Recruit build test/signoff volunteers

I still think it is a good idea to get tor-talk volunteers to commit to testing builds for us. We created this table for them to fill in but then forgot about it: https://trac.torproject.org/projects/tor/wiki/doc/build/BuildSignoff

There also used to be a pastebin or google doc with a testing checklist + instructions in it? Is that lost forever?

added MikePerry201205 actualpoints::5 component::applications/tor bundles/installation owner::mikeperry points::5 priority::immediate resolution::fixed severity::normal status::closed type::task labels

Woo hoo! Found it in irc logs. http://etherpad.mozilla.org:9000/6yZdWhgBWF

Merged that etherpad into our wiki.

Our non-Linux builds are a nightmare. Can we get on this already? :)

I can begin collecting some urls and describing more tests for people to run (#5292 (moved)) if it will help speed this along/make it more valuable.

Trac:
Priority: normal to critical
Cc: N/A to Sebastian
Type: defect to task

Replying to mikeperry:

Woo hoo! Found it in irc logs. http://etherpad.mozilla.org:9000/6yZdWhgBWF

https://etherpad.mozilla.org/6yZdWhgBWF appears to be the better (working) link now.

FYI: Please use our wiki page at https://trac.torproject.org/projects/tor/wiki/doc/build/BuildSignoff instead of the etherpad for updating test lists. The etherpad was merged in to that page in comment 3.

Other reasons to formalize and distribute our testing process include guarding against things like WebSocket regressions and the myriad Antivirus software issues like #5689 (closed).

Trac:
Cc: Sebastian to Sebastian, tagnaq@gmail.com

Until we develop #5292 (moved) and collect all of our tests ourselves, we can use tests from https://www.torproject.org/projects/torbrowser/design/#Testing as well as http://samy.pl/evercookie and of course our friend from #5741 (closed), http://bitcoincharts.com/. Feel free to paste others in #5292 (moved) too.

Trac:
Username: SamWhited
Cc: Sebastian, tagnaq@gmail.com to Sebastian, tagnaq@gmail.com, sam@samwhited.com

Trac:
Username: Tichodroma
Cc: Sebastian, tagnaq@gmail.com, sam@samwhited.com to Sebastian, tagnaq@gmail.com, sam@samwhited.com, tichodroma@posteo.de

Trac:
Username: unknown
Cc: Sebastian, tagnaq@gmail.com, sam@samwhited.com, tichodroma@posteo.de to Sebastian, tagnaq@gmail.com, sam@samwhited.com, tichodroma@posteo.de, unknown@pgpru.com

Alright great, we got some interested people. I think we should start distributing builds to them for the next TBB release that isn't a time critical security issue. I'm going to set this ticket as 'blocker' as a way of saying "Don't release the next TBB until we at least get it to the people who volunteered to test it first."

Of course, if there is another blocker security issue filed between now and then that is time critical to release a fix for, we can skip figuring this testing process out for it. But for all other normal TBB releases, we should be exercising a volunteer testing process ASAP.

Trac:
Priority: critical to blocker

Trac:
Cc: Sebastian, tagnaq@gmail.com, sam@samwhited.com, tichodroma@posteo.de, unknown@pgpru.com to Sebastian, tagnaq@gmail.com, sam@samwhited.com, tichodroma@posteo.de, unknown@pgpru.com, phoul@sourcemage.org

I like to help also

Trac:
Username: hartmut

Trac:
Cc: Sebastian, tagnaq@gmail.com, sam@samwhited.com, tichodroma@posteo.de, unknown@pgpru.com, phoul@sourcemage.org to Sebastian, tagnaq@gmail.com, sam@samwhited.com, tichodroma@posteo.de, unknown@pgpru.com, phoul@sourcemage.org, twilde@cymru.com

Can people with no code-writing capabilities also join your testing process?

These testing pages like "ip-check.info", "samy.pl/evercookie" and other sites as well as the step-by-step testing instructions on "https://trac.torproject.org/projects/tor/wiki/doc/build/BuildSignoff" seem to be easy enough for advanced users who have no idea how to write code.

Replying to cypherpunks:

Can people with no code-writing capabilities also join your testing process?

Yes. We're still discussing specifics internally, but most likely the way this is going to work is that a set of urls with builds will get emailed out to all interested parties with a time limit to reply with feedback. If no feedback arrives within that timeframe, the build will be published anyway. So I think this means that we want to widen the net as far as people who volunteer to actually test builds, especially since it will also mean increased opportunity to test more OS versions, Antivirus versions, etc.

However, long term, we're hoping to use this manual process to converge on an automated process, so people who also want to write test pages, auditing harnesses, and/or automate testing itself will be encouraged to do so.

Trac:
Cc: Sebastian, tagnaq@gmail.com, sam@samwhited.com, tichodroma@posteo.de, unknown@pgpru.com, phoul@sourcemage.org, twilde@cymru.com to Sebastian, tagnaq@gmail.com, sam@samwhited.com, tichodroma@posteo.de, unknown@pgpru.com, phoul@sourcemage.org, twilde@cymru.com, runa

If technical people are looking for something to do, #5837 (moved) is something you can do right now to help us with build security, and learn some fun skills while you're at it.

Ok everyone, we're starting to inch forward on this. If you're interested in participating, please email runa at torproject.org with the Operating System and CPU(s) you are able to test.

You may also want to read over https://lists.torproject.org/pipermail/tor-talk/2012-May/024286.html to get an idea of the larger plan here.