BB/TB 44253: 144.0a1 rebase

Pier Angelo Vendramerequested to merge
pierov/tor-browser:44253-144.0a1-rebase-1 into tor-browser-144.0a1-16.0-1

Merge Info

Issues

Resolves

Related

  • tor-browser#xxxxx
  • mullvad-browser#xxxxx
  • tor-browser-build#xxxxx

Merging

Target Branches

  • tor-browser - !fixups to tor-browser-specific commits, new features, security backports
  • base-browser and mullvad-browser - !fixups to base-browser-specific commits, new features to be shared with mullvad-browser, and security backports
    • ⚠️ IMPORTANT: Please list the base-browser-specific commits which need to be cherry-picked to the base-browser and mullvad-browser branches here

Target Channels

  • RR Alpha: 144.0a1-16.0
  • Alpha: esr140-15.0
  • Stable: esr128-14.5
  • Legacy: esr115-13.5

Backporting

Timeline

  • No Backport (preferred): patchset for the next major stable
  • Immediate: patchset needed as soon as possible (fixes CVEs, 0-days, etc)
  • Next Minor Stable Release: patchset that needs to be verified in nightly before backport
  • Eventually: patchset that needs to be verified in alpha before backport

(Optional) Justification

  • Security update: patchset contains a security fix (be sure to select the correct item in Timeline)
  • Censorship event: patchset enables censorship circumvention
  • Critical bug-fix: patchset fixes a bug in core-functionality
  • Consistency: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
  • Sponsor required: patchset required for sponsor
  • Localization: typos and other localization changes that should be also in the release branch
  • Other: please explain

Upstream

  • Patchset is a candidate for uplift to Firefox
  • Patchset is a backport from Firefox
    • Bugzilla link:
    • Upstream commit:

Issue Tracking

Review

Request Reviewer

  • Request review from an applications developer depending on modified system:
    • NOTE: if the MR modifies multiple areas, please /request_review all the relevant reviewers
    • accessibility : henry
    • android : clairehurst, dan
    • build system : boklm
    • ci/cd: brizental, henry
    • extensions : ma1
    • firefox internals (XUL/JS/XPCOM) : jwilde, ma1
    • fonts : pierov
    • frontend (implementation) : henry
    • frontend (review) : donuts, morgan
    • localization : henry, pierov
    • macOS : clairehurst, dan
    • nightly builds : boklm
    • rebases/release-prep : brizental, clairehurst, dan, ma1, pierov, morgan
    • security : jwilde, ma1
    • signing : boklm, morgan
    • updater : pierov
    • windows : jwilde, morgan
    • misc/other : pierov, morgan

Change Description

144.0a1 rebase.

Android is broken right now.

I drafted some changes, but I don't know if what I'm doing makes sense, so at a certain point I just added a commit with the changes I had so far and opted for asking for help to actual Android folks 😅.

Desktop should be good, I also fixed a few runtime errors.

Conflicts from 143
  • c97ea65d... BB 41459: WebRTC fails to build under mingw (Part 2)
    • third_party/libwebrtc/modules/audio_coding/codecs/isac/main/source/os_specific_inline.h: the includes have been deleted upstream, no reason to open a review issue
    • third_party/libwebrtc/modules/desktop_capture/desktop_capture_types.h: simplified our patch, as pid_t changes have been removed in 33e11f8e
  • db9c9201... BB 42758: Fix WebRTC build errors.
    • third_party/libwebrtc/modules/desktop_capture/win/wgc_capture_session.cc: new headers added where we moidfy ours. No reasons to open a review issue.
  • 00975647... Tweaks to the build system
    • python/sites/mach.txt: updated glean-sdk, commenting again
  • 52c42412... BB 21431: Clean-up system extensions shipped in Firefox
    • browser/extensions/moz.build: new extension: data-leak-blocker. It might be good... or not. It seems to be mostly telemetry? For now I've removed it, but we'll need to audit it. The Bug is confidential. Filed #44254.
  • 11c13def... BB 44045: Disable ML features
    • browser/components/urlbar/UrlbarProvidersManager.sys.mjs: localProviderModules has been refactored
    • browser/components/urlbar/moz.build: new file RealtimeSuggestProvider.sys.mjs after the one we remove
  • c68e5633... BB 41327: Disable UrlbarProviderInterventions
    • browser/components/urlbar/UrlbarProvidersManager.sys.mjs: localProviderModules again
  • 592cd753... Firefox preference overrides.
    • eslint-ignores.config.mjs: we append, no need to worry
  • 2d289208... BB 43140: Tighten up fonts on Linux.
    • gfx/thebes/gfxFcPlatformFontList.cpp: now we get a aFontVisibilityProvider rather than aPresContext, introduced in 32ffe8df. Opened #44256 for review.
  • 3f55f2b6... BB 43322: Customize the font visibility lists.
    • gfx/thebes/StandardFonts-win10.inc: there was a new include guard. I've added ours back.
    • gfx/thebes/gfxDWriteFontList.cpp: related to above (it adds the include guard). Also nsRFPService::FontIsAllowedByLocale.
    • gfx/thebes/gfxFcPlatformFontList.cpp, gfx/thebes/gfxMacPlatformFontList.mm: also the include guard
    • opened #44257 to handle all of them
  • ae9a5e75... BB 30605: Honor privacy.spoof_english in Android
    • mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java: new setting as usual (isolatedProcessEnabled)
  • c37a4244... BB 42562: Normalized the Accepted Languages on Android.
    • mobile/android/fenix/app/src/main/java/org/mozilla/fenix/gecko/GeckoProvider.kt: new .isolatedProcessEnabled before our .supportedLocales. Conflicts due to content that gets appended, no need to worry.
  • b7de4593... BB 40171: Make WebRequest and GeckoWebExecutor First-Party aware
    • mobile/android/geckoview/src/main/java/org/mozilla/geckoview/WebRequest.java: upstream added a comment close to where we add our code. No need to worry.
  • a737babe... BB 41916: Letterboxing preferences UI
    • browser/components/preferences/preferences.xhtml: new CSS before ours, no need to worry
  • a7e07f9f... fixup! BB 40925: Implemented the Security Level component
    • browser/modules/moz.build: new file in MOZ_SRC_FILES, nothing to worry about
  • 738fc75c... fixup! BB 40925: Implemented the Security Level component
    • browser/modules/moz.build: related to the one above
  • f52775c6... BB 40926: Implemented the New Identity feature
    • browser/themes/shared/jar.inc.mn: new entry in a file where we append, no audit needed
  • 9fe02b95... TB 2176: Rebrand Firefox to TorBrowser
    • browser/themes/shared/controlcenter/panel.css: #identity-popup was changed everywhere with .site-information-popup. But I believe this doesn't affect our patch, so I'm not opening an audit issue.
  • b04f1719... TB 42247: Android helpers for the TorProvider
    • mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoSession.java: new upstream method: flushSessionState. However, this doesn't really conflict with our patch, not opening an audit.
  • f2a6f958... TB 23247: Communicating security expectations for .onion
    • netwerk/protocol/http/HttpBaseChannel.cpp: the call to AddStandardRequestHeaders doesn't use aContentPolicyType anymore, instead it uses contentPolicyType (changed in 5279fec4). Do our changes to that file even make sense? Maybe they might be simplified. Opened #44258
  • addd2dd6... TB 21952: Implement Onion-Location
    • browser/components/DesktopActorRegistry.sys.mjs: new PageAssist actor after ours. No need to worry.
  • 00d7cba1... [android] Rename as Tor Browser
    • mobile/android/fenix/app/build.gradle: mix of stuff: x86 removal, universal APK and other small conflcits. I created an issue for universal APK (tor-browser-build#41592), and we already had one for x86
    • mobile/android/fenix/app/src/debug/res/mipmap-anydpi/ic_launcher.xml: effect of raising SDK level to 26, added a comment to #44132
    • mobile/android/fenix/app/src/main/java/org/mozilla/gecko/search/SearchWidgetProvider.kt: ditto, some conditional code on the Android version was removed
    • various branding stuff, it needs to be dealt with
  • 4021e9e5... TB 40016 [android]: Don't install WebCompat webext.
    • mobile/android/fenix/app/build.gradle: stuff has been sorted, I don't think we need to audit that too carefully though
    • mobile/android/fenix/app/src/main/java/org/mozilla/fenix/components/toolbar/DefaultToolbarMenu.kt: reportBrokenSite, which we comment slightly changed. I went ahead and removed it, rather than commenting. The change was R -> iconsR
  • 83defadd... [android] Modify UI/UX
    • mobile/android/fenix/app/src/main/java/org/mozilla/fenix/components/toolbar/DefaultToolbarMenu.kt: same as above
    • mobile/android/fenix/app/src/main/java/org/mozilla/fenix/home/HomeMenu.kt: similar
    • mobile/android/fenix/app/src/main/java/org/mozilla/gecko/search/SearchWidgetProvider.kt: similar problems as before on the branding commit. Maybe we should group these changes?
  • edbe03b1... [android] Implement Android-native Connection Assist UI
    • mobile/android/fenix/app/src/main/java/org/mozilla/fenix/compose/snackbar/Snackbar.kt: upstream removed code we used to customize when switching to M3. Added a note to #44079.
  • 40ec6966... Bug 41197 - [android] Disable autofill
    • mobile/android/android-components/components/feature/autofill/src/main/java/mozilla/components/feature/autofill/AutofillUseCases.kt: upstream managed to remove the isAutofillAvailable variable we used to disable autofill (see 78e34f45). Therefore, we'll have to find another way to disable it. Added to #44132.
  • b948d157... TB 44098: [android] Disable sync
    • mobile/android/fenix/app/src/main/java/org/mozilla/fenix/bookmarks/BookmarksScreen.kt: the code we remove has changed upstream. Kept deleting the code.
Conflicts from 140.3
  • fb27b78c... fixup! [android] Disable features and functionality
    • mobile/android/fenix/app/src/main/java/org/mozilla/fenix/settings/SecretSettingsFragment.kt: some changes, but I believe they are in code we just delete
  • 9538f500... TB 44027 [android]: Update PBM lockscreen
    • mobile/android/fenix/app/src/main/java/org/mozilla/fenix/biometricauthentication/UnlockPrivateTabsScreen.kt: I can't find where these changes have gone
    • mobile/android/fenix/app/src/main/java/org/mozilla/fenix/lifecycle/PrivateBrowsingLockFeature.kt: moved the changes to mobile/android/fenix/app/src/main/java/org/mozilla/fenix/pbmlock/PrivateBrowsingLockFeature.kt
    • mobile/android/fenix/app/src/main/java/org/mozilla/fenix/biometricauthentication/UnlockPrivateTabsFragment.kt: renamed to mobile/android/fenix/app/src/main/java/org/mozilla/fenix/pbmlock/UnlockPrivateTabsFragment.kt
    • mobile/android/fenix/app/src/main/java/org/mozilla/fenix/tabstray/TabsTrayFragment.kt: I think the feature isn't gated on Nimbus anymore
    • mobile/android/fenix/app/src/main/java/org/mozilla/fenix/utils/Settings.kt: I think privateBrowsingLockedEnabled was renamed to privateBrowsingLockedFeatureEnabled. Also, there's a new privateBrowsingModeLocked preference. I created #44265 (closed) for a deeper look.
  • 2bd61ad7... fixup! TB 34403 [android]: Disable Normal mode by default.
    • mobile/android/fenix/app/src/main/java/org/mozilla/fenix/bookmarks/BookmarksScreen.kt: was mobile/android/fenix/app/src/main/java/org/mozilla/fenix/library/bookmarks/ui/BookmarksScreen.kt. Git detects it, but there were some refactors anyway. I'll see if this was a problem during the build.
  • 3b491f90... fixup! [android] Modify UI/UX
    • mobile/android/fenix/app/src/main/java/org/mozilla/fenix/home/HomeFragment.kt: if (requireContext().settings().enableComposeHomepage) has gone in de4a4c2d. That bug is giant, and I wonder if/how it affects us. Opened #44266 (closed) for audit.
    • mobile/android/fenix/app/src/main/res/layout/fragment_home.xml: giant refactor, it's worth an audit. E.e.g, we now have an empty CollapsingToolbarLayout.
  • b562482b... fixup! TB 44027 [android]: Update PBM lockscreen
    • mobile/android/fenix/app/src/main/java/org/mozilla/fenix/pbmlock/UnlockPrivateTabsScreen.kt: I can't find where to apply the changes on fontSize and lineHeight
Build and runtime errors
  • We need to disable llama for fixing a build error (#44264)
  • 388d4940 removed quitApplicationGranted from toolkit/components/asyncshutdown/AsyncShutdown.sys.mjs. According to Bug 1959340, the correct one to use is appShutdownConfirmed (we already have #44076).
  • [android] Modify add-on support: mobile/android/geckoview/src/main/java/org/mozilla/geckoview/WebExtensionController.java:1258: error: cannot find symbol currentExtension. We used to have currentExtension and updatedExtension, but it was removed in 222fddbe. Opened #44268.
  • Replaced a few --in-content-page-background with --background-color-canvas (for 50dce057, Bug 1980414)

How Tested

Range-diffs:

  • until Various Android workarounds (included), it's a range-diff with git range-diff FIREFOX_NIGHTLY_143_END..tor-browser-143.0a1-16.0-2-build1 FIREFOX_NIGHTLY_144_END..(hash)
  • after Various Android workarounds, it's git range-diff tor-browser-140.3.0esr-15.0-1-build1..tor-browser-140.3.0esr-15.0-1 (hash)..HEAD

Built for desktop, and did some basic stuff:

  • the browser starts correctly
  • we can bootstrap
  • if we go to check.tpo, we're connected to Tor
  • opening the settings doesn't add errors to the console
  • checked for new console errors during all these steps

For Android, GeckoView builds successfully, but there are lots of errors due to our new API level target.

Notice that Android requires the 144.0 version of application services, for which I have a MR, but I haven't merged it, as I wanted to be sure it worked first.

Edited by Pier Angelo Vendrame

Merge request reports