From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1.migadu.com ([2001:41d0:403:58f0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms13.migadu.com with LMTPS id UMddIYci3WaK9wAA62LTzQ:P1 (envelope-from ) for ; Sun, 08 Sep 2024 04:05:27 +0000 Received: from aspmx1.migadu.com ([2001:41d0:403:58f0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1.migadu.com with LMTPS id UMddIYci3WaK9wAA62LTzQ (envelope-from ) for ; Sun, 08 Sep 2024 06:05:27 +0200 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=debbugs.gnu.org header.s=debbugs-gnu-org header.b=bgWR4rdv; dkim=fail ("headers rsa verify failed") header.d=retrospec.tv header.s=fm3 header.b=mebTdRGw; dkim=fail ("headers rsa verify failed") header.d=messagingengine.com header.s=fm1 header.b="g hJ8FBK"; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1725768327; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=nx0Gd4NN8Lu/vqAm1tTiKQ9zvCDYVkno0mkNAIlryD4=; b=AnZEdYlbNpof+buX5u+pSLuOb3maugPMs7yROAcG5uXQPi6VuphIUuEI1HKkPSYJxeoksJ +YY4EjfhBybGxs/FNkH8qt/DVf76yWH0l8lowCdqFPEO18F+dqNFSNboKbZMqs5PZB2pG2 H4t6v1x9dHUBXaCQOgyc2OdBqMvvRYqzPj3fmNMV34DEJv8sevQ/5qfqdVQatm9bLmKUSX WfANv/dncYkl4YamVfDivOYk/ZgQo8ydBOf4Vpn/9CXi1FvNl+pwEm13cLQQ0jElAp1ksZ CN86VgwaEQq1xa1k/li7v0pu6jVQdYTvcf0oqqWy0I5xOuFTAxxhw04HxE/D2w== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1725768327; a=rsa-sha256; cv=none; b=Bo9BZ9l1m5kfGQMKfLVcNgENK3cJrcmfgyGT1DI3Ty+EXL4bRphiTQLkORcEB8Sf+ExDvi 3EEw/ZF/mFsbC45KHlwHXn79d3SLSZYNd4IPC8zNV4pIRptgXuhFB3DUN8ijeMCNjWwur5 2SwjHWUgQoLE/yDG8Uw1FeQlRjo6Aca/WHmx4XezuvbSDSwZOZwZ1LVpOIs5wOsXAVzKmH x4Ls5EnqjUcuY08/UhOXUgz5DcrURbC87nSSEtsRJWQdObThi5OLBxDAevszZTHE73zA9M jw9crIXu2FEcKYL5h1uBTc6D0t+uo5rUXFMPKSjMikLuJbQD7YQjV0U0iNbgIQ== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=debbugs.gnu.org header.s=debbugs-gnu-org header.b=bgWR4rdv; dkim=fail ("headers rsa verify failed") header.d=retrospec.tv header.s=fm3 header.b=mebTdRGw; dkim=fail ("headers rsa verify failed") header.d=messagingengine.com header.s=fm1 header.b="g hJ8FBK"; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 2D4407AF3D for ; Sun, 08 Sep 2024 06:05:26 +0200 (CEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sn9Af-0000BW-00; Sun, 08 Sep 2024 00:05:05 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sn9Aa-0000B7-Qy for guix-patches@gnu.org; Sun, 08 Sep 2024 00:05:01 -0400 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sn9Aa-00059B-Hy for guix-patches@gnu.org; Sun, 08 Sep 2024 00:05:00 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debbugs.gnu.org; s=debbugs-gnu-org; h=MIME-Version:In-reply-to:Date:From:References:To:Subject; bh=nx0Gd4NN8Lu/vqAm1tTiKQ9zvCDYVkno0mkNAIlryD4=; b=bgWR4rdvtR6blVQtDvh50BJjEk8E9lL4cZd+tZU1oLJKiTavd6E98nHHmsevgOHFxBqnSibkyCVF1S4JZ3WWHJURSFDgUJ1Il7mdI2Ch50ck/nsF8TWx1R8CzEScsxPaI+BVPHiYXwXCYF/6LmMt0T6U9zwn0yPlY3T55I0HkRqGxuYD7S6RfUHZED7qozLxjAGjXkzToXMZxIIZutnjqjBaDDNGydg8jM6HOAVlEuxl9oa1sxYmM3Jegtp34eqng1erPkjy91964QC0FAethxP0qJBU7rqcRa5h15imCFl2pXPXhtlw7bTh+VA+3DfQwPQWBh3XB9txPZt9s4LYBQ==; Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1sn9Ab-0000WO-VV for guix-patches@gnu.org; Sun, 08 Sep 2024 00:05:01 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#71782] [PATCH v5 3/4] gnu: torbrowser: Update to 13.5.3 [security fixes]. Resent-From: Ian Eure Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sun, 08 Sep 2024 04:05:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 71782 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: =?UTF-8?Q?Andr=C3=A9?= Batista Cc: mhw@netris.org, jonathan.brielmaier@web.de, 71782@debbugs.gnu.org Received: via spool by 71782-submit@debbugs.gnu.org id=B71782.17257682911979 (code B ref 71782); Sun, 08 Sep 2024 04:05:01 +0000 Received: (at 71782) by debbugs.gnu.org; 8 Sep 2024 04:04:51 +0000 Received: from localhost ([127.0.0.1]:57845 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sn9AQ-0000Vo-NP for submit@debbugs.gnu.org; Sun, 08 Sep 2024 00:04:51 -0400 Received: from fout2-smtp.messagingengine.com ([103.168.172.145]:58051) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sn9AO-0000Va-0G for 71782@debbugs.gnu.org; Sun, 08 Sep 2024 00:04:49 -0400 Received: from phl-compute-01.internal (phl-compute-01.phl.internal [10.202.2.41]) by mailfout.phl.internal (Postfix) with ESMTP id BA6AB138027B; Sun, 8 Sep 2024 00:04:40 -0400 (EDT) Received: from phl-mailfrontend-02 ([10.202.2.163]) by phl-compute-01.internal (MEProxy); Sun, 08 Sep 2024 00:04:40 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h= cc:cc:content-transfer-encoding:content-type:content-type:date :date:from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to; s=fm3; t=1725768280; x=1725854680; bh=nx0Gd4NN8Lu/vqAm1tTiKQ9zvCDYVkno0mkNAIlryD4=; b= mebTdRGw/fWwpYQz6S9psCfgwZr3EnvCOO3HQTJKWw1OVVvYpcUDbFpPoIe5Weeb hBPEGxprhQTXZC4LNZbySk9abwu1e/QmVHYyiX4a/3HcZp9Dx16SDhG5yPzcDPBU yjw3Msz1ftkrk8n2Qxnv0yob+Tf6d8nifvZ+76YuL7l2cQRL4EUR1MW/K6HRGAFj TZcLsifWVNcr+n83eMP9rKw/G6sZaZ5X+9k7R2CgUbOAQxPfmJs1r7lyWae4D2v4 2PFvsQRO6gEdYdQWKW6MwAhdP8UFr90q9Scia+bMQLcGfGOGnf2LvJfNIgb+vkf4 qh+WKExiZA7Z3i978d+cZA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t=1725768280; x= 1725854680; bh=nx0Gd4NN8Lu/vqAm1tTiKQ9zvCDYVkno0mkNAIlryD4=; b=g hJ8FBKrlsIF1me0ZlhmgdmyWAnXeGEoAMFj0bRUiNGQENwsdmkDNc6AW/Tw0HIn5 DhlLaPMrcQy9wWZgdLyXfNygoip7faCM0pBCyTffQGwYXJT/D8qse/1SahL8s9KL uRhwPElBVLzK35LAPwvwxcZaDTLF7rPaFqK/Xzqwr2GgYCVaz3FrRi+uiQvLauKG TahfBiMHGjvFi3F5ubQKO/k10tMeQisnG+S0ezvSFiHux7duDiWmsYAyEf4CbqVy 26wEwQP2A4yC0miMCaYtu5U7JCMxIdY4h8ZvghzT1edeq+AJy6jjNspPzWMPKPyN KM/P6pC3dGoL3MXGVSxBw== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrudeigedgkedtucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggvpdfu rfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnh htshculddquddttddmnecujfgurhepfhgfhffvvefuffgjkfggtgfgsehtqhertddtreej necuhfhrohhmpefkrghnucfguhhrvgcuoehirghnsehrvghtrhhoshhpvggtrdhtvheqne cuggftrfgrthhtvghrnhephfelvedtieeffffggeeivdeukedutedtveejfffhleeileef heeggfdugfeiuefhnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilh hfrhhomhepihgrnhesrhgvthhrohhsphgvtgdrthhvpdhnsggprhgtphhtthhopeegpdhm ohguvgepshhmthhpohhuthdprhgtphhtthhopehmhhifsehnvghtrhhishdrohhrghdprh gtphhtthhopehjohhnrghthhgrnhdrsghrihgvlhhmrghivghrseifvggsrdguvgdprhgt phhtthhopeejudejkedvseguvggssghughhsrdhgnhhurdhorhhgpdhrtghpthhtohepnh grnhgurhgvsehrihhsvghuphdrnhgvth X-ME-Proxy: Feedback-ID: id9014242:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sun, 8 Sep 2024 00:04:39 -0400 (EDT) References: <20240905230801.5772-1-nandre@riseup.net> <20240905231807.5950-1-nandre@riseup.net> <878qw424vb.fsf@meson> User-agent: mu4e 1.8.13; emacs 28.2 From: Ian Eure Date: Sat, 07 Sep 2024 20:54:39 -0700 In-reply-to: Message-ID: <8734maeqp5.fsf@retrospec.tv> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: guix-patches-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US X-Migadu-Spam-Score: -7.62 X-Spam-Score: -7.62 X-Migadu-Queue-Id: 2D4407AF3D X-Migadu-Scanner: mx11.migadu.com X-TUID: 9OR2DZ5ajviN Hi Andr=C3=A9, Andr=C3=A9 Batista writes: > Hi Ian, > > sex 06 set 2024 =C3=A0s 08:05:28 (1725620728), ian@retrospec.tv=20 > enviou: >>=20 >> This all looks good to me. I built and ran both browsers and=20 >> they seem to >> be working how I=E2=80=99d expect. > > Great, thanks! > >> My only question is around the locale handling -- (gnu packages=20 >> gnuzilla) >> has a setup for these which I was able to reuse for LibreWolf.=20 >> Is that >> possible for mullvad and torbrowser? It would be nice to have=20 >> a unified way >> of handling this, instead of each browser implementing its own=20 >> strategy. >>=20 > > I'm not sure I understand why you think this to be desirable,=20 > could you > elaborate? > There=E2=80=99s a lot of duplication between the Firefox-derived browsers=20 in Guix, and I think it would be good to reduce it where it makes=20 sense. Because the locales are a separate package used as an=20 input, this seems like a part of them which could be handled in a=20 uniform way, to the benefit of all (assuming they use the same=20 locale data). > I'm also not sure if this is possible (without incuring in=20 > glitches) and > in my opinion this is not desirable for both torbrowser and=20 > mullvad > because: > > I. Both these browsers have modified pristine firefox in a=20 > number of > non-trivial ways. Eg.: if you go to about:preferences you will=20 > see that > there are various user settings which are specific to this=20 > browsers or > even when you first launch torbrowser the connection settings=20 > page is > unknown to firefox. I believe that's the reason why these=20 > browsers do > not support 'all-mozilla-locales', but just a subset which has=20 > been > worked upon by the torproject. > I see, now that I read the patch more closely, it looks like the=20 upstream locale data wasn=E2=80=99t being used, despite reusing the=20 `mozilla-locale' code from Gnuzilla. > II. In order to avoid guix users having a different fingerprint,=20 > we try > to be as close as possible to what upstream does. I'm not sure=20 > if locale > version could be somehow infered from the network, but I guess=20 > using the > same version is the safest bet; > > III. Currently on guix master, these browsers are using code=20 > copied from > gnuzilla.scm, but with a subset of locales and different=20 > changesets > that are based on torproject settings. However, torproject has=20 > moved > from mercurial to the unified github firefox locales[1] which=20 > has > immensily simplified the work required to update the changesets=20 > (now > actually commits) and all locales supported on those browsers=20 > now have > only one commit, instead of various changesets on single locale=20 > repos; > This makes sense to me with the additonal context. > IV. Moreover, I believe mozilla itself is on the way of=20 > deprecating > mercurial l10n-central in favor of firefox-locales git repo,=20 > since > this is where all work has been happening[2], while l10n-central=20 > has > stopped at 2024-07-10[2]. So probably in a not so distant future > gnuzilla will have to move on to that as well. > I wasn=E2=80=99t aware of this, but that=E2=80=99s great news, as it=E2=80= =99ll make=20 reproducible builds much easier. Thank you for letting me know. > So I stand by the changes proposed on this patch series, at=20 > least as > things stand. > Makes sense. I=E2=80=99m still in favor of merging them. Thank you for=20 taking the time to explain. Thanks, =E2=80=94 Ian