User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0 As mentioned in Bug 540 we need the ability to delete comments by a user sufficiently empowered (new permission candeletecomments). This is sometimes nessesary to be done by an administrator if the comment contains confidential information. Reproducible: Always
I just wanted to note here that currently the best way to deal with this is to make the comment private.
OS: Linux → All
Hardware: PC → All
Did you read bug 540 comment 30 and bug 540 comment 31 ? The moment confidential information has been published, a risk is created, which can´t be reduced to zero, doesn´t matter if the comment is deleted or the bug is made a security bug, visible only to a few. Make the bug private, but don´t delete/manipulate history, in the long term, there is no gain in doing this.
Apart from the issue of confidential information, sometimes a bug report gets so cluttered with advocacy or other useless information that it becomes nearly unreadable (for example, bug 915). Being able to delete these posts would make it easier to focus on comments that actually contained useful information for fixing the bug, and might discourage further advocacy comments (and thus bug SPAM). To allay fears that the ability to delete comments would be abused, perhaps we could merely hide the selected comments by default, and provide a 'Show deleted/hidden comments' button to make them visible.
(In reply to comment #3) > Apart from the issue of confidential information, sometimes a bug report gets > so cluttered with advocacy or other useless information that it becomes nearly > unreadable (for example, bug 915). Yeah -- we actually have an even better solution for that, which is to allow the assignee to mark certain comments as being very relevant and interesting, and then they'll show up in a different color. I can't find the bug number for it, though...
Taking! Independently of what bug 540 will do, I plan to add a checkbox per comment allowing administrators to delete comments are replace their content with a generic "This comment has been deleted by an administrator" We have to separate comment deletion from marking comments as private, to fix the edge case encountered in bug 346086.
Assignee: administration → LpSolit
No longer depends on: 540
Target Milestone: --- → Bugzilla 3.0
This bug is retargetted to Bugzilla 3.2 for one of the following reasons: - it has no assignee (except the default one) - we don't expect someone to fix it in the next two weeks (i.e. before we freeze the trunk to prepare Bugzilla 3.0 RC1) - it's not a blocker If you are working on this bug and you think you will be able to submit a patch in the next two weeks, retarget this bug to 3.0. If this bug is something you would like to see implemented in 3.0 but you are not a developer or you don't think you will be able to fix this bug yourself in the next two weeks, please *do not* retarget this bug. If you think this bug should absolutely be fixed before we release 3.0, either ask on IRC or use the "blocking3.0 flag".
Target Milestone: Bugzilla 3.0 → Bugzilla 3.2
An idea: Bugzilla could record the number of times each user has had one of his or her comments deleted. If a user reaches a certain amount of deleted comments, a certain amount in a given time period, or a certain percentage of comments deleted, his account could be temporarily disable or he could be sent a warning message. This would be really useful on b.m.o due to the huge number of "u suck, fix this now!" comments, as well as well-meaning-but-clueless users. Plus, getting an automated message politely explaining about cluttered bug reports and bug spam is less personal and more likely to be well-received than being told by the developers or QA teams, to which the user often responds "Why are you so arrogant? I'm just trying to help!"
(In reply to comment #7) > An idea: Bugzilla could record the number of times each user has had one of his > or her comments deleted. No, that's not something I want to see implemented. That's also not the goal of this feature. As described in comment 0, we want the ability to delete some comments if they contain confidential data, nothing else. We don't need such a feature to disable user accounts.
Bugzilla 3.2 is now frozen. Only enhancements blocking 3.2 or specifically approved for 3.2 may be checked in to the 3.2 branch. If you would like to nominate your enhancement for Bugzilla 3.2, set the "blocking3.2" flag to "?". Then, either the target milestone will be changed back, or the blocking3.2 flag will be granted, if we will accept this enhancement for Bugzilla 3.2. This particular bug has not been touched in over eight months, and thus is being retargeted to "---" instead of "Bugzilla 4.0". If you believe this is a mistake, feel free to retarget it to Bugzilla 4.0.
Target Milestone: Bugzilla 4.0 → ---
In response to comment#3 by James; I agree with your point and this is why I suggested bug#532474 originally. My thought is that instead of having one person manually prune irrelevant comments that the community could decide this collectively by using up/down style votes as is becoming popular on many sites. The idea would be that comments with a negative total vote would be collapsed by default based on a user preference setting. Aside from voting implementing bug#532457 would at least make it easier to remove irrelevant comments from site on an individual basis. In my opinion this is just a weak form of up/down voting since your decision on whether the comment is useful is not made useful to the rest of the community hence causing more effort to be expended by the group in the long run which seems counter to the goal of Bugzilla simplifying documenting defects and features in a collaborative fashion. Nonetheless remember collapsed/expanded state for comments would still be useful in the absence of the feature requested by bug#532474.
Summary: Need the ability to delete comments → Need the ability to delete comments (allow comment deletion)
+1 to this feature request. I just managed to enter sensitive information into a bugtracker, accidentally. Making it private and/or moving it into some "security" component may be a good and quick workaround as long as Google cache cannot reuse the content for more than a short while. I do not know the capturing algorithm of Google Cache, however.
Is this fixed yet ?
Oh no... it isn't >:" COMMONNNNN!
2 years ago
Duplicate of this bug: 1396329
+1 for this feature request. We've just started using Bugzilla v5.03 for tracking bugs/issues in our own software and it's been quite helpful - thank you! One of our developers accidentally added a comment to the wrong bug. I.e. not confidential information or anything like that, just a simple mistake. He realized immediately, but could not delete his own comment. As our Bugzilla administrator, I went in and deleted the comment from the database. Example commands: - Connects to the Bugzilla Database 'mysql -u root -pxxxxxxxx bugs' - Lists the comments attached to your bug 'select * from longdescs where bug_id = 338;' - Delete the comment you want to delete using its identifier 'delete from longdescs where comment_id = 519 Suggestion: Allow users to delete/edit their own comments. Thanks, Tristan.
Comment editing is coming soon (Bug 540 is almost fixed), but the ability for users to delete comments is still desirable if it can be properly added. I am trying to get this incorporated into b.m.o (Bug 1396329), in which case it could be subsequently included in Bugzilla.
You need to log in before you can comment on or make changes to this bug.