SecurityEngineering/PSM Bug Triage: Difference between revisions
(→Bug Triage in PSM: add link to remaining untriaged bugs) |
(more details) |
||
| Line 2: | Line 2: | ||
PSM essentially consists of Gecko code in [https://dxr.mozilla.org/mozilla-central/source/security security/] that is not in any of the subdirectories [https://dxr.mozilla.org/mozilla-central/source/security/nss nss/], [https://dxr.mozilla.org/mozilla-central/source/security/patches patches/], or [https://dxr.mozilla.org/mozilla-central/source/security/sandbox sandbox/]. The Bugzilla product/component for PSM is [https://bugzilla.mozilla.org/buglist.cgi?resolution=---&query_format=advanced&component=Security%3A%20PSM&product=Core Core :: Security: PSM]. Historically, many bugs related to or involving PSM have been filed in the component [https://bugzilla.mozilla.org/buglist.cgi?resolution=---&query_format=advanced&component=Security%3A%20UI&product=Core Security: UI]. This component is going away soon, and all outstanding bugs will be moved to Security: PSM or a more appropriate place. | PSM essentially consists of Gecko code in [https://dxr.mozilla.org/mozilla-central/source/security security/] that is not in any of the subdirectories [https://dxr.mozilla.org/mozilla-central/source/security/nss nss/], [https://dxr.mozilla.org/mozilla-central/source/security/patches patches/], or [https://dxr.mozilla.org/mozilla-central/source/security/sandbox sandbox/]. The Bugzilla product/component for PSM is [https://bugzilla.mozilla.org/buglist.cgi?resolution=---&query_format=advanced&component=Security%3A%20PSM&product=Core Core :: Security: PSM]. Historically, many bugs related to or involving PSM have been filed in the component [https://bugzilla.mozilla.org/buglist.cgi?resolution=---&query_format=advanced&component=Security%3A%20UI&product=Core Security: UI]. This component is going away soon, and all outstanding bugs will be moved to Security: PSM or a more appropriate place. | ||
For team interoperability, PSM follows the new standardized [[Bugmasters/Process/Triage|Triage]] process | For team interoperability, PSM follows the new standardized [[Bugmasters/Process/Triage|Triage]] process. In short, every new bug should either be prioritized as P1, P2, P3, or P5, moved to a different component, or needinfo should be requested from someone. P1 means the bug should be fixed before the current Nightly branches to Aurora (and even uplifted as appropriate). P2 means the bug will be worked on "next" (basically, after P1s are taken care of). P3 means the bug is in the "should be fixed" backlog. Tracking or meta bugs are also P3. P5 is for bugs where patches would be reviewed and taken from contributors if appropriate, but otherwise won't be worked on. If a bug has had an unanswered needinfo flag for more than 2 weeks, it should be reevaluated (closing as incomplete, needinfo-ing another person, etc.). | ||
Internally, PSM makes use of a number of whiteboard tags for organizational and prioritization purposes. | After branching, bug priorities should be revisited. If a P1 is still open, it either needs to be deprioritized (maybe it isn't really a P1) or whatever is blocking its completion needs to be identified and dealt with. P2s and P3s should be considered for promotion to a higher priority. Assignees should be found for any bugs promoted to P1. | ||
This is the list of [https://bugzilla.mozilla.org/buglist.cgi?product=Core&component=Security%3A%20PSM&priority=--&n1=1&f1=flagtypes.name&o1=substring&v1=needinfo&resolution=---&chfield=[Bug%20creation]&chfieldto=Now&query_format=advanced&chfieldfrom=2016-06-01 untriaged bugs] according to the new process. | |||
This is the list of [https://bugzilla.mozilla.org/buglist.cgi?product=Core&component=Security%3A%20PSM&f1=flagtypes.name&o1=substring&v1=needinfo&f2=delta_ts&o2=lessthan&v2=14d&resolution=---&query_format=advanced bugs waiting on needinfo for more than 2 weeks] according to the new process. | |||
Internally, PSM makes use of a number of whiteboard tags for organizational and prioritization purposes. They are as follows: | |||
* [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=[psm-assigned] [psm-assigned]] are bugs that currently have an assignee. These should all be P1. | * [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=[psm-assigned] [psm-assigned]] are bugs that currently have an assignee. These should all be P1. | ||
| Line 18: | Line 24: | ||
* [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=[psm-intermittent] [psm-intermittent]] are bugs filed for intermittently failing tests in PSM | * [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=[psm-intermittent] [psm-intermittent]] are bugs filed for intermittently failing tests in PSM | ||
These are the [https://bugzilla.mozilla.org/buglist.cgi?cmdtype=runnamed&namedcmd=psm-untriaged remaining untriaged bugs]. | These are the [https://bugzilla.mozilla.org/buglist.cgi?cmdtype=runnamed&namedcmd=psm-untriaged remaining untriaged bugs] with respect to internal bug management. | ||
Revision as of 17:34, 30 June 2016
Bug Triage in PSM
PSM essentially consists of Gecko code in security/ that is not in any of the subdirectories nss/, patches/, or sandbox/. The Bugzilla product/component for PSM is Core :: Security: PSM. Historically, many bugs related to or involving PSM have been filed in the component Security: UI. This component is going away soon, and all outstanding bugs will be moved to Security: PSM or a more appropriate place.
For team interoperability, PSM follows the new standardized Triage process. In short, every new bug should either be prioritized as P1, P2, P3, or P5, moved to a different component, or needinfo should be requested from someone. P1 means the bug should be fixed before the current Nightly branches to Aurora (and even uplifted as appropriate). P2 means the bug will be worked on "next" (basically, after P1s are taken care of). P3 means the bug is in the "should be fixed" backlog. Tracking or meta bugs are also P3. P5 is for bugs where patches would be reviewed and taken from contributors if appropriate, but otherwise won't be worked on. If a bug has had an unanswered needinfo flag for more than 2 weeks, it should be reevaluated (closing as incomplete, needinfo-ing another person, etc.).
After branching, bug priorities should be revisited. If a P1 is still open, it either needs to be deprioritized (maybe it isn't really a P1) or whatever is blocking its completion needs to be identified and dealt with. P2s and P3s should be considered for promotion to a higher priority. Assignees should be found for any bugs promoted to P1.
This is the list of untriaged bugs according to the new process.
This is the list of bugs waiting on needinfo for more than 2 weeks according to the new process.
Internally, PSM makes use of a number of whiteboard tags for organizational and prioritization purposes. They are as follows:
- [psm-assigned] are bugs that currently have an assignee. These should all be P1.
- [psm-backlog] consists of the backlog of bugs we should fix in PSM. These should all be P2 or P3. If they are P1, they should have an assignee and the tag should be [psm-assigned].
- [psm-cleanup] consists of code maintenance bugs that would make development easier, but don't directly impact functionality. These are probably mostly P3 or P5.
- [psm-tracking] are meta bugs that track larger work. These should all be P3.
- [psm-deprecation] are bugs that involve deprecating weak cryptography
- [psm-clientauth] consists of bugs involved with TLS client authentication
- [psm-smartcard] are bugs involving PKCS#11 devices
- [psm-documentation] are bugs on writing or improving PSM documentation
- [psm-waiting] are bugs that are waiting on some external input
- [psm-blocked] are bugs that are blocked on other work
- [psm-intermittent] are bugs filed for intermittently failing tests in PSM
These are the remaining untriaged bugs with respect to internal bug management.