01. October 2002

Bugzilla Status Update

by J. Paul Reed (preed)

Introduction

The Bugzilla Team is pleased to announce both the 2.16.1 and 2.14.4 releases.

Both releases provide enhanced security and fix critical bugs on their respective branches, so both are recommended upgrades for 2.14.x and 2.16 users.

Administrators’ Mailing List Reminder

We’d like to remind all Bugzilla administrators that to assist them in keeping up-to-date with release announcements and security advisories, we’ve started a mailing list for people who administer Bugzillas. It is very low traffic - release announcements and security advisories only. We advise all Bugzilla administrators to subscribe, so they can keep up with important Bugzilla news.

The Win32 Situation

Bugzilla on Win32 is still unchanged: administrators using Win32 as their platform for Bugzilla do not want the 2.16 branch, including 2.16.1. The plan is to make the trunk Win32-friendly (which involves a number of quite large changes) and then announce that fact, allowing Win32 Bugzilla administrators to pull from the trunk. Interested admins can search bugzilla on the [needed for Win32bz] status whiteboard entry to track bugs that are part of this process.

Having said that, the Bugzilla Team continues to recommend Unix-based operating systems, including Linux, as the best platform for a Bugzilla installation; please consider it if you are starting a new Bugzilla installation and have some say in the platform decision.

Upcoming Major Features

Major new features are being working on. If you would like to know when we plan on adding one of these features, you can get that information from the bug requesting its implementation. These include:

  • Ability to send email via SMTP instead of relying on a local installation of sendmail. (Bug 84876)
  • PostgreSQL support. (Bug 98304)
  • Ability to add generic customized fields to bugs (Bug 91037)
  • Customised resolutions, that allow adding, removing, deactivating and renaming of resolutions. (Bug 94534)
  • Expanding the e-mail preferences to allow watching components, keywords, etc. (Bug 73665)
  • mod_perl support. (Bug 87406)
  • New makefile-based installation system (Bug 104660, Bug 105854, Bug 105855, and Bug 105856)
  • Generic Reporting, allowing users to generate arbitrary tabular reports of Bugzilla data. (Bug 12282)

Enterprise Group support

Commercial software developments using Bugzilla for support of multiple customers in confidential reliationships require additional features to prevent accidental cross-contamination of confidential information between customers. A series of Bugzilla features making such strict controls available is being worked on, spearheaded by Joel Peshkin.

  • Ability to mark individual comments and attachments as confidential to a specific group, typically the internal development team, even if the bug to which they are attached is more public. ([bug 143826](https://bugzilla.mozilla.org/show_bug.cgi?id=143826))
  • Ability to have an arbitrarily large number of groups defined, to define groups in terms of other groups, and to make changes to user regular expressions immediately effect all users instead of only future new users. ([bug 157756](https://bugzilla.mozilla.org/show_bug.cgi?id=157756))
  • A more flexible set of controls on the relationships of products and bugs to groups replacing the usebuggroupsentry and usebuggroups features (bug 147275)

Taken together, these changes enable sites to manage large lists of users in a large number of groups and to define appropriate default group restrictions and enforce group access policies on products, thus providing a solid foundation for enterprise group support in Bugzilla.

The largest of these changes (bug 157756) landed last weekend; any new bugs or regressions should be filed as new bugs.

Request Tracker

Request tracker is a series of enhancements to make attachment statuses more powerful and easier to administer. It includes the following changes and additions:

  • Two additional states for attachment statuses: Currently statuses can be in one of two states: off or on. RT adds two more states for a total of four: off, granted, denied, and requested, where “granted” is equivalent to “on” and “denied” and “requested” are new. These additions mean it is no longer necessary to define a second status to negate a previous one (f.e. “needs-work” to negate “has-review”): negation is built into each status.
  • Bug statuses: Currently only attachments have these kinds of statuses. RT allows them to be defined for bugs as well. Since “status” already has a meaning for bugs, attachment statuses have been renamed “status flags” (or “flags” for short) to avoid confusion.
  • Requests: Flags can be requested by setting the flag to the “requested” state and entering the name of the user you want to fulfill the request. Bugzilla emails the requestee about the request and adds the request to a queue that users can browse to keep track of their pending requests.

    When the requestee fulfills the request by setting the flag to a different state, Bugzilla emails the requester and removes the request from the queue. This feature supports development and management processes where some users have to ask others to grant or deny review to a patch, approve a patch for check-in to a restricted branch, etc.

  • Flag types are no longer product-specific. They can be enabled and disabled for any number of product/component combinations via inclusions and exclusions lists. This feature makes it much easier to administer flag types.

    As before, you can search for bugs using flag criteria via the boolean chart on the search form, and flag changes are recorded in the bugs activity table.

An older version of RT is currently being tested by the Bugzilla team on bugzilla.mozilla.org, so if you find a bug or have an enhancement, please check with #mozwebtools before filing new bugs. The status of RT can be monitored in bug 98801.

Trunk Checkins Since the Last Status Update

The following is a list of specific bugs fixed (and their checkin messages) since the last Bugzilla status report. It is ordered by the checkin date, as ordered by Bonsai. It includes checkins on the trunk from 07/29/2002 to 09/22/2002. This list was generated by filtering Bonsai’s output on that query.

Bold italic bugs are security-sensitive bugs.

Checkins made without reference to any specific bugs:

  • (9/5/2002) Inline doc (POD) spelling fixes (MattyT)
  • (9/5/2002) Add Mac OS X 10.x to the OS lists (justdave)
  • (8/26/2002) Updated maintainer email address throughout the tree (Jake)

Checkin manifest:

  • Bug 157756 - >55 groups now supported
  • Bug 63601: Recommend filename when downloading attachments (except in IE4, which chokes on the Content-Disposition header)
  • Bug 108987 - Linkify script to use quoteUrls on texts provided by user.
  • Bug 163114 - Templatise all calls to DisplayError.
  • Bug 167476 - unix_timestamp conversion error using MySQL.
  • Bug 152935 - Pref for no notification on Target Milestone change not respected.
  • Bug 160476 - boolean chart addition doesn’t keep query template format.
  • Bug 146945: Hack to support format=rdf for legacy applications that don’t know to do ctype=rdf instead.
  • Bug 169561 - Speed up UserInGroup by using cached information.
  • Bug 168804 - Document CheckCanChangeField so sites can modify it for local needs.
  • Bug 163790 - colchange.cgi is not localisable.
  • Bug 162151 - Fix page.cgi’s method of finding templates. It now looks in a “pages” subdirectory of the template directory.
  • Bug 25521 - Keyword field in new bug entry.
  • Bug 168075 - Undefined subroutine &main::Error called at /opt/webtools/bugzilla/buglist.cgi line 1005.
  • Bug 167978 - Fix Throw*Error l10n regressions and add a test to catch more.
  • Bug 166698 - The error system’s in a bit of a mess. This file was missed on the original checkin.
  • Bug 166821 - reports.cgi broken by recent schema changes.
  • Bug 167595 - Query - multiple-select product (and probably component) broken
  • Bug 167643 - Schema Changes from bug 143826 are out of order
  • Bug 166023 - On failure in template->new, a template is used to display error
  • Bug 166698 - clean up the error system, which was confused and broken.
  • Bug 146134 - checksetup.pl gives weird error message
  • Bug 123957 run checksetup.pl non-interactively (for use with cron jobs on test installs)
  • Bug 165756 - Running tests without checksetup causes failure
  • Bug 166318 - Bugzilla::Config should check for defparams.pl failure
  • bug 163024 - bugzilla_email_append calls processmail incorrectly
  • Bug 166016 checksetup gives torrent of cryptic errors if my_webservergroup is not found
  • Recheckin due to misapplied patch for bug 123957
  • Bug 123957 run checksetup.pl non-interactively (for use with cron jobs on test installs)
  • Bug 121419 - If multiple cookies exist, the least significant is assigned. Also fixes Duplicate Bug 165685 When switching from no cookiepath to using cookiepath, old cookie gets in the way
  • Bug 165221: Apostrophes not properly handled during account creation.
  • Bug 163829 - move pref code into a separate package
  • Correct checkin date for bug 153578 schema modification
  • Bug 165080 - Delete product fails with missing column error
  • Bug 161203 - Bug changes with intermediate pages munges fields withmultiple values (e.g., CC)patch by “Randall M! Gee”,
  • Bug 86651 - cvs-update was setting sticky dates which made committing changes and getting updates more difficult
  • Bug 164623 - xml.cgi - attachments is broken and insiders not enforced
  • Bug 164623 - add .htaccess to .cvsignore
  • Bug 76923 - Don’t |use diagnostics| (its really expensive at startup time)
  • Bug 164470 - mass reassign changes UNCONFIRMED->NEW
  • Bug 164566 - Param and UserInGroup are not defined in Bugzilla::Search
  • Bug 163494 - runtests.sh needs a switch to include optional modulesTests now detect optional modules and only exclude optional filesif optional module dependencies are not met.Also major indent cleanup
  • Bug 164464 - Importxml will fail if versioncache needs update
  • Bug 164465 - importxml.pl fails
  • Fixed merge problem from checkin of 143826 - No bug
  • Bug 143826 - Adding 2 new files missing from repository
  • Bug 163570 - Bugzilla::Search missing Date::Format includepatch by [email protected] (Jussi Sirpoma),
  • Fix for bug 163541: Corrects problem with previous patch that causes primary headers not to appear on some installations.
  • Fix for bug 163541: let there be a page title but no primary page header.
  • Bug 163457 - bugs not registered as “new”.
  • Bug 163331 - shutdownhtml is broken.
  • Bug 163299 - Can’t change cc accessible checkbo
  • Bug 143286 - Add support for Insiders, Private comments, Private Attachments.
  • Big 163291 - Move utility funcs into a module
  • Fix typo from 43600
  • Bug 162854 - buglist.cgi reporter is actually owner
  • bug 160631 - bug_email.pl is broken
  • Bug 160112 - clean up quip table conversion code
  • Bug 10037 - param to disable adding new quips
  • Bug 162066 - Fix callers of ThrowCodeError to use messages in code-error.html.tmpl.
  • Bug 162068 - Fix callers of ThrowUserError to use messages.html.tmpl.
  • Bug 162216 - colchange.cgi, buglist.cgi and page.cgi messages should be l10nable.
  • Bug 162066 - Fix callers of ThrowCodeError to use messages in code-error.html.tmpl.
  • Bug 151619 - Problem with the regex in checksetup.pl to find duplicates
  • Bug 153578 - Attachment modified date is meant to be attachment creationdate
  • Bug 162642 - Cannot accept bugs if requiremilestone is on; regression frombug 43600
  • Bug 162438 - fix permissions/tests for Bugzilla/ directory
  • Bug 24823 - show the last modified date at the top of show_bug
  • Bug 160710 - Taint checking causes problem with rename function
  • Fixing up the changedate from my bug 43600 patch. Knew I must haveforgotten something….
  • Bug 43600 - Convert products/components to use ids instead of names.Initial attempt by [email protected], updated by me
  • Bug 162217: fixed bustage introduced in bug 160410
  • Bug 160410: defparams.pl support for single/multi pulldown menus; p=preed,
  • Bug 160557 - products that start with _ do not show up properly in query.cgi.
  • Bug 155584 - Opening duplicates.cgi with no frequent bugs causes SQL syntax error.
  • Bug 109008 - Footer on create attachment page looks wrong.
  • Bug 159901 - token.cgi: localize strings send to message.html.tmpl.
  • Miseed &:: for call to SqlQuote, no bug # (cleanup from bug 158474)
  • Bug 161402 - Disable DBI taint mode in processmail
  • Bug 158474 - Abstract out GenerateSQL into perl module.
  • Add a test to check for speling errors. It only currently checks for two simple errors that used to be in checksetup.pl, more errors can and will be added in the future.Bug 147151, no review needed for tests
  • Bug 161450 - New search knob causes warnings.
  • Bug 160224 - remember query radio buttons don’t have default
  • Bug 55753 - if order is the first param to buglist.cgi, can’t resort.
  • Bug 118442 - Bugzilla fails to notice if nothing has changed when editingmultiple bugs if no keywords have been definedpatch by [email protected],
  • Bug 160227 - VERSION cookie not set correctly
  • Bug 113459 Bad regexp in emailregexp causes system lockout
  • Bug 160204 - search/knob.html.tmpl: script type missing, space missing
  • Bug 158236 - Remove ‘watchfordiffs’ column from namedqueries table

2.16-Branch Checkins Since the Last Status Update

The following is a list of specific bugs fixed (and their checkin messages) since the last Bugzilla status report. It is ordered by the checkin date, as ordered by Bonsai. It includes checkins on the BUGZILLA-2_16-BRANCH from 07/29/2002 to 09/28/2002. This list was generated by filtering Bonsai’s output on that query.

Bold italic bugs are security-sensitive bugs.

Checkins made without reference to any specific bugs: None.

  • Bug 166023 - On failure in template->new, a template is used to display error
  • Bug 167485; group_id is wrong when usebuggroups is on
  • Bug 161203 - Bug changes with intermediate pages munges fields withmultiple values (e.g., CC)
  • bug 163024 - bugzilla_email_append calls processmail incorrectly
  • Bug 165221: Apostrophes not properly handled during account creation.
  • Bug 164464 - Importxml will fail if versioncache needs update
  • bug 160631 - bug_email.pl is broken
  • Bug 151619 - Problem with the regex in checksetup.pl to find duplicates
  • Bug 160710 - Taint checking causes problem with rename function
  • Bug 161305 - SQL error with allowemailchange with mysql 3.22
  • Bug 160227 - VERSION cookie not set correctly

2.14-Branch Checkins Since the Last Status Update

The following is a list of specific bugs fixed (and their checkin messages) since the last Bugzilla status report. It is ordered by the checkin date, as ordered by Bonsai. It includes checkins on the BUGZILLA-2_14_1-BRANCH from 07/29/2002 to 09/22/2002. This list was generated by filtering Bonsai’s output on that query.

Bold italic bugs are security-sensitive bugs.

Checkins made without reference to any specific bugs: None.

  • Bug 167485; group_id is wrong when usebuggroups is on
  • Bug 163024 - bugzilla_email_append calls processmail incorrectly
  • Bug 160631 - bug_email.pl is broken