summaryrefslogtreecommitdiffstats
path: root/scripts
diff options
context:
space:
mode:
authorIsrael Madueme <purelogiq@gmail.com>2018-09-10 18:34:56 +0200
committerGitHub <noreply@github.com>2018-09-10 18:34:56 +0200
commita91453b19c462929b3ab77927b0d0a6807558b92 (patch)
tree3eb41154780fbff36ec809eb42f382c2639c76ed /scripts
parent2e6e3e13587ee526ba94faabd5551e67508518f5 (diff)
downloadbugzilla-a91453b19c462929b3ab77927b0d0a6807558b92.tar.gz
bugzilla-a91453b19c462929b3ab77927b0d0a6807558b92.tar.xz
Bug 1479466 - Add Security Bugs Report
Adds the security bugs report with open count and median age open of sec-critical and sec-high bugs.
Diffstat (limited to 'scripts')
-rw-r--r--scripts/secbugsreport.pl83
1 files changed, 83 insertions, 0 deletions
diff --git a/scripts/secbugsreport.pl b/scripts/secbugsreport.pl
new file mode 100644
index 000000000..ae0639e20
--- /dev/null
+++ b/scripts/secbugsreport.pl
@@ -0,0 +1,83 @@
+#!/usr/bin/perl
+
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+#
+# This Source Code Form is "Incompatible With Secondary Licenses", as
+# defined by the Mozilla Public License, v. 2.0.
+#
+# Usage secbugsreport.pl YYYY MM DD, e.g. secbugsreport.pl $(date +'%Y %m %d')
+
+use 5.10.1;
+use strict;
+use warnings;
+
+use lib qw(. lib local/lib/perl5);
+
+use Bugzilla;
+use Bugzilla::Component;
+use Bugzilla::Constants;
+use Bugzilla::Error;
+use Bugzilla::Mailer;
+use Bugzilla::Report::SecurityRisk;
+
+use DateTime;
+use URI;
+use JSON::MaybeXS;
+
+BEGIN { Bugzilla->extensions }
+Bugzilla->usage_mode(USAGE_MODE_CMDLINE);
+
+exit 0 unless Bugzilla->params->{report_secbugs_active};
+exit 0 unless defined $ARGV[0] && defined $ARGV[1] && defined $ARGV[2];
+
+my $html;
+my $template = Bugzilla->template();
+my $end_date = DateTime->new( year => $ARGV[0], month => $ARGV[1], day => $ARGV[2] );
+my $start_date = $end_date->clone()->subtract( months => 6 );
+my $report_week = $end_date->ymd('-');
+my $products = decode_json( Bugzilla->params->{report_secbugs_products} );
+my $sec_keywords = [ 'sec-critical', 'sec-high' ];
+my $report = Bugzilla::Report::SecurityRisk->new(
+ start_date => $start_date,
+ end_date => $end_date,
+ products => $products,
+ sec_keywords => $sec_keywords
+);
+my $vars = {
+ urlbase => Bugzilla->localconfig->{urlbase},
+ report_week => $report_week,
+ products => $products,
+ sec_keywords => $sec_keywords,
+ results => $report->results,
+ build_bugs_link => \&build_bugs_link,
+};
+
+$template->process( 'reports/email/security-risk.html.tmpl', $vars, \$html )
+ or ThrowTemplateError( $template->error() );
+
+# For now, only send HTML email.
+my $email = Email::MIME->create(
+ header_str => [
+ From => Bugzilla->params->{'mailfrom'},
+ To => Bugzilla->params->{report_secbugs_emails},
+ Subject => "Security Bugs Report for $report_week"
+ ],
+ attributes => {
+ content_type => 'text/html',
+ charset => 'UTF-8',
+ encoding => 'quoted-printable',
+ },
+ body_str => $html,
+);
+
+MessageToMTA($email);
+
+sub build_bugs_link {
+ my ( $arr, $product ) = @_;
+ my $uri = URI->new( Bugzilla->localconfig->{urlbase} . 'buglist.cgi' );
+ $uri->query_param( bug_id => ( join ',', @$arr ) );
+ $uri->query_param( product => $product ) if $product;
+ return $uri->as_string;
+}