Security/Archived/Radar/Triage: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
m (Amuntner moved page Security/Radar/Triage to Security/Archived/Radar/Triage: Out of date page, no longer used. Archiving for historical purposes.)
 
(15 intermediate revisions by 2 users not shown)
Line 38: Line 38:
|}
|}


===Nominations===
=== Nominations ===
* [https://bugzilla.mozilla.org/request.cgi?action=queue&type=sec-review&group=requestee sec-review?]
* [https://bugzilla.mozilla.org/request.cgi?action=queue&requestee=-&type=sec-review sec-review?]
** Flag: sec-review set to ?
** Flag: sec-review set to ?
** no requestee  (top group, if any)
** no requestee  (top group, if any)




It is impossible to construct a query that returns only the bugs we want. For discussion see {{bug|828344}} comment 72 and following; {{bug|677757}} is what we need. For management purposes, however, the request feature produces the list we need (plus more that we'll just ignore).
It is impossible to construct a buglist query that returns only the bugs we want. For discussion see {{bug|828344}} comment 72 and following; {{bug|677757}} is what we need. The obvious query (flag=sec-review?, NOT requestee contains "@") will <i>appear</i> to work, but will miss bugs which have both a needinfo? request in addition to the empty sec-review? we wanted to find.


===Bugs with triage whiteboard tag===
For management purposes the request feature produces the list we need.
 
=== Bugs with triage whiteboard tag ===
*[https://bugzil.la/product%3A%22mozilla.org%22%20component%3A%22Security%20Assurance%3A%20Review%20Request%22%20sw%3A%22%5Btriage%22&order=bug_id Triage Needed]
*[https://bugzil.la/product%3A%22mozilla.org%22%20component%3A%22Security%20Assurance%3A%20Review%20Request%22%20sw%3A%22%5Btriage%22&order=bug_id Triage Needed]
** Product: mozilla.org
** Product: mozilla.org
Line 53: Line 55:
** whiteboard (contains):[triage
** whiteboard (contains):[triage


===Bugs without an owner===
=== Bugs without an owner ===
*[https://bugzilla.mozilla.org/buglist.cgi?f1=component&o1=substring&resolution=---&emailtype1=exact&o2=nowordssubstr&emailassigned_to1=1&f2=status_whiteboard&email1=nobody%40mozilla.org&v1=Security%20Assurance&v2=mentor%20triage&f3=OP&j3=OR&f4=flagtypes.name&o4=isempty&f5=flagtypes.name&v5=needinfo%3F&o5=substring&n5=1&f6=CP Nobody Component Bugs]
*[https://bugzilla.mozilla.org/buglist.cgi?quicksearch=comp%3A%22Security%20Assurance%22%20%40nobody%20-sw%3Amentor%2Ctriage%2Cvendor%20-kw%3Ameta%20-flag%3Aneedinfo nobody component bugs]
** Component: contains "Security Assurance"
** Component: contains "Security Assurance"
** Resolution: ---  (none, still open)
** Resolution: ---  (none, still open)
** Assignee: nobody@mozilla.org
** Assignee: nobody@mozilla.org
** whiteboard: (does not contain) triage OR mentor
** whiteboard: (does not contain) triage OR mentor OR vendor
** flags: EMPTY OR (does not contain) needinfo?
** keywords: does not contain 'meta'
** flags: does not contain 'needinfo'
 
=== Scrum / Sprint Queries ===
* [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=comp%3A%22Security%20Assurance%22%2Bsw%3A%22s%3Dready%22 Ready Bugs]
 
* [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=comp%3A%22Security%20Assurance%22%20sw%3A%22s%3Dsprint%206%22 Current Sprint (6)]
 
* [http://scrumbu.gs/t/security-assurance/ scrumbu.gs SA Page]


=== Untriaged Web Sec Bugs ===
=== Untriaged Web Sec Bugs ===
* [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=group%3Awebsites-security%20-component%3A%22Security%20Assurance%3A%20Review%20Request%22%20-sw%3Ainfrasec%20-kw%3Asec-;list_id=5787794 Website Sec]
* [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=group%3Awebsites-security%20-component%3A%22Security%20Assurance%3A%20Review%20Request%22%20-sw%3Ainfrasec%2C%22%5Bvendor%5D%22%20-kw%3Asec-&list_id=9562423 Website Sec]
** Status: Unconfirmed, New, Reopened, Assigned
** Status: Unconfirmed, New, Reopened, Assigned
** Component: (does not contain) "Security Assurance: Review Request"
** Component: (does not contain) "Security Assurance: Review Request"

Latest revision as of 19:24, 25 April 2016

Force Page Refresh

Triage

Feature Pages

Feature Page Triage Needed
{{#ask: Feature version::!`Feature security status::`
Feature Feature List Target Rel Prod Mgr Lead Engr Security lead Security status Security notes Last Modified
?# ?Feature name# ?Feature list# ?Feature version# ?Feature product manager# ?Feature lead engineer# ?Feature security lead# ?Feature security status# ?Feature security notes# ?Modification date# ?Feature security health# mainlabel=- sort=Feature version format=template template=SecurityRadarListTable limit =100000

}}

Nominations

  • sec-review?
    • Flag: sec-review set to ?
    • no requestee (top group, if any)


It is impossible to construct a buglist query that returns only the bugs we want. For discussion see bug 828344 comment 72 and following; bug 677757 is what we need. The obvious query (flag=sec-review?, NOT requestee contains "@") will appear to work, but will miss bugs which have both a needinfo? request in addition to the empty sec-review? we wanted to find.

For management purposes the request feature produces the list we need.

Bugs with triage whiteboard tag

  • Triage Needed
    • Product: mozilla.org
    • Component: Security Assurance: Review Requested
    • Status: Unconfirmed, New, Reopened, Assigned, Ready
    • whiteboard (contains):[triage

Bugs without an owner

  • nobody component bugs
    • Component: contains "Security Assurance"
    • Resolution: --- (none, still open)
    • Assignee: nobody@mozilla.org
    • whiteboard: (does not contain) triage OR mentor OR vendor
    • keywords: does not contain 'meta'
    • flags: does not contain 'needinfo'

Scrum / Sprint Queries

Untriaged Web Sec Bugs

  • Website Sec
    • Status: Unconfirmed, New, Reopened, Assigned
    • Component: (does not contain) "Security Assurance: Review Request"
    • group: websites-security
    • whiteboard: (does not contain) infrasec
    • keyword: (does not contain) sec-
  • Webtools Security Bugs
    • Status: Unconfirmed, New, Reopened, Assigned
    • group: webtools-security
    • keyword: (does not contain) sec-
  • Client Services Security Bugs
    • Status: Unconfirmed, New, Reopened, Assigned
    • group: client-services-security,addons-security
    • keyword: (does not contain) sec-

Other

  • Assigned bugs
    • Keyword: sec-review-needed
    • whiteboard: "[sec-assigned:"
  • Assigned bugs in component
    • Product: mozilla.org
    • Component: component:"Security Assurance","Security Assurance: Applications","Security Assurance: Incident","Security Assurance: Operations","Security Assurance: Review Request"
    • Status: Unconfirmed, New, Reopened, Assigned
    • Assignee: nobody@mozilla.org
Retrieved from "https://wiki.mozilla.org/index.php?title=Security/Archived/Radar/Triage&oldid=1129262"