Add TBB packages to our repos

added Bounty component::applications/tor browser needs-triage priority::medium resolution::wontfix severity::normal status::closed type::enhancement labels

Trac:
Parent: N/A to #2880 (closed)

Trac:
Description: We need to create distribution packages as a stopgap to solve the issue with Thandy not existing. We need some way to provide auto-update to people who are used to it, especially if we are making TBB the only package that we provide. This ticket is the parent ticket to enumerate all of the issues of converting the TBB tarballs into .dep and .rpms, using the shortest, simplest possible path (since eventually we want to abandon this method of distribution in favor of Thandy).

to

We need to create distribution packages as a stopgap to solve the issue with Thandy not existing. We need some way to provide auto-update to people who are used to it, especially if we are making TBB the only package that we provide. This ticket is the parent ticket to enumerate all of the issues of converting the TBB tarballs into .dep and .rpms, using the shortest, simplest possible path (since eventually we want to abandon this method of distribution in favor of Thandy).

[[TicketQuery(parent=#2879 (moved),format=table,col=component|owner|summary|priority,order=priority)]]

I think this is a great idea for people who have admin rights on their computer; for all others, I think we need a way for the TBB to know what version is current and it should alert the user when it isn't up to date.

Replying to ioerror:

I think this is a great idea for people who have admin rights on their computer; for all others, I think we need a way for the TBB to know what version is current and it should alert the user when it isn't up to date.

Vidalia already has code to provide this message. I've seen it quite a few times. It is based on the consensus recommended versions.

(Also to your first point, I assume thandy can work without admin rights.)

Replying to mikeperry:

Replying to ioerror:

I think this is a great idea for people who have admin rights on their computer; for all others, I think we need a way for the TBB to know what version is current and it should alert the user when it isn't up to date.

Vidalia already has code to provide this message. I've seen it quite a few times. It is based on the consensus recommended versions.

That is for outdated versions of Tor only. It does not warn about outdated versions of TBB or its other components.

The only way to inform users of current versions of TBB that a newer version has been released is to list the versions of Tor packages on check.torproject.org. See #2285 (moved).

Replying to rransom:

Vidalia already has code to provide this message. I've seen it quite a few times. It is based on the consensus recommended versions.

That is for outdated versions of Tor only. It does not warn about outdated versions of TBB or its other components.

The only way to inform users of current versions of TBB that a newer version has been released is to list the versions of Tor packages on check.torproject.org. See #2285 (moved).

Doh. I hadn't even though of this. The huge, self-contained dependency structure of TBB is going to require something more than #2285 (moved).

We could pass a version to check.tp.o, since it is the home page of TBB. Then the verbage on check.tp.o can still remain concise, perhaps simply displaying an orange onion if your version is out of date...

Replying to [comment:6 mikeperry

Doh. I hadn't even though of this. The huge, self-contained dependency structure of TBB is going to require something more than #2285 (moved).

And by more than #2285 (moved), I think we can instead re-purpose #2285 (moved) to provide us with the notification we need in the short-term.

Replying to mikeperry:

Replying to rransom:

Vidalia already has code to provide this message. I've seen it quite a few times. It is based on the consensus recommended versions.

That is for outdated versions of Tor only. It does not warn about outdated versions of TBB or its other components.

The only way to inform users of current versions of TBB that a newer version has been released is to list the versions of Tor packages on check.torproject.org. See #2285 (moved).

Doh. I hadn't even though of this. The huge, self-contained dependency structure of TBB is going to require something more than #2285 (moved).

No -- just treat TBB as a single package for the purpose of that list.

We could pass a version to check.tp.o, since it is the home page of TBB. Then the verbage on check.tp.o can still remain concise, perhaps simply displaying an orange onion if your version is out of date...

That won't work for users of existing TBBs, and it gives check.tpo the ability to log more detailed information about users. We don't want to give whoever controls the check.torproject.org domain name and can get an SSL certificate for it that Firefox will accept the ability to collect that information.

Trac:
Type: defect to enhancement

Trac:
Keywords: N/A deleted, Bounty added

Trac:
Parent: #2880 (closed) to N/A

Unassigning this from myself. Someone else should feel free to take it.

Trac:
Status: new to assigned
Owner: erinn to N/A

Trac:
Keywords: N/A deleted, needs-triage added

Trac:
Component: Tor bundles/installation to Tor Browser

Duplicate of #5236 (moved)? (Contains more discussion.)

(Except #5236 (moved) is for deb only. And this one is for deb and rpm. I suggest to make this a duplicate of #5236 (moved) and to create a new ticket for rpm if desired.)

Trac:
Severity: N/A to Normal
Sponsor: N/A to N/A

I agree -- I think this ticket is now obsolete with Tor Browser's secure update feature.

Trac:
Reviewer: N/A to N/A

Indeed.

Trac:
Resolution: N/A to wontfix
Status: assigned to closed

closed

moved to tpo/applications/tor-browser#2879 (closed)

mentioned in issue tpo/applications/tor-browser#2879 (closed)

Add TBB packages to our repos

Child items ...

Activity