[Pkg-anonymity-tools] Bug#785702: Bug#785702: onionshare: Please consider downgrading the Depends: torbrowser-launcher to Recommends

[u]

Hi,

intrigeri at debian.org:
> Package: onionshare
> Version: 0.6-3
> Severity: normal
> User: tails-dev at boum.org
> Usertags: p2p
> 
> Hi,
> 
> previously, onionshare had Suggests: torbrowser-launcher, and commit
> e008b41 switched it to Depends (among a few other packaging changes)
> without any more explanation than "new upstream release 0.6".
> 
> I've not tried it myself yet, but it seems to me that OnionCat should
> be perfectly able to use a system-wide Tor instance (e.g. as provided
> by the tor Debian package). More specifically, I see that it tries
> both ports 9051 and 9151 when trying to get in touch with Tor's
> control port. If my rough guess is correct, then Depends:
> torbrowser-launcher is not correct, and possibly a mere Recommends (or
> even Suggests?) would be enough. Of course one will need to actually
> test that before acting on it, hence the normal severity for now, even
> if that might be a policy violation technically.
> 
> Note that the current Depends: relationship is one of the blockers for
> including OnionCat in Tails, as we don't ship TBL in there.

Thanks for pointing this out!

Yes it should be able to use system tor, however, currently it does not
do that correctly: it does not accept a hashed password for the
ControlPort from what I've seen. Waiting for some input from the
upstream developer on this issue.

However, this should work and thus I'll modify the dependency for
version 0.7.

Cheers!