18:02:09 #startmeeting tbb-dev 18:02:09 Meeting started Mon Oct 26 18:02:09 2015 UTC. The chair is mikeperry. Information about MeetBot at http://wiki.debian.org/MeetBot. 18:02:09 Useful Commands: #action #agreed #help #info #idea #link #topic. 18:02:23 ok, let's get started! 18:02:32 Last week, I spent most of the week discussing the ED search, attending a conference and travelling. 18:02:38 This week, I am working on setting up a build+signing machine. I may help with code reviews for Tuesday's release. Please tag stuff that you think I should look at with MikePerry201510R. Otherwise I may pick randomly from https://trac.torproject.org/projects/tor/query?status=!closed&keywords=~TorBrowserTeam201510R 18:03:00 Next week, we will have 5.0.5/5.5a5 (on Tuesday). We should code freeze that by Thursday at the latest. I will also be travelling on Friday, so I may again have limited availability/bandwidth. 18:04:04 Apple verified our org account, but we still have a couple steps before we get a cert. not clear if that will happen in time for the release. In any case, at best, we're likely to only make test builds with mac sigs. it seems unlikely that we'll be able to release those on Tuesday :/ 18:04:32 but we should have everything in place to do mac signing more smoothly, and also to sign arbitrary test builds more easily 18:04:44 that's it for me 18:06:44 here is what i did 18:06:53 I worked on #17406 and #10599 + #17305 18:06:54 I looked a bit at #16620 18:07:17 i got a bunch of my mail backlog done 18:07:51 and took care that the nightly builds are running smoothly again (thanks to ln5) 18:08:27 this week, i'll try to get the hardened builds into a relasable shape 18:08:39 i think this adds to the pile of things to releases next week 18:09:09 and i'll try helping to get the remaining bits for the year one deadline done 18:09:14 in case there are any 18:09:21 that's it for me 18:13:11 * mcs will go next 18:13:21 This past week, Kathy and I created a revised patch for #12967 (merged by GeKo -- thanks!) 18:13:27 We also participated in various discussions related to multilingual Tor Browser packages (e.g., see #17305, #17400). 18:13:34 But mainly we worked on tests and a new patch for #16620. 18:13:41 This week we plan to finish the patch for #16620 and some mochitests as well. 18:13:46 Time permitting, we will review the patch for #9659 and then look at #16940 and #17313. 18:13:51 That's all for us. 18:16:02 * boklm can go next 18:16:06 This past week I made some improvements on Tor Messenger build process and started investigated some OSX and Windows reproducibilty issues (#10942), and helped on #17305 18:16:10 This week I'm planning to fix the nightly testsuite runs, help on #17305, do some marionette tests, post an update on Mozilla Try results on the split branches repo 18:16:26 That's all for me. 18:17:15 boklm: how good are we for the year one deadline wrt to the testing stuff? 18:17:26 s/to// 18:17:33 what is still missing? 18:18:50 I think we are good. 18:20:04 I will check what are the results on the latest nightlies and fix any test if need 18:20:10 ok, cool 18:20:44 * arthuredelstein can go 18:20:55 This week I filed a couple of bugs on possible new fingerprinting attacks: #17412 and #17423. 18:21:02 I did some experiments while reviewing #16620 18:21:05 I wrote a patch for #17250 18:21:14 And I opened several tickets on bugzilla.mozilla.org and updated our list of patches on huseby's spreadsheet. 18:21:19 I believe all of our tor-browser.git patches are now accounted for on the list. 18:21:26 I then rebased several of our patches to mozilla-central and submitted them for review. 18:21:37 Already I've gotten helpful feedback on the majority of those, so this week I'll focus on editing those patches and resubmitting them for review, as well as submitting any other patches that are tractable. 18:21:42 And I'll look further at any changes we can make for #17250. 18:22:06 That's it for me 18:22:48 (thanks arthuredelstein) 18:22:54 * huseby can go 18:23:21 so I spent last week fixing up callsites to createCodebasePrincipal to support the contextual identities 18:23:44 https://bugzilla.mozilla.org/show_bug.cgi?id=1197283 18:24:00 I'm uploading my patches here this morning: https://bugzilla.mozilla.org/show_bug.cgi?id=1218479 18:24:24 so I said last week that I'd determine if the origin attributes and contextual identities is good enough for the isolation 18:24:27 I'm 99% sure it is 18:24:34 but 18:25:05 in the interest of expediency, I'm going to continue with the old plan of rewriting the ThirdPartyUtil to use origin attributes. 18:25:26 this is largely because the ThirdPartyUtils is a nice abstraction that everything else is already using 18:25:37 plus it allows us to expose the URL bar source of truth to add-ons cleanly 18:25:42 liek the Tor Button 18:26:03 so I'm submitting all of my contextual identities patches today 18:26:04 yeah, sounds good 18:26:17 and then will get back to the origin attributes and Third Party Util rewrite 18:26:46 I also got "Make a plan for a VPN/Proxy management framework in Firefox" into my quarterly goals 18:27:10 I've had several internal meetings on this subject and there seems to be general support for the idea 18:27:30 so my next step is to put together a document with the requirements and possible solutions 18:27:50 then arrange for a meeting with y'all and mullvad peeps to discuss the possibility of moving forward together 18:28:37 ideally, the solution would make the tor launcher unnecessary and mullvad would be able to easily drop in their openvpn client and firefox will become the browser of choice for vpn providers :) 18:28:50 so expect more discussions along these lines in the near future 18:28:59 and then there is the ESR fork in December 18:29:02 :) 18:29:07 that's it for me. 18:33:09 huseby: so you are still talking with the mullvad folks? they emailed me, but I have not heard back from them since then 18:39:49 mikeperry: I haven't spoken to them since Berlin 18:39:59 kk, same 18:40:00 I was planning on putting together the doc and then reach out 18:40:13 maybe I should email them just to let them know we haven't forgotten about them 18:40:24 they emailed me once and have't heard from them since. maybe I am hitting their spam filter? who knows 18:40:27 i think the doc 18:40:40 is fine and then reaching out 18:41:41 s/the/having a/ 18:46:25 ok. are we done then? and early? 18:48:32 (yes othermike, yes we are). 18:48:37 :) 18:48:40 #endmeeting *baf*