summaryrefslogtreecommitdiffstats
path: root/template
AgeCommit message (Collapse)AuthorFilesLines
2018-04-10Bug 1328900 - Create new group called 'disableusers' that can only edit the ↵dklawren7-78/+85
bugmail and disabledtext fields of a user
2018-04-10Bug 1450679 - Replace custom Sentry integration with LoggingDylan William Hardison2-15/+0
2018-04-05Bug 1449282 - add jobqueue_status apiIsrael Madueme1-0/+4
2018-04-04Bug 1446431 - Allow Baseline scan to ignore forms that dont need CSRF TokensSimon Bennetts11-14/+14
The data-no-csrf attribute is used to signify that a form is 'safe' (ie doesn't actually make any permanent changes) and so doesn't need an anti-csrf token.
2018-03-29Bug 1200695 - API-key-creation emails should reflect if the action was a ↵Israel Madueme1-0/+8
result of auth delegation
2018-03-21Bug 1447669 - Add localconfig parameter for changing shadowdb user and passIsrael Madueme1-0/+6
2018-03-21Bug 1444008 - Fix sanity tests for unfiltered urlbaseDylan William Hardison1-1/+1
2018-03-20Bug 1444008 - Form action injection in Bugzilla /user_profile (leads to ↵Dylan William Hardison1-1/+1
XSS/single-factor credential leakage)
2018-03-19Bug 1440328 - Obfuscate mentor email for users that aren't logged inIsrael Madueme1-0/+1
2018-03-12Bug 1427503 - Allow all users to use Duo as the MFA provider.Tom Prince1-3/+3
2018-03-12Bug 1437238 - Create override parameters for mailer configurationDylan William Hardison1-1/+1
2018-03-05Bug 1433573 - Display the short URL link even for queries without any resultsbyron jones1-16/+18
2018-03-05Bug 1429344 - Review requests in requests dropdown should link to MozReview ↵Kohei Yoshino2-5/+5
or GitHub instead of Bugzilla details page
2018-03-02Bug 1442520 - move inbound_proxies to localconfigDylan William Hardison2-9/+5
2018-02-28Bug 1441475 - Added rel tags to links with target=_blankSimon Bennetts3-12/+12
2018-02-27Bug 1438206 - Process SES email bounces properlybyron jones3-0/+56
2018-02-21Bug 1439797 - Enable reporting-only CSP by defaultDylan William Hardison34-78/+100
2018-02-20Bug 1432296 - Prevent bugzilla static assets from being blocked by overly ↵Dylan William Hardison1-1/+6
long request URIs
2018-01-31Bug 1433993 - Outdated FreeOTP link in user preferencesEmma Humphries1-3/+3
2018-01-23Bug 1428270 - Unwrappable content in summary can cause top buttons to bleed ↵Kohei Yoshino2-2/+2
out of main content box
2018-01-18Bug 1429688 - focus Search Bugs box by defaultKohei Yoshino1-1/+1
2018-01-09Bug 1429076 - Can we have a lock icon for requests in security-sensitive ↵Kohei Yoshino1-2/+2
bugs in Requests Quick Look Dropdown?
2018-01-09Bug 1429075 - Encoding issue in notification area (mojibake)Dylan William Hardison1-1/+5
2018-01-08Bug 1428641 - Implement Requests quick look dropdown on global headerKohei Yoshino1-0/+42
2018-01-08Bug 1428642 - Fix minor bugs on new global headerKohei Yoshino2-4/+5
* The magnifier icon on the search bar should not trigger search as reported in https://twitter.com/colinjoy/status/949035254949523457 * The search dropdown should show Saved Searches Edit link as suggested in my UX analysis * Remove the CSS transition on the More Tools button for consistency. I didn't add the transition; it's default style for buttons * Fix the position of the arrow/triangle on dropdown lists. An error of 1px. * Add `user-select: none;` to `#header` https://developer.mozilla.org/en-US/docs/Web/CSS/user select
2018-01-08Bug 1427800 - Wrong anchor scrolling with old UIKohei Yoshino1-1/+1
2018-01-05Bug 1428227 - Google doesn't index bugzilla.mozilla.org any moreDylan William Hardison3-5/+5
2018-01-04Bug 1428166 - Move <meta charset> to start of <head>Edgaras1-4/+4
The <meta> element declaring the encoding must be inside the <head> element and within the first 1024 bytes of the HTML as some browsers only look at those bytes before choosing an encoding. https://developer.mozilla.org/en-US/docs/Web/HTML/Element/meta#attr-charset
2018-01-04Bug 1426475 - Make unknown bug id / alias error message more obvious to ↵Dylan William Hardison1-1/+7
prevent content spoofing
2018-01-03Bug 1426685 - Fix regressions from fixed-positioning global headerKohei Yoshino7-13/+10
2018-01-02Bug 1426673 - The logout link cannot be found as what Sessions page saysKohei Yoshino1-1/+1
2018-01-02Bug 1426507 - Upgrade BMO to HTML5Fateh Sandhu45-103/+102
2017-12-20Bug 1361890 - Remove asset concatenationDylan William Hardison8-58/+50
2017-12-19Bug 1420771 - Remove global footerKohei Yoshino5-114/+67
2017-12-16Bug 1403777 - Migrate urlbase from params to localconfigDylan William Hardison7-91/+26
2017-12-13Bug 1376826 - New HTML Header for BMOKohei Yoshino4-173/+169
2017-12-02Bug 1417980 - Fix non-HTTPS links and outdated links where possibleKohei Yoshino13-65/+65
2017-12-02Bug 1420295 - Remove the Bugzilla version number from homepageKohei Yoshino6-14/+1
2017-12-01Bug 1420300 - Move bug tagging tool from global footer to bug footerKohei Yoshino4-18/+6
2017-11-30Bug 1363889 - Update BMO to use new Mozilla brandingKohei Yoshino1-4/+0
2017-10-02fix typos in mfa messageDylan William Hardison1-2/+2
2017-09-27Bug 1401569 - typo in "enabled two-factor authentication"byron jones1-2/+2
2017-09-25Bug 1401463 - In bugzilla "you must reset password" state, all bug pages are ↵Dylan William Hardison2-0/+19
force-redirected to password reset page, which loses "to-do" information that I have encoded as open tabs viewing particular bug pages
2017-09-19Bug 1400949 - Password requirements not statedDylan William Hardison6-23/+26
2017-09-19Bug 1400419 - Direct GitHub-auth'd users that are required to use 2FA to ↵Dylan William Hardison1-3/+19
issue a password reset
2017-09-15Bug 1364233 - Add setting to force a group to require MFA and restrict users ↵Dylan William Hardison3-6/+47
in that group who have not enabled MFA
2017-09-15Bug 1391702 - Replace Bugzilla::User::validate_password() with calls to ↵Dylan William Hardison3-20/+78
Data::Password::passwdqc
2017-09-13Bug 1398889 - Add param 'silent_users' that never trigger sending bugmailDylan William Hardison1-1/+3
* Add param silent_users * Add method is_silent_user to User class, which returns true if the login name matches an entry in silent_users. * Change user_wants_mail() to return false if the changer is a silent user. * Change is_global_watcher() in User class code to use any instead of grep * Change regex used to parse param 'globalwatchers' to use consistent regex in BugMail.pm and User.pm
2017-09-09Bug 1398340 - Typo in 2fa enrollment flow: "enrolment" (missing an L) (#232)Dylan William Hardison2-3/+3
2017-08-30Bug 1394915- Protect against 2FA by-pass in reset_password.cgiMary Umoh1-0/+4