Let's figure out why and make sure it doesn't happen again.
It looks like maybe someone rebased and force-pushed to master in the foundation-security-advisories repo. Do you know if that's the case Al? Doing a rebase or amending a commit that already exists in master will mess up anyone else that has the repo cloned, including the production server. Assuming this was the issue, we should be able to just not do that again. There's not much I can do about this. Doing a force-push to master will break everything. If things are broken, you just need to fix it in a new commit and push that. If that didn't happen, then we need to do some more research.
While looking at things locally, I saved (but did not commit) a change to -91. I discarded the change and rolled back to the previous commit from the repo. This was *after* -90 and -91 were not showing up on the live site. I did fix -90 not showing by removing a linefeed from the metadata for the title (before I did any other changes) and pushed it, causing -90 to appear. After that I edited -91, realized I'd saved a bad change locally, and rolled my repo back to discard the change in -91. None of those changes were ever committed to github and only occurred after -91 wasn't appearing in the first place, so that would not explain why -91 never appeared on Monday morning. I don't know if a local discard by rolling the local repo back to discard changes would somehow rebase things. I didn't do do any commits except the one that fixed -90 after my initial advisory checkin. My log only shows two commits: commit c7aa17d119319e3f5e554c6581357d00475aa860 Author: Al Billings <albill@AlRetina.local> Date: Mon Dec 1 09:16:33 2014 -0800 Fixing line wrap in title in -90 commit 20c30fd00714dc46ec87e7a53a093479c260e611 Author: Al Billings <albill@AlRetina.local> Date: Mon Dec 1 08:40:57 2014 -0800 Firefox 34.0.5 security advisories So I don't think I'm the one that rebased and force-pushed to master.
I'm not sure either. I don't have the repo as it existed before and after the change, and I don't think there's any push log I can inspect from github. Some kind of a thing that changed SHAs and a force push was my only guess, but it could be something else. I'll keep looking. Thanks for the info.
I'm not really able to further diagnose this until/unless it happens again. Closing this for now, but we should reopen if/when we see this again.
Happened again, but I think we've figured it out. Hopefully this new PR will fix it.  https://github.com/mozilla/bedrock/pull/2649
Commits pushed to master at https://github.com/mozilla/bedrock https://github.com/mozilla/bedrock/commit/face84ea09b7beaecd766832d74ab9c62e219c1e Fix bug 1106845: Move security advisories repo outside of bedrock repo. https://github.com/mozilla/bedrock/commit/12630241710e87f3206c8f3b1a2ebb347e5abd2b Merge pull request #2649 from pmclanahan/move-security-advisories-repo-deployment Fix bug 1106845: Move security advisories repo outside of bedrock repo.
I believe this is fixed, and we should see the new advisories on the site in the next ~15 min.
Hey! It worked! https://www.mozilla.org/en-US/security/advisories/