18:58:15 <sysrqb> #startmeeting Tor Browser meeting 7 December 2020
18:58:15 <MeetBot> Meeting started Mon Dec  7 18:58:15 2020 UTC.  The chair is sysrqb. Information about MeetBot at http://wiki.debian.org/MeetBot.
18:58:15 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
18:58:19 <sysrqb> Hello!
18:58:30 <sysrqb> Pad, as usual: https://pad.riseup.net/p/tor-tbb-2020-keep
19:00:07 <acat> o/
19:00:40 <dunqan> o/
19:02:41 <gaba> hi!
19:02:54 <Jeremy_Rand_Talos> hello!
19:03:07 * gaba removing the old discussion items from the pad
19:03:54 <tpdcl> hi!
19:04:51 <sysrqb> Weekly reminder to update your boards (as needed): https://gitlab.torproject.org/groups/tpo/applications/-/boards
19:04:59 <sysrqb> tpdcl: hello!
19:05:52 <GeKo> okay
19:05:59 <GeKo> sorry for ebing late
19:06:53 <sysrqb> o/
19:07:42 <sysrqb> GeKo: i've mostly ignored your work on the root-less builds
19:07:59 <sysrqb> can you summarize how well that is going?
19:08:00 <tpdcl> is there anyway of logging this meeting so I can view the messages later?
19:08:10 <tpdcl> sorry for interrupting
19:08:11 <sysrqb> tpdcl: they are already logged
19:08:25 <GeKo> sysrqb: it's boklm who has mainly worked on them
19:08:25 <tpdcl> where can I view the logs?
19:08:26 <sysrqb> you'll see it at https://gitlab.torproject.org/groups/tpo/applications/-/boards
19:08:32 <tpdcl> thanks!
19:08:33 <sysrqb> err
19:08:34 <GeKo> they are working as far as i see
19:08:36 <sysrqb> http://meetbot.debian.net/tor-meeting/2020/tor-meeting.2020-12-07-16.59.txt
19:08:39 <GeKo> and my testing showede
19:08:41 <GeKo> *showd
19:08:43 <GeKo> *showed
19:09:04 <GeKo> i am waiting for a final round of review to test the patches on our tpo build machines
19:09:13 <GeKo> i heard hiro might work on that this week
19:09:31 <GeKo> i expect no issues but we should make sure things are working on thiose machines
19:09:37 <GeKo> *before* the patches land
19:09:47 <GeKo> so we are good i actually think
19:09:53 <sysrqb> nice
19:12:51 <sysrqb> acat: GeKo: i never pinged you about holiday planning
19:13:01 <sysrqb> are you available after this meeting or should i ping youtomorrow morning?
19:13:16 <acat> i'm available
19:13:29 <sysrqb> acat: thanks for your mail
19:13:35 <GeKo> we can do it today
19:13:41 <sysrqb> okay
19:14:00 <sysrqb> i dont haveany significant discussion items now
19:14:29 <sysrqb> 10.5a5 is uploaded on Google Play and approved, and it is synced on the web servers
19:14:50 <sysrqb> so i'm just writing the blog post and updating the download page
19:15:06 <sysrqb> GeKo: i'm not sure if you wanted to do the publishing
19:15:11 <sysrqb> i forgot about the new arrangement
19:15:19 <GeKo> :)
19:15:21 <sysrqb> so sorry for taking over
19:15:30 <GeKo> it's cool
19:15:57 <GeKo> i can do the next alpha
19:16:11 <GeKo> (and review your related MRs while doing so)
19:16:22 <sysrqb> GeKo: i also built -build2 and it matched (again), so we are good there
19:16:28 <sysrqb> yep, sounds good
19:16:59 <sysrqb> not including the changelog in the android builds has some benefits :)
19:17:08 <GeKo> yeah ;)
19:17:35 <GeKo> re the publishing/signing arragement: we can discuss that once the process updates landed
19:17:48 <sysrqb> wfm
19:18:08 <GeKo> because getting that updated was one of the goals for taking some publishing work over
19:18:44 <sysrqb> yeah
19:19:38 <sysrqb> we have 10.0.6 for all platforms, and 10.5a6 for desktop scheduled for next tuesday
19:19:55 <sysrqb> meanwhile we have tpo/anti-censorship/pluggable-transports/meek#40001, as well
19:20:30 <sysrqb> losing meek for an entire week is not a good situation
19:20:55 <sysrqb> so we'll probably discuss building an emergency release when the obfs4proxy update becomes available
19:21:12 <sysrqb> (stable only)
19:21:24 <GeKo> can't we just grep the patch and get the building going?
19:21:50 <sysrqb> we could
19:21:52 <GeKo> if we want to get a emergency release out let's do it fast
19:21:57 <GeKo> *an
19:22:48 <sysrqb> i think the total build-time should be fast because we don't need to rebuild firefox/geckoview
19:22:56 <sysrqb> so we could release it tomorrow night, in theory
19:23:00 <GeKo> yes
19:23:39 <sysrqb> phw: are you comfortable with your patch that we shouls just pick it and strat our build?
19:23:42 <sysrqb> *start
19:24:12 <sysrqb> (re cert pinning)
19:24:42 <GeKo> sysrqb: you said 10.5a6 next week for desktop. why not mobile?
19:25:14 <phw> sysrqb: i'm 90% comfortable. i don't think i have write access to the repo that your builds are pulling from though
19:25:16 <sysrqb> GeKo: what would mobile be based on? 84.0?
19:25:35 <GeKo> yes
19:25:43 <sysrqb> phw: that's okay, we could use a patch file in the short-term
19:26:01 <phw> sysrqb: okay, the patch file is here: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/meek/-/issues/40001#note_2718149
19:26:24 <sysrqb> GeKo: i wasn't planning on it, but that doesn't hurt
19:26:54 <GeKo> it feels weird that alpha users don't get all the updates
19:27:01 <sysrqb> phw: yep
19:27:11 <GeKo> or not the latest stuff at least
19:27:52 <GeKo> there might even be last minute sec bugs landing
19:28:10 <GeKo> or stability fixes for geckoview
19:28:53 <GeKo> i mean we could decide that on code review between 84.0b7 and 84.0
19:29:14 <GeKo> but...
19:29:15 <sysrqb> GeKo: true, and if there are sec bugs then we should definitely include it
19:29:38 <sysrqb> i felt that updating twice every month semed unnecessary unless there was a security driver
19:29:54 <sysrqb> but the overhead is not very large
19:30:04 <GeKo> i think that's true for stable
19:30:14 <GeKo> i am not sure whether that's true for alpha
19:30:32 <GeKo> in particular as we should try to get as much alpha testing as we reasonably can
19:30:52 <GeKo> as our stabilization time for stable is pretty...low
19:31:16 <sysrqb> but 84.0 will be available for alpha after 84.0 for stable
19:31:27 <sysrqb> so i didn't feel like that provided much insight
19:31:39 <GeKo> yes but it contains a bunch of additional code not being in stable
19:31:59 <GeKo> so it might not help for the current stable
19:32:04 <sysrqb> i see, and there could be unexpected interactoin between the new code
19:32:11 <GeKo> yes
19:32:11 <sysrqb> okay,  that's a good point
19:32:24 <GeKo> and we would catch that earlier that way
19:32:51 <sysrqb> 1 month :) but yes, that's fair
19:33:11 <sysrqb> okay, then i'll plan on including android in 10.5a6
19:33:42 <GeKo> i am fine if we feel the overhead is not worth it
19:34:03 <GeKo> so, i am not pushing too hard here :)
19:34:21 <GeKo> (and less releases means less release work)
19:35:09 <sysrqb> it increases the overall build-time by 5 or 6 hours, but that is not generally a big problem
19:35:17 <sysrqb> unless we are days behind schedule
19:35:27 <GeKo> yeah
19:35:53 <sysrqb> the additional signing is not a problem for me
19:36:00 <sysrqb> only adding some minutes
19:36:07 <GeKo> so, the overhead seemed small to me compared to the small benefit we might get
19:36:44 <sysrqb> yeah
19:36:49 <GeKo> and we would not need to do all the extra work to *not* build mobile
19:37:07 <GeKo> (like extra code review, exclusion and explanation in blog post etc.)
19:37:15 <sysrqb> i just considered it "unnecessary", but is is helpful
19:37:18 <sysrqb> true
19:38:17 <sysrqb> okaythen this is the new plan
19:39:31 <sysrqb> and i'll tag 10.0.6 today with the obfs4proxy patch, and then 10.0.7/10.5a6 are next week's versions
19:40:54 <sysrqb> acat: GeKo: gaba: Jeremy_Rand_Talos: anything ele you want to discuss today?
19:41:00 <gaba> not from me
19:41:04 <acat> i'm good
19:41:21 <gaba> We will have to check on s58 work in the next last meetings.
19:41:42 <Jeremy_Rand_Talos> sysrqb, I don't have much to discuss, unless anyone is curious about the TLS onion thingy I came up with
19:41:59 <sysrqb> gaba: mmm
19:42:05 <sysrqb> yes, let's discuss that next week
19:42:19 <gaba> yes
19:42:28 <sysrqb> Jeremy_Rand_Talos: yes, I am, but maybe next week
19:42:31 <GeKo> sysrqb: we should not forget tickets with the Bacport label
19:42:37 <GeKo> *Backport
19:42:42 <Jeremy_Rand_Talos> ok, next week is fine
19:42:49 <GeKo> there are a bunch that pile more and more up
19:43:15 <GeKo> that's for 10.0.7
19:43:26 <GeKo> but we don't need to go through them now
19:44:00 <sysrqb> good point, yes
19:45:12 <sysrqb> okay, if there aren't any other topics then I'll close this meeting
19:45:14 <sysrqb> thanks everyone
19:45:19 <sysrqb> and have a good week
19:45:21 <sysrqb> o/
19:45:24 <sysrqb> #endmeeting