summaryrefslogtreecommitdiffstats
path: root/extensions
AgeCommit message (Collapse)AuthorFilesLines
2016-05-16Bug 1273185 - Add the "Has Regression Range" and "Has STR" flags to the ↵David Lawrence1-0/+4
Firefox Android and Firefox iOS components
2016-05-14Bug 232193 - bmo's systems (webheads, database, etc) should use UTC natively ↵David Lawrence2-8/+12
for o/s timezone and date storage
2016-05-12Bug 1270295 - don't update timestamps when the tab is not active / in the ↵David Lawrence2-2/+12
background
2016-05-10Bug 1271635 - XSS when viewing image attachmentsDavid Lawrence1-1/+1
2016-05-09Bug 1271172 - When copying a flag that has a period in the version, the ↵David Lawrence1-2/+12
description is not incremented properly
2016-05-05Bug 1270479 - Unsetting the needinfo checks the needinfo checkboxDavid Lawrence1-1/+1
2016-05-04Bug 1269795 - [BMO] ImageMagick Is On Fire  (CVE-2016-3714)Dylan William Hardison2-139/+0
2016-04-28Bug 1256051 - Allow MozReview.attachments() to post mozreview-* tags without ↵Dylan Hardison1-7/+14
requiring editbugs
2016-04-27Bug 1235514 - Change color of note regarding changed votesNikhil Handa2-10/+12
2016-04-21Bug 1239838 - Don't see a way to redirect a needinfo request (in ↵Byron Jones4-166/+225
Experimental UI)
2016-04-12Bug 1263520 - Cannot set r+ back to r? directlyDavid Lawrence1-1/+1
2016-04-04Bug 1259322 - Legal compliance / adding link to footerDavid Lawrence1-2/+9
2016-04-04Bug 1257662 - Disallow clearing a flag if the flag is set to allow granting ↵David Lawrence1-3/+5
by specifc group and changer is not in group
2016-03-30Bug 1260545 - Legal compliance / adding terms link to new BMO account flowDavid Lawrence1-0/+6
2016-03-25Bug 1253718 - CRM/Email request formDavid Lawrence2-0/+361
2016-03-24Bug 1259266 - Attachment of security issues when viewing a bug are ↵David Lawrence1-0/+8
indistinguishable from any other attachment.
2016-03-23Bug 1251236 - Please show the diff on the attachment details page when a ↵Byron Jones1-0/+16
patch has been reviewed in MozReview
2016-03-15Bug 1251442 - Update VP list in Recruiting ProductDavid Lawrence1-0/+1
2016-03-15Bug 1229834 - extend information we [audit] log to the syslogDylan Hardison1-1/+6
2016-03-14Bug 1255272 - Adding a flag via the MozReview batch-attachment API doesn't ↵Dylan Hardison1-0/+3
CC the user
2016-03-10Bug 1252578 - CSRF and SELECT-only SQL execution attack against ↵Dylan Hardison2-0/+2
query_database.html
2016-03-10Bug 1253914 - Cross domain referer leakage when resetting the user passwordDylan Hardison2-1/+4
2016-03-10Bug 1254227 - MozReview auth delegation allows sending out phishing mails ↵Dylan Hardison1-1/+3
via Bugzilla
2016-03-10Bug 1254675 - bug_modal template fails to escape format parameterDavid Lawrence1-1/+1
2016-03-09Bug 1253483 - MozReview.attachments() doesn't create flags on new attachmentsDylan Hardison1-1/+7
2016-03-08Bug 1252554 - Avoid possibility of XSS in release tracking reportDylan Hardison1-3/+3
2016-03-08Bug 1252445 - Tracking flags configuration is vulnerable to CSRF and causes ↵David Lawrence6-9/+24
persistent XSS
2016-03-08Bug 1251442 - Update VP list in Recruiting ProductDavid Lawrence1-3/+4
2016-03-07Bug 1252862 - Remove calls to delete_token() in several places where it is ↵David Lawrence3-4/+1
unnecessary
2016-03-02Bug 1252628 - 404 on ↵David Lawrence1-1/+1
https://www.mozilla.org/en-US/quality/bug-writing-guidelines.html
2016-03-01Bug 1252437 - XSS vulnerability through malicious bug aliasesDylan Hardison1-1/+2
2016-03-01Bug 1252437 - XSS vulnerability through malicious bug aliasesDylan Hardison1-1/+2
2016-03-01Bug 1252210 - AntiSpam configuration is vulnerable to CSRF and persistent XSSDylan Hardison2-1/+8
2016-03-01Bug 1252216 - Push extension configuration is vulnerable to CSRF and ↵David Lawrence3-0/+7
potentially code execution
2016-03-01Bug 1252219 - Attachment bounty form is vulnerable to CSRF and persistent XSSDylan Hardison2-9/+16
2016-02-29Bug 1251647 - XSS vulnerability in the remo-form-payment pageDylan Hardison2-107/+89
2016-02-29Bug 1251731 - XSS vulnerability through malicious attachment namesDavid Lawrence2-29/+43
2016-02-27Bug 1223421 - Hide/Obfuscate MozReview API KeysDylan Hardison1-0/+12
2016-02-27Bug 1251442 - Update VP list in Recruiting ProductDylan Hardison1-7/+5
2016-02-22Bug 1249614 - Release Tracking Report missed bugDavid Lawrence1-2/+2
2016-02-16Bug 1245471 - Release Tracking Report should be able to have custom datesDavid Lawrence3-68/+251
2016-02-11Bug 1244602 - rewrite the bmo --> reviewboard connector to create a bug ↵Byron Jones4-256/+102
instead of updating reviewboard
2016-02-11Bug 1235182 - User Story should always be visibleByron Jones3-0/+5
2016-02-10Bug 1246413 - Email::Address caches all email addressesDylan Hardison1-1/+9
2016-02-09Bug 1246864 - Unable to comment tickets with "WONTFIX" status without change ↵Byron Jones1-1/+2
the status on the experimental UI
2016-01-29Bug 1188236 - "Congratulations on having your first patch approved" email ↵David Lawrence1-2/+2
should be clearer about how to get the patch landed. - Fixed t/009bugwords.t failure
2016-01-28Bug 1188236 - "Congratulations on having your first patch approved" email ↵Mike Hoye1-22/+37
should be clearer about how to get the patch landed.
2016-01-28Bug 1241667 - Trying to report a bug traps the user in an infinite loopDavid Lawrence3-9/+21
2016-01-23Bug 1226028 - API for batching MozReview requestsDylan Hardison3-8/+214
2016-01-22Bug 1240575 - Update form.reps.budgetDavid Lawrence2-37/+84