Traditionally, we're switching from a Firefox ESR version to the next one.
I've done this work twice now, and I can see some of the problems it involves.
First, at a certain point we have to focus this change and we're in a sort of limbo with patches developed for the previous ESR while we're already rebasing, and the rebaser has to catch a lot.
Second, the rebase is a lot of work, but reviewing it is also a big one.
Third, we have a lots of conflicts.
In 13 Firefox versions, it's very likely that a commit is going to cause conflicts.
Because the long time it takes to do this work, last year I decided to start when 115 started nightly.
It gave us 2 additional months, which was great, considering it raised our budget from 3 months to 5 months.
I thought if I could do better, and I came up with the idea of traversing RR version by RR version, and I've started to do so.
My impression is that differences are much smaller, therefore easier to explain.
Also, it's a work we can spread during the year, and we can be ready to move to the build/Android parts sooner (even though also for Android we could do something similar), or in any case give some of the 5 months time to all members of the team.
I can see some disadvantages (and limits) also with this approach:
it's possible that with 13 rebases instead of just a few ones we lose more parts of the patches
possibly more (easy) conflicts to solve, so they might require more time at the end, than solving only one big conflict (but I'm not sure, I don't have metrics)
I've gone with a quick approach: I haven't solved non-trivial problems that involve fixing a patch, and I haven't tried to build/run
more load on the team (more reviews to do, if we end up not taking the quick way we might have to work on build problems every month)
as an alternative, the reviews could be done with a lower frequency, or even when we arrive to our final target (it will be a huge review on one shot, but at least it will be possible to find when something has changed more easily, by going through my notes)
I started from 115.x and go back to 115.0 to then go through the mozilla/release branch. I had a few conflicts because of the various backports. Starting this work as soon as possible would help with this.
This is in sync with tor-browser-115.8.0esr-13.5-1-build1 (the tag, because continuously cherry-picking in all the versions would have been too much work).
My guess is that this version contained all the stuff that Mozilla didn't want in the ESR already, so it was bigger than others.
My branch for it is tor-browser-116-13.5.
Base commit: ff486626d0de0e7f34d65ef000c657080ddf564d.
Rebase log
browser/app/permissions
I don't know what's wrong with this, but I had a conflict we had already fixed
in 115?!
Git really hates this change we did, and kept asking be about it.
services/settings/dumps/main/moz.build
Added the new translation stuff, just kept it for now, and we should recheck
remote settings in the future.
layout/generic/test/mochitest.ini
We append at the end of the file, and we get numerous conflicts because of this.
BrowserGlue
New SpeechDispatcher actor, some stuff has been esmified.
The old translation (which followed about:torconnect) has actually been removed.
The TorConnect actor should be removed in the correct commit in 115.
Upstream fixed some accessibility in fff1c96de6f1546b34b5c7e13df0784e6a988ae2.
This caused a conflict in where our patch added the code, but the patch itself
isn't affected (maybe we could check if we should update it, though).
browser/base/content/main-popupset.inc.xhtml
Upstream removed the inclusion of
../../../devtools/startup/enableDevToolsPopup.inc.xhtml, which was just before
the line we add.
toolkit/content/widgets/message-bar.css
Upstream moved the background gradient to @media not (prefers-contrast).
TODO: Ask UX people if it's okay.
toolkit/content/license.html
Upstream removed a license after the one we add in crypto safety.
Range-diff is very confused by this changed ️, but it seems to me I got it
right.
browser/components/preferences/main.inc.xhtml
We removed the big block of network preferenes, maybe something has changed
there, but since we don't care of that block I've just removed it again.
From the range-diff, this seems to be the only difference:
Some conflict in lazy defines because of some upstream esmification.
BTW, we still mention the red about:tor, which isn't a thing anymore ️.
toolkit/actors/NetErrorParent.sys.mjs
Also some esmification.
browser/base/content/browser-places.js
More esmification.
netwerk/protocol/http/HttpBaseChannel.cpp
Now upstream checks RFPTarget::HttpUserAgent.
browser/base/content/browser.js
Some esmification.
Also, took the occasion of using the OnionLocationParent as es module, rather
than old module (I must have missed this when moving to ESM modules).
TODO: Check the patchset if we still use jsm where we could use mjs.
250a15682f45ebd60ece61667d32e6a3990f3d94 removed XP stuff, introducing a
conflict in one of our WebRTC patches.
browser/themes/shared/preferences/preferences.css
7e60f84b6ec7c303e07f303a4838e907265a9a05 removes pre-Windows 10 media queries,
and we modified one of them to hide the Windows SSO.
TODO: Verify the patch still works as expected.
browser/base/content/browser.xhtml
New JS where we used to add the one for the language bar.
Also, chrome://browser/skin/browser-aero.css was removed (not a conflict with
our code, but still interesting).
toolkit/modules/UpdateUtils.sys.mjs
formatUpdateURL was refactored. Luckily, we changed only one line there, so
it was easy to adapt it to the new refactor.
browser/base/content/browser.js
14ad5f1a886d7a8b1265659797e9d1ef0c50e825 refactored the OpenBrowserWindow
function.
Moved that part of the patch to browser/modules/BrowserWindowTracker.sys.mjs.
TODO: Verify it still makes sense.
toolkit/content/license.html
Moar license nonsense.
browser/components/places/PlacesUIUtils.sys.mjs
XPCOMUtils changed with ChromeUtils.
browser/base/content/browser-places.js
The argument of isOnNewTabPage is not only a currentURI value, but it is a
normal variable called uri.
It seems that it's the same, rather than having to use uri.currentURI.
Changed in commit 249d76638642dc052b144bf45461c5c14af46af7.
docshell/base/nsAboutRedirector.cpp
New about page (crashextensions).
browser/components/BrowserGlue.sys.mjs
Conflicts because XPCOMUtils have been changed to ChromeUtils in many parts
of the file.
TODO: Check if we need to do the same in some of our patches.
browser/components/about/components.conf
New about page enabled only in nightly builds (shoppingsidebar).
#setupRemoteSettings seems to have been renamed to
#getIgnoreListAndSubscribe. There was a general refactor in
91ba1cb671d238c90f15bec3a4ad0ba7e3ae6f14.
browser/components/BrowserContentHandler.sys.mjs
Conflicts because of 9e7b132bbbb6caf3a8b69ebf6bc8345097c9497f.
TODO: Check if this patch is still needed with the threat model changes.
browser/themes/shared/browser-shared.css
New stylesheet included (chrome://browser/skin/formautofill-notification.css).
Some changes upstream close to where we define mSpoofEnglish.
layout/generic/test/mochitest.ini
Mozilla refactored the various mochitest.ini and renamed them to TOML files.
See 0cb91fe33e4ad088bd2babe321fc0da49ceca9a3.
I've tried to add the test to mochitest.toml, but I'm not sure it works.
Anyway, we don't run the tests, and that particular test (the one for the
line-height compensation) is probably broken anyway these days.
dom/base/nsCopySupport.cpp
This feature is now gated behind StaticPrefs::clipboard_imageAsFile_enabled().
See 3b1a417bd3d614c198de708eb5237ef441faac58.
TODO: Drop the patch (Bug 33955) and set the pref instead. ️
browser/components/BrowserGlue.sys.mjs
Upstream added a new init (ResetPBMPanel) after SaveToPocket's.
toolkit/mozapps/update/updater/updater.cpp
A few commits there between 119 and 120 (with some improved logging and a memory
leak fixed, thanks Mozilla!).
It seems a couple fprintfs to stderr were changed to LOG around where we
patched stuff.
TODO: Check what this means for the post update stuff in Mullvad Browser!
Also, a new else branch has been added at a certain point just for some
logging. I left it, but I'm not sure it will compile at the first attempt.
browser/base/content/browser.xhtml
No more XML stylesheets (be1eb3c4b85b918cd991fcc68c0f92da1e80ce6d)! ️
However, this also screwed with our DTD translations (hope to get rid of them
very soon! ️).
browser/components/preferences/preferences.xhtml
Also XML stylesheets.
browser/components/preferences/privacy.js
New this._initThirdPartyCertsToggle(); checkbox.
TODO: This is very interesting. We should have a look at it. Maybe this
means nocertdb is finally split from that feature.
We append at the end of the file, and the previous content changed, hence the
conflict.
In general, there was a big refactor and mobile.js has been removed in
e1c08f9fbf3671467151c6aa8cbbee39c21f9d74.
We might have to audit this a little bit more.
mobile/android/app/moz.build
mobile.js was removed.
Various locales in Amazon search engines
We delete these files, but they changed upstream.
I kept deleting them.
dom/websocket/WebSocket.cpp
A comment changed where we check IsPotentiallyTrustworthyOnion.
I don't like this patch, it becomes quite hard to understand, which isn't
something we should do with security patches!!!
TODO: Refactor that part of the patch.
xpcom/base/ErrorList.py
Okay, I didn't know we patched also this file.
It seems Firefox has a mechanism to add errors with a certain binary mask,
probably in the most significant bits.
We used 45 as a mod, but upstream set it for the default browser agent (!), so
I updated our Tor codes to use mod 46.
TODO: Check if this means anything for default browser in Mullvad Browser.
toolkit/content/widgets/moz-toggle/moz-toggle.mjs
Mozilla removed labelTemplate(), and extracted the button code from render()
to a function on its own.
TODO: We'll have to double check how to re-implement the labelAlignAfter
functionality ️.
Download changes happened in b4ae989be0618fd1285f206eac3fdf22bd00aa88.
I don't think it makes sense to try to remove the calls to RemoteSettings.
Instead, we should mock another client that uses cached dumps.
It is a much smarter approach to this.
So, I just added a couple of early-returns that will break linting.
TODO: Check this patch once again, and possibly dump RemoteSettings in a
cleverer way.
mobile/android/geckoview/api.txt
A couple of conflicts where we add our new entries for spoof English and
security level.
I don't think we really need to populate this file.
browser/components/BrowserGlue.sys.mjs
about:plugins has gone ️ (Bug 747301).
toolkit/modules/RemotePageAccessManager.sys.mjs
Also removal of about:plugins.
browser/base/content/main-popupset.inc.xhtml
New include in the panel:
../../components/reportbrokensite/content/reportBrokenSitePanel.inc.xhtml.
Also, I noticed panel-footer-button was changed to footer-button (not sure
we need to change anything on our code).
toolkit/modules/ActorManagerParent.sys.mjs
New ReportBrokenSite entry before our TorConnect entry.
browser/base/content/browser-siteIdentity.js
warnTextOnInsecure has been moved earlier in the function.
The _isMixedActiveContentLoaded case (line 880 as of the Bug 23247 commit)
has changed and added the following case:
if (UrlbarPrefs.get("trimHttps")&&warnTextOnInsecure){icon_label=gNavigatorBundle.getString("identity.notSecure.label");this._identityBox.classList.add("notSecureText");}
In this rebase I switched from tor-browser-115.8.0esr-13.5-1-build1 (tor-browser-122-13.5-1) to tor-browser-115.9.0esr-13.5-1-build1.
In tor-browser-122-13.5-2 I squashed the various commits according the usual rules and added the new ones at the end of the branch, and in tor-browser-122-13.5-3 I moved the new commits to the expected positions.
Base commit: 3d7f487b56c7d78c380072eacb51a7d0ad736e39.
New plumbing for "global privacy control" creates a small conflict.
browser/components/BrowserGlue.sys.mjs
Bug 31575: Disable Firefox Home (Activity Stream)
There's a new about:asrouter in LightweightTheme.matches. I will leave it
for now, because even though we remove the page, it's probably fine to leave.
(Not a conflict in any case).
We remove some blocks, there were a couple of changes in those blocks, as you
can easily see in the range-diff.
toolkit/xre/nsUpdateDriver.cpp
Bug 4234: Use the Firefox Update Process for Base Browser.
In this difficult case, I tried to reapply upstream's changes instead of ours.
Then I ran diff of diff on the single commit to check whether we've lost
anything.
I lost these comments, but I think it's fine:
+// We need to detect whether elevation is required for this update. This can+// occur when an admin user installs the application, but another admin+// user attempts to update (see bug 394984).
Notice that the if condition changed, so I had to update our patch as well.
In general, the relevant changes were due to the change of
UpdateDriverSetupMacCommandLine.
browser/base/content/main-popupset.inc.xhtml
Bug 40925: Implemented the Security Level component
browser/components/preferences/privacy.js and
modules/libpref/init/StaticPrefList.yaml conflict.
This is basically a partial revert, so I had these conflicts in the first place
in some releases ago. However, it was kinda easy to solve (just code deletion).
This rebase should be comparable with tor-browser-115.9.0esr-13.5-1-build1.
(In 122, I followed the usual approach to squash commits, then cherry-picked the remaining ones, but I didn't compare 123 and 115.9.0 directly).
My branch for this rebase is tor-browser-123-13.5-1.
Base commit: aa8ba3be74720b19e24461d15a83cf38a7f00b5c.
Rebase log
browser/installer/package-manifest.in
Bug 16285: Exclude ClearKey system for now
New clearkey implementation (WMF).
Commented also that one (which in any case is built only when tests are
enabled).
TODO: Audit it (I think Thorin already had an issue for it).
services/settings/dumps/main/moz.build
Bug 31740: Remove some unnecessary RemoteSettings instances
A new entire block of stuff for search engine icons.
We really have to do something for the remote settings.
TODO: Check what this breaks.
browser/components/about/AboutRedirector.cpp
Bug 42037: Disable about:firefoxview page
firefoxview-next has been removed.
browser/components/about/components.conf
Bug 42037: Disable about:firefoxview page
Also removal of firefoxview-next.
browser/locales/jar.mn
fixup! Base Browser strings (a3b68aae356e)
preview/select-translations.ftl just before where we add our no-translate
file.
Bug 40069: Add helpers for message passing with extensions
Bug 1869678 (7f3019ccf2557112b7bb67e15173bb148a23f160) moved the CacheStore
class that was before the functions we use to pass stuff to NoScript
(git show --color-moved shows no changes during the movement, and in any case
it seems to me we weren't using that class).
browser/components/preferences/privacy.js
Bug 40925: Implemented the Security Level component
New property (shouldUpdateSiteUsageDataForSanitizeDialog) before where we
define _initSecurityLevel.
toolkit/content/widgets/message-bar.css
Bug 2176: Rebrand Firefox to TorBrowser
Bug 1845150 (614f900ec639d089866c6c8583e40affda911284) modified the notification
bar. It removed .container.infobar.
The code is now in a new file (toolkit/content/widgets/infobar.css), so I've
reported our change there.
xpcom/io/CocoaFileUtils.mm
Bug 13252: Customize profile management on macOS
Seems some refactor that add a lot of nsAutoreleasePool (Bug 1684897,
41a94980743ba7b4e800d57ec7a7bdae3f384645).
toolkit/modules/moz.build
Bug 40807: Added QRCode.js to toolkit/modules
PromiseUtils.sys.mjs has been removed upstream.
browser/base/content/browser-siteIdentity.js
Bug 23247: Communicating security expectations for .onion
_hasCustomRoot has a much simpler implementation.
It changed in Bug 1867624 (4c2785e75c118a6645e6fbf71f915b2b49cf6750).
I don't think the version before the conflict was 100% related to our needs, so
I'm just accepting upstream.
TODO: Make sure we run something that needs this code and check if this change
introduces new errors. Possibly, we should add tests, tests tests!
New lazy imports that we might want to remove (ASRouter,
ASRouterDefaultConfig).
It seems they were already in BrowserGlue, but then converted to ESM (see
Bug 1878731, 24defeb8da3e3ee45214313531c952824b35c321).
TODO: Check them.
Bug 40458: Implement .tor.onion aliases
New import (OnboardingMessageProvider) where we used to add OnionAliasStore.
browser/components/BrowserContentHandler.sys.mjs
Bug 4234: Use the Firefox Update Process for Base Browser
An update in a comment, and Services.prefs is used directly instead of
prefb.
As a parameter now is passed updateMilestones, which will influence whether
we will update some prefs with the new Base Browser version.
We have some code that mirrors Firefox's behavior, I've updated it as well.
The changes were part of Bug 1749345 (1eb7ddbd5d22c648aee449dc7caaca352656285c).
TODO: verify if my changes make sense and are needed.
browser/components/preferences/privacy.js
Bug 40925: Implemented the Security Level component
The property added a few versions ago
(shouldUpdateSiteUsageDataForSanitizeDialog) has been removed.
browser/components/preferences/preferences.xhtml
Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection
New JS before BridgeEmoji.js
(chrome://global/content/elements/moz-message-bar.mjs).
Also, a couple of new <richlistitem ...> before our #include for the
connection page menu entry.
At the time of writing, 125 has just entered the beta stage.
My idea is to try follow the beta channel until we arrive at 128, for several reasons.
First, we decided to release 13.5 in June, that is when 128 enters beta. The alternative would be to wait another month for 128 to reach mozilla/release (or even mozilla/esr128), or to rebase on mozilla/release and start working on top of 127, and then do another big leap.
Working on 128 beta sounds like the best plan to me.
Apart from that, I'd like to see how fast the beta channel goes.
I expect many conflicts when a version jumps from nightly to beta, but then I expect the conflicts to be much less.
If this is the case, we could probably do the merge manually, and then see if the continuous rebase can keep the rest.
Moreover, I don't expect many backings in beta, and in general a more stable codebase.
Beta has tags, which could help to keep a pace with the continuous rebase.
Starting earlier with this approach gives me some time to come up with a draft of continuous rebases.
125 so far had more conflicts than previous rebases.
I don't know if this is because of the change of channel, or just because Moz worked a lot on the same areas we change.
Rebase log (125b1)
125b1
Base commit was 390c37aebde8583ee7e34bb627747061e6cc6495.
Bug 40002: Remove about:ion
browser/components/about/AboutRedirector.cpp
Upstream added a new profilemanager about page.
Bug 28369: Stop shipping pingsender executable
New nmhproxy executable (Native Messaging Host Proxy).
Affected files:
browser/app/macbuild/Contents/MacOS-files.in
browser/installer/package-manifest.in
browser/installer/windows/nsis/shared.nsh
Why do we even modify it? We don't really use it!
python/mozbuild/mozbuild/artifacts.py
This also has a refactor in MacArtifactJob.
Bug 30605: Honor privacy.spoof_english in Android
mobile/android/geckoview/api.txt
The method after
method @NonNull public GeckoRuntimeSettings.Builder spoofEnglish(boolean);
has been marked as deprecated.
Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView
494af376 fixup! Bug 40925: Implemented the Security Level component
Skipped: it's the security level modularization.
e0cdf1dc fixup! Bug 2176: Rebrand Firefox to TorBrowser
browser/branding/branding-common.mozbuild
Single vs. double quotes/linting
Let's build it
I took some time to try to build this rebase (the -1 branch).
Apart from an additional parenthesis I added by mistake, the build errors were mostly upstream becoming stricter about ShouldResistFingerprinting.
The catch-all target RFPTarget::Unknown doesn't exist anymore.
It's kinda hard to find an exact match for some of our patches.
Also, I think that all the problematic parts have some room for improvements.
I'm going to keep these fixes separate until the proper review.
As for runtime problems, I encountered a problem with some jsm that still remained for Security Level.
At the moment of writing, we still have a few jsm:
browser/actors/AboutTBUpdateChild.jsm
browser/actors/AboutTBUpdateParent.jsm
browser/actors/CryptoSafetyChild.jsm
browser/actors/CryptoSafetyParent.jsm
toolkit/components/lox/lox_wasm.jsm
toolkit/modules/Bech32Decode.jsm
Apart from lox, which is going to require some changes also on the generator, the rest is the crypto safety patch (for which I probably didn't get runtime errors because it wasn't actually triggered) and for the update page, which also wasn't probably triggered.
I'm not sure on how to proceed with these ones, as they aren't necessary to get the browser going, but we'll likely need to fix them.
TODO: Finish ESMification with ESR128.
Then, I noticed that there are a few warning, about the need to move away form XPCOMUtils to ChromeUtils for lazy stuff.
It'll be also converted automatically by the linter.
Speaking of which, using Console.sys.mjs is now an error reported by the linter. Instead, we need to switch to console.createInstance (upstream meta).
TODO: Switch everything to console.createInstance.
However, I haven't tried to lint everything. It might make the review more difficult, so I'm a bit undecided also about it.
For 126, I decided to try a new strategy: instead of just trying to rebase on the latest commit, I decided to squash the patchset into a single commit and try to see if I could use it to find the conflicting commits.
I used git checkout in this way:
git checkout -b tmp-branch-1 mozilla/release # Or find something with a command like git merge-base tor-browser-125-13.5-3 mozilla/releasegit checkout tor-browser-125-13.5-3 --.git commit -m"Squashed patchset"git checkout -b tmp-branch-2 mozilla/mastergit cherry-pick tmp-branch-1
It worked: I could find at once all the conflicts.
With some smart git blame, I could find all the various commits.
I wrote a script to do it for me.
Then I did something that maybe was not so useful: I tried to rebase the squashed commit on top of each failing commit (I took the oldest commit after the last good one).
I found a nice list of conflicts, but maybe we just want to know what they are making fail, instead of having a comprehensive list.
Anyway, this was the list:
bf48a8b5938ecc64962809cb9bf20b2947213bef
95ccf713ef1259c6a6c1223a819472bf99daaab8
3e9e678d7eb6bd90d8fcf8942b995b89a74c0a97
363171a8e5421c470c6a8d2606c1c73611ed690e
c8e3989334bf98ee4fef9f0711677e36bce05c97
c816dcfce381aa67971a6cce411be6d410fe7181 (this was the only missed one from the cherry-picking on mozilla/master, and notice that it's the commit just after the previous one, which might be the reason)
This file again ️. I hate it.
This time it went through a really massive change.
cbb0f9261415feb8609a636b218fbdf636697146
toolkit/components/moz.build
Initially missed this commit! It's normandy again.
d1e65e8eb331012e2a5545a92131906b3a592895
services/settings/dumps/main/moz.build
Settings dumps have been reorganized, breaking our
"Bug 31740: Remove some unnecessary RemoteSettings instances".
This patch absolutely needs to be reorganized.
TODO: Reorganize this patch!
services/settings/static-dumps/main/moz.build
Conflicts in the query-stripping.json we add in
"Bug 41092: Add a RemoteSettings JSON dump for query-stripping".
I've just re-added the file to all targets.
TODO: Check if this file is used also from Android. (I would say so, since
it's referenced inside toolkit).
browser/installer/package-manifest.in
We modify it in "Firefox preference overrides." and in
"Bug 40562: Added Tor Browser preferences to 000-tor-browser.js".
The JSON dumps (that are exactly before the change we do there) have been
reduced to a single line, hence the conflict.
d5f44743a36a03a858092642417baa2be46990a2
browser/components/preferences/preferences.xhtml
Couple of <script> elements added upstream.
Build problems
a48079cd7255bf1a493480a68978faec9d1a3b6d removed the bool type from .idl, in favor of boolean
usual ShouldResistFingerprinting changes (in "Bug 42472: Spoof timezone in XSLT." in this case)
I tried to cross-compile on Windows for upliting purposes. Our Clang was accepted, cbindgen was too old. I installed a Rust toolchain with rustup (I think it's okay for local dev builds) and configure complained about missing windows=0.52. I downloaded it with cargo download (after running cargo install cargo-download).
accessible/windows/uia/uiaRawElmProvider.cpp:94:21: error: no member named 'UiaClientsAreListening' in the global namespace: it seems our mingw is too old . The function was added 5 months ago.
This time we weren't lucky with the beta channel, and got a couple of conflicts:
41dc0349588145ad0a49171208cb7b0515fd9a8e
toolkit/mozapps/update/updater/launchchild_osx.mm: trivial to solve: the function to elevate updates, which we put between ifndef changed signature. Took the file from upstream and re-added our #ifdef/#ifndef
toolkit/mozapps/update/updater/updater.cpp Not so trivial. Took our file, and re-applied the changes from upstream. Then verified our diff didn't change too much (the conflict is mostly a change between MARStrings and gMARStrings)
6b3bff6baa8dde4ba8e9533f3c3041e07d5bb905, browser/base/content/aboutDialog.xhtml: upstream changed their donation link. Dropped any upstream change.
Like for 126, also for 127 I tried to identify the conflicts first, and then
do partial rebases, to solve one conflicting commit at the time.
The way I find potential conflict is by trying to rebase a squashed patchset on
the destination:
git checkout $prevBranch--.git commit -m"Squashed patchset"git rebase mozilla/master~/Tor/lazy-script/find-conflicting.py FIREFOX_126_0_BUILD1
The script missed a couple of conflicting commits, but it's fine.
Also, when starting to rebase on individual commits, I found some conflicts that
were generated by Mozilla backporting some fixes (for the updater and the
donation link in the about dialog).
I re-accepted our changes, knowing the final rebase would fix them.
Almost all conflicts were easy to solve, but a couple of conflicts were due to
big refactors.
Reviewing them should be easier than solving them, hopefully ️.
I described some strategies I adopted.
127 beta actually hasn't already been tagged, but by now I don't expect
additional commits.
I'm planning of not taking 127 up until the release, but to start a branch for
128 already, in case we're ready to use it before 128 goes nightly.
Detailed report
First conflict: 066516c72f4a76557fa036b3c6ba91e105e14748
It's about WebRTC. The conflict is with this line
(dom/media/webrtc/transport/third_party/nICEr/src/stun/addrs.c, Part 5):
The list of files to lint (for prefs) has been moved to
tools/lint/lintpref.yml. Anyway, the list is directory-based now, so we don't
have to change it anymore.
Major refactor upstream:
Bug 1880909 - Move gBrowserInit to its own file.r=Gijs.
The new file is browser/base/content/browser-init.js.
For us, we have conflicts in:
Bug 18905: Hide unwanted items from help menu (trivial addition to an if)
Bug 40925: Implemented the Security Level component
Kept the XPCOMUtils.defineLazyScriptGetter in the old file
Added the calls in the new file
Bug 40926: Implemented the New Identity feature: same as security level
Bug 41600: Add a tor circuit display panel.: same again
Bug 27476: Implement about:torconnect captive portal within Tor Browser:
similar to the other cases, but more involved.
Bug 30237: Add v3 onion services client authentication prompt: easy like the
initial ones.
My script didn't initially find this commit (the script has some troubles with
removals).
Surprisingly, diff-of-diffs made it easy enough to review this change: you can
manually put the diff of browser-init.js in the middle of the diff of
browser.js.
At that point there won't be many diffs (except for a linting + an update of a
comment from SecuritySettingsButton to SecurityLevelButton).
Bug 1894979 - Convert UpdateService.sys.mjs to use classes.
What could go wrong in a 7000+ js file refactor? ️
Bug 4234: Use the Firefox Update Process for Base Browser.
I've removed // eslint-disable-next-line complexity, we'll see if it's still
needed (I'm not linting patches at the moment);
when we check if the update is supported (e.g., when we check the various
instruction sets). The problem is mostly indentation, and applying indentation
to the old content when doing diff-of-diffs helps;
a few lines below (you can search for this.promptWaitTime):
@@ -2363,9 +2406,7 @@ function Update(update) { if (!isNaN(attr.value)) { this.promptWaitTime = parseInt(attr.value); }- } else if (attr.name == "unsupported") {- this.unsupported = attr.value == "true";- } else {+ } else if (attr.name != "unsupported") {
another block (just because of indentation):
@@ -2390,7 +2431,7 @@ function Update(update) { } if (!this.previousAppVersion) {- this.previousAppVersion = Services.appinfo.version;+ this.previousAppVersion = getCompatVersion(); } if (!this.elevationFailure) {
Bug 41668: Tweaks to the Base Browser updater for Tor Browser
We add a function (_registerBootstrapObserver), but it cannot be merged
automatically because ES classes don't have commas after function declarations.
Bug 19121: reinstate the update.xml hash check
These two blocks now are in reversed order:
diff --git a/toolkit/mozapps/update/UpdateService.sys.mjs b/toolkit/mozapps/update/UpdateService.sys.mjsindex 56387d79fc50f..54de47e9a714c 100644--- a/toolkit/mozapps/update/UpdateService.sys.mjs+++ b/toolkit/mozapps/update/UpdateService.sys.mjs@@ -2156,6 +2156,8 @@ function UpdatePatch(patch) { } break; case "finalURL":+ case "hashFunction":+ case "hashValue": case "state": case "type": case "URL":@@ -2175,6 +2177,8 @@ UpdatePatch.prototype = { // over writing nsIUpdatePatch attributes. _attrNames: [ "errorCode",+ "hashFunction",+ "hashValue", "finalURL", "selected", "size",
I've already started working on 128, even though it's still in nightly (the sooner the better?).
The rationale is that we can deal with all the diffs we already have.
First rebase
Rebase 1
Base commit: 55b8c839700564409af5295286a1fd389410e19b.
Got a conflict because of an upstreamed commit (the one for not persisting data in PBM). I just removed ours, since we don't need it anymore.
New identity, toolkit/components/search/SearchEngine.sys.mjs: 66c7c878a94dccaeb8c00521b8dc36e608111900 modified getSubmission to pass only the data it actually needs (the charset). My decision was to drop that part of our patch, I will open a new issue for it. TODO: Reimplement the safest filter for using HTML with DDG when we're in safest.
Second rebase
Rebase 2
Base commit: 3759e3792f8426e1f75e40c1d6566569b22a7dc1
Bug 4234: Use the Firefox Update Process for Base Browser.
toolkit/mozapps/update/UpdateServiceStub.sys.mjs: Bug 1875502 or 1887980.
There was some refactor to make UpdateServiceStub a proper ES class.
Our change was quite simple, but indentation and context changes prevent it from
being automatically merged.
Bug 40925: Implemented the Security Level component
browser/base/content/main-popupset.inc.xhtml: Bug 1897503: browser-allTabsMenu.inc.xhtml was moved to browser/components/tabbrowser/ (8f67977eb39e7e78da325cdf82bc1976800c7f00).
Bug 41736: Customize toolbar for base-browser
browser/components/customizableui/CustomizableUI.sys.mjs: there's a new sidebar under development, or something like that (new pref sidebar.revamp to optionally show sidebar-button).
Bug 41600: Add a tor circuit display panel.
browser/base/content/main-popupset.inc.xhtml: same as security level
Bug 42110: Add TorUIUtils module for common tor component methods.
browser/modules/moz.build: upstream removed some files from this moz.build (Bug 1837575 - Move Tabbed Browser related files to browser/components/tabbrowser/, 2f419065dab7ede1db9a7a53e76125ab86c8bfe4).
Third rebase
Rebase 3
Base: fc76676f61ee37b4c5420649cad6677164a29405
Bug 41116: Normalize system fonts
Uplifted ️. So, dropped our commits.
Bug 41966: Allow removing locales from the locale alternatives list.
We got an uplift from Henry! 4d9b10e814e31cbcd67e0e9afd975fa1d7759698
Skipping our commit.
Bug 41434: Letterboxing, preemptively apply margins in a global CSS rule to mitigate race conditions on newly created windows and tabs.
Yet another refactor upstream! Bug 1898705
(9d9cd46085f07dd90c4c98ac305d5cc6fbac0522) moves a lot of stuff from browser.css
to browser-shared.css.
Bug 32308: Use direct browser sizing for letterboxing.
More conflicts related to the above refactor.
Also, this seems to cause a lot of false-positive in range-diff.
Bug 16940: After update, load local change notes.
Upstream addition where we add our about:tbupdate:
if (Services.prefs.getBoolPref("browser.profiles.enabled")){gInitialPages.push("about:profilemanager");}
Fourth rebase
Rebase 4
Base: d9496bfef09039b2642da45585ca821c36917c6d
Bug 42397: Change RFP-spoofed TZ to Atlantic/Reykjavik.
There's a new RequestPointerLock function where we add ours.
Fifth rebase
Base: 1d1ca77dd7ca10953c6f5f1b77b98e4eb528274e.
No conflicts to report.
Sixth rebase
Base: b476ffaef761ff85c012e2d93050cf444ff7be34
Bug 41600: Add a tor circuit display panel
browser/base/content/navigator-toolbox.inc.xhtml: upstream removed the id="urlbar-search-button" from the <box> adjacent to our addition (47de7bd820eb82bb45d1757fd0f4332c9f50d103).
Seventh rebase
Rebase 7
Base: 4210c9289463ec1157f4426dc87f879fc7995f9c
Bug 28369: Stop shipping pingsender executable
platform.ini has been removed from python/mozbuild/mozbuild/artifacts.py
(a70f59c7d9da728a355a38dd4dbbd33d5730d442).
Bug 42376: Pass the locale list when constructing l10n in datetimebox
Uplifted ️ (hopefully for good).
Bug 32308: Use direct browser sizing for letterboxing.
360396dcbe23ab84727d42a743c9dbe18899f520 added a comment in a part of code we
delete.
Bug 27476: Implement about:torconnect captive portal within Tor Browser
Some new pages can close themselves (524e4f032a4116b418bd43cbd013dd433f9686c7).
In particular, HadOriginalOpener() was replaced with
GetTopLevelCreatedByWebContent() in dom/base/nsGlobalWindowOuter.cpp.
Eight rebase
Rebase 8
Base: 46d0387f0b582f00a5722c20d4e6b8693793631b
Bug 40002: Remove about:ion
browser/components/moz.build: 8e7d70c85683b90415ef3633fdc0c59c93736697 adds
genai just before ion.
Bug 41635: Disable the Normandy component
toolkit/components/moz.build: 274db790c04c636dd2656d4e0b2b6b87b5ae6230 moves
FeatureGate (yet another experimentation API) to the same block as normandy.
Bug 42037: Disable about:firefoxview page
browser/components/moz.build: same as above.
Bug 41434: Letterboxing, preemptively apply margins in a global CSS rule to mitigate race conditions on newly created windows and tabs.
browser/themes/shared/browser-shared.css:
76d0705d47c9bac05ad713113e50301919b428f1 moves more stuff from browser.css to
browser-shared.css. I moved the betterboxing stuff a little bit higher, since
there are some new comments for defining sections.
Bug 32308: Use direct browser sizing for letterboxing.
browser/themes/shared/browser-shared.css: conflicts for the change I just
made.
Bug 23247: Communicating security expectations for .onion
I haven't rebased Mullvad Browser when rebasing Tor Browser...
And as a result I have a lot of conflicts on the first rebase. I had already found some of them in earlier Firefox versions when rebasing Tor Browser.
Mullvad Browser rebase 1
Mullvad Browser rebase 1
This is the first rebase of Mullvad Browser.
The base from Moz was 3759e3792f8426e1f75e40c1d6566569b22a7dc1, but I started from the second rebase of Tor Browser and cherry-picked base-browser-115.11.0esr-13.5-1-build1..mullvad-browser-115.11.0esr-13.5-1-build1.
MB 38: Mullvad Browser configuration
browser/installer/package-manifest.in: see earlier notes about
d1e65e8eb331012e2a5545a92131906b3a592895 for Tor Browser.
taskcluster/kinds/source-test/mozlint.yml: see conflicts for
ce6e44b823ff75640a04cab9f9aaf88521ffd156.
MB 1: Mullvad Browser branding
browser/app/Makefile.in: I think it's the same problems as above, caused by
26ab0df7351aa21038299b1a56ad369fea5d0154.
browser/branding/branding-common.mozbuild: changes of single quotes with
double quotes (from Firefox 125).
MB 20: Allow packaged-addons in PBM.
toolkit/mozapps/extensions/internal/XPIProvider.sys.mjs:
ExtensionPermissions is an ES module, not a JSM anymore.
MB 63: Customize some about pages for Mullvad Browser
docshell/base/nsAboutRedirector.cpp: new about:webauthn page (Bug 1854618,
4240388b197aa1e8839e7c91c51a5b897925fc04).
MB 37: Customization for the about dialog
browser/base/content/aboutDialog.xhtml: I think it was because of the donation
URL changes (see Tor Browser).
MB 39: Add home page about:mullvad-browser
browser/base/content/browser-places.js: newTabURLs now includes
"chrome://browser/content/blanktab.html".
browser/components/about/AboutRedirector.cpp: new profilemanager page.
TODO: Should we move our page to HTML? (Also about:tor in case).
TODO: Should we delete the asrouter admin page? (about:asrouter, disabled by
default).
MB 21: Disable the password manager
browser/base/content/appmenu-viewcache.inc.xhtml: the passwords button doesn't
have a command attribute anymore (it's handled in
browser/components/customizableui/content/panelUI.js, see Bug 1890718,
33a958aba0a1df2300a553f3e3ed40b572657beb).
Still, I decided to add hidden="true".
browser/components/BrowserGlue.sys.mjs: there's a new Megalist actor, maybe
some changes in the blob of code we entirely remove.
browser/components/moz.build: new about:aboutwelcome and about:asrouter
entries.
browser/components/preferences/privacy.inc.xhtml: the <label> after the
<groupbox> we hide has changed a little bit, but we hide it, so I kept
upstream's changes (still, this was enough to trigger the conflict).
toolkit/components/passwordmgr/LoginHelper.sys.mjs: we completely remove the
body of the openPasswordManager function. Its content has changed between 115
and 128, but we don't care, because we just delete it.
MB 112: Updater customization for Mullvad Browser
toolkit/mozapps/extensions/AddonManager.sys.mjs: new pref constant
(PREF_USE_REMOTE).
MB 213: Customize the search engines list
toolkit/components/search/SearchService.sys.mjs: there's a new way to
initialize #engineSelector. Also, to be on the safe side, I decided to remove
its initialization also from reset(), even though it's a test-only function
(according to its documentation).
Maybe some conflicts also in the blocks of code we remove, but we remove them,
so we likely don't care of them.
Also, I removed some new code for using localized versions of the search engine.
We don't localize anything, so I preferred removing that code, but maybe we
don't have to, and we can keep it. Maybe we should gate this on spoof English,
instead.
TODO: We must find a cleaner way to clean this telemetry/remote settings.
IIRC, in Tor Browser we don't have this change (but if we find a better way to
do it, we won't need to add it, either).
TODO: Audit the new code for the engine localization.
MB 80: Enable Mullvad Browser as a default browser
browser/components/shell/ShellService.sys.mjs: Mozilla actually removed the
isDefaultBrowserOptOut method ️.
Plus, exeArgs has been renamed to extraFileExtensions.
browser/components/shell/nsWindowsShellService.cpp: there's a new piece for
checking AUMIDs that take MSIX into account (GetMsixProgId).
So, there was some
browser/installer/package-manifest.in: upstream removed the localization files
because they reworked this a lot (bug 1826375).
toolkit/mozapps/defaultagent/SetDefaultBrowser.cpp: okay, the big upstream
refactor continues. I just changed the various AUMID prefixes I could find in
that file, and I didn't reimplement the simplified wmain function, as I think
Mozilla themselves simplified it in the new
toolkit/mozapps/defaultagent/proxy/main.cpp.
toolkit/mozapps/defaultagent/moz.build: dropped our changes, as we need to
build first, and see what breaks. If we can just simplify the patch it's a good
thing ️.
It's an HTML file you should download and open locally (I promise no tricks ) because it has the colors you'd get from the range-diff locally.
I would like to do something similar also for Base Browser and Tor Browser.
The nice thing about HTML is that it allows to add the collapsible sections.
The not-so-nice thing is that adding inline comments/tooltips is harder.
An alternative is to use PDFs with annotations instead, and maybe have page breaks for each commit.
Another advantage of HTML is that it's easy to extract text from it and copy/paste it to following versions of the commentary, whereas with PDFs is harder.
Please let me know if you have preferences.
Finally, the commit hashes are inevitably going to change.
Hopefully, this won't be a big deal.
Ran autosquash on -1, and cherry-picked tor-browser-115.11.0esr-13.5-1-build1..upstream/tor-browser-115.11.0esr-13.5-1 to make the 128 review easier.
I have three branches for 128, but they don't have a "fixed" base (I'm still rebasing them as Mozilla keeps developing 128).
When we fix a base, I will create branches for the MR.
At the moment, my branches are {base,tor,mullvad}-browser-esr128-14.0, and my intention is to keep rebasing them on gecko-dev/esr128 after this branch becomes available.
For now I'm following gecko-dev/master and I'll switch it to gecko-dev/beta when 128 hits beta.
147: 2d6a532bcae0d ! 147: ed47c55c4e993 Bug 7494: Create local home page for TBB.
Nit: for browser/base/content/browser-places.js, the two "uri?." could be replaced with just "uri." since mozilla already checks that the uri is not falsey.
Going with HTML (so, a plain-text-based format) also gives the opportunity to review the commentaries themselves.
My lazy-script repo contains the script I use to split the various commits.
Therefore, I think you folks could re-run the range-diff (I'm trying to always write the ranges I used at the top of the HTML file) and then compare the HTML you get with the one to which I added comments.
The diff should be only the comments themselves (but I might have lost some newlines when I split some commits in several <pre> elements).
Rework all the new search telemetry (and possibly the entire "Remove some unnecessary RemoteSettings instances" commit; maybe it's time we use the approach suggested by cypherpunks1 in #40569)
toolkit/content/widgets/message-bar.css: we customize our gradient. Upstream moved this customization to @media not (prefers-contrast) (I guess for a11y). We should check everything is still okay for us (but I guess UX will agree with the choice)
Check if we have a regression with form on http .onion (#42608 (closed))
Check !765 (closed) is in a good shape in 128 (browser.urlbar.onionRewrites.enabled in sOverrideRestrictionsList in modules/libpref/Preferences.cpp)
Check that the SSO selectors are still valid (upstream removed the CSS rule for hiding them in Windows 7 and 8, so I had to restore the whole rules)
Check how the changes in OpenBrowserWindow affect New Identity (already fixed, not sure there are more)
Verify the pref clipboard.imageAsFile.enabled (introduced in 120) is still a thing in 128 and set it in our profiles, or restore the previous patch for "Bug 33955: When copying an image only copy the image contents to the clipboard" (#42611 (closed))
Do we still care of the LaterRun (#41568 (closed)) patch, after the threat model changes? Do we have an issue for reviewing disk leaks protections not related to content?
Check if any upstream changes to the updater broke the post update in Mullvad Browser (I don't believe so, and maybe just running an update in nightly could be enough)
Check if upstream would be interested in a patch to define BLOCK_LOADLIBRARY_INJECTION with a configure-time flag (see Bug 1869397)
Check the breakage introduced by the removal of javascript.use_us_english_locale (thorin already opened an issue for this)
Audit _initThirdPartyCertsToggle in browser/components/preferences/privacy.js (da6045d85c1829f6ce0dc642f6a7d7a6d5a2db0b, Bug 1848815)
Audit the new clearkey system (probably we'll end up disabling anyway) (thorin might already have an issue for it)
_hasCustomRoot (browser/base/content/browser-siteIdentity.js) has been refactored. We should make sure to test it with some onion services+HTTPS (maybe we should loop rhatto in if he's still doing onion service testing) - opened #42613 (closed)
about:neterror is now an HTML file (not XHTML). The commits is a94d5c59e66c4bff52945dba4c87f4f5f73ac867. We should make sure our changes still work (if still any, I haven't followed 13.5 developments there). From a first glance, ids weren't changed, but some <p> has been trasnformed to <div>.
Two of the about: pages we remove have new components associated ("aboutwelcome", "asrouter"). Shall we remove them?
Verify if query-stripping works also on Android. If it doesn't, its associated configuration can be moved to be desktop-only (see the change to Bug 41092 in 126).
Restore the patch to detect DDG searches when using safest and send them through the simplified HTML page (#42617 (closed))
toolkit/content/widgets/message-bar.css: we customize our gradient. Upstream moved this customization to @media not (prefers-contrast) (I guess for a11y). We should check everything is still okay for us (but I guess UX will agree with the choice)
I think it is correct to not add a gradient when using a contrast theme. This is what it looks like in high contrast: