We will need additional information to complete this task outlined here: https://wiki.mozilla.org/BMO/Requesting_Changes#Products dkl
After this product is created, we'll need to move bugs from legal/privacy, and then probably retire that component of the legal product. We'd also like help producing bugzilla forms like https://bugzilla.mozilla.org/enter_bug.cgi?product=mozilla.org&format=itrequest for two of these components (privacy review and data release proposal). I suspect that those will need separate bugs, but guidance would be appreciated. Group: Other Versions & milestones: none Security: halp plz Description: > Privacy and policy, including privacy reviews, data data release proposals, and modifications > to privacy policies. Bugs and feature requests in software should be filed against those > products. https://wiki.mozilla.org/Privacy https://mozilla.org/privacy Component: Privacy review Description: Privacy reviews for vendors, events, surveys, products, and more! See https://wiki.mozilla.org/Privacy/How_To/Privacy_Review for guidance. Component: Data release proposal Description: Have some data that you want to release to the world at large? Let us help you make it safe. Please use [this form] to submit data release proposals. Component: Privacy policies Description: Problems, changes, and updates for Mozilla's privacy policies. Component: Other Description: Need something from the privacy team that's not covered by another component?
OS: Linux → All
(In reply to Tom Lowenthal [:StrangeCharm] from comment #2) > We'd also like help producing bugzilla forms like > https://bugzilla.mozilla.org/enter_bug.cgi?product=mozilla. > org&format=itrequest for two of these components (privacy review and data > release proposal). I suspect that those will need separate bugs, but > guidance would be appreciated. yes, we'll need separate bugs for each form. just describe what you want the form to collect and how it should look. we'll put it up on our staging environment for you to test and work through issues before it goes live. > Group: Other > Security: halp plz will bugs in the privacy product have the same attorney-client confidential requirements that currently exist for the legal product? is there a requirement for public bugs, or should all bugs in the product be forced to be confidential? who should have access to the bugs (is there an existing group we can use)? > Component: Other > Description: Need something from the privacy team that's not covered by > another component? to match with existing products, we should call this "General" not "Other" :)
Some of the bugs in the privacy product with have these same confidentiality requirements, but many of them should be public. In particular, all bugs in the Data release proposal component should be secret forever. I don't think that there's an existing bugzilla group. I suggest creating a new one and calling it `privacy` (and `privacy-team`). It should have the following members as <name - bugmail> : Tom Lowenthal - email@example.com Alex Fowler - firstname.lastname@example.org Alina Hua - email@example.com Stacy Martin - firstname.lastname@example.org Jishnu Menon - email@example.com Harvey Anderson -firstname.lastname@example.org David Ascher - email@example.com Michael Coates - firstname.lastname@example.org I presume that we can file bugs later to add more people to the `privacy-team` group?
(In reply to Tom Lowenthal [:StrangeCharm] from comment #4) > Some of the bugs in the privacy product with have these same confidentiality > requirements, but many of them should be public. In particular, all bugs in > the Data release proposal component should be secret forever. unfortunately bugzilla doesn't allow per-component _enforcement_ of groups, so you'll have to manually ensure bugs in that component are confidential. if someone uses the form we'll create in bug 764459, this will automatically happen. > I presume that we can file bugs later to add more people to the `privacy-team` group? yes, and we can also grant the ability for you/someone to edit the group membership directly.
Assignee: nobody → glob
Status: NEW → ASSIGNED
i've added the product and group, and committed the code changes required to make it work: Committing to: bzr+ssh://email@example.com/bmo/4.0/ modified extensions/BMO/lib/Data.pm Committed revision 8213. Committing to: bzr+ssh://firstname.lastname@example.org/bmo/4.2/ modified extensions/BMO/lib/Data.pm Committed revision 8203. the product is currently closed for bug entry, pending these changes being pushed live, which will happen late wednesday/early thursday, which gives us time to complete the 'data release' form. with regards to moving bugs from legal/privacy; so you want us to do this in bulk to a single component? this won't trigger bugmail. as the bugs will be moving from a private-by-default product to one which is public-by-default, so we'll have to ensure the bugs are added to the 'privacy' group at the same time they are moved.
(In reply to Byron Jones ‹:glob› from comment #6) > the product is currently closed for bug entry, pending these changes being > pushed live, which will happen late wednesday/early thursday, which gives us > time to complete the 'data release' form. the privacy product is now open for bug entry.
I'd like to change the default assignee for each of these components: Vendor review: assigned to email@example.com Privacy review: assigned to firstname.lastname@example.org Data release proposal: assigned to email@example.com Privacy policies: assigned to firstname.lastname@example.org Other: assigned to email@example.com --- What should I do to get started on moving all the Legal/Privacy bugs to this component without compromising their confidentiality?
Bryon - Actually, please assign the default assignee for Privacy Policies to me: firstname.lastname@example.org Thanks, Alina
(In reply to Tom Lowenthal [:StrangeCharm] from comment #8) > I'd like to change the default assignee for each of these components: done > What should I do to get started on moving all the Legal/Privacy bugs to this > component without compromising their confidentiality? you have two options: 1. move the bugs using the bugzilla ui. this gives you complete control over the move, and will allow you to ensure the groups are kept or removed as required. depending on how many bugs you need to move, this may be painful. 2. we can write code and/or run a script to move the bugs for you. using this method we'll have the ability to move bugs without triggering bugmail. our existing scripts operate at a component level, and don't currently support editing a bug's group at the same time it is moved (although this can be added).
Tom - Do we have a way of making sure the vendor reviews remain private bugs?
I think that the best way to avoid messing things up is to do it bug-by-bug, manually. I'll send out an email to that effect.
Status: ASSIGNED → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.