Security/Archived/Radar/Triage: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
m (Amuntner moved page Security/Radar/Triage to Security/Archived/Radar/Triage: Out of date page, no longer used. Archiving for historical purposes.)
 
(31 intermediate revisions by 2 users not shown)
Line 38: Line 38:
|}
|}


===Nominations===
=== Nominations ===
<strike>
* [https://bugzilla.mozilla.org/request.cgi?action=queue&requestee=-&type=sec-review sec-review?]
* [https://bugzil.la/ALL%20-sw%3A%22%5Bsec-assigned%3A%22%2B-product%3A%22mozilla.org%22%2B!sec-review-needed%0A Sec-Review-Needed]
** Product: (does not contain) mozilla.org
** Keyword: sec-review-needed
** whiteboard: (does not contain "[sec-assigned:")
</strike>
* [https://bugzilla.mozilla.org/buglist.cgi?type0-1-0=isempty;list_id=3969989;field0-1-0=requestees.login_name;field0-0-0=flagtypes.name;columnlist=changeddate%2Cpriority%2Cop_sys%2Cassigned_to%2Cbug_status%2Cresolution%2Cshort_desc%2Cstatus_whiteboard%2Ckeywords%2Cproduct%2Ccomponent%2Cflagtypes.name;query_format=advanced;type0-0-0=substring;value0-0-0=sec-review%3F sec-review?]
** Flag: sec-review set to ?
** Flag: sec-review set to ?
** no requestee
** no requestee (top group, if any)


===Bugs with triage whiteboard tag===
 
*[https://bugzil.la/UNCONFIRMED%2CNEW%2CREOPENED%2Bproduct%3A%22mozilla.org%22%2Bcomponent%3A%22Security%20Assurance%3A%20Review%20Request%22%2Bsw%3A%22%5Bpending%20secreview%5D%5Btriage%22 Component bugs]
It is impossible to construct a buglist query that returns only the bugs we want. For discussion see {{bug|828344}} comment 72 and following; {{bug|677757}} is what we need. The obvious query (flag=sec-review?, NOT requestee contains "@") will <i>appear</i> to work, but will miss bugs which have both a needinfo? request in addition to the empty sec-review? we wanted to find.
 
For management purposes the request feature produces the list we need.
 
=== Bugs with triage whiteboard tag ===
*[https://bugzil.la/product%3A%22mozilla.org%22%20component%3A%22Security%20Assurance%3A%20Review%20Request%22%20sw%3A%22%5Btriage%22&order=bug_id Triage Needed]
** Product: mozilla.org
** Product: mozilla.org
** Component: Security Assurance: Review Requested
** Component: Security Assurance: Review Requested
** Status: Unconfirmed, New, Reopened
** Status: Unconfirmed, New, Reopened, Assigned, Ready
** whiteboard: [pending secreview][triage needed]
** whiteboard (contains):[triage


===Bugs without an owner===
=== Bugs without an owner ===
*[https://bugzil.la/NEW%2CASSIGNED%2CREOPENED%2Bcomponent%3A%22Security%20Assurance%22%2C%22Security%20Assurance%3A%20Applications%22%2C%22Security%20Assurance%3A%20Incident%22%2C%22Security%20Assurance%3A%20Operations%22%2C%22Security%20Assurance%3A%20Review%20Request%22%2Bproduct%3A%22mozilla.org%22%2Bassigned_to%3A%22nobody%40mozilla.org%22%7Cassigned_to%3A%22security-assurance%22%2B-sw%3A%22triage%22%2B-sw%3A%22mentor%22%2B-flag%3A%22needinfo%3F%22%22 Nobody Component Bugs]
*[https://bugzilla.mozilla.org/buglist.cgi?quicksearch=comp%3A%22Security%20Assurance%22%20%40nobody%20-sw%3Amentor%2Ctriage%2Cvendor%20-kw%3Ameta%20-flag%3Aneedinfo nobody component bugs]
** Product: mozilla.org
** Component: contains "Security Assurance"
** Component: "Security Assurance","Security Assurance: Applications","Security Assurance: Incident","Security Assurance: Operations","Security Assurance: Review Request"
** Resolution: ---  (none, still open)
** Status: Unconfirmed, New, Reopened, Assigned
** Assignee: nobody@mozilla.org
** Assignee: nobody@mozilla.org OR security-assurance
** whiteboard: (does not contain) triage OR mentor OR vendor
** whiteboard: (does not contain) triage
** keywords: does not contain 'meta'
** flags: (does not contain) needinfo
** flags: does not contain 'needinfo'
 
=== Scrum / Sprint Queries ===
* [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=comp%3A%22Security%20Assurance%22%2Bsw%3A%22s%3Dready%22 Ready Bugs]
 
* [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=comp%3A%22Security%20Assurance%22%20sw%3A%22s%3Dsprint%206%22 Current Sprint (6)]
 
* [http://scrumbu.gs/t/security-assurance/ scrumbu.gs SA Page]


=== Web Sec Bugs ===
=== Untriaged Web Sec Bugs ===
* [https://bugzil.la/UNCONFIRMED%2CNEW%2CASSIGNED%2CREOPENED%20group%3Awebsites-security%2B-component%3A%22Security%20Assurance%3A%20Review%20Request%22%2B-sw%3A%22infrasec%22%2B-kw%3A%22sec-%22%0A Web Sec]
* [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=group%3Awebsites-security%20-component%3A%22Security%20Assurance%3A%20Review%20Request%22%20-sw%3Ainfrasec%2C%22%5Bvendor%5D%22%20-kw%3Asec-&list_id=9562423 Website Sec]
** Status: Unconfirmed, New, Reopened, Assigned
** Status: Unconfirmed, New, Reopened, Assigned
** Component: (does not contain) "Security Assurance: Review Request"
** Component: (does not contain) "Security Assurance: Review Request"
** group: websites-security  
** group: websites-security  
** whiteboard: (does not contain) infrasec
** whiteboard: (does not contain) infrasec
** keyword: (does not contain) sec-
* [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=group%3Awebtools-security%20-kw%3Asec- Webtools Security Bugs]
** Status: Unconfirmed, New, Reopened, Assigned
** group: webtools-security
** keyword: (does not contain) sec-
* [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=group%3Amozilla-services-security%20-kw%3Asec- Mozilla Services Security Bugs]
** Status: Unconfirmed, New, Reopened, Assigned
** group: mozilla-services-security
** keyword: (does not contain) sec-
* [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=group%3Aclient-services-security%20-kw%3Asec- Client Services Security Bugs]
** Status: Unconfirmed, New, Reopened, Assigned
** group: client-services-security,addons-security
** keyword: (does not contain) sec-
** keyword: (does not contain) sec-


Latest revision as of 19:24, 25 April 2016

Force Page Refresh

Triage

Feature Pages

Feature Page Triage Needed
{{#ask: Feature version::!`Feature security status::`
Feature Feature List Target Rel Prod Mgr Lead Engr Security lead Security status Security notes Last Modified
?# ?Feature name# ?Feature list# ?Feature version# ?Feature product manager# ?Feature lead engineer# ?Feature security lead# ?Feature security status# ?Feature security notes# ?Modification date# ?Feature security health# mainlabel=- sort=Feature version format=template template=SecurityRadarListTable limit =100000

}}

Nominations

  • sec-review?
    • Flag: sec-review set to ?
    • no requestee (top group, if any)


It is impossible to construct a buglist query that returns only the bugs we want. For discussion see bug 828344 comment 72 and following; bug 677757 is what we need. The obvious query (flag=sec-review?, NOT requestee contains "@") will appear to work, but will miss bugs which have both a needinfo? request in addition to the empty sec-review? we wanted to find.

For management purposes the request feature produces the list we need.

Bugs with triage whiteboard tag

  • Triage Needed
    • Product: mozilla.org
    • Component: Security Assurance: Review Requested
    • Status: Unconfirmed, New, Reopened, Assigned, Ready
    • whiteboard (contains):[triage

Bugs without an owner

  • nobody component bugs
    • Component: contains "Security Assurance"
    • Resolution: --- (none, still open)
    • Assignee: nobody@mozilla.org
    • whiteboard: (does not contain) triage OR mentor OR vendor
    • keywords: does not contain 'meta'
    • flags: does not contain 'needinfo'

Scrum / Sprint Queries

Untriaged Web Sec Bugs

  • Website Sec
    • Status: Unconfirmed, New, Reopened, Assigned
    • Component: (does not contain) "Security Assurance: Review Request"
    • group: websites-security
    • whiteboard: (does not contain) infrasec
    • keyword: (does not contain) sec-
  • Webtools Security Bugs
    • Status: Unconfirmed, New, Reopened, Assigned
    • group: webtools-security
    • keyword: (does not contain) sec-
  • Client Services Security Bugs
    • Status: Unconfirmed, New, Reopened, Assigned
    • group: client-services-security,addons-security
    • keyword: (does not contain) sec-

Other

  • Assigned bugs
    • Keyword: sec-review-needed
    • whiteboard: "[sec-assigned:"
  • Assigned bugs in component
    • Product: mozilla.org
    • Component: component:"Security Assurance","Security Assurance: Applications","Security Assurance: Incident","Security Assurance: Operations","Security Assurance: Review Request"
    • Status: Unconfirmed, New, Reopened, Assigned
    • Assignee: nobody@mozilla.org
Retrieved from "https://wiki.mozilla.org/index.php?title=Security/Archived/Radar/Triage&oldid=1129262"