15:00:35 <morganava> #startmeeting Tor Browser Weekly Meeting 2024-08-06
15:00:35 <MeetBot> Meeting started Tue Aug  6 15:00:35 2024 UTC.  The chair is morganava. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:00:35 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
15:00:43 <ma1> o/
15:00:49 <dan_b> o/
15:01:25 <morganava> hi folks, the pad per usual -> https://pad.riseup.net/p/tor-tbb-keep
15:01:32 <brizental> o/
15:03:37 <morganava> ma1: re android security backports, I don't think there's nay reason to specifically backport to base-browser for now, as we shuffle such commits to the start of the tor-browser.git commit history the next month anyway
15:04:13 <ma1> ack
15:04:31 <morganava> obv if MB android becomes a thing that changes things
15:08:57 <morganava> ok, so can we get a status update on where TB Android is at, and the current signing situation w/ macOS? dan_b/boklm
15:09:35 <dan_b> anroid 128 rebase is in review, pierov is starting comments, and I'll be looking at making a commented range diff today and then starting to reposnd to comments
15:11:41 <morganava> alright excellent
15:12:21 <morganava> last i checked almost all of the RR versions have had at least 1 reviewer
15:13:33 <morganava> next steps for folks (unless you're working on some other blocker like the android build or signing) will be to start investigating/resolving the revew tickets
15:13:43 <morganava> and possibly developing patches
15:14:16 <morganava> I'll plan on on assigning them out as seems appropriate, but it would be helpful if you all could start claiming reviews in the meantime
15:14:41 <morganava> as a reminder, they can all be found linked to the relevant parent audit issues in tor-browser-spec: https://gitlab.torproject.org/tpo/applications/tor-browser-spec/-/issues
15:15:47 <morganava> otherwise I don't think I have anything else, are there any blockers people need help with?
15:16:09 <PieroV> morganava: I assigned 13.5.2 to boklm
15:16:28 <PieroV> But maybe you want to take them instead
15:16:44 <morganava> ah yeah, I can do that
15:16:49 <PieroV> Builds are matching and I've already sent the tor-qa@ email (but a moderator needs to approve it)
15:16:54 <morganava> do we know if the latest signing iteration has resolved our macOS problems for 14.0a1?
15:17:01 <PieroV> Yes
15:17:05 <PieroV> I tested on x86
15:17:12 <morganava> ah thank christ
15:17:15 <PieroV> Maybe somebody should test on arm
15:17:32 <PieroV> 115 should be unaffected, but still a good idea to check it
15:17:40 <PieroV> In case of spills from 128
15:18:02 <PieroV> Mullvad won't do the QA today at this point, but tomorrow
15:18:20 <PieroV> (also, we haven't built on their infra, but we have our builds)
15:18:38 <morganava> alright brilliant
15:18:50 <morganava> dan_b, clairehurst: woudl one of you midn verifying the 14.0a1 arm build?
15:18:56 <morganava> would*, mind*
15:18:58 <PieroV> Apart from this, I'll give P1 to reviewing Android
15:19:08 <morganava> yes plelase
15:19:19 <PieroV> The review is assigned to me, but I'll need someone to verify things such as resources
15:19:44 <PieroV> dan_b: do you have a 125-based branch in your tor-browser.git fork?
15:20:09 <dan_b> 14.0a1? is that just stock firefox-android on our modified geckoview?
15:20:10 <PieroV> Or should I cherry-pick from firefox-android.git to my tor-browser.git fork for reviewing?
15:20:20 <morganava> alright lets flag down clairehurst for additional review for the android rebase
15:20:23 <PieroV> dan_b: I think it was for macOS
15:20:31 <dan_b> pierov: no, I restructured in firefox-android and then jumped straight to TB 128
15:20:39 <clairehurst> arm for mac? I can do that
15:20:39 <dan_b> ah then yes I can try that out
15:20:43 <dan_b> where is it?
15:20:54 <clairehurst> is it just running it or what do you mean by verifying?
15:20:54 <PieroV> dan_b: with `git am -d`?
15:21:22 <PieroV> clairehurst: dan_b: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/41202#note_3056376
15:21:44 <dan_b> pierov? whats git am?
15:21:55 <PieroV> There's a dmg boklm signed, it shouldn't crash at the startup
15:22:23 <PieroV> dan_b: it's a way for moving patches without adding the remote of different repositories
15:22:25 <dan_b> oh as patches
15:22:26 <clairehurst> And yeah just assign/ping me on anything you want reviewed
15:22:29 <dan_b> no
15:22:32 <morganava> :)
15:22:38 <PieroV> am is apply mail
15:22:47 <dan_b> i just restructured the structure of firefox-android to match tb, then added it as a remote and cherry picked the changes
15:22:58 <PieroV> And it's the command to work with git format-patch
15:23:13 <PieroV> dan_b: ack, I will work my way to review then
15:23:38 <dan_b> the initial 128 I discovered is a bit of a mess, the -fix is muuuch better
15:24:00 <PieroV> Yep, I found a couple of rebase problems with range-diff
15:24:17 <PieroV> But I saw you already fixed them in the final branch :)
15:25:01 <PieroV> Should we plan for a -2 rebase for 128.1.0 after we merge Android?
15:25:27 <PieroV> Or should we give absolute priority to audits?
15:25:44 <ma1> what's a -2 rebase?
15:26:01 <PieroV> ma1: it's a rebase where we shuffle commits, squash/unsquash, reorder the patchset in general
15:26:09 <ma1> ack
15:26:23 <PieroV> It's the last number of the branch names
15:26:32 <PieroV> We use it for all the cases that can't be solved with a normal MR
15:26:53 <PieroV> And we need to push it on top of the FIREFOX_ tag (e.g., we did a -2 rebase also for linting)
15:28:10 <morganava> wfm, so long as it's just a shuffling and the total diff is the same
15:28:59 <PieroV> I think doing it earlier would be better
15:29:10 <PieroV> Because it's already time to rebase on RR
15:29:43 <PieroV> But if we do a reorder earlier we can wait to start the work, and do two-three versions (129, 130 and if needed 131) together
15:31:12 <dan_b> so wait is 14.0 following rapid release?
15:31:18 <PieroV> No
15:31:33 <PieroV> But the idea is to spread the ESR work during the year
15:31:37 <PieroV> At least for rebases and audits
15:31:42 <morganava> yes
15:31:49 <morganava> what is RR on now?
15:31:50 <morganava> 129?
15:31:54 <ma1> today
15:32:00 <PieroV> Today 129 has been released as stable
15:32:10 <PieroV> So, 130 is going beta and 131 is starting nightly
15:32:31 <morganava> I suppose post TB 14 we'll need a few months of double audits to catch up
15:32:45 <PieroV> The most of the work happens when in nightly, so I think we best tag to do rebases at are when a nightly ends
15:32:57 <PieroV> After that there are only backports that might cause conflicts
15:33:20 <PieroV> And we don't really have a reason to ride a beta with our patchset unless we plan of building
15:34:24 <morganava> right
15:35:07 <morganava> well in the short term i think we should somewhat prioritise the nightly rebases behind 14.0 must haves, and plan on catching up on audits in the fall
15:35:24 <morganava> and hopeuflly be in a good spot by the time we need to start transitioning in April
15:35:49 <morganava> alright any other discussion points, topics, blockers? anything people need help with?
15:36:41 <PieroV> Not from me. I will try to finish reviewing Android ASAP, hopefully tomorrow
15:36:57 <dan_b> sweet thanks
15:37:05 <dan_b> you still want me to try a commented range diff?
15:37:28 <dan_b> or should i prioritize responding to comments?
15:37:29 <PieroV> dan_b: no, I think I'm good with 115-125
15:37:40 <dan_b> splendid
15:37:50 <PieroV> There weren't stuff that was hard to understand. In case I added comments
15:37:50 <dan_b> then comments and then I can start looking at patch review 😄
15:38:07 <morganava> i'll planon signing 13.5.2 today
15:38:11 <PieroV> wfm. I think the priority at this point is start having nightlies
15:38:19 <morganava> dan_b, clairehurst: are one of you free to check the macOS build?
15:38:34 <morganava> later today I mean
15:38:39 <dan_b> clairehurst i think said she was? but I can otherwise
15:38:43 <clairehurst> I can do that yeah
15:39:06 <morganava> ah ok
15:39:11 <morganava> alright brilliant
15:39:24 <morganava> then have a good week folks, lemme know if you need anything o/
15:39:27 <morganava> #endmeeting