TB 43616: Customize Gitlab Issue and Merge Request templates (eb899144) · Commits · The Tor Project / Applications / Tor Browser

.gitlab/issue_templates/062 Rebase - Legacy.md

0 → 100644

+121 −0

Original line number	Diff line number	Diff line
		# ⤵️ Rebase Legacy

		NOTE: All examples in this template reference the rebase from 115.17.0esr to 115.18.0esr

		<details>
		<summary>Explanation of Variables</summary>

		- `$(ESR_VERSION)`: the Mozilla defined ESR version, used in various places for building tor-browser tags, labels, etc
		- Example: `115.18.0`
		- `$(ESR_TAG)`: the Mozilla defined hg (Mercurial) tag associated with `$(ESR_VERSION)`
		- Example: `FIREFOX_115_18_0esr_BUILD1`
		- `$(ESR_TAG_PREV)`: the Mozilla defined hg (Mercurial) tag associated with the previous ESR version when rebasing (ie, the ESR version we are rebasing from)
		- Example: `FIREFOX_115_17_0esr_BUILD1`
		- `$(BASE_BROWSER_BRANCH)`: the full name of the current `base-browser` branch
		- Example: `base-browser-115.18.0esr-13.5-1`
		- `$(BASE_BROWSER_BRANCH_PREV)`: the full name of the previous `base-browser` branch
		- Example: `base-browser-115.17.0esr-13.5-1`
		- `$(TOR_BROWSER_BRANCH)`: the full name of the current `tor-browser` branch
		- Example: `tor-browser-115.18.0esr-13.5-1`
		- `$(TOR_BROWSER_BRANCH_PREV)`: the full name of the previous `tor-browser` branch
		- Example: `tor-browser-115.17.0esr-13.5-1`
		</details>

		### Bookkeeping

		- [ ] Link this issue to the appropriate [Release Prep](https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Apps%3A%3AType%3A%3AReleasePreparation) issue.

		### Update Branch Protection Rules

		- [ ] In [Repository Settings](https://gitlab.torproject.org/tpo/applications/tor-browser/-/settings/repository):
		- [ ] Remove previous legacy `base-browser` and `tor-browser` branch protection rules (this will prevent pushing new changes to the branches being rebased)
		- [ ] Create new `base-browser` and `tor-browser` branch protection rule:
		- Branch: `-$(ESR_VERSION)esr-13.5-1`
		- Example: `-115.18.0esr-13.5-1`
		- Allowed to merge: `Maintainers`
		- Allowed to push and merge: `Maintainers`
		- Allowed to force push: `false`

		### Identify the Firefox Tagged Commit and Create New Branches

		- [ ] Find the Firefox mercurial tag here: https://hg.mozilla.org/releases/mozilla-esr102/tags
		- Example: `FIREFOX_115_18_0esr_BUILD1`
		- [ ] Find the analogous `gecko-dev` commit: https://github.com/mozilla/gecko-dev
		- Tip: Search for unique string (like the Differential Revision ID) found in the mercurial commit in the `gecko-dev/esr115` branch to find the equivalent commit
		- Example: `293d490d2e8d9fbb91c76336288f1287cbe285fb`
		- [ ] Sign and Tag `gecko-dev` commit
		- Sign/Tag `gecko-dev` commit :
		- Tag: `$(ESR_TAG)`
		- Message: `Hg tag $(ESR_TAG)`
		- [ ] Create new legacy `base-browser` branch from tag
		- Branch name in the form: `base-browser-$(ESR_VERSION)esr-13.5-1`
		- Example: `base-browser-115.18.0esr-13.5-1`
		- [ ] Create new legacy `tor-browser` branch from
		- Branch name in the form: `tor-browser-$(ESR_VERSION)esr-13.5-1`
		- Example: `tor-browser-115.18.0esr-13.5-1`
		- [ ] Push new `base-browser` branch to `upstream`
		- [ ] Push new `tor-browser` branch to `upstream`
		- [ ] Push new `$(ESR_TAG)` to `upstream`

		### Rebase tor-browser

		- [ ] Checkout a new local branch for the `tor-browser` rebase
		- Example: `git branch tor-browser-rebase FIREFOX_115_18_0esr_BUILD1`
		- [ ] (Optional) `base-browser` rebase
		- NOTE This step may be skipped if the `HEAD` of the previous `base-browser` branch is a `-buildN` tag
		- [ ] Cherry-pick the previous `base-browser` commits up to `base-browser`'s `buildN` tag onto new `base-browser` rebase branch
		- Example: `git cherry-pick FIREFOX_115_17_0esr_BUILD1..base-browser-115.17.0esr-13.5-1-build2`
		- [ ] Rebase and autosquash these cherry-picked commits
		- Example: `git rebase --autosquash --interactive FIREFOX_115_18_0esr_BUILD1 HEAD`
		- [ ] Cherry-pick remainder of patches after the `buildN` tag
		- Example: `git cherry-pick base-browser-115.17.0esr-13.5-1-build21..upstream/base-browser-115.17.0esr-13.5-1`
		- [ ] `tor-browser` rebase
		- [ ] Note the current git hash of `HEAD` for `tor-browser` rebase+autosquash step: `git rev-parse HEAD`
		- [ ] Cherry-pick the appropriate previous `tor-browser` branch's commit range up to the last `tor-browser` `buildN` tag
		- Example: `git cherry-pick base-browser-115.17.0esr-13.5-1-build1..tor-browser-115.17.0esr-13.5-1-build2
		- Example (if separate base-browser rebase was skipped): `git cherry-pick FIREFOX_115_17_0esr_BUILD1..tor-browser-115.17.0esr-13.5-1-build2`
		- [ ] Rebase and autosquash these newly cherry-picked commits: `git rebase --autosquash --interactive $(PREV_HEAD)`
		- Example: `git rebase --autosquash --interactive FIREFOX_115_18_0esr_BUILD1`
		- [ ] Cherry-pick remainder of patches after the last `tor-browser` `buildN` tag
		- Example: `git cherry-pick tor-browser-115.17.0esr-13.5-1-build1..upstream/tor-browser-115.17.0esr-13.5-1`
		- [ ] Rebase and autosquash again, this time replacing all `fixup` and `squash` commands with `pick`. The goal here is to have all of the `fixup` and `squash` commits beside the commit which they modify, but kept un-squashed for easy debugging/bisecting.
		- Example: `git rebase --autosquash --interactive FIREFOX_115_18_0esr_BUILD1`
		- [ ] Compare patch sets to ensure nothing weird happened during conflict resolution:
		- [ ] diff of diffs:
		- Do the diff between `current_patchset.diff` and `rebased_patchset.diff` with your preferred difftool and look at differences on lines that starts with + or -
		- `git diff $(ESR_TAG_PREV)..$(BROWSER_BRANCH_PREV) > current_patchset.diff`
		- `git diff $(ESR_TAG)..$(BROWSER_BRANCH) > rebased_patchset.diff`
		- diff `current_patchset.diff` and `rebased_patchset.diff`
		- If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456` (unless the previous `base-browser` branch includes changes not included in the previous `tor-browser` branch)
		- [ ] rangediff: `git range-diff $(ESR_TAG_PREV)..$(TOR_BROWSER_BRANCH_PREV) $(ESR_TAG)..HEAD`
		- Example: `git range-dif FIREFOX_115_17_0esr_BUILD1..upstream/tor-browser-115.17.0esr-13.5-1 FIREFOX_115_18_0esr_BUILD1..HEAD`
		- [ ] Open MR for the `tor-browser` rebase
		- [ ] Merge
		- Update and push `base-browser` branch
		- [ ] Reset the new `base-browser` branch to the appropriate commit in this new `tor-browser` branch
		- [ ] Push these commits to `upstream`

		### Sign and Tag

		- [ ] Sign/Tag `HEAD` of the merged `tor-browser` branch:
		- In tor-browser.git, checkout the new legacy `tor-browser` branch
		- In tor-browser-build.git, run signing script:
		```bash
		./tools/browser/sign-tag.torbrowser legacy build1
		```
		- [ ] Push tag to `upstream`
		- [ ] Sign/Tag HEAD of the merged `base-browser` branch:
		- In tor-browser.git, checkout the new legacy `base-browser` branch
		- In tor-browser-build.git, run signing script:
		```bash
		./tools/browser/sign-tag.basebrowser legacy build1
		```
		- [ ] Push tag to `upstream`

		<!-- Do not edit beneath this line <3 -->

		---

		/label ~"Apps::Product::TorBrowser"
		/label ~"Apps::Type::Rebase"
		/label ~"Apps::Priority::Blocker"

.gitlab/issue_templates/070 Uplift.md

0 → 100644

+30 −0

Original line number	Diff line number	Diff line
		# ⬆️ Uplift
		<!--
		Title:
		Uplift tor-browser#12345: Title of Issue

		This is an issue for tracking uplift of a patch-set to Firefox
		-->

		## Book-keeping

		### Gitlab Issue(s)
		- tor-browser#12345
		- mullvad-browser#123

		### Merge Request(s)
		- tor-browser!123

		### Upstream Mozilla Issue(s):
		- https://bugzilla.mozilla.org/show_bug.cgi?id=12345

		## Notes
		<!--
		Whatever additional info, context, etc that would be helpful for uplifting -->

		<!-- Do not edit beneath this line <3 -->

		---

		/label ~"Apps::Product::TorBrowser"
		/label ~"Apps::Type::Uplift"

.gitlab/issue_templates/080 Security Backports.md

0 → 100644

+87 −0

Original line number	Diff line number	Diff line
		# 🛡️ Security Backports

		<details>
		<summary>Explanation of Variables</summary>

		- `$(ESR_VERSION)`: the Mozilla defined ESR version, used in various places for building tor-browser tags, labels, etc
		- Example: `102.8.0`
		- `$(RR_VERSION)`: the Mozilla defined Rapid-Release version; Tor Browser for Android is based off of the `$(ESR_VERSION)`, but Mozilla's Firefox for Android is based off of the `$(RR_VERSION)` so we need to keep track of security vulnerabilities to backport from the monthly Rapid-Release train and our frozen ESR train.
		- Example: `110`
		- `$(PROJECT_NAME)`: the name of the browser project, either `base-browser` or `tor-browser`
		- `$(TOR_BROWSER_MAJOR)`: the Tor Browser major version
		- Example: `12`
		- `$(TOR_BROWSER_MINOR)`: the Tor Browser minor version
		- Example: either `0` or `5`; Alpha's is always `(Stable + 5) % 10`
		- `$(BUILD_N)`: a project's build revision within a its branch; many of the Firefox-related projects have a `$(BUILD_N)` suffix and may differ between projects even when they contribute to the same build.
		- Example: `build1`
		</details>

		NOTE: It is assumed the `tor-browser` rebases (stable and alpha) have already happened and there exists a `build1` build tags for both `base-browser` and `tor-browser` (stable and alpha)

		## Bookkeeping

		- [ ] Link this issue to the appropriate [Release Prep](https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Apps%3A%3AType%3A%3AReleasePreparation) issues (alpha, stable, and legacy).

		## Security Vulnerabilities Report: https://www.mozilla.org/en-US/security/advisories/

		- Potentially Affected Components:
		- `firefox`/`geckoview`: https://github.com/mozilla/gecko-dev

		- [ ] Go through the `Security Vulnerabilities fixed in Firefox $(RR_VERSION)` report and create a candidate list of CVEs which potentially need to be backported in this issue:
		- CVEs which are explicitly labeled as 'Android' only
		- CVEs which are fixed in Rapid Release but not in ESR
		- 'Memory safety bugs' fixed in Rapid Release but not in ESR
		- [ ] Foreach issue:
		- Create link to the CVE on [mozilla.org](https://www.mozilla.org/en-US/security/advisories/)
		- Example: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25740
		- Create link to the associated Bugzilla issues (found in the CVE description)
		- Create links to the relevant `gecko-dev`/other commit hashes which need to be backported OR a brief justification for why the fix does not need to be backported
		- To find the `gecko-dev` version of a `mozilla-central`, search for a unique string in the relevant `mozilla-central` commit message in the `gecko-dev/release` branch log.
		- NOTE: This process is unfortunately somewhat poorly defined/ad-hoc given the general variation in how Bugzilla issues are labeled and resolved. In general this is going to involve a bit of hunting to identify needed commits or determining whether or not the fix is relevant.

		## CVEs

		<!-- CVE Resolution Template, foreach CVE to investigate add an entry in the form:
		- [ ] https://www.mozilla.org/en-US/security/advisories/mfsaYYYY-NN/#CVE-YYYY-XXXXX // CVE description
		- https://bugzilla.mozilla.org/show_bug.cgi?id=NNNNNN // Bugzilla issue
		- Note: Any relevant info about this fix, justification for why it is not necessary, etc
		- Patches
		- firefox: https://link.to/relevant/patch
		-->

		## tor-browser: https://gitlab.torproject.org/tpo/applications/tor-browser.git
		- [ ] Backport any Android-specific security fixes from Firefox rapid-release
		- [ ] Backport patches to `tor-browser` stable branch
		- [ ] Open MR
		- [ ] Merge
		- [ ] cherry-pick patches onto:
		- [ ] `base-browser` stable
		- [ ] `mullvad-browser` stable
		- [ ] `tor-browser` alpha
		- [ ] `base-browser` alpha
		- [ ] `mullvad-browser` alpha
		- [ ] Sign/Tag commits:
		- In tor-browser-build.git, run signing script:
		```bash
		./tools/browser/sign-tag.${PROJECT_NAME} ${CHANNEL} ${BUILD_N}
		```
		- [ ] `base-browser` stable
		- [ ] `tor-browser` stable
		- [ ] `mullvad-browser` stable
		- [ ] `base-browser` alpha
		- [ ] `tor-browser` alpha
		- [ ] `mullvad-browser` alpha

		- [ ] Push tags to `upstream`
		- OR
		- [ ] No backports

		<!-- Do not edit beneath this line <3 -->

		---

		/confidential
		/label ~"Apps::Product::TorBrowser"
		/label ~"Apps::Product::MullvadBrowser"
		/label ~"Apps::Type::Backport"
		/label ~"Apps::Priority::Blocker"

.gitlab/issue_templates/100 Release QA - Desktop.md

0 → 100644

+212 −0

Original line number	Diff line number	Diff line
		# ✅ Release QA - Desktop

		Manual QA test check-list for major desktop releases. Please copy/paste form into your own comment, fill out relevant info and run through the checklist!

		<details>
		<summary>Tor Browser Desktop QA Checklist</summary>

		```
		# System Information

		- Version: Tor Browser XXX
		- OS: Windows\|macOS\|Linux YYY
		- CPU Architecture:
		- Profile: New\|Old

		# Features

		## Base functionality
		- [ ] Tor Browser launches successfully
		- [ ] Connects to the Tor network
		- [ ] Homepage loads:
		- [ ] about:tor
		- [ ] about:blank
		- [ ] custom
		- [ ] Tor Browser loads URLs passed by command-line after bootstrapped
		- [ ] Localisation (Browser chrome)
		- [ ] Language notification/message bar
		- [ ] Spoof English
		- [ ] Check especially the recently added strings
		- [ ] New Locales
		- [ ] Bulgarian, Belarusian, Portuguese (PT)
		- [ ] UI Customisations:
		- [ ] New Identity
		- [ ] Toolbar icon
		- [ ] Hamburger menu
		- [ ] File menu
		- [ ] New circuit for this site
		- [ ] Circuit display
		- [ ] Hamburger menu
		- [ ] File menu
		- [ ] No Firefox extras (Sync, Pocket, Report broken site, Tracking protection, etc)
		- [ ] No unified extensions button (puzzle piece)
		- [ ] NoScript button hidden
		- [ ] Context Menu Populated
		- [ ] Fingerprinting resistance: https://arkenfox.github.io/TZP/tzp.html
		- [ ] Security level (Standard, Safer, Safest)
		- Displays in:
		- toolbar icon
		- toolbar panel
		- about:preferences#privacy
		- [ ] On switch, each UI element is updated
		- [ ] On custom config (toggle `svg.disabled`)
		- [ ] each UI element displays warning
		- [ ] `Restore defaults` reverts custom prefs
		- TODO: test pages verifying correct behaviour
		- [ ] New identity
		- [ ] Betterboxing
		- [ ] Reuse last window size
		- [ ] Content alignment
		- [ ] Window size indicator on window resize
		- [ ] No letterboxing:
		- [ ] empty tabs or privileged pages (eg: about:blank, about:about)
		- [ ] full-screen video
		- [ ] pdf viewer
		- [ ] reader-mode
		- [ ] Downloads Warning
		- [ ] Downloads toolbar panel
		- [ ] about:downloads
		- [ ] Library window (<kbd>Ctrl</kbd>+<kbd>Shift</kbd>+<kbd>o</kbd>)
		- [ ] Drag and Drop protections:
		- [ ] Dragging a link from a tab to another tab in the same window works
		- [ ] Dragging a link from a tab to another tab in a separate window works
		- [ ] Dragging a link into the library creates a bookmark
		- [ ] Dragging a link from Tor Browser to Firefox doesn't work
		- [ ] Dragging a link from Firefox to Tor Browser works
		- [ ] Dragging a link from Tor Browser to another app (e.g., text editor) doesn't work
		- [ ] Repeat with page favicon

		## Proxy safety
		- [ ] Tor exit test: https://check.torproject.org
		- [ ] Circuit isolation
		- Following websites should all report different IP addresses
		- https://ifconfig.io
		- https://myip.wtf
		- https://wtfismyip.com
		- [ ] DNS leaks: https://dnsleaktest.com
		- [ ] Circuit Display
		- [ ] Website => circuit
		- [ ] Remote PDF => circuit
		- [ ] Remote image => circuit
		- [ ] .onion Website => circuit with onion-service relays
		- [ ] .tor.onion Website => circuit with onion-service relays, link to true onion address
		- http://ft.securedrop.tor.onion
		- [ ] Website in reader mode => circuit (same as w/o reader mode)
		- [ ] Local image => no circuit
		- [ ] Local SVG with remote content => catch-all circuit, but not shown
		- [ ] Local PDF => no circuit
		- [ ] Local HTML `file://` with local resources => no circuit
		- [ ] Local HTML `file://` with remote resources => catch-all circuit, but not shown

		## Connectivity + Anti-Censorship
		- [ ] Tor daemon config by environment variables
		- https://gitlab.torproject.org/tpo/applications/team/-/wikis/Environment-variables-and-related-preferences
		- [ ] Internet Test ( bootstrap, also visible in about:preferences#connection )
		- [ ] Fails when offline (Goes to offline about:neterror)
		- NOTE: platform dependent, expected that Linux will just try to bootstrap forever
		- [ ] Succeeds when online
		- [ ] Bridges:
		- Bootstrap
		- Browse: https://check.torproject.org
		- Bridge node in circuit-display
		- Bridge cards
		- Disable
		- Remove
		- [ ] Default bridges:
		- [ ] Removable as a group, not editable
		- [ ] obfs4
		- [ ] meek
		- [ ] snowflake
		- [ ] User provided bridges:
		- [ ] Removable and editable individually
		- [ ] obfs4 from https://bridges.torproject.org
		- [ ] webtunnel from https://bridges.torproject.org
		- [ ] conjure from [gitlab](https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conjure/-/blob/main/client/torrc?ref_type=heads#L6)
		- [ ] Request bridges...
		- [ ] Removable as a group, but not editable
		- [ ] Succeeds when bootstrapped
		- [ ] Succeeds when not bootstrapped
		- TODO: Lox
		- [ ] Connect Assist
		- Useful pref: `torbrowser.debug.censorship_level` (0-5; least to most censored)
		- [ ] Connect Automatically checkbox triggers bootstrapping after one successful bootstrap attempt
		- [ ] Auto-bootstrap updates Tor connection settings on success
		- [ ] Auto-bootstrap restore previous Tor connection settings on failure

		## Web Browsing
		- [ ] HTTPS-Only: http://http.badssl.com
		- [ ] Crypto-currency warning on http website
		- TODO: we should provide an example page
		- [ ] .onion:
		- [ ] torproject.org onion: http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion/
		- [ ] Onion-Location pill
		- [ ] Client authentication
		- You can create an ephemeral client-auth onion-service using [onion share](https://onionshare.org)
		- [ ] Remember key option saves the key between sessions.
		- [ ] Saved keys are viewable in preferences (privacy).
		- [ ] Can remove individual keys.
		- [ ] Can remove all keys at once.
		- [ ] Onion service errors
		- [ ] invalid onion: http://invalid.onion
		- [ ] onion offline: http://wfdn32ds656ycma5gvrh7duvdvxbg2ygzr3no3ijsya25qm6nnko4iqd.onion/
		- [ ] onion baddssl: https://gitlab.torproject.org/tpo/applications/team/-/wikis/Development-Information/BadSSL-But-Onion
		- TODO all the identity block states
		- TODO client auth
		- [ ] TODO: .securedrop.tor.onion
		- [ ] TODO: onion-service alt-svc
		- [ ] HTML5 Video: https://onion-tests.pierov.org/video.html
		- [ ] H264
		- [ ] VP9
		- [ ] VP8
		- [ ] AV1
		- [ ] Theora
		- [ ] MPEG4 + mp3: only audio should work
		- [ ] HEVC + AAC: should not work
		- [ ] WebSocket Test: https://websocketking.com/

		## External Components
		- [ ] NoScript
		- [ ] Latest Version: https://addons.mozilla.org/en-US/firefox/addon/noscript/
		- [ ] Not removable from about:addons
		- [ ] Tests: https://test-data.tbb.torproject.org/test-data/noscript/
		- TODO: fix test pages

		## Tor Settings (about:preferences#connection)
		- [ ] Proxy
		- [ ] Bad Proxy Address Reports Error; e.g. any bad bad proxy address/port/etc
		- [ ] On initial failure gives error modal
		- [ ] On browser restart, will also give an error if provided a bad setting
		- [ ] Good Proxy Works
		- [ ] SOCKS5
		- [ ] Bridge
		- [ ] Bad Bridge Fails with error modal; eg: `0:0`
		- [ ] Modifying Bridges during bootstrap should cancel bootstrap
		- [ ] Firewall
		- [ ] UI shouldn't accept bad ports (e.g. invalid port numbers, non-numbers, etc)
		- [ ] Each individual setting type has it's own validation (i.e. not all or nothing anymore)

		```

		</details>

		Please lay claim to a platform in the comments:

		- Windows
		- Windows 10, Windows 11
		- x86
		- x86_64
		- macOS
		- 10.15, 15.x
		- x86_64
		- aarch64
		- Linux
		- x86
		- x86_64

		<!-- Do not edit beneath this line <3 -->

		---

		/label ~"Apps::Product::TorBrowser"
		/label ~"Apps::Type::Test"
		/label ~"Apps::Priority::Blocker"

.gitlab/issue_templates/101 Release QA - Android.md

0 → 100644

+107 −0

Original line number	Diff line number	Diff line
		# ✅ Release QA - Android

		Manual QA test check-list for major android releases. Please copy/paste form into your own comment, fill out relevant info and run through the checklist!

		<details>
		<summary>Tor Browser Android QA Checklist</summary>

		```
		# System Information

		- Version: Tor Browser XXX
		- OS: Android YYY
		- Device + CPU Architecture: ZZZ

		# Features

		## Base functionality
		- [ ] Tor Browser launches successfully
		- [ ] Connects to the Tor network
		- [ ] Localisation (Browser chrome)
		- [ ] Check especially the recently added strings
		- [ ] Toolbars and menus work
		- [ ] Fingerprinting resistance: https://arkenfox.github.io/TZP/tzp.html
		- [ ] Security level (Standard, Safer, Safest)
		- TODO: test pages verifying correct behaviour
		- [ ] Bookmarks: for now ensure adding/removing/etc work as expected and doesn't busy-spin

		### Localisation
		- [ ] New Locales
		- [ ] Bulgarian, Belarusian, Portuguese (PT)

		## Proxy safety
		- [ ] Tor exit test: https://check.torproject.org
		- [ ] Circuit isolation
		- Following websites should all report different IP addresses
		- https://ifconfig.io
		- https://myip.wtf
		- https://wtfismyip.com
		- [ ] DNS leaks: https://dnsleaktest.com

		## Connectivity + Anti-Censorship
		- [ ] Internet Test (try connect assist while actually offline)
		- [ ] We expect this to fail but we should see what it actually does
		- [ ] Bridges:
		- Bootstrap
		- Browse: https://check.torproject.org
		- [ ] Default bridges:
		- [ ] obfs4
		- [ ] meek
		- [ ] snowflake
		- [ ] User provided bridges:
		- [ ] obfs4 from https://bridges.torproject.org
		- [ ] webtunnel from https://bridges.torproject.org
		- [ ] conjure from [gitlab](https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conjure/-/blob/main/client/torrc?ref_type=heads#L6)
		- [ ] Connect Assist
		- Useful pref: `torbrowser.debug.censorship_level` (0-5; least to most censored)
		- [ ] Connect Automatically checkbox triggers bootstrapping after one successful bootstrap attempt
		- [ ] Auto-bootstrap updates Tor connection settings on success
		- [ ] Auto-bootstrap restore previous Tor connection settings on failure

		## Web Browsing
		- [ ] HTTPS-Only: http://http.badssl.com
		- [ ] .onion:
		- [ ] torproject.org onion: http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion/
		- [ ] Onion service errors
		- [ ] invalid onion: http://invalid.onion
		- [ ] onion offline: http://wfdn32ds656ycma5gvrh7duvdvxbg2ygzr3no3ijsya25qm6nnko4iqd.onion/
		- [ ] onion baddssl: https://gitlab.torproject.org/tpo/applications/team/-/wikis/Development-Information/BadSSL-But-Onion
		- TODO all the identity block states
		- TODO client auth
		- [ ] TODO: .securedrop.tor.onion
		- [ ] TODO: onion-service alt-svc
		- [ ] HTML5 Video: https://onion-tests.pierov.org/video.html
		- [ ] H264
		- [ ] VP9
		- [ ] VP8
		- [ ] AV1
		- [ ] Theora
		- [ ] MPEG4 + mp3: only audio should work
		- [ ] HEVC + AAC: should not work
		- [ ] WebSocket Test: https://websocketking.com/

		## External Components
		- [ ] NoScript
		- [ ] Latest Version: https://addons.mozilla.org/en-US/firefox/addon/noscript/
		- [ ] Not removable from about:addons
		- [ ] Tests: https://test-data.tbb.torproject.org/test-data/noscript/
		- TODO: fix test pages
		```

		</details>

		Please lay claim to an architecture in the comments:

		Architectures:
		- x86
		- x86_64
		- arm32
		- aarch64

		<!-- Do not edit beneath this line <3 -->

		---

		/label ~"Apps::Product::TorBrowser"
		/label ~"Apps::Type::Test"
		/label ~"Apps::Priority::Blocker"