BMO/42Upgrade

From MozillaWiki
< BMO
Jump to: navigation, search

4.2 Upgrade

Bugzilla.mozilla.org is upgrading to Bugzilla version 4.2.

Read the Release Notes

Top Level Tracking Bug

Schedule

Future dates are estimates and subject to change

Release Date Description
Alpha TBD General stablility
Postpone TBD Postpone due to some issues found during alpha
Beta TBD Verification of BMO customizations
RC TBD Final checks, sign offs and announcements of change over.
Final Mid-September Monday glob's time as to not disrupt normal business in US

Requirements

List of requirements the project must meet to before final release.

The following BMO customizations must be present and working properly. Some of these are specific to BMO and some are already in the upstream but not in the 4.2 release. These changes are part of the core Bugzilla code. The new BMO extension specific requirements will be listed after.

  • Retiring of old components, versions, and milestones
    • upstream bug 77193, FIXED in 4.2
    • testing in test_bmo_retire_values.t
  • Passwords require 8 or more characters
  • Strict-Transport-Security header validity increased from one week to one month
  • Admin options added for specifying/requiring password complexity in various forms
  • 'bug_check_groups' hook added to Bugzilla::Bug to make it always possible to file bugs in certain groups.
    • upstream bug required
  • New group 'bz_quip_moderators' added which can moderate quips. No longer just admin.
  • Users having admin permissions (instead of editbugs) may bless all groups as well as edit all users.
  • enter_bug.cgi automatically uses the 'guided' format for users not in the 'canconfirm' group.
  • enter_bug.cgi must show the pretty product chooser instead of the the standard product list.
  • Various redirects and rewrite rules need to function properly in the .htaccess file.
  • The bug query results uses the sorttable.js framework to allow client side column sorting. Changes were needed to the table.html.tmpl template for this to work.
    • upstream bug required
  • Display work email address instead of login name on the login forms.
  • New hook called 'patch_notes' added to attachment/createformcontents.html.tmpl to display additional instructions for patch type attachments.
    • upstream bug required
  • New hook called 'comment_banner' added to bug/comments.html.tmpl.
    • upstream bug required
  • Some textual changes have been made to the create-guided.html.tmpl simple bug entry form.
  • The status_whiteboard field can have a value added in the enter_bug.cgi page.
  • 'Last Comment' shortcut link added to the top of the show_bug.cgi page.
  • Instead of completely blocking unsafe URLs in the bug_file_loc field, BMO throws a warning alerting the user that the URL may not be safe.
  • Various fields in show_bug.cgi have been moved to different locations.
  • Additional template code has been added to bug/field.html.tmpl to filter out certain fields/values based on user permissions.
  • Added (take) link to show_bug.cgi to allow quickly assigning the bug to the user.
  • Various templates use cf_hidden_in_product() to filter out custom fields based on the bug's current product (bug/show-multile.html.tmpl, bug/show.xml.tmpl)
  • Text added to email notifications to not reply to the email and to make any comments in the bug itself.
  • New term variable called terms.BugzillaTitle to be used in header.html.tmpl instead of terms.Bugzilla.
  • Image of chomping Mozilla on the server push page when waiting for bug results (server-push).
  • "denied" flags changed to "not granted" in request/email.txt.tmpl
  • Alternative explanation of WORKSFORME resolution in pages/fields.html.tmpl
  • different permissions on htdocs root (0755 instead of DIR_WS_SERVE)
  • webserver allowed access to .bzr for bzr history function
  • to_user exposed to email/change-old.txt.tmpl for securemail
  • bz_canusewhines group used instead of admin in chart.cgi
  • bug fix related to displaying products on full product chooser grouped by classification in enter_bug.cgi
  • FollowSymLinks enabled in mod_perl.pl
  • resolutions hook added to pages/fields.html.tmpl
  • EXPIRED resolution hidden from all users except gerv in list/edit-multiple.html.tmpl
  • bug/edit.html.tmpl changes:
    • class on #bz_show_bug_column_2 changed from bz_show_bug_column to bz_show_bug_column_table
    • assigned_to editable field hidden by default
    • cc list displayed to logged in users
    • custom fields are hidden for anon sessions if they don't have a value set
    • custom fields are hidden if they are hidden in the product

BMO Extension Requirements

  • Several custom bug entry templates to aid internal Mozilla processes.
  • Customization to allow the bug entry templates to use check_can_change_field to see if various field values should be available to the current user.
  • Restrict content types attachable by non-privileged people.
  • Alter quicksearch to help with searching for bugs using custom blocking fields.
  • Auto-linkification of special text in bug comments.
  • Hooks into check_can_change_field to filter out custom fields and their values.
  • CC certain email addresses on bugmail when a bug is added or removed from a particular group.
  • Changes to enable correct sorting of list table, matched to changes in list/table.html.tmpl
  • Custom create new Bugzilla account page which provides additional information related to BMO.
  • Pretty product chooser.
  • Custom server-push template showing the Mozilla lizard animation.
  • Several custom page templates providing additional documentation specific to BMO.
  • Custom search plugin for Firefox.
  • Add additional mimetypes to the attachment entry form.
  • Add patch note to attachment form outlining the patch submission and approval process.
  • Add disclaimer for bug comments made against the 'Legal' product.
  • Add secure bug checkbox to the expert and guided bug entry form.
  • Add pretty product chooser user preference.
  • Add additional links from the index home page to other pages documenting etiquette, bug writing guidelines, and other help.
  • Add INCOMPLETE resolution description to the fields description page.

Other Extension Requirements

  • SecureMail
    • Users can upload their public GPG key or SMIME certificate using a form in the Bugzilla user preferences.
    • If a bug that is marked to any specific security groups sends an email notification, the email is encrypted with each user's public key.
    • The user can then decrypt the message using their private key through their email client.
    • Also user's who request their password to be changed who are members of specific security groups, the email with the change token will be encrypted as well.
  • TypeSniffer
    • This extension uses magic to guess MIME types for data where the browser has told us it's application/octet-stream (probably because there's no file extension, or it's a text type with a non-.txt file extension).
  • ComponentWatching
    • Users may opt to receive bug change emails from bugs assigned to specific product/component combinations.
    • The UI for managing the components being watched will be integrated in the user's preferences.
  • Profanivore
    • Profanivore removes English profanities in comments, replacing instead with altered text similar to '****'. The profanity is only altered where the comment was written by a user who does not have the global 'editbugs' privilege. Comment in database is unaltered, only the display of the comment is altered. The commenters view of their own comments are unaltered.
  • Splinter
    • Splinter is a UI for performing code review of patches attached to bug reports. It is based on the original jQuery version written by Owen Taylor of Red Hat, Inc. Reviewers can comment on individual lines of a patch and also set the review flag from within the review UI. A formatted comment is added to the bug report with each comment and it's associated context.
  • BzAPI
    • The BzAPI extension adds a new JSON output for config.cgi, for use by the BzAPI REST API proxy.

Test Plan

  • Test additional text included by templates. Just read through the diff for such occurrences and load the appropriate page.
  • Quicksearch for our status-related custom fields.
  • config.cgi JSON output.
  • Custom fields being visible or not visible in the appropriate products and components, as defined in Data.pm
  • Buglist sorting works fine, even for dates, severities etc.
  • It's possible for even unprivileged users to file bugs into security groups.
  • Bugs filed end up in the correct security group when the "secure" checkbox is checked.
  • Security group gets emailed when bugs are a) filed in, b) added to and c) removed from the relevant group.
  • Bogus addresses like foo@bar.bugs don't get email, even if it's enabled in their preferences.
  • Check that only members of the appropriate groups can set various fields, as defined in Data.pm.
  • Load page.cgi?id=upgrade-3.6.html and check for bzr output at the bottom.

Pending Tasks

List of tasks still to be done for this project.

To Do

Bugs Fixed

After Release

There are several additional extensions people want:

Backports

Current Issues

List of current know issues that will be fixed before final release.