aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* custom_userhistory: minor html cleanup & show username for auditHEADgentoo-5.0.4.3masterbugstestRobin H. Johnson2018-06-071-31/+50
| | | | Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
* custom_userhistory: lots of workgentoo-5.0.4.2Robin H. Johnson2018-06-071-69/+234
| | | | | | | | | | - Add Audit log section based on audit_log table - HTML improvements - Use tables for output, with consistent style - DBD bind argument style - Query formatting for easier debugging Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
* Merge bugstest back to master for final v5.0.4 changesgentoo-5.0.4.1Robin H. Johnson2018-06-079-66/+158
|\
| * Merge master back to into bugstest for missing changesRobin H. Johnson2018-06-072-28/+34
| |\ | |/ |/|
* | HPPA is exp arch nowMichał Górny2018-05-132-2/+2
| |
* | Fix accidental reverse ordering of PPC/PPC64Michał Górny2018-02-042-2/+2
| |
* | Reorganize arches list as discussed on ml and pushed to eshowkwMichał Górny2018-01-292-22/+28
| |
* | Gentoo: move ARM64 to stable arches to facilitate stabilization workMichał Górny2018-01-092-2/+2
| |
| * Merge tag 'release-5.0.4' into bugstestRobin H. Johnson2018-03-058-65/+155
| |\
| | * Bumped version to 5.0.4release-5.0.4David Lawrence2018-02-161-1/+1
| | |
| | * Bug 1438593: Release notes for Bugzilla 5.0.4David Lawrence2018-02-161-0/+21
| | | | | | | | | | | | r/a=dylan
| | * Bug 1433400 (CVE-2018-5123) Prevent cross-site image requests from leaking ↵Dylan William Hardison2018-02-162-0/+65
| | | | | | | | | | | | | | | | | | contents of certain fields due to regex search r=jfearn,a=dylan
| | * Fixes https://bugzilla.mozilla.org/show_bug.cgi?id=1427623 by setting (#57)Quanah Gibson-Mount2018-01-041-0/+1
| | | | | | | | | the priority on import
| | * Significant update to jb2bz.py. (#58)Quanah Gibson-Mount2018-01-041-56/+65
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes https://bugzilla.mozilla.org/show_bug.cgi?id=1427626 Fixes https://bugzilla.mozilla.org/show_bug.cgi?id=1427638 Fixes https://bugzilla.mozilla.org/show_bug.cgi?id=1427664 Convert jb2bz to use "email" module rather than rfc822, multifile, mimetools, and StringIO for easier manipulation of the mailbox objects. This fixed (among other things) 1427626 as the Subject of the email is now obtained correctly. Fix the date formatting throughout to always use UTC, which is what Bugzilla expects for the dates. This fixed 1427638. Fix attachment processing, which was using multifile rather than walking the parts of the email object. This fixed part of 1427664 Fix the fact that the process_reply_file function never checked for attachments in any followups. This fixed part of 1427664 Fix attachment processor to ignore various signatures and message/rfc822 multipart messages. For the latter, it sets "filename=" values to files that don't actually exist, which caused attachment processing to bomb.
| | * Bug 1301887 - File::Slurp triggers warnings on perl 5.24 (#53)Vitaly Belekhov2018-01-049-28/+44
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Bug 1301887 - File::Slurp triggers warnings on perl 5.24 and it is recommended to not use it (#21) r=mtyson * Fix for vrite in aa735d4 * Added https://gitweb.gentoo.org/proj/gentoo-bugzilla.git/commit/?id=ca7bfc9c485c959fad2aee1f7c1dbc0fb484553b
| * | Bugzilla/Search: force validation of timestamp/date.Robin H. Johnson2018-03-051-1/+3
|/ / | | | | | | Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
* | buglist: tell taint check that bugid is safe.Robin H. Johnson2018-01-071-0/+1
| | | | | | | | | | Bug: https://bugs.gentoo.org/643854 Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
* | Bugzilla/Constants: HTTP Strict Transport Security should be least 6 months ↵Robin H. Johnson2017-09-161-2/+2
| | | | | | | | | | | | per Mozilla. Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
* | CGI: set Content-Security-Policy header.Robin H. Johnson2017-09-161-1/+2
| | | | | | | | Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
* | Gentoo: move sparc to unstable archesMichał Górny2017-09-122-2/+2
| |
* | comments template: Use relative (#) references to commentsMichał Górny2017-09-111-1/+1
| |
* | Gentoo: shorten URLs in addressbarMichał Górny2017-09-111-1/+20
| |
* | Convert HTTP to HTTPS links.Robin H. Johnson2017-09-104-10/+11
| | | | | | | | | | Fixes: https://bugs.gentoo.org/show_bug.cgi?id=630608 Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
* | Merge remote-tracking branch 'upstream/5.0'Robin H. Johnson2017-09-1018-45/+59
|\ \ | |/
| * Bug 1398100 - tiny tweaks to release notesGervase Markham2017-09-081-1/+2
| |
| * Revert "Bug 1306534 - Crash when pasting UTF8 text as an attachment"Dylan William Hardison2016-10-191-1/+0
| | | | | | | | This reverts commit 89cb60fe38a7962c876bce18368db90cedda84eb.
| * Bug 1310728 - editflagtypes.cgi crashes when classifications are enabled and ↵Frédéric Buclin2016-10-171-1/+1
| | | | | | | | | | | | the user hasn't global editcomponents privs r/a=dkl
| * Bug 1306534 - Crash when pasting UTF8 text as an attachmentMatt Tyson2016-10-111-0/+1
| | | | | | | | r=dylan
| * nit: wrong method call in Bugzilla::MigrateDylan William Hardison2016-10-081-1/+1
| |
| * Bug 1300437 - DateTime::TimeZone::offset_as_string called incorrectly (#19)Dylan William Hardison2016-10-082-2/+2
| |
| * Bug 1303702 - bug history table 'when' column shows 00:00 only using sqliteAndrea Orsini2016-09-191-0/+1
| | | | | | | | r/a=dylan
| * - New CI docker image for testingDavid Lawrence2016-09-071-17/+19
| |
| * Bug 1292510 - replace references to git.mozilla.org with references to ↵Gervase Markham2016-08-057-6/+18
| | | | | | | | github. r=dylan
| * Fix the default API URLFrédéric Buclin2016-06-011-2/+2
| |
| * Bug 1269266 - API links for Bugzilla 5+ not working anymoreFrédéric Buclin2016-06-012-6/+5
| |
| * Bug 1273846 - Checksetup fails to update chart storage during pre-3.6 -> 5.0 ↵Frédéric Buclin2016-05-201-9/+8
| | | | | | | | | | | | upgrade r/a=dkl
| * Bumped version post-releaseDavid Lawrence2016-05-161-1/+1
| |
* | Match file_write permissions.Robin H. Johnson2017-06-281-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | text_write was introduced for bug 1301887 per commit df4677439d7b3658e2d896ffaab903b01c2e2fe6, but had slightly different semantics than the original File::Slurp file_write function. Specifically, file_write applied the umask for new files, while text_write is based on File::Temp and uses 0600 for new files. Add a permission grant so that new files respect the umask instead. Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
* | Bug 1301887 - File::Slurp triggers warnings on perl 5.24 and it is ↵Dylan William Hardison2017-06-195-20/+40
| | | | | | | | | | | | | | | | recommended to not use it (#21) r=mtyson (cherry picked from commit df4677439d7b3658e2d896ffaab903b01c2e2fe6) Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
* | Merge tag 'release-5.0.3' into bugstestChristian Ruppert2016-06-1859-452/+463
|\ \ | |/
| * Bumped version to 5.0.3release-5.0.3David Lawrence2016-05-161-1/+1
| |
| * Bug 1253263 - (CVE-2016-2803) [SECURITY] XSS vulnerability in dependency ↵Frédéric Buclin2016-05-161-1/+7
| | | | | | | | | | | | graphs via bug summary r/a=dkl
| * Bug 1269388 - Release notes for Bugzilla 5.0.3Frédéric Buclin2016-05-131-0/+34
| | | | | | | | r=dkl
| * Bug 1250114 - XSS possible in extensions calling global/tabs.html.tmpl if ↵Dylan William Hardison2016-05-131-1/+1
| | | | | | | | tab.link is user-controlled
| * Add build.platform = linux64, machine.platform = linux64 to taskgraph.json ↵David Lawrence2016-05-021-6/+42
| | | | | | | | to remove b2gtest from Treeherder results
| * Bug 1259881 - CSV export vulnerable to formulae injection (again)Frédéric Buclin2016-04-251-3/+4
| | | | | | | | r=sgreen a=dkl
| * Bug 542239 - Accept pronouns everywhere in query.cgiAlbert Ting2016-04-202-2/+3
| | | | | | | | r=dkl,a=dkl
| * Bug 1232171 - 'make clean' shouldn't delete rst/, images/ and Makefile, only ↵Frédéric Buclin2016-04-151-1/+1
| | | | | | | | | | | | generated files r=gerv
| * Email::MIME::Attachment::Stripper is no longer used, see bug 437076Frédéric Buclin2016-04-101-2/+1
| |
| * Fix an incorrect URL in the documentationFrédéric Buclin2016-04-091-1/+1
| |