Security/Archived/Radar/Triage: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
m (Amuntner moved page Security/Radar/Triage to Security/Archived/Radar/Triage: Out of date page, no longer used. Archiving for historical purposes.)
 
(42 intermediate revisions by 2 users not shown)
Line 1: Line 1:
{{ForceRefreshButton}}
{{ForceRefreshButton}}
== Triage ==
== Triage ==
 
===Feature Pages===
{| class="wikitable collapsible collapsed"
{| class="wikitable collapsible"
! Feature Page Triage Needed
! Feature Page Triage Needed
|-
|-
Line 38: Line 38:
|}
|}


* [https://bugzil.la/ALL%20-sw%3A%22%5Bsec-assigned%3A%22%2B-product%3A%22mozilla.org%22%2B!sec-review-needed%0A Sec-Review-Needed]
=== Nominations ===
** Product: (does not contain) mozilla.org
* [https://bugzilla.mozilla.org/request.cgi?action=queue&requestee=-&type=sec-review sec-review?]
** Keyword: sec-review-needed
** Flag: sec-review set to ?
** whiteboard: (does not contain "[sec-assigned:")
** no requestee  (top group, if any)
 
 
It is impossible to construct a buglist query that returns only the bugs we want. For discussion see {{bug|828344}} comment 72 and following; {{bug|677757}} is what we need. The obvious query (flag=sec-review?, NOT requestee contains "@") will <i>appear</i> to work, but will miss bugs which have both a needinfo? request in addition to the empty sec-review? we wanted to find.
 
For management purposes the request feature produces the list we need.


*[https://bugzil.la/UNCONFIRMED%2CNEW%2CREOPENED%2Bproduct%3A%22mozilla.org%22%2Bcomponent%3A%22Security%20Assurance%3A%20Review%20Request%22%2Bsw%3A%22%5Bpending%20secreview%5D%5Btriage%22 Component bugs]
=== Bugs with triage whiteboard tag ===
*[https://bugzil.la/product%3A%22mozilla.org%22%20component%3A%22Security%20Assurance%3A%20Review%20Request%22%20sw%3A%22%5Btriage%22&order=bug_id Triage Needed]
** Product: mozilla.org
** Product: mozilla.org
** Component: Security Assurance: Review Requested
** Component: Security Assurance: Review Requested
** Status: Unconfirmed, New, Reopened
** Status: Unconfirmed, New, Reopened, Assigned, Ready
** whiteboard: [pending secreview][triage needed]
** whiteboard (contains):[triage
 
=== Bugs without an owner ===
*[https://bugzilla.mozilla.org/buglist.cgi?quicksearch=comp%3A%22Security%20Assurance%22%20%40nobody%20-sw%3Amentor%2Ctriage%2Cvendor%20-kw%3Ameta%20-flag%3Aneedinfo nobody component bugs]
** Component: contains "Security Assurance"
** Resolution: ---  (none, still open)
** Assignee: nobody@mozilla.org
** whiteboard: (does not contain) triage OR mentor OR vendor
** keywords: does not contain 'meta'
** flags: does not contain 'needinfo'
 
=== Scrum / Sprint Queries ===
* [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=comp%3A%22Security%20Assurance%22%2Bsw%3A%22s%3Dready%22 Ready Bugs]
 
* [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=comp%3A%22Security%20Assurance%22%20sw%3A%22s%3Dsprint%206%22 Current Sprint (6)]


*[https://bugzil.la/UNCONFIRMED%2CNEW%2CASSIGNED%2CREOPENED%2Bcomponent%3A%22Security%20Assurance%22%2C%22Security%20Assurance%3A%20Applications%22%2C%22Security%20Assurance%3A%20Incident%22%2C%22Security%20Assurance%3A%20Operations%22%2C%22Security%20Assurance%3A%20Review%20Request%22%2Bproduct%3A%22mozilla.org%22%2Bassigned_to%3A%22nobody%40mozilla.org%22%7Cassigned_to%3A%22security-assurance%22%2B-sw%3A%22%5Bneeds%20info%5D%22%2B-sw%3A%22triage%22 Nobody Component Bugs]
* [http://scrumbu.gs/t/security-assurance/ scrumbu.gs SA Page]
** Product: mozilla.org
 
** Component: component:"Security Assurance","Security Assurance: Applications","Security Assurance: Incident","Security Assurance: Operations","Security Assurance: Review Request"
=== Untriaged Web Sec Bugs ===
* [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=group%3Awebsites-security%20-component%3A%22Security%20Assurance%3A%20Review%20Request%22%20-sw%3Ainfrasec%2C%22%5Bvendor%5D%22%20-kw%3Asec-&list_id=9562423 Website Sec]
** Status: Unconfirmed, New, Reopened, Assigned
** Component: (does not contain) "Security Assurance: Review Request"
** group: websites-security
** whiteboard: (does not contain) infrasec
** keyword: (does not contain) sec-
 
* [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=group%3Awebtools-security%20-kw%3Asec- Webtools Security Bugs]
** Status: Unconfirmed, New, Reopened, Assigned
** group: webtools-security
** keyword: (does not contain) sec-
 
* [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=group%3Amozilla-services-security%20-kw%3Asec- Mozilla Services Security Bugs]
** Status: Unconfirmed, New, Reopened, Assigned
** group: mozilla-services-security
** keyword: (does not contain) sec-
 
* [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=group%3Aclient-services-security%20-kw%3Asec- Client Services Security Bugs]
** Status: Unconfirmed, New, Reopened, Assigned
** Status: Unconfirmed, New, Reopened, Assigned
** Assignee: nobody@mozilla.org OR security-assurance
** group: client-services-security,addons-security
** whiteboard: (does not contain) triage
** keyword: (does not contain) sec-
** whiteboard: (does not contain) [needs info]


== Other ==
== Other ==

Latest revision as of 19:24, 25 April 2016

Force Page Refresh

Triage

Feature Pages

Feature Page Triage Needed
{{#ask: Feature version::!`Feature security status::`
Feature Feature List Target Rel Prod Mgr Lead Engr Security lead Security status Security notes Last Modified
?# ?Feature name# ?Feature list# ?Feature version# ?Feature product manager# ?Feature lead engineer# ?Feature security lead# ?Feature security status# ?Feature security notes# ?Modification date# ?Feature security health# mainlabel=- sort=Feature version format=template template=SecurityRadarListTable limit =100000

}}

Nominations

  • sec-review?
    • Flag: sec-review set to ?
    • no requestee (top group, if any)


It is impossible to construct a buglist query that returns only the bugs we want. For discussion see bug 828344 comment 72 and following; bug 677757 is what we need. The obvious query (flag=sec-review?, NOT requestee contains "@") will appear to work, but will miss bugs which have both a needinfo? request in addition to the empty sec-review? we wanted to find.

For management purposes the request feature produces the list we need.

Bugs with triage whiteboard tag

  • Triage Needed
    • Product: mozilla.org
    • Component: Security Assurance: Review Requested
    • Status: Unconfirmed, New, Reopened, Assigned, Ready
    • whiteboard (contains):[triage

Bugs without an owner

  • nobody component bugs
    • Component: contains "Security Assurance"
    • Resolution: --- (none, still open)
    • Assignee: nobody@mozilla.org
    • whiteboard: (does not contain) triage OR mentor OR vendor
    • keywords: does not contain 'meta'
    • flags: does not contain 'needinfo'

Scrum / Sprint Queries

Untriaged Web Sec Bugs

  • Website Sec
    • Status: Unconfirmed, New, Reopened, Assigned
    • Component: (does not contain) "Security Assurance: Review Request"
    • group: websites-security
    • whiteboard: (does not contain) infrasec
    • keyword: (does not contain) sec-
  • Webtools Security Bugs
    • Status: Unconfirmed, New, Reopened, Assigned
    • group: webtools-security
    • keyword: (does not contain) sec-
  • Client Services Security Bugs
    • Status: Unconfirmed, New, Reopened, Assigned
    • group: client-services-security,addons-security
    • keyword: (does not contain) sec-

Other

  • Assigned bugs
    • Keyword: sec-review-needed
    • whiteboard: "[sec-assigned:"
  • Assigned bugs in component
    • Product: mozilla.org
    • Component: component:"Security Assurance","Security Assurance: Applications","Security Assurance: Incident","Security Assurance: Operations","Security Assurance: Review Request"
    • Status: Unconfirmed, New, Reopened, Assigned
    • Assignee: nobody@mozilla.org
Retrieved from "https://wiki.mozilla.org/index.php?title=Security/Archived/Radar/Triage&oldid=1129262"