Closed Bug 1278398 Opened 10 years ago Closed 8 years ago

Enable "Due Date" field for all websites, web services, infrastructure(webops, netops, etc), infosec bugs (all components)

Categories

(bugzilla.mozilla.org :: Administration, task)

Production
task
Not set
normal

Tracking

()

RESOLVED INCOMPLETE

People

(Reporter: amuntner, Assigned: dkl)

Details

Infosec would like to use "Due Date" to track an assigned fix-by date as part of our new bug tracking procedure. This will let us keep the process inside Bugzilla, avoiding reliance on external calendaring etc tools. "Due Date" is only enabled for some product categories, not all. I'm requesting that they are enabled for all components of the following product categories: all websites(everything in cloud services, blog, any product that is a website) web services (fxa, sync, hello/loop, any web service) infrastructure(webops, netops, etc) infosec bugs Thank you
Flags: needinfo?(amuntner)
Flags: needinfo?(amuntner)
do you mind providing an exact list of BMO products for us? this will make it easier for us to implement. you can also limit it to certain components within a product. currently the list is: "bugzilla.mozilla.org" => [], "Community Building" => [], "Data & BI Services Team" => [], "Data Compliance" => [], "Developer Engagement" => [], "Infrastructure & Operations" => [], "Marketing" => [], "mozilla.org" => ["Security Assurance: Review Request"], "Mozilla Metrics" => [], "Mozilla PR" => [], "Mozilla Reps" => [], Thanks dkl
Flags: needinfo?(amuntner)
I'm not sure how to answer the question. I have seen security bugs in every single one of these products. We have about 3000 websites and I don't have a complete list, there is none yet. I'm pretty sure BMO already has Due Date.
Flags: needinfo?(amuntner)
(In reply to Adam Muntner [:adamm] (use NEEDINFO) from comment #2) > I'm not sure how to answer the question. I have seen security bugs in every > single one of these products. > We have about 3000 websites and I don't have a complete list, there is none > yet. > > I'm pretty sure BMO already has Due Date. Yes the BMO product has the due date field. But unfortunately it is not simple as enabling it globally for all products without getting approval from the product owners. I suppose I could get a list of all components in the database which end in (.org|.com) for a start but I am not sure that will catch everything you are interested in. dkl
(In reply to David Lawrence [:dkl] from comment #3) > Yes the BMO product has the due date field. But unfortunately it is not > simple as enabling it globally for all products without getting approval > from the product owners. I suppose I could get a list of all components in > the database which end in (.org|.com) for a start but I am not sure that > will catch everything you are interested in. > > dkl This is the current list of *(.org|.com) component names product component --------------------------- Bugzilla bugzilla.org Developer Services Mercurial: hg.mozilla.org Firefox Affiliates Graveyard affiliates.mozilla.org Firefox Friends friends.mozilla.org Instantbird Servers addons.instantbird.org Instantbird Servers blog.instantbird.com Instantbird Servers buildbot.instantbird.org Instantbird Servers crash-stats.instantbird.com Instantbird Servers hg.instantbird.org Instantbird Servers update.instantbird.org Instantbird Servers wiki.instantbird.org Instantbird Servers www.instantbird.com L20n L20n.org Mozilla Metrics downloadstats.mozilla.com Mozilla Reps reps.mozilla.org Webmaker webmaker.org Webmaker welcome.webmaker.org Websites activations.mozilla.org Websites air.mozilla.com Websites bespinplugins.mozillalabs.com Websites blog.mozilla.org Websites browserchoice.mozilla.com Websites careers.mozilla.org Websites communitystore.mozilla.org Websites creative.mozilla.org Websites demos.mozilla.org Websites detodosparatodos.org Websites donate.mozilla.org Websites downloadstats.mozilla.com Websites feeds.mozilla.com Websites firefoxgarden.org Websites gear.mozilla.org Websites getfirebug.com Websites glow.mozilla.org Websites inform.mozilla.org Websites intlstore.mozilla.org Websites learningfreedomandtheweb.org Websites markup.mozilla.org Websites mobilepartners.mozilla.org Websites mozillalabs.com Websites openbadges.org Websites other.mozilla.org Websites planet.mozilla.org Websites plugins.mozilla.org Websites spark.mozilla.org Websites store.mozilla.org Websites studentreps.mozilla.org Websites tools.mozilla.com Websites webifyme.org Websites website-archive.mozilla.org Websites wiki.mozilla.org Websites workshop.mozilla.org Websites www.mozilla-japan.org Websites www.mozillaonline.com Websites www.seamonkey-project.org Do we want to start with that? dkl
Flags: needinfo?(amuntner)
(In reply to David Lawrence [:dkl] from comment #4) > Do we want to start with that? Also if you could compile a list of components in the web services, infrastructure(webops, netops, etc), and infosec categories, we can add those to the list as well. dkl
Product: Add-on SDK, addons.mozilla.org, addons.mozilla.org Graveyard, Air Mozilla, AUS, Bugzilla, bugzilla.mozilla.org, Calendar, CCK, Cloud Services, Cloud Services Graveyard, Community Building, Composer, Content Services, Core Graveyard, Data & BI Services Team, Data & BI Services Team Graveyard, Data Compliance, Datazilla, Derivatives, Developer Documentation, Developer Ecosystem, Developer Engagement, Developer Services, Documentation, Enterprise Information Security, Enterprise Information Security Graveyard, Extend Firefox Graveyard, Firefox Health Report, Firefox Health Report Graveyard, Focus, FSA, Grendel, Hello (Loop), Infrastructure & Operations, Infrastructure & Operations Graveyard, Input, Instantbird Servers, Intellego, Internet Public Policy, Invalid Bugs, L20n, Localization Infrastructure and Tools, MailNews Core Graveyard, Marketing, Marketplace, Minimo, Mozilla Corporation, Mozilla Developer Network, Mozilla Foundation, Mozilla Foundation Communications, Mozilla Grants, Mozilla Labs, Mozilla Labs Graveyard, Mozilla Localizations, Mozilla Localizations Graveyard, Mozilla Messaging, Mozilla Metrics, Mozilla QA, Mozilla QA Graveyard, Mozilla Reps, mozilla.org, mozilla.org Graveyard, MozillaClassic, mozillaignite, MozReview, Other Applications, Other Applications Graveyard, Pancake, Participation Infrastructure, Penelope, Petri, Plugin Check, Plugins Graveyard, Powertool, Privacy, quality.mozilla.org, SeaMonkey, Servo, Shield, Skywriter, Snippets, Socorro, Socorro Graveyard, support.mozilla.org, support.mozilla.org Graveyard, support.mozillamessaging.com Graveyard, Taskcluster, Tech Evangelism, Tech Evangelism Graveyard, Testing Graveyard, Testopia, Thunderbird, Toolkit Graveyard, Tracking, Tree Management, Tree Management Graveyard, Untriaged Bugs, Web Apps, Web Compatibility, Webmaker, Websites, Websites Graveyard, Webtools, Webtools Graveyard, www.mozilla.org Classification: Client Software, Server Software, Other, Graveyard That should be it. Thanks David!
Flags: needinfo?(amuntner)
Assignee: nobody → dkl
Status: NEW → ASSIGNED
To https://github.com/mozilla-bteam/bmo.git 3442a95..d3da04e master -> master
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Reopening as we got some kickback on enabling the due date field on certain products. I would need to go to each of the product owners and get some kind of approval before pushing this large list. Unless we can shrink it down somewhat. Another idea for thought is to create a tracking bug in your own product, set a due date on it instead, and then set the security bug as a dependency. Would that work? dkl
Status: RESOLVED → REOPENED
Flags: needinfo?(amuntner)
Resolution: FIXED → ---
This change was pushed live today. dkl
(In reply to David Lawrence [:dkl] from comment #8) > Reopening as we got some kickback on enabling the due date field on certain > products. I would need to go to each of the product owners and get some kind > of approval before pushing this large list. Unless we can shrink it down > somewhat. > > Another idea for thought is to create a tracking bug in your own product, > set a due date on it instead, and then set the security bug as a dependency. > Would that work? > > dkl ping. Do we need to do anything else for this bug? dkl
No movement on this bug, and having the due date on a product requires consent of the appropriate module peer / owner / someone with authority.
Status: REOPENED → RESOLVED
Closed: 9 years ago8 years ago
Resolution: --- → INCOMPLETE
Flags: needinfo?(amuntner)
You need to log in before you can comment on or make changes to this bug.