Automate test for checking whether Tor is up-to-date
It could be implemented by removing
/etc/apt/sources.list.d/torproject.list, and then run
and check the listed installation candidate with
apt-cache policy tor.
OTOH, do we want actually want this? Such a scenario would fail whenever a new Tor is realeased => jenkins notifications etc. It might be that we want some external monitoring + notifications for this instead. An alternative would be to tag it in such a way that we only run this scenario at release time. OTOH that is generally too late for actually doing something about it (it’s not as bad for RCs, but bad still).
In fact, even the current manual test is too late. Really this (sanity) check should be done in the release process before the image is built in addition to being part of the Release Manager role, e.g. to check with the Tor people what their release schedule is for the two weeks before the release. That way we will only have to deal with emergency Tor releases on short notice. Actually, it’s similar and highly related to the Tor Browser, since we generally can expect a new version of that one at the same time. Checking the Tor version should be dine in the exact same way, I think.
Parent Task: #10250