Bugzilla.mozilla.org is upgrading to Bugzilla version 4.0.
Read the Release Notes
Major Mozilla-specific customizations:
- Integration of the Splinter Code Review system
- Ability for Bugzilla to always encrypt emails (PGP/SMIME)
- New users and first time contributors are identified
- Ability to watch components and products as well as users
Future dates are estimates and subject to change
||14 March 2011
|28 March 2011
|Verification of BMO customizations
|11 April 2011
|Final checks, sign offs and announcements of change over.
|23 April 2011
|Saturday as to not disrupt normal business
List of requirements the project must meet to before final release.
The following BMO customizations must be present and working properly. Some of these are specific to BMO and some are already in the upstream but not in the 4.0 release. These changes are part of the core Bugzilla code. The new BMO extension specific requirements will be listed after.
- Retiring of old components, versions, and milestones
- upstream bug 77193, FIXED in 4.2
- testing in test_bmo_retire_values.t
- Passwords require 8 or more characters
- Strict-Transport-Security header validity increased from one week to one month
- Admin options added for specifying/requiring password complexity in various forms
- 'bug_check_groups' hook added to Bugzilla::Bug to make it always possible to file bugs in certain groups.
- New group 'bz_quip_moderators' added which can moderate quips. No longer just admin.
- Users having admin permissions (instead of editbugs) may bless all groups as well as edit all users.
- enter_bug.cgi automatically uses the 'guided' format for users not in the 'canconfirm' group.
- enter_bug.cgi must show the pretty product chooser instead of the the standard product list.
- Various redirects and rewrite rules need to function properly in the .htaccess file.
- The bug query results uses the sorttable.js framework to allow client side column sorting. Changes were needed to the table.html.tmpl template for this to work.
- Display work email address instead of login name on the login forms.
- New hook called 'patch_notes' added to attachment/createformcontents.html.tmpl to display additional instructions for patch type attachments.
- New hook called 'comment_banner' added to bug/comments.html.tmpl.
- Some textual changes have been made to the create-guided.html.tmpl simple bug entry form.
- The status_whiteboard field can have a value added in the enter_bug.cgi page.
- 'Last Comment' shortcut link added to the top of the show_bug.cgi page.
- Instead of completely blocking unsafe URLs in the bug_file_loc field, BMO throws a warning alerting the user that the URL may not be safe.
- Various fields in show_bug.cgi have been moved to different locations.
- Additional template code has been added to bug/field.html.tmpl to filter out certain fields/values based on user permissions.
- Added (take) link to show_bug.cgi to allow quickly assigning the bug to the user.
- Various templates use cf_hidden_in_product() to filter out custom fields based on the bug's current product (bug/show-multile.html.tmpl, bug/show.xml.tmpl)
- Text added to email notifications to not reply to the email and to make any comments in the bug itself.
- New term variable called terms.BugzillaTitle to be used in header.html.tmpl instead of terms.Bugzilla.
- Image of chomping Mozilla on the server push page when waiting for bug results (server-push).
- "denied" flags changed to "not granted" in request/email.txt.tmpl
- Alternative explanation of WORKSFORME resolution in pages/fields.html.tmpl
- different permissions on htdocs root (0755 instead of DIR_WS_SERVE)
- webserver allowed access to .bzr for bzr history function
- to_user exposed to email/change-old.txt.tmpl for securemail
- bz_canusewhines group used instead of admin in chart.cgi
- bug fix related to displaying products on full product chooser grouped by classification in enter_bug.cgi
- FollowSymLinks enabled in mod_perl.pl
- resolutions hook added to pages/fields.html.tmpl
- EXPIRED resolution hidden from all users except gerv in list/edit-multiple.html.tmpl
- bug/edit.html.tmpl changes:
- class on #bz_show_bug_column_2 changed from bz_show_bug_column to bz_show_bug_column_table
- assigned_to editable field hidden by default
- cc list displayed to logged in users
- custom fields are hidden for anon sessions if they don't have a value set
- custom fields are hidden if they are hidden in the product
BMO Extension Requirements
- Several custom bug entry templates to aid internal Mozilla processes.
- Customization to allow the bug entry templates to use check_can_change_field to see if various field values should be available to the current user.
- Restrict content types attachable by non-privileged people.
- Alter quicksearch to help with searching for bugs using custom blocking fields.
- Auto-linkification of special text in bug comments.
- Hooks into check_can_change_field to filter out custom fields and their values.
- CC certain email addresses on bugmail when a bug is added or removed from a particular group.
- Changes to enable correct sorting of list table, matched to changes in list/table.html.tmpl
- Custom create new Bugzilla account page which provides additional information related to BMO.
- Pretty product chooser.
- Custom server-push template showing the Mozilla lizard animation.
- Several custom page templates providing additional documentation specific to BMO.
- Custom search plugin for Firefox.
- Add additional mimetypes to the attachment entry form.
- Add patch note to attachment form outlining the patch submission and approval process.
- Add disclaimer for bug comments made against the 'Legal' product.
- Add secure bug checkbox to the expert and guided bug entry form.
- Add pretty product chooser user preference.
- Add additional links from the index home page to other pages documenting etiquette, bug writing guidelines, and other help.
- Add INCOMPLETE resolution description to the fields description page.
Other Extension Requirements
- Users can upload their public GPG key or SMIME certificate using a form in the Bugzilla user preferences.
- If a bug that is marked to any specific security groups sends an email notification, the email is encrypted with each user's public key.
- The user can then decrypt the message using their private key through their email client.
- Also user's who request their password to be changed who are members of specific security groups, the email with the change token will be encrypted as well.
- This extension uses magic to guess MIME types for data where the browser has told us it's application/octet-stream (probably because there's no file extension, or it's a text type with a non-.txt file extension).
- Users may opt to receive bug change emails from bugs assigned to specific product/component combinations.
- The UI for managing the components being watched will be integrated in the user's preferences.
- Profanivore removes English profanities in comments, replacing instead with altered text similar to '****'. The profanity is only altered where the comment was written by a user who does not have the global 'editbugs' privilege. Comment in database is unaltered, only the display of the comment is altered. The commenters view of their own comments are unaltered.
- Splinter is a UI for performing code review of patches attached to bug reports. It is based on the original jQuery version written by Owen Taylor of Red Hat, Inc. Reviewers can comment on individual lines of a patch and also set the review flag from within the review UI. A formatted comment is added to the bug report with each comment and it's associated context.
- The BzAPI extension adds a new JSON output for config.cgi, for use by the BzAPI REST API proxy.
- Test additional text included by templates. Just read through the diff for such occurrences and load the appropriate page.
- Quicksearch for our status-related custom fields.
- config.cgi JSON output.
- Custom fields being visible or not visible in the appropriate products and components, as defined in Data.pm
- Buglist sorting works fine, even for dates, severities etc.
- It's possible for even unprivileged users to file bugs into security groups.
- Bugs filed end up in the correct security group when the "secure" checkbox is checked.
- Security group gets emailed when bugs are a) filed in, b) added to and c) removed from the relevant group.
- Bogus addresses like email@example.com don't get email, even if it's enabled in their preferences.
- Check that only members of the appropriate groups can set various fields, as defined in Data.pm.
- UUIDs, CVEs and SVN versions are correctly auto-linked (test_bmo_autolinkification.t):
- crash report IDs (UUIDs)
- File bugs using the following specialist formats:
- Including loading them as e.g. http://site/form.itrequest
- Load page.cgi?id=upgrade-3.6.html and check for bzr output at the bottom.
List of tasks still to be done for this project.
- Upstream hook in template/en/default/index.html.tmpl PASSED
- Fix additional bugs as filed in b.m.o. INPROGRESS
- Fix template/en/default/global/choose-product.html.tmpl to work better (and be a patch on top of the original) PASSED
- Fix Bugzilla Helper to suck a bit less PENDING
- Write and execute test plan PENDING
- make sure sanitizeme.pl still works (rewritten to add new functionality) PASSED
There are several additional extensions people want:
These bugs have been backported from 4.2 to 4.0 for BMO, so won't be needed for the next version upgrade:
- bug 77193 - make it possible to make versions, milestones and components inactive
- bug 633776 - Automatically detect correct encoding for text/ attachments
List of current know issues that will be fixed before final release.
Failing Test Cases
test_flags.t #302 - Flag type non editable by powerless users
test relies on empty canconfirm regex, disabled test_flags2.t #240 - Flag type 'selenium' not editable by powerless users
test relies on empty canconfirm regex, disabled test_shared_searches.t #138 - The 'helpwanted' query is not shared with this user
canconfirm regex is set to .*, which causes this test to fail testcase has been disabled test_show_all_products.t #42 - get_title, 'Enter Bug: QA-Selenium-TEST'
testcase doesn't support bmo's "other products" page bmo extension doesn't support classifications (should pass classification param through)
- test_sudo_sessions.t #36 - get_title, 'Match Failed'
- usevisibilitygroups broken?