[tor-commits] [Git][tpo/applications/mullvad-browser][mullvad-browser-115.6.0esr-13.5-1] 2 commits: fixup! Base Browser's .mozconfigs.
Pier Angelo Vendrame pushed to branch mullvad-browser-115.6.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser Commits: 90eff981 by Pier Angelo Vendrame at 2023-12-19T19:24:10+01:00 fixup! Base Browsers .mozconfigs. Bug 42337: Enable GeckoDriver for all desktop platforms - - - - - 693ca54f by Pier Angelo Vendrame at 2023-12-19T19:24:27+01:00 fixup! Base Browsers .mozconfigs. Bug 42146: Use LLD on Linux. This should allow us to restore debug symbols on Linux i686. - - - - - 4 changed files: - browser/config/mozconfigs/base-browser - mozconfig-linux-i686 - mozconfig-linux-x86_64 - mozconfig-linux-x86_64-dev Changes: = browser/config/mozconfigs/base-browser = @@ -44,3 +44,6 @@ ac_add_options --disable-legacy-profile-creation if test -z "$WASI_SYSROOT"; then ac_add_options --without-wasm-sandboxed-libraries fi + +# tor-browser#42337 +ac_add_options --enable-geckodriver = mozconfig-linux-i686 = @@ -2,8 +2,11 @@ ac_add_options --target=i686-linux-gnu -ac_add_options --enable-default-toolkit=cairo-gtk3 +# Moz switched to lld for all Linux targets in Bug 1839739. +# Also, gold used not to work with debug symbols (tor-browser#42146). +ac_add_options --enable-linker=lld + +ac_add_options --disable-strip +ac_add_options --disable-install-strip -# Bug 31448: ld.gold fails if we don't disable debug-symbols. -# Also, we keep strip enabled. -ac_add_options --disable-debug-symbols +ac_add_options --enable-default-toolkit=cairo-gtk3 = mozconfig-linux-x86_64 = @@ -1,9 +1,9 @@ . $topsrcdir/browser/config/mozconfigs/mullvad-browser -ac_add_options --enable-default-toolkit=cairo-gtk3 +# Moz switched to lld for all Linux targets in Bug 1839739. +ac_add_options --enable-linker=lld ac_add_options --disable-strip ac_add_options --disable-install-strip -# We want to bundle an own geckodriver, so we can use it for QA and other work -ac_add_options --enable-geckodriver +ac_add_options --enable-default-toolkit=cairo-gtk3 = mozconfig-linux-x86_64-dev = @@ -4,6 +4,9 @@ # It is only intended to be used when doing incremental Linux builds # during development. +# Moz switched to lld for all Linux targets in Bug 1839739. +ac_add_options --enable-linker=lld + export MOZILLA_OFFICIAL= ac_add_options --with-branding=browser/branding/mb-nightly View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/248ae1fbb299f03546a515d967826822b1cc35ac...693ca54f6d6db623c6f61b666560b3146941a7b2 -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/248ae1fbb299f03546a515d967826822b1cc35ac...693ca54f6d6db623c6f61b666560b3146941a7b2 You're receiving this email because of your account on gitlab.torproject.org. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [Git][tpo/applications/tor-browser][tor-browser-115.6.0esr-13.5-1] 2 commits: fixup! Base Browser's .mozconfigs.
Pier Angelo Vendrame pushed to branch tor-browser-115.6.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 06650bd2 by Pier Angelo Vendrame at 2023-12-19T19:03:00+01:00 fixup! Base Browsers .mozconfigs. Bug 42337: Enable GeckoDriver for all desktop platforms - - - - - d481630a by Pier Angelo Vendrame at 2023-12-19T19:03:01+01:00 fixup! Base Browsers .mozconfigs. Bug 42146: Use LLD on Linux. This should allow us to restore debug symbols on Linux i686. - - - - - 4 changed files: - browser/config/mozconfigs/base-browser - mozconfig-linux-i686 - mozconfig-linux-x86_64 - mozconfig-linux-x86_64-dev Changes: = browser/config/mozconfigs/base-browser = @@ -46,3 +46,6 @@ ac_add_options --disable-legacy-profile-creation if test -z "$WASI_SYSROOT"; then ac_add_options --without-wasm-sandboxed-libraries fi + +# tor-browser#42337 +ac_add_options --enable-geckodriver = mozconfig-linux-i686 = @@ -2,8 +2,11 @@ ac_add_options --target=i686-linux-gnu -ac_add_options --enable-default-toolkit=cairo-gtk3 +# Moz switched to lld for all Linux targets in Bug 1839739. +# Also, gold used not to work with debug symbols (tor-browser#42146). +ac_add_options --enable-linker=lld + +ac_add_options --disable-strip +ac_add_options --disable-install-strip -# Bug 31448: ld.gold fails if we don't disable debug-symbols. -# Also, we keep strip enabled. -ac_add_options --disable-debug-symbols +ac_add_options --enable-default-toolkit=cairo-gtk3 = mozconfig-linux-x86_64 = @@ -1,9 +1,9 @@ . $topsrcdir/browser/config/mozconfigs/tor-browser -ac_add_options --enable-default-toolkit=cairo-gtk3 +# Moz switched to lld for all Linux targets in Bug 1839739. +ac_add_options --enable-linker=lld ac_add_options --disable-strip ac_add_options --disable-install-strip -# We want to bundle an own geckodriver, so we can use it for QA and other work -ac_add_options --enable-geckodriver +ac_add_options --enable-default-toolkit=cairo-gtk3 = mozconfig-linux-x86_64-dev = @@ -4,6 +4,9 @@ # It is only intended to be used when doing incremental Linux builds # during development. +# Moz switched to lld for all Linux targets in Bug 1839739. +ac_add_options --enable-linker=lld + export MOZILLA_OFFICIAL= export MOZ_APP_REMOTINGNAME="Tor Browser Dev" ac_add_options --with-branding=browser/branding/tb-nightly View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/3a748654f9af7e6458e21a701e53246854c698e1...d481630a1ff1a7f4005fd815756a45ea63194f55 -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/3a748654f9af7e6458e21a701e53246854c698e1...d481630a1ff1a7f4005fd815756a45ea63194f55 You're receiving this email because of your account on gitlab.torproject.org. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [Git][tpo/applications/tor-browser-build] Pushed new tag mb-13.5a3-build1
richard pushed new tag mb-13.5a3-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/mb-13.5a3-build1 You're receiving this email because of your account on gitlab.torproject.org. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [Git][tpo/applications/tor-browser-build][maint-13.0] Bug 41050: Improve disk leak sanitization on startup.
ma1 pushed to branch maint-13.0 at The Tor Project / Applications / tor-browser-build Commits: 8ebeb4d1 by hackademix at 2023-12-19T17:15:07+01:00 Bug 41050: Improve disk leak sanitization on startup. - - - - - 1 changed file: - projects/browser/RelativeLink/start-browser Changes: = projects/browser/RelativeLink/start-browser = @@ -258,18 +258,32 @@ HOME="${PWD}" export HOME # Prevent disk leaks in $HOME/.local/share (tor-browser#17560) +function erase_leaky() { + local leaky="$1" + [ -e "$leaky" ] && + ( srm -r "$leaky" || + wipe -r "$leaky" || + find "$leaky" -type f -exec shred -u {} \; ; + rm -rf "$leaky" + ) > /dev/null 2>&1 +} local_dir="$HOME/.local/" share_dir="$local_dir/share" -if [ -d "$share_dir" ]; then -( srm -r "$share_dir" || - wipe -r "$share_dir" || - find "$share_dir" -type f -exec shred -u {} \; ; - rm -rf "$share_dir" -) > /dev/null 2>&1 -else -mkdir -p "$local_dir" +# We don't want to mess with symlinks, possibly pointing outside the +# Browser directory (tor-browser-build#41050). +# We're not using realpath/readlink for consistency with the (possibly +# outdated) availability assumptions made elsewhere in this script. +if ! [ -L "$local_dir" -o -L "$share_dir" ]; then + if [ -d "$share_dir" ]; then + for leaky_path in "gvfs-metadata" "recently-used.xbel"; do + erase_leaky "$share_dir/$leaky_path" + done + else + mkdir -p "$local_dir" + fi + ln -fs /dev/null "$share_dir" fi -ln -fs /dev/null "$share_dir" +[ -L "$HOME/.cache" ] || erase_leaky "$HOME/.cache/nvidia" [% IF c("var/tor-browser") -%] SYSARCHITECTURE=$(getconf LONG_BIT) View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/8ebeb4d1651dfbd73d96df293e115835ccf7de83 -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/8ebeb4d1651dfbd73d96df293e115835ccf7de83 You're receiving this email because of your account on gitlab.torproject.org. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [Git][tpo/applications/mullvad-browser] Pushed new tag mullvad-browser-115.6.0esr-13.5-1-build2
richard pushed new tag mullvad-browser-115.6.0esr-13.5-1-build2 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullvad-browser-115.6.0esr-13.5-1-build2 You're receiving this email because of your account on gitlab.torproject.org. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [Git][tpo/applications/tor-browser-build][main] Bug 41041: Sign mullvad-browser nightly updates
boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: fd32e065 by Nicolas Vigier at 2023-12-19T14:01:33+01:00 Bug 41041: Sign mullvad-browser nightly updates - - - - - 1 changed file: - tools/signing/nightly/config.yml Changes: = tools/signing/nightly/config.yml = @@ -13,16 +13,14 @@ torbrowser: nss_db_dir: nssdb appname_marfile: tor-browser appname_bundle: tor-browser -basebrowser: +mullvadbrowser: publish_dirs: -- basebrowser-nightly-linux-x86_64 -- basebrowser-nightly-linux-i686 -- basebrowser-nightly-windows-x86_64 -- basebrowser-nightly-windows-i686 -- basebrowser-nightly-macos - nss_db_dir: nssdb-basebrowser-1 - appname_marfile: base-browser - appname_bundle: base-browser +- mullvadbrowser-nightly-linux-x86_64 +- mullvadbrowser-nightly-windows-x86_64 +- mullvadbrowser-nightly-macos + nss_db_dir: nssdb-mullvadbrowser-1 + appname_marfile: mullvad-browser + appname_bundle: mullvad-browser nss_certname: nightly-marsigner gpg_keyring: keyring/torbrowser-nightly.gpg rsync_dest: /srv/tbb-nightlies-master.torproject.org/htdocs/nightly-updates/ View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/fd32e065f27a2ad609eef7e38b7c11f2188271bd -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/fd32e065f27a2ad609eef7e38b7c11f2188271bd You're receiving this email because of your account on gitlab.torproject.org. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [Git][tpo/applications/tor-browser-build][maint-13.0] Bug 41044: Add version.json file to Mullvad Browser
richard pushed to branch maint-13.0 at The Tor Project / Applications / tor-browser-build Commits: f958a200 by Nicolas Vigier at 2023-12-19T12:01:40+00:00 Bug 41044: Add version.json file to Mullvad Browser Add a file to make it easier to detect the version of Mullvad Browser installed, like the tbb_version.json file we have in Tor Browser. - - - - - 2 changed files: - projects/browser/build - projects/browser/config Changes: = projects/browser/build = @@ -302,10 +302,9 @@ do [% c("touch") %] defaults/preferences/[% c("var/prefs_file") %] zip -Xm omni.ja defaults/preferences/[% c("var/prefs_file") %] rm -rf defaults - [% IF c("var/tor-browser") %] -# create tbb_version.json file for tor-browser#25020 -echo '{"version":"[% c("var/torbrowser_version") %]","architecture":"[% c("var/mar_osname") %]","channel":"[% c("var/channel") %]","locale":"en-US"}' > ../tbb_version.json - [% END -%] + # create tbb_version.json (torbrowser) or version.json (mullvadbrowser) + # file for tor-browser#25020 and tor-browser-build#41044 + echo '{"version":"[% c("var/torbrowser_version") %]","architecture":"[% c("var/mar_osname") %]","channel":"[% c("var/channel") %]","locale":"en-US"}' > ../[% c("var/version_json") %] popd done = projects/browser/config = @@ -13,6 +13,7 @@ var: - bzip2 - jq mar_osname: '[% c("var/osname") %]' + version_json: version.json targets: linux: @@ -49,6 +50,7 @@ targets: torbrowser: var: prefs_file: 000-tor-browser.js + version_json: tbb_version.json basebrowser: var: prefs_file: 001-base-profile.js View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/f958a20063525401a051af69044c745b579c362b -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/f958a20063525401a051af69044c745b579c362b You're receiving this email because of your account on gitlab.torproject.org. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [Git][tpo/applications/tor-browser-build][maint-13.0] Bug 41043: Create script to push build requests to Mullvad build servers
richard pushed to branch maint-13.0 at The Tor Project / Applications / tor-browser-build Commits: 10fe31fe by Richard Pospesel at 2023-12-19T12:00:13+00:00 Bug 41043: Create script to push build requests to Mullvad build servers - - - - - 4 changed files: - Makefile - projects/release/config - + projects/release/kick_devmole_build - rbm.local.conf.example Changes: = Makefile = @@ -679,6 +679,10 @@ torbrowser-signtag-release: submodule-update torbrowser-signtag-alpha: submodule-update $(rbm) build release --step signtag --target alpha --target torbrowser +# requires var/devmole_auth_token to be set in rbm.local.conf +torbrowser-kick-devmole-build: submodule-update + $(rbm) build release --step kick_devmole_build --target torbrowser + # requires tpo_user variable be set in rbm.local.conf mullvadbrowser-upload-sha256sums-release: submodule-update $(rbm) build release --step upload_sha256sums --target release --target mullvadbrowser @@ -693,6 +697,10 @@ mullvadbrowser-signtag-release: submodule-update mullvadbrowser-signtag-alpha: submodule-update $(rbm) build release --step signtag --target alpha --target mullvadbrowser +# requires var/devmole_auth_token to be set in rbm.local.conf +mullvadbrowser-kick-devmole-build: submodule-update + $(rbm) build release --step kick_devmole_build --target mullvadbrowser + fetch: submodule-update $(rbm) fetch = projects/release/config = @@ -279,3 +279,8 @@ steps: name: mar-tools pkg_type: fetch_martools compare_mar_signed_unsigned: '[% INCLUDE compare_mar_signed_unsigned %]' + kick_devmole_build: +build_log: '-' +debug: 0 +input_files: [] +kick_devmole_build: '[% INCLUDE kick_devmole_build %]' = projects/release/kick_devmole_build = @@ -0,0 +1,42 @@ +#!/usr/bin/bash + +# This script triggers a build of Tor or Mullvad Browser on Mullvad Infrastructure +# Hashes are saved here: https://cdn.stagemole.eu/hashes/ +# A Mullvad build server auth token (var/devmole_auth_token) is required to build +# For now you have to be connecting from Sweden (ie via Malmö or Gothenburg exits using MullvadVPN) for your request to succeed + +set -e + +# get our build tag +TAG=[% c("var/git_tag_prefix") %]-[% c("var/torbrowser_version") %]-[% c("var/torbrowser_build") %] + +# check for tag existence +if ! git rev-parse ${TAG} > /dev/null 2>&1; then +echo "Error: build tag '${TAG}' does not exist" +exit 1 +fi + +# determine whether alpha or release based on the build tag +RELEASE= +if [[ "${TAG}" =~ ^(mb|tbb)-[1-9][0-9]\.[05]a[1-9][0-9]*-build[1-9]$ ]]; then +RELEASE="alpha" +elif [[ "${TAG}" =~ ^(mb|tbb)-[1-9][0-9]\.[05](\.[1-9][0-9]*)?-build[1-9]$ ]]; then +RELEASE="release" +else +echo "Error: malformed build tag '${TAG}'" +exit 1 +fi + +# get auth token for submission to devmole build server +AUTH_TOKEN=[% c("buildconf/devmole_auth_token") %] +if [[ "${AUTH_TOKEN}" = "" ]]; then +echo "AUTH_TOKEN: ${AUTH_TOKEN}" +echo "Error: buildconf/devmole_auth_token missing from rbm.local.conf" +exit 1 +fi + +# make request +curl -X POST "https://drone-server.devmole.eu/api/repos/mullvad/browser-build/builds?branch=main=${TAG}=${RELEASE}; -H "Authorization: Bearer ${AUTH_TOKEN}" -H "Accept: application/json" + +echo +echo Hashes will appear here: https://cdn.stagemole.eu/hashes/[% c("var/projectname") %]/[% c("var/torbrowser_version") %]-[% c("var/torbrowser_build") %] = rbm.local.conf.example = @@ -42,6 +42,11 @@ buildconf: ### signing the tag. #git_signtag_opt: '-u keyid' + ### The buildconf/devmole_auth_token option is used for starting remote builds on + ### Mullvad's devmole server using the kick_devmole_build step in the release + ### project. Such a token can be acquired from the Mullvad sysadmins. + #devmole_auth_token: abcdefghijklmnopqrstuvwxyz012345 + var: local_conf: 1 View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/10fe31feb7efd4dd7a68364d4cb43cf54e9444a8 -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/10fe31feb7efd4dd7a68364d4cb43cf54e9444a8 You're receiving this email because of your account on gitlab.torproject.org. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [Git][tpo/applications/mullvad-browser][mullvad-browser-115.6.0esr-13.5-1] squash! MB 79: Add Mullvad Browser MAR signing keys
richard pushed to branch mullvad-browser-115.6.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser Commits: 248ae1fb by Nicolas Vigier at 2023-12-19T11:11:15+00:00 squash! MB 79: Add Mullvad Browser MAR signing keys MB 256: Add mullvad-browser nightly mar signing key - - - - - 2 changed files: - toolkit/mozapps/update/updater/nightly_aurora_level3_primary.der - toolkit/mozapps/update/updater/nightly_aurora_level3_secondary.der Changes: = toolkit/mozapps/update/updater/nightly_aurora_level3_primary.der = Binary files a/toolkit/mozapps/update/updater/nightly_aurora_level3_primary.der and b/toolkit/mozapps/update/updater/nightly_aurora_level3_primary.der differ = toolkit/mozapps/update/updater/nightly_aurora_level3_secondary.der = Binary files a/toolkit/mozapps/update/updater/nightly_aurora_level3_secondary.der and b/toolkit/mozapps/update/updater/nightly_aurora_level3_secondary.der differ View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/248ae1fbb299f03546a515d967826822b1cc35ac -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/248ae1fbb299f03546a515d967826822b1cc35ac You're receiving this email because of your account on gitlab.torproject.org. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [Git][tpo/applications/mullvad-browser] Pushed new tag mullvad-browser-115.6.0esr-13.5-1-build1
richard pushed new tag mullvad-browser-115.6.0esr-13.5-1-build1 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullvad-browser-115.6.0esr-13.5-1-build1 You're receiving this email because of your account on gitlab.torproject.org. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [Git][tpo/applications/tor-browser-build][main] Bump wasm-bindgen version to 11f80c3b
richard pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 104533c0 by Cecylia Bocovich at 2023-12-19T09:52:20+00:00 Bump wasm-bindgen version to 11f80c3b - - - - - 1 changed file: - projects/wasm-bindgen/config Changes: = projects/wasm-bindgen/config = @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 version: 0.2.86 git_url: https://github.com/cohosh/wasm-bindgen -git_hash: ecc5ca153cda278bfcebc99c157fb4732eb75e6e +git_hash: 11f80c3bb0de061fd3969157fa2157a73c74b934 container: use_container: 1 @@ -16,4 +16,4 @@ steps: project: wasm-bindgen pkg_type: cargo_vendor norec: - sha256sum: 926e938cc4eebf2f5c99f34170fddc5aa7b12445fb379d768eb51aaae3b305a3 + sha256sum: e811e92e85b16520dbfe746efc21912308fb7be8815f348ae0b2daafa0cec90d View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/104533c0e9eb3d56ddd5d537c43a354e3cd59dfe -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/104533c0e9eb3d56ddd5d537c43a354e3cd59dfe You're receiving this email because of your account on gitlab.torproject.org. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [Git][tpo/applications/tor-browser-build][main] Bug 41050: Improve disk leak sanitization on startup.
ma1 pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 5a97ba07 by hackademix at 2023-12-19T10:22:07+01:00 Bug 41050: Improve disk leak sanitization on startup. - - - - - 1 changed file: - projects/browser/RelativeLink/start-browser Changes: = projects/browser/RelativeLink/start-browser = @@ -258,18 +258,32 @@ HOME="${PWD}" export HOME # Prevent disk leaks in $HOME/.local/share (tor-browser#17560) +function erase_leaky() { + local leaky="$1" + [ -e "$leaky" ] && + ( srm -r "$leaky" || + wipe -r "$leaky" || + find "$leaky" -type f -exec shred -u {} \; ; + rm -rf "$leaky" + ) > /dev/null 2>&1 +} local_dir="$HOME/.local/" share_dir="$local_dir/share" -if [ -d "$share_dir" ]; then -( srm -r "$share_dir" || - wipe -r "$share_dir" || - find "$share_dir" -type f -exec shred -u {} \; ; - rm -rf "$share_dir" -) > /dev/null 2>&1 -else -mkdir -p "$local_dir" +# We don't want to mess with symlinks, possibly pointing outside the +# Browser directory (tor-browser-build#41050). +# We're not using realpath/readlink for consistency with the (possibly +# outdated) availability assumptions made elsewhere in this script. +if ! [ -L "$local_dir" -o -L "$share_dir" ]; then + if [ -d "$share_dir" ]; then + for leaky_path in "gvfs-metadata" "recently-used.xbel"; do + erase_leaky "$share_dir/$leaky_path" + done + else + mkdir -p "$local_dir" + fi + ln -fs /dev/null "$share_dir" fi -ln -fs /dev/null "$share_dir" +[ -L "$HOME/.cache" ] || erase_leaky "$HOME/.cache/nvidia" [% IF c("var/tor-browser") -%] SYSARCHITECTURE=$(getconf LONG_BIT) View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/5a97ba07148a176580dd536a65dc7ebba6565775 -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/5a97ba07148a176580dd536a65dc7ebba6565775 You're receiving this email because of your account on gitlab.torproject.org. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits