15:02:09 #startmeeting Tor Browser Weekly Meeting 2024-06-17 15:02:09 Meeting started Mon Jun 17 15:02:09 2024 UTC. The chair is richard. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:02:09 Useful Commands: #action #agreed #help #info #idea #link #topic. 15:02:23 o/ 15:02:26 o/ 15:02:37 o/ 15:02:42 o/ 15:02:45 just a heads up, i'm intermittently afk today 15:02:53 our meeting pad -> https://pad.riseup.net/p/tor-tbb-keep 15:02:54 o/ 15:04:32 only update from me is that I'll be doing a final pass on the changelog after this meeting, and once we're happy i'm planning to tag and kick a build for 13.5 \o/ 15:04:42 o/ 15:05:10 are there any 13.5-related updates or issues I should be aware that need attention? 15:05:11 blockers/ 15:05:11 ? 15:05:42 I went through QA for Linux + Windows x86_64 and i686 15:05:50 It will be an alpha build? 15:05:58 But I haven't covered macOS 15:06:11 I was planning to do MacOS x86 today 15:07:00 (and we've got busted PTs on Linux?) 15:07:29 However, I haven't tested too throughfully security level (I checked whether JS worked and click to play for example, but not all the features we change) 15:07:37 ma1: they might be nightly-only 15:07:48 I should probably spin a VM and test also there 15:08:29 richard: I've started a blog branch for the release post 15:08:33 ruihildt[m]: release build 15:08:33 will loop you into the MR 15:08:40 ooh great 15:08:52 what's the issues with PTs? 15:09:58 This morning I tested a nightly to do QA there, to avoid rebuilding the fake release to include HEAD of tor-browser.git 15:10:09 (my fake-release is at current HEAD^) 15:10:15 nice 15:10:16 And PTs didn't work 15:10:43 I know that we build some PTs from their branch instead of a tag/commit 15:10:51 but just on Linux? 15:11:01 Yes, I moved to the fake-release for the rest 15:11:15 So I didn't test nightlies on other platforms 15:11:31 richard: thx, so when can I expect a signed build to test? 15:11:39 The logs included some messages about PTs diying with status code 13 15:11:57 we build lyrebird from the `main` branch in nightly 15:12:02 ruihildt: no sooner than tomorrow afternoon your time 15:12:12 ack 15:12:28 boklm: Snowflake was also busted 15:12:54 snowflake should be the same in alpha and nightly 15:16:09 if i want to do anrdoid QA especially testing the updater, should i wait till the 13.5 stable build and test 13.0.16 bride settings to 13.5 rc ? 15:17:42 do we have an updater in android? 15:18:00 just manual build-to-build 15:18:02 i'd just start with a 12.0.16 apk and the install the new one on top 15:18:09 ok 15:18:19 boklm: no, we don't, we can just reinstall 15:18:22 but yeah iirc clairehurst did a similar test with alpha to alpha 15:18:36 I also did with 13.0.16 to my fake release 15:18:59 yes i saw so feeling good, but wanted to make sure the user provided bridges got well tested 15:19:09 but it's looking solid 15:20:12 richard: yep! 15:20:33 Basically a smoke test 15:24:10 so, the content signing certificate (addons, gmp) rotated for 115 and 128. Not sure how affected tor browser is. 15:24:24 richard what is the status on tor-browser!1039 ? Do we need the offline state fixed for the stable release? 15:25:25 * richard reading 15:26:41 (just to make you aware of it, one small warning is that Android 115 wasn't tested by QA in Firefox. The version Tor Browser Android is based on. I've put the infos into the discussion section of the meeting-notes doc) 15:26:59 () 15:27:26 sorry meant: (I have a point to raise, is the etiquette to wait for the current discussion to complete?) 15:27:47 ruihildt[m]: we have a list of discussions in the pad 15:28:10 henry-x: ok i don't think this is a blocker for 13.5 15:28:34 but seems like we should revisit for 14.0 15:28:47 ok 15:29:10 henry-x: ok i don't think this is a blocker for 13.5 15:29:12 but seems like we should revisit for 14.0 15:29:36 manuel: do you mean Firefox ESR 115 for Android isn't tested by QA? 15:29:40 PieroV: Ok added to the pad. 15:30:35 Yes, the cert replacement wasn't tested by QA, probably due to esr version not being shipped there. 15:30:50 ah ok 15:30:58 more fun 15:31:45 manuel: is there a firefox-android patch we would need to backport, or is this all handled in geckoview? 15:32:52 * manuel[m] looking through docs now 15:33:19 ok in the meantie, did you have something rui? 15:33:22 meantime* 15:33:38 Yes thanks: 15:33:38 Do you think it would be good to make the MB alpha build more public on Mullvad website? (now that the alpha/beta naming question is settled) 15:34:20 my first instinct is 'yes definitely' 15:34:43 unless anyone has a good reason not to do so, i only see upside 15:35:34 we often complain about lack of alpha testers, so +1 15:35:39 Ok, then I'll look if I can have that "shipped" with 13.5 15:36:02 there will be some lag time before 14.0a1 is ready 15:36:08 The only question remaining for me is conceptually how should we add this to the repositories. 15:36:32 Mullvad has a stable and a beta channel. 15:36:56 We could add it to either or to both. 15:37:30 package repos you mean? 15:37:37 But the Mullvad VPN app only allows one of the channels, since the package name is the same. 15:37:50 right 15:37:51 Yes. 15:38:14 I'm not sure if it's a question for you or for us tbh. 15:40:30 yeah i don't know what makes sense 15:40:49 given there's no name collision you can probably just put them both in the same apt repo 15:42:16 PieroV: what's this about windows-gnullvm? 15:42:41 Ok, I'll go with that idea and discuss with our repositories maintainers if they have stronger opinions. :D 15:42:42 So, I've worked on updating tor-browser-build for 128 15:43:24 it makes sense to put both in the stable repo if you want to increase the number of alpha users 15:43:25 And the good news is that I got desktop to build (except MB on Windows, we'll have to investigate on some mingw problems with windows.graphics.h, and some D3D interfaces) 15:44:14 However, I got a problem with Windows also for Tor Browser: it isn't reproducible because of Rust (and maybe because of the GCC-based mingw toolchain) 15:45:42 webrtc related stuff for MB? 15:45:58 (I guess the Rust toolchain is usually pretty deterministic, but it might include some parts of mingw-w64, which has a lot of different artifacts; std is the only different thing between the build done in my computer and in tb-build-03) 15:46:20 Yes, the problem is in WebRTC. Tor Browser builds because it doesn't have WebRTC 15:46:25 righto 15:46:25 In particular video capturing 15:47:29 So, since we've had for a long time an issue about building Rust with mingw built only with LLVM stuff, I tried to check if this is enough to solve the reproducibility problem (and finally get rid of the GCC-based mingw) 15:47:40 The good news is that it is 15:48:16 is there bad news? 15:48:20 The other good news is that a LLVM-based (esp. libunwind) Rust is an official thing and it's been promoted from tier 3 to tier 2 15:48:32 ooh nice 15:48:39 The bad news is that it's considered a different target 15:49:01 {i686,x86_64,aarch64}-pc-windows-gnullvm instead of ...-pc-windows-gnu 15:49:42 Firefox can use only ...-pc-windows-gnu, because it doesn't recognize gnullvm as a valid thing. I have a patch to solve also this problem, but I see a couple of problems: 15:50:10 richard: The cert-update will be in esr 115.13 released alongside 128 (https://whattrainisitnow.com/release/?version=128). Not sure how your normal procedure is, but if you rebase it should be included (however untested). 15:50:11 1. the gnullvm toolchain isn't validated upstream (even though I assume the biggest difference is libunwind+compiler-rt vs libgcc) 15:50:43 2. modifying Firefox's build system to accept both gnu and gnullvm isn't trivial 15:50:55 richard: couldn't quickly find where the change is done in android or how QA tested it. Will follow up when I find the relevant infos. 15:51:01 manuel: thx we'll keep an eye out on extension installation for TBA next release 15:51:02 /o just arrived .. did I miss anything 15:51:19 oooh 15:51:29 so that's where the difficulty lies 15:51:44 rustc supports both, so --print supported-targtets lists both gnu and gnullvm 15:51:54 And the build system can't decide which one to use... So it gives up 15:52:10 Instead of trying both and check if you have at least std for one of the two 15:52:11 thorin: just the usual :) 15:52:35 hmm ok 15:52:44 so the supportd version works but isn't reproducible 15:52:56 * rustc --print target-list 15:53:13 Yes, the supported version works, but we have an issue to move to LLVM anyway 15:53:16 and the unsupported one is reproducible but we need to fix firefox's build system to use it? 15:53:19 And I opened an upstream Bug 15:53:30 But I haven't received any answer yet 15:53:59 this may be a try both and go with whichever works first type of situation 15:54:10 Yes, the unsupported is reproducible and we have to fix the build system... Also, the supported is distributed with rustup 15:54:17 The unsupported isn't 15:55:09 ooh 15:55:12 So, you'd have to build std for gnullvm on your own/extract it from tor-browser-build, or use x86_64-pc-windows-gnu locally and remove the patch to use gnullvm (unless we keep the patch in tor-browser-build) 15:55:30 so this would make windows on windows builds a pain? 15:55:48 well, any windows dev builds windows or no 15:55:50 I think Windows on Windows uses x86_64-pc-windows-msvc 15:56:07 jwilde: what do you think about this? 15:56:40 (also, we don't have much time left, so we might have to continue elsewhere) 15:57:06 yeah happy to move over to tor-browser-dev after 15:57:55 ok, let's signoff for now and migrate over to #tor-browser-dev for the remainder of Rust+Windows chat 15:58:18 as always have a good week folks o/ 15:58:20 #endmeeting