eliott/desktop
1
0
Fork 0
mirror of https://github.com/zen-browser/desktop synced 2026-04-25 17:15:00 +02:00
Code Issues Packages Projects Releases Wiki Activity
6,648 Commits 10 Branches 165 Tags
e9634e10573b6838e40a2f8e20dce403c38d3e00
Commit Graph

67 Commits

Author SHA1 Message Date
mr. m
e9634e1057 no-bug: Move API keys to release script (gh-13309) 2026-04-19 01:11:44 +02:00
mr. m
2700722a1e gh-9836: Register correct signing issuers for windows (gh-13304) 2026-04-18 16:25:58 +02:00
mr. m
adc8c92816 gh-9836: Finish the MAR signing workflow (gh-13216) 2026-04-13 15:49:24 +02:00
mr. m
a4f0d01a88 no-bug: Sign mars after building them (gh-13213) 2026-04-11 16:45:24 +02:00
JDX50S
270db6d671 Merge commit from fork 
* security: enable MAR signature verification for updates

Remove `--enable-unverified-updates` from the common mozconfig. This flag
was disabling all MAR (Mozilla ARchive) signature verification in the
updater binary, meaning update packages were applied without any
cryptographic authenticity check.

With this flag removed, the Mozilla build system will:
- Link NSS and signmar into the updater binary
- Enable SecVerifyTransformCreate-based signature verification on macOS
- Require MAR files to contain valid signatures before applying

REQUIRED FOLLOW-UP (maintainer action):
1. Generate a Zen-specific MAR signing keypair (RSA-PKCS1-SHA384)
   See: https://firefox-source-docs.mozilla.org/build/buildsystem/mar.html
2. Place the public key DER file(s) in the source tree at
   toolkit/mozapps/update/updater/release_primary.der
3. Sign MAR files during the release build with the private key
4. Set ACCEPTED_MAR_CHANNEL_IDS in update-settings.ini to restrict
   which update channels the updater will accept

Ref: GHSA-qpj9-m8jc-mw6q

* no-bug: Added signature steps

* no-bug: Export browser/installer/package-manifest.in

---------

Co-authored-by: Maliq Barnard <maliqbarnard@Maliqs-MacBook-Air.local>
Co-authored-by: Mr. M <mr.m@tuta.com>
 2026-04-09 19:28:31 +02:00
mr. m
4ae9f81a68 feat: Add workflow to import expternal patches, b=no-bug, c=workflows, windows 2026-02-25 16:11:41 +01:00
mr. m
66081e97f6 fix: Remove clip overflow from nav-bar and update rust version, b=no-bug, c=workflows, common 2026-02-12 19:58:58 +01:00
mr. m
37eed5fcfe fix: Start working on more eslint rules, p=#11874 
* fix: Start working on more eslint rules, b=no-bug, c=common, mods, workspaces

* chore: Continue migration, b=no-bug, c=workflows, windows, glance, mods, welcome, workspaces, common, compact-mode, folders, tests, kbs, media, split-view, tabs

* chore: Finish, b=no-bug, c=common, compact-mode, folders, glance, tests, kbs, media, mods, split-view, tabs, workspaces, welcome

* fix: Fix installing deps, b=no-bug, c=common

* feat: Dont initialize git on download checks, b=no-bug, c=workflows

* feat: Remove empty JS docs, b=no-bug, c=common, compact-mode, folders, glance, kbs, media, mods, split-view, tabs, tests, workspaces

* chore: Run lint, b=no-bug, c=common, folders, glance, kbs, mods, split-view, tabs, workspaces
 2026-01-12 15:11:43 +01:00
Mr. M
4744a4cf6d feat: Enable crash reports and use npm ci, b=no-bug, c=workflows, common, configs 2025-09-21 15:10:29 +02:00
mr. m
fc28c2fb7d feat: Fixed performance with the update animation, b=no-bug, c=workflows, common, kbs 2025-08-26 01:05:37 +02:00
Mr. M
6e57e08280 fix: Fixed linux builds not having cargo at the import stage, b=no-bug, c=workflows 2025-08-25 14:59:49 +02:00
Mr. M
78b1088b41 fix: Make sure to source cargo env before building, b=no-bug, c=workflows 2025-07-24 16:38:02 +02:00
mr. m
51f22680f4 fix: Install cargo after bootstraping for linux, b=no-bug, c=workflows 2025-07-24 13:16:14 +02:00
Mr. M
5040df2416 chore: [no-lint] Fix action runners for blacksmith, b=no-bug, c=workflows 2025-06-20 14:13:23 +02:00
blacksmith-sh[bot]
8bc4c97215 .github/workflows: Migrate workflows to Blacksmith runners (#9104) 
Co-authored-by: blacksmith-sh[bot] <157653362+blacksmith-sh[bot]@users.noreply.github.com>
Co-authored-by: mr. m <91018726+mr-cheffy@users.noreply.github.com>
 2025-06-20 14:02:23 +02:00
Mr. M
bcf879b801 chore: Format project, b=no-bug, c=workflows 2025-06-09 19:17:11 +02:00
Mr. M
d786c6927f feat: security: Enable google safebrowsing and populate the API keys, b=no-bug, c=workflows, common, configs 2025-06-09 19:11:09 +02:00
mr. M
40813820da fix: update syntax for environment variable assignments in build workflows 2025-04-01 19:52:54 +02:00
mr. M
aa673cc361 fix: ensure SCCACHE_GHA_ENABLED is set to 'true' or 'false' based on input 2025-04-01 19:51:17 +02:00
mr. M
dfc9119bbc feat: add 'use-sccache' input to build workflows for improved caching options 2025-04-01 19:34:31 +02:00
mr. M
7dc45bb438 Update Rust toolchain version in CI workflows and add .rust-toolchain file 2025-03-29 23:40:37 +01:00
mr. M
4c7955b099 Add actions cache variable exposure to build workflows 2025-03-07 17:04:27 +01:00
mr. m
3b86f317d1 Fixed animating split views in 2025-03-07 14:07:49 +01:00
mr. m
493f299cce Enabled compilation with sccache and disable rust incremental builds (formatted from 5d7248d4c7) 2025-02-25 15:24:41 +01:00
mr. m
5d7248d4c7 Enabled compilation with sccache and disable rust incremental builds 2025-02-25 15:23:15 +01:00
mr. m
d9e8fb3469 Disabled sccache temporarilly 2025-02-25 13:39:41 +01:00
mr. m
b39961e43e Fixed reordering tabs when having essentials 2025-02-25 09:07:22 +01:00
mr. m
59e8c120e2 Made rust compilation also use sscache and also display it's building time 2025-02-24 23:16:51 +01:00
mr. m
382dcc8d0c Started using sccache for all builds now 2025-02-24 23:05:50 +01:00
mr. M
b1b83ae32a Refactor Surfer CI commands in workflows for consistency and improved readability 2025-02-03 21:24:05 +01:00
mr. M
24d8e7a5d7 Replace pnpm with npm in workflows and scripts for consistency across the project 2025-02-03 21:20:29 +01:00
mr. M
faff428afb Update Linux build artifacts to use .tar.xz format 2025-02-01 10:32:53 +01:00
mr. M
93ab8babbc Fix default value formatting in workflow YAML files and clean up whitespace in update_ff.py 2025-01-30 00:39:11 +01:00
mr. M
ca4952c02c Add build ID generation and pass to build workflows 2025-01-25 00:44:40 +01:00
mr. M
818100e3d8 Update Flatpak configuration and templates for app.zen_browser.zen 2025-01-14 18:43:14 +01:00
mr. M
5865b9fd2d Update GitHub Actions to use self-hosted runners for x86_64 release builds 2025-01-12 20:45:12 +01:00
mr. M
6c9fb9b3bb Refactor build configurations to standardize runner environments and update LTO settings in mozconfig 2025-01-08 21:19:23 +01:00
mr. M
e9936865d9 Add ZEN_GA_DISABLE_PGO environment variable to disable PGO and update codesign script for verbose output 2025-01-08 17:54:50 +01:00
mr. M
c003a2594b Update build configurations for Linux and Windows to optimize architecture-specific settings 2025-01-08 17:20:40 +01:00
mr. m
a14220c12d Update linux-release-build.yml 
Signed-off-by: mr. m  <91018726+mauro-balades@users.noreply.github.com>
 2025-01-08 16:55:07 +01:00
mr. M
73f932fade Update Linux and Windows build workflows to use warp-ubuntu-latest-x64-16x for release branch 2025-01-08 00:15:05 +01:00
mr. M
344cf8379c Update Git configuration and CODEOWNERS to reflect new user details 2025-01-06 21:01:52 +01:00
mr. M
cbc342ce1a Update Linux release build workflow to use release branch input for runner selection 2025-01-06 20:07:43 +01:00
mr. M
9b8b9f5e14 Update release build script to enhance Xvfb configuration by adding -nolisten tcp and -noreset options 2025-01-06 20:07:17 +01:00
mr. M
cd34782bd5 Update Linux release build workflow to use release branch input for runner selection 2025-01-06 20:02:20 +01:00
mr. M
6c4af27ec6 Update Linux release build workflow and improve package installation; add checks for window.docShell in ZenUIManager 2025-01-06 20:01:52 +01:00
mr. M
0333413505 Update Linux release build workflow to use release branch input for runner selection 2025-01-06 19:26:58 +01:00
mr. M
4124a3c8fe Update Linux and Windows build workflows to use architecture-specific runners and add dynamic port allocation in profileserver.py 2025-01-06 19:26:26 +01:00
mr. M
6db088328b Update Linux release build workflow to use release branch input for runner selection 2025-01-06 19:00:36 +01:00
mr. M
57b2adb81f Update Linux release build workflow to use architecture matrix for runner selection 2025-01-06 19:00:09 +01:00