BMO/Recent Changes

From MozillaWiki
Jump to: navigation, search

Recent Changes


  • bug 1197073 add support for 2fa using totp (eg. google authenticator)
  • bug 1199136 security bug group moves for new core-security-release group
  • bug 1199941 inactive sessions should expire faster (a week)
  • bug 1200600 message about 2fa's interaction with api authentication should be visible when 2fa is enabled
  • bug 1200610 jsonrpc API requests do not work when "Require API-Key authentication for API requests" is enabled due to missing
  • bug 1196618 add support for group owners
  • bug 1200618 Layout of the TOTP 2FA leads to missing the token time window and thus frustration
  • bug 1199136 security bug group moves for new core-security-release group
  • bug 1200957 when a non-admin edits a user the 2fa setting is incorrectly reported


  • bug 1198598 change the bug count restrictions in describekeywords from 'security-group' to 'core-security'
  • bug 1199329 Auth Delegation should ignore the query string parameters of a callback URI when determining uniqueness


  • bug 1195362 Quicksearch error pages ("foo is not a field" and friends) should still fill in search into quicksearch box
  • bug 1190476 set Comment field in GPG email to the URL of the bug
  • bug 1195645 don't create a new session for every authenticated REST/BzAPI call
  • bug 1197084 No mail sent when bugs added to or removed from *-core-security groups
  • bug 1196614 restrict the ability for users with editusers/creategroups to alter admins and the admin group
  • bug 1196092 Switch logincookies primary key to auto_incremented id, make cookie a secondary UNIQUE key
  • bug 1197699 always store the ip address in the logincookies table
  • bug 1197696 group_members report doesn't display nested inherited groups
  • bug 1196134 add ability for admins to force a user to change their password on next login
  • bug 1192687 add the ability for users to view and revoke existing sessions
  • bug 1195836 Remove from bmo
  • bug 1180733 "An invalid state parameter was passed to the GitHub OAuth2 callback" error when logging in with github


  • bug 1194584 "has cert" and "member of secure group" shouldn't be visible when creating a user
  • bug 1181596 Modal UI doesn't honor the "where to put the additional comment textarea" preference
  • bug 1193190 'view account history' on edituser should include audit_log entries
  • bug 979441 Under mod_perl, some modules aren't preloaded at startup
  • bug 981487 change bugs_fulltext from myisam to innodb
  • bug 1195315 Use of uninitialized value in string eq at Bugzilla/ line 99
  • bug 1195593 Able to delete any Bugzilla user's Bugmail Filter
  • bug 1195598 The "unknown_action" error message could confuse the user
  • bug 1195620 stop sending http cookies to sentry
  • bug 1194250 'take' button should uncheck "reset assignee to default"
  • bug 1195544 Information Disclosure Vulnerability Permits Attacker Obtains The GitHub OAUTH Return Code


  • bug 1160929 add support for storing attachments in s3
  • bug 1190693 Rewrite auth delegation to use a server-side POST instead of a client-side GET to delegate API Key
  • bug 1184332 Add Restricted API calls for MozReview
  • bug 1190029 Would like a way to see which groups are 'secure' groups in editusers.cgi when diagnosing password reset issues
  • bug 1193590 Warning about obsolete patches on an unassigned bug
  • bug 1036872 Bugmail filtering allows through bugmail that should be blocked when combined with the standard email prefs
  • bug 1192854 change tabs on user preferences from horizontal to vertical layout
  • bug 1193878 Make a few more fields optional on the intern request form
  • bug 1192688 add ip to last used api key information