zerotracepen (5.2)

  • Upgrade Thunderbird to 91.11.0

    • Upgrade Tor Browser to 11.5 (zerotracepen/zerotracepen!889)

    Closes issues:

    • Upgrade to Tor Browser based on Firefox 91.11 (zerotracepen/zerotracepen#19029)

    Commits:

    • more bumping tor browser
    • bump torbrowser images
    • autobump
    • manual bump TorBrowserOverviewIcon.png
    • some more image bumping
    • l10n screenshot updated
    • bump duckduckgo prompt image
    • adapt tor browser screenshot
    • Fetch Tor Browser from our own archive
    • Upgrade Tor Browser to 11.5
    • Revert "NIGHTLY ONLY! REMOVE ME!"
    • clean nightly dirt
    • install langpacks for nightlies, too (if possible)
    • NIGHTLY ONLY! REMOVE ME!
    • Revert "disable OnionAliases for Unsafe Browser"
    • use new TBB setting to disable onionrewrites altogether
    • take tbb 11.5 from nightlies
    • disable OnionAliases for Unsafe Browser
    • Upgrade Tor Browser to 11.5a13-build2
    • Adapt release process to new Tor blog platform (zerotracepen/zerotracepen!887)

    Closes issues:

    • Change release process dezerotracepen for blog.torproject.org (zerotracepen/zerotracepen#18963)

    Commits:

    • Be explicit
    • Release process: suggest publishing a Tor blog even for bugfix releases
    • Release process: improve Tor blog post instructions
    • generate-Tor-blog-post: use actual template and also generate the Lektor header
    • generate-Tor-blog-post: refactor (extract code to function)
    • generate-Tor-blog-post: remove inline images too
    • Release process: adapt the Tor blog post process to Lektor
    • generate-Tor-blog-post: fix ikiwiki command
    • GitLab CI: clean up and refactor https-get-expired jobs (zerotracepen/zerotracepen!884)

    Commits:

    • GitLab CI: force running jobs when updating .gitlab-ci.yml
    • GitLab CI: factorize
    • GitLab CI: install golang in the same way we do during a Zero Trace Pen build
    • GitLab CI: remove duplicate call to "apt-get update"
    • GitLab CI: drop obsolete pinning to Buster
    • Git: ignore the early_patch= (aka. --early-patch) hook (zerotracepen/zerotracepen!882)

    Commits:

    • Git: ignore the early_patch= (aka. --early-patch) hook
    • Resolve "IUK test suite: features/frontend is broken (zerotracepen-transform-mirror-
      url fails)" (zerotracepen/zerotracepen!880)

    Closes issues:

    • IUK test suite: features/frontend is broken (zerotracepen-transform-mirror-url fails)
      (zerotracepen/zerotracepen#18661)

    Commits:

    • IUk test suite: Set Torsocks to allow outbound connections to the loopback
      interface
    • IUK test suite: Add test file
    • IUK test suite: disable certificate verification
    • Test suite: fix copying a new directory with late patch (zerotracepen/zerotracepen!877)

    Commits:

    • Test suite: fix copying a new directory with late patch
    • Resolve "Test "The included APT repository keys are up-to-date" does not check
      subkeys" (zerotracepen/zerotracepen!876)

    Closes issues:

    • Test "The included APT repository keys are up-to-date" does not check subkeys
      (zerotracepen/zerotracepen#19047)

    Commits:

    • check we have at least one relevant subkey
    • gpg checks deeper: both master keys and subkeys
    • consistent naming
    • Revert "Revert "check APT subkeys, too""
    • Test suite: misc bugfixes (zerotracepen/zerotracepen!872)

    Commits:

    • Test suite: also set the guest's time when connected to the LAN but not to Tor
    • Test suite: move sleep where it was supposed to be
    • workaround persistent Tor bridges bug (zerotracepen/zerotracepen!870)

    Closes issues:

    • Tor Bridges persistence sometimes fails to save bridges during initial setup on
      Bullseye, at least in our test suite (zerotracepen/zerotracepen#18926)

    Commits:

    • workaround for bug only present in test suite
    • check APT subkeys, too (zerotracepen/zerotracepen!869)

    Closes issues:

    • Test "The included APT repository keys are up-to-date" does not check subkeys
      (zerotracepen/zerotracepen#19047)

    Commits:

    • check APT subkeys, too
    • Set Samba workgroup used by GTK applications to "localhost" (zerotracepen/zerotracepen!865)

    Closes issues:

    • Several applications ask Tor to resolve the "workgroup" hostname
      (zerotracepen/zerotracepen#19030)

    Commits:

    • Set Samba workgroup used by GTK applications to "localhost"

    -- Zero Trace Pen developers zerotracepen@boum.org Mon, 11 Jul 2022 08:13:08 +0000

zerotracepen (5.1.1) unstable; urgency=medium

  • Upgrade Linux to 5.10.120-1 and tor to 0.4.7.8 (zerotracepen/zerotracepen!863)

    Closes issues:

    • Upgrade to tor 0.4.7.8 (zerotracepen/zerotracepen#19035)
    • Upgrade Linux to 5.10.120-1 (zerotracepen/zerotracepen#19036)

    Commits:

    • Upgrade Linux kernel packages to 5.10.0-15 (currently at version 5.10.120-1)
    • Upgrade to tor 0.4.7.8
  • Upgrade to Thunderbird 91.10.0

  • Fix htpdate pool: https://www.mozilla.org returns incorrects Date header
    (zerotracepen/zerotracepen!864)

    Closes issues:

    Commits:

  • Test suite: update the set of @fragile tags (zerotracepen/zerotracepen!862)

    Closes issues:

    • "Persistent browser bookmarks" is fragile (zerotracepen/zerotracepen#11585)
    • "The persistent Tor Browser directory is usable" test suite scenario is fragile
      (zerotracepen/zerotracepen#15336)
    • The "is properly stream isolated" test suite mechanism is fragile
      (zerotracepen/zerotracepen#17013)
    • Step "a screenshot is saved to the live user's Pictures directory" is fragile
      (zerotracepen/zerotracepen#13458)
    • "I can view and print a PDF file" scenarios are fragile (zerotracepen/zerotracepen#10994)
    • Memory erasure on boot medium removal is fragile (zerotracepen/zerotracepen#13462)
    • Test suite: update the set of @fragile tags (zerotracepen/zerotracepen#19007)

    Commits:

    • add @fragile tags when it's useful
    • Remove many @feature tags
  • follow up again on tca audit: clarify comments (zerotracepen/zerotracepen!860)

    Closes issues:

    • Audit tca-portal (zerotracepen/zerotracepen#18374)

    Commits:

    • acknowledge jvoisin's comments
  • Test suite: exercise the screen keyboard with a key that won't auto-complete
    (zerotracepen/zerotracepen!857)

    Closes issues:

    • "the screen keyboard works in Tor Browser" fails in Arabic (zerotracepen/zerotracepen#19013)

    Commits:

    • Test suite: exercise the screen keyboard with a key that won't auto-complete
  • GitLab CI: improve jobs rules (zerotracepen/zerotracepen!856)

    Commits:

    • GitLab CI: don't run code tests on the master branch
    • GitLab CI: also run https-get-expired* jobs when we modify our htpdate
      configuration
    • GitLab CI: only run https-get-expired when relevant
  • Inline strtobool function (zerotracepen/zerotracepen!855)

    Commits:

    • Inline strtobool function
  • Test suite: improve robustness (zerotracepen/zerotracepen!851)

    Closes issues:

    • Developers need to apply workaround in order to build Zero Trace Pen during the release
      process (zerotracepen/zerotracepen#18998)
    • Test scenario "htpdate is using the Zero Trace Pen-specific SocksPort" is broken
      (zerotracepen/zerotracepen#19003)

    Commits:

    • Test suite: avoid missed clicks retry when opening the calendar & notifications
      menu
    • Test suite: give the Upgrader time to fill the zenity dialog
    • Test suite: give the Greeter some time to re-enable the login button
    • Fix building from dev branches during the release process
    • Test suite: don't reset virtual X display between clients
    • Test suite: hopefully increase chances we catch the process we want
    • Lint
    • Test suite: ensure we write every line extracted from "ss -taupen" as soon as
      we have it
    • Test suite: migrate from service(8) to directly using systemctl
    • Test suite: adapt to new HTTPS client used by htpdate
    • Test suite: make setting up a Pidgin account more robust
    • Test suite: make interaction with GNOME Disks title bar buttons more robust
    • Test suite: make copying'n'pasting into a Terminal more robust
  • Have a better footer (zerotracepen/zerotracepen!756)

    Commits:

    • Translate a couple strings to check sidebar2 vs. PO plugin
    • Update PO files
    • Update PO files
    • Link to accessibility from footer
    • Rescue translations
    • Update PO files
    • Fix very old bug
    • Use sidebar2 to replace translation hacks in templates
    • Integrate sidebar2 in the local build
    • Add missing ARIA label
    • Make the label bold
    • Improve the appeal to the newsletter (#16888)
    • Translate footer into Spanish
    • Update PO files
    • Move jobs from top navigation to footer
    • Use more consistent margin system
    • Have a better footer (#17699)
    • Create dedicated page for testimonials
    • Don't use all capitals (#16137)
  • early-patch: live-patch at initramfs's time (zerotracepen/zerotracepen!696)

    Commits:

    • Fix formatting
    • Fix documentation wrt. the name of the option actually passed
    • Document --late-patch
    • more documentation
    • works even if hook fails
    • early_patch from test suite umounts immediately
    • pass 9p fs to Zero Trace PenToaster: --early-patch works
    • live-patch → late-patch
    • early-live-patch → early-patch
    • Test suite: make EARLY_LIVE_PATCH a boolean
    • Disable obsolete shellcheck override
    • Don't enable live_patch by default
    • Make headings levels consistent with the rest of our website
    • Add a TOC
    • Apply 4 suggestion(s) to 1 file(s)
    • run_test_suite --early-live-patch
    • developer documentation for live_patch
    • live_patch: early-patching system