Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2018-04-04 | no bug - add mailmap file to fix historical stats | Dylan William Hardison | 1 | -0/+85 | |
2018-04-04 | Bug 1446431 - Allow Baseline scan to ignore forms that dont need CSRF Tokens | Simon Bennetts | 11 | -14/+14 | |
The data-no-csrf attribute is used to signify that a form is 'safe' (ie doesn't actually make any permanent changes) and so doesn't need an anti-csrf token. | |||||
2018-04-04 | Bug 1447028 - Add auth delegation test script | Dylan William Hardison | 3 | -0/+89 | |
2018-04-04 | no bug - add dev build pipeline to circleci | Dylan William Hardison | 2 | -0/+37 | |
2018-04-04 | no bug - circleci config tweaks | Dylan William Hardison | 2 | -10/+28 | |
2018-04-03 | Bug 1450920 - Don't pass blank API token to JSON-PRC in instant search | Vladimir Panteleev | 1 | -2/+4 | |
When an API token is seen by JSON-RPC, it will attempt to authenticate it, including blank tokens (empty strings). Thus, avoid passing an empty string in the first place. The pattern to pass an empty string if the absence of BUGZILLA.api_token is the most common way to include the Bugzilla_api_token in the JSON-PRC requests. However, most places which pass a token to JSON-RPC in JavaScript are in contexts where a user is expected to be logged in, and this is not the case for instant search. Although this could have been fixed by patching Bugzilla::Auth::Login::Cookie::get_login_info to treat empty API tokens as if none were given, this method was chosen, as this is also the approach used in the ProdCompSearch extension (where a login session also does not need to be required), and to avoid possible breakage in JSON-RPC consumers. | |||||
2018-04-02 | Bug 1450283 - JobQueue should treat "no jobs" as a trace-level message, and ↵ | Dylan William Hardison | 1 | -1/+6 | |
all other logs as info | |||||
2018-03-30 | bump version to 20180330.1 | Dylan William Hardison | 1 | -1/+1 | |
2018-03-30 | Bug 1450343 - Make the SES handler use Bugzilla::Logging and log more details | Dylan William Hardison | 2 | -69/+85 | |
2018-03-30 | bump base image to bmo-slim:20180330.1 | Dylan William Hardison | 2 | -2/+2 | |
2018-03-29 | Bug 1441244 - prevent compounding error messages in tests | Dylan William Hardison | 1 | -6/+4 | |
2018-03-29 | Bug 1447027 - Change default mail method for vagrant and update README | Israel Madueme | 3 | -1/+50 | |
Updates the default mail_delivery_method to be Sendmail for vagrant development. This allows developers to connect to the imap server running at bmo-web.vm:143 to view mail using a real mail client. The default method remains the same for docker users, 'Test'. Both methods are described in the README in a new section. | |||||
2018-03-29 | Bug 1441897 - Improve opengraph metadata for bug pages | Israel Madueme | 1 | -1/+6 | |
2018-03-29 | Bug 1450010 - The jobqueue supervisor's pidfile should not be stored in the ↵ | Dylan William Hardison | 1 | -2/+2 | |
data directory | |||||
2018-03-29 | Bug 1450008 - documentation link in API errors is wrong | Dylan William Hardison | 2 | -6/+2 | |
2018-03-29 | Bug 1200695 - API-key-creation emails should reflect if the action was a ↵ | Israel Madueme | 1 | -0/+8 | |
result of auth delegation | |||||
2018-03-29 | Bug 1441063: Fix the unaccepted revision comment (PhabBugz) | Piotr Zalewa | 1 | -1/+7 | |
* PhabBugz: Fix the unaccepted revision comment Summary: Currently, we're sending the "User removed from revision" comment when the Accept flag has been removed from a revision. This could happen in a number of use cases: 1. The reviewer resigned from being a reviewer. 2. The reviewer has been removed from reviewers list. 3. Someone (author, reviewer) removed acceptance of the revision by changing its status to "Needs Review". This patch is sending a "flag is deactivated" or "reviewer removed from revision" depending on the current status of the reviewer. Test Plan: Accept a revision. Change the revision to "Needs Review". Check the bug comment. Accept the revision. Remove the user from reviewers list. Check the bug comment. Reviewers: dkl Bug #: 1441063 Differential Revision: https://phabricator.services.mozilla.com/D809 * Styling fixed as requested in review. * Perl style fixes | |||||
2018-03-28 | bump version to 20180328.1 | Dylan William Hardison | 1 | -1/+1 | |
2018-03-28 | no bug - always build latest tag | Dylan William Hardison | 1 | -9/+12 | |
2018-03-28 | no bug - skip tests if the only thing changed is the version | Dylan William Hardison | 1 | -8/+42 | |
2018-03-28 | no bug - existing tag is non-fatal | Dylan William Hardison | 1 | -3/+0 | |
2018-03-28 | Bug 1449168 - Remove warning --function from jobqueue worker | Dylan William Hardison | 1 | -3/+3 | |
2018-03-28 | Bug 1449156 - Bugzilla::Memcached should use smaller timeouts and ping ↵ | Dylan William Hardison | 1 | -5/+19 | |
servers at instantiation time | |||||
2018-03-28 | Bug 1449413 - Refactor circleci container building stuff | Dylan William Hardison | 4 | -26/+276 | |
2018-03-27 | Bug 1440829 - Bugzilla comment for Phabricator commit should include entire ↵ | dklawren | 3 | -7/+9 | |
commit message, not just first line | |||||
2018-03-27 | bump version to 20180327.1 | Dylan William Hardison | 1 | -1/+1 | |
2018-03-27 | Bug 1448681 - Bugmail Message-ID header format changed without changing ↵ | byron jones | 1 | -5/+4 | |
In-Reply-To/References, breaking threading | |||||
2018-03-26 | bump version to 20180326.1 | Dylan William Hardison | 1 | -1/+1 | |
2018-03-26 | no bug - run jobqueue faster | Dylan William Hardison | 1 | -1/+1 | |
2018-03-26 | no bug - fix jobqueue command to run with multiplexed json output | Dylan William Hardison | 1 | -1/+2 | |
2018-03-26 | no bug - TheSchwartz debug log is really more like info level in how we have ↵ | Dylan William Hardison | 1 | -1/+1 | |
used it | |||||
2018-03-26 | no bug - add interdiff | Dylan William Hardison | 3 | -3/+3 | |
2018-03-24 | bump version to 20180324.1 | Dylan William Hardison | 1 | -1/+1 | |
2018-03-24 | no bug - enable HTTPS the proper way | Dylan William Hardison | 1 | -1/+1 | |
2018-03-23 | bump version to 20180323.1 | Dylan William Hardison | 1 | -1/+1 | |
2018-03-23 | no bug - increase httpd limits | Dylan William Hardison | 1 | -1/+2 | |
2018-03-23 | Bug 1447410 - Make it so you can always request review from .bugs or .tld ↵ | Dylan William Hardison | 1 | -0/+2 | |
accounts | |||||
2018-03-23 | Bug 1446974 - Revert changes of the subscribers list on secure revisions | dklawren | 1 | -3/+5 | |
2018-03-22 | bump version to 20180321.1 | Dylan William Hardison | 1 | -1/+1 | |
2018-03-22 | Bug 1447669 - follow-up fix - use override shadowsdb value to determine to ↵ | Dylan William Hardison | 1 | -1/+1 | |
use it or not | |||||
2018-03-22 | Bug 1399713 - ensure existing production redirects work in a cloud hosted ↵ | Dylan William Hardison | 5 | -0/+117 | |
environment | |||||
2018-03-21 | Bug 1447669 - Add localconfig parameter for changing shadowdb user and pass | Israel Madueme | 3 | -2/+21 | |
2018-03-21 | Bug 1444008 - Fix sanity tests for unfiltered urlbase | Dylan William Hardison | 2 | -2/+2 | |
2018-03-20 | bump version to 20180320.3 | Dylan William Hardison | 1 | -1/+1 | |
2018-03-20 | no bug - remove debugging for now | Dylan William Hardison | 1 | -8/+10 | |
2018-03-20 | bump version to 20180320.2 | Dylan William Hardison | 1 | -1/+1 | |
2018-03-20 | Bug 1444008 - Form action injection in Bugzilla /user_profile (leads to ↵ | Dylan William Hardison | 3 | -5/+5 | |
XSS/single-factor credential leakage) | |||||
2018-03-20 | bump version to 20180320.1 | Dylan William Hardison | 1 | -1/+1 | |
2018-03-20 | Bug 1447289 - heartbeat check should not check for enabled features | Dylan William Hardison | 1 | -1/+0 | |
2018-03-20 | Bug 1447291 - Remove Apache2::Log from PhabBugs/Push in favor of logging ↵ | Dylan William Hardison | 5 | -112/+63 | |
framework |