14:58:26 <richard> #startmeeting Tor Browser Weekly Meeting 2023-06-12
14:58:26 <MeetBot> Meeting started Mon Jun 12 14:58:26 2023 UTC.  The chair is richard. Information about MeetBot at http://wiki.debian.org/MeetBot.
14:58:26 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
14:58:32 <richard> https://pad.riseup.net/p/tor-tbb-keep
14:58:51 <dan_b> o/
14:59:39 <richard> if you haven't lately, please have a look at your gitlab boards and give them a tidy up; unassign yourself from issues if you aren't actively working on them, etc
14:59:45 <donuts> o/
15:00:21 <PieroV> richard: re that, I have plenty in ~Doing but they're blocked on something else
15:00:36 <PieroV> E.g., me creating the MR or the MR pending review
15:00:43 <PieroV> Which label should we use for these cases?
15:01:49 <donuts> I normally use Needs Information but I'm interpreting its purpose pretty loosely
15:02:07 <donuts> it would be nice to have gitlab's proper ticket dependencies
15:02:43 <PieroV> I was thinking of Needs Review, but I still haven't understood if Richard likes it
15:03:18 <richard> that is a whole can of worms
15:03:50 <richard> if it is temporarily blocked feel free to put it back into ~Next I guess
15:04:19 <richard> long-term I'm trying to get away form the super granular issue labeling regarding its state
15:04:19 <PieroV> Okay, I'll see later
15:04:47 <richard> I'd really rather you all no having to spend a lot of time mangaing labels beyon what's actually informative
15:05:26 <richard> just for now, unassign if you're not actively working on it or if it's temporarily blocked
15:05:54 <richard> ok onto interesting things :)
15:06:15 <richard> last week we shipped MB+TB 12.07 and TB 12.5a7
15:06:46 <richard> planning on getting builds for MB 12.5a7 going today and publishing later this week
15:07:06 <richard> we got all of our ~12.5 issues handled last week \o/
15:07:24 <richard> so the only MRs for 12.5 coming in should be for v imporant bug fixes
15:07:45 <richard> (dan_b: and the missing asset swap for android onion services)
15:08:26 <richard> according to the calendar we should be planning to release Tor Browser 12.5 next Monday
15:08:50 <dan_b> sounds good
15:09:26 <richard> donuts: does this timeline work for you?
15:09:44 <richard> i know you've been working on the 12.5 blog post last week :)
15:10:00 <donuts> richard: yep, it'll be a squeeze but we'll be ready!
15:10:23 <ma1> isn't next Monday a US holyday?
15:10:33 <richard> well yes it is
15:10:48 <richard> according to the calendar we should be planning ot release Tor Browser 12.5 next *Tuesday
15:11:07 <richard> since Monday is a holiday :D
15:11:38 <boklm> (should we also move the meeting to tuesday next week?)
15:11:51 <richard> yes I'll send the mail out after this meeting :)
15:12:37 <donuts> aha well spotted ma1 :)
15:13:20 <richard> and finally, a friendly reminder that the 4-day work week survey submission deadlines is the 16th
15:14:12 <richard> that is all from me
15:14:23 <richard> happy to pass along if anyone else has discussion points or announcements :)
15:14:35 * PieroV has
15:14:39 <PieroV> (how strange lol)
15:14:51 <richard> :)
15:14:56 <PieroV> So, last Saturday Debian bookworm has become stable!!
15:15:09 <PieroV> Which means that suddenly we're building with oldstable!
15:15:38 <PieroV> I guess it's fine, and it'll be fine keeping bullseye for all the 12.5 series imho
15:15:48 <dan_b> thanks! forgot -_-;
15:15:53 <PieroV> Or do people think otherwise?
15:16:08 <richard> ffs, now I have to go update ricochet-build again >:[
15:16:36 * dan_b has been an increasing command of leaving build machines on things with older glibc cus it has breaking changes and building on newer things kills backwards compat
15:16:50 <dan_b> s/command/fan/
15:16:58 <dan_b> i do not know what my fingers were doing there
15:17:03 <PieroV> dan_b: we use Debian Jessie for Linux builds
15:17:07 <richard> dan_b: yeah I ran into that issue w/ gcc earlier this week too
15:17:32 <PieroV> (will have to switch to the one after Jessie though, for 13.0, but boklm already started working on that a few months ago)
15:17:51 <PieroV> Debian Stable is used for all the other platforms
15:18:29 <boklm> I think we can do the switch to the new debian stable in alpha, and maybe backport that to 12.5 series later
15:18:49 <PieroV> IIRC, it's a problem for Java
15:19:10 <donuts> (btw I added an announcement, I think it got missed – no rush though)
15:19:15 <PieroV> Bookworm doesn't have Java 11 anymore
15:19:16 <boklm> but I think it's not urgent to do it before 12.5.0
15:20:18 <boklm> PieroV: for android, we are still using openjdk-8 packages from an older release
15:20:37 <PieroV> boklm: we're installing them, but actually using Java 11
15:20:43 <richard> why are we using such old java versions?
15:20:46 <boklm> ah ok
15:20:57 <PieroV> (I've removed these lines from my 115 MR, btw)
15:20:58 <boklm> maybe we should remove that
15:21:02 <boklm> ok
15:21:14 <richard> like a technical reason or we haven't gotten around/haven't needed to update?
15:21:32 <PieroV> richard: I think compatibility with upstream
15:21:34 <PieroV> Or something similar
15:21:46 <PieroV> For example Android Studio ships a JRE, and IIRC it was Java 11
15:22:02 <richard> oh ok
15:22:38 <richard> so presumably that's the standard/expected java to use when building android apps then?
15:22:51 <PieroV> My installation is still on Java 11, but I haven't updated it for a while
15:23:42 <dan_b> yeah i think java 11 is standardish for reasons beyond me
15:25:12 <PieroV> Anyway, I think we can proceed with Donuts's announcement
15:25:18 <richard> wfm :)
15:26:00 <donuts> so we published a blog post about the S30/60 work last week
15:26:14 <dan_b> ooh
15:26:19 * dan_b goes and looks it up
15:26:20 <donuts> it's mostly focussed on the travel, training and testing rather than the product work (which will be covered in more detail in the 12.5 release post instead)
15:26:38 <donuts> but i thought you might be interested in the work that went into the project that you *didn't* see :)
15:26:45 <donuts> https://blog.torproject.org/empowering-human-rights-defenders/
15:27:06 <ma1> cats! :)
15:27:38 <donuts> it's a little known fact that our digital security training team is lead by cats
15:27:47 <donuts> they are excellent teachers :D
15:28:05 <Jeremy_Rand_36C3[m]> Zero Wing reference? :)
15:28:36 <donuts> no lol
15:29:35 <ma1> donuts, the personas links seem broken: https://community.torproject.org/user-research/persona/
15:29:49 <donuts> oh darn, thanks ma1
15:30:00 <donuts> here's the correct link: https://community.torproject.org/user-research/personas/
15:30:02 <donuts> will fix the blog post
15:30:20 <richard> very cool post donuts :)
15:30:22 <ma1> great material, BTW :)
15:31:19 <donuts> ty! the community team, nah and our partners did all the hard work here :)
15:32:04 <donuts> i mean besides all the UX work we did
15:32:11 <donuts> but i guess we didn't need to leave our houses :D
15:32:13 <ma1> :D
15:32:50 <richard> ok, anything else?
15:33:02 <boklm> PieroV: are you sure bookworm doesn't have openjdk-11? (I see sid still has it, on packages.debian.org, but bookworm is not added yet there)
15:33:45 <Jeremy_Rand_36C3[m]> boklm: is it feasible to have automated Nightly builds of openssl for linux-arm, so that we don't wind up breaking it without noticing? Not sure if the Nightly build scripts will have trouble building a project other than "release"....
15:33:53 <henry-x> at the costa rica meeting we were potentially going to remove the merge bot and instead have people select reviewers based on the area
15:34:13 <henry-x> can we do that?
15:34:18 <richard> yes, yes we can
15:34:27 <PieroV> boklm: pretty sure. bookworm has been there for a lot, since it was testing (the site still refers to it as testing, but it's right in its contents)
15:34:49 <boklm> Jeremy_Rand_36C3[m]: I think it should be possible, I opened tor-browser-bundle-testsuite#40074
15:35:00 <richard> henry-x: updated my todo for the week o/
15:35:27 <Jeremy_Rand_36C3[m]> boklm: OK great, thanks.
15:35:40 <Jeremy_Rand_36C3[m]> Meanwhile I'll try to get the next project added for linux-arm (probably that'll be tor)
15:36:05 <PieroV> Jeremy_Rand_36C3[m]: please notice I've tried to update to OpenSSL 3
15:36:05 <henry-x> cool. I think we all wrote a summary of our areas in the pad meeting notes
15:36:27 <richard> one moment let me see if i can dig tha tup
15:36:39 <PieroV> Please make sure to test it sooner or later (I should open the MR soon, but it has all the 115 stuff in it)
15:37:06 <Jeremy_Rand_36C3[m]> PieroV: OK. I'd be kind of surprised if anything ARM-specific breaks with the OpenSSL 3 bump, but yeah, worth testing.
15:37:16 <henry-x> I have the link, I can't remember if they are public or not to post it here
15:37:34 <Jeremy_Rand_36C3[m]> PieroV: is there a GitLab issue for that that I missed? I'm a bit behind on GitLab notifications...
15:37:50 <PieroV> Jeremy_Rand_36C3[m]: yes, but I haven't tested ARM
15:37:57 <richard> I don't recall
15:37:59 <richard> i'll post in tor-internal
15:38:08 <PieroV> tor-browser-build#40854
15:38:23 <richard> but it looks like we can update the process an dump the bo
15:38:40 <PieroV> I think that pad is public
15:39:09 <richard> PieroV, boklm: speaking of openssl 3.0, I've a wip patch for getting libhfs-dmg working with openssl 3
15:39:22 <Jeremy_Rand_36C3[m]> PieroV: OK. I may or may not be able to test that quickly, but if you want to try building the openssl project for linux-arm on your end, and send me the binaries, I can see if they work OK. Or else I can try building myself as soon as I have time.
15:39:31 <PieroV> richard: the thing is that libhfs-dmg doesn't even need OpenSSL
15:39:42 <richard> though I'm not sure why it's using 1.0.2
15:39:45 <PieroV> But its authors didn't add a flag to ignore OpenSSL in Cmake >:[
15:39:55 <richard> oh fun
15:40:04 <PieroV> That's a reason for keep using a custom container for it
15:40:32 <PieroV> (I didn't think a fight with Cmake was worth it - even though it shouldn't even that difficult to implement)
15:41:24 <richard> maybe i'll look into that later
15:41:47 <richard> anyway, does anyone else have topics to discuss?
15:41:54 <richard> otherwise let us end this browser meeting
15:42:04 <PieroV> We've solved all the discussion for the 115 MR
15:42:17 <PieroV> So, if I get a final approval we should all be able to work on 115 soon!
15:42:18 <Jeremy_Rand_36C3[m]> Nothing else from me
15:43:26 <richard> good job PieroV
15:43:39 <richard> let's hope things continue smooth sailing through the summer :)
15:43:50 <richard> ok, have a good week everyone o/
15:43:53 <richard> #endmeeting