Cain Ungothep: > Hi guys. > > I posted this as a comment in the blog a few days ago, with no answer so > far. > > I've been experimenting with manual incremental updates and noticed that > the "mar-tools-linux64.zip" file in the distribution directory changes > between Tor Browser releases (the executables inside the archive also > change). > > I've seen it change at least twice between the two most recent releases. > The signatures were good. > > Questions: > > 1. Is the source in the tools being updated or is this some artifact > of the build/distribution system? I guess it depends. If we use a new toolchain then I'd expect a different SHA-256 sum. If not, there might be things Mozilla does to the source files between point releases which we pick up. > 2. If the source changes, are you guys doing that or are you just > pulling from Mozilla? We are pulling from Mozilla. There is one exception though: we needed to patch some code (+ backport some Mozilla patches) to get the updater working as we wanted. But this code is nothing what changes between releases without being announced in the changelog. (see: https://gitweb.torproject.org/tor-browser.git/commit/?h=tor-browser-38.1.0esr-5.0-1&id=fd41a91598e22f02d3cfec838bcf0a205b2c79f8 for the current version) > 3. Is there a changelog anywhere? Yes, you'll find it in the respective release announcements on our blog and in the tor-browser-bundle git repository: https://gitweb.torproject.org/builders/tor-browser-bundle.git/tree/Bundle-Data/Docs/ChangeLog.txt > Thanks! You are welcome. Georg
Attachment:
signature.asc
Description: OpenPGP digital signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk