mleo
Gold Member | Редактировать | Профиль | Сообщение | Цитировать | Сообщить модератору
* Upgrade to Thunderbird 91.9.0
* Upgrade to Tor Browser 11.0.14 based on Firefox 91.10 (tails/tails!852)
Closes issues:
- Upgrade to Tor Browser 11.0.14 based on Firefox 91.10 (tails/tails#18979)
Commits:
- htpdate: replace tachanka.org with www.autistici.org
- Mark security advisory against 5.0 as fixed
- Fetch Tor Browser from our own archive
- Upgrade Tor Browser to 11.0.14-build1
* Resolve "displayed_time_str fails in test suite" (tails/tails!839)
Closes issues:
- displayed_time_str fails in test suite (tails/tails#18991)
Commits:
- Ignore advisories when looking for displayed time
- help debug
* FIX Clock disappearing when the user sets UTC as their local timezone
(tails/tails!841)
Closes issues:
- Clock disappears from the GNOME top bar after "Fix the clock" and choosing UTC
timezone (tails/tails#18993)
Commits:
- safety net for future problems
- handle UTC special-case
* Test suite: workaround lost and duplicate key presses by pasting long strings
instead of typing them (tails/tails!821)
Commits:
- Test suite: merge step used only by another step into its caller
- Test suite: paste long strings instead of typing them
- Test suite: drop useless step
- Test suite: refactor (extract code to method)
* Test suite: Make opening GNOME menus more robust (tails/tails!816)
Closes issues:
- Opening GNOME menus in the test suite on Bullseye is very fragile
(tails/tails#18930)
Commits:
- Test suite: try harder to open GNOME menus
- Test suite: drop unnecessary delay
- Test suite: use Dogtail to check presence of GNOME bookmarks
- Test suite: use Dogtail to open the GNOME menus
- Test suite: wait for the desktop to be visible before we interact with it after
restoring a snapshot
- Lint.
* Upgrade to Linux 5.10.113-1 (DSA 5127-1) (tails/tails!813)
Closes issues:
- Upgrade Linux to 5.10.113-1 (DSA 5127-1) (tails/tails#18962)
Commits:
- Upgrade to Linux 5.10.113-1 (DSA 5127-1)
* Make console-setup.service startup non-racy (tails/tails!811)
Closes issues:
- console-setup.service fails sometimes, which breaks "Tor is ready" in test
suite (tails/tails#18636)
Commits:
- Make console-setup.service startup non-racy
* Test suite: support running on Ruby 3.0 (tails/tails!810)
Closes issues:
- Test suite misbehaves on Ruby 3.0, e.g. "the Tor Connection Assistant connects
to Tor" step always incorrectly fails (tails/tails#18904)
Commits:
- Test suite: ensure we don't try to click the "Restore Disk Image" button before
it's visible
- Test suite: support Bookworm host system's improved UEFI graphics
- Test suite: enable Ruby deprecation warnings
- Test suite: adjust to separation of positional and keyword arguments in Ruby
3.0
- Test suite: update button label for Bullseye
- Remove duplicate word in comment
- Test suite: drop workaround for Ruby < 2.7
- Test suite: migrate from deprecated luks_open and luks_close to
cryptsetup_{open,close}
* test https-get-expired with sid's Go (tails/tails!849)
Commits:
- GitLab CI: only run https-get-expired-sid job when relevant
- GitLab CI: factorize
- GitLab CI: test https-get-expired with sid's Go on a sid image
- also test https-get-expired with sid's golang
* Vagrant: install ikiwiki that fixes #18992 (tails/tails!847)
Closes issues:
- ikiwiki generates buggy PO files with po4a 0.62 (tails/tails#18992)
Commits:
- Vagrant: stop using the obsolete builder-jessie APT suite
- Vagrant: install ikiwiki that fixes #18992
* tca-portal: stricter validation (tails/tails!846)
Commits:
- test: right length, valid for date(1), but invalid format
- drop test case for "minutes" timespec
- be more explicit about the format we want
- seconds always included
- stricter validation for SetTimeCommand
* ignore advisories + better debug (tails/tails!845)
Commits:
- ignore advisory
- FIX error message
* Test suite: fix regression when testing Tor Connection in non-English locale
(tails/tails!843)
Commits:
- Test suite: fix regression when testing Tor Connection in non-English locale
* FIX sharing via onionshare from nautilus (tails/tails!840)
Closes issues:
- "Share via OnionShare" does nothing (tails/tails#18990)
Commits:
- FIX sharing via onionshare from nautilus
* lint_po: ignore unknown-message-flag errors (tails/tails!836)
Commits:
- lint_po: ignore unknown-message-flag errors
* Don't enable "configure a bridge" just because the user looked at the hide mode
(tails/tails!835)
Closes issues:
- “Configure a Bridge” is enabled when rolling back from hiding Tor
(tails/tails#18546)
Commits:
- regression test for #18546
- enable easymode-bridges only in easy mode
* Vagrant build box: upgrade to po4a 0.62-1 (tails/tails!834)
Commits:
- Vagrant build box: drop APT configuration for Buster
- Vagrant build box: upgrade to po4a 0.62-1
* Installer: create system partition 2 MiB from the beginning of the drive
(tails/tails!832)
Commits:
- Installer: create system partition 2 MiB from the beginning of the drive
* Various Tor Connection UX improvements (tails/tails!831)
Closes issues:
- Tor Connection: Give the same instructions on both bridge screens
(tails/tails#18596)
- Always tell whether bridges are used in the success screen (tails/tails#18547)
Commits:
- Clarify docstring
- Test suite: update expected images
- Make phrasing consistent
- Test suite: DRY
- refactor: properties allow our code to be clearer
- bridges: same instructions on both screens
- Success message conditional to bridges
* Rewrite the home pages of the Unsafe Browser + Have different homes for the
Unsafe Browser depending on whether we're connected to Tor already
(tails/tails!829)
Closes issues:
- Have different homes for the Unsafe Browser depending on whether we're
connected to Tor already (tails/tails#18601)
- Rewrite the home pages of the Unsafe Browser (tails/tails#18602)
Commits:
- Apply style guide
- Improve sentence
- Improve grammar
- Improve grammar
- Improve grammar
- Be more clear
- Add illustration by Andrés
- Test suite: remove obsolete localized images
- Test suite: update expected image
- Test suite: add missing @doc tag
- FIX wrong path was checked
- Clarify that the image is an example
- Clarify use of CSS (Take 2)
- Unsafe browser: home page if non connected to Tor
- Clarify use of CSS
- Rework CSS
- Improve structure
- Write a dedicated page for captive portals
- Improve instructions
- Give examples of websites to use
- Use our own image and remove the login and password
- Shorten
* Test suite: misc. robustness improvements (tails/tails!827)
Closes issues:
- Tests for backup are fragile (tails/tails#18727)
Commits:
- Test suite: add localized expected image for Unsafe Browser start page in pt_BR
- Test suite: enable debug logging for Screen#wait
- Test suite: Fix frequent "cannot find TailsGreeterLoginButton.png" failures
- Test suite: update expected image for Bullseye
- Test suite: give the XMPP server some time to create the room
- Test suite: update expected Pidgin images
- Test suite: fix error message
- Test suite: Improve error reporting
- Test suite: Fix clock upper bound calculation
- Test suite: refactoring (save value to variable)
- Test suite: Drop most debugging info for issue that does not happen anymore
- Test suite: Drop spurious verb in debug log
- Revert "Mark test scenario as fragile"
- Test suite (backup): Wait for Zenity to have filled its widgets with the
expected text
* Upgrade apt-cacher-ng to bullseye-backports - fixes issue #18931
(tails/tails!825)
Closes issues:
- rake build fails - apt-get works erratically ( 502 connection closed
[IP:127.0.0.1:3142] ) - No build artifacts were found! (tails/tails#18931)
Commits:
- Upgrade apt-cacher-ng to bullseye-backports.
* Disable search providers in the Activities Overview: Calculator, Nautilus,
Terminal (tails/tails!824)
Closes issues:
- Disable some GNOME Overview search providers (tails/tails#18952)
Commits:
- Disable search providers in the Activities Overview: Calculator, Contacts,
Documents, Nautilus, Terminal
* Test suite: ignore failures to destroy a stopped domain (tails/tails!822)
Closes issues:
- Scenario: "Upgrading an old Tails USB installation from another Tails USB
drive" after-hook is racy (tails/tails#18972)
Commits:
- Test suite: ignore failures to destroy a stopped domain
* Associate OpenPGP-encrypted files with Kleopatra (tails/tails!820)
Closes issues:
- Tails 5 does not decrypt .gpg files when double-clicking them
(tails/tails#18967)
Commits:
- Associate OpenPGP-encrypted files with Kleopatra
* safely get gnome_env_vars (tails/tails!819)
Commits:
- clarify about which environment is being dumped
- Clarify comment
- Fix typo in comment
- comments clarify why we think we are safe
- fix systemd path
- gnome_env_vars look at the gnome-shell env dump
- gnome-shell dumps its conf in a root-owned file
* Avoid user confusion wrt. name of the default KeePassXC database
(tails/tails!818)
Closes issues:
- KeePassXC offers to rename the default database on non-English locales
(tails/tails#18966)
Commits:
- Silence false positive
- Drop obsolete reason
- Don't allow translating Passwords.kdbx
* Use Bullseye debootstrap configuration (tails/tails!817)
Commits:
- Use Bullseye debootstrap configuration
* FIX IUK verification when we have 2 series at the same time (tails/tails!815)
Closes issues:
- bin/copy-iuks-to-rsync-server-and-verify failing because of old releases
(tails/tails#18959)
Commits:
- Apply 1 suggestion(s) to 1 file(s)
- document how the RM should use this command
- don't fail when 404s have been ignored
- proper exit code on failure
- refactor --ignore-404
- refactor run()
- fix leftover
- 404s found -> non-zero exit code
- --ignore-404 and --dry-run
* Fix FTBFS with uBlock 1.42 (tails/tails!814)
Commits:
- Unfuzzy patch
* Upgrade to tor 0.4.7.7 (tails/tails!812)
Closes issues:
- Upgrade to tor 0.4.7.x (tails/tails#18932)
Commits:
- Upgrade to tor 0.4.7.7
* Add translation files for Qt5 (#18958) (tails/tails!808)
Closes issues:
- Translations of basic Qt5 strings are missing (tails/tails#18958)
Commits:
- Add translation files for Qt
* Make news/version_3* non-translatable (#16758) (tails/tails!805)
Commits:
- Make news/version_3* non-translatable (#16758)
* Add Kleopatra to the Favorites (tails/tails!802)
Commits:
- Test suite: make expected image a tiny bit smaller
- Add Kleopatra to the Favorites submenu
* Test suite: drop pre-Bullseye compatibility (tails/tails!789)
Commits:
- Test suite: drop workaround for Ruby < 2.7
- Test suite: migrate from deprecated luks_open and luks_close to
cryptsetup_{open,close}
* Add to confirm before restarting (#18912) (tails/tails!782)
Closes issues:
- New dialog when Unsafe Browser is not enabled makes it too easy to lose work
(tails/tails#18912)
Commits:
- Make code more readable
- Make function's responsibility tighter to simplify its code
- Handle new code branch that was forgotten
- Fix local variables declaration
- Use 'Cancel' as default button (#18912)
- 'Cancel' is more standard
- Add to confirm before restarting (#18912)
* Display time in the timezone that the user has chosen in Tor Connection
(tails/tails!751)
Closes issues:
- Display time in the timezone that the user has chosen in Tor Connection
(tails/tails#6284)
Commits:
- Design doc: Explain security trade-off
- Test suite: Explain that Asia/Shanghai == +08:00
- tails-get-date: use Python instead of date(1)
- Fix typo in error message
- Test suite: ensure the displayed clock is in the user's timezone
- Test suite: remove workaround
- Test suite: refactor (extract code do method)
- Test suite: be more defensive to give better error output
- Test suite: send debug info to the debug log
- Test suite: make step name clearer
- Design doc: mention timezone status and plans
- Apply 1 suggestion(s) to 1 file(s)
- Fix typo in comment
- Improve grammar
- Improve grammar
- Remove unnecessary comma
- try to fix the vertical misalignment
- Update to #6284
- Link back to main page
- https://www.merriam-webster.com/dictionary/time%20zone
- Move FAQ to a dedicated page
- Shorten path
- Don't potentially overwrite TZ key in dict with environment's value.
- Cleanup dead code, fix formatting.
- Consistently display GMT instead of UTC.
- Use the same time format as GNOME's clock.
- use date to format the date
- date@ extension does The Right Thing
- DRAFT: display time in local timezone
* Follow-up on "Audit tca-portal" (tails/tails!723)
Commits:
- useless shellcheck directive
- Apply 2 suggestion(s) to 2 file(s)
- Fix typo in comment
- clarify how we believe pgrep --ns 1 will help us
- PersistenceSetupCommand: gnome_env_vars not needed
- export_gnome_env hardening
- some more validation when setting system time
- gnome.py executes later; required for testing
- add some doctests to tca-portal
- more tuples, less lists
- clarify: we are fine with the TOCTOU
- --systemd-socket is exclusive with --listen
- be more explicit about stdout/stderr handling
- clarify handle_* comments
- clarify what is the role of handle_line
- anchor SetTimeCommand regexp
- clarify comment about validate_args
- use full path to commands whenever possible
* Automatic time sync before connecting to Tor in automatic mode
(tails/tails!681)
Closes issues:
- Mitigate attack by active network adversary on automated time sync + replayed
Tor consensus (tails/tails#18830)
- Automatic time sync before connecting to Tor in automatic mode
(tails/tails#18717)
Commits:
- Test suite: rename step to make it closer to what a user would do
- use the non-deprecated version of "Tor is ready"
- Use less jargon
- Add missing word in comment
- Update comment: this now build reproducibly
- Clarify comment
- fix undefined local variable
- tails-get-network-time better syslog
- tails-get-network-time has timeout
- refactor old test case based on new functions
- new test: time sync times out
- tor connection runs even if timesync fails
- python style
- some info is shown during network time sync
- comments
- wait for time to be retrieved before starting Tor
- use APT preferences, not --target-release
- gitlab tests run with the correct Go version
- public key type check
- Explain why these if statements don't apply to us
- Fix typo
- Design doc: 2 out of 3 is enough since we're using the median
- ignore redirects
- test all urls in htpdate.pools
- https-get-expired gets more testing
- https-get-expired: explain how this compares to Go implementation
- Test suite: explain why scenarios pass in a somewhat surprisingly manner
- Lint
- Lint
- Design doc: explain why we accept a risk
- Design doc: improve phrasing
- Design doc: drop conditional
- Design doc: explain why we're protected
- Design doc: clarify phrasing
- Update design doc: this is not a problem anymore
- reproducibility: clean cache after compiling
- fix spelling
- htpdate performs the median
- design doc: explain https-get-expired
- Lint: gofmt
- Pick Go from buster-backports
- try to make go build reproducible: -trimpath
- Test suite: mark fragile scenario as such
- https-get-expired: CI tests now
- test https-get-expired building
- https-get-expired gains -proxy option
- port htpdate to https-get-expired
- https-get-expired: more similar to htpdate's curl
- https-get-expired output headers, not body
- fix go compilation
- add https-get-expired: will need for time sync
- "date in past" check is more robust
- sanity check: the new date cannot be in the past
- unsafe browser is checked for tor leaks
- UnsafeBrowser correctly detects if we're online
- checking DisableNetowrk is #18293-aware
- Merge the new scenario with the old one
- FIX restore: some snapshot has network but no Tor
- UnsafeBrowser tests don't need Tor; scenarios--
- FIX we don't even need to check Tor
- Test suite: clarify what we're actually testing
- Improve grammar
- Fix typo
- Fix typo
- Update doc to automatic time sync (#18717)
- Improve structure of design doc
- Avoid jargon
- Design doc: copy more detailed explanation from the blueprint
- Design doc: improve structure
- Design doc: document new automatic time sync mechanism
- Remove very old explanation
- wording: we're looking for unneeded *exceptions*
- Apply 5 suggestion(s) to 2 file(s)
- FIX test case: allow it to use time sync
- "flow through" supports fake connectivity check
- FIX globally setting allowed DNS queries
- refactor check for leaks
- debugging leaks is easier
- fix DNS query for easy mode
- test suite self-correction warning
- dns queries are allowed only when needed
- +debug "traffic has only flowed through"
- break the "Tor is ready" step in two
- rubocop
- easy-mode allowed_hosts are set in tca_configure
- explicitly allow connectivity check in many tests
- fix time sync error simulation
- fix exception wording
- use DNS inspection to check for leaks
- the FirewallHelper is DNS-aware
- one more check
- test "traffic only flows through" supports timesync
- Add tests for time sync before Tor connects
- Improve TCA test suite code
- add vm script to upload/download files
- tails-get-network-time: don't assume anything about body encoding
- Raise exception instance, not class
- Clean up code
- tails-get-network-time: emulate NetworkManager's behavior more closely
- Move hard-coded string to constant
- Blacken
- tails-get-network-time: refactor
- Add more typing
- tails-get-network-time: migrate to pycurl, to make our fingerprint closer to
NetworkManager's
- Store the network time server in a configuration file
- Move code to main() function
- Test suite: adjust to new automatic time sync feature
- Test suite: drop workaround
- Tor Connection: in automatic mode, set the system time from the network
- tca-portal: implement a new get-network-time command
- tca-portal: include stdout in responses
|
Всего записей: 5725 | Зарегистр. 19-05-2004 | Отправлено: 16:37 05-06-2022 | Исправлено: mleo, 16:42 05-06-2022 |
|
