Closed
Bug 1278398
Opened 10 years ago
Closed 8 years ago
Enable "Due Date" field for all websites, web services, infrastructure(webops, netops, etc), infosec bugs (all components)
Categories
(bugzilla.mozilla.org :: Administration, task)
Tracking
()
RESOLVED
INCOMPLETE
People
(Reporter: amuntner, Assigned: dkl)
Details
Infosec would like to use "Due Date" to track an assigned fix-by date as part of our new bug tracking procedure. This will let us keep the process inside Bugzilla, avoiding reliance on external calendaring etc tools.
"Due Date" is only enabled for some product categories, not all. I'm requesting that they are enabled for all components of the following product categories:
all websites(everything in cloud services, blog, any product that is a website)
web services (fxa, sync, hello/loop, any web service)
infrastructure(webops, netops, etc)
infosec bugs
Thank you
| Reporter | ||
Updated•10 years ago
|
Flags: needinfo?(amuntner)
| Reporter | ||
Updated•10 years ago
|
Flags: needinfo?(amuntner)
| Assignee | ||
Comment 1•10 years ago
|
||
do you mind providing an exact list of BMO products for us? this will make it easier for us to implement. you can also limit it to certain components within a product. currently the list is:
"bugzilla.mozilla.org" => [],
"Community Building" => [],
"Data & BI Services Team" => [],
"Data Compliance" => [],
"Developer Engagement" => [],
"Infrastructure & Operations" => [],
"Marketing" => [],
"mozilla.org" => ["Security Assurance: Review Request"],
"Mozilla Metrics" => [],
"Mozilla PR" => [],
"Mozilla Reps" => [],
Thanks
dkl
Flags: needinfo?(amuntner)
| Reporter | ||
Comment 2•10 years ago
|
||
I'm not sure how to answer the question. I have seen security bugs in every single one of these products.
We have about 3000 websites and I don't have a complete list, there is none yet.
I'm pretty sure BMO already has Due Date.
Flags: needinfo?(amuntner)
| Assignee | ||
Comment 3•10 years ago
|
||
(In reply to Adam Muntner [:adamm] (use NEEDINFO) from comment #2)
> I'm not sure how to answer the question. I have seen security bugs in every
> single one of these products.
> We have about 3000 websites and I don't have a complete list, there is none
> yet.
>
> I'm pretty sure BMO already has Due Date.
Yes the BMO product has the due date field. But unfortunately it is not simple as enabling it globally for all products without getting approval from the product owners. I suppose I could get a list of all components in the database which end in (.org|.com) for a start but I am not sure that will catch everything you are interested in.
dkl
| Assignee | ||
Comment 4•10 years ago
|
||
(In reply to David Lawrence [:dkl] from comment #3)
> Yes the BMO product has the due date field. But unfortunately it is not
> simple as enabling it globally for all products without getting approval
> from the product owners. I suppose I could get a list of all components in
> the database which end in (.org|.com) for a start but I am not sure that
> will catch everything you are interested in.
>
> dkl
This is the current list of *(.org|.com) component names
product component
---------------------------
Bugzilla bugzilla.org
Developer Services Mercurial: hg.mozilla.org
Firefox Affiliates Graveyard affiliates.mozilla.org
Firefox Friends friends.mozilla.org
Instantbird Servers addons.instantbird.org
Instantbird Servers blog.instantbird.com
Instantbird Servers buildbot.instantbird.org
Instantbird Servers crash-stats.instantbird.com
Instantbird Servers hg.instantbird.org
Instantbird Servers update.instantbird.org
Instantbird Servers wiki.instantbird.org
Instantbird Servers www.instantbird.com
L20n L20n.org
Mozilla Metrics downloadstats.mozilla.com
Mozilla Reps reps.mozilla.org
Webmaker webmaker.org
Webmaker welcome.webmaker.org
Websites activations.mozilla.org
Websites air.mozilla.com
Websites bespinplugins.mozillalabs.com
Websites blog.mozilla.org
Websites browserchoice.mozilla.com
Websites careers.mozilla.org
Websites communitystore.mozilla.org
Websites creative.mozilla.org
Websites demos.mozilla.org
Websites detodosparatodos.org
Websites donate.mozilla.org
Websites downloadstats.mozilla.com
Websites feeds.mozilla.com
Websites firefoxgarden.org
Websites gear.mozilla.org
Websites getfirebug.com
Websites glow.mozilla.org
Websites inform.mozilla.org
Websites intlstore.mozilla.org
Websites learningfreedomandtheweb.org
Websites markup.mozilla.org
Websites mobilepartners.mozilla.org
Websites mozillalabs.com
Websites openbadges.org
Websites other.mozilla.org
Websites planet.mozilla.org
Websites plugins.mozilla.org
Websites spark.mozilla.org
Websites store.mozilla.org
Websites studentreps.mozilla.org
Websites tools.mozilla.com
Websites webifyme.org
Websites website-archive.mozilla.org
Websites wiki.mozilla.org
Websites workshop.mozilla.org
Websites www.mozilla-japan.org
Websites www.mozillaonline.com
Websites www.seamonkey-project.org
Do we want to start with that?
dkl
Flags: needinfo?(amuntner)
| Assignee | ||
Comment 5•10 years ago
|
||
(In reply to David Lawrence [:dkl] from comment #4)
> Do we want to start with that?
Also if you could compile a list of components in the web services, infrastructure(webops, netops, etc), and infosec categories, we can add those to the list as well.
dkl
| Reporter | ||
Comment 6•9 years ago
|
||
Product: Add-on SDK, addons.mozilla.org, addons.mozilla.org Graveyard, Air Mozilla, AUS, Bugzilla, bugzilla.mozilla.org, Calendar, CCK, Cloud Services, Cloud Services Graveyard, Community Building, Composer, Content Services, Core Graveyard, Data & BI Services Team, Data & BI Services Team Graveyard, Data Compliance, Datazilla, Derivatives, Developer Documentation, Developer Ecosystem, Developer Engagement, Developer Services, Documentation, Enterprise Information Security, Enterprise Information Security Graveyard, Extend Firefox Graveyard, Firefox Health Report, Firefox Health Report Graveyard, Focus, FSA, Grendel, Hello (Loop), Infrastructure & Operations, Infrastructure & Operations Graveyard, Input, Instantbird Servers, Intellego, Internet Public Policy, Invalid Bugs, L20n, Localization Infrastructure and Tools, MailNews Core Graveyard, Marketing, Marketplace, Minimo, Mozilla Corporation, Mozilla Developer Network, Mozilla Foundation, Mozilla Foundation Communications, Mozilla Grants, Mozilla Labs, Mozilla Labs Graveyard, Mozilla Localizations, Mozilla Localizations Graveyard, Mozilla Messaging, Mozilla Metrics, Mozilla QA, Mozilla QA Graveyard, Mozilla Reps, mozilla.org, mozilla.org Graveyard, MozillaClassic, mozillaignite, MozReview, Other Applications, Other Applications Graveyard, Pancake, Participation Infrastructure, Penelope, Petri, Plugin Check, Plugins Graveyard, Powertool, Privacy, quality.mozilla.org, SeaMonkey, Servo, Shield, Skywriter, Snippets, Socorro, Socorro Graveyard, support.mozilla.org, support.mozilla.org Graveyard, support.mozillamessaging.com Graveyard, Taskcluster, Tech Evangelism, Tech Evangelism Graveyard, Testing Graveyard, Testopia, Thunderbird, Toolkit Graveyard, Tracking, Tree Management, Tree Management Graveyard, Untriaged Bugs, Web Apps, Web Compatibility, Webmaker, Websites, Websites Graveyard, Webtools, Webtools Graveyard, www.mozilla.org Classification: Client Software, Server Software, Other, Graveyard
That should be it. Thanks David!
Flags: needinfo?(amuntner)
| Assignee | ||
Updated•9 years ago
|
Assignee: nobody → dkl
Status: NEW → ASSIGNED
| Assignee | ||
Comment 7•9 years ago
|
||
To https://github.com/mozilla-bteam/bmo.git
3442a95..d3da04e master -> master
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
| Assignee | ||
Comment 8•9 years ago
|
||
Reopening as we got some kickback on enabling the due date field on certain products. I would need to go to each of the product owners and get some kind of approval before pushing this large list. Unless we can shrink it down somewhat.
Another idea for thought is to create a tracking bug in your own product, set a due date on it instead, and then set the security bug as a dependency. Would that work?
dkl
Status: RESOLVED → REOPENED
Flags: needinfo?(amuntner)
Resolution: FIXED → ---
| Assignee | ||
Comment 9•9 years ago
|
||
This change was pushed live today.
dkl
| Assignee | ||
Comment 10•9 years ago
|
||
(In reply to David Lawrence [:dkl] from comment #8)
> Reopening as we got some kickback on enabling the due date field on certain
> products. I would need to go to each of the product owners and get some kind
> of approval before pushing this large list. Unless we can shrink it down
> somewhat.
>
> Another idea for thought is to create a tracking bug in your own product,
> set a due date on it instead, and then set the security bug as a dependency.
> Would that work?
>
> dkl
ping. Do we need to do anything else for this bug?
dkl
Comment 11•8 years ago
|
||
No movement on this bug, and having the due date on a product requires consent of the appropriate module peer / owner / someone with authority.
Status: REOPENED → RESOLVED
Closed: 9 years ago → 8 years ago
Resolution: --- → INCOMPLETE
Updated•8 years ago
|
Flags: needinfo?(amuntner)
You need to log in
before you can comment on or make changes to this bug.
Description
•