security bugs not marked in dependency tree




16 years ago
12 years ago


(Reporter: myk, Unassigned)





16 years ago
dependency trees don't show you which bugs are secure.  that would be useful
information to know when making judgements about what bugs to work on from a
list.  at the same time, resolved bugs are both lined out and background-shaded.
 we should just line them out and use background shading to indicate security
status per bug lists.

Comment 1

16 years ago
Additionally, dependency trees omit bugs that you don't have access to.

For example, the '1.2 not suck bug' (bug 174647) is dependent on a set of
security bugs (159450 and 161357, for example).  I can see them in the depends
on list, but not the dependency tree.

I see no reason that they shouldn't appear in the tree (minus the description,
The User Interface component now belongs to Gerv.  Reassigning all UNCONFIRMED
and NEW (but not ASSIGNED) bugs currently owned by Myk (the previous component
owner) to Gerv.
Assignee: myk → gerv
Reassigning back to Myk.  That stuff about Gerv taking over the User Interface
component turned out to be short-lived.  Please pardon our confusion, and I'm
very sorry about the spam.
Assignee: gerv → myk

Comment 4

15 years ago
Secured bugs shouldn't appear in the list or the tree.
Severity: normal → trivial
Target Milestone: --- → Bugzilla 2.22

Comment 5

14 years ago
Unless the user viewing the tree is allowed to, right?


13 years ago
QA Contact: mattyt-bugzilla → default-qa
Target Milestone: Bugzilla 2.22 → ---

Comment 6

13 years ago
No, they should definitely appear in all cases; otherwise the people looking at the bug cannot tell that something is happening to fix it. If there is a list that the bug depends on then the user knows the bug is being worked on.

The summary of the bug should be displayed as something to the effect of "unauthorized to view"


12 years ago
Assignee: myk → ui
You need to log in before you can comment on or make changes to this bug.