15:01:08 <morganava> #startmeeting Tor Browser Weekly Meeting 2024-10-15
15:01:08 <MeetBot> Meeting started Tue Oct 15 15:01:08 2024 UTC.  The chair is morganava. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:01:08 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
15:01:23 <morganava> the pad per usual -> https://pad.riseup.net/p/tor-tbb-keep#L254
15:02:04 <morganava> yesterday we had an unexpected stable Android release because we discovered it was missing the latest firefox-android tags
15:02:28 <morganava> so 13.5.8 is out and published and should be makings its way to devices this week
15:02:57 <morganava> forutnately this *particular* problem won't happen again since we have combined desktop and android repos in the 14.0+ release channel
15:03:29 <PieroV> We can also update the relprep script to tell you that the tag doesn't match HEA
15:03:31 <PieroV> HEAD
15:03:37 <catladyfelicia> o/
15:03:56 <dan_b> i think it's harder now with the 14/13.5 overlap cus we're more used to not worrying about in 14.0
15:04:03 <morganava> PieroV: yeah I think we should do this for each of our tagged repos
15:05:00 <morganava> dan_b: yeah that's exactly what happened
15:05:14 <morganava> so tor-browser and mullvad-browser basically
15:07:11 <morganava> in any event, our high priority this week is resolving the Tor Browser 14.0 QA issues -> https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42755
15:07:34 <morganava> in particular the desktop and android release candidate test pass for each of our shipped platforms
15:08:07 <bellatchau> o/
15:08:27 <morganava> i'm planning on release-prepping 14.0 toady/tomorrow with the intention of releasing next Monday, barring any show stoppers discovered this week
15:08:29 <morganava> donuts^
15:09:43 * PieroV started doing QA
15:10:04 <PieroV> I've updated my onion-tests pages to include more resources for QA: https://onion-tests.pierov.org/
15:10:24 <morganava> this will be for Tor Browser only, we'll plan to delay Mullvad Browser's 14.0 release until after the WebRTC patches are cleaned up and merged
15:10:29 <morganava> jwilde^
15:11:19 <jwilde> o7
15:11:29 <morganava> ^^;
15:11:31 <morganava> o7
15:12:43 <morganava> once 14.0 is out the door and we've had a little break, we'll be back to our regularly scheduled programming and start the 14.5 cycle
15:13:25 <morganava> the major difference this time around will be that we'll be doing (at least) the rapid-release security audits throughout the year as  releases become available to us, rather than cramming it all in next summer
15:13:54 <morganava> god willing anyway
15:14:27 <morganava> alright, i think those are the relevant updates from me, happy to cede the floor to other discussion points :)
15:16:04 <dan_b> how are folks getting assigned/picking arches/browsers to test?
15:16:45 <ma1> I can grab Android, if it's just volunteering.
15:16:51 <morganava> in the past I think we've just volunteered based on our available platforms/VMs
15:17:11 <PieroV> I took Linux i686 for now, since I have an i686 VM just for testing already
15:17:37 <morganava> i'll plan to evaluate what's missing after tomorrow and potentially reach out to people with availability
15:17:53 <ma1> And I've got an Intel macbook, if it's of interest
15:17:55 <morganava> *ideally* it would be good if we could get at least one passthrough for each desktop os/architecture pair
15:17:57 <dan_b> cool
15:18:22 <PieroV> I have also Android stuff, even though my emulator might be broken
15:18:26 <PieroV> After the Android Studio update
15:18:34 <morganava> though given past precedent I think for desktop macOS is probably the most flakey/likely to be broken
15:18:44 <morganava> between x86_64 and aarch64
15:18:58 <morganava> but i've been wrong before :p
15:19:43 <dan_b> i've got an arm macos mini so i can start there
15:20:05 <PieroV> I have several Windows VMs
15:20:13 <PieroV> I can take Windows after the meeting
15:22:46 <morganava> brilliant
15:23:07 <morganava> does anyone else have topics or things blocking them they could use help with/attention on?
15:23:10 <PieroV> Yes
15:23:15 <PieroV> Several
15:23:20 <morganava> hit it
15:23:29 <PieroV> First, as stated above, you can find several resources in onion-tests.pierov.org
15:23:50 <PieroV> Which should be easier to type than the GitLab issue with the links :)
15:23:58 * ma1 claps <3
15:24:12 <morganava> :)
15:24:25 <PieroV> Then, we've had a confirmation that the Samsung device likes TCP sockets for SOCKS more than the Unix sockets
15:24:55 <PieroV> Even though it's probably using Unix sockets for the control port without problems
15:25:11 <PieroV> We have some decisions to make
15:26:10 <PieroV> Like: Android docs itself suggests to use Unix sockets, they're less of a linkability problem, etc... So, can we keep them by default and add the option to choose TCP sockets?
15:26:52 <morganava> can you summarise the issue w/ Samsung devices? Does TCP just not work at all for the SOCKS5 proxy for whatever reason, or is it just flakey?
15:27:03 <morganava> how does the uexer experience differ from 13.5?
15:27:04 <PieroV> Also, should we use hardcoded ports with their limits, or should we implement the feature to let tor choose them even though c-tor is in maintenance status now?
15:27:11 <PieroV> morganava: this problem is with 13.5
15:27:45 <morganava> and presumably also 14.0 then
15:27:47 <PieroV> And a minority of Samsung users, I believe
15:27:49 <PieroV> https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42714
15:27:55 <morganava> cool cool fun
15:28:44 <morganava> what does Orbot do, how does it work on these devices?
15:28:57 <PieroV> Anyway, I left the questions also there, I just wanted to tell about the feedback, in case we need for the 14.0 launch
15:29:18 <PieroV> morganava: orbot uses TCP sockets because it's supposed to be shared between different apps
15:29:44 <morganava> right but I mean does it use a hard-coded port  or doe sit let the OS decide and display to the user?
15:30:23 <PieroV> Hardcoded for SOCKS, the OS decides for control, and it used to be broken in nightly builds
15:31:00 <PieroV> (we had several issues about TBA being stuck at reading the control port address from a .txt file)
15:31:12 <morganava> mmhm
15:31:37 <morganava> ok given this is a minority of samsung users, I'm fine ignoring for 14.0
15:32:10 <morganava> for 14.5 (Android at least, maybe desktop) we shoudl finally bite the bullet on switching to letting the OS decide
15:32:22 <morganava> which will have the nice side-effect of concurrent tor browsers working on desktop
15:32:30 <morganava> if we go that route
15:32:33 <PieroV> Maybe we can backport
15:32:38 <ma1> or bridging to Tor VPN #scifi
15:32:50 <PieroV> Esp. if we get the feedback of new users from the 14.0 launch
15:32:52 <morganava> ma1: yeah that's the long-term goal
15:33:13 <PieroV> (maybe that could help also to understand why it's happening only in some devices)
15:33:22 <morganava> i mean at *some* point the user workflow of piggy-backing off of Tor Browser's tor is going to break, way or another
15:33:58 <morganava> PieroV: yeah I'd be fine with backporting once we're happy with it
15:34:39 <morganava> it isn't terribly difficult to implement, it's a torrc setting and a tor GETCONF or w/e command
15:35:06 <morganava> i think the harder question is do we care about/want to support people using the hardcoded port 9150
15:36:09 <morganava> (especially since once the arti switch happens things potentially get weird)
15:37:45 <PieroV> I would like to propose we try to fit the patchset reordering at the beginning of 14.5
15:38:12 <PieroV> It would be good to do it before starting the RR rebases
15:38:34 <morganava> 100% agree
15:38:43 <morganava> particularly the Android patch shuffle/redistribution
15:40:08 <morganava> it looks like we've covered each of the discussion points for today
15:40:24 <PieroV> I've been working to update the Geckoview Makefile
15:40:34 <morganava> oh?
15:40:35 <PieroV> To include support for building also APKs
15:40:40 <PieroV> From tools/geckoview
15:41:00 <PieroV> But I'll need an ELI5 on how to successfully get Android Studio to like tor-browser.git
15:41:59 <morganava> 👀
15:42:06 <PieroV> clairehurst: dan_b: who I can reach to for some help? :)
15:42:27 <dan_b> i can?
15:42:32 <dan_b> like is a strong word
15:42:43 <dan_b> i just open mobile/android/fenix in it?
15:42:50 <clairehurst> I can help too probably
15:43:01 <PieroV> Okay, I'll send my problems offline then, thanks :)
15:43:04 <dan_b> and still use intelij for root tor-browser
15:44:46 <donuts> morganava: can you access the comms project on gitlab? if so, can you update the issue there?
15:45:02 <donuts> also ack to your previous message
15:45:08 <morganava> no idea, can  you link me offline?
15:45:18 <donuts> done
15:46:47 <morganava> brilliant
15:46:52 <morganava> ok folks
15:47:02 <morganava> as always, have a good wee and see you on the interwebs
15:47:09 <morganava> o/
15:47:17 <morganava> (anything else?)
15:47:18 <morganava> ...
15:47:19 <catladyfelicia> o/
15:47:22 <ma1> grazie, ciao!
15:47:35 <PieroV> Nothing from me
15:47:38 <morganava> ok :)
15:47:40 <morganava> #endmeeting