneath this line <3 -->
---
<!-- Make sure the "esr-" label is the correct version: -->
/label ~"esr-140"
/label ~"Bugzilla Review" ~"Apps::Type::Audit"
/label ~"Apps::Product::TorBrowser"
/label ~"Apps::Type::Audit"
/label ~"Apps::Priority::Blocker"
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment