From a0350d0b3296578a20a9d6141ee610a2d56db3e6 Mon Sep 17 00:00:00 2001 From: Benjamin Mah Date: Wed, 16 Oct 2024 16:20:32 -0400 Subject: [PATCH 1/8] Initial pending-sec no-tracking rule --- .pre-commit-config.yaml | 2 + bugbot/rules/pending_sec_no_tracking.py | 94 +++++++++++++++++++ templates/pending_sec_no_tracking.html | 23 +++++ .../pending_sec_no_tracking_needinfo.txt | 1 + 4 files changed, 120 insertions(+) create mode 100644 bugbot/rules/pending_sec_no_tracking.py create mode 100644 templates/pending_sec_no_tracking.html create mode 100644 templates/pending_sec_no_tracking_needinfo.txt diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index f00b3f932..1acf4f05d 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -61,3 +61,5 @@ repos: - repo: meta hooks: - id: check-useless-excludes +default_language_version: + python: python3.10 diff --git a/bugbot/rules/pending_sec_no_tracking.py b/bugbot/rules/pending_sec_no_tracking.py new file mode 100644 index 000000000..0918dcd7d --- /dev/null +++ b/bugbot/rules/pending_sec_no_tracking.py @@ -0,0 +1,94 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this file, +# You can obtain one at http://mozilla.org/MPL/2.0/. + +from libmozdata import utils as lmdutils +from libmozdata.bugzilla import Bugzilla + +from bugbot import utils +from bugbot.bzcleaner import BzCleaner + + +class SecurityApprovalTracking(BzCleaner): + def __init__(self, channel): + super().__init__() + self.channel = channel + if not self.init_versions(): + return + + self.version = self.versions[channel] if self.versions else None + + self.extra_ni = None + + def description(self): + return "Bugs with attachments pending security approval and incomplete tracking flags" + + def handle_bug(self, bug, data): + # Assuming these bugs are bugs that do not have a status flag set to either "affected" or "unaffected" + bugid = str(bug["id"]) + data[bugid] = { + "id": bugid, + "summary": bug["summary"], + "assignee": bug["assigned_to"], + } + self.add_auto_ni( + bugid, + {"mail": bug["assigned_to"], "nickname": bug["assigned_to_detail"]["nick"]}, + ) + + return bug + + def get_bugs(self, date="today", bug_ids=[], chunk_size=None): + bugs = super().get_bugs(date, bug_ids, chunk_size) + + Bugzilla( + bugs.keys(), + include_fields=self.fields, + bughandler=self.handle_bug, + bugdata=bugs, + ).wait() + + self.extra_ni = bugs + return bugs + + def get_extra_for_needinfo_template(self): + return self.extra_ni + + def columns(self): + return ["id", "summary", "assignee"] + + def get_bz_params(self, date): + date = lmdutils.get_date_ymd(date) + self.status = utils.get_flag(self.version, "status", self.channel) + self.tracking = utils.get_flag(self.version, "tracking", self.channel) + self.fields = [ + "id", + "assigned_to", + "nickname", + "flags", + self.tracking, + self.status, + ] + + # TODO: include the custom script to search for open bugs with sec-approval? + # https://bugzilla.mozilla.org/buglist.cgi?cmdtype=dorem&remaction=run&namedcmd=open%20bugs%20with%20sec-approval%3F&sharer_id=75935 + + params = { + "include_fields": self.fields, + "resolution": "---", + "f1": self.status, + "o1": "anywords", + "n1": "1", + "v1": ",".join(["unaffected", "affected"]), + "f5": self.status, + "o5": "changedafter", + "v5": "-5d", + } + + return params + + +if __name__ == "__main__": + SecurityApprovalTracking("beta").run() + SecurityApprovalTracking("central").run() + SecurityApprovalTracking("esr").run() diff --git a/templates/pending_sec_no_tracking.html b/templates/pending_sec_no_tracking.html new file mode 100644 index 000000000..fe929ea6f --- /dev/null +++ b/templates/pending_sec_no_tracking.html @@ -0,0 +1,23 @@ +

+ The following {{ plural('bug has', data, pword='bugs have') }} a patch pending security approval, but the affected/unaffected status is not set for all current releases: +

+ + + + + + + + + {% for i, (id, summary, assignee) in enumerate(data) -%} + + + + + {% endfor -%} + +
BugSummary
+ {{ id }} + {{ summary | e }}
diff --git a/templates/pending_sec_no_tracking_needinfo.txt b/templates/pending_sec_no_tracking_needinfo.txt new file mode 100644 index 000000000..c9b8a6a4a --- /dev/null +++ b/templates/pending_sec_no_tracking_needinfo.txt @@ -0,0 +1 @@ +:{{ nickname }}, there is a patch pending security approval, however, the affected/unaffected status is not set for all current releases. Please update the status flags to correctly reflect the correct status. \ No newline at end of file From 20fc299af1087ba11f68baac1c8f1b4854f7de5d Mon Sep 17 00:00:00 2001 From: Benjamin Mah Date: Thu, 17 Oct 2024 11:56:26 -0400 Subject: [PATCH 2/8] Removed default Python --- .pre-commit-config.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 1acf4f05d..f00b3f932 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -61,5 +61,3 @@ repos: - repo: meta hooks: - id: check-useless-excludes -default_language_version: - python: python3.10 From fb9eaf46d699a9ec634b0945fc9e8da967570d69 Mon Sep 17 00:00:00 2001 From: Benjamin Mah Date: Thu, 17 Oct 2024 12:10:19 -0400 Subject: [PATCH 3/8] Removed additional bz param --- bugbot/rules/pending_sec_no_tracking.py | 3 --- 1 file changed, 3 deletions(-) diff --git a/bugbot/rules/pending_sec_no_tracking.py b/bugbot/rules/pending_sec_no_tracking.py index 0918dcd7d..04304faac 100644 --- a/bugbot/rules/pending_sec_no_tracking.py +++ b/bugbot/rules/pending_sec_no_tracking.py @@ -80,9 +80,6 @@ def get_bz_params(self, date): "o1": "anywords", "n1": "1", "v1": ",".join(["unaffected", "affected"]), - "f5": self.status, - "o5": "changedafter", - "v5": "-5d", } return params From 0beae4b4d6e2e23d7a53da6e77130172dc96eb89 Mon Sep 17 00:00:00 2001 From: Benjamin Mah Date: Tue, 22 Oct 2024 10:53:17 -0400 Subject: [PATCH 4/8] Added command to find bugs wih sec-approval flag --- bugbot/rules/pending_sec_no_tracking.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/bugbot/rules/pending_sec_no_tracking.py b/bugbot/rules/pending_sec_no_tracking.py index 04304faac..668a5f71c 100644 --- a/bugbot/rules/pending_sec_no_tracking.py +++ b/bugbot/rules/pending_sec_no_tracking.py @@ -70,9 +70,6 @@ def get_bz_params(self, date): self.status, ] - # TODO: include the custom script to search for open bugs with sec-approval? - # https://bugzilla.mozilla.org/buglist.cgi?cmdtype=dorem&remaction=run&namedcmd=open%20bugs%20with%20sec-approval%3F&sharer_id=75935 - params = { "include_fields": self.fields, "resolution": "---", @@ -80,6 +77,9 @@ def get_bz_params(self, date): "o1": "anywords", "n1": "1", "v1": ",".join(["unaffected", "affected"]), + "f2": "flagtypes.name", + "o2": "substring", + "v2": "sec-approval?", } return params From 9780d063d54c4d29c06b901634d7f3e17387d556 Mon Sep 17 00:00:00 2001 From: Benjamin Mah Date: Mon, 28 Oct 2024 13:39:59 -0400 Subject: [PATCH 5/8] Added start date for BZ params --- bugbot/rules/pending_sec_no_tracking.py | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/bugbot/rules/pending_sec_no_tracking.py b/bugbot/rules/pending_sec_no_tracking.py index 668a5f71c..a444ad76f 100644 --- a/bugbot/rules/pending_sec_no_tracking.py +++ b/bugbot/rules/pending_sec_no_tracking.py @@ -2,7 +2,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this file, # You can obtain one at http://mozilla.org/MPL/2.0/. -from libmozdata import utils as lmdutils from libmozdata.bugzilla import Bugzilla from bugbot import utils @@ -58,7 +57,8 @@ def columns(self): return ["id", "summary", "assignee"] def get_bz_params(self, date): - date = lmdutils.get_date_ymd(date) + start_date, _ = self.get_dates(date) + self.status = utils.get_flag(self.version, "status", self.channel) self.tracking = utils.get_flag(self.version, "tracking", self.channel) self.fields = [ @@ -73,13 +73,16 @@ def get_bz_params(self, date): params = { "include_fields": self.fields, "resolution": "---", - "f1": self.status, - "o1": "anywords", - "n1": "1", - "v1": ",".join(["unaffected", "affected"]), - "f2": "flagtypes.name", - "o2": "substring", - "v2": "sec-approval?", + "f1": "creation_ts", + "o1": "greaterthan", + "v1": start_date, + "f2": self.status, + "o2": "anywords", + "n2": "1", + "v2": ",".join(["unaffected", "affected"]), + "f3": "flagtypes.name", + "o3": "substring", + "v3": "sec-approval?", } return params From 05e3e8a31bf61a8669960ae30854e9add294b40c Mon Sep 17 00:00:00 2001 From: Benjamin Mah Date: Mon, 25 Nov 2024 18:57:29 -0500 Subject: [PATCH 6/8] Removed attribute field --- bugbot/rules/pending_sec_no_tracking.py | 20 ++------------------ 1 file changed, 2 insertions(+), 18 deletions(-) diff --git a/bugbot/rules/pending_sec_no_tracking.py b/bugbot/rules/pending_sec_no_tracking.py index a444ad76f..31b20484c 100644 --- a/bugbot/rules/pending_sec_no_tracking.py +++ b/bugbot/rules/pending_sec_no_tracking.py @@ -2,7 +2,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this file, # You can obtain one at http://mozilla.org/MPL/2.0/. -from libmozdata.bugzilla import Bugzilla from bugbot import utils from bugbot.bzcleaner import BzCleaner @@ -37,19 +36,6 @@ def handle_bug(self, bug, data): return bug - def get_bugs(self, date="today", bug_ids=[], chunk_size=None): - bugs = super().get_bugs(date, bug_ids, chunk_size) - - Bugzilla( - bugs.keys(), - include_fields=self.fields, - bughandler=self.handle_bug, - bugdata=bugs, - ).wait() - - self.extra_ni = bugs - return bugs - def get_extra_for_needinfo_template(self): return self.extra_ni @@ -61,17 +47,15 @@ def get_bz_params(self, date): self.status = utils.get_flag(self.version, "status", self.channel) self.tracking = utils.get_flag(self.version, "tracking", self.channel) - self.fields = [ + fields = [ "id", "assigned_to", "nickname", "flags", - self.tracking, - self.status, ] params = { - "include_fields": self.fields, + "include_fields": fields, "resolution": "---", "f1": "creation_ts", "o1": "greaterthan", From e7f0a3a245dd710e7e27b0a69584e348fa6a74bd Mon Sep 17 00:00:00 2001 From: Benjamin Mah Date: Tue, 26 Nov 2024 10:53:00 -0500 Subject: [PATCH 7/8] Removed `self.tracking` and changed status to a local variable --- bugbot/rules/pending_sec_no_tracking.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/bugbot/rules/pending_sec_no_tracking.py b/bugbot/rules/pending_sec_no_tracking.py index 31b20484c..009e60127 100644 --- a/bugbot/rules/pending_sec_no_tracking.py +++ b/bugbot/rules/pending_sec_no_tracking.py @@ -45,8 +45,7 @@ def columns(self): def get_bz_params(self, date): start_date, _ = self.get_dates(date) - self.status = utils.get_flag(self.version, "status", self.channel) - self.tracking = utils.get_flag(self.version, "tracking", self.channel) + status = utils.get_flag(self.version, "status", self.channel) fields = [ "id", "assigned_to", @@ -60,7 +59,7 @@ def get_bz_params(self, date): "f1": "creation_ts", "o1": "greaterthan", "v1": start_date, - "f2": self.status, + "f2": status, "o2": "anywords", "n2": "1", "v2": ",".join(["unaffected", "affected"]), From 50823a7b254d3b3864728e0d706fa4f7ad7dfe1b Mon Sep 17 00:00:00 2001 From: Benjamin Mah Date: Wed, 4 Dec 2024 19:44:38 -0500 Subject: [PATCH 8/8] Added release channel filtering --- bugbot/rules/pending_sec_no_tracking.py | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/bugbot/rules/pending_sec_no_tracking.py b/bugbot/rules/pending_sec_no_tracking.py index 009e60127..745201615 100644 --- a/bugbot/rules/pending_sec_no_tracking.py +++ b/bugbot/rules/pending_sec_no_tracking.py @@ -66,6 +66,15 @@ def get_bz_params(self, date): "f3": "flagtypes.name", "o3": "substring", "v3": "sec-approval?", + "f4": "cf_status_firefox_nightly", + "o4": "equals", + "v4": "---", + "f5": "cf_status_firefox_beta", + "o5": "equals", + "v5": "---", + "f6": "cf_status_firefox_release", + "o6": "equals", + "v6": "---", } return params