18:30:57 <pili> #startmeeting Tor Browser Team Meeting, 27 January 2020
18:30:57 <MeetBot> Meeting started Mon Jan 27 18:30:57 2020 UTC.  The chair is pili. Information about MeetBot at http://wiki.debian.org/MeetBot.
18:30:57 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
18:31:07 <Jeremy_Rand_Talos> hello!
18:31:11 <pili> brade/mcs do you want to run this one or shall I do the honours? :)
18:31:24 <pili> (sysrqb is away at the All Hands today)
18:31:53 <pili> anyway, hi everyone :)
18:31:59 <pili> please add your updates to the pad
18:32:00 <sisbell> hi
18:32:30 <acat> hi
18:32:31 <boklm> hi
18:33:21 <mcs> pili: sorry; slightly late getting to this meeting, Please, you do the honors :)
18:33:36 <pili> mcs: ok, nw :)
18:35:41 <pili> I'll give a few more minutes for updates
18:36:09 <pili> I guess we're missing pospeselr also today
18:36:38 <pili> and antonela
18:36:40 <brade> all hands
18:36:48 <pili> yup :)
18:37:00 <pili> trying to figure out how many more updates to wait for...
18:38:11 <pili> ok, I think everyone's pretty much done, so let's start with the discussion
18:38:31 <pili> the first item is mine
18:39:04 <pili> apparently we have some issue (#32650) whereby certain characters can break the Tor Browser bundles? iiuc?
18:39:39 <pili> it's assigned to emmapeel right now but it's beyond her skills
18:39:52 <pili> and this is something that could really come back to bite us in future
18:40:32 <pili> would someone be able to put this on their plate to work with emmapeel and come up with some script to sanitize translations?
18:40:35 <boklm> I can have a look at this to see if I can help
18:40:51 <pili> thanks boklm
18:40:58 <mcs> boklm: I was thinking of you but did not want to add to your plate :)  Thanks
18:41:12 <pili> I guess that's it from me :)
18:41:18 <boklm> :)
18:41:23 <pili> mcs: I believe you're nex
18:41:26 <mcs> It isn’t clear exactly what the script should look for, but doing something would be better than nothing
18:41:28 <pili> +t
18:41:58 <pili> I think Tails might have something already
18:42:09 <pili> and maybe we can use that or we need to do something similar
18:42:28 <mcs> sounds good to me
18:42:47 <mcs> So, my discussion item: I don’t remember how reviewers are supposed to get assigned.
18:42:56 <mcs> Does anyone remember if that is a sysrqb/pili/boklm triage task, or if developers should pick someone when they post a patch.
18:42:59 <mcs> ?
18:43:32 <pili> mcs: I believe it is part of the triage workflow
18:43:56 <boklm> I don't see anything regarding that on https://trac.torproject.org/projects/tor/wiki/doc/TorBrowser/Triaging
18:44:11 <pili> strange, I thought it was part of it
18:44:55 <pili> it does make sense that whoever is checking the incoming ticket changes (e.g me :P and other people checking those ) checks for tickets moving to needs_review status
18:45:28 <pili> shall we do a quick sweep of tickets in needs_review without a reviewer now?
18:45:35 <pili> and try to crowdsource the assignment?
18:45:54 <mcs> sounds like a good idea if we don’t have other things to discuss
18:46:33 <boklm> an other option would be to ask the person setting a ticket in needs_review to select a reviewer
18:46:58 <brade> sisbell has an issue to discuss
18:47:31 <pili> let's discuss the process and then let sisbell go next before doing reviewer assignments then
18:47:33 <sisbell> I just need someone to look at the issue. I'm getting undefined symbol when running tor browser
18:47:49 <pili> boklm: I think we should probably try to do a combination of the 2
18:48:17 <boklm> yes
18:48:19 <pili> people should feel free to set a reviewer when setting their tickets to needs_review
18:48:28 <pili> and those of us doing triage should watch out for missing reviewers to make sure there are none that fall through the cracks
18:49:18 <pili> any other ideas/comments?
18:50:29 <mcs> and if I remember correctly, our policy is one review needed for JavaScript/bash/etc. but 2 reviews are needed for C/C++ code (and anything that is sufficiently complex).
18:50:30 <mcs> I am not sure about Java.
18:51:02 <acat> hmm, i did not know about this policy
18:51:11 <pili> seems reasonable enough
18:51:14 <mcs> maybe it is not policy then :)
18:51:34 <pili> I didn't know about it either but I have noticed some tickets do have multiple reviewers
18:51:39 * boklm remembers the same policy
18:51:40 <mcs> or maybe we should document it after talking about it when more of the team is present
18:52:35 <boklm> documenting that sounds like a good idea (after discussing it with more of the team)
18:52:49 <mcs> hopefully sysrqb will read this backlog and will add this issue to his team process improvement work (hint hint)
18:53:09 <pili> +1
18:53:48 <acat> +1
18:54:36 <brade> sisbell: is there someone on the tor team that could help?
18:56:32 <mcs> Looking at the last comment in #28704, I am wondering why the libssl.so symbols have @@ in them. Is that expected?
18:57:02 <mcs> e.g., SSL_CTX_set_security_level@OPENSSL_1_1_0 in libTor.so vs. SSL_CTX_set_security_level@@OPENSSL_1_1_0 in libssl.so
18:57:25 <sisbell> I'm not sure if that is expected
18:59:10 <sisbell> It could be related to removing the version:    make SHLIB_VERSION_NUMBER= SHLIB_EXT=.so
19:01:37 <pili> anyone else have any ideas?
19:02:48 <sisbell> I don't expect to have resolution in this meeting but any ideas a welcome. Just comment on the issue
19:02:52 <pili> or can anyone help sisbell take a look?
19:03:02 <pili> otherwise this may have to wait until there are more people around
19:03:11 <pili> sisbell: right :)
19:03:33 <pili> ok, let's move on to reviewer assignment: https://trac.torproject.org/projects/tor/query?status=needs_review&keywords=~TorBrowserTeam202001R&reviewer=&col=id&col=summary&col=status&col=type&col=priority&col=milestone&col=component&col=reviewer&order=priority
19:03:38 <pili> I think that's a good query
19:03:53 <mcs> it might be worthwhile to ask on #tor-dev as well since some other people with Android + tor expertise are probably watching there
19:04:00 <mcs> sisbell: ^
19:04:11 <sisbell> sure good idea thanks
19:04:19 <pili> let's start from the top with #19757
19:04:36 <pili> I imagine that could be a good one for pospeselr and acat to review?
19:04:37 <boklm> sisbell: is the tor build we currently use also dinamically linked to openssl?
19:04:42 <pili> sorry, I'll wait
19:05:10 <sisbell> boklm: no its all statically linked
19:05:20 <boklm> ok
19:05:43 <acat> pili: i'm happy to review #19757, although pospeselr already started that review, i think
19:06:02 <mcs> pili: yes to your question. In fact, pospeselr reviewed the changes but it would be great if acat could give a second opinion (no C++ code but somewhat complex changes).
19:06:18 <acat> perfect, will do then :)
19:06:19 <pili> ok
19:06:20 <pili> so I'll add both as reviewers
19:06:27 <mcs> thx
19:06:28 <pili> what about #27268 ?
19:07:14 <acat> i can also review that if needed
19:07:50 <mcs> brade and I can take #31395
19:07:50 <pili> ok, thanks acat
19:08:22 <pili> mcs: ok, thanks :)
19:08:57 <pili> #31988
19:09:03 <pili> who should review that one boklm ?
19:09:14 <pili> is that one for GeKo ? or can someone else do that?
19:09:28 <mcs> I can take a look
19:09:56 <boklm> thanks
19:10:19 <pili> ok
19:10:22 <pili> #32414
19:11:29 <mcs> maybe pospeselr (to spread the load)?
19:11:41 <pili> I was thinking that also
19:11:53 <mcs> I think there are some Android changes in that ticket but maybe just JS?
19:12:20 <pili> ok, we'll see :) people can always contest review assignments ;)
19:12:21 <pili> 32434
19:12:22 <pili> #32434
19:12:44 <boklm> I can take #32434
19:12:53 <pili> cool
19:13:20 <pili> #32436
19:13:32 <pili> boklm: is that one for you also?
19:13:35 <boklm> yes
19:13:38 <boklm> and #32436 too
19:13:46 <boklm> and #32437 too
19:13:52 <pili> yup
19:14:20 <pili> #32470
19:14:53 <mcs> I can take #32470
19:15:04 <pili> ok
19:15:34 <pili> #32700
19:15:42 <boklm> I can take #32700
19:16:19 <pili> I see you've taken a few others further down the list also, thanks boklm :)
19:16:20 <pili> #32767
19:16:34 <boklm> I can take #32767 too
19:16:46 <pili> #32768
19:17:21 <pili> boklm can't take this one ;P
19:17:32 <mcs> maybe pospeselr (since he is one of our release builders)?
19:17:37 <pili> ok
19:18:20 <pili> #32948 is the last one
19:19:05 <pili> acat?
19:19:14 <pili> or pospeselr?
19:19:28 <pili> or someone else? :D
19:19:43 <mcs> I know pospeselr has looked at referrer issues in the past. Maybe acat has too though :)
19:20:32 <mcs> who has fewer tickets on their review plate?
19:20:35 <brade> does the pref really have a typo in it?  referer -> referrer
19:20:49 <brade> sigh (it does)
19:21:02 <pili> mcs: let me check
19:21:14 <mcs> I think it matches the spelling used in the HTTP header
19:21:28 <brade> mcs: yep
19:21:30 <mcs> https://en.wikipedia.org/wiki/HTTP_referer
19:21:41 <boklm> "The original header name Referer is a misspelling of the word "referrer". The Referrer-Policy header does not share this misspelling"
19:21:46 <boklm> on https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
19:22:20 <pili> I think acat has less, acat are you ok reviewing #32948 ?
19:22:50 <acat> sure!
19:23:40 <pili> thank you :)
19:23:44 <pili> ok, I think we're done
19:23:53 <brade> pili: thanks!
19:23:54 <pili> does anyone have any last minute discussion topics? :)
19:25:13 <mcs> Is this an appropriate time to talk about the people who are not here today?
19:25:16 <mcs> just kidding
19:25:53 <pili> :)
19:26:20 <pili> ok, let's leave things there then ;)
19:26:21 <pili> thanks everyone!
19:26:22 <pili> #endmeeting