Tor Browser 7.5 doesn't have a Browser/TorBrowser/Docs/sources/versions file

A user reported on the blog a problem using torbrowser-launcher: https://blog.torproject.org/comment/273588#comment-273588

It seems that torbrowser-launcher is looking at the file Browser/TorBrowser/Docs/sources/versions to find which version is installed, and fails if the file does not exists.

This file was present in the versions built with gitian/tor-browser-bundle, but is not in the versions built with rbm/tor-browser-build.

added component::applications/tor browser owner::tbb-team priority::medium resolution::wontfix severity::normal status::closed tbb-rbm type::defect labels

https://github.com/micahflee/torbrowser-launcher/issues/306

I am not convinced yet this is a Tor Browser bug. If we don't need a versions file (which we apparently don't do) then just adding one because torbrowser-launcher depends on it does not make much sense to me. Especially as it is barely maintained anymore. I think the much better solution would be to get this fixed on torbrowser-launcher's end.

Resolved #25015 (moved) as duplicate.

Trac:
Cc: N/A to e-inquirer

Resolved #25010 (closed) as duplicate.

Trac:
Cc: e-inquirer to e-inquirer, ToringOnion

It seems there is a fix proposed downstream, good. Let's get the problem solved there then.

Trac:
Status: new to closed
Resolution: N/A to wontfix

Replying to gk:

It seems there is a fix proposed downstream, good. Let's get the problem solved there then.

I'm not going to re-open this, but it would be nice if there was an easy way to programmatically obtain the version of an installed bundle (https://trac.torproject.org/projects/tor/ticket/20792#comment:2 has an example of me wishing for such a thing).

That said, the context where I wanted is also a barely maintained tool, so perhaps this is unimportant.

Replying to yawning:

Replying to gk:

It seems there is a fix proposed downstream, good. Let's get the problem solved there then.

I'm not going to re-open this, but it would be nice if there was an easy way to programmatically obtain the version of an installed bundle (https://trac.torproject.org/projects/tor/ticket/20792#comment:2 has an example of me wishing for such a thing).

That said, the context where I wanted is also a barely maintained tool, so perhaps this is unimportant.

Well, I think that is a reasonable request in general. I don't think, though, that jumping back to including the versions file to fix just the torbrowser-launcher case is the right thing to do here.

Replying to gk:

Well, I think that is a reasonable request in general. I don't think, though, that jumping back to including the versions file to fix just the torbrowser-launcher case is the right thing to do here.

Indeed. I went and opened #25020 (moved) with a replacement proposal.

As a side note, the torbrowser-launcher "fix" that's proposed looks incredibly brittle to me (a more robust kludge would be something like extracting browser.startup.homepage_override.torbrowser.version from prefs.js), but the new ticket when implemented will remove the need for kludges in the long run.

Replying to gk:

I am not convinced yet this is a Tor Browser bug. If we don't need a versions file (which we apparently don't do) then just adding one because torbrowser-launcher depends on it does not make much sense to me. Especially as it is barely maintained anymore. I think the much better solution would be to get this fixed on torbrowser-launcher's end.

Yes, getting that fixed on torbrowser-launcher's end makes sense, especially since adding the versions file to the next version of Tor Browser would not fix the issue for the users who have 7.5 installed.

Replying to gk:

I am not convinced yet this is a Tor Browser bug. If we don't need a versions file (which we apparently don't do) then just adding one because torbrowser-launcher depends on it does not make much sense to me. Especially as it is barely maintained anymore. I think the much better solution would be to get this fixed on torbrowser-launcher's end.

With all due respect, gk (and much is due!), the very fact that TBL ever needed to be written (and the fact that many people still use it) is itself an egregiously longstanding Tor Browser bug.

How many Debian developers have worked for Tor over the years without getting this fixed? I can think of at least five, but there are probably more. Why is it still not possible to apt-get install Tor Browser??! How many times has a Tor Browser non-bug broken Micah's hacky solution to Tor's failure to package Tor Browser for Debian/Ubuntu/etc? WTH?

Replying to cypherpunks:

How many Debian developers have worked for Tor over the years without getting this fixed? I can think of at least five, but there are probably more. Why is it still not possible to apt-get install Tor Browser??! How many times has a Tor Browser non-bug broken Micah's hacky solution to Tor's failure to package Tor Browser for Debian/Ubuntu/etc? WTH? I don't understand why people aren't happy with the portable state of the Tor Browser, it's great, and updates via apt-get will make it a nightmare.

Hey cpunk, before complaining something you could do something better. Have you talked to Debian APT management team? If not, do it.

I'm okay with current Tor Browser. I use APT just for Tor, not a browser. (just posting my opinion)

I can't think of a Linux OS that doesn't allow you to download Tor Browser from a package repo. I think the fact that a person had to create the Tor Launcher is a defect in itself.

Trac:
Username: ToringOnion

Replying to cypherpunks:

Replying to gk:

I am not convinced yet this is a Tor Browser bug. If we don't need a versions file (which we apparently don't do) then just adding one because torbrowser-launcher depends on it does not make much sense to me. Especially as it is barely maintained anymore. I think the much better solution would be to get this fixed on torbrowser-launcher's end.

With all due respect, gk (and much is due!), the very fact that TBL ever needed to be written (and the fact that many people still use it) is itself an egregiously longstanding Tor Browser bug.

How many Debian developers have worked for Tor over the years without getting this fixed? I can think of at least five, but there are probably more. Why is it still not possible to apt-get install Tor Browser??! How many times has a Tor Browser non-bug broken Micah's hacky solution to Tor's failure to package Tor Browser for Debian/Ubuntu/etc? WTH?

Let me add some thoughts to this comment:

1. I did not mean to imply that we don't care about a broken Tor Browser shipped by torbrowser-launcher, especially if we could have prevented that. Quite to the contrary, I am sorry for that. But I think that we learned from the versions file being necessary for torbrowser-launcher basically with this bug report is at least part of the problem. IIRC all of the broken things that we caused for torbrowser-launcher in the past did not come over night. They were available in alpha releases weeks and months before to test different configurations and patches. Yet no one came up and filed a bug about torbrowser-launcher being broken. The reasons for that might manifold but, yes, I think torbrowser-launcher being barely maintained is at least one of them and not being any communication about what torbrowser-launcher needs and uses is another.

2. Regarding the missing Tor Browser packaging let me add that I'd be happy to review and merge (sets) of patches that would make this easier or possible at all in the first place. But someone other than us has to step up to do the work as we won't do it. What we want to do is getting rid of Tor Browser as a Firefox fork: we should not be needed to develop such a fork in the first place. Getting their privacy stuff right should be the priority of browser developers/manufacturers. And, look, we get there https://medium.com/read-write-participate/leveraging-tor-technology-in-firefox-3e40288995c8 albeit slowly and it took us years with all the effort we could manage. But, finally, there is light at the end of the tunnel. So, yes, if someone wants to have Tor Browser in Debian, please stand up and grab that project, but we will continue to put our efforts into making our fork obsolete instead.

Replying to gk:

They were available in alpha releases weeks and months before to test different configurations and patches. Yet no one came up and filed a bug about torbrowser-launcher being broken. The reasons for that might manifold but, yes, I think torbrowser-launcher being barely maintained is at least one of them and not being any communication about what torbrowser-launcher needs and uses is another.

By the way, if someone wants to add an option to torbrowser-launcher to be able to select the alpha channel instead of the stable one, I think this would help to detect this kind of issues earlier.

closed

mentioned in issue #25015 (moved)

mentioned in issue #25020 (moved)

moved to tpo/applications/tor-browser#25012 (closed)

mentioned in issue tpo/applications/tor-browser#25020 (closed)