From rlb at defaultvalue.org  Wed Jul  2 15:33:18 2003
From: rlb at defaultvalue.org (Rob Browning)
Date: Wed, 02 Jul 2003 10:33:18 -0500
Subject: customizing file layout, urlbase, and embedded paths
Message-ID: <87fzlolrbd.fsf@raven.i.defaultvalue.org>


I'm working on a trial Debian package for 2.17.4, and Debian has some
requirements for the placement of files (a la the FHS), and the Debian
package wants to place bugzilla as http://host/bugzilla.

As a result, in the previous packaging of 2.16.3, the Debian diff
contains many changes like these:

  -use lib ".";
  +use lib '/usr/share/bugzilla/lib';

  -use lib qw(.);
  +use lib '/usr/share/bugzilla/lib/';

  -  open(PMAIL, "-|") or exec('./processmail', $id);
  +  open(PMAIL, "-|") or exec('/usr/share/bugzilla/lib/processmail', $id);

  -  if (open(COMMENTS, "<data/comments")) {
  +  if (open(COMMENTS, "</var/lib/bugzilla/data/comments")) {

  -  <link href="css/buglist.css" rel="stylesheet" type="text/css">
  +  <link href="/bugzilla/css/buglist.css" rel="stylesheet" type="text/css" >


So I'm wondering

  1) if there's an easier way to handle these changes given the
     current bugzilla infrastructure.  I see urlbase, but didn't know
     how conscientiously that was being used.

  2) if any thought has been given to how you might want to support
     varying install locations (if you want to support them at all).

I ask the latter question because if you do have particular changes in
mind, we may well be able to reorient our Debian patches along those
lines, and possibly come up with something suitable for incorporation
upstream.

Thanks

-- 
Rob Browning
rlb @defaultvalue.org and @debian.org; previously @cs.utexas.edu
GPG starting 2002-11-03 = 14DD 432F AE39 534D B592  F9A0 25C8 D377 8C7E 73A4


From justdave at syndicomm.com  Wed Jul  2 19:13:58 2003
From: justdave at syndicomm.com (David Miller)
Date: Wed, 2 Jul 2003 15:13:58 -0400
Subject: customizing file layout, urlbase, and embedded paths
In-Reply-To: <87fzlolrbd.fsf@raven.i.defaultvalue.org>
References: <87fzlolrbd.fsf@raven.i.defaultvalue.org>
Message-ID: <a06001216bb28d4fe5ecd@[192.168.1.204]>

On 7/2/2003 10:33 AM -0500, Rob Browning wrote:

> I'm working on a trial Debian package for 2.17.4, and Debian has some
> requirements for the placement of files (a la the FHS), and the Debian
> package wants to place bugzilla as http://host/bugzilla.

...

> So I'm wondering
>
>   1) if there's an easier way to handle these changes given the
>      current bugzilla infrastructure.  I see urlbase, but didn't know
>      how conscientiously that was being used.
>
>   2) if any thought has been given to how you might want to support
>      varying install locations (if you want to support them at all).
>
> I ask the latter question because if you do have particular changes in
> mind, we may well be able to reorient our Debian patches along those
> lines, and possibly come up with something suitable for incorporation
> upstream.

Brad Baetz is already working on a bunch of this kind of stuff because we
have to do it anyway for mod_perl support. :)  mod_perl won't let you use
relative pathnames, so we need to know where we're located at all times and
refer to things appropriately.  The beginnings of it are here:

http://bugzilla.mozilla.org/show_bug.cgi?id=208604
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/


From sergey at optimaltec.com  Thu Jul  3 04:01:51 2003
From: sergey at optimaltec.com (Sergey A. Lipnevich)
Date: Thu, 03 Jul 2003 00:01:51 -0400
Subject: customizing file layout, urlbase, and embedded paths
In-Reply-To: <87fzlolrbd.fsf@raven.i.defaultvalue.org>
References: <87fzlolrbd.fsf@raven.i.defaultvalue.org>
Message-ID: <3F03AAAF.8030503@optimaltec.com>


I've done a similar thing for my own requirements and submitted a (long) 
patch that I think you won't need in its entirety. I can update the 
patch to the HEAD relatively easily. Here's the story:
http://bugzilla.mozilla.org/show_bug.cgi?id=186601

Rob Browning wrote:
> I'm working on a trial Debian package for 2.17.4, and Debian has some
> requirements for the placement of files (a la the FHS), and the Debian
> package wants to place bugzilla as http://host/bugzilla.
> 
> As a result, in the previous packaging of 2.16.3, the Debian diff
> contains many changes like these:
> 
>   -use lib ".";
>   +use lib '/usr/share/bugzilla/lib';
> 
>   -use lib qw(.);
>   +use lib '/usr/share/bugzilla/lib/';
> 
>   -  open(PMAIL, "-|") or exec('./processmail', $id);
>   +  open(PMAIL, "-|") or exec('/usr/share/bugzilla/lib/processmail', $id);
> 
>   -  if (open(COMMENTS, "<data/comments")) {
>   +  if (open(COMMENTS, "</var/lib/bugzilla/data/comments")) {
> 
>   -  <link href="css/buglist.css" rel="stylesheet" type="text/css">
>   +  <link href="/bugzilla/css/buglist.css" rel="stylesheet" type="text/css" >
> 
> 
> So I'm wondering
> 
>   1) if there's an easier way to handle these changes given the
>      current bugzilla infrastructure.  I see urlbase, but didn't know
>      how conscientiously that was being used.
> 
>   2) if any thought has been given to how you might want to support
>      varying install locations (if you want to support them at all).
> 
> I ask the latter question because if you do have particular changes in
> mind, we may well be able to reorient our Debian patches along those
> lines, and possibly come up with something suitable for incorporation
> upstream.
> 
> Thanks
> 





From usmlekaplan at yahoo.com  Thu Jul  3 15:28:27 2003
From: usmlekaplan at yahoo.com (usmle Prep)
Date: Thu, 3 Jul 2003 08:28:27 -0700 (PDT)
Subject: watch list on fields implementation
Message-ID: <20030703152827.21954.qmail@web20202.mail.yahoo.com>

We are planning to create a watch based on some fields
in bugs database.For time being they are fields of
"bugs" table.It may be extended later.
Did anyone implement it already?
It should work like this: Say target_milestone field
in bugs table changes, then a particular group of
people should be notified .Please let me know if it is
already there.
Thanks a lot,
Srikant

__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com


From gerv at gerv.net  Mon Jul  7 16:12:32 2003
From: gerv at gerv.net (Gervase Markham)
Date: Mon, 07 Jul 2003 17:12:32 +0100
Subject: O'Reilly article on integrating Bugzilla and CVS
Message-ID: <3F099BF0.6090500@gerv.net>

Could be worth mentioning in the docs?

http://oreilly.empowernewsletter.com//Newsletter.aspx?s=83667e25-c2b9-45aa-a9cb-98c1adac85cb&l=2&n=2&i=79&a=827&o=1

Gerv



From dswegen at software.plasmon.com  Mon Jul  7 16:56:25 2003
From: dswegen at software.plasmon.com (Dave Swegen)
Date: Mon, 7 Jul 2003 17:56:25 +0100
Subject: O'Reilly article on integrating Bugzilla and CVS
In-Reply-To: <3F099BF0.6090500@gerv.net>
References: <3F099BF0.6090500@gerv.net>
Message-ID: <20030707165625.GA13579@software.plasmon>

On Mon, Jul 07, 2003 at 05:12:32PM +0100, Gervase Markham wrote:
> Could be worth mentioning in the docs?
> 
> http://oreilly.empowernewsletter.com//Newsletter.aspx?s=83667e25-c2b9-45aa-a9cb-98c1adac85cb&l=2&n=2&i=79&a=827&o=1
> 

Or to bang my own drum, refer to bug 199116, which IMHO does a
reasonably nice job of it (though the ViewCVS config bit needs a bit of
cleaning up - though having found out how easy it is to add params I
should have the patch modified in short order to do the Right Thing) :)

Cheers
    Dave


From rlb at defaultvalue.org  Mon Jul  7 20:30:21 2003
From: rlb at defaultvalue.org (Rob Browning)
Date: Mon, 07 Jul 2003 15:30:21 -0500
Subject: tracking down cgi errors.
Message-ID: <87y8zagjvm.fsf@raven.i.defaultvalue.org>


I'm still working on some trial 2.17.4 Debian packages, and I've
gotten to the point of testing.  The package looks more or less right,
and checksetup.pl appears happy, but when I try to load a cgi I get a
Template::Exception.

Is there any easy way to track errors like this down?  Are there more
detailed log messages you can enable, or is there a log other than
apache/error.log I should be looking at?

Thanks

Here's what I'm getting:

  www-data at raven:~$ /usr/lib/cgi-bin/bugzilla/editparams.cgi 
  Content-Type: text/html

          <tt>
            <p>
              Bugzilla has suffered an internal error. Please save this page and 
              send it to THE MAINTAINER HAS NOT YET BEEN SET with details of what you were doing at the 
              time this message appeared.
            </p>
            <script type="text/javascript"> <!--
              document.write("<p>URL: " + document.location + "</p>");
            // -->
            </script>
            <p>Template->process() failed twice.<br>
            First error: Template::Exception at /usr/share/perl5/CGI/Carp.pm line 301.
  <br>
            Second error: Template::Exception at /usr/share/perl5/CGI/Carp.pm line 301.
  </p>
          </tt>


-- 
Rob Browning
rlb @defaultvalue.org and @debian.org; previously @cs.utexas.edu
GPG starting 2002-11-03 = 14DD 432F AE39 534D B592  F9A0 25C8 D377 8C7E 73A4


From justdave at syndicomm.com  Mon Jul  7 20:38:19 2003
From: justdave at syndicomm.com (David Miller)
Date: Mon, 7 Jul 2003 16:38:19 -0400
Subject: tracking down cgi errors.
In-Reply-To: <87y8zagjvm.fsf@raven.i.defaultvalue.org>
References: <87y8zagjvm.fsf@raven.i.defaultvalue.org>
Message-ID: <a06001203bb2f8a38f225@[192.168.1.204]>

On 7/7/2003 3:30 PM -0500, Rob Browning wrote:

> I'm still working on some trial 2.17.4 Debian packages, and I've
> gotten to the point of testing.  The package looks more or less right,
> and checksetup.pl appears happy, but when I try to load a cgi I get a
> Template::Exception.
>
> Is there any easy way to track errors like this down?  Are there more
> detailed log messages you can enable, or is there a log other than
> apache/error.log I should be looking at?

There's two things you can do:

a) Install version 2.09c or later of Template Toolkit, which has "real"
error messages instead of the "Template::Exception" generic message.

-or-

b) edit globals.pl, find "sub die_with_dignity" and uncomment the entirety
of that sub, and the $::SIG{__DIE__} trap right under it.  This will cause
any error to report an entire call stack trace instead of just the error
message (which in many cases will be printed to both the web page and the
error log).  In the case of template errors, this will spew about an entire
screen of data, and buried somewhere in the middle of it will be the real
error.
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/


From justdave at syndicomm.com  Mon Jul  7 20:57:41 2003
From: justdave at syndicomm.com (David Miller)
Date: Mon, 7 Jul 2003 16:57:41 -0400
Subject: tracking down cgi errors.
In-Reply-To: <a06001203bb2f8a38f225@[192.168.1.204]>
References: <87y8zagjvm.fsf@raven.i.defaultvalue.org>
 <a06001203bb2f8a38f225@[192.168.1.204]>
Message-ID: <a06001204bb2f8ec302e1@[192.168.1.204]>

On 7/7/2003 4:38 PM -0400, David Miller wrote:

> b) edit globals.pl, find "sub die_with_dignity" and uncomment the entirety
> of that sub, and the $::SIG{__DIE__} trap right under it.  This will cause
> any error to report an entire call stack trace instead of just the error
> message (which in many cases will be printed to both the web page and the
> error log).  In the case of template errors, this will spew about an entire
> screen of data, and buried somewhere in the middle of it will be the real
> error.

Oh, I forgot to mention, if you're using this trick, you'll also need to
uncomment a "use Carp" a little further up in globals.pl, too.
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/


From rlb at defaultvalue.org  Tue Jul  8 04:55:24 2003
From: rlb at defaultvalue.org (Rob Browning)
Date: Mon, 07 Jul 2003 23:55:24 -0500
Subject: tracking down cgi errors.
In-Reply-To: <a06001204bb2f8ec302e1@[192.168.1.204]> (David Miller's message
 of "Mon, 7 Jul 2003 16:57:41 -0400")
References: <87y8zagjvm.fsf@raven.i.defaultvalue.org>
	<a06001203bb2f8a38f225@[192.168.1.204]>
	<a06001204bb2f8ec302e1@[192.168.1.204]>
Message-ID: <8765mdhb2b.fsf@raven.i.defaultvalue.org>

David Miller <justdave at syndicomm.com> writes:

> Oh, I forgot to mention, if you're using this trick, you'll also need to
> uncomment a "use Carp" a little further up in globals.pl, too.

Actually, it worked anyway (or was good enough that I found the change
I missed).  Thanks very much.  It seems to work now.

At this point I'm just trying to figure out how the new
users/groups/permissions work.  So far I'm not sure how arrange things
so that multiple clients can submit bugs to a given product but can't
see each others bugs and can't create public bugs.

I can create product "foo", "client-a-group", and "client-b-group",
and then I can arrange it so that everyone is in the foo product group
and the appropriate people are in the client-a and client-b groups.  I
can also arrange it so that all "foo" bugs end up in the "foo" group,
but I can't see a way to insist that all bugs submitted by people in
the client-a group also end up in the client-a group.  They can always
just unclick their client-a group when they create a bug.

Anyway I'll play around for a bit and see what I can figure out.
Perhaps there's some other arrangement that'll accomplish a similar
thing.

Thanks again.

-- 
Rob Browning
rlb @defaultvalue.org and @debian.org; previously @cs.utexas.edu
GPG starting 2002-11-03 = 14DD 432F AE39 534D B592  F9A0 25C8 D377 8C7E 73A4


From rlb at defaultvalue.org  Tue Jul  8 14:41:38 2003
From: rlb at defaultvalue.org (Rob Browning)
Date: Tue, 08 Jul 2003 09:41:38 -0500
Subject: capabilities of forthcoming group changes
In-Reply-To: <a06001201bb260e24feee@[192.168.1.204]> (David Miller's message
 of "Mon, 30 Jun 2003 11:59:05 -0400")
References: <87el1bmulk.fsf@raven.i.defaultvalue.org>
	<a06001201bb260e24feee@[192.168.1.204]>
Message-ID: <87r851f5ct.fsf@raven.i.defaultvalue.org>

David Miller <justdave at syndicomm.com> writes:

>>   - prevent the creation of public bug report for some (perhaps all)
>>     products by either all users (or perhaps just users in some
>>     groups).
>
> Yes.

So with 2.17.4, is there an intended way to handle multiple clients
(multiple client groups) submitting bugs for a given product?

Ideally members of one client group shoudn't be able to see bugs
submitted by other clients (unless the admin takes some kind of
action), and members of a given client group couldn't accidentally or
intentionally submit a public bug.

It seems like you can almost get that with one group per client,
makeproductgroups, useentrygroupdefault, and some suitable settings,
but a member of a client group can still uncheck their group when
submitting a bug, presumably making the bug public.

Feel free to point me at the docs if I've overlooked any.

Thanks

-- 
Rob Browning
rlb @defaultvalue.org and @debian.org; previously @cs.utexas.edu
GPG starting 2002-11-03 = 14DD 432F AE39 534D B592  F9A0 25C8 D377 8C7E 73A4


From bugreport at peshkin.net  Tue Jul  8 15:04:26 2003
From: bugreport at peshkin.net (Joel Peshkin)
Date: Tue, 08 Jul 2003 08:04:26 -0700
Subject: capabilities of forthcoming group changes
In-Reply-To: <87r851f5ct.fsf@raven.i.defaultvalue.org>
References: <87el1bmulk.fsf@raven.i.defaultvalue.org>	<a06001201bb260e24feee@[192.168.1.204]> <87r851f5ct.fsf@raven.i.defaultvalue.org>
Message-ID: <3F0ADD7A.3040001@peshkin.net>

>
>
>
>So with 2.17.4, is there an intended way to handle multiple clients
>(multiple client groups) submitting bugs for a given product?
>
>Ideally members of one client group shoudn't be able to see bugs
>submitted by other clients (unless the admin takes some kind of
>action), and members of a given client group couldn't accidentally or
>intentionally submit a public bug.
>  
>
The only way to do this today is to use one product per client.  The 
options are explained in the editproducts page for editing group controls.

Forcing restrictions based on the membership of the submitter saying 
that Group A must restrict to Group A but they don't have to if they are 
members of both Group A and Group B would be an interesting trick. 
 After all, your own staff will need to be members of all of these 
groups and their membership should not require them to restrict bugs to 
be visible by only other people who are members of all of the groups.

If anyone has an idea of a consistent way to express this, jump in anytime.

-Joel





From myk at mozilla.org  Tue Jul  8 16:57:18 2003
From: myk at mozilla.org (Myk Melez)
Date: Tue, 08 Jul 2003 09:57:18 -0700
Subject: Bugzilla.mozilla.org
In-Reply-To: <C3EB95A31BDAD511827C00B0D0F95AF5890486@BUCKWHEAT>
References: <C3EB95A31BDAD511827C00B0D0F95AF5890486@BUCKWHEAT>
Message-ID: <3F0AF7ED.8050002@mozilla.org>

Casey Gregoire wrote:

> What kind of hardware does the Bugzilla page run on? (I am not 
> complaining about speed, but it does seem to run a little slow.) I was 
> wondering how much of that is the size of the database, and how much 
> of that is the server it runs on. And maybe, how many other things run 
> on that server?
>
It's the hardware, which is old and underpowered relative to the load 
being placed on it.  We've got a new dual-2.8Ghz hyperthreaded CPU box 
with 4GB memory that some very rough tests show 10-70x improvement in 
query times.

-myk

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bugzilla.org/pipermail/developers/attachments/20030708/854e2ee4/attachment.html>

From gandalf at przeglad.com.pl  Tue Jul  8 18:03:33 2003
From: gandalf at przeglad.com.pl (Zbigniew Braniecki)
Date: Tue, 08 Jul 2003 20:03:33 +0200
Subject: bugs.php.net like prompts
Message-ID: <3F0B0775.6060502@przeglad.com.pl>

Hello.
I was testing new functionality coming with PHP 5.0 and found a bug.
I checked bugs.php.net for similar problems but (sic!) didn't find any.

(The reason was because i looked for all bugs related to "print_r" 
problem no matter of version etc. I recived 309 bugs and checked only 60 
first.)

So i decided to fill a bug. After filling it, i clicked "submit bug", 
but instead of sending it, bugs.php.net displayed a list of possible 
matching problems with description,status and question if i'm sure it's 
not any of following. If not, i can click "submit" once more, to really 
submit it into database. Of course the bug was there and I did not send 
one more dupe.

I think that similar system in bugzilla would be very, very, very 
effective and would meaningly reduce number of dupes.

Greetings
Zbigniew Braniecki



From preed at sigkill.com  Tue Jul  8 21:07:57 2003
From: preed at sigkill.com (J. Paul Reed)
Date: Tue, 8 Jul 2003 14:07:57 -0700
Subject: bugs.php.net like prompts
In-Reply-To: <3F0B0775.6060502@przeglad.com.pl>; from gandalf@przeglad.com.pl on Tue, Jul 08, 2003 at 08:03:33PM +0200
References: <3F0B0775.6060502@przeglad.com.pl>
Message-ID: <20030708140757.B617@sigkill.com>

On 08 Jul 2003 at 20:03:33, Zbigniew Braniecki moved bits on my disk to say:

> I think that similar system in bugzilla would be very, very, very
> effective and would meaningly reduce number of dupes.

Possibly... but you should file a feature enhancement bug on this so it can
be discussed.

I don't know if it'd be a dupe. ;-)

Later,
Paul
------------------------------------------------------------------------
J. Paul Reed -- 0xDF8708F8 || preed at sigkill.com || web.sigkill.com/preed
To hold on to sanity too tight is insane.   -- Nick Falzone, Pushing Tin

I use PGP; you should use PGP too... if only to piss off John Ashcroft


From gerv at mozilla.org  Tue Jul  8 21:57:56 2003
From: gerv at mozilla.org (Gervase Markham)
Date: Tue, 08 Jul 2003 22:57:56 +0100
Subject: tracking down cgi errors.
In-Reply-To: <8765mdhb2b.fsf@raven.i.defaultvalue.org>
References: <87y8zagjvm.fsf@raven.i.defaultvalue.org>	<a06001203bb2f8a38f225@[192.168.1.204]>	<a06001204bb2f8ec302e1@[192.168.1.204]> <8765mdhb2b.fsf@raven.i.defaultvalue.org>
Message-ID: <3F0B3E64.4070509@mozilla.org>

Rob Browning wrote:
> I can create product "foo", "client-a-group", and "client-b-group",
> and then I can arrange it so that everyone is in the foo product group
> and the appropriate people are in the client-a and client-b groups.  I
> can also arrange it so that all "foo" bugs end up in the "foo" group,
> but I can't see a way to insist that all bugs submitted by people in
> the client-a group also end up in the client-a group.  They can always
> just unclick their client-a group when they create a bug.

Can you not set both MemberControl and OtherControl to Mandatory in the 
Group Controls section, found via editproducts.cgi?

Gerv



From gerv at mozilla.org  Tue Jul  8 22:02:44 2003
From: gerv at mozilla.org (Gervase Markham)
Date: Tue, 08 Jul 2003 23:02:44 +0100
Subject: Bugzilla.mozilla.org
In-Reply-To: <3F0AF7ED.8050002@mozilla.org>
References: <C3EB95A31BDAD511827C00B0D0F95AF5890486@BUCKWHEAT> <3F0AF7ED.8050002@mozilla.org>
Message-ID: <3F0B3F84.8010907@mozilla.org>

Myk Melez wrote:
> It's the hardware, which is old and underpowered relative to the load 
> being placed on it.  We've got a new dual-2.8Ghz hyperthreaded CPU box 
> with 4GB memory that some very rough tests show 10-70x improvement in 
> query times.

Any ETA for a switchover?

Gerv



From rlb at defaultvalue.org  Tue Jul  8 22:20:41 2003
From: rlb at defaultvalue.org (Rob Browning)
Date: Tue, 08 Jul 2003 17:20:41 -0500
Subject: capabilities of forthcoming group changes
In-Reply-To: <3F0ADD7A.3040001@peshkin.net> (Joel Peshkin's message of "Tue,
 08 Jul 2003 08:04:26 -0700")
References: <87el1bmulk.fsf@raven.i.defaultvalue.org>
	<a06001201bb260e24feee@[192.168.1.204]>
	<87r851f5ct.fsf@raven.i.defaultvalue.org>
	<3F0ADD7A.3040001@peshkin.net>
Message-ID: <8765mc7j9i.fsf@raven.i.defaultvalue.org>

Joel Peshkin <bugreport at peshkin.net> writes:

> The only way to do this today is to use one product per client.  The
> options are explained in the editproducts page for editing group
> controls.

Right, I'd thought of that.  I just didn't know if anyone had a more
clever solution.

> Forcing restrictions based on the membership of the submitter saying
> that Group A must restrict to Group A but they don't have to if they
> are members of both Group A and Group B would be an interesting
> trick. After all, your own staff will need to be members of all of
> these groups and their membership should not require them to restrict
> bugs to be visible by only other people who are members of all of the
> groups.

Right.  There also might be a case where a user should be allowed to
submit bugs for more than one client (i.e. they work for two clients).

> If anyone has an idea of a consistent way to express this, jump in
> anytime.

If there were a way to list groups for a product that were "mandatory
on entry if the submitter is a member", that might help.  For example,
for product-foo you could list all the client groups that are allowed
to submit bugs for product-foo (say client-a, client-b, client-c, for
example).  Then when a user enters a bug, if they're in the client-a
group, that group will be automatically assigned to the bug without
presenting a checkbox.  Of course you'd still have an editing problem.
i.e. even if the client-a user is allowed to edit bugs, they shouldn't
be allowed to change the client-a group assigned to the bug.

I guess you might be able to fix that if you were willing to make
editing a bug's group a separate privilege from other editing
(editbuggroups?).  In that case, staff would be allowed the
editbuggroups privilege (in case a bug needs re-filing), but clients
wouldn't.  Also, this would have the side effect that any user in more
than one client group would create bugs that were visible to all the
client groups they belong to.

In any case, I have this feeling there's a much better way to handle
that, but the above is the simplest thing I've thought of so far...

-- 
Rob Browning
rlb @defaultvalue.org and @debian.org; previously @cs.utexas.edu
GPG starting 2002-11-03 = 14DD 432F AE39 534D B592  F9A0 25C8 D377 8C7E 73A4


From bugreport at peshkin.net  Tue Jul  8 22:23:52 2003
From: bugreport at peshkin.net (Joel Peshkin)
Date: Tue, 08 Jul 2003 15:23:52 -0700
Subject: capabilities of forthcoming group changes
In-Reply-To: <3F0B3E64.4070509@mozilla.org>
References: <87y8zagjvm.fsf@raven.i.defaultvalue.org>	<a06001203bb2f8a38f225@[192.168.1.204]>	<a06001204bb2f8ec302e1@[192.168.1.204]> <8765mdhb2b.fsf@raven.i.defaultvalue.org> <3F0B3E64.4070509@mozilla.org>
Message-ID: <3F0B4478.7000103@peshkin.net>

Gervase Markham wrote:

> Rob Browning wrote:
>
>> I can create product "foo", "client-a-group", and "client-b-group",
>> and then I can arrange it so that everyone is in the foo product group
>> and the appropriate people are in the client-a and client-b groups.  I
>> can also arrange it so that all "foo" bugs end up in the "foo" group,
>> but I can't see a way to insist that all bugs submitted by people in
>> the client-a group also end up in the client-a group.  They can always
>> just unclick their client-a group when they create a bug.
>
>
> Can you not set both MemberControl and OtherControl to Mandatory in 
> the Group Controls section, found via editproducts.cgi?
>
> Gerv


Only if you have a distinct product for client-a and client-b.

Otherwise, anyone creating a bug in a shared product would be forced to 
restrict it to ONLY people who are members of both client-a and client-b.

It is actually possible to set the group controls so that, for product 
"foo",  a group for which neither group of clients is a member is 
Default/Mandatory.  This will mean that only the reporter and your own 
staff will be able to see a bug unless someone on your staff goes in and 
changes the permissions to allow the rest of the client group to see it.

-Joel





From myk at mozilla.org  Tue Jul  8 22:23:28 2003
From: myk at mozilla.org (Myk Melez)
Date: Tue, 08 Jul 2003 15:23:28 -0700
Subject: Bugzilla.mozilla.org
In-Reply-To: <3F0B3F84.8010907@mozilla.org>
References: <C3EB95A31BDAD511827C00B0D0F95AF5890486@BUCKWHEAT> <3F0AF7ED.8050002@mozilla.org> <3F0B3F84.8010907@mozilla.org>
Message-ID: <3F0B4460.2040309@mozilla.org>

Gervase Markham wrote:

> Myk Melez wrote:
>
>> It's the hardware, which is old and underpowered relative to the load 
>> being placed on it.  We've got a new dual-2.8Ghz hyperthreaded CPU 
>> box with 4GB memory that some very rough tests show 10-70x 
>> improvement in query times.
>
>
> Any ETA for a switchover?

Current plans are to move the mirror database to the new server the last 
two weeks in July and everything else (the master database, the 
application) some time thereafter, probably in August.

-myk




From JWilmoth at starbucks.com  Tue Jul  8 22:32:57 2003
From: JWilmoth at starbucks.com (Jon Wilmoth)
Date: Tue, 8 Jul 2003 15:32:57 -0700
Subject: "Evil Code" error?
Message-ID: <E2291D136BD35647A074B1053785B05B014948D4@seams042.starbucks.net>

We've been experiencing problems with our Bugzilla server (disk space
and other) and finally had to reboot the machine.  I'm now seeing the
following message in the apache error_log:

Evil code attempted to write 'insert into logincookies (userid,ipaddr)
values (131, '204.238.150.136')' to the shadow database at
/usr/local/lib/perl5/5.6.1/CGI
/Carp.pm line 301.

This sounds bad...how concerned should I be?



From preed at sigkill.com  Tue Jul  8 22:47:37 2003
From: preed at sigkill.com (J. Paul Reed)
Date: Tue, 8 Jul 2003 15:47:37 -0700
Subject: Bugzilla.mozilla.org
In-Reply-To: <3F0B4460.2040309@mozilla.org>; from myk@mozilla.org on Tue, Jul 08, 2003 at 03:23:28PM -0700
References: <C3EB95A31BDAD511827C00B0D0F95AF5890486@BUCKWHEAT> <3F0AF7ED.8050002@mozilla.org> <3F0B3F84.8010907@mozilla.org> <3F0B4460.2040309@mozilla.org>
Message-ID: <20030708154737.A799@sigkill.com>

On 08 Jul 2003 at 15:23:28, Myk Melez moved bits on my disk to say:

> > Any ETA for a switchover?
> 
> Current plans are to move the mirror database to the new server the last
> two weeks in July and everything else (the master database, the
> application) some time thereafter, probably in August.

Would it make sense to try to deploy a 2.18rc1-ish sort of release to the
new server around that time?

Later,
Paul
------------------------------------------------------------------------
J. Paul Reed -- 0xDF8708F8 || preed at sigkill.com || web.sigkill.com/preed
To hold on to sanity too tight is insane.   -- Nick Falzone, Pushing Tin

I use PGP; you should use PGP too... if only to piss off John Ashcroft


From rlb at defaultvalue.org  Tue Jul  8 23:23:50 2003
From: rlb at defaultvalue.org (Rob Browning)
Date: Tue, 08 Jul 2003 18:23:50 -0500
Subject: capabilities of forthcoming group changes
In-Reply-To: <3F0B4478.7000103@peshkin.net> (Joel Peshkin's message of "Tue,
 08 Jul 2003 15:23:52 -0700")
References: <87y8zagjvm.fsf@raven.i.defaultvalue.org>
	<a06001203bb2f8a38f225@[192.168.1.204]>
	<a06001204bb2f8ec302e1@[192.168.1.204]>
	<8765mdhb2b.fsf@raven.i.defaultvalue.org>
	<3F0B3E64.4070509@mozilla.org> <3F0B4478.7000103@peshkin.net>
Message-ID: <87n0fo61rt.fsf@raven.i.defaultvalue.org>

Joel Peshkin <bugreport at peshkin.net> writes:

> It is actually possible to set the group controls so that, for product
> "foo",  a group for which neither group of clients is a member is
> Default/Mandatory.  This will mean that only the reporter and your own
> staff will be able to see a bug unless someone on your staff goes in
> and changes the permissions to allow the rest of the client group to
> see it.

Hmm, so that would be kind of like a "holding group"?  i.e. an
incoming audit area?  If so, that might be OK.

-- 
Rob Browning
rlb @defaultvalue.org and @debian.org; previously @cs.utexas.edu
GPG starting 2002-11-03 = 14DD 432F AE39 534D B592  F9A0 25C8 D377 8C7E 73A4


From call_raghava at yahoo.com  Wed Jul  9 00:09:55 2003
From: call_raghava at yahoo.com (Raghava Rao)
Date: Tue, 8 Jul 2003 17:09:55 -0700 (PDT)
Subject: How to make Bugzilla faster on Linux?
Message-ID: <20030709000955.16963.qmail@web12206.mail.yahoo.com>

Hello,
  I'm using Bugzilla with Apache Webserver, MySQL
Database and Perl modules on a Linux m/c. For some
reason unknown, when I create a new bug or make
changes to an existing one, it takes a long time to
process the bug and return with the resulting web
page. My question:
  1. How can we configure Bugzilla to be any faster?

  I tried setting the sendMailNow option to NO. Even
then, it is very slow. Any other tweaks I need to take
care of?
  Any help is appreciated.
  Thanks.
    Raghava

__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com


From etzwane at schwag.org  Wed Jul  9 00:22:07 2003
From: etzwane at schwag.org (Sean McAfee)
Date: Tue, 08 Jul 2003 20:22:07 -0400
Subject: New custom fields patch
Message-ID: <20030709002207.1E597BD82@diggity.schwag.org>

Attached is a patch against bugzilla-2.17.4 that adds the following
features:

*  A new program, editcustomfields.cgi, which allows for administrative
   control of custom fields.  (As in the prior version, it doesn't check for
   appropriate access rights, so be careful.)

*  Custom fields are now presented when bugs are posted and processed.

Apply the patch with "patch -p1" in bugzilla's top-level directory.

Notes:

*  Source bz-cf-schema.txt from a mysql prompt to set up the custom fields
   schema.

*  Source bz-cf-data.txt from a mysql prompt to install some example fields
   in the project with numeric ID 1.

*  You'll need to "chmod u+x editcustomfields.cgi".

*  Changes to existing code and templates are minimal.  Most of the new code
   lives in two new modules, Bugzilla::CustomFields and
   Bugzilla::CustomFields::Util.  Most of the new templates reside in
   template/en/default/custom-field/.

*  Changes to custom fields are not yet logged, pending resolution of the
   discussion of the best way to do that.

*  Other outstanding issues (field sharing between products, etc) have gone
   unaddressed, since they don't affect the way fields are presented when
   bugs are posted and processed.

Comments are welcome.  I'll be tackling querying next.


-- 
Sean McAfee -- etzwane at schwag.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: custom-fields-patch.gz
Type: application/octet-stream
Size: 24083 bytes
Desc: not available
URL: <http://lists.bugzilla.org/pipermail/developers/attachments/20030708/3dd03c8c/attachment.obj>

From jon at vmware.com  Wed Jul  9 00:31:24 2003
From: jon at vmware.com (Jonathan Schatz)
Date: 08 Jul 2003 17:31:24 -0700
Subject: How to make Bugzilla faster on Linux?
In-Reply-To: <20030709000955.16963.qmail@web12206.mail.yahoo.com>
References: <20030709000955.16963.qmail@web12206.mail.yahoo.com>
Message-ID: <1057710684.27754.40.camel@jonschatz-lx.vmware.com>

On Tue, 2003-07-08 at 17:09, Raghava Rao wrote:
>   I tried setting the sendMailNow option to NO. Even
> then, it is very slow. Any other tweaks I need to take
> care of?

try replacing the default my.cnf file with a more optimized one. on a
redhat system, look in 

/usr/share/doc/mysql-server-3.23.56/*.cnf

(depending on your mysql version). i settled on the my-large.cnf.

-jon
-- 
Jonathan Schatz
Engineering System Administrator
VMware, Inc
"Te occidere possunt sed te edere non possunt nefas est."





From jussi at comlink.fi  Wed Jul  9 00:40:01 2003
From: jussi at comlink.fi (Jussi Sirpoma)
Date: Wed, 09 Jul 2003 03:40:01 +0300
Subject: How to make Bugzilla faster on Linux?
In-Reply-To: <20030709000955.16963.qmail@web12206.mail.yahoo.com>
References: <20030709000955.16963.qmail@web12206.mail.yahoo.com>
Message-ID: <3F0B6461.9070508@comlink.fi>

On 9.7.2003 3:09 Raghava Rao wrote:

> Hello,
>   I'm using Bugzilla with Apache Webserver, MySQL
> Database and Perl modules on a Linux m/c. For some
> reason unknown, when I create a new bug or make
> changes to an existing one, it takes a long time to
> process the bug and return with the resulting web
> page. My question:
>   1. How can we configure Bugzilla to be any faster?
> 
>   I tried setting the sendMailNow option to NO. Even
> then, it is very slow. Any other tweaks I need to take
> care of?
>   Any help is appreciated.
>   Thanks.
>     Raghava

I've read a couple of times about host name lookup slowing down 
bugzilla. So you could check how long it takes to send an email to the 
addresses in one of the slow bugs.

If this takes a long time then you should propably check how long it 
takes to dig the ip address for the domains you are trying to send the 
emails.

Also, the latest cvs version does not use the processmail script for 
sending the mails. So at least mass editing has become a lot faster 
after the last release.

Regards,

Jussi Sirpoma



From gandalf at przeglad.com.pl  Tue Jul  8 21:18:34 2003
From: gandalf at przeglad.com.pl (Zbigniew Braniecki)
Date: Tue, 08 Jul 2003 23:18:34 +0200
Subject: bugs.php.net like prompts
In-Reply-To: <20030708140757.B617@sigkill.com>
References: <3F0B0775.6060502@przeglad.com.pl> <20030708140757.B617@sigkill.com>
Message-ID: <3F0B352A.2000507@przeglad.com.pl>

J. Paul Reed wrote:

> Possibly... but you should file a feature enhancement bug on this so it can
> be discussed.

Sure. Just wanted to ask here first, to grow chance it wont be a dupe 
and/or meet with Bugzilla developer opinion :)

Greetings
Zbigniew Braniecki



From justdave at syndicomm.com  Wed Jul  9 00:51:12 2003
From: justdave at syndicomm.com (David Miller)
Date: Tue, 8 Jul 2003 20:51:12 -0400
Subject: "Evil Code" error?
In-Reply-To:  <E2291D136BD35647A074B1053785B05B014948D4@seams042.starbucks.net>
References:  <E2291D136BD35647A074B1053785B05B014948D4@seams042.starbucks.net>
Message-ID: <a06001200bb311703f2a1@[192.168.1.204]>

On 7/8/2003 3:32 PM -0700, Jon Wilmoth wrote:

> We've been experiencing problems with our Bugzilla server (disk space
> and other) and finally had to reboot the machine.  I'm now seeing the
> following message in the apache error_log:
>
> Evil code attempted to write 'insert into logincookies (userid,ipaddr)
> values (131, '204.238.150.136')' to the shadow database at
> /usr/local/lib/perl5/5.6.1/CGI
> /Carp.pm line 301.
>
> This sounds bad...how concerned should I be?

Um, basically something broke if you got that.  Hard to be more specific.
That error is actually generated by Bugzilla though.  It's in the SendSQL
sub, which in 2.16.3 is in globals.pl.  The error message is generated if
the current database is the shadow database and something tries to do a
database write (which is only allowed on the primary database, not the
shadow).  Most of the shadow database concept went away in 2.17.x in favor
of database replication.
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/


From icanoop at bitwiser.org  Wed Jul  9 01:10:27 2003
From: icanoop at bitwiser.org (Ryan Boder)
Date: Tue, 8 Jul 2003 21:10:27 -0400
Subject: Bugzilla as a task management tool
Message-ID: <20030709011027.GA29991@bitwiser.org>

I see on the roadmap page that... 

While the potential exists in the code to turn Bugzilla into a technical
support ticket system, task management tool, or project management tool, we
should focus on the task of designing a system to track software defects.

Do the current developers plan to keep this mindset and never make Bugzilla
a task management tool?

I am asking because I am working on a scheduling tool and I want to work
well with Bugzilla, so if it will ever be a task management tool I would like
to support Bugzilla tasks, but if it isn't I will implement tasks myself.

I am aware that Issuezilla does this, but I am only interested in making it
work nicely with Bugzilla.

Thanks,
-- 
Ryan Boder
http://www.bitwiser.org/icanoop


From ihok at hotmail.com  Tue Jul  8 22:47:51 2003
From: ihok at hotmail.com (Jack Tanner)
Date: Tue, 08 Jul 2003 18:47:51 -0400
Subject: bugs.php.net like prompts
In-Reply-To: <3F0B0775.6060502@przeglad.com.pl>
References: <3F0B0775.6060502@przeglad.com.pl>
Message-ID: <befhld$2pn$1@main.gmane.org>

Zbigniew Braniecki wrote:
> So i decided to fill a bug. After filling it, i clicked "submit bug", 
> but instead of sending it, bugs.php.net displayed a list of possible 
> matching problems with description,status and question if i'm sure it's 
> not any of following. If not, i can click "submit" once more, to really 
> submit it into database. Of course the bug was there and I did not send 
> one more dupe.

This is an extremely good idea.

One approach is to use plain text information retrieval techniques, 
e.g., 
http://directory.google.com/Top/Computers/Software/Information_Retrieval/Fulltext/?tc=1.

Another approach is to use a Nearest Neighbor algorithm, since 
Bugzilla's database schema contains quite a few features that correspond 
to attribute-value pairs.

Even better would be to search for similar problems even as the user is 
filling out the duplicate bug, thus saving the user time and effort. 
This is known as mixed-initiative case-based reasoning and query 
formulation, and there was recently a workshop on this subject: 
http://www.aic.nrl.navy.mil/~aha/iccbr03-micbrw/.

-JT




From preed at sigkill.com  Wed Jul  9 01:19:28 2003
From: preed at sigkill.com (J. Paul Reed)
Date: Tue, 8 Jul 2003 18:19:28 -0700
Subject: bugs.php.net like prompts
In-Reply-To: <befhld$2pn$1@main.gmane.org>; from ihok@hotmail.com on Tue, Jul 08, 2003 at 06:47:51PM -0400
References: <3F0B0775.6060502@przeglad.com.pl> <befhld$2pn$1@main.gmane.org>
Message-ID: <20030708181928.B1105@sigkill.com>

On 08 Jul 2003 at 18:47:51, Jack Tanner moved bits on my disk to say:

> Even better would be to search for similar problems even as the user is
> filling out the duplicate bug, thus saving the user time and effort.
> This is known as mixed-initiative case-based reasoning and query
> formulation, and there was recently a workshop on this subject:
> http://www.aic.nrl.navy.mil/~aha/iccbr03-micbrw/.

Sounds cool, but without a lot of bastardized JavaScript (which we've
typically required BZ to work in browsers with JS turned off), this would
be hard to implement in a web application.

Later,
Paul
------------------------------------------------------------------------
J. Paul Reed -- 0xDF8708F8 || preed at sigkill.com || web.sigkill.com/preed
To hold on to sanity too tight is insane.   -- Nick Falzone, Pushing Tin

I use PGP; you should use PGP too... if only to piss off John Ashcroft


From bugzilla at veggiespam.com  Wed Jul  9 01:40:59 2003
From: bugzilla at veggiespam.com (jay ball)
Date: Tue, 8 Jul 2003 21:40:59 -0400
Subject: license of support files for bug 154602
Message-ID: <64530104-B1AE-11D7-822D-003065D5C6A2@veggiespam.com>

bug number http://bugzilla.mozilla.org/show_bug.cgi?id=154602 concerns 
adding optional smiley :-) support to bugzilla.  in the process of 
creating this patch, i need to obtain smileys from various sources and 
bring them into the bugzilla source tree.  i obtain these outside 
images since i'm no artist.

right now, there is no way we can use the images contained within the 
current patch, so they need to be replaced with something else.

some of the possible replacement candidate images are under the GPL, 
but as far as i can tell, bugzilla is licensed under MPL.  so, can GPL 
images be brought in without changing the license of the whole source 
tree?

public domain images are not a problem i assume.  we just mark them as 
such, right?

is bugzilla going to change to the MPL/GPL/LGPL tri-license like 
netscape?

in all cases, i should get permission of the image authors to place the 
images under whatever license bugzilla uses and that this license may 
change as bugzilla evolves.

assuming these issues get resolved, can we see smileys in v2.18?  ;-)

-j





From jon at vmware.com  Wed Jul  9 01:57:26 2003
From: jon at vmware.com (Jonathan Schatz)
Date: 08 Jul 2003 18:57:26 -0700
Subject: license of support files for bug 154602
In-Reply-To: <64530104-B1AE-11D7-822D-003065D5C6A2@veggiespam.com>
References: <64530104-B1AE-11D7-822D-003065D5C6A2@veggiespam.com>
Message-ID: <1057715845.27754.70.camel@jonschatz-lx.vmware.com>

On Tue, 2003-07-08 at 18:40, jay ball wrote:
> right now, there is no way we can use the images contained within the 
> current patch, so they need to be replaced with something else.

what about the smileys that ship with the mozilla email program? surely
they're already gpl/mpl/whatever-pl

-jon
-- 
Jonathan Schatz
Engineering System Administrator
VMware, Inc
"Te occidere possunt sed te edere non possunt nefas est."





From dberlin at dberlin.org  Wed Jul  9 03:39:45 2003
From: dberlin at dberlin.org (Daniel Berlin)
Date: Tue, 8 Jul 2003 23:39:45 -0400
Subject: How to make Bugzilla faster on Linux?
In-Reply-To: <3F0B6461.9070508@comlink.fi>
References: <20030709000955.16963.qmail@web12206.mail.yahoo.com> <3F0B6461.9070508@comlink.fi>
Message-ID: <FB75E937-B1BE-11D7-A578-000A95A34564@dberlin.org>


On Tuesday, July 8, 2003, at 8:40 PM, Jussi Sirpoma wrote:

> On 9.7.2003 3:09 Raghava Rao wrote:
>
>> Hello,
>>   I'm using Bugzilla with Apache Webserver, MySQL
>> Database and Perl modules on a Linux m/c. For some
>> reason unknown, when I create a new bug or make
>> changes to an existing one, it takes a long time to
>> process the bug and return with the resulting web
>> page. My question:
>>   1. How can we configure Bugzilla to be any faster?
>>   I tried setting the sendMailNow option to NO. Even
>> then, it is very slow. Any other tweaks I need to take
>> care of?
>>   Any help is appreciated.
>>   Thanks.
>>     Raghava
>
> I've read a couple of times about host name lookup slowing down 
> bugzilla. So you could check how long it takes to send an email to the 
> addresses in one of the slow bugs.
>
> If this takes a long time then you should propably check how long it 
> takes to dig the ip address for the domains you are trying to send the 
> emails.
>
> Also, the latest cvs version does not use the processmail script for 
> sending the mails. So at least mass editing has become a lot faster 
> after the last release.
>

Also, turn off warnings on the script that is taking forever, and see 
if it helps.
logging warnings to the apache log when hostname lookups are on takes 
*forever*.  Like, one warning per bug was taking 4-5 seconds, so a mass 
change of 376 bugs took many minutes.
--Dan



From jay at veggiespam.com  Wed Jul  9 03:50:08 2003
From: jay at veggiespam.com (jay ball)
Date: Tue, 8 Jul 2003 23:50:08 -0400
Subject: license of support files for bug 154602
In-Reply-To: <1057715845.27754.70.camel@jonschatz-lx.vmware.com>
Message-ID: <6F081D0A-B1C0-11D7-822D-003065D5C6A2@veggiespam.com>

>> right now, there is no way we can use the images contained within the
>> current patch, so they need to be replaced with something else.
>
> what about the smileys that ship with the mozilla email program? surely
> they're already gpl/mpl/whatever-pl

i didn't even know mozilla mail had smileys.  that's what i get for 
using osx mail.

i ripped out the icons and changed the smileytheme defaults file and 
now we have mozilla's 16 icons in bugzilla.  i'm uploading the patches 
right now.  now can we add it to 2.18?  ;-)

thanks bunches jon!

-j



From gerv at mozilla.org  Wed Jul  9 07:00:49 2003
From: gerv at mozilla.org (Gervase Markham)
Date: Wed, 09 Jul 2003 08:00:49 +0100
Subject: license of support files for bug 154602
In-Reply-To: <64530104-B1AE-11D7-822D-003065D5C6A2@veggiespam.com>
References: <64530104-B1AE-11D7-822D-003065D5C6A2@veggiespam.com>
Message-ID: <3F0BBDA1.7050308@mozilla.org>

jay ball wrote:
> bug number http://bugzilla.mozilla.org/show_bug.cgi?id=154602 concerns 
> adding optional smiley :-) support to bugzilla. 

In response to this idea, I considered giving (again) my sermon on how 
features are not free, each adds complexity and maintenance cost, and we 
should only add things that have a tangible benefit to our users who are 
trying to get work done. This is why, like in the Mozilla codebase, the 
argument "but it'll be a param, defaulted to off" doesn't hold water.

And then I thought I could give the one about how Bugzilla is not a 
bulletin board, and we should not make it into one because that 
encourages more discussion than resolution.

But, in fact, I think I've got a new one :-) I would like Bugzilla to be 
a credible enterprise bug-tracking system. Whether it's a fair or unfair 
conclusion for them to draw, I don't believe it would give a more 
favourable impression to admins evaluating Bugzilla if they went into 
the params and saw "Enable smiley support in comments? [Yes|No]". What 
message does this give them about our priorities in development?

Gerv



From rlb at defaultvalue.org  Wed Jul  9 07:57:13 2003
From: rlb at defaultvalue.org (Rob Browning)
Date: Wed, 09 Jul 2003 02:57:13 -0500
Subject: capabilities of forthcoming group changes
In-Reply-To: <3F0B4478.7000103@peshkin.net> (Joel Peshkin's message of "Tue,
 08 Jul 2003 15:23:52 -0700")
References: <87y8zagjvm.fsf@raven.i.defaultvalue.org>
	<a06001203bb2f8a38f225@[192.168.1.204]>
	<a06001204bb2f8ec302e1@[192.168.1.204]>
	<8765mdhb2b.fsf@raven.i.defaultvalue.org>
	<3F0B3E64.4070509@mozilla.org> <3F0B4478.7000103@peshkin.net>
Message-ID: <87adbo3zfq.fsf@raven.i.defaultvalue.org>

Joel Peshkin <bugreport at peshkin.net> writes:

> It is actually possible to set the group controls so that, for product
> "foo",  a group for which neither group of clients is a member is
> Default/Mandatory.  This will mean that only the reporter and your own
> staff will be able to see a bug unless someone on your staff goes in
> and changes the permissions to allow the rest of the client group to
> see it.


Hmm.  I tried that (in 2.17.4) with a group named "incoming", and the
user who's not in the Default/Mandatory group still seemed able to see
the bug in a query and go to the bug's detail page.  The query result
line for the bug was white (as opposed to grey for the others),
though.

I'll test more carefully in the morning.

Thanks

-- 
Rob Browning
rlb @defaultvalue.org and @debian.org; previously @cs.utexas.edu
GPG starting 2002-11-03 = 14DD 432F AE39 534D B592  F9A0 25C8 D377 8C7E 73A4


From preed at sigkill.com  Wed Jul  9 08:06:52 2003
From: preed at sigkill.com (J. Paul Reed)
Date: Wed, 9 Jul 2003 01:06:52 -0700
Subject: license of support files for bug 154602
In-Reply-To: <3F0BBDA1.7050308@mozilla.org>; from gerv@mozilla.org on Wed, Jul 09, 2003 at 08:00:49AM +0100
References: <64530104-B1AE-11D7-822D-003065D5C6A2@veggiespam.com> <3F0BBDA1.7050308@mozilla.org>
Message-ID: <20030709010652.C1105@sigkill.com>

On 09 Jul 2003 at 08:00:49, Gervase Markham moved bits on my disk to say:

> But, in fact, I think I've got a new one :-) I would like Bugzilla to be
> a credible enterprise bug-tracking system. Whether it's a fair or unfair
> conclusion for them to draw, I don't believe it would give a more
> favourable impression to admins evaluating Bugzilla if they went into the
> params and saw "Enable smiley support in comments? [Yes|No]". What
> message does this give them about our priorities in development?

I'm inclined to agree with you, but to answer your question, none.

If they know *anything* about open source, they will know one of its
principle tenants is code gets developed because a developer wants to
scratch their own itches (or the itches they're paid to scratch).

If smiley support in comments was one developer's itch, the fact that
support for it exists in Bugzilla merely means we allowed it into the tree.
Anyone who looks for any more meaning than that is drawing illogical
conclusions. 

We should *never* make decisions based upon what some "enterprise" software
procurer *might* think about when they see (or don't see) a feature.
Remember, these are the same idiots buying Microsoft's shit year after year
because they saw some ad in PC Week.

Having said that, I agree with you; I don't see the point of smileys in
comments, and I wouldn't want to waste time fixing this feature if it ever
broke. Tally up one vote for keeping this, like some other really useful
patches (drop down menus, anyone?) as a patch-only sort of a thing.

I wouldn't be opposed to distributing the images + the patch and
instructions in their own directory in contrib (since there *are* images
with this one).

Later,
Paul
------------------------------------------------------------------------
J. Paul Reed -- 0xDF8708F8 || preed at sigkill.com || web.sigkill.com/preed
To hold on to sanity too tight is insane.   -- Nick Falzone, Pushing Tin

I use PGP; you should use PGP too... if only to piss off John Ashcroft


From jason at pyeron.com  Wed Jul  9 12:21:27 2003
From: jason at pyeron.com (Jason Pyeron)
Date: Wed, 9 Jul 2003 08:21:27 -0400 (EDT)
Subject: New custom fields patch
In-Reply-To: <20030709002207.1E597BD82@diggity.schwag.org>
Message-ID: <Pine.LNX.4.44.0307090820310.9056-100000@ns.pyerotechnics.com>

On Tue, 8 Jul 2003, Sean McAfee wrote:

> Attached is a patch against bugzilla-2.17.4 that adds the following
> features:

What is the bugzilla bug for this rfe? Can you post the link.

-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-                                                               -
- Jason Pyeron                   http://www.pyerotechnics.com   -
- Owner & Lead                  Pyerotechnics Development, Inc. -
- +1 410 808 6646 (c)           500 West University Parkway #1S -
- +1 410 467 2266 (f)           Baltimore, Maryland  21210-3253 -
-                                                               -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

This message is for the designated recipient only and may contain 
privileged, proprietary, or otherwise private information. If you 
have received it in error, purge the message from your system and 
notify the sender immediately.  Any other use of the email by you 
is prohibited.





From jason at pyeron.com  Wed Jul  9 12:51:53 2003
From: jason at pyeron.com (Jason Pyeron)
Date: Wed, 9 Jul 2003 08:51:53 -0400 (EDT)
Subject: capabilities of forthcoming group changes
In-Reply-To: <3F0ADD7A.3040001@peshkin.net>
Message-ID: <Pine.LNX.4.44.0307090823280.9056-100000@ns.pyerotechnics.com>

On Tue, 8 Jul 2003, Joel Peshkin wrote:

> Forcing restrictions based on the membership of the submitter saying 
> that Group A must restrict to Group A but they don't have to if they are 
> members of both Group A and Group B would be an interesting trick. 
>  After all, your own staff will need to be members of all of these 
> groups and their membership should not require them to restrict bugs to 
> be visible by only other people who are members of all of the groups.
> 
> If anyone has an idea of a consistent way to express this, jump in anytime.
> 
> -Joel

It seems that the current way of representing access control in Bugzilla is well 
exceeded by situations like this. We have been doing the 1 product 1 
customer approach, and we don't like it either. We developed an ACL system 
similar to the NTFS file/directory permission system, but requires 
sub-select/recursion at the SQL level (My-SQL does not support this yet?) 
for Oracle/DB2. We store the groups/users as a graph, a user is a leaf 
node.

at any node there is a hash, a value of any key is (set, unset, inherit, 
disinherit, toggle)

the SQL works by stepping up the graph (from your node) then selecting 
down the graph, sorting, removing duped rows, etc. When the query returns 
you have the permissions list for a given user or group.


I think it can easily be done as query in a loop technique, and still have 
respectable efficiency.


Now on to the why do it this way...

1. Groups can have children.
2. Groups can have multiple parents.
3. No limits on groups / users.
4. New groups can be inserted anywhere/anytime.

5. Rules can be defaulted at any hierarchal level.
6. No limit on rules.
7. New rules can be added without regard to other rules.

8. Administrators feel natural with tree based ACL.

9. Multiple parental conflicts are resolved by parental priority.
 OR (system design option)
9. Multiple parental conflicts are resolved by rule value priority.

I jumped in, but we can't do this any time soon, we are already backed up 
on the Java port / client installations. Feel free to pick my brain on 
this.

Sincerely,

Jason Pyeron

-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-                                                               -
- Jason Pyeron                   http://www.pyerotechnics.com   -
- Owner & Lead                  Pyerotechnics Development, Inc. -
- +1 410 808 6646 (c)           500 West University Parkway #1S -
- +1 410 467 2266 (f)           Baltimore, Maryland  21210-3253 -
-                                                               -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

This message is for the designated recipient only and may contain 
privileged, proprietary, or otherwise private information. If you 
have received it in error, purge the message from your system and 
notify the sender immediately.  Any other use of the email by you 
is prohibited.





From bugreport at peshkin.net  Wed Jul  9 13:49:39 2003
From: bugreport at peshkin.net (Joel Peshkin)
Date: Wed, 09 Jul 2003 06:49:39 -0700
Subject: capabilities of forthcoming group changes
In-Reply-To: <Pine.LNX.4.44.0307090823280.9056-100000@ns.pyerotechnics.com>
References: <Pine.LNX.4.44.0307090823280.9056-100000@ns.pyerotechnics.com>
Message-ID: <3F0C1D73.4060605@peshkin.net>

Jason Pyeron wrote:

>
>It seems that the current way of representing access control in Bugzilla is well 
>exceeded by situations like this. We have been doing the 1 product 1 
>customer approach, and we don't like it either. We developed an ACL system 
>similar to the NTFS file/directory permission system, but requires 
>sub-select/recursion at the SQL level (My-SQL does not support this yet?) 
>for Oracle/DB2. We store the groups/users as a graph, a user is a leaf 
>node.
>
><snip>
>
I think that general sentiment is universal, but I should add the 
following constraints....
a) It must be possible to migrate from 2.16
b) The very first place to consider the efficiency implications is in 
Search.pm.  

-Joel






From jason at pyeron.com  Wed Jul  9 13:56:49 2003
From: jason at pyeron.com (Jason Pyeron)
Date: Wed, 9 Jul 2003 09:56:49 -0400 (EDT)
Subject: capabilities of forthcoming group changes
In-Reply-To: <3F0C1D73.4060605@peshkin.net>
Message-ID: <Pine.LNX.4.44.0307090955050.9056-100000@ns.pyerotechnics.com>

On Wed, 9 Jul 2003, Joel Peshkin wrote:

> I think that general sentiment is universal, but I should add the 
> following constraints....
> a) It must be possible to migrate from 2.16
> b) The very first place to consider the efficiency implications is in 
> Search.pm.  
> 
> -Joel

Can you explain a? (Maybe my brain is fried this morning)


-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-                                                               -
- Jason Pyeron                   http://www.pyerotechnics.com   -
- Owner & Lead                  Pyerotechnics Development, Inc. -
- +1 410 808 6646 (c)           500 West University Parkway #1S -
- +1 410 467 2266 (f)           Baltimore, Maryland  21210-3253 -
-                                                               -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

This message is for the designated recipient only and may contain 
privileged, proprietary, or otherwise private information. If you 
have received it in error, purge the message from your system and 
notify the sender immediately.  Any other use of the email by you 
is prohibited.





From bugreport at peshkin.net  Wed Jul  9 14:10:04 2003
From: bugreport at peshkin.net (Joel Peshkin)
Date: Wed, 09 Jul 2003 07:10:04 -0700
Subject: capabilities of forthcoming group changes
In-Reply-To: <Pine.LNX.4.44.0307090955050.9056-100000@ns.pyerotechnics.com>
References: <Pine.LNX.4.44.0307090955050.9056-100000@ns.pyerotechnics.com>
Message-ID: <3F0C223C.5020007@peshkin.net>

Jason Pyeron wrote:

>On Wed, 9 Jul 2003, Joel Peshkin wrote:
>  
>
>>I think that general sentiment is universal, but I should add the 
>>following constraints....
>>a) It must be possible to migrate from 2.16
>>b) The very first place to consider the efficiency implications is in 
>>Search.pm.  
>>
>>-Joel
>>    
>>
>
>Can you explain a? (Maybe my brain is fried this morning)
>  
>
Sure...

Many of the systems consideres in the group rewrite had to be discarded 
because they would have forced sites converting from 2.16 to have an 
explosion in the number of groups.  Essentially, we had to accept a 
requirment that a bug could require a user to be  member of multiple 
groups rather than a bug requiring that a user be a member of one of 
several groups.  There was quite a debate on the merits of "AND groups" 
versus "OR groups."  If you consider the implications of migrating a 
site that has bugs already in all sorts of combination groups from an 
AND system to an OR system, you will see the problem.  For every 
combination previosuly served by 2 groups, we would have to generate a 
new special combination group and the UI implications are really nasty.  

Personally, the only way I can see out of this quagmire would be to come 
up with a system that is clean for AND groups and OR groups 
simultaneously (an "AND-OR" system) but, as you point out, doing this 
efficiently is a challenge.

-Joel




From jason at pyeron.com  Wed Jul  9 15:13:52 2003
From: jason at pyeron.com (Jason Pyeron)
Date: Wed, 9 Jul 2003 11:13:52 -0400 (EDT)
Subject: capabilities of forthcoming group changes
In-Reply-To: <3F0C223C.5020007@peshkin.net>
Message-ID: <Pine.LNX.4.44.0307091041380.9056-100000@ns.pyerotechnics.com>

On Wed, 9 Jul 2003, Joel Peshkin wrote:
...
> Personally, the only way I can see out of this quagmire would be to come 
> up with a system that is clean for AND groups and OR groups 
> simultaneously (an "AND-OR" system) but, as you point out, doing this 
> efficiently is a challenge.
> 
> -Joel

Efficiency can be achieved through caching of ACLs and resultant ACLs, but 
this is once again a mod_perl issue. We have our Java port going great 
right now, and we could try it out in there and drop it into the Perl (w/o 
caching).  This would be targeted for 8 weeks from now if we decide to 
prioritize it. Perl code to follow 2-3 weeks later.

Maybe we could whip up some demonstration code in Perl/java to show how to 
"use" it.  the code would be like:

 hash getACLs(userORgroup)
 bool testACL(userORgroup, rule) returns true/false/null(undef)


the ACL editor will most likely only be in a Java app for development 
efficiency here. (Applet too?) kinda like these screen shots (will expire 
someday) 

http://tmp.pyerotechnics.com/bz/capabilitiesofforthcominggroupchanges

Someone else can spend time($) doing HTML version in Perl (no ideas on 
interface yet)


Jason Pyeron

-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-                                                               -
- Jason Pyeron                   http://www.pyerotechnics.com   -
- Owner & Lead                  Pyerotechnics Development, Inc. -
- +1 410 808 6646 (c)           500 West University Parkway #1S -
- +1 410 467 2266 (f)           Baltimore, Maryland  21210-3253 -
-                                                               -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

This message is for the designated recipient only and may contain 
privileged, proprietary, or otherwise private information. If you 
have received it in error, purge the message from your system and 
notify the sender immediately.  Any other use of the email by you 
is prohibited.





From myk at mozilla.org  Wed Jul  9 16:03:57 2003
From: myk at mozilla.org (Myk Melez)
Date: Wed, 09 Jul 2003 09:03:57 -0700
Subject: Bugzilla.mozilla.org
In-Reply-To: <20030708154737.A799@sigkill.com>
References: <C3EB95A31BDAD511827C00B0D0F95AF5890486@BUCKWHEAT> <3F0AF7ED.8050002@mozilla.org> <3F0B3F84.8010907@mozilla.org> <3F0B4460.2040309@mozilla.org> <20030708154737.A799@sigkill.com>
Message-ID: <3F0C3CED.3060505@mozilla.org>

J. Paul Reed wrote:

>On 08 Jul 2003 at 15:23:28, Myk Melez moved bits on my disk to say:
>
>  
>
>>>Any ETA for a switchover?
>>>      
>>>
>>Current plans are to move the mirror database to the new server the last
>>two weeks in July and everything else (the master database, the
>>application) some time thereafter, probably in August.
>>    
>>
>
>Would it make sense to try to deploy a 2.18rc1-ish sort of release to the
>new server around that time?
>  
>
Yes, although not at the same time.

-myk

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bugzilla.org/pipermail/developers/attachments/20030709/c5d27032/attachment.html>

From myk at mozilla.org  Wed Jul  9 16:07:29 2003
From: myk at mozilla.org (Myk Melez)
Date: Wed, 09 Jul 2003 09:07:29 -0700
Subject: bugs.php.net like prompts
In-Reply-To: <befhld$2pn$1@main.gmane.org>
References: <3F0B0775.6060502@przeglad.com.pl> <befhld$2pn$1@main.gmane.org>
Message-ID: <3F0C3DC1.1010307@mozilla.org>

Jack Tanner wrote:

> Zbigniew Braniecki wrote:
>
>> So i decided to fill a bug. After filling it, i clicked "submit bug", 
>> but instead of sending it, bugs.php.net displayed a list of possible 
>> matching problems with description,status and question if i'm sure 
>> it's not any of following. If not, i can click "submit" once more, to 
>> really submit it into database. Of course the bug was there and I did 
>> not send one more dupe.
>
>
> This is an extremely good idea.
>
> One approach is to use plain text information retrieval techniques, 
> e.g., 
> http://directory.google.com/Top/Computers/Software/Information_Retrieval/Fulltext/?tc=1. 
>

An implementation of this is being developed over in bug 145588:

http://bugzilla.mozilla.org/show_bug.cgi?id=145588

-myk




From gandalf at przeglad.com.pl  Wed Jul  9 16:29:24 2003
From: gandalf at przeglad.com.pl (Zbigniew Braniecki)
Date: Wed, 09 Jul 2003 18:29:24 +0200
Subject: bugs.php.net like prompts
In-Reply-To: <3F0B0775.6060502@przeglad.com.pl>
References: <3F0B0775.6060502@przeglad.com.pl>
Message-ID: <3F0C42E4.8090505@przeglad.com.pl>

Ok. Since i cannot find any dupes: 
http://bugzilla.mozilla.org/show_bug.cgi?id=212191

Greetings
Zbigniew Braniecki



From etzwane at schwag.org  Wed Jul  9 17:42:45 2003
From: etzwane at schwag.org (Sean McAfee)
Date: Wed, 09 Jul 2003 13:42:45 -0400
Subject: New custom fields patch
In-Reply-To: <Pine.LNX.4.44.0307090820310.9056-100000@ns.pyerotechnics.com>
Message-ID: <20030709174245.3E11BBD82@diggity.schwag.org>

Jason Pyeron <jason at pyeron.com> wrote:
>On Tue, 8 Jul 2003, Sean McAfee wrote:
>> Attached is a patch against bugzilla-2.17.4 that adds the following
>> features:

>What is the bugzilla bug for this rfe? Can you post the link.

http://bugzilla.mozilla.org/show_bug.cgi?id=91037


-- 
Sean McAfee -- etzwane at schwag.org


From JWilmoth at starbucks.com  Wed Jul  9 17:46:52 2003
From: JWilmoth at starbucks.com (Jon Wilmoth)
Date: Wed, 9 Jul 2003 10:46:52 -0700
Subject: "Evil Code" error?
Message-ID: <E2291D136BD35647A074B1053785B05B02C4E352@seams042.starbucks.net>

This is odd.  We do not have a shadow database defined and are using
2.17.3.

-----Original Message-----
From: David Miller [mailto:justdave at syndicomm.com] 
Sent: Tuesday, July 08, 2003 5:51 PM
To: developers at bugzilla.org
Subject: Re: "Evil Code" error?

On 7/8/2003 3:32 PM -0700, Jon Wilmoth wrote:

> We've been experiencing problems with our Bugzilla server (disk space
> and other) and finally had to reboot the machine.  I'm now seeing the
> following message in the apache error_log:
>
> Evil code attempted to write 'insert into logincookies (userid,ipaddr)
> values (131, '204.238.150.136')' to the shadow database at
> /usr/local/lib/perl5/5.6.1/CGI
> /Carp.pm line 301.
>
> This sounds bad...how concerned should I be?

Um, basically something broke if you got that.  Hard to be more
specific.
That error is actually generated by Bugzilla though.  It's in the
SendSQL
sub, which in 2.16.3 is in globals.pl.  The error message is generated
if
the current database is the shadow database and something tries to do a
database write (which is only allowed on the primary database, not the
shadow).  Most of the shadow database concept went away in 2.17.x in
favor
of database replication.
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/
-
To view or change your list settings, click here:
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=jwilmoth at starbucks.com>



From aankumah at alumni.caltech.edu  Wed Jul  9 19:02:37 2003
From: aankumah at alumni.caltech.edu (Abraham K. Ankumah)
Date: Wed, 9 Jul 2003 12:02:37 -0700 (PDT)
Subject: Automated Bugzilla Entries
Message-ID: <200307091902.h69J2c8J016556@alumnus.caltech.edu>

Is there a programatic way of interacting with Bugzilla? Short of performing 
mySQL commands. Has anyone come across some third party module to do this or 
is there a Bugzilla supplied API for this? I'd like an automated regression toolto make entries in Bugzilla.

Thanks, 
Abe


From icanoop at bitwiser.org  Wed Jul  9 19:12:15 2003
From: icanoop at bitwiser.org (Ryan Boder)
Date: Wed, 9 Jul 2003 15:12:15 -0400
Subject: Automated Bugzilla Entries
In-Reply-To: <200307091902.h69J2c8J016556@alumnus.caltech.edu>
References: <200307091902.h69J2c8J016556@alumnus.caltech.edu>
Message-ID: <20030709191215.GA437@bitwiser.org>

On Wed, Jul 09, 2003 at 12:02:37PM -0700, Abraham K. Ankumah wrote:
> Is there a programatic way of interacting with Bugzilla? Short of performing 
> mySQL commands. Has anyone come across some third party module to do this or 
> is there a Bugzilla supplied API for this? I'd like an automated regression toolto make entries in Bugzilla.

Even better, is there a way to do this remotely so that programs on other
machines can make and read bug entries?

-- 
Ryan Boder
http://www.bitwiser.org/icanoop


From justdave at syndicomm.com  Wed Jul  9 19:26:13 2003
From: justdave at syndicomm.com (David Miller)
Date: Wed, 9 Jul 2003 15:26:13 -0400
Subject: Automated Bugzilla Entries
In-Reply-To: <20030709191215.GA437@bitwiser.org>
References: <200307091902.h69J2c8J016556@alumnus.caltech.edu>
 <20030709191215.GA437@bitwiser.org>
Message-ID: <a06001204bb321bde16a9@[192.168.1.204]>

On 7/9/2003 3:12 PM -0400, Ryan Boder wrote:

> On Wed, Jul 09, 2003 at 12:02:37PM -0700, Abraham K. Ankumah wrote:
>> Is there a programatic way of interacting with Bugzilla? Short of performing
>> mySQL commands. Has anyone come across some third party module to do this or
>> is there a Bugzilla supplied API for this? I'd like an automated
>>regression toolto make entries in Bugzilla.
>
> Even better, is there a way to do this remotely so that programs on other
> machines can make and read bug entries?

Posting and changing bugs is a matter of making an HTTP request.  Many (but
not yet all) of the screens in Bugzilla allow you to request an XML (or
various other format) response.

This particular discussion would probably be better on the mozilla-webtools
mailing list.  It's slightly off-topic for this list.  (It's a "can we do
this with Bugzilla? / how do we do it?" type question)
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/


From usmlekaplan at yahoo.com  Wed Jul  9 21:16:30 2003
From: usmlekaplan at yahoo.com (usmle Prep)
Date: Wed, 9 Jul 2003 14:16:30 -0700 (PDT)
Subject: Help Needed - Template related question
Message-ID: <20030709211630.73786.qmail@web20204.mail.yahoo.com>

I am trying to modify edit.html.tmpl so that it can
display the profile.realname as well as
profile.login_name both shown in the same drop down
box.I couldn't find syntax for templates.Can anyone
please help me.
Current code is as follows. I would like to
concatenate
profile.login_name to the selitem how to do that.I
tried so many combination of operators and failed.Any
help is greatly appreciated.
I don't get response in this forum.
[% PROCESS selectprofile selname => "assigned_to"
                         selitem => profile.realname
                         selvalues => profiles
                         xtra =>""
             %] 
Thanks  a lot,
Srikant

__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com


From preed at sigkill.com  Wed Jul  9 22:13:55 2003
From: preed at sigkill.com (J. Paul Reed)
Date: Wed, 9 Jul 2003 15:13:55 -0700
Subject: Automated Bugzilla Entries
In-Reply-To: <20030709191215.GA437@bitwiser.org>; from icanoop@bitwiser.org on Wed, Jul 09, 2003 at 03:12:15PM -0400
References: <200307091902.h69J2c8J016556@alumnus.caltech.edu> <20030709191215.GA437@bitwiser.org>
Message-ID: <20030709151355.C4441@sigkill.com>

On 09 Jul 2003 at 15:12:15, Ryan Boder moved bits on my disk to say:

> On Wed, Jul 09, 2003 at 12:02:37PM -0700, Abraham K. Ankumah wrote:
>
> > Is there a programatic way of interacting with Bugzilla? Short of
> > performing mySQL commands. Has anyone come across some third party
> > module to do this or is there a Bugzilla supplied API for this? I'd
> > like an automated regression toolto make entries in Bugzilla.
> 
> Even better, is there a way to do this remotely so that programs on other
> machines can make and read bug entries?

Despite its off-topicness, I will note that a conversation about
implementing Bugzilla access in SOAP (and a C API of all things) was
discussed last month... see the short discussion at:

http://bugzilla.org/cgi-bin/mj_wwwusr?list=developers&brief=on&func=archive-get-part&extra=200306/117

Later,
Paul
------------------------------------------------------------------------
J. Paul Reed -- 0xDF8708F8 || preed at sigkill.com || web.sigkill.com/preed
To hold on to sanity too tight is insane.   -- Nick Falzone, Pushing Tin

I use PGP; you should use PGP too... if only to piss off John Ashcroft


From jason at pyeron.com  Wed Jul  9 23:52:44 2003
From: jason at pyeron.com (Jason Pyeron)
Date: Wed, 9 Jul 2003 19:52:44 -0400 (EDT)
Subject: Automated Bugzilla Entries
In-Reply-To: <20030709151355.C4441@sigkill.com>
Message-ID: <Pine.LNX.4.44.0307091947590.14431-100000@ns.pyerotechnics.com>

On Wed, 9 Jul 2003, J. Paul Reed wrote:

> On 09 Jul 2003 at 15:12:15, Ryan Boder moved bits on my disk to say:
> 
> > On Wed, Jul 09, 2003 at 12:02:37PM -0700, Abraham K. Ankumah wrote:
> >
> > > Is there a programatic way of interacting with Bugzilla? Short of
> > > performing mySQL commands. Has anyone come across some third party
> > > module to do this or is there a Bugzilla supplied API for this? I'd
> > > like an automated regression toolto make entries in Bugzilla.
> > 
> > Even better, is there a way to do this remotely so that programs on other
> > machines can make and read bug entries?
> 
> Despite its off-topicness, I will note that a conversation about
> implementing Bugzilla access in SOAP (and a C API of all things) was
> discussed last month... see the short discussion at:
> 
> http://bugzilla.org/cgi-bin/mj_wwwusr?list=developers&brief=on&func=archive-get-part&extra=200306/117
> 

And for another shameless plug, we are working on a Java port which will 
have an API. Maybe an ant tie in too. 
http://bugzilla.mozilla.org/show_bug.cgi?id=188570

Jason Pyeron

-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-                                                               -
- Jason Pyeron                   http://www.pyerotechnics.com   -
- Owner & Lead                  Pyerotechnics Development, Inc. -
- +1 410 808 6646 (c)           500 West University Parkway #1S -
- +1 410 467 2266 (f)           Baltimore, Maryland  21210-3253 -
-                                                               -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

This message is for the designated recipient only and may contain 
privileged, proprietary, or otherwise private information. If you 
have received it in error, purge the message from your system and 
notify the sender immediately.  Any other use of the email by you 
is prohibited.





From Harikrishnan_Nair at satyam.com  Thu Jul 10 05:44:48 2003
From: Harikrishnan_Nair at satyam.com (Harikrishnan_Nair at satyam.com)
Date: Thu, 10 Jul 2003 11:14:48 +0530
Subject: Bugzilla.mozilla.org
Message-ID: <7FF62A49079FD511B14400065B19EF1203C97C41@cpr.satyam.com>

Hi ,
 
 
Iam very new to bugzilla.. i installed bugzulla.. but the below giving me
error when i tried to create a new account.. account is getting creating
but.. probs is with sending mail.. ie, ntsend mails may not be working...
Now i think.. the below step which installation step ask me to do.. may be
wrong.. but can any one elaborate on the below step.. 
 
 
 
find and comment out all occurences of "open(SENDMAIL" in your Bugzilla
directory. Then replace them with: 

# new sendmail functionality

my $mail=new NTsendmail;

my $from="bugzilla\@your.machine.name.tld";

my $to=$login;

my $subject=$urlbase;

$mail->send($from,$to,$subject,$msg);


 
 
 

 
 
 
 
The error iam getting is pasted below...
 
An Error Occurred with the mail system. 



Connection failed. Delivery to all recipients failed.. [-1 Attempts.] 


NTsendmail configuration error. 

I checked the smtp addres.. it seems..its ok.. but probs is with
receipents.. can any one help me regarding this..?

 

with regards

hari

 

 

 

 

 
 
 
 
 
 
 
 
 
 
-----Original Message-----
From: Myk Melez [mailto:myk at mozilla.org]
Sent: Wednesday, July 09, 2003 9:04 AM
To: developers at bugzilla.org
Subject: Re: Bugzilla.mozilla.org


J. Paul Reed wrote:


On 08 Jul 2003 at 15:23:28, Myk Melez moved bits on my disk to say:



  

Any ETA for a switchover?

      

Current plans are to move the mirror database to the new server the last

two weeks in July and everything else (the master database, the

application) some time thereafter, probably in August.

    



Would it make sense to try to deploy a 2.18rc1-ish sort of release to the

new server around that time?

  

Yes, although not at the same time.

-myk



************************************************************************** 
This email (including any attachments) is intended for the sole use of the
intended recipient/s and may contain material that is CONFIDENTIAL AND
PRIVATE COMPANY INFORMATION. Any review or reliance by others or copying or
distribution or forwarding of any or all of the contents in this message is
STRICTLY PROHIBITED. If you are not the intended recipient, please contact
the sender by email and delete all copies; your cooperation in this regard
is appreciated.
**************************************************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bugzilla.org/pipermail/developers/attachments/20030710/58a36d09/attachment.html>

From justdave at syndicomm.com  Thu Jul 10 05:57:14 2003
From: justdave at syndicomm.com (David Miller)
Date: Thu, 10 Jul 2003 01:57:14 -0400
Subject: Bugzilla.mozilla.org
In-Reply-To: <7FF62A49079FD511B14400065B19EF1203C97C41@cpr.satyam.com>
References: <7FF62A49079FD511B14400065B19EF1203C97C41@cpr.satyam.com>
Message-ID: <a06001208bb32b009d114@[192.168.1.204]>

On 7/10/2003 11:14 AM +0530, Harikrishnan_Nair at satyam.com wrote:

> I checked the smtp addres.. it seems..its ok.. but probs is with
>receipents.. can any one help me regarding this..?

a) this is a new question, please use a new subject instead of replying to
an existing post

b) This is offtopic for this list.  You should ask this question on
mozilla-webtools at mozilla.org (see http://www.bugzilla.org/discussion.html).
There's a bigger audience there, and that's the place to go for
setup/administration problems.
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/


From chicks at chicks.net  Thu Jul 10 15:51:55 2003
From: chicks at chicks.net (Christopher Hicks)
Date: Thu, 10 Jul 2003 11:51:55 -0400 (EDT)
Subject: license of support files for bug 154602
In-Reply-To: <20030709010652.C1105@sigkill.com>
Message-ID: <Pine.LNX.4.44.0307101148010.19462-100000@yakko.chicks.net>

On Wed, 9 Jul 2003, J. Paul Reed wrote:
> On 09 Jul 2003 at 08:00:49, Gervase Markham moved bits on my disk to say:
> > But, in fact, I think I've got a new one :-) I would like Bugzilla to be
> > a credible enterprise bug-tracking system. Whether it's a fair or unfair
> > conclusion for them to draw, I don't believe it would give a more
> > favourable impression to admins evaluating Bugzilla if they went into the
> > params and saw "Enable smiley support in comments? [Yes|No]". What
> > message does this give them about our priorities in development?
> 
> I'm inclined to agree with you, but to answer your question, none.
> 
> If they know *anything* about open source, they will know one of its
> principle tenants is code gets developed because a developer wants to
> scratch their own itches (or the itches they're paid to scratch).
> 
> If smiley support in comments was one developer's itch, the fact that
> support for it exists in Bugzilla merely means we allowed it into the tree.
> Anyone who looks for any more meaning than that is drawing illogical
> conclusions. 
> 
> We should *never* make decisions based upon what some "enterprise" software
> procurer *might* think about when they see (or don't see) a feature.
> Remember, these are the same idiots buying Microsoft's shit year after year
> because they saw some ad in PC Week.

Bravo.

> Having said that, I agree with you; I don't see the point of smileys in
> comments, and I wouldn't want to waste time fixing this feature if it ever
> broke. Tally up one vote for keeping this, like some other really useful
> patches (drop down menus, anyone?) as a patch-only sort of a thing.
> 
> I wouldn't be opposed to distributing the images + the patch and
> instructions in their own directory in contrib (since there *are* images
> with this one).

Come now.  If you want to punt on it until the next version fine, but it 
doesn't do much harm to let it in eventually.  It should be a straight 
forward patch.  Don't get scared by the smileys patch!

This might even encourage the use of bugzilla by the game development 
community.  That'd be good for the games and for bugzilla.  Just imagine
a bugzilla smileys theme for Half Life.  Smileys with one eye hanging out, 
etc.  Fun, fun.  I can't wait.... :)

-- 
</chris>

The death of democracy is not likely to be an assassination from ambush. It
will be a slow extinction from apathy, indifference, and undernourishment.
-Robert Maynard Hutchins, educator (1899-1977)



From preed at sigkill.com  Thu Jul 10 17:26:44 2003
From: preed at sigkill.com (J. Paul Reed)
Date: Thu, 10 Jul 2003 10:26:44 -0700
Subject: license of support files for bug 154602
In-Reply-To: <Pine.LNX.4.44.0307101148010.19462-100000@yakko.chicks.net>; from chicks@chicks.net on Thu, Jul 10, 2003 at 11:51:55AM -0400
References: <20030709010652.C1105@sigkill.com> <Pine.LNX.4.44.0307101148010.19462-100000@yakko.chicks.net>
Message-ID: <20030710102644.B6997@sigkill.com>

On 10 Jul 2003 at 11:51:55, Christopher Hicks moved bits on my disk to say:

> Come now.  If you want to punt on it until the next version fine, but it
> doesn't do much harm to let it in eventually.  It should be a straight
> forward patch.  Don't get scared by the smileys patch!

Have you seen the patch?

Not only is it not straightforward, it's actually kinda messy. And it's not
so much that we're "scared" by the patch; Gerv makes a good point: it's
more code in BZ that doesn't actually *do* anything useful for... well...
tracking bugs.

Sure, it makes life a bit happier and more fun, but in the end, someone has
to audit, maintain, and over the life of the project, learn about that code
to support it.

And therein lies the problem... if 2.20 breaks smilies, is the patch author
going to fix it? Are any of the core team members going to want to? Will we
have to just back the broken code out?

This is why it's much better to put it in its own contrib/ directory as a
patch, with instructions. How hard is patch -p0 < smilies.patch, and moving
some image files around?

Later,
Paul
------------------------------------------------------------------------
J. Paul Reed -- 0xDF8708F8 || preed at sigkill.com || web.sigkill.com/preed
To hold on to sanity too tight is insane.   -- Nick Falzone, Pushing Tin

I use PGP; you should use PGP too... if only to piss off John Ashcroft


From stenn at whimsy.udel.edu  Thu Jul 10 19:35:22 2003
From: stenn at whimsy.udel.edu (Harlan Stenn)
Date: Thu, 10 Jul 2003 15:35:22 -0400
Subject: bugzilla wishlist
Message-ID: <17244.1057865722@whimsy.udel.edu>

Folks,

We recently started using bugzilla for ntp.org .

I'm the release engineer for the project and let's just say there are
Constraints as to how I have to work.

I have a list of ideas that I'd like to see implemented in bugzilla - I
was hoping some initial discussion could be done before they are
submitted.

The list is at <http://twiki.ntp.org>, in the BugzillaWishlist topic,
which can be seen (and edited) at:

   http://twiki.ntp.org/bin/view/Main/BugzillaWishlist

Is this an OK way to proceed or is there a better mechanism for me to use?

Harlan

PS - this account has a challenge/response mail filter because of the
Ton of spam I get to this account.  If you Reply: to this message (and
there is a References: or In-Reply-To: header that references this
message) it will get thru my filter without any additional effort.


From chicks at chicks.net  Thu Jul 10 20:20:57 2003
From: chicks at chicks.net (Christopher Hicks)
Date: Thu, 10 Jul 2003 16:20:57 -0400 (EDT)
Subject: Bugzilla as a task management tool
In-Reply-To: <20030709011027.GA29991@bitwiser.org>
Message-ID: <Pine.LNX.4.44.0307101024050.19462-100000@yakko.chicks.net>

On Tue, 8 Jul 2003, Ryan Boder wrote:
> I see on the roadmap page that... 
> 
> While the potential exists in the code to turn Bugzilla into a technical
> support ticket system, task management tool, or project management tool, we
> should focus on the task of designing a system to track software defects.
> 
> Do the current developers plan to keep this mindset and never make Bugzilla
> a task management tool?
> 
> I am asking because I am working on a scheduling tool and I want to work
> well with Bugzilla, so if it will ever be a task management tool I would like
> to support Bugzilla tasks, but if it isn't I will implement tasks myself.
> 
> I am aware that Issuezilla does this, but I am only interested in making it
> work nicely with Bugzilla.

Bugzilla is really close to being very good as a task management tool, 
project management tool, and a technical support ticket system.  It's 
being used as such by many folks.  What's missing?

- the idea of bugs within bugs.  While bugzilla's bug dependancies can be 
used to simulate tasks and subtasks it would often make more intuitive 
sense to have tasks within a bug that can be added and completed.

- I use bugzilla for my personal todo list.  The aforementioned 
functionality would make that process much easier.  Being able to print 
out a list of bugs prioritized and showing the open tasks associated with 
each would be phenomenal.

- Tasks within a bug could be tracked in the database as if they were 
bugs, but have a flag that indicates they're a task instead of a bug.  A 
different field or maybe the value of the flag would point to the parent 
bug for the task.  Tasks would in effect be treated as lightweight bugs 
and could have time and notes associated with them.  These notes should 
show up as part of the parent bug as well.  A note similar to the one used 
to show time associated with a comment could show that a note is 
associated with a task and the name of the task.

- a bridge to something like http://www.opengroupware.org/ which just 
announced itself today.

- a common project to generate bills based on time tracked in bugzilla.  
This is something I'm sure many people do already, but having a common set 
of scripts for generating bills, and tracking billed and unbilled time 
would be extremely handy.

I keep meaning to play with the mozilla-specific interface (bugxula?) too.

Even if this needs to be maintained as a seperate branch from the "real" 
bugzilla development I would be happy to help out.

-- 
</chris>

The death of democracy is not likely to be an assassination from ambush. It
will be a slow extinction from apathy, indifference, and undernourishment.
-Robert Maynard Hutchins, educator (1899-1977)





From JWilmoth at starbucks.com  Thu Jul 10 21:37:13 2003
From: JWilmoth at starbucks.com (Jon Wilmoth)
Date: Thu, 10 Jul 2003 14:37:13 -0700
Subject: bugzilla wishlist
Message-ID: <E2291D136BD35647A074B1053785B05B014948E3@seams042.starbucks.net>

The "what" you describe is an existing enhancement request
(http://bugzilla.mozilla.org/show_bug.cgi?id=202469).
 
The customizable "my bugs" query exists already.  The params page
defines the query used by default, but you can always edit your own to
different search criteria by choosing the edit link on the search
results page.  Alternatively you could simply create a new saved query.

I believe the desire is to use either this mailing list or the B.M.O.
site as the communication mechanism, so I'd be surprised if people
outside of your organization edited your twiki page.

-----Original Message-----
From: Harlan Stenn [mailto:stenn at whimsy.udel.edu] 
Sent: Thursday, July 10, 2003 12:35 PM
To: developers at bugzilla.org
Subject: bugzilla wishlist

Folks,

We recently started using bugzilla for ntp.org .

I'm the release engineer for the project and let's just say there are
Constraints as to how I have to work.

I have a list of ideas that I'd like to see implemented in bugzilla - I
was hoping some initial discussion could be done before they are
submitted.

The list is at <http://twiki.ntp.org>, in the BugzillaWishlist topic,
which can be seen (and edited) at:

   http://twiki.ntp.org/bin/view/Main/BugzillaWishlist

Is this an OK way to proceed or is there a better mechanism for me to
use?

Harlan

PS - this account has a challenge/response mail filter because of the
Ton of spam I get to this account.  If you Reply: to this message (and
there is a References: or In-Reply-To: header that references this
message) it will get thru my filter without any additional effort.
-
To view or change your list settings, click here:
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=jwilmoth at starbucks.com>



From jeff.hedlund at matrixsi.com  Thu Jul 10 22:05:17 2003
From: jeff.hedlund at matrixsi.com (Jeff Hedlund)
Date: Thu, 10 Jul 2003 18:05:17 -0400
Subject: bugzilla wishlist
In-Reply-To: <E2291D136BD35647A074B1053785B05B014948E3@seams042.starbucks.net>
References: <E2291D136BD35647A074B1053785B05B014948E3@seams042.starbucks.net>
Message-ID: <3F0DE31D.8070806@matrixsi.com>



Jon Wilmoth wrote:
> The "what" you describe is an existing enhancement request
> (http://bugzilla.mozilla.org/show_bug.cgi?id=202469).

Note:  That is a dup of
http://bugzilla.mozilla.org/show_bug.cgi?id=9412

Jeff
-- 

   /\  /\              ..    ..    ..    jeff.hedlund at matrixsi.com
  /  \/  \ a t r i x  .  .  .  .  .  .  .           (770) 794-7233
  s o f t w a r e  i n c  ..    ..    ..   http://www.matrixsi.com



From myk at mozilla.org  Fri Jul 11 00:07:38 2003
From: myk at mozilla.org (Myk Melez)
Date: Thu, 10 Jul 2003 17:07:38 -0700
Subject: Bugzilla as a task management tool
In-Reply-To: <Pine.LNX.4.44.0307101024050.19462-100000@yakko.chicks.net>
References: <Pine.LNX.4.44.0307101024050.19462-100000@yakko.chicks.net>
Message-ID: <3F0DFFCA.3030902@mozilla.org>

Christopher Hicks wrote:

>Bugzilla is really close to being very good as a task management tool, 
>project management tool, and a technical support ticket system.  It's 
>being used as such by many folks.  What's missing?
>
>- the idea of bugs within bugs.  While bugzilla's bug dependancies can be 
>used to simulate tasks and subtasks it would often make more intuitive 
>sense to have tasks within a bug that can be added and completed.
>
>- I use bugzilla for my personal todo list.  The aforementioned 
>functionality would make that process much easier.  Being able to print 
>out a list of bugs prioritized and showing the open tasks associated with 
>each would be phenomenal.
>
>- Tasks within a bug could be tracked in the database as if they were 
>bugs, but have a flag that indicates they're a task instead of a bug.
>
Instead of modifying the database schema, use dependencies (i.e. bugs 
dependent on a parent are subtasks, other bugs are tasks).  Then, hack 
the UI (and Perl code when necessary) to provide a subtask 
creation/deletion interface inside "show bug", and hack the dependency 
tree to give you your prioritized list of tasks with subtasks.  You 
don't need database modifications to do this; you just need to optimize 
the UI for your particular application.

-myk
   



From yannick.koehler at colubris.com  Fri Jul 11 12:16:32 2003
From: yannick.koehler at colubris.com (Yannick Koehler)
Date: Fri, 11 Jul 2003 08:16:32 -0400
Subject: Bugzilla as a task management tool
In-Reply-To: <3F0DFFCA.3030902@mozilla.org>
References: <Pine.LNX.4.44.0307101024050.19462-100000@yakko.chicks.net> <3F0DFFCA.3030902@mozilla.org>
Message-ID: <200307110816.33813.yannick.koehler@colubris.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


> Christopher Hicks wrote:
> >Bugzilla is really close to being very good as a task management tool,
> >project management tool, and a technical support ticket system.  It's
> >being used as such by many folks.  What's missing?
> >
> >- the idea of bugs within bugs.  While bugzilla's bug dependancies can be
> >used to simulate tasks and subtasks it would often make more intuitive
> >sense to have tasks within a bug that can be added and completed.
> >
> >- I use bugzilla for my personal todo list.  The aforementioned
> >functionality would make that process much easier.  Being able to print
> >out a list of bugs prioritized and showing the open tasks associated with
> >each would be phenomenal.
> >
> >- Tasks within a bug could be tracked in the database as if they were
> >bugs, but have a flag that indicates they're a task instead of a bug.
>
> Instead of modifying the database schema, use dependencies (i.e. bugs
> dependent on a parent are subtasks, other bugs are tasks).  Then, hack
> the UI (and Perl code when necessary) to provide a subtask
> creation/deletion interface inside "show bug", and hack the dependency
> tree to give you your prioritized list of tasks with subtasks.  You
> don't need database modifications to do this; you just need to optimize
> the UI for your particular application.
>
> -myk

And if you do hack it all, release as patch and submit to all, people will use 
it and then bugzilla developer will understand that this is what Bugzilla 
user need and at some point in time will be force to integrate or support 
this concept.

- -- 

Yannick Koehler
Software Designer - Colubris Networks Inc.

Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xD34D4575
Key fingerprint = 8387 F009 A55F FFCD F87D BE18 6DEA 8D06 D34D 4575

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/DqqgbeqNBtNNRXURAnY+AKCq8j1R4M3mG3YvdYWiw1erkuSs9ACgpEOO
oeopza1LmXmbD4K1wfg/U8c=
=I26O
-----END PGP SIGNATURE-----



From gerv at mozilla.org  Fri Jul 11 12:37:19 2003
From: gerv at mozilla.org (Gervase Markham)
Date: Fri, 11 Jul 2003 13:37:19 +0100
Subject: Bugzilla as a task management tool
In-Reply-To: <200307110816.33813.yannick.koehler@colubris.com>
References: <Pine.LNX.4.44.0307101024050.19462-100000@yakko.chicks.net> <3F0DFFCA.3030902@mozilla.org> <200307110816.33813.yannick.koehler@colubris.com>
Message-ID: <3F0EAF7F.6070106@mozilla.org>

Yannick Koehler wrote:
> And if you do hack it all, release as patch and submit to all, people will use 
> it and then bugzilla developer will understand that this is what Bugzilla 
> user need and at some point in time will be force to integrate or support 
> this concept.

There is flawed logic in this statement. Bugzilla users (that is, 
organisations) probably also need an email server, but that doesn't mean 
Bugzilla should contain one.

Yes, we should provide ways to integrate related third party 
applications (see P4DTI for an example; we are hopefully doing some work 
to make their lives easier) but that does not mean we are writing or 
building in a source control system.

Currently, the Bugzilla team are busy enough that just making Bugzilla 
track bugs is hard work. We've always resisted broadening the scope in 
the past - now seems a particularly bad time to change that policy.

Gerv



From yannick.koehler at colubris.com  Fri Jul 11 13:36:39 2003
From: yannick.koehler at colubris.com (Yannick Koehler)
Date: Fri, 11 Jul 2003 09:36:39 -0400
Subject: Bugzilla as a task management tool
In-Reply-To: <3F0EAF7F.6070106@mozilla.org>
References: <Pine.LNX.4.44.0307101024050.19462-100000@yakko.chicks.net> <200307110816.33813.yannick.koehler@colubris.com> <3F0EAF7F.6070106@mozilla.org>
Message-ID: <200307110936.42174.yannick.koehler@colubris.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


> Yannick Koehler wrote:
> > And if you do hack it all, release as patch and submit to all, people
> > will use it and then bugzilla developer will understand that this is what
> > Bugzilla user need and at some point in time will be force to integrate
> > or support this concept.
>
> There is flawed logic in this statement. Bugzilla users (that is,
> organisations) probably also need an email server, but that doesn't mean
> Bugzilla should contain one.

That guy wasn't asking for third party integration but for the notion of 
changing bugs into tasks.  Which seems very interesting.  This could be 
implemented as another field that say if an entry is a bug, task, ticket 
etc...  You then use the dependency system to sort them properly and you can 
then have a display of a bug with all its dependency task (because you can 
differentiate between a bug and a task at the data layer now due to the new 
field).

Have Bugzilla becomes more generic than a bug database and maybe become a 
Tracking System instead of a Bug Tracking System.  This would only reflect 
its reality as most people use it for enhancement tracking which are not Bug 
and for ticket which again are not bug.

Also having that field could allow for bugzilla to offer a plugin type that 
would make it possible for developer that wants to offer different template/
view based on the type of the entry to be able to do so.  Same with which 
fields are requested by bug, by task, etc..  

The logic is also not flawed because that is how open source works, make it 
yourself, distribute it and market (see users) will force main branches to 
follow on the feature that actually are used most often.

As you have read, I didn't ask bugzilla developer to do it, but to that person 
to do it and then give it to bugzilla developers for them to integrate/reject 
when they have time.

- -- 

Yannick Koehler
Software Designer - Colubris Networks Inc.

Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xD34D4575
Key fingerprint = 8387 F009 A55F FFCD F87D BE18 6DEA 8D06 D34D 4575

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/Dr1obeqNBtNNRXURAreHAJ91LOAdbh0KSuvgj6q+SYQSrG4EYACeJpIi
ioD/ZKODlMtOrHNa142tFDs=
=qScl
-----END PGP SIGNATURE-----



From bugreport at peshkin.net  Fri Jul 11 14:19:28 2003
From: bugreport at peshkin.net (Joel Peshkin)
Date: Fri, 11 Jul 2003 07:19:28 -0700
Subject: Bugzilla as a task management tool
In-Reply-To: <200307110936.42174.yannick.koehler@colubris.com>
References: <Pine.LNX.4.44.0307101024050.19462-100000@yakko.chicks.net> <200307110816.33813.yannick.koehler@colubris.com> <3F0EAF7F.6070106@mozilla.org> <200307110936.42174.yannick.koehler@colubris.com>
Message-ID: <3F0EC770.4010609@peshkin.net>


Actually, this is slightly more than a UI tweak....

For exactly the same reasons why we discourage sites from fragmenting 
bugzilla into multiple installations and encourage them to simply define 
multiple products within a single installation (one query does it all, 
one set of userids, dependencies work, etc...), it is suboptimal to have 
a distinct bugzilla and taskzilla.

This means that we either have a severity of "Task" or "Action" right 
along with our existing severities (which is what I do for task 
managment - and I am a developer) or we add a field to the schema that 
triggers a broader set of UI changes because the system becomes aware of 
the distinction between a task and a bug.  It also elevates the 
importance of due dates which can be handy for bugs and tasks alike.

We see this request on the list and newsgroup regularly.  I suspect that 
I am not the only bugzilla developer who actually uses bugzilla for 
tasks right alongside of bugs.  It is time for a good proposal on how to 
do this right rather than a hack that just renames fields.

-Joel




From yannick.koehler at colubris.com  Fri Jul 11 14:27:30 2003
From: yannick.koehler at colubris.com (Yannick Koehler)
Date: Fri, 11 Jul 2003 10:27:30 -0400
Subject: Bugzilla as a task management tool
In-Reply-To: <3F0EC770.4010609@peshkin.net>
References: <Pine.LNX.4.44.0307101024050.19462-100000@yakko.chicks.net> <200307110936.42174.yannick.koehler@colubris.com> <3F0EC770.4010609@peshkin.net>
Message-ID: <200307111027.33828.yannick.koehler@colubris.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


> For exactly the same reasons why we discourage sites from fragmenting
> bugzilla into multiple installations and encourage them to simply define
> multiple products within a single installation (one query does it all,
> one set of userids, dependencies work, etc...), it is suboptimal to have
> a distinct bugzilla and taskzilla.

Exactly so it would make sense to have support for more than bug inside 
Bugzilla and would also allow one to attach a bug to a ticket and task to 
bug.

> This means that we either have a severity of "Task" or "Action" right
> along with our existing severities (which is what I do for task
> managment - and I am a developer) or we add a field to the schema that
> triggers a broader set of UI changes because the system becomes aware of
> the distinction between a task and a bug.  It also elevates the
> importance of due dates which can be handy for bugs and tasks alike.

Please... Severity is a severity.  A task is not a severity.  A task must have 
its own severity!

The same thing with an enhancement... An enhancement is NOT a bug.  It is an 
idea, a feature that needs to have a severity field related to the product 
acceptance to market.  Severity help in establishing priority.  But priority 
between enhancement and bug is unrelated.  Same for task.

4 task may be attached to a bug, only 3 done will resolve the bug but the 4th 
one would provide better ease-of-use or a no-effect on the software such as a 
task to test it...  Or get feedback from customer.  Therefore severity could 
help indicating that.  Some task are more or less severe in order to resolve 
the bug.

- -- 

Yannick Koehler
Software Designer - Colubris Networks Inc.

Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xD34D4575
Key fingerprint = 8387 F009 A55F FFCD F87D BE18 6DEA 8D06 D34D 4575

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/DslUbeqNBtNNRXURAhkAAKC4B/mMzoYYiJdstVL4qwf6rUCeaQCeM/dz
mt1XJ1yOFK887SGMLh4HwZI=
=muMr
-----END PGP SIGNATURE-----



From bugreport at peshkin.net  Fri Jul 11 15:02:12 2003
From: bugreport at peshkin.net (Joel Peshkin)
Date: Fri, 11 Jul 2003 08:02:12 -0700
Subject: Bugzilla as a task management tool
In-Reply-To: <200307111027.33828.yannick.koehler@colubris.com>
References: <Pine.LNX.4.44.0307101024050.19462-100000@yakko.chicks.net> <200307110936.42174.yannick.koehler@colubris.com> <3F0EC770.4010609@peshkin.net> <200307111027.33828.yannick.koehler@colubris.com>
Message-ID: <3F0ED174.6020200@peshkin.net>


Or, alternatively, people requesting a feature could become 
argumentative enough that the developers who are willing to consider 
inserting a well crafted feature decide to drop the subject.




From justdave at syndicomm.com  Fri Jul 11 15:28:30 2003
From: justdave at syndicomm.com (David Miller)
Date: Fri, 11 Jul 2003 11:28:30 -0400
Subject: Bugzilla as a task management tool
In-Reply-To: <3F0ED174.6020200@peshkin.net>
References: <Pine.LNX.4.44.0307101024050.19462-100000@yakko.chicks.net>
 <200307110936.42174.yannick.koehler@colubris.com>
 <3F0EC770.4010609@peshkin.net>
 <200307111027.33828.yannick.koehler@colubris.com>
 <3F0ED174.6020200@peshkin.net>
Message-ID: <a06001209bb3487b0c4c2@[192.168.1.204]>

See bug 9412.  http://bugzilla.mozilla.org/show_bug.cgi?id=9412
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/


From chicks at chicks.net  Fri Jul 11 14:56:26 2003
From: chicks at chicks.net (Christopher Hicks)
Date: Fri, 11 Jul 2003 10:56:26 -0400 (EDT)
Subject: Bugzilla as a task management tool
In-Reply-To: <a06001209bb3487b0c4c2@[192.168.1.204]>
Message-ID: <Pine.LNX.4.44.0307111053360.9537-100000@yakko.chicks.net>

On Fri, 11 Jul 2003, David Miller wrote:
> See bug 9412.  http://bugzilla.mozilla.org/show_bug.cgi?id=9412

The latest patch there is a year old.  If this were revived and updated to
the current code is there any chance it might be committed at the
beginning of the next development cycle?  When is the feature freeze
expected to be over approximately?  Does anyone want to give any
suggestions before I embark on such a thing?  Incidentally, does anyone
have a few hundred bugs in bugzilla to use for setting up a development
bugzilla?

-- 
</chris>

The death of democracy is not likely to be an assassination from ambush. It
will be a slow extinction from apathy, indifference, and undernourishment.
-Robert Maynard Hutchins, educator (1899-1977)



From jason at pyeron.com  Fri Jul 11 16:03:08 2003
From: jason at pyeron.com (Jason Pyeron)
Date: Fri, 11 Jul 2003 12:03:08 -0400 (EDT)
Subject: Bugzilla as a task management tool
In-Reply-To: <Pine.LNX.4.44.0307111053360.9537-100000@yakko.chicks.net>
Message-ID: <Pine.LNX.4.44.0307111200510.31250-100000@ns.pyerotechnics.com>

On Fri, 11 Jul 2003, Christopher Hicks wrote:

> On Fri, 11 Jul 2003, David Miller wrote:
> > See bug 9412.  http://bugzilla.mozilla.org/show_bug.cgi?id=9412
> 
> The latest patch there is a year old.  If this were revived and updated to
> the current code is there any chance it might be committed at the
> beginning of the next development cycle?  When is the feature freeze
> expected to be over approximately?  Does anyone want to give any
> suggestions before I embark on such a thing?  Incidentally, does anyone
> have a few hundred bugs in bugzilla to use for setting up a development
> bugzilla?


Sigh. We can give you resorces, etc. What are your requirements on the bz 
setup / content?

Will something like this go towards a stable branch in the foreseable 
future?

Jason Pyeron



-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-                                                               -
- Jason Pyeron                   http://www.pyerotechnics.com   -
- Owner & Lead                  Pyerotechnics Development, Inc. -
- +1 410 808 6646 (c)           500 West University Parkway #1S -
- +1 410 467 2266 (f)           Baltimore, Maryland  21210-3253 -
-                                                               -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

This message is for the designated recipient only and may contain 
privileged, proprietary, or otherwise private information. If you 
have received it in error, purge the message from your system and 
notify the sender immediately.  Any other use of the email by you 
is prohibited.





From chicks at chicks.net  Fri Jul 11 15:04:37 2003
From: chicks at chicks.net (Christopher Hicks)
Date: Fri, 11 Jul 2003 11:04:37 -0400 (EDT)
Subject: Bugzilla as a task management tool
In-Reply-To: <3F0DFFCA.3030902@mozilla.org>
Message-ID: <Pine.LNX.4.44.0307111059230.9537-100000@yakko.chicks.net>

On Thu, 10 Jul 2003, Myk Melez wrote:
> Instead of modifying the database schema, use dependencies (i.e. bugs 
> dependent on a parent are subtasks, other bugs are tasks).

I use bug dependancies for such purposes now.  It fails for several 
reasons:

- you still have no way to differentiate between "normal bug dependancies" 
and "this depended upon bug is actually a task necessary to completely fix  
a bug"

- notes can be spread across dozens of bugs.

- tasks really deserve to be treated differently and should be easily 
flaggable.

> Then, hack the UI (and Perl code when necessary) to provide a subtask
> creation/deletion interface inside "show bug", and hack the dependency
> tree to give you your prioritized list of tasks with subtasks.

Something like that will obviously have to be done.  But if you don't have 
a way to determine which dependancies are subtasks and which are real 
prerequisites then you can't start.

> You don't need database modifications to do this; you just need to
> optimize the UI for your particular application.

I don't see what in the current database would allow this to be 
designated.  Adding one tinyint(1) flag to the bug table really doesn't 
seem such a burden.

-- 
</chris>

The death of democracy is not likely to be an assassination from ambush. It
will be a slow extinction from apathy, indifference, and undernourishment.
-Robert Maynard Hutchins, educator (1899-1977)



From justdave at syndicomm.com  Fri Jul 11 16:43:29 2003
From: justdave at syndicomm.com (David Miller)
Date: Fri, 11 Jul 2003 12:43:29 -0400
Subject: Bugzilla as a task management tool
In-Reply-To: <Pine.LNX.4.44.0307111053360.9537-100000@yakko.chicks.net>
References: <Pine.LNX.4.44.0307111053360.9537-100000@yakko.chicks.net>
Message-ID: <a0600120cbb34955af87e@[192.168.1.204]>

On 7/11/2003 10:56 AM -0400, Christopher Hicks wrote:

> On Fri, 11 Jul 2003, David Miller wrote:
>> See bug 9412.  http://bugzilla.mozilla.org/show_bug.cgi?id=9412
>
> The latest patch there is a year old.  If this were revived and updated to
> the current code is there any chance it might be committed at the
> beginning of the next development cycle?  When is the feature freeze
> expected to be over approximately?  Does anyone want to give any
> suggestions before I embark on such a thing?  Incidentally, does anyone
> have a few hundred bugs in bugzilla to use for setting up a development
> bugzilla?

I think the original thing that kind of stalled the idea a year or so ago
was the thought that it could probably be tied in with custom fields.  I
think this is a specific enough concept, and one that's likely to wind up
with code hard-coded around it once it exists (see the "graying out" of
enhancements in buglists, for example) that it makes sense to implement it
directly.

Another one of the complaints was that "it gives you one more thing to
worry about when you file a bug, thus making bug-filing that much more
difficult."  I also know that at the time, the template system wasn't
anywhere near as matured as it is now.  I think it would be perfectly
feasible (but not necessarily necessary) to hide that field from the UI in
many places, and use a different template format to enter/view a record
based on its classification type.  The default format would of course have
the UI to choose the type, but you could change the filing links to point
specifically to that format (&format=enhreq or &format=bugrep) and get UI
tailored to it to get around the "one more thing to worry about when filing
a bug" argument.  Having the separate formats for different types I don't
think would be necessary to get this checked in, but it's something that
can be kept in mind and added later if people complain about "one more
thing to worry about".
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/


From chicks at chicks.net  Fri Jul 11 16:04:25 2003
From: chicks at chicks.net (Christopher Hicks)
Date: Fri, 11 Jul 2003 12:04:25 -0400 (EDT)
Subject: Bugzilla as a task management tool
In-Reply-To: <a0600120cbb34955af87e@[192.168.1.204]>
Message-ID: <Pine.LNX.4.44.0307111155480.9537-100000@yakko.chicks.net>

On Fri, 11 Jul 2003, David Miller wrote:

> I think the original thing that kind of stalled the idea a year or so
> ago was the thought that it could probably be tied in with custom
> fields.  I think this is a specific enough concept, and one that's
> likely to wind up with code hard-coded around it once it exists (see the
> "graying out" of enhancements in buglists, for example) that it makes
> sense to implement it directly.
> 
> Another one of the complaints was that "it gives you one more thing to
> worry about when you file a bug, thus making bug-filing that much more
> difficult."  I also know that at the time, the template system wasn't
> anywhere near as matured as it is now.  I think it would be perfectly
> feasible (but not necessarily necessary) to hide that field from the UI
> in many places, and use a different template format to enter/view a
> record based on its classification type.  The default format would of
> course have the UI to choose the type, but you could change the filing
> links to point specifically to that format (&format=enhreq or
> &format=bugrep) and get UI tailored to it to get around the "one more
> thing to worry about when filing a bug" argument.  Having the separate
> formats for different types I don't think would be necessary to get this
> checked in, but it's something that can be kept in mind and added later
> if people complain about "one more thing to worry about".

I agree totally.  I'll dig in.

Can I start a new bug for this so we don't have to keep wading through the
comments in the old one?

-- 
</chris>

The death of democracy is not likely to be an assassination from ambush. It
will be a slow extinction from apathy, indifference, and undernourishment.
-Robert Maynard Hutchins, educator (1899-1977)



From justdave at syndicomm.com  Fri Jul 11 17:38:19 2003
From: justdave at syndicomm.com (David Miller)
Date: Fri, 11 Jul 2003 13:38:19 -0400
Subject: Bugzilla as a task management tool
In-Reply-To: <Pine.LNX.4.44.0307111155480.9537-100000@yakko.chicks.net>
References: <Pine.LNX.4.44.0307111155480.9537-100000@yakko.chicks.net>
Message-ID: <a0600120ebb34a644ef37@[192.168.1.204]>

On 7/11/2003 12:04 PM -0400, Christopher Hicks wrote:

> I agree totally.  I'll dig in.

FYI, either the clock is an hour off on yakko.chicks.net or it's set for
the wrong timezone.  Your replies are all showing up before the messages
you reply to in my mailbox.

> Can I start a new bug for this so we don't have to keep wading through the
> comments in the old one?

I'd rather it stay on the same bug if it's fixing the same issue.  Someone
will probably make it a dupe if you file a new one.
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/


From jason at pyeron.com  Fri Jul 11 17:56:49 2003
From: jason at pyeron.com (Jason Pyeron)
Date: Fri, 11 Jul 2003 13:56:49 -0400 (EDT)
Subject: Bugzilla as a task management tool
In-Reply-To: <a0600120ebb34a644ef37@[192.168.1.204]>
Message-ID: <Pine.LNX.4.44.0307111350120.32693-100000@ns.pyerotechnics.com>

On Fri, 11 Jul 2003, David Miller wrote:

> On 7/11/2003 12:04 PM -0400, Christopher Hicks wrote:
> 
> > Can I start a new bug for this so we don't have to keep wading through the
> > comments in the old one?
> 
> I'd rather it stay on the same bug if it's fixing the same issue.  Someone
> will probably make it a dupe if you file a new one.

File new, summarize the detail from the old, then mark the old as a 
dup of the new?

[off-topic]

I have seen this issue many times. The bug log fills up with tangents or 
dead trains of thought, you are on comment 116, and patch 23. Would there 
be a better way to "filter" or collapse older entries?

or is the new, sum, dup technique the best way?

We also have scheduled times where we reap bugzilla, so get a more clean 
focus on each bug.

Jason Pyeron

-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-                                                               -
- Jason Pyeron                   http://www.pyerotechnics.com   -
- Owner & Lead                  Pyerotechnics Development, Inc. -
- +1 410 808 6646 (c)           500 West University Parkway #1S -
- +1 410 467 2266 (f)           Baltimore, Maryland  21210-3253 -
-                                                               -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

This message is for the designated recipient only and may contain 
privileged, proprietary, or otherwise private information. If you 
have received it in error, purge the message from your system and 
notify the sender immediately.  Any other use of the email by you 
is prohibited.





From justdave at syndicomm.com  Fri Jul 11 18:15:14 2003
From: justdave at syndicomm.com (David Miller)
Date: Fri, 11 Jul 2003 14:15:14 -0400
Subject: Bugzilla as a task management tool
In-Reply-To:  <Pine.LNX.4.44.0307111350120.32693-100000@ns.pyerotechnics.com>
References: <Pine.LNX.4.44.0307111350120.32693-100000@ns.pyerotechnics.com>
Message-ID: <a0600120fbb34aba03103@[192.168.1.204]>

On 7/11/2003 1:56 PM -0400, Jason Pyeron wrote:

> On Fri, 11 Jul 2003, David Miller wrote:
>
>> On 7/11/2003 12:04 PM -0400, Christopher Hicks wrote:
>>
>> > Can I start a new bug for this so we don't have to keep wading through the
>> > comments in the old one?
>>
>> I'd rather it stay on the same bug if it's fixing the same issue.  Someone
>> will probably make it a dupe if you file a new one.
>
> File new, summarize the detail from the old, then mark the old as a
> dup of the new?

Hmm, yeah, that's a thought.  The only possible bad thing about doing that
is all the people that have voted/CC list, etc.  It's sort of rude to
forcefully CC a bunch of people you don't know on the new bug.  But
probably putting a comment on the old bug that they should move their
votes/CCs to the new bug if they're still interested would suffice.  If
they still do, they probably will.  Let me know when the new bug is up with
the summary of the old one in place on it and I'll take care of duping the
original (so it has a mark of authority on it :)

Because of our lack of charset enforcement, the XML version of bug 9412
isn't parsable XML anyway.  Someone put some non-UTF8 characters in comment
29.  That chokes up our bot on IRC that spits out bug summaries when we
mention bug numbers because it can't read it :)
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/


From yannick.koehler at colubris.com  Fri Jul 11 18:34:29 2003
From: yannick.koehler at colubris.com (Yannick Koehler)
Date: Fri, 11 Jul 2003 14:34:29 -0400
Subject: Allow hiding of comments [Was: Bugzilla as a task management tool]
In-Reply-To: <Pine.LNX.4.44.0307111350120.32693-100000@ns.pyerotechnics.com>
References: <Pine.LNX.4.44.0307111350120.32693-100000@ns.pyerotechnics.com>
Message-ID: <200307111434.30846.yannick.koehler@colubris.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> [off-topic]
>
> I have seen this issue many times. The bug log fills up with tangents or
> dead trains of thought, you are on comment 116, and patch 23. Would there
> be a better way to "filter" or collapse older entries?
>
> or is the new, sum, dup technique the best way?
>
> We also have scheduled times where we reap bugzilla, so get a more clean
> focus on each bug.
>
> Jason Pyeron

Which bring a really interesting enhancement...  Have bugzilla allow for 
hiding specific comments which could then be seen under a "more details" 
hyperlink (be it a CSS hide/show feature or another page to load).  This way 
those bugs with huge comments could be filtered (without actually deleting 
the content).  It probably already exists in bugzilla thought ;-)

- -- 

Yannick Koehler

Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xD34D4575
Key fingerprint = 8387 F009 A55F FFCD F87D BE18 6DEA 8D06 D34D 4575

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/DwM1beqNBtNNRXURAsMIAKCf+zCCIULYl1TN3hSdI/1ha5LvOQCeNHFh
TdIuqHNAeJSnjqWE2ISnHTM=
=xP78
-----END PGP SIGNATURE-----



From preed at sigkill.com  Sat Jul 12 09:44:39 2003
From: preed at sigkill.com (J. Paul Reed)
Date: Sat, 12 Jul 2003 02:44:39 -0700
Subject: 84876 Returns!
Message-ID: <20030712024439.C13799@sigkill.com>


It's BAAAAAAAACCCCKKK!

That's right, that venerable MTA bug we all hate-to-love and love-to-hate
has had my latest uber-patch posted to it. And this time, it's a patch I
think everyone can love... even Gerv! ;-)

This patch is the result of about a month of general thinking about how to
go about handling this architecture, given all the issues raised in all
those "festive" email threads and the bug itself. I went through all of
that stuff at least once... some of it twice, plus through all the
currently open Email Notification module bugs to make sure that the patch
that's been presented for your reviewing pleasure meets, or at least
intelligently addresses those issues and pending bugs.

Due to the architectural changes (and all of this pondering), this patch 
for bug 84876 also happens to directly fix bugs 87801, 126151, 100089,
178370, 148147 and indirectly (via templatization or other architectural
changes) fixes bugs 70710, 73330, 94293. The following bugs would be a
cinch to fix now: 110692 and 137261.

I'll be requesting reviews from a couple of specific reviewers, but if
you're interested in this patch, it could use a pair of eyes from
Win32-ers, people familiar with the Bugzilla::Flag stuff, and, of course,
lots of user testing.

This patch is running on http://landfill.bugzilla.org/preed/bugzilla/;
please feel free to grab an account and mess around with things.

A few notes when reviewing/testing:

-- Be gentle on my TT work; I probably did some stupid things, since this
is the first time I've done hardcore TT development; there's probably even
some blatant bugs in there, so hopefully a TT guru can pour over that.

-- CC: doesn't work yet; I was going to fix this later, but it turns out
that Bugzilla::Flag uses it, so that's broken for now, but the second
version of the patch (which will invariably follow) will have a fix. I
already have a plan to fix it anyway...

-- Speaking of Bugzilla::Flag, that's some funky TT work in there; I'll
definitely want whomever wrote those templates (or is familiar with that
code) to take a gander to make sure I got it all right.

-- Some template files have been deleted; this is because they were
templates for sending email, but were in other directories; for ease of
development and sanity, all BZ email templates are now in
template/en/default/email (or whatever's appropriate to the localization).

-- Caching of Net::SMTP handles; yes, I'm going to do this; no it's not in
there yet. I'll probably cache them via the Bugzilla instance object.

-- I didn't do an extensive amount of testing with attachment and such;
the email might look a bit funky.

Other than that, questions/concerns whatever can be addressed to the
bug/reviewing process that will hopefully get underway so this patch
doesn't bitrot for *another* eight months.

Later,
Paul
------------------------------------------------------------------------
J. Paul Reed -- 0xDF8708F8 || preed at sigkill.com || web.sigkill.com/preed
To hold on to sanity too tight is insane.   -- Nick Falzone, Pushing Tin

I use PGP; you should use PGP too... if only to piss off John Ashcroft


From justdave at syndicomm.com  Sat Jul 12 11:19:46 2003
From: justdave at syndicomm.com (David Miller)
Date: Sat, 12 Jul 2003 07:19:46 -0400
Subject: 84876 Returns!
In-Reply-To: <20030712024439.C13799@sigkill.com>
References: <20030712024439.C13799@sigkill.com>
Message-ID: <a06001202bb359f043cec@[192.168.1.204]>

On 7/12/2003 2:44 AM -0700, J. Paul Reed wrote:

> It's BAAAAAAAACCCCKKK!

Yay!  It'll probably be next week sometime before I get a chance to look at
it.  (I still have some of bbaetz's stuff on my list in front of it, too)
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/


From Madhava_Challa at onsite.satyam.com  Sat Jul 12 23:54:19 2003
From: Madhava_Challa at onsite.satyam.com (Madhava_Challa)
Date: Sat, 12 Jul 2003 19:54:19 -0400
Subject: Automatic e-mail notification when someone raises a P1/Blocker
Message-ID: <B0CB4AC5A2BBD51195E800E018C1920F013F58DF@onsite.satyam.com>

Hello Dave & Jason,

I was wondering if there is an easy way to get an e-mail notification (say
to one or more persons on the project) whenever anyone raises a P1/Blocker. 

Let me know if you already have any additional programming and/or
configuration/setup within Bugzilla which provides that facility.

Thanks in advance,

Regards,

Madhava Challa, PMP
Director (Delivery),
Satyam Computer Services,
Onsite at HealthCare Authority, State of WA,
Cell : 203-545-2642


************************************************************************** 
This email (including any attachments) is intended for the sole use of the
intended recipient/s and may contain material that is CONFIDENTIAL AND
PRIVATE COMPANY INFORMATION. Any review or reliance by others or copying or
distribution or forwarding of any or all of the contents in this message is
STRICTLY PROHIBITED. If you are not the intended recipient, please contact
the sender by email and delete all copies; your cooperation in this regard
is appreciated.
**************************************************************************


From bugreport at peshkin.net  Sun Jul 13 00:08:01 2003
From: bugreport at peshkin.net (Joel Peshkin)
Date: Sat, 12 Jul 2003 17:08:01 -0700
Subject: Automatic e-mail notification when someone raises a P1/Blocker
In-Reply-To: <B0CB4AC5A2BBD51195E800E018C1920F013F58DF@onsite.satyam.com>
References: <B0CB4AC5A2BBD51195E800E018C1920F013F58DF@onsite.satyam.com>
Message-ID: <3F10A2E1.6080805@peshkin.net>

Madhava_Challa wrote:

>Hello Dave & Jason,
>
>I was wondering if there is an easy way to get an e-mail notification (say
>to one or more persons on the project) whenever anyone raises a P1/Blocker. 
>
>Let me know if you already have any additional programming and/or
>configuration/setup within Bugzilla which provides that facility.
>
>  
>
Actually, that sounds like a good idea if we can work out some details, 
especially who controls the notificiation list and how to keep it 
managable so that a bug update does not result in a thousand emails.  If 
you file a bug on this enhancement, please copy me on it.


-Joel




From preed at sigkill.com  Sun Jul 13 00:27:30 2003
From: preed at sigkill.com (J. Paul Reed)
Date: Sat, 12 Jul 2003 17:27:30 -0700
Subject: Automatic e-mail notification when someone raises a P1/Blocker
In-Reply-To: <B0CB4AC5A2BBD51195E800E018C1920F013F58DF@onsite.satyam.com>; from Madhava_Challa@onsite.satyam.com on Sat, Jul 12, 2003 at 07:54:19PM -0400
References: <B0CB4AC5A2BBD51195E800E018C1920F013F58DF@onsite.satyam.com>
Message-ID: <20030712172730.E15947@sigkill.com>

On 12 Jul 2003 at 19:54:19, Madhava_Challa moved bits on my disk to say:

> I was wondering if there is an easy way to get an e-mail notification
> (say to one or more persons on the project) whenever anyone raises a
> P1/Blocker. 
> 
> Let me know if you already have any additional programming and/or
> configuration/setup within Bugzilla which provides that facility.

That's email notifications... and, I agree, it's a good idea (it's actually
part of a larger email-prefs issue). 

Considering I just graduated and am taking the summer off, I'll be
shameless and note that it would be likely to get implemented faster if you
threw some money at the problem. :-p

Later,
Paul
------------------------------------------------------------------------
J. Paul Reed -- 0xDF8708F8 || preed at sigkill.com || web.sigkill.com/preed
To hold on to sanity too tight is insane.   -- Nick Falzone, Pushing Tin

I use PGP; you should use PGP too... if only to piss off John Ashcroft


From jason at pyeron.com  Sun Jul 13 00:51:00 2003
From: jason at pyeron.com (Jason Pyeron)
Date: Sat, 12 Jul 2003 20:51:00 -0400 (EDT)
Subject: [off-topic] Re: Automatic e-mail notification when someone raises
 a P1/Blocker
In-Reply-To: <20030712172730.E15947@sigkill.com>
Message-ID: <Pine.LNX.4.44.0307122042430.10481-100000@ns.pyerotechnics.com>

On Sat, 12 Jul 2003, J. Paul Reed wrote:

> On 12 Jul 2003 at 19:54:19, Madhava_Challa moved bits on my disk to say:
> 
> > I was wondering if there is an easy way to get an e-mail notification
> > (say to one or more persons on the project) whenever anyone raises a
> > P1/Blocker. 
> 
> Considering I just graduated and am taking the summer off, I'll be
> shameless and note that it would be likely to get implemented faster if you
> threw some money at the problem. :-p

Hehehe... I like people who are to the point.

I have been wondering things along this line myself.

Given there are those who would pay $$$ for changes to bugzilla.
Those same persons want the same changes to be a "supported" part of 
bugzilla. I.E. official bugzilla patches/revisions.


Who and how can money be taken in for this?

Can a consulting firm discuss with a committee to get a price, how can such 
a committee be formed? where do the funds go? What do they get use for?

random thought of the day.

Jason Pyeron

PS. Paul, go for it but I don't think that Paul would pay, or at least be 
able to pay due to internal poulticing.

-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-                                                               -
- Jason Pyeron                   http://www.pyerotechnics.com   -
- Owner & Lead                  Pyerotechnics Development, Inc. -
- +1 410 808 6646 (c)           500 West University Parkway #1S -
- +1 410 467 2266 (f)           Baltimore, Maryland  21210-3253 -
-                                                               -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

This message is for the designated recipient only and may contain 
privileged, proprietary, or otherwise private information. If you 
have received it in error, purge the message from your system and 
notify the sender immediately.  Any other use of the email by you 
is prohibited.







From Madhava_Challa at onsite.satyam.com  Sun Jul 13 00:55:35 2003
From: Madhava_Challa at onsite.satyam.com (Madhava_Challa)
Date: Sat, 12 Jul 2003 20:55:35 -0400
Subject: [off-topic] Re: Automatic e-mail notification when someone ra
Message-ID: <B0CB4AC5A2BBD51195E800E018C1920F013F58E5@onsite.satyam.com>

So much for the freebie world :-)

No offence meant anyone. It only speaks about how things have got tough in
the IT world in general in the US..

Good Luck, Paul ! That was a good try :-)

Regards,
 
-----Original Message-----
From: Jason Pyeron
To: developers at bugzilla.org
Sent: 7/12/03 8:51 PM
Subject: [off-topic] Re: Automatic e-mail notification when someone raises a
P1/Blocker

On Sat, 12 Jul 2003, J. Paul Reed wrote:

> On 12 Jul 2003 at 19:54:19, Madhava_Challa moved bits on my disk to
say:
> 
> > I was wondering if there is an easy way to get an e-mail
notification
> > (say to one or more persons on the project) whenever anyone raises a
> > P1/Blocker. 
> 
> Considering I just graduated and am taking the summer off, I'll be
> shameless and note that it would be likely to get implemented faster
if you
> threw some money at the problem. :-p

Hehehe... I like people who are to the point.

I have been wondering things along this line myself.

Given there are those who would pay $$$ for changes to bugzilla.
Those same persons want the same changes to be a "supported" part of 
bugzilla. I.E. official bugzilla patches/revisions.


Who and how can money be taken in for this?

Can a consulting firm discuss with a committee to get a price, how can
such 
a committee be formed? where do the funds go? What do they get use for?

random thought of the day.

Jason Pyeron

PS. Paul, go for it but I don't think that Paul would pay, or at least
be 
able to pay due to internal poulticing.

-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-                                                               -
- Jason Pyeron                   http://www.pyerotechnics.com   -
- Owner & Lead                  Pyerotechnics Development, Inc. -
- +1 410 808 6646 (c)           500 West University Parkway #1S -
- +1 410 467 2266 (f)           Baltimore, Maryland  21210-3253 -
-                                                               -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

This message is for the designated recipient only and may contain 
privileged, proprietary, or otherwise private information. If you 
have received it in error, purge the message from your system and 
notify the sender immediately.  Any other use of the email by you 
is prohibited.





-
To view or change your list settings, click here:
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=Madhava_Challa at onsite.satyam
.com>
************************************************************************** 
This email (including any attachments) is intended for the sole use of the
intended recipient/s and may contain material that is CONFIDENTIAL AND
PRIVATE COMPANY INFORMATION. Any review or reliance by others or copying or
distribution or forwarding of any or all of the contents in this message is
STRICTLY PROHIBITED. If you are not the intended recipient, please contact
the sender by email and delete all copies; your cooperation in this regard
is appreciated.
**************************************************************************


From preed at sigkill.com  Sun Jul 13 01:04:58 2003
From: preed at sigkill.com (J. Paul Reed)
Date: Sat, 12 Jul 2003 18:04:58 -0700
Subject: [off-topic] Re: Automatic e-mail notification when someone raises a P1/Blocker
In-Reply-To: <Pine.LNX.4.44.0307122042430.10481-100000@ns.pyerotechnics.com>; from jason@pyeron.com on Sat, Jul 12, 2003 at 08:51:00PM -0400
References: <20030712172730.E15947@sigkill.com> <Pine.LNX.4.44.0307122042430.10481-100000@ns.pyerotechnics.com>
Message-ID: <20030712180458.A16984@sigkill.com>

On 12 Jul 2003 at 20:51:00, Jason Pyeron moved bits on my disk to say:

> Who and how can money be taken in for this?
> 
> Can a consulting firm discuss with a committee to get a price, how can such 
> a committee be formed? where do the funds go? What do they get use for?
> 
> random thought of the day.

Typically, the way it's done (with any open source-type project, really) is
a company will contract with someone who's (often already) a member of the
core development team, with the intention of having the code they pay to be
developed go through the normal peer review and integration process, so it
gets checked into the standard tree, and thus will be supported by the
team, officially and in perpetuity.

If a company wants changes they don't want to donate back to the project
(or that the project is unwilling to accept for whatever reason), then the
company has to make a decision on whether or not to employ that contractor
to make patches for the currently released version of the product, and
leave it at that, or employ the contractor long-term to keep the patch
synced with project's releases.

As for the logistics, it's a private business relationship, so anyone who
wants to offer those services can charge whatever they want and set it up
however they want with the entity wanting to purchase the services.

See http://www.bugzilla.org/consulting.html.

> PS. Paul, go for it but I don't think that Paul would pay, or at least be
> able to pay due to internal poulticing.

Never hurts to try. ;-)

Later,
Paul
------------------------------------------------------------------------
J. Paul Reed -- 0xDF8708F8 || preed at sigkill.com || web.sigkill.com/preed
To hold on to sanity too tight is insane.   -- Nick Falzone, Pushing Tin

I use PGP; you should use PGP too... if only to piss off John Ashcroft


From preed at sigkill.com  Sun Jul 13 01:20:08 2003
From: preed at sigkill.com (J. Paul Reed)
Date: Sat, 12 Jul 2003 18:20:08 -0700
Subject: [off-topic] Re: Automatic e-mail notification when someone ra
In-Reply-To: <B0CB4AC5A2BBD51195E800E018C1920F013F58E5@onsite.satyam.com>; from Madhava_Challa@onsite.satyam.com on Sat, Jul 12, 2003 at 08:55:35PM -0400
References: <B0CB4AC5A2BBD51195E800E018C1920F013F58E5@onsite.satyam.com>
Message-ID: <20030712182008.B16984@sigkill.com>

On 12 Jul 2003 at 20:55:35, Madhava_Challa moved bits on my disk to say:

> So much for the freebie world :-)
> 
> No offence meant anyone. It only speaks about how things have got tough
> in the IT world in general in the US..

Well, I want to be clear here: it's a good idea, and it'll probably get
implemented, but it falls under the general umbrella of email preferences,
and making those not suck (bug 73665).

Now, considering that realistic patch for bug 84876, which is 25 months
old now, was just submitted yesterday, and it's just the first round of
reviewing and testing, it should be clear that asking for a feature--when
its proper solution may include rearchitecting part of the system--can take
awhile.

Sometimes a long while.

But not if you (or a company) are willing to pay for it. If that's
someone's *job*, then it's significantly more likely it will get done in a
timeframe that the company and contractor are happy with (constraints of
the project aside). That's all I was suggesting.

A feature like that will probably go in at some point; the question is: how
long, and are you willing to wait for it?

Later,
Paul
------------------------------------------------------------------------
J. Paul Reed -- 0xDF8708F8 || preed at sigkill.com || web.sigkill.com/preed
To hold on to sanity too tight is insane.   -- Nick Falzone, Pushing Tin

I use PGP; you should use PGP too... if only to piss off John Ashcroft


From justdave at syndicomm.com  Sun Jul 13 01:30:39 2003
From: justdave at syndicomm.com (David Miller)
Date: Sat, 12 Jul 2003 21:30:39 -0400
Subject: Money for Bugzilla development [was: [off-topic] ...]
In-Reply-To:  <Pine.LNX.4.44.0307122042430.10481-100000@ns.pyerotechnics.com>
References: <Pine.LNX.4.44.0307122042430.10481-100000@ns.pyerotechnics.com>
Message-ID: <a06001a00bb365f3403cc@[192.168.0.199]>

I'm not so sure this is actually off-topic...

On 7/12/2003 8:51 PM -0400, Jason Pyeron wrote:

> I have been wondering things along this line myself.
>
> Given there are those who would pay $$$ for changes to bugzilla.
> Those same persons want the same changes to be a "supported" part of
> bugzilla. I.E. official bugzilla patches/revisions.
>
>
> Who and how can money be taken in for this?
>
> Can a consulting firm discuss with a committee to get a price, how can such
> a committee be formed? where do the funds go? What do they get use for?
>
> random thought of the day.

I've thought about that a lot, and haven't really come up with any good
ideas yet...   and the idea is big on my mind right now because my current
contract with Netscape is up on Sept 1st, and the project I was brought in
for looks like it'll actually be done by then, so there's not much chance
of a renewal.

My main concern with that kind of idea is I don't want to wind up with some
outside company winding up making policy for Bugzilla by way of saying "we
paid money for this, so this is how it's going to be."  It would be more
like that if someone were paying me to work on Bugzilla because then I
would need to do what they were paying me to do, which might not line up
with the project goals... I guess in a way I just don't want the current
core group to lose control of Bugzilla.

On the other hand, it works for Mozilla.  You have companies like Netscape,
IBM, OEOne, Sun, etc throwing huge amounts of resources at Mozilla.  Maybe
we need to get an inside picture of how they do it.  A lot of our structure
is already based on theirs, but on a much smaller scale. :)  I know they
have a drivers committee, which has to approve any new features going in.
Maybe if we make sure our goal sheet is specific enough, and then only take
money from people whose ideas they want to pay to have implemented fall in
line with those goals.
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/


From bugreport at peshkin.net  Sun Jul 13 06:01:14 2003
From: bugreport at peshkin.net (Joel Peshkin)
Date: Sat, 12 Jul 2003 23:01:14 -0700
Subject: Money for Bugzilla development [was: [off-topic] ...]
In-Reply-To: <a06001a00bb365f3403cc@[192.168.0.199]>
References: <Pine.LNX.4.44.0307122042430.10481-100000@ns.pyerotechnics.com> <a06001a00bb365f3403cc@[192.168.0.199]>
Message-ID: <3F10F5AA.7060607@peshkin.net>

David Miller wrote:

><snip>
>
>My main concern with that kind of idea is I don't want to wind up with some
>outside company winding up making policy for Bugzilla by way of saying "we
>paid money for this, so this is how it's going to be."  It would be more
>like that if someone were paying me to work on Bugzilla because then I
>would need to do what they were paying me to do, which might not line up
>with the project goals... I guess in a way I just don't want the current
>core group to lose control of Bugzilla.
><snip>
>
This should not be a problem so long as any developer under contract 
keeps at arm's length from direction decisions.  This is simplest in 
cases where a company hires a programmer to do a task.  If the task is 
done in a manner consistent with the team's directions and of a quality 
that passes review, the patch can land.  If not, it stays as a patch 
used on certain sites only.

When members of the core group are under contract, this gets more 
complicated because it creates a conflict of interest.  It becomes 
important that memers of the core group uninvolved in the contract make 
the decisions.

We went through this a few times already.  During the development of the 
wildcard patch, I recused myself from the final review of the work done 
by an employee of mine.  During Zippy, Dave didn't try to land the 
horrible things he had to do to get Sybase to work :-)

The team itself need not be for sale just because some of its members 
work for hire.  If we want to make sure of this, we should work out some 
policies to give individual members some guidance on the subject.

-Joel





From preed at sigkill.com  Sun Jul 13 06:41:54 2003
From: preed at sigkill.com (J. Paul Reed)
Date: Sat, 12 Jul 2003 23:41:54 -0700
Subject: Money for Bugzilla development [was: [off-topic] ...]
In-Reply-To: <3F10F5AA.7060607@peshkin.net>; from bugreport@peshkin.net on Sat, Jul 12, 2003 at 11:01:14PM -0700
References: <Pine.LNX.4.44.0307122042430.10481-100000@ns.pyerotechnics.com> <a06001a00bb365f3403cc@[192.168.0.199]> <3F10F5AA.7060607@peshkin.net>
Message-ID: <20030712234154.F16984@sigkill.com>

On 12 Jul 2003 at 23:01:14, Joel Peshkin moved bits on my disk to say:

> The team itself need not be for sale just because some of its members
> work for hire.  If we want to make sure of this, we should work out some
> policies to give individual members some guidance on the subject.

Or just go full hog and copy Mozilla's drivers structure.

I would assume that drivers has veto power over anyone's decision if it's
directly financially motiviated, and not good for the project (has this
even ever happened?).

On the one hand, it's nice that Bugzilla hasn't had to deal with this at
all.

On the other, it would be great to follow in the footsteps of Linux and
Mozilla and get corporate sponsorship for Bugzilla and start taking over
the world. ;-) The creation of such a group could be the next natural
evolution of the project.

Of course, it's all worthless if there aren't companies lining up to pay
for features to be put into Bugzilla... and corporate sponsorship hasn't
seemed like a huge issue.

Is it (and I'm missing something)? Should it be? Can developers@ or
reviewers@ do anything to help change reality to those answers, once we
have them? Do we need to?

Has Paul asked enough questions yet?

Later,
Paul
------------------------------------------------------------------------
J. Paul Reed -- 0xDF8708F8 || preed at sigkill.com || web.sigkill.com/preed
To hold on to sanity too tight is insane.   -- Nick Falzone, Pushing Tin

I use PGP; you should use PGP too... if only to piss off John Ashcroft


From Madhava_Challa at onsite.satyam.com  Sun Jul 13 07:03:56 2003
From: Madhava_Challa at onsite.satyam.com (Madhava_Challa)
Date: Sun, 13 Jul 2003 03:03:56 -0400
Subject: Money for Bugzilla development [was: [off-topic] ...]
Message-ID: <B0CB4AC5A2BBD51195E800E018C1920F013F58EB@onsite.satyam.com>

Hello All,

I never knew my simple request for automatic e-mail notifications would stir
such a strong discussion..

This opens my eyes into the freebie world, which I always wondered how it
ever worked..

Anyway, let's continue the discussion.. It's interesting... Don't get me
wrong, I am just getting more curious(er) . No Offence meant again..

Regards,

-----Original Message-----
From: J. Paul Reed
To: developers at bugzilla.org
Sent: 7/13/03 2:41 AM
Subject: Re: Money for Bugzilla development [was: [off-topic] ...]

On 12 Jul 2003 at 23:01:14, Joel Peshkin moved bits on my disk to say:

> The team itself need not be for sale just because some of its members
> work for hire.  If we want to make sure of this, we should work out
some
> policies to give individual members some guidance on the subject.

Or just go full hog and copy Mozilla's drivers structure.

I would assume that drivers has veto power over anyone's decision if
it's
directly financially motiviated, and not good for the project (has this
even ever happened?).

On the one hand, it's nice that Bugzilla hasn't had to deal with this at
all.

On the other, it would be great to follow in the footsteps of Linux and
Mozilla and get corporate sponsorship for Bugzilla and start taking over
the world. ;-) The creation of such a group could be the next natural
evolution of the project.

Of course, it's all worthless if there aren't companies lining up to pay
for features to be put into Bugzilla... and corporate sponsorship hasn't
seemed like a huge issue.

Is it (and I'm missing something)? Should it be? Can developers@ or
reviewers@ do anything to help change reality to those answers, once we
have them? Do we need to?

Has Paul asked enough questions yet?

Later,
Paul
------------------------------------------------------------------------
J. Paul Reed -- 0xDF8708F8 || preed at sigkill.com || web.sigkill.com/preed
To hold on to sanity too tight is insane.   -- Nick Falzone, Pushing Tin

I use PGP; you should use PGP too... if only to piss off John Ashcroft
-
To view or change your list settings, click here:
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=Madhava_Challa at onsite.satyam
.com>
************************************************************************** 
This email (including any attachments) is intended for the sole use of the
intended recipient/s and may contain material that is CONFIDENTIAL AND
PRIVATE COMPANY INFORMATION. Any review or reliance by others or copying or
distribution or forwarding of any or all of the contents in this message is
STRICTLY PROHIBITED. If you are not the intended recipient, please contact
the sender by email and delete all copies; your cooperation in this regard
is appreciated.
**************************************************************************


From preed at sigkill.com  Sun Jul 13 09:16:53 2003
From: preed at sigkill.com (J. Paul Reed)
Date: Sun, 13 Jul 2003 02:16:53 -0700
Subject: Money for Bugzilla development [was: [off-topic] ...]
In-Reply-To: <B0CB4AC5A2BBD51195E800E018C1920F013F58EB@onsite.satyam.com>; from Madhava_Challa@onsite.satyam.com on Sun, Jul 13, 2003 at 03:03:56AM -0400
References: <B0CB4AC5A2BBD51195E800E018C1920F013F58EB@onsite.satyam.com>
Message-ID: <20030713021653.A18358@sigkill.com>

On 13 Jul 2003 at 03:03:56, Madhava_Challa moved bits on my disk to say:

> I never knew my simple request for automatic e-mail notifications would
> stir such a strong discussion..

Well... it's a good discussion for the team to have every half-a-rev cycle
or so.  ;-)

> This opens my eyes into the freebie world, which I always wondered how it
> ever worked..

Well, there's your first mistake. Open source != freebie. In fact, calling
it "freebie" is kinda insulting (to me, at least; I know you're not trying
to be insulting, but I'm letting you know it could be taken that way by
others) because it reminds me of the "freebie crap" you get at a carnival
or when you sign up for a new checking account.

Bugzilla may be "free," but it's not "freebie crap" (again, the "crap" part
is the conotation *I* tend to think of; I'm not implying you were
necessarily meaning that... :-)

Your confusion might stem from "free software" meaning "free speech" vs.
"free beer" (as it's often explained); read more about that aspect of open
source here: 

http://www.opensource.org/advocacy/free-notfree.php
http://www.gnu.org/philosophy/selling.html
http://www.opensource.org/advocacy/jobs.php

I can assure you, though, that the development process is just as strenuous
as that of a closed-source package. In fact, often times, open source
development models are *more* strenuous; they *have* to be to make it work
with volunteers scattered around the world.

Feel free to email me privately if you'd like some more pointers to how
open source works or some questions on how the Bugzilla and Mozilla teams
get their work done.

Honestly though, you shouldn't feel bad; this kind of open discussion is
what makes open source work, and this discussion is actually pretty tame
(if you want lively, check out bug 84876 or bug 156979).

Later,
Paul
------------------------------------------------------------------------
J. Paul Reed -- 0xDF8708F8 || preed at sigkill.com || web.sigkill.com/preed
To hold on to sanity too tight is insane.   -- Nick Falzone, Pushing Tin

I use PGP; you should use PGP too... if only to piss off John Ashcroft


From bugreport at peshkin.net  Sun Jul 13 15:39:17 2003
From: bugreport at peshkin.net (Joel Peshkin)
Date: Sun, 13 Jul 2003 08:39:17 -0700
Subject: notifications back on topic [was: Money for Bugzilla development...]
In-Reply-To: <B0CB4AC5A2BBD51195E800E018C1920F013F58EB@onsite.satyam.com>
References: <B0CB4AC5A2BBD51195E800E018C1920F013F58EB@onsite.satyam.com>
Message-ID: <3F117D25.8060902@peshkin.net>

Madhava_Challa wrote:

>Hello All,
>
>I never knew my simple request for automatic e-mail notifications would stir
>such a strong discussion..
>
>This opens my eyes into the freebie world, which I always wondered how it
>ever worked..
>
>Anyway, let's continue the discussion.. It's interesting... Don't get me
>wrong, I am just getting more curious(er) . No Offence meant again..
>
>  
>
Nobody is offended (but please use the term "open source" which carries 
with it its connotations of a strong culture of peer review rather than 
"freebie" which carries with it connotiations of the junk people 
download from shareware sites).  Issues of how the development team 
maintains its direction while members of the team are being paid by 
parties with specific interests are very much analogous to the issues 
faces by scientific and medical policy groups when handling corporate 
sponsorship for the work.

To get back on track, thereare 2 bugs (76794 and 38922) which really 
should be merged together and both request that groups of people are 
either notified without being CCd or are CCd automatically as a function 
of the product/component a bug is in.  It seems quite natural that a 
comprehensive solution for this type of thing consider other triggers 
(such as a priority/severity change).

Since I am the developer who keeps an eye on the security needs of 
commercial users of bugzilla, I am putting on my group security hat. I 
would require the following of any proposal.....

1) It should be possible to disable the ability of users to configure 
watching for themselves independently of the administrator's ability to 
configure watching for users.

2) The watching functions must never permit someone to become 
automatically notified on something for which they could not search or 
become CCd on something to which they would not have been able to add 
themselves.

As you can see from the age of 76794 and 38922, these are handy 
functions that have never gotten a developer focussed on actually 
implementing them.  I expect that the developement team would welcome 
the contribution of code meeting all the necessary quality concerns. 
 You could either learn the structure of the code and make a 
contribution yourself or hire someone.  Several of the team members are 
listed on the consultants page and hiring one of them for such a task 
would be a very effective way to make it happen.  

-Joel





From gerv at mozilla.org  Sun Jul 13 21:52:33 2003
From: gerv at mozilla.org (Gervase Markham)
Date: Sun, 13 Jul 2003 22:52:33 +0100
Subject: Money for Bugzilla development [was: [off-topic] ...]
In-Reply-To: <20030712234154.F16984@sigkill.com>
References: <Pine.LNX.4.44.0307122042430.10481-100000@ns.pyerotechnics.com> <a06001a00bb365f3403cc@[192.168.0.199]> <3F10F5AA.7060607@peshkin.net> <20030712234154.F16984@sigkill.com>
Message-ID: <3F11D4A1.3010103@mozilla.org>

J. Paul Reed wrote:
> I would assume that drivers has veto power over anyone's decision if it's
> directly financially motiviated, and not good for the project (has this
> even ever happened?).

No driver has "veto power" over anything; drivers at mozilla.org works by 
consensus as to what's good for the project. Sometimes, what's good for 
the project can mean making a commercial contributor happy even if what 
they want to do is not optimal. Sometimes, it can mean saying no politely.

Gerv



From JWilmoth at starbucks.com  Mon Jul 14 19:18:32 2003
From: JWilmoth at starbucks.com (Jon Wilmoth)
Date: Mon, 14 Jul 2003 12:18:32 -0700
Subject: "Evil Code" error?
Message-ID: <E2291D136BD35647A074B1053785B05B014948ED@seams042.starbucks.net>

This seems to not be going away:

[Mon Jul 14 09:19:02 2003] [error] [client 66.57.63.132] DB user  not
found:
/usr/home/naicp/usr/local/etc/httpd/htdocs/bugzilla-2.16/index.php3
[Mon Jul 14 09:19:02 2003] [error] [client 66.57.63.132] DB user  not
found:
/usr/home/naicp/usr/local/etc/httpd/htdocs/bugzilla-2.16/index.html
[Mon Jul 14 09:19:02 2003] [error] [client 66.57.63.132] DB user  not
found:
/usr/home/naicp/usr/local/etc/httpd/htdocs/bugzilla-2.16/index.htm
Evil code attempted to write 'insert into logincookies (userid,ipaddr)
values (131, '204.238.150.136')' to the shadow database at
/usr/local/lib/perl5/5.6.1/CGI/Carp.pm line 301.
[Mon Jul 14 10:15:57 2003] [error] [client 204.238.150.136] Premature
end of script headers:
/usr/home/naicp/usr/local/etc/httpd/htdocs/bugzilla-2.16/reports.cgi
Evil code attempted to write 'insert into logincookies (userid,ipaddr)
values (131, '204.238.150.136')' to the shadow database at
/usr/local/lib/perl5/5.6.1/CGI/Carp.pm line 301.
[Mon Jul 14 11:52:29 2003] [error] [client 204.238.150.136] Premature
end of script headers:
/usr/home/naicp/usr/local/etc/httpd/htdocs/bugzilla-2.16/reports.cgi
[Mon Jul 14 12:39:11 2003] [error] [client 204.238.150.136] DB user
cpalmore at starbucks.com: authentication failure for "/userprefs.cgi":
password mismatch
Evil code attempted to write 'insert into logincookies (userid,ipaddr)
values (131, '204.238.150.136')' to the shadow database at
/usr/local/lib/perl5/5.6.1/CGI/Carp.pm line 301.
[Mon Jul 14 12:40:53 2003] [error] [client 204.238.150.136] Premature
end of script headers:
/usr/home/naicp/usr/local/etc/httpd/htdocs/bugzilla-2.16/reports.cgi

Again, we do not have a shadow db configured for our 2.17.3 instance.
I'm also concerned about the "DB user  not found" messages.

-----Original Message-----
From: David Miller [mailto:justdave at syndicomm.com] 
Sent: Tuesday, July 08, 2003 5:51 PM
To: developers at bugzilla.org
Subject: Re: "Evil Code" error?

On 7/8/2003 3:32 PM -0700, Jon Wilmoth wrote:

> We've been experiencing problems with our Bugzilla server (disk space
> and other) and finally had to reboot the machine.  I'm now seeing the
> following message in the apache error_log:
>
> Evil code attempted to write 'insert into logincookies (userid,ipaddr)
> values (131, '204.238.150.136')' to the shadow database at
> /usr/local/lib/perl5/5.6.1/CGI
> /Carp.pm line 301.
>
> This sounds bad...how concerned should I be?

Um, basically something broke if you got that.  Hard to be more
specific.
That error is actually generated by Bugzilla though.  It's in the
SendSQL
sub, which in 2.16.3 is in globals.pl.  The error message is generated
if
the current database is the shadow database and something tries to do a
database write (which is only allowed on the primary database, not the
shadow).  Most of the shadow database concept went away in 2.17.x in
favor
of database replication.
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/
-
To view or change your list settings, click here:
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=jwilmoth at starbucks.com>



From jon at vmware.com  Mon Jul 14 20:08:52 2003
From: jon at vmware.com (Jonathan Schatz)
Date: 14 Jul 2003 13:08:52 -0700
Subject: notifications back on topic [was: Money for Bugzilla
In-Reply-To: <3F117D25.8060902@peshkin.net>
References: <B0CB4AC5A2BBD51195E800E018C1920F013F58EB@onsite.satyam.com>
	 <3F117D25.8060902@peshkin.net>
Message-ID: <1058213332.9240.6.camel@jonschatz-lx.vmware.com>

On Sun, 2003-07-13 at 08:39, Joel Peshkin wrote:
> To get back on track, thereare 2 bugs (76794 and 38922) which really 
> should be merged together and both request that groups of people are 
> either notified without being CCd or are CCd automatically as a function 
> of the product/component a bug is in.  It seems quite natural that a 
> comprehensive solution for this type of thing consider other triggers 
> (such as a priority/severity change).

i have this working here (ie, email notification for product
/components). i think my tree may be so far off from the cvs tree that
getting a working diff might be hard, but that might not be the case.

should i send the patch out to this list, or attach it to either of
those bugs?

-jon
-- 
Jonathan Schatz
Engineering System Administrator
VMware, Inc
"Te occidere possunt sed te edere non possunt nefas est."





From jason at pyeron.com  Mon Jul 14 22:01:19 2003
From: jason at pyeron.com (Jason Pyeron)
Date: Mon, 14 Jul 2003 18:01:19 -0400 (EDT)
Subject: notifications back on topic [was: Money for Bugzilla
In-Reply-To: <1058213332.9240.6.camel@jonschatz-lx.vmware.com>
Message-ID: <Pine.LNX.4.44.0307141759240.13720-100000@ns.pyerotechnics.com>

if your patch addresses exactly what either of the  bugs details then 
attach there. Otherwise file a new bug, with the version which your pathc 
is for, note the other bugs in you comments, submit the patch.

Wait for the wheels to turn, atleast then there will be a trail...

Jason Pyeron

On 14 Jul 2003, Jonathan Schatz wrote:

> should i send the patch out to this list, or attach it to either of
> those bugs?
> 
> -jon
> 

-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-                                                               -
- Jason Pyeron                   http://www.pyerotechnics.com   -
- Owner & Lead                  Pyerotechnics Development, Inc. -
- +1 410 808 6646 (c)           500 West University Parkway #1S -
- +1 410 467 2266 (f)           Baltimore, Maryland  21210-3253 -
-                                                               -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

This message is for the designated recipient only and may contain 
privileged, proprietary, or otherwise private information. If you 
have received it in error, purge the message from your system and 
notify the sender immediately.  Any other use of the email by you 
is prohibited.





From sdunsey at tissueinformatics.com  Tue Jul 15 18:46:10 2003
From: sdunsey at tissueinformatics.com (Susan Dunsey)
Date: Tue, 15 Jul 2003 14:46:10 -0400
Subject: "Sanity check" report
Message-ID: <8F606044B7A2D411BC7600B0D049EFCDF0F511@dermis>

I recently inherited a bugzilla system and am trying to wade through the
errors in the sanity check log. Anyone have an insight to share about that
log? I'm stumped on "bad profile email address" line because I can't seem to
find a reference to that in any of the db tables.

Please advise,
sjd


From bugreport at peshkin.net  Tue Jul 15 23:46:32 2003
From: bugreport at peshkin.net (Joel Peshkin)
Date: Tue, 15 Jul 2003 16:46:32 -0700
Subject: "Sanity check" report
In-Reply-To: <8F606044B7A2D411BC7600B0D049EFCDF0F511@dermis>
References: <8F606044B7A2D411BC7600B0D049EFCDF0F511@dermis>
Message-ID: <3F149258.1020606@peshkin.net>

Susan Dunsey wrote:

>I recently inherited a bugzilla system and am trying to wade through the
>errors in the sanity check log. Anyone have an insight to share about that
>log? I'm stumped on "bad profile email address" line because I can't seem to
>find a reference to that in any of the db tables.
>  
>
That means that an email address violates the emailregexp parameter.





From justdave at syndicomm.com  Wed Jul 16 08:16:42 2003
From: justdave at syndicomm.com (David Miller)
Date: Wed, 16 Jul 2003 04:16:42 -0400
Subject: Bugzilla 2.17.5
Message-ID: <a06001a07bb3aba054688@[192.168.1.204]>

I just realized that we've gone almost 3 months since 2.17.4 was released.
It's high time to start looking towards releasing a 2.17.5.  It would be
cool to have the new MTA Config stuff included in it (bug 84876) if we can
land that in the next week or so.
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/


From Madhava_Challa at onsite.satyam.com  Wed Jul 16 08:24:00 2003
From: Madhava_Challa at onsite.satyam.com (Madhava_Challa)
Date: Wed, 16 Jul 2003 04:24:00 -0400
Subject: Bugzilla 2.17.5
Message-ID: <B0CB4AC5A2BBD51195E800E018C1920F013F590E@onsite.satyam.com>

That sounds good David. Any word about my "open source request" (I stand
corrected on the "freebie" phrase I used:-) for automatic e-mail
notifactions based on a set criteria ? And let me also be blunt that I do
not have an open check (No offence meant).

Any trainess out there who can do this for experience and pleasure of
pursuit ? 

Regards,

-----Original Message-----
From: David Miller
To: developers at bugzilla.org
Sent: 7/16/03 4:16 AM
Subject: Bugzilla 2.17.5

I just realized that we've gone almost 3 months since 2.17.4 was
released.
It's high time to start looking towards releasing a 2.17.5.  It would be
cool to have the new MTA Config stuff included in it (bug 84876) if we
can
land that in the next week or so.
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/
-
To view or change your list settings, click here:
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=Madhava_Challa at onsite.satyam
.com>
************************************************************************** 
This email (including any attachments) is intended for the sole use of the
intended recipient/s and may contain material that is CONFIDENTIAL AND
PRIVATE COMPANY INFORMATION. Any review or reliance by others or copying or
distribution or forwarding of any or all of the contents in this message is
STRICTLY PROHIBITED. If you are not the intended recipient, please contact
the sender by email and delete all copies; your cooperation in this regard
is appreciated.
**************************************************************************


From preed at sigkill.com  Wed Jul 16 08:39:38 2003
From: preed at sigkill.com (J. Paul Reed)
Date: Wed, 16 Jul 2003 01:39:38 -0700
Subject: Bugzilla 2.17.5
In-Reply-To: <B0CB4AC5A2BBD51195E800E018C1920F013F590E@onsite.satyam.com>; from Madhava_Challa@onsite.satyam.com on Wed, Jul 16, 2003 at 04:24:00AM -0400
References: <B0CB4AC5A2BBD51195E800E018C1920F013F590E@onsite.satyam.com>
Message-ID: <20030716013938.A6445@sigkill.com>

On 16 Jul 2003 at 04:24:00, Madhava_Challa moved bits on my disk to say:

> That sounds good David. Any word about my "open source request" (I stand
> corrected on the "freebie" phrase I used:-) for automatic e-mail
> notifactions based on a set criteria ? And let me also be blunt that I do
> not have an open check (No offence meant).

Not before 2.17.5.

After 2.17.5, if there's enough time, I'd like the email prefs system (bug
73665) to go in; don't know if that's blue sky right now or not, especially
since that patch has bit-rotted some, but that's a major focus, as is email
integration (bug 94850), even though that's not email notifications, per
se, but it's an important enough and oft-requested feature that it should
probably be in 2.18.

There are also a couple of major/blocker bugs in the email notifications
module that have precedence over new features.
 
> Any trainess out there who can do this for experience and pleasure of
> pursuit ? 

As Tara can attest to, you're talking to 'im. ;-)

Later,
Paul
------------------------------------------------------------------------
J. Paul Reed -- 0xDF8708F8 || preed at sigkill.com || web.sigkill.com/preed
To hold on to sanity too tight is insane.   -- Nick Falzone, Pushing Tin

I use PGP; you should use PGP too... if only to piss off John Ashcroft


From Madhava_Challa at onsite.satyam.com  Wed Jul 16 08:44:54 2003
From: Madhava_Challa at onsite.satyam.com (Madhava_Challa)
Date: Wed, 16 Jul 2003 04:44:54 -0400
Subject: Bugzilla 2.17.5
Message-ID: <B0CB4AC5A2BBD51195E800E018C1920F013F590F@onsite.satyam.com>

Thanks. Will the e-mail notifations be easily accomplishable by setting any
triggers at the database level.. I am not familiar with MYSQL but more
saying this from an Oracle/Sybase background.. Something I can ask one of my
developers in my team to build easily ?

Let me know what anyone's gut feel is..

Regards. 

-----Original Message-----
From: J. Paul Reed
To: developers at bugzilla.org
Sent: 7/16/03 4:39 AM
Subject: Re: Bugzilla 2.17.5

On 16 Jul 2003 at 04:24:00, Madhava_Challa moved bits on my disk to say:

> That sounds good David. Any word about my "open source request" (I
stand
> corrected on the "freebie" phrase I used:-) for automatic e-mail
> notifactions based on a set criteria ? And let me also be blunt that I
do
> not have an open check (No offence meant).

Not before 2.17.5.

After 2.17.5, if there's enough time, I'd like the email prefs system
(bug
73665) to go in; don't know if that's blue sky right now or not,
especially
since that patch has bit-rotted some, but that's a major focus, as is
email
integration (bug 94850), even though that's not email notifications, per
se, but it's an important enough and oft-requested feature that it
should
probably be in 2.18.

There are also a couple of major/blocker bugs in the email notifications
module that have precedence over new features.
 
> Any trainess out there who can do this for experience and pleasure of
> pursuit ? 

As Tara can attest to, you're talking to 'im. ;-)

Later,
Paul
------------------------------------------------------------------------
J. Paul Reed -- 0xDF8708F8 || preed at sigkill.com || web.sigkill.com/preed
To hold on to sanity too tight is insane.   -- Nick Falzone, Pushing Tin

I use PGP; you should use PGP too... if only to piss off John Ashcroft
-
To view or change your list settings, click here:
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=Madhava_Challa at onsite.satyam
.com>
************************************************************************** 
This email (including any attachments) is intended for the sole use of the
intended recipient/s and may contain material that is CONFIDENTIAL AND
PRIVATE COMPANY INFORMATION. Any review or reliance by others or copying or
distribution or forwarding of any or all of the contents in this message is
STRICTLY PROHIBITED. If you are not the intended recipient, please contact
the sender by email and delete all copies; your cooperation in this regard
is appreciated.
**************************************************************************


From jocuri at softhome.net  Wed Jul 16 08:46:54 2003
From: jocuri at softhome.net (vladd)
Date: Wed, 16 Jul 2003 11:46:54 +0300
Subject: CVS Checkin
Message-ID: <200307161146.54214.jocuri@softhome.net>

Hello,

I'd like to request someone who has CVS access to commit this r+a patch:

http://bugzilla.mozilla.org/show_bug.cgi?id=207206

Thanks,
Vlad.


From preed at sigkill.com  Wed Jul 16 08:56:21 2003
From: preed at sigkill.com (J. Paul Reed)
Date: Wed, 16 Jul 2003 01:56:21 -0700
Subject: Bugzilla 2.17.5
In-Reply-To: <B0CB4AC5A2BBD51195E800E018C1920F013F590F@onsite.satyam.com>; from Madhava_Challa@onsite.satyam.com on Wed, Jul 16, 2003 at 04:44:54AM -0400
References: <B0CB4AC5A2BBD51195E800E018C1920F013F590F@onsite.satyam.com>
Message-ID: <20030716015621.B6445@sigkill.com>

On 16 Jul 2003 at 04:44:54, Madhava_Challa moved bits on my disk to say:

> Thanks. Will the e-mail notifations be easily accomplishable by setting
> any triggers at the database level.. 

Maybe.

That's, of course, not the right way to do it, but I suppose, as a
super-hack, it would work.

> I am not familiar with MYSQL but more saying this from an Oracle/Sybase
> background.. Something I can ask one of my developers in my team to build
> easily ?

"MySQL" and "triggers" in the same sentence.

You're funny.

Later,
Paul
------------------------------------------------------------------------
J. Paul Reed -- 0xDF8708F8 || preed at sigkill.com || web.sigkill.com/preed
To hold on to sanity too tight is insane.   -- Nick Falzone, Pushing Tin

I use PGP; you should use PGP too... if only to piss off John Ashcroft


From Madhava_Challa at onsite.satyam.com  Wed Jul 16 08:57:24 2003
From: Madhava_Challa at onsite.satyam.com (Madhava_Challa)
Date: Wed, 16 Jul 2003 04:57:24 -0400
Subject: Bugzilla 2.17.5
Message-ID: <B0CB4AC5A2BBD51195E800E018C1920F013F5910@onsite.satyam.com>

I pleaded ignorance on my MYSQL.. It was not really MYSQL anyway :-) 

-----Original Message-----
From: J. Paul Reed
To: Madhava_Challa
Cc: 'developers at bugzilla.org '
Sent: 7/16/03 4:56 AM
Subject: Re:  Bugzilla 2.17.5

On 16 Jul 2003 at 04:44:54, Madhava_Challa moved bits on my disk to say:

> Thanks. Will the e-mail notifations be easily accomplishable by
setting
> any triggers at the database level.. 

Maybe.

That's, of course, not the right way to do it, but I suppose, as a
super-hack, it would work.

> I am not familiar with MYSQL but more saying this from an
Oracle/Sybase
> background.. Something I can ask one of my developers in my team to
build
> easily ?

"MySQL" and "triggers" in the same sentence.

You're funny.

Later,
Paul
------------------------------------------------------------------------
J. Paul Reed -- 0xDF8708F8 || preed at sigkill.com || web.sigkill.com/preed
To hold on to sanity too tight is insane.   -- Nick Falzone, Pushing Tin

I use PGP; you should use PGP too... if only to piss off John Ashcroft
************************************************************************** 
This email (including any attachments) is intended for the sole use of the
intended recipient/s and may contain material that is CONFIDENTIAL AND
PRIVATE COMPANY INFORMATION. Any review or reliance by others or copying or
distribution or forwarding of any or all of the contents in this message is
STRICTLY PROHIBITED. If you are not the intended recipient, please contact
the sender by email and delete all copies; your cooperation in this regard
is appreciated.
**************************************************************************


From Harikrishnan_Nair at satyam.com  Wed Jul 16 12:48:56 2003
From: Harikrishnan_Nair at satyam.com (Harikrishnan_Nair at satyam.com)
Date: Wed, 16 Jul 2003 18:18:56 +0530
Subject: Regarding Bugzilla Ntsendmail
Message-ID: <7FF62A49079FD511B14400065B19EF1203D8E5FC@cpr.satyam.com>


Hi All,

           I have installed bugzilla in windows.. .. But when i tried to
create account , account is getting created and message of email has been
seen to the receipts is displayed. But when i check my mail account, there
is no account... Can help me in sovling this problem. is it something
ntsendmail configuration error.. and how can i solve that.. pls response....


with regards
Hari
************************************************************************** 
This email (including any attachments) is intended for the sole use of the
intended recipient/s and may contain material that is CONFIDENTIAL AND
PRIVATE COMPANY INFORMATION. Any review or reliance by others or copying or
distribution or forwarding of any or all of the contents in this message is
STRICTLY PROHIBITED. If you are not the intended recipient, please contact
the sender by email and delete all copies; your cooperation in this regard
is appreciated.
**************************************************************************


From bugreport at peshkin.net  Wed Jul 16 13:06:50 2003
From: bugreport at peshkin.net (Joel Peshkin)
Date: Wed, 16 Jul 2003 06:06:50 -0700
Subject: Bugzilla 2.17.5
In-Reply-To: <B0CB4AC5A2BBD51195E800E018C1920F013F590F@onsite.satyam.com>
References: <B0CB4AC5A2BBD51195E800E018C1920F013F590F@onsite.satyam.com>
Message-ID: <3F154DEA.6040705@peshkin.net>

Madhava_Challa wrote:

>Thanks. Will the e-mail notifations be easily accomplishable by setting any
>triggers at the database level.. I am not familiar with MYSQL but more
>saying this from an Oracle/Sybase background.. Something I can ask one of my
>developers in my team to build easily ?
>
>Let me know what anyone's gut feel is..
>  
>
Unfortunately, it is not a simple feature to do in a way that takes 
security and scalability into account as well as being straightforward 
to administer.  The problem is not terribly database-centric.  It just 
takes a lot of attention to detail and perl coding.

As is evident from the previous thread, a lot of the developers would be 
very happy to see this done, but nobody has been able to make the time 
to do so.

It is the kind of feature that can be done by a quick hack for a site, 
but doing it *right* so it can be merged into the main code is a lot of 
work.  If you have a developer available who is willing to learn the 
structure of Bugzilla and implement this, the help would be very welcome 
and I am sure that a number of the existing developers will be happy to 
coach and review.  You should be prepared for the real patch to take 
about 10x the amount of work a sophisticated hack would take, especially 
for a programmer's first contribution. (Contributing to peer-reviewed 
projects requires a non-fragile ego)

-Joel




From rlb at defaultvalue.org  Wed Jul 16 14:45:17 2003
From: rlb at defaultvalue.org (Rob Browning)
Date: Wed, 16 Jul 2003 09:45:17 -0500
Subject: capabilities of forthcoming group changes
In-Reply-To: <3F0B4478.7000103@peshkin.net> (Joel Peshkin's message of "Tue,
 08 Jul 2003 15:23:52 -0700")
References: <87y8zagjvm.fsf@raven.i.defaultvalue.org>
	<a06001203bb2f8a38f225@[192.168.1.204]>
	<a06001204bb2f8ec302e1@[192.168.1.204]>
	<8765mdhb2b.fsf@raven.i.defaultvalue.org>
	<3F0B3E64.4070509@mozilla.org> <3F0B4478.7000103@peshkin.net>
Message-ID: <87wueifs3m.fsf@raven.i.defaultvalue.org>

Joel Peshkin <bugreport at peshkin.net> writes:

> It is actually possible to set the group controls so that, for
> product "foo", a group for which neither group of clients is a
> member is Default/Mandatory.  This will mean that only the reporter
> and your own staff will be able to see a bug unless someone on your
> staff goes in and changes the permissions to allow the rest of the
> client group to see it.

OK, so I played around with this a bit more, and if I understood you
correctly, it won't work, at least not the way I thought you meant.

If you create a product foo, and a group "incoming" that's
Default/Mandatory for foo, but that none of the clients are a member
of, then none of the clients seem to be able to submit a bug to foo.
It's not offered as a product when creating a new bug -- I presume
this is because enter_bug.cgi is checking to see that the user has
permission for all the mandatory groups for a given product (in this
case including the incoming group).

-- 
Rob Browning
rlb @defaultvalue.org and @debian.org; previously @cs.utexas.edu
GPG starting 2002-11-03 = 14DD 432F AE39 534D B592  F9A0 25C8 D377 8C7E 73A4


From bugreport at peshkin.net  Wed Jul 16 16:39:28 2003
From: bugreport at peshkin.net (Joel Peshkin)
Date: Wed, 16 Jul 2003 09:39:28 -0700
Subject: capabilities of forthcoming group changes
In-Reply-To: <87wueifs3m.fsf@raven.i.defaultvalue.org>
References: <87y8zagjvm.fsf@raven.i.defaultvalue.org>	<a06001203bb2f8a38f225@[192.168.1.204]>	<a06001204bb2f8ec302e1@[192.168.1.204]>	<8765mdhb2b.fsf@raven.i.defaultvalue.org>	<3F0B3E64.4070509@mozilla.org> <3F0B4478.7000103@peshkin.net> <87wueifs3m.fsf@raven.i.defaultvalue.org>
Message-ID: <3F157FC0.2080609@peshkin.net>

Rob Browning wrote:

>If you create a product foo, and a group "incoming" that's
>Default/Mandatory for foo, but that none of the clients are a member
>of, then none of the clients seem to be able to submit a bug to foo.
>It's not offered as a product when creating a new bug -- I presume
>this is because enter_bug.cgi is checking to see that the user has
>permission for all the mandatory groups for a given product (in this
>case including the incoming group).
>
>  
>
I suspect that product "foo" is resticting ENTRY to some group of which 
your people are not a member. 





From Harikrishnan_Nair at satyam.com  Wed Jul 16 17:08:27 2003
From: Harikrishnan_Nair at satyam.com (Harikrishnan_Nair at satyam.com)
Date: Wed, 16 Jul 2003 22:38:27 +0530
Subject: Regarding Email Sending in Bugzilla
Message-ID: <7FF62A49079FD511B14400065B19EF1203D8E6BE@cpr.satyam.com>

Hi All,

           I have installed bugzilla in windows.. .. But when i tried to
create account , account is getting created and message of email has been
seen to the receipts is displayed. But when i check my mail account, there
is no account... Can help me in sovling this problem. is it something
ntsendmail configuration error.. and how can i solve that.. pls response....


with regards
Hari

************************************************************************** 
This email (including any attachments) is intended for the sole use of the
intended recipient/s and may contain material that is CONFIDENTIAL AND
PRIVATE COMPANY INFORMATION. Any review or reliance by others or copying or
distribution or forwarding of any or all of the contents in this message is
STRICTLY PROHIBITED. If you are not the intended recipient, please contact
the sender by email and delete all copies; your cooperation in this regard
is appreciated.
**************************************************************************


From rlb at defaultvalue.org  Wed Jul 16 17:39:45 2003
From: rlb at defaultvalue.org (Rob Browning)
Date: Wed, 16 Jul 2003 12:39:45 -0500
Subject: capabilities of forthcoming group changes
In-Reply-To: <3F157FC0.2080609@peshkin.net> (Joel Peshkin's message of "Wed,
 16 Jul 2003 09:39:28 -0700")
References: <87y8zagjvm.fsf@raven.i.defaultvalue.org>
	<a06001203bb2f8a38f225@[192.168.1.204]>
	<a06001204bb2f8ec302e1@[192.168.1.204]>
	<8765mdhb2b.fsf@raven.i.defaultvalue.org>
	<3F0B3E64.4070509@mozilla.org> <3F0B4478.7000103@peshkin.net>
	<87wueifs3m.fsf@raven.i.defaultvalue.org>
	<3F157FC0.2080609@peshkin.net>
Message-ID: <87adbee5ge.fsf@raven.i.defaultvalue.org>

Joel Peshkin <bugreport at peshkin.net> writes:

> I suspect that product "foo" is resticting ENTRY to some group of
> which your people are not a member. -

Ahh, I did have that set wrong.  Now the "incoming" group works as you
described (thanks), but unfortunately, people in client-a or client-b
can still remove the bug from their group when editing the bug and
thus make it visible to all members of product-foo.

Thinking a bit more about it, is there any setting like "mandatory if
member"?  i.e. the ability to say that for product foo, group client-a
is mandatory if the user is a member of client-a?

It seems like such a setting might solve the client-a/client-b
situation as long as a given user couldn't be associated with multiple
clients.  For example, for product foo you'd have:

  client-a: Mandatory-if-member
  client-b: Mandatory-if-member
  product-foo: ENTRY Mandatory/Mandatory CANEDIT

Then whenever a user submits a bug, it would automatically be assigned
both the product-foo group and the user's respective client group.
After that, people in client-* should only be able to see product-foo
bugs that were submitted by someone in their respective client group,
and they wouldn't be able to change the client-* group assignments.

-- 
Rob Browning
rlb @defaultvalue.org and @debian.org; previously @cs.utexas.edu
GPG starting 2002-11-03 = 14DD 432F AE39 534D B592  F9A0 25C8 D377 8C7E 73A4


From justdave at syndicomm.com  Wed Jul 16 17:38:11 2003
From: justdave at syndicomm.com (David Miller)
Date: Wed, 16 Jul 2003 13:38:11 -0400
Subject: Regarding Email Sending in Bugzilla
In-Reply-To: <7FF62A49079FD511B14400065B19EF1203D8E6BE@cpr.satyam.com>
References: <7FF62A49079FD511B14400065B19EF1203D8E6BE@cpr.satyam.com>
Message-ID: <a06001a02bb3b3dca28fd@[192.168.1.204]>

On 7/16/2003 10:38 PM +0530, Harikrishnan_Nair at satyam.com wrote:

>            I have installed bugzilla in windows.. .. But when i tried to
> create account , account is getting created and message of email has been
> seen to the receipts is displayed. But when i check my mail account, there
> is no account... Can help me in sovling this problem. is it something
> ntsendmail configuration error.. and how can i solve that.. pls response....

This would be better answered on the mozilla-webtools mailing list (see
http://www.bugzilla.org/discussion.html ) which is the list for end-user
and administrator support.
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/


From jocuri at softhome.net  Wed Jul 16 19:36:29 2003
From: jocuri at softhome.net (vladd)
Date: Wed, 16 Jul 2003 22:36:29 +0300
Subject: Another checkin
Message-ID: <200307162236.29999.jocuri@softhome.net>

Hello,

http://bugzilla.mozilla.org/show_bug.cgi?id=147480 has review and approval, if 
anybody feels like checking in, please do.

Thanks,
Vlad.


From jamie.abellera at misys.com  Thu Jul 17 00:41:33 2003
From: jamie.abellera at misys.com (Abellera, Jamie)
Date: Thu, 17 Jul 2003 08:41:33 +0800
Subject: need help in bugzilla installation
Message-ID: <79F6017ACC12D511880B00B0D0784A6B0329DB98@REDWOOD>

Hi!
I need help in installing Bugzilla in Linux.  These are the highlights of
what I've done:

	1) for mySQL Database:  
		- mysql is in the directory /usr/local/mysql with root as
user and bugzilla as password
		- I made a database called bugz
		- I granted select, insert, update, delete, index, alter,
create, drop and references privileges on bugz.* to root at localhost
identified by 'bugzilla' password

	2) for Perl:
		- I installed perl modules, Bundle::Bugzilla (minimum
version) in /var/www/bugzilla
		- I changed some configurations in the localconfig file:
			$index.html = 1

			$mysqlpath = "/usr/bin"
			$db_host - "localhost"
			$db_port = 3306
			$db_name = "bugz"
			$db_user = "root"
			$db_pass = 'bugzilla'
		- when I run the checksetup.pl in the bugzilla directory,
everything seems alright - mySQL tables were created and all perl modules
were found.

	3) for Apache Server
		- Apache is in /etc/httpd
		- I changed some setting in the httpd.conf file: 
			Listen 8080  		//I changed this because I'm
getting an error that 80, the default port, is already in use
			DocumentRoot "/var/www/bugzilla"
			<Directory />
				Options FollowSymLinks
				AllowOverride None
			</Directory>
			<Directory "/var/www/bugzilla">
				Options Indexes FollowSymLinks
				AllowOverride None
				Order allow, deny
				Allow from all
			</Directory>
			ScriptAlias /cgi-bin/ "/var/www/cgi-bin"
			<Directory "/var/www/cgi-bin">
				AllowOverride None
				Options None
				Order allow, deny
				Allow from all
			</Directory>
			
			NOTE that the User and Group in this file are both
apache.

		- in the console, I started Apache and it was running ok
		- in the Mozilla browser, I was able to see the test page of
Apache before which means that the server was running.  However, I cannot
see the bugzilla 			homepage when I go to
http://localhost:8080/bugzilla/.  I always get the Object Not Found error.
How do I access the bugzilla homepage?
		- I've been experimenting and tried to reinstall the
modules... now, I am getting an Access Forbidden error when I go to
http://localhost:8080 and test 			Apache.  I assume it is a
permission error.  How do I fix this? 
		- note that for the bugzilla directory tags in httpd.conf, I
also tried it without the FollowSymLinks option.  I still get the same
errors. 

	I would appreciate any help from you guys.  

Thanks!
Jamie




From justdave at syndicomm.com  Thu Jul 17 01:04:50 2003
From: justdave at syndicomm.com (David Miller)
Date: Wed, 16 Jul 2003 21:04:50 -0400
Subject: need help in bugzilla installation
In-Reply-To: <79F6017ACC12D511880B00B0D0784A6B0329DB98@REDWOOD>
References: <79F6017ACC12D511880B00B0D0784A6B0329DB98@REDWOOD>
Message-ID: <a06001a02bb3ba6301913@[192.168.1.204]>

On 7/17/2003 8:41 AM +0800, Abellera, Jamie wrote:

> I need help in installing Bugzilla in Linux.

Installation/support questions belong on the mozilla-webtools mailing list (see
http://www.bugzilla.org/discussion.html ).  I'll reply to this message there.
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/


From gerv at mozilla.org  Thu Jul 17 16:51:01 2003
From: gerv at mozilla.org (Gervase Markham)
Date: Thu, 17 Jul 2003 17:51:01 +0100
Subject: Bugzilla 2.17.5
In-Reply-To: <a06001a07bb3aba054688@[192.168.1.204]>
References: <a06001a07bb3aba054688@[192.168.1.204]>
Message-ID: <3F16D3F5.8010404@mozilla.org>

David Miller wrote:

> I just realized that we've gone almost 3 months since 2.17.4 was released.
> It's high time to start looking towards releasing a 2.17.5.  It would be
> cool to have the new MTA Config stuff included in it (bug 84876) if we can
> land that in the next week or so.

Yes, 2.17.5 sounds like a good idea. Hopefully, people can bang on the 
new reporting system :-)

We need to finish up the security fixes first, though. I did an 
uber-patch, but it got ignored for too long and now it's rotted :-(

Gerv




From etzwane at schwag.org  Fri Jul 18 01:07:14 2003
From: etzwane at schwag.org (Sean McAfee)
Date: Thu, 17 Jul 2003 21:07:14 -0400
Subject: Newer custom fields patch
Message-ID: <20030718010714.ED9D3BD81@diggity.schwag.org>

Attached is a patch against bugzilla-2.17.4 that provides custom field
capabilities.  It's the same as my previous custom fields patch, with the
addition of query functionality.

Querying custom fields using boolean charts is not yet possible, but it
shouldn't be too difficult to add.

All of my previous comments/warnings apply.  Comments welcome.


-- 
Sean McAfee -- etzwane at schwag.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: custom-fields-patch.gz
Type: application/octet-stream
Size: 28849 bytes
Desc: not available
URL: <http://lists.bugzilla.org/pipermail/developers/attachments/20030717/05db6842/attachment.obj>

From justdave at syndicomm.com  Fri Jul 18 01:49:15 2003
From: justdave at syndicomm.com (David Miller)
Date: Thu, 17 Jul 2003 21:49:15 -0400
Subject: Newer custom fields patch
In-Reply-To: <20030718010714.ED9D3BD81@diggity.schwag.org>
References: <20030718010714.ED9D3BD81@diggity.schwag.org>
Message-ID: <a06001a0cbb3d0220a600@[192.168.1.204]>

On 7/17/2003 9:07 PM -0400, Sean McAfee wrote:

> Querying custom fields using boolean charts is not yet possible, but it
> shouldn't be too difficult to add.

That's interesting, since everything else on the query page is treated as a
boolean chart internally, and all the form fields get converted to a chart
on the back end before processing.  Is it just because the field names
don't show up in the field popup menu or something?  If that's the case, we
probably need to redo the back end of how the field list for those popups
is generated.  I'm pretty sure right now it's hard-coded in query.cgi and
colchange.cgi...
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/


From etzwane at schwag.org  Fri Jul 18 07:47:50 2003
From: etzwane at schwag.org (Sean McAfee)
Date: Fri, 18 Jul 2003 03:47:50 -0400
Subject: Newer custom fields patch
In-Reply-To: <a06001a0cbb3d0220a600@[192.168.1.204]>
Message-ID: <20030718074750.49B64BD81@diggity.schwag.org>

David Miller <justdave at syndicomm.com> wrote:
>On 7/17/2003 9:07 PM -0400, Sean McAfee wrote:
>> Querying custom fields using boolean charts is not yet possible, but it
>> shouldn't be too difficult to add.

>That's interesting, since everything else on the query page is treated as a
>boolean chart internally, and all the form fields get converted to a chart
>on the back end before processing.  Is it just because the field names
>don't show up in the field popup menu or something?

Yep.  Data from the custom field CGI elements is converted to a boolean
chart internally, just like data from the standard field elements is; in
fact, they share the same chart.  You just can't build a boolean chart that
refers to custom fields manually (ie, from a browser) yet.

By the way, the custom field elements disappear and reappear in response to
the user's product selection, or at least they do if JavaScript is enabled
and the browser implements a sufficiently recent version of CSS.  It's
pretty nifty, if I do say so myself.

>If that's the case, we
>probably need to redo the back end of how the field list for those popups
>is generated.  I'm pretty sure right now it's hard-coded in query.cgi and
>colchange.cgi...

I think that's right.  Unfortunately, I can't think of an elegant way to
make the popups respond to the user's product selection, the way the fixed
form elements do.  It seems that every custom field will have to be present
in every field popup, whether they belong to the selected product(s) or not.

-- 
Sean McAfee -- etzwane at schwag.org


From mark.ingram at nexsan.com  Fri Jul 18 16:07:46 2003
From: mark.ingram at nexsan.com (Mark Ingram)
Date: Fri, 18 Jul 2003 17:07:46 +0100
Subject: Modification to Bugzilla
Message-ID: <AGEMJAKEHMBHDLCOCBECIEAPCAAA.mark.ingram@nexsan.com>

Hi,

I work for a company who have recently started using Bugzilla to track their
bugs. I have recently been tasked with making some changes to the way the
system operates so we can make it more flexible for ourselves.

Some of these changes require editing of the CGI.pl and other generic files.
Examples of these are:

Not allowing unregistered or non-logged in users to view the buglist or
reports.
Not allowing anyone to create a new account accept the administrator.
Only allowing a user to belong to one user group at a time.

These are only minor aspects of the project, as the end goal is to add a
regression testing system module to Bugzilla. This means adding a test for
confirming each bug has been fixed and then generating a random list of
tests for our technicians to carry out.

I have started making these modifications and have tried to observe the
developers guidelines, but ultimately would like to know if these
modifications are going to be of interest to the Bugzilla community. i.e. In
one way or another would you be interested in receiving these modifications
after completion or are they too customised for our own use?

Best Regards,

Mark Ingram
Software Engineer
Nexsan Technologies
33 - 35 Parker Centre
Mansfield Road
Derby
DE21 4SZ



From jocuri at softhome.net  Fri Jul 18 16:33:21 2003
From: jocuri at softhome.net (jocuri at softhome.net)
Date: Fri, 18 Jul 2003 10:33:21 -0600
Subject: Modification to Bugzilla
Message-ID: <courier.3F182151.00006345@softhome.net>

Hello Mark, 

> In one way or another would you be interested in receiving these
> modifications after completion or are they too customised for our own use?

Generally speaking we're always happy to receive code from other Bugzilla 
installations and to evaluate the opportunity to integrate it into our 
code-line. 

Module owners have the final authority into what goes in and what does not 
(unless contradicted by Dave), so there is no blank approval that we can 
give for those features at this moment. However, they all seem interesting 
to me, and I'm sure the Bugzilla module owners will be more than happy to 
evaluate for each one of this, individually, the opportunity to integrate 
it. 

If you want to see that code integrated into Bugzilla, the best approach 
would be to start a bug for each one of the features, and to attach a patch 
with your suggested changes, requesting review for it. Of course if you can 
find a bug on the same subject, you should use that one instead of opening a 
new one etc. You can find more details on the "How you can help" page at
http://bugzilla.org/how_to_help.html . 

In the end I'd like to express my thanks for taking up on this and for 
sharing back the code changes performed at your Bugzilla installation. 
Working in a peer-reviewed environment can be quite different compared to 
other development styles, but integrating back those changes in the Bugzilla
code-line has the opportunity to bring this product to the next level, for 
both the enterprise-level and the open-source communities. 

Thanks,
Vlad. 

On Friday 18 July 2003 07:07 pm, you wrote:
> Hi, 
>
> I work for a company who have recently started using Bugzilla to track
> their bugs. I have recently been tasked with making some changes to the way
> the system operates so we can make it more flexible for ourselves. 
>
> Some of these changes require editing of the CGI.pl and other generic
> files. Examples of these are: 
>
> Not allowing unregistered or non-logged in users to view the buglist or
> reports.
> Not allowing anyone to create a new account accept the administrator.
> Only allowing a user to belong to one user group at a time. 
>
> These are only minor aspects of the project, as the end goal is to add a
> regression testing system module to Bugzilla. This means adding a test for
> confirming each bug has been fixed and then generating a random list of
> tests for our technicians to carry out. 
>
> I have started making these modifications and have tried to observe the
> developers guidelines, but ultimately would like to know if these
> modifications are going to be of interest to the Bugzilla community. i.e. 
>
> Best Regards, 
>
> Mark Ingram
> Software Engineer
> Nexsan Technologies
> 33 - 35 Parker Centre
> Mansfield Road
> Derby
> DE21 4SZ


From justdave at syndicomm.com  Fri Jul 18 16:40:42 2003
From: justdave at syndicomm.com (David Miller)
Date: Fri, 18 Jul 2003 12:40:42 -0400
Subject: Modification to Bugzilla
In-Reply-To: <AGEMJAKEHMBHDLCOCBECIEAPCAAA.mark.ingram@nexsan.com>
References: <AGEMJAKEHMBHDLCOCBECIEAPCAAA.mark.ingram@nexsan.com>
Message-ID: <a06001a12bb3dd2807d14@[192.168.1.204]>

On 7/18/2003 5:07 PM +0100, Mark Ingram wrote:

> Some of these changes require editing of the CGI.pl and other generic files.
> Examples of these are:
>
> Not allowing unregistered or non-logged in users to view the buglist or
> reports.
> Not allowing anyone to create a new account accept the administrator.
> Only allowing a user to belong to one user group at a time.

Bugzilla 2.17.x already does the first two of these three.  Look for
"requirelogin" and "createemailregexp" in the params.

The third requires quite a bit of hacking (I've already done that for
Zippy's Bugzilla because they wanted that, too), but it can be done.
editusers is the main place you have to touch (so that editing a user
enforces it).  You also have to make sure editusers make a really clear
distinction between permission groups and bug/role groups.  Forcing a
person to only be in one permission group would put a serious kink in their
capabilities while using the system. :-)  The group inheritance stuff in
2.17.1 and up made this really easy because we could create a top-level set
of groups that would be the ones chosen from the editusers interface by the
admin, and lower-level groups to define the users permissions which were
inherited by the choice made by the admin.

-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/


From kiko at async.com.br  Fri Jul 18 16:48:14 2003
From: kiko at async.com.br (Christian Reis)
Date: Fri, 18 Jul 2003 13:48:14 -0300
Subject: Modification to Bugzilla
In-Reply-To: <AGEMJAKEHMBHDLCOCBECIEAPCAAA.mark.ingram@nexsan.com>
References: <AGEMJAKEHMBHDLCOCBECIEAPCAAA.mark.ingram@nexsan.com>
Message-ID: <20030718164814.GH1158@async.com.br>

On Fri, Jul 18, 2003 at 05:07:46PM +0100, Mark Ingram wrote:
> Not allowing unregistered or non-logged in users to view the buglist or
> reports.
> Not allowing anyone to create a new account accept the administrator.
> Only allowing a user to belong to one user group at a time.

Doesn't the `recent' bug groups changes allow for this (or does it just
make it easier/possible to add?).

> These are only minor aspects of the project, as the end goal is to add a
> regression testing system module to Bugzilla. This means adding a test for
> confirming each bug has been fixed and then generating a random list of
> tests for our technicians to carry out.

This is pretty neat. I'm trying to think how easily this could fit in
show_bug.cgi. A special flag to attachments, maybe ([x] Testcase).

Has anybody ever considered ideas to make show_bug.cgi more `scalable'
wrt to features and fields? The current layout is quite a bit
constrictive, and it's not easy to imaging fitting extra features into
it without hurting overall usability further (it is scary as it is!).

> I have started making these modifications and have tried to observe the
> developers guidelines, but ultimately would like to know if these
> modifications are going to be of interest to the Bugzilla community. i.e. In
> one way or another would you be interested in receiving these modifications
> after completion or are they too customised for our own use?

Easiest way is to open small bugs and provide patches for them. The more
limited the impact of the change, the easier it is to get review of it
[*] -- simple patches should go in in a week or so if approved.

[*] Speaking honestly, in practice, large, sweeping changes take ages to
discuss, months to review, and require the person coding involve himself
rather intensely -- it's like getting a dayjob :-) I'm not meaning to
dissuade you, just helping you understand the commitment.

Take care,
--
Christian Reis, Senior Engineer, Async Open Source, Brazil.
http://async.com.br/~kiko/ | [+55 16] 261 2331 | NMFL


From gerv at mozilla.org  Mon Jul 21 21:39:53 2003
From: gerv at mozilla.org (Gervase Markham)
Date: Mon, 21 Jul 2003 22:39:53 +0100
Subject: Modification to Bugzilla
In-Reply-To: <20030718164814.GH1158@async.com.br>
References: <AGEMJAKEHMBHDLCOCBECIEAPCAAA.mark.ingram@nexsan.com> <20030718164814.GH1158@async.com.br>
Message-ID: <3F1C5DA9.2040106@mozilla.org>

Christian Reis wrote:
> Has anybody ever considered ideas to make show_bug.cgi more `scalable'
> wrt to features and fields? The current layout is quite a bit
> constrictive, and it's not easy to imaging fitting extra features into
> it without hurting overall usability further (it is scary as it is!).

Yes - ditch Netscape 4.x support, and move to a CSS-based layout which 
allows you to show/hide individual fields without ripping the page 
apart. This would also allow people to configure Bugzilla to show only 
the fields they wanted (Developer view, QA view, manager view.)

This is all dreaming, of course :-)

Gerv



From gerv at mozilla.org  Mon Jul 21 22:12:37 2003
From: gerv at mozilla.org (Gervase Markham)
Date: Mon, 21 Jul 2003 23:12:37 +0100
Subject: Animated bug
Message-ID: <3F1C6555.1040705@mozilla.org>

Check it out - from one of the Bugzillas I got sent after the 
installation list link made the front page of www.mozilla.org.

It takes a while to load, though - it's 150k.

http://bugzilla.usmedia.nl/gfx/bug.gif

Gerv



From kiko at async.com.br  Mon Jul 21 22:13:37 2003
From: kiko at async.com.br (Christian Reis)
Date: Mon, 21 Jul 2003 19:13:37 -0300
Subject: Modification to Bugzilla
In-Reply-To: <3F1C5DA9.2040106@mozilla.org>
References: <AGEMJAKEHMBHDLCOCBECIEAPCAAA.mark.ingram@nexsan.com> <20030718164814.GH1158@async.com.br> <3F1C5DA9.2040106@mozilla.org>
Message-ID: <20030721221337.GE2750@async.com.br>

On Mon, Jul 21, 2003 at 10:39:53PM +0100, Gervase Markham wrote:
> Christian Reis wrote:
> >Has anybody ever considered ideas to make show_bug.cgi more `scalable'
> >wrt to features and fields? The current layout is quite a bit
> >constrictive, and it's not easy to imaging fitting extra features into
> >it without hurting overall usability further (it is scary as it is!).
> 
> Yes - ditch Netscape 4.x support, and move to a CSS-based layout which 
> allows you to show/hide individual fields without ripping the page 
> apart. This would also allow people to configure Bugzilla to show only 
> the fields they wanted (Developer view, QA view, manager view.)

I was thinking more in the lines of ripping the page apart; I'd prefer
that to configuring what bits you want to show. I think the page is
complex enough to warrant some serious UI reconsidering, and we haven't
done enough of that.

I think the fact that there is a lot of data on that form is not a bug
(and not going away), and offering a good, structured UI to display it
is more important than prefing away bits you don't want to look at right
now (since that can change arbitrarily).

But maybe we are agreeing, actually. So you suggest a layout that would
allow us to show and hide bits dynamically? Something like "disclosure
triangles"?

I was thinking of a way to reorganize that data in a way it was easier
to find. People have already suggested moving to Redhat's layout for
show_bug.cgi which I do like (over our default layout). I think more in
that line could make sense.

       Bug 343455: [ show_bug.cgi needs better UI       ]  *_Add Alias*
          Product: [ Bugzilla    |v]       Component: [ Bugzilla-General     |v]

         Reporter: Christian Reis <kiko at async.com.br>
      Assigned to: [ <gerv at gerv.net> ]    QA Contact: [ <matty at chariot.net.au> ]

  ---   Initial report  ---
   ...
  ---  Comments section ---
   ... 
   ...
   ...
  --- /Comments section ---

  Additional Comment:
  |
  |
  '------------------------

  [>] Platform and Version Details
  [v] Bug Scheduling
         Priority: P1    Severity: Blocker    Target: [ Bugzilla 2.19        |v]
  [>] CC List
  [>] Attachments
  [>] Dependency Details
  [>] Flags and Votes

  < > Resolve as [      |v] < > Reopen < > Verify < > Close < > Dupe: [       ]

  (( Commit ))

Sure, it takes a long time to scroll to be bottom, but:

    a) <Enter> in a textfield commits (and expert users know it)
    b) Non-experts end up reading all the comments and avoid adding a
       "me too".

One thing I do say: I think that page is *far* too verbose. "Mark bug as
Verified" could really become "Verify" with improved understandability.

Take care,
--
Christian Reis, Senior Engineer, Async Open Source, Brazil.
http://async.com.br/~kiko/ | [+55 16] 261 2331 | NMFL


From myk at mozilla.org  Tue Jul 22 00:43:19 2003
From: myk at mozilla.org (Myk Melez)
Date: Mon, 21 Jul 2003 17:43:19 -0700
Subject: Modification to Bugzilla
In-Reply-To: <20030721221337.GE2750@async.com.br>
References: <AGEMJAKEHMBHDLCOCBECIEAPCAAA.mark.ingram@nexsan.com> <20030718164814.GH1158@async.com.br> <3F1C5DA9.2040106@mozilla.org> <20030721221337.GE2750@async.com.br>
Message-ID: <3F1C88A7.2030502@mozilla.org>

Christian Reis wrote:

>I was thinking more in the lines of ripping the page apart; I'd prefer
>that to configuring what bits you want to show. I think the page is
>complex enough to warrant some serious UI reconsidering, and we haven't
>done enough of that.
>  
>
Note the work that mpt has already done in this regard.

>I think the fact that there is a lot of data on that form is not a bug
>(and not going away), and offering a good, structured UI to display it
>is more important than prefing away bits you don't want to look at right
>now (since that can change arbitrarily).
>
>But maybe we are agreeing, actually. So you suggest a layout that would
>allow us to show and hide bits dynamically? Something like "disclosure
>triangles"?
>  
>
I think Gerv means something like my.netscape.com, which has blocks of 
content you can selectively remove or minimize.

http://my.netscape.com/

-myk




From bbaetz at acm.org  Tue Jul 22 09:18:39 2003
From: bbaetz at acm.org (Bradley Baetz)
Date: Tue, 22 Jul 2003 19:18:39 +1000
Subject: Modification to Bugzilla
In-Reply-To: <3F1C5DA9.2040106@mozilla.org>
References: <AGEMJAKEHMBHDLCOCBECIEAPCAAA.mark.ingram@nexsan.com> <20030718164814.GH1158@async.com.br> <3F1C5DA9.2040106@mozilla.org>
Message-ID: <20030722091839.GA1252@mango.home>

On Mon, Jul 21, 2003 at 10:39:53PM +0100, Gervase Markham wrote:
> Yes - ditch Netscape 4.x support, and move to a CSS-based layout which 
> allows you to show/hide individual fields without ripping the page 
> apart. This would also allow people to configure Bugzilla to show only 
> the fields they wanted (Developer view, QA view, manager view.)

the problem is that we can't ditch ns4 support without ditching support
for lynx and screen readers. I'd love to drop ns4 support, but thats
not the only reason we're not using CSS

Bradley


From preed at sigkill.com  Tue Jul 22 10:38:08 2003
From: preed at sigkill.com (J. Paul Reed)
Date: Tue, 22 Jul 2003 03:38:08 -0700
Subject: Modification to Bugzilla
In-Reply-To: <20030722091839.GA1252@mango.home>; from bbaetz@acm.org on Tue, Jul 22, 2003 at 07:18:39PM +1000
References: <AGEMJAKEHMBHDLCOCBECIEAPCAAA.mark.ingram@nexsan.com> <20030718164814.GH1158@async.com.br> <3F1C5DA9.2040106@mozilla.org> <20030722091839.GA1252@mango.home>
Message-ID: <20030722033808.B6671@sigkill.com>

On 22 Jul 2003 at 19:18:39, Bradley Baetz moved bits on my disk to say:

> the problem is that we can't ditch ns4 support without ditching support
> for lynx and screen readers. I'd love to drop ns4 support, but thats not
> the only reason we're not using CSS

Yeah, but supporting ns4, lynx, and screen readers aren't a good enough
reason to NOT use CSS.

I would love to see 2.18 come out with spiffy new "enterprise" looking
(and yes, I hate that buzzword too) search/show_bug/attachments pages. It's
stupid, but non-techy business people like flashy interface. Do we have any
interface developers on the project?

>From a project standpoint, one of the reasons all that work implementing TT
was done was for exactly this contingency: so we *can* support lynx and
screen readers, and yet still develop a clearer interface that doesn't look
like ass.

One the largest complaints I hear "on the street" about Bugzilla is it's
"too complicated (looking)" to use; "too much information for n00bs to be
able to use it."

I have to say I agree with them...

Later,
Paul
------------------------------------------------------------------------
J. Paul Reed -- 0xDF8708F8 || preed at sigkill.com || web.sigkill.com/preed
To hold on to sanity too tight is insane.   -- Nick Falzone, Pushing Tin

I use PGP; you should use PGP too... if only to piss off John Ashcroft


From mark.ingram at nexsan.com  Tue Jul 22 11:43:29 2003
From: mark.ingram at nexsan.com (Mark Ingram)
Date: Tue, 22 Jul 2003 12:43:29 +0100
Subject: CVS
Message-ID: <AGEMJAKEHMBHDLCOCBECKEBJCAAA.mark.ingram@nexsan.com>

Hi,

Im having trouble downloading the source code with CVS, i know this isnt
really a development type question but thought you might be able to help.

Whenever i try to connect to the CVS server i get a connection refused, now
i thought this may be our firewall but the technician says port 2401 is open
to outgoing connections. Does it need another port for incoming connections
or does 2401 need to be open for incoming?

telnet cvs-mirror.mozilla.org 2401
Connecting To cvs-mirror.mozilla.org...Could not open connection to the
host, on
 port 2401: Connect failed


I get the same messages in CVS.
Also i just wanted to check that you are able to login to the CVS
sucessfully and it wasnt a generic problem everyone is having.

Thanks for your time

Mark
Nexsan Technologies




From preed at sigkill.com  Tue Jul 22 12:02:29 2003
From: preed at sigkill.com (J. Paul Reed)
Date: Tue, 22 Jul 2003 05:02:29 -0700
Subject: CVS
In-Reply-To: <AGEMJAKEHMBHDLCOCBECKEBJCAAA.mark.ingram@nexsan.com>; from mark.ingram@nexsan.com on Tue, Jul 22, 2003 at 12:43:29PM +0100
References: <AGEMJAKEHMBHDLCOCBECKEBJCAAA.mark.ingram@nexsan.com>
Message-ID: <20030722050229.D6671@sigkill.com>

On 22 Jul 2003 at 12:43:29, Mark Ingram moved bits on my disk to say:

> Im having trouble downloading the source code with CVS, i know this isnt
> really a development type question but thought you might be able to help.

Post questions like these to the newsgroup; instructions how at
http://www.bugzilla.org/discussion.html

> telnet cvs-mirror.mozilla.org 2401
> Connecting To cvs-mirror.mozilla.org...Could not open connection to the
> host, on
>  port 2401: Connect failed

[preed at moby preed]$ telnet cvs-mirror.mozilla.org 2401
Trying 207.200.81.214...
Connected to tegu.mozilla.org.
Escape character is '^]'.
^]
telnet> cl
Connection closed.

Later,
Paul
------------------------------------------------------------------------
J. Paul Reed -- 0xDF8708F8 || preed at sigkill.com || web.sigkill.com/preed
To hold on to sanity too tight is insane.   -- Nick Falzone, Pushing Tin

I use PGP; you should use PGP too... if only to piss off John Ashcroft


From kiko at async.com.br  Tue Jul 22 12:17:08 2003
From: kiko at async.com.br (Christian Reis)
Date: Tue, 22 Jul 2003 09:17:08 -0300
Subject: CVS
In-Reply-To: <20030722050229.D6671@sigkill.com>
References: <AGEMJAKEHMBHDLCOCBECKEBJCAAA.mark.ingram@nexsan.com> <20030722050229.D6671@sigkill.com>
Message-ID: <20030722121708.GA709@async.com.br>

On Tue, Jul 22, 2003 at 05:02:29AM -0700, J. Paul Reed wrote:
> On 22 Jul 2003 at 12:43:29, Mark Ingram moved bits on my disk to say:
> 
> > Im having trouble downloading the source code with CVS, i know this isnt
> > really a development type question but thought you might be able to help.
> 
> Post questions like these to the newsgroup; instructions how at
> http://www.bugzilla.org/discussion.html

Reminding, also, to people that are newsgroup-shy: the newsgroup is
gatewayed to the mozilla-webtools at mozilla.org list, as the link above
explains. End-user questions ideally go there.

Take care,
--
Christian Reis, Senior Engineer, Async Open Source, Brazil.
http://async.com.br/~kiko/ | [+55 16] 261 2331 | NMFL


From myk at mozilla.org  Tue Jul 22 20:59:13 2003
From: myk at mozilla.org (Myk Melez)
Date: Tue, 22 Jul 2003 13:59:13 -0700
Subject: Modification to Bugzilla
In-Reply-To: <20030722091839.GA1252@mango.home>
References: <AGEMJAKEHMBHDLCOCBECIEAPCAAA.mark.ingram@nexsan.com> <20030718164814.GH1158@async.com.br> <3F1C5DA9.2040106@mozilla.org> <20030722091839.GA1252@mango.home>
Message-ID: <3F1DA5A1.8090400@mozilla.org>

Bradley Baetz wrote:

>On Mon, Jul 21, 2003 at 10:39:53PM +0100, Gervase Markham wrote:
>  
>
>>Yes - ditch Netscape 4.x support, and move to a CSS-based layout which 
>>allows you to show/hide individual fields without ripping the page 
>>apart. This would also allow people to configure Bugzilla to show only 
>>the fields they wanted (Developer view, QA view, manager view.)
>>    
>>
>
>the problem is that we can't ditch ns4 support without ditching support
>for lynx and screen readers. I'd love to drop ns4 support, but thats
>not the only reason we're not using CSS
>  
>
CSS was designed to degrade gracefully on browsers that don't support 
it, and that feature works pretty well, IMHO.  Obviously a CSSified 
version of of the bug editing form won't look as structured for NS4 
users as the current one, but it'll be readable and minimally usable, 
and that's what counts (when talking about a small minority of users).

There's an opportunity cost here, and we need to weigh the cost of 
making Bugzilla less usable for NS4 users against the benefit of making 
it more usable for the vast majority of users who are using CSS-capable 
browsers.  Note also that I would expect lynx to do quite well with a 
CSS-based layout.  I'm less sure about screen readers.

-myk

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bugzilla.org/pipermail/developers/attachments/20030722/901f5833/attachment.html>

From tsai_edward at yahoo.com  Wed Jul 23 00:57:30 2003
From: tsai_edward at yahoo.com (Edward Tsai)
Date: Tue, 22 Jul 2003 17:57:30 -0700 (PDT)
Subject: Database schema in other format
Message-ID: <20030723005730.26740.qmail@web41403.mail.yahoo.com>

hi,

is the database schema for bugzilla available in a
format other than jpeg (like visio), so that i can
easily edit it to do some bugzilla hack database
mappings?

thanks.

-edward

__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com


From Ron.Loxton at earthtech.ca  Wed Jul 23 02:36:01 2003
From: Ron.Loxton at earthtech.ca (Loxton, Ron)
Date: Tue, 22 Jul 2003 22:36:01 -0400
Subject: Database schema in other format
Message-ID: <A9ABF95BEAE66A4E9D809CE229DE057F6F6B07@catormail01.et.rootad.com>

Edward:

	You can always do like I did. Install the ODBC driver for mysql and
reverse engineer the schema.

Ron


-----Original Message-----
From: Edward Tsai [mailto:tsai_edward at yahoo.com]
Sent: Tuesday, July 22, 2003 8:58 PM
To: developers at bugzilla.org
Subject: Database schema in other format


hi,

is the database schema for bugzilla available in a
format other than jpeg (like visio), so that i can
easily edit it to do some bugzilla hack database
mappings?

thanks.

-edward

__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
-
To view or change your list settings, click here:
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=ron.loxton at earthtech.ca>


From mark.ingram at nexsan.com  Wed Jul 23 08:48:26 2003
From: mark.ingram at nexsan.com (Mark Ingram)
Date: Wed, 23 Jul 2003 09:48:26 +0100
Subject: Where to get started?
Message-ID: <AGEMJAKEHMBHDLCOCBECOEBNCAAA.mark.ingram@nexsan.com>

Hi,

just wondering if there are any tips or helpful advice you could give me to
start getting used to and learning the bugzilla code? What do i need to be
looking out for?

Best Regards,

Mark Ingram
Software Engineer
Nexsan Technologies
33 - 35 Parker Centre
Mansfield Road
Derby
DE21 4SZ



From mark.ingram at nexsan.com  Wed Jul 23 10:34:53 2003
From: mark.ingram at nexsan.com (Mark Ingram)
Date: Wed, 23 Jul 2003 11:34:53 +0100
Subject: Alternates to CVS
Message-ID: <AGEMJAKEHMBHDLCOCBECMEBOCAAA.mark.ingram@nexsan.com>

Hi,

are there any alternate ways to send code updates other than with CVS? Im
having trouble negotiating around the firewall at work here.

Best Regards,

Mark Ingram
Software Engineer
Nexsan Technologies
33 - 35 Parker Centre
Mansfield Road
Derby
DE21 4SZ



From gerv at mozilla.org  Wed Jul 23 11:26:22 2003
From: gerv at mozilla.org (Gervase Markham)
Date: Wed, 23 Jul 2003 12:26:22 +0100
Subject: Alternates to CVS
In-Reply-To: <AGEMJAKEHMBHDLCOCBECMEBOCAAA.mark.ingram@nexsan.com>
References: <AGEMJAKEHMBHDLCOCBECMEBOCAAA.mark.ingram@nexsan.com>
Message-ID: <3F1E70DE.5040208@mozilla.org>

Mark Ingram wrote:
> Hi,
> 
> are there any alternate ways to send code updates other than with CVS? Im
> having trouble negotiating around the firewall at work here.

If by "send code updates" you mean "contribute code back", you don't use 
CVS for that, you attach patches to Bugzilla bugs.

If you mean "get a copy of the code", then download the 2.17.4 release. 
That should be current enough for a first look. :-)

Gerv



From mark.ingram at nexsan.com  Wed Jul 23 11:21:04 2003
From: mark.ingram at nexsan.com (Mark Ingram)
Date: Wed, 23 Jul 2003 12:21:04 +0100
Subject: Alternates to CVS
In-Reply-To: <3F1E70DE.5040208@mozilla.org>
Message-ID: <AGEMJAKEHMBHDLCOCBECIEBPCAAA.mark.ingram@nexsan.com>

Hi,

Ahh right, didnt realise that :)

Thanks alot!

Best Regards,

Mark Ingram
Software Engineer
Nexsan Technologies
33 - 35 Parker Centre
Mansfield Road
Derby
DE21 4SZ 

-----Original Message-----
From: developers-owner at bugzilla.org
[mailto:developers-owner at bugzilla.org]On Behalf Of Gervase Markham
Sent: 23 July 2003 12:26
To: developers at bugzilla.org
Subject: Re: Alternates to CVS


Mark Ingram wrote:
> Hi,
> 
> are there any alternate ways to send code updates other than with CVS? Im
> having trouble negotiating around the firewall at work here.

If by "send code updates" you mean "contribute code back", you don't use 
CVS for that, you attach patches to Bugzilla bugs.

If you mean "get a copy of the code", then download the 2.17.4 release. 
That should be current enough for a first look. :-)

Gerv

-
To view or change your list settings, click here:
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=mark.ingram at nexsan.com>


From mark.ingram at nexsan.com  Wed Jul 23 11:43:29 2003
From: mark.ingram at nexsan.com (Mark Ingram)
Date: Wed, 23 Jul 2003 12:43:29 +0100
Subject: New Client CC Box
Message-ID: <AGEMJAKEHMBHDLCOCBECCECACAAA.mark.ingram@nexsan.com>

Hi,


im trying to edit the following files:
enter_bug.cgi
post_bug.cgi
create.html.tmpl

so that i can have a new textbox underneath the existing CC box when
creating a new bug. This box is called client_cc and will contain addresses
of clients that need to be informed about the progress of the bug.

In enter_bug.cgi around line 265 i added:

$vars->{'client_cc'} = formvalue{'client_cc'};



In post_bug.cgi around line 222 i added:

my @client_cc;

# Create an array of client email addresses to send
# bug fix confirmations onto
print "About to enter the check for client_cc";
if (defined $::FORM{'client_cc'}) {
	print "client_cc was defined! woop woop!";
	foreach my $person (split(/[ ,]/, $::FORM{'client_cc'})) {
		if ($person ne "") {
			print $person;
			push(@client_cc, $person);
		}
	}
}
else {
	print "No client_cc defined!";
}



And in create.html.tmpl around line 154 i added:

  <tr>
    <td align="right"><strong>Client Cc:</strong></td>
    <td colspan="3">
      <input name="client_cc" size="45" value="[% client_cc FILTER html %]">
    </td>
  </tr>


Obviously the textboxes get displayed but im not picking up anyvalues from
them, in fact, i dont get any print out from the check that client_cc is
defined in the FORM.

Am i missing some fundamentals here? For instance, do i need to edit the
vars object manually to add in client_cc, or do i need to edit the $::FORM
to add client_cc ??

As you know this is my first attempt at modifying the bugzilla code so be
gentle :)

Best Regards,

Mark Ingram
Software Engineer
Nexsan Technologies
33 - 35 Parker Centre
Mansfield Road
Derby
DE21 4SZ



From bugreport at peshkin.net  Wed Jul 23 14:01:42 2003
From: bugreport at peshkin.net (Joel Peshkin)
Date: Wed, 23 Jul 2003 07:01:42 -0700
Subject: Alternates to CVS
In-Reply-To: <3F1E70DE.5040208@mozilla.org>
References: <AGEMJAKEHMBHDLCOCBECMEBOCAAA.mark.ingram@nexsan.com> <3F1E70DE.5040208@mozilla.org>
Message-ID: <3F1E9546.20304@peshkin.net>

Gervase Markham wrote:

> <snip>
> If you mean "get a copy of the code", then download the 2.17.4 
> release. That should be current enough for a first look. :-)

Perhaps we should put a cron job (or a cgi) on landfill that builds a 
tarball.

-Joel







From caseyg at chsamerica.com  Wed Jul 23 14:04:49 2003
From: caseyg at chsamerica.com (Casey Gregoire)
Date: Wed, 23 Jul 2003 10:04:49 -0400
Subject: Alternates to CVS
Message-ID: <C3EB95A31BDAD511827C00B0D0F95AF58FBC22@BUCKWHEAT>


-----Original Message-----
From: Joel Peshkin [mailto:bugreport at peshkin.net]
Sent: Wednesday, July 23, 2003 10:02 AM
To: developers at bugzilla.org
Subject: Re: Alternates to CVS
Gervase Markham wrote:

> <snip>
> If you mean "get a copy of the code", then download the 2.17.4
> release. That should be current enough for a first look. :-)

Perhaps we should put a cron job (or a cgi) on landfill that builds a
tarball.

-Joel

couldn't you use a CVSview CGI to allow this? or will that not allow you to
download the WHOLE Bugzilla directory at once? I thought there was one out
there that would allow you to do that some how.

Thanks,
	Casey Gregoire



From mark.ingram at nexsan.com  Wed Jul 23 15:23:11 2003
From: mark.ingram at nexsan.com (Mark Ingram)
Date: Wed, 23 Jul 2003 16:23:11 +0100
Subject: Software Error
Message-ID: <AGEMJAKEHMBHDLCOCBECCECECAAA.mark.ingram@nexsan.com>

Hi,

im getting the following error:

Insecure dependency in parameter 1 of DBI::db=HASH(0x8655488)->prepare
method call while running with -T switch at Bugzilla/DB.pm line 64.

when trying to execute the following code in post_bug.cgi:

for (my $i = 0; $i <= $#client_cc; $i++) {
    SendSQL("INSERT INTO client_cc (bug_id, who) VALUES ($id,
$client_cc[$i])");
}

@client_cc contains a list of email addresses, the table client_cc is
identical to the table cc except that the who field is a varchar, not a
medium int.

Ive checked the value of $client_cc[$i] just above the SendSQL and it is my
email address, so i dont see what is going wrong?

What am i doing wrong?



Best Regards,

Mark Ingram
Software Engineer
Nexsan Technologies
33 - 35 Parker Centre
Mansfield Road
Derby
DE21 4SZ



From jason at pyeron.com  Wed Jul 23 15:46:43 2003
From: jason at pyeron.com (Jason Pyeron)
Date: Wed, 23 Jul 2003 11:46:43 -0400 (EDT)
Subject: Software Error
In-Reply-To: <AGEMJAKEHMBHDLCOCBECCECECAAA.mark.ingram@nexsan.com>
Message-ID: <Pine.LNX.4.44.0307231144390.29763-100000@ns.pyerotechnics.com>

Read up on tainted vars in Perl.

Do you have any reference books on Perl?

if not try
 
 man perl

Sincerely,

Jason Pyeron

On Wed, 23 Jul 2003, Mark Ingram wrote:

> Hi,
> 
> im getting the following error:
> 
> Insecure dependency in parameter 1 of DBI::db=HASH(0x8655488)->prepare
> method call while running with -T switch at Bugzilla/DB.pm line 64.
> 
> when trying to execute the following code in post_bug.cgi:
> 
> for (my $i = 0; $i <= $#client_cc; $i++) {
>     SendSQL("INSERT INTO client_cc (bug_id, who) VALUES ($id,
> $client_cc[$i])");
> }
> 
> @client_cc contains a list of email addresses, the table client_cc is
> identical to the table cc except that the who field is a varchar, not a
> medium int.
> 
> Ive checked the value of $client_cc[$i] just above the SendSQL and it is my
> email address, so i dont see what is going wrong?
> 
> What am i doing wrong?
> 
> 
> 
> Best Regards,
> 
> Mark Ingram
> Software Engineer
> Nexsan Technologies
> 33 - 35 Parker Centre
> Mansfield Road
> Derby
> DE21 4SZ
> 
> -
> To view or change your list settings, click here:
> <http://bugzilla.org/cgi-bin/mj_wwwusr?user=jpyeron at pyerotechnics.com>
> 

-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-                                                               -
- Jason Pyeron                   http://www.pyerotechnics.com   -
- Owner & Lead                  Pyerotechnics Development, Inc. -
-                               500 West University Parkway #1S -
- +1 (410) 808-6646             Baltimore, Maryland  21210-3253 -
-                                                               -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

This message is for the designated recipient only and may contain 
privileged, proprietary, or otherwise private information. If you 
have received it in error, purge the message from your system and 
notify the sender immediately.  Any other use of the email by you 
is prohibited.





From jason at pyeron.com  Wed Jul 23 16:07:10 2003
From: jason at pyeron.com (Jason Pyeron)
Date: Wed, 23 Jul 2003 12:07:10 -0400 (EDT)
Subject: more flexibility?...
In-Reply-To: <Pine.LNX.4.44.0307231144390.29763-100000@ns.pyerotechnics.com>
Message-ID: <Pine.LNX.4.44.0307231156510.29763-100000@ns.pyerotechnics.com>

Developers,

In my morning meeting we were talking about storage of finite-state 
automata in a RDBMS / XML setting. This got me thinking about how bugzilla 
has "hardcoded" status and status change rules.

How receptive would the community be to storing these rules in the 
database? This could lead to a more versatile Bugzilla, since new states 
could be added with rules (w/o hacking code)


Sincerely,

Jason Pyeron

 




-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-                                                               -
- Jason Pyeron                   http://www.pyerotechnics.com   -
- Owner & Lead                  Pyerotechnics Development, Inc. -
-                               500 West University Parkway #1S -
- +1 (410) 808-6646             Baltimore, Maryland  21210-3253 -
-                                                               -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

This message is for the designated recipient only and may contain 
privileged, proprietary, or otherwise private information. If you 
have received it in error, purge the message from your system and 
notify the sender immediately.  Any other use of the email by you 
is prohibited.





From sergey at optimaltec.com  Wed Jul 23 18:19:04 2003
From: sergey at optimaltec.com (Sergey A. Lipnevich)
Date: Wed, 23 Jul 2003 14:19:04 -0400
Subject: more flexibility?...
In-Reply-To: <Pine.LNX.4.44.0307231156510.29763-100000@ns.pyerotechnics.com>
References: <Pine.LNX.4.44.0307231144390.29763-100000@ns.pyerotechnics.com> <Pine.LNX.4.44.0307231156510.29763-100000@ns.pyerotechnics.com>
Message-ID: <3F1ED198.2040101@optimaltec.com>


I'm not a Bugzilla developer per se, but if this can be done, then... 
Jason for President!!! I'm serious, it's a feature to die for, it would 
also open doors wider to using Bugzilla for general issue tracking not 
just defect tracking (although I know this is not the direction Bugzilla 
is ready to take, a lot of people end up using Bugzilla like that).
Thanks!

Sergey.

Jason Pyeron wrote:
> > In my morning meeting we were talking about storage of finite-state 
> automata in a RDBMS / XML setting. This got me thinking about how bugzilla 
> has "hardcoded" status and status change rules.
> 
> How receptive would the community be to storing these rules in the 
> database? This could lead to a more versatile Bugzilla, since new states 
> could be added with rules (w/o hacking code)





From jocuri at softhome.net  Wed Jul 23 19:01:46 2003
From: jocuri at softhome.net (vladd)
Date: Wed, 23 Jul 2003 22:01:46 +0300
Subject: Alternates to CVS
In-Reply-To: <C3EB95A31BDAD511827C00B0D0F95AF58FBC22@BUCKWHEAT>
References: <C3EB95A31BDAD511827C00B0D0F95AF58FBC22@BUCKWHEAT>
Message-ID: <200307232201.46496.jocuri@softhome.net>

> > Perhaps we should put a cron job (or a cgi) on landfill that builds a
> > tarball.
>
> couldn't you use a CVSview CGI to allow this? or will that not allow you to
> download the WHOLE Bugzilla directory at once? I thought there was one out
> there that would allow you to do that some how.

There is, ViewCVS: http://viewcvs.sf.net/ . It has an option (I think it's 
turned off by default) which allows on-the-fly .tar files for any directory. 
However, if server load is a problem, a cron job with nightly downloads would 
be better.

Vlad D.



From jocuri at softhome.net  Wed Jul 23 19:05:32 2003
From: jocuri at softhome.net (vladd)
Date: Wed, 23 Jul 2003 22:05:32 +0300
Subject: more flexibility?...
In-Reply-To: <Pine.LNX.4.44.0307231156510.29763-100000@ns.pyerotechnics.com>
References: <Pine.LNX.4.44.0307231156510.29763-100000@ns.pyerotechnics.com>
Message-ID: <200307232205.32076.jocuri@softhome.net>

Sounds good to me.

Vlad D.

On Wednesday 23 July 2003 07:07 pm, you wrote:
> Developers,
>
> In my morning meeting we were talking about storage of finite-state
> automata in a RDBMS / XML setting. This got me thinking about how bugzilla
> has "hardcoded" status and status change rules.
>
> How receptive would the community be to storing these rules in the
> database? This could lead to a more versatile Bugzilla, since new states
> could be added with rules (w/o hacking code)
>
>
> Sincerely,
>
> Jason Pyeron



From jocuri at softhome.net  Wed Jul 23 19:08:30 2003
From: jocuri at softhome.net (vladd)
Date: Wed, 23 Jul 2003 22:08:30 +0300
Subject: Software Error
In-Reply-To: <AGEMJAKEHMBHDLCOCBECCECECAAA.mark.ingram@nexsan.com>
References: <AGEMJAKEHMBHDLCOCBECCECECAAA.mark.ingram@nexsan.com>
Message-ID: <200307232208.30397.jocuri@softhome.net>

Jason's advice about a man page looks good.

The problem is that the var which you introduced, client_cc, is tainted. For 
more details a good resource seems to be:

http://gunther.web66.com/FAQS/taintmode.html

Thanks,
Vlad D.

> Hi,
>
> im getting the following error:
>
> Insecure dependency in parameter 1 of DBI::db=HASH(0x8655488)->prepare
> method call while running with -T switch at Bugzilla/DB.pm line 64.
>
> when trying to execute the following code in post_bug.cgi:
>
> for (my $i = 0; $i <= $#client_cc; $i++) {
>     SendSQL("INSERT INTO client_cc (bug_id, who) VALUES ($id,
> $client_cc[$i])");
> }
>
> @client_cc contains a list of email addresses, the table client_cc is
> identical to the table cc except that the who field is a varchar, not a
> medium int.
>
> Ive checked the value of $client_cc[$i] just above the SendSQL and it is my
> email address, so i dont see what is going wrong?
>
> What am i doing wrong?
>
>
>
> Best Regards,
>
> Mark Ingram
> Software Engineer
> Nexsan Technologies
> 33 - 35 Parker Centre
> Mansfield Road
> Derby
> DE21 4SZ
>
> -
> To view or change your list settings, click here:
> <http://bugzilla.org/cgi-bin/mj_wwwusr?user=jocuri at softhome.net>



From caseyg at chsamerica.com  Wed Jul 23 19:16:51 2003
From: caseyg at chsamerica.com (Casey Gregoire)
Date: Wed, 23 Jul 2003 15:16:51 -0400
Subject: Alternates to CVS
Message-ID: <C3EB95A31BDAD511827C00B0D0F95AF58FBEB9@BUCKWHEAT>


-----Original Message-----
From: vladd [mailto:jocuri at softhome.net]
Sent: Wednesday, July 23, 2003 3:02 PM
To: developers at bugzilla.org
Subject: Re: Alternates to CVS

> > Perhaps we should put a cron job (or a cgi) on landfill that builds a
> > tarball.
>
> couldn't you use a CVSview CGI to allow this? or will that not allow you
to
> download the WHOLE Bugzilla directory at once? I thought there was one out
> there that would allow you to do that some how.

There is, ViewCVS: http://viewcvs.sf.net/ . It has an option (I think it's
turned off by default) which allows on-the-fly .tar files for any directory.
However, if server load is a problem, a cron job with nightly downloads
would
be better.

Vlad D.
cvs-web might do that, but viewcvs does not seem to. I have it on a computer
here, but there is no setting I found, and no mention of tar in the cgi
script.

Thanks,
	Casey Gregoire



From zach at zachlipton.com  Wed Jul 23 19:29:57 2003
From: zach at zachlipton.com (Zach Lipton)
Date: Wed, 23 Jul 2003 12:29:57 -0700
Subject: [bugzilla] Re: Alternates to CVS
In-Reply-To: <C3EB95A31BDAD511827C00B0D0F95AF58FBC22@BUCKWHEAT>
Message-ID: <BB443045.CA53%zach@zachlipton.com>

On 7/23/03 7:04 AM, "Casey Gregoire" <caseyg at chsamerica.com> wrote:
> 
[SNIP]
> 
> Perhaps we should put a cron job (or a cgi) on landfill that builds a
> tarball.
> 
http://landfill.bugzilla.org/bugzilla-cvs-latest.tar.gz. I'll set it up as a
cron job in a bit unless something goes wrong, though a cgi that lets you
build one on demand would be interesting (slow though).

Zach



From jason at pyeron.com  Wed Jul 23 19:48:39 2003
From: jason at pyeron.com (Jason Pyeron)
Date: Wed, 23 Jul 2003 15:48:39 -0400 (EDT)
Subject: [bugzilla] Re: Alternates to CVS
In-Reply-To: <BB443045.CA53%zach@zachlipton.com>
Message-ID: <Pine.LNX.4.44.0307231542590.29763-100000@ns.pyerotechnics.com>

to save diskspace, and cache, and give the latest always, and to save 
cpu we have on our server a cgi script of the following...

pseudo code here

NOW=`date`
NOW= NOW round to resolution (we use 15 min)

FILENAME=$PREFIX$NOW.tgz

if !exists $FILENAME tar czfC $FILENAME $DIR .

cat $FILENAME


On Wed, 23 Jul 2003, Zach Lipton wrote:

> On 7/23/03 7:04 AM, "Casey Gregoire" <caseyg at chsamerica.com> wrote:
> > 
> [SNIP]
> > 
> > Perhaps we should put a cron job (or a cgi) on landfill that builds a
> > tarball.
> > 
> http://landfill.bugzilla.org/bugzilla-cvs-latest.tar.gz. I'll set it up as a
> cron job in a bit unless something goes wrong, though a cgi that lets you
> build one on demand would be interesting (slow though).
> 
> Zach
> 
> -
> To view or change your list settings, click here:
> <http://bugzilla.org/cgi-bin/mj_wwwusr?user=jpyeron at pyerotechnics.com>
> 

-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-                                                               -
- Jason Pyeron                   http://www.pyerotechnics.com   -
- Owner & Lead                  Pyerotechnics Development, Inc. -
-                               500 West University Parkway #1S -
- +1 (410) 808-6646             Baltimore, Maryland  21210-3253 -
-                                                               -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

This message is for the designated recipient only and may contain 
privileged, proprietary, or otherwise private information. If you 
have received it in error, purge the message from your system and 
notify the sender immediately.  Any other use of the email by you 
is prohibited.





From jason at pyeron.com  Wed Jul 23 19:49:21 2003
From: jason at pyeron.com (Jason Pyeron)
Date: Wed, 23 Jul 2003 15:49:21 -0400 (EDT)
Subject: more flexibility?...
In-Reply-To: <200307232205.32076.jocuri@softhome.net>
Message-ID: <Pine.LNX.4.44.0307231548570.29763-100000@ns.pyerotechnics.com>

moving this into bugzilla then

http://bugzilla.mozilla.org/show_bug.cgi?id=213585

On Wed, 23 Jul 2003, vladd wrote:

> Sounds good to me.
> 
> Vlad D.
> 
> On Wednesday 23 July 2003 07:07 pm, you wrote:
> > Developers,
> >
> > In my morning meeting we were talking about storage of finite-state
> > automata in a RDBMS / XML setting. This got me thinking about how bugzilla
> > has "hardcoded" status and status change rules.
> >
> > How receptive would the community be to storing these rules in the
> > database? This could lead to a more versatile Bugzilla, since new states
> > could be added with rules (w/o hacking code)
> >
> >
> > Sincerely,
> >
> > Jason Pyeron
> 
> -
> To view or change your list settings, click here:
> <http://bugzilla.org/cgi-bin/mj_wwwusr?user=jpyeron at pyerotechnics.com>
> 

-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-                                                               -
- Jason Pyeron                   http://www.pyerotechnics.com   -
- Owner & Lead                  Pyerotechnics Development, Inc. -
-                               500 West University Parkway #1S -
- +1 (410) 808-6646             Baltimore, Maryland  21210-3253 -
-                                                               -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

This message is for the designated recipient only and may contain 
privileged, proprietary, or otherwise private information. If you 
have received it in error, purge the message from your system and 
notify the sender immediately.  Any other use of the email by you 
is prohibited.





From jocuri at softhome.net  Wed Jul 23 19:50:54 2003
From: jocuri at softhome.net (vladd)
Date: Wed, 23 Jul 2003 22:50:54 +0300
Subject: Alternates to CVS
In-Reply-To: <C3EB95A31BDAD511827C00B0D0F95AF58FBEB9@BUCKWHEAT>
References: <C3EB95A31BDAD511827C00B0D0F95AF58FBEB9@BUCKWHEAT>
Message-ID: <200307232250.54055.jocuri@softhome.net>

> cvs-web might do that, but viewcvs does not seem to. I have it on a
> computer here, but there is no setting I found, and no mention of tar in
> the cgi script.

Look in the file viewcvs.conf and search for the string "allow_tar". It has 
the comment right above:

>>> # ViewCVS can generate tarball from a repository on the fly.

Thanks,
Vlad D.



From caseyg at chsamerica.com  Wed Jul 23 20:01:39 2003
From: caseyg at chsamerica.com (Casey Gregoire)
Date: Wed, 23 Jul 2003 16:01:39 -0400
Subject: Alternates to CVS
Message-ID: <C3EB95A31BDAD511827C00B0D0F95AF58FBF3D@BUCKWHEAT>



Thanks,
	Casey Gregoire

-----Original Message-----
From: vladd [mailto:jocuri at softhome.net]
Sent: Wednesday, July 23, 2003 3:51 PM
To: developers at bugzilla.org
Subject: Re: Alternates to CVS

> cvs-web might do that, but viewcvs does not seem to. I have it on a
> computer here, but there is no setting I found, and no mention of tar in
> the cgi script.

Look in the file viewcvs.conf and search for the string "allow_tar". It has
the comment right above:

>>> # ViewCVS can generate tarball from a repository on the fly.

Thanks,
Vlad D.
:( stupid me looking in the wrong place. (Its been a long day)



From gerv at mozilla.org  Wed Jul 23 21:58:58 2003
From: gerv at mozilla.org (Gervase Markham)
Date: Wed, 23 Jul 2003 22:58:58 +0100
Subject: Alternates to CVS
In-Reply-To: <3F1E9546.20304@peshkin.net>
References: <AGEMJAKEHMBHDLCOCBECMEBOCAAA.mark.ingram@nexsan.com> <3F1E70DE.5040208@mozilla.org> <3F1E9546.20304@peshkin.net>
Message-ID: <3F1F0522.5000903@mozilla.org>

Joel Peshkin wrote:
> Perhaps we should put a cron job (or a cgi) on landfill that builds a 
> tarball.

Dave should have a "release" script which does this already. Dave: any 
chance of hooking that up to run regularly?

Gerv



From justdave at syndicomm.com  Thu Jul 24 07:58:55 2003
From: justdave at syndicomm.com (David Miller)
Date: Thu, 24 Jul 2003 02:58:55 -0500
Subject: Alternates to CVS
In-Reply-To: <3F1F0522.5000903@mozilla.org>
References: <AGEMJAKEHMBHDLCOCBECMEBOCAAA.mark.ingram@nexsan.com>
 <3F1E70DE.5040208@mozilla.org> <3F1E9546.20304@peshkin.net>
 <3F1F0522.5000903@mozilla.org>
Message-ID: <a06001a00bb45418002e8@[204.185.80.225]>

On 7/23/2003 10:58 PM +0100, Gervase Markham wrote:

> Joel Peshkin wrote:
>> Perhaps we should put a cron job (or a cgi) on landfill that builds a
>> tarball.
>
> Dave should have a "release" script which does this already.

Yes, I do.

./maketarball.sh <directoryname> <tagname>

so for example, for the 2.17.4 release, I did this:

./maketarball.sh bugzilla-2.17.4 BUGZILLA-2_17_4

Should be easy to run it with HEAD as the tag. :)

> Dave: any chance of hooking that up to run regularly?

Yeah, I'll see what I can do.
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/


From justdave at syndicomm.com  Thu Jul 24 08:02:44 2003
From: justdave at syndicomm.com (David Miller)
Date: Thu, 24 Jul 2003 03:02:44 -0500
Subject: more flexibility?...
In-Reply-To:  <Pine.LNX.4.44.0307231548570.29763-100000@ns.pyerotechnics.com>
References: <Pine.LNX.4.44.0307231548570.29763-100000@ns.pyerotechnics.com>
Message-ID: <a06001a01bb4542c74fba@[204.185.80.225]>

For anyone else on the list looking for it, it got duped to bug 101179.

http://bugzilla.mozilla.org/show_bug.cgi?id=101179

On 7/23/2003 3:49 PM -0400, Jason Pyeron wrote:

> moving this into bugzilla then
>
> http://bugzilla.mozilla.org/show_bug.cgi?id=213585
>
> On Wed, 23 Jul 2003, vladd wrote:
>
>> Sounds good to me.
>>
>> Vlad D.
>>
>> On Wednesday 23 July 2003 07:07 pm, you wrote:
>> > Developers,
>> >
>> > In my morning meeting we were talking about storage of finite-state
>> > automata in a RDBMS / XML setting. This got me thinking about how bugzilla
>> > has "hardcoded" status and status change rules.
>> >
>> > How receptive would the community be to storing these rules in the
>> > database? This could lead to a more versatile Bugzilla, since new states
>> > could be added with rules (w/o hacking code)
>> >
>> >
>> > Sincerely,
>> >
>> > Jason Pyeron

-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/


From mark.ingram at nexsan.com  Thu Jul 24 08:09:28 2003
From: mark.ingram at nexsan.com (Mark Ingram)
Date: Thu, 24 Jul 2003 09:09:28 +0100
Subject: Software Error
In-Reply-To: <200307232208.30397.jocuri@softhome.net>
Message-ID: <AGEMJAKEHMBHDLCOCBECEECICAAA.mark.ingram@nexsan.com>

Ahh thats a great link, thanks alot.

i used SqlQuote in the end to pass my email address through, it worked after
that!

Best Regards,

Mark Ingram
Software Engineer
Nexsan Technologies
33 - 35 Parker Centre
Mansfield Road
Derby
DE21 4SZ

-----Original Message-----
From: developers-owner at bugzilla.org
[mailto:developers-owner at bugzilla.org]On Behalf Of vladd
Sent: 23 July 2003 20:09
To: developers at bugzilla.org
Subject: Re: Software Error


Jason's advice about a man page looks good.

The problem is that the var which you introduced, client_cc, is tainted. For
more details a good resource seems to be:

http://gunther.web66.com/FAQS/taintmode.html

Thanks,
Vlad D.

> Hi,
>
> im getting the following error:
>
> Insecure dependency in parameter 1 of DBI::db=HASH(0x8655488)->prepare
> method call while running with -T switch at Bugzilla/DB.pm line 64.
>
> when trying to execute the following code in post_bug.cgi:
>
> for (my $i = 0; $i <= $#client_cc; $i++) {
>     SendSQL("INSERT INTO client_cc (bug_id, who) VALUES ($id,
> $client_cc[$i])");
> }
>
> @client_cc contains a list of email addresses, the table client_cc is
> identical to the table cc except that the who field is a varchar, not a
> medium int.
>
> Ive checked the value of $client_cc[$i] just above the SendSQL and it is
my
> email address, so i dont see what is going wrong?
>
> What am i doing wrong?
>
>
>
> Best Regards,
>
> Mark Ingram
> Software Engineer
> Nexsan Technologies
> 33 - 35 Parker Centre
> Mansfield Road
> Derby
> DE21 4SZ
>
> -
> To view or change your list settings, click here:
> <http://bugzilla.org/cgi-bin/mj_wwwusr?user=jocuri at softhome.net>

-
To view or change your list settings, click here:
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=mark.ingram at nexsan.com>



From mark.ingram at nexsan.com  Thu Jul 24 08:18:49 2003
From: mark.ingram at nexsan.com (Mark Ingram)
Date: Thu, 24 Jul 2003 09:18:49 +0100
Subject: Couple of questions...
Message-ID: <AGEMJAKEHMBHDLCOCBECOECICAAA.mark.ingram@nexsan.com>

Hi,

i was just wondering if someone could give me a brief overview of what the
following variables are / do / located etc?



enter_bug.cgi:

$vars
eg: $vars->{'cc'} = formvalue('cc');

Is it safe to just create a new variable here by doing (i have done this
already and it seems to work):
$vars->{'client_cc'} = formvalue('client_cc');



post_bug.cgi:

&Bugzilla::User::match_field ({
	'client_cc'     => { 'type' => 'multi'  },
    'cc'            => { 'type' => 'multi'  },
    'assigned_to'   => { 'type' => 'single' },
});

Again i just added in client_cc


I also changed the Bug.pm and bugzilla.dtd by adding in the relevant fields
for client_cc

Any input much appreciated.


Best Regards,

Mark Ingram
Software Engineer
Nexsan Technologies
33 - 35 Parker Centre
Mansfield Road
Derby
DE21 4SZ



From mark.ingram at nexsan.com  Thu Jul 24 10:31:12 2003
From: mark.ingram at nexsan.com (Mark Ingram)
Date: Thu, 24 Jul 2003 11:31:12 +0100
Subject: Creating a new param
Message-ID: <AGEMJAKEHMBHDLCOCBECAECLCAAA.mark.ingram@nexsan.com>

Hi,

Whats the best way to create a new param? Ive looked in data/param but i
dont think adding it straight into there is the best solution.



Best Regards,

Mark Ingram
Software Engineer
Nexsan Technologies
33 - 35 Parker Centre
Mansfield Road
Derby
DE21 4SZ



From justdave at syndicomm.com  Thu Jul 24 10:42:21 2003
From: justdave at syndicomm.com (David Miller)
Date: Thu, 24 Jul 2003 05:42:21 -0500
Subject: Creating a new param
In-Reply-To: <AGEMJAKEHMBHDLCOCBECAECLCAAA.mark.ingram@nexsan.com>
References: <AGEMJAKEHMBHDLCOCBECAECLCAAA.mark.ingram@nexsan.com>
Message-ID: <a06001a03bb45686f1330@[204.185.80.225]>

On 7/24/2003 11:31 AM +0100, Mark Ingram wrote:

> Whats the best way to create a new param? Ive looked in data/param but i
> dont think adding it straight into there is the best solution.

Add it and set a default for it in defparams.pl, then remember to run
checksetup.pl again afterwards.
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/


From mark.ingram at nexsan.com  Thu Jul 24 10:48:42 2003
From: mark.ingram at nexsan.com (Mark Ingram)
Date: Thu, 24 Jul 2003 11:48:42 +0100
Subject: Creating a new param
In-Reply-To: <a06001a03bb45686f1330@[204.185.80.225]>
Message-ID: <AGEMJAKEHMBHDLCOCBECMECLCAAA.mark.ingram@nexsan.com>

Hmmm,

ive done that but its still not showing in editparam.cgi

This is what i have in the files:
data/params:
'client_ccmail' => 'Testing this new parameter stuff!',

defparams.pl:
  {
   name => 'client_ccmail',
   desc => 'Just testing this new client_ccmail param!',
   type => 'l',
   default => 'This is the default text in the mail here.

What about a new line?

Another down here.

>From %maintainer%'
  },

Then i ran ./checksetup.pl again.

Is there anything im obviously doing wrong here?



Best Regards,

Mark Ingram
Software Engineer
Nexsan Technologies
33 - 35 Parker Centre
Mansfield Road
Derby
DE21 4SZ 

-----Original Message-----
From: developers-owner at bugzilla.org
[mailto:developers-owner at bugzilla.org]On Behalf Of David Miller
Sent: 24 July 2003 11:42
To: developers at bugzilla.org
Subject: Re: Creating a new param


On 7/24/2003 11:31 AM +0100, Mark Ingram wrote:

> Whats the best way to create a new param? Ive looked in data/param but i
> dont think adding it straight into there is the best solution.

Add it and set a default for it in defparams.pl, then remember to run
checksetup.pl again afterwards.
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/
-
To view or change your list settings, click here:
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=mark.ingram at nexsan.com>


From jason at pyeron.com  Thu Jul 24 17:18:59 2003
From: jason at pyeron.com (Jason Pyeron)
Date: Thu, 24 Jul 2003 13:18:59 -0400 (EDT)
Subject: public keys and session management...
Message-ID: <Pine.LNX.4.44.0307241315290.8128-100000@ns.pyerotechnics.com>


I have a laptop, when I travel it changes ip address sometimes.
I have a desktop
I have a lab computer
I have a computger at home

I sometimes use client machines.

I get tired of login into bugzilla.

It would be nice if I could use things like ssh does for access
But it should also be noted I should be able to view mycurrent sessions 
(and log them out / revoke them)

food for thought

Jason Pyeron

-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-                                                               -
- Jason Pyeron                   http://www.pyerotechnics.com   -
- Owner & Lead                  Pyerotechnics Development, Inc. -
-                               500 West University Parkway #1S -
- +1 (410) 808-6646             Baltimore, Maryland  21210-3253 -
-                                                               -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

This message is for the designated recipient only and may contain 
privileged, proprietary, or otherwise private information. If you 
have received it in error, purge the message from your system and 
notify the sender immediately.  Any other use of the email by you 
is prohibited.





From myk at mozilla.org  Thu Jul 24 18:13:02 2003
From: myk at mozilla.org (Myk Melez)
Date: Thu, 24 Jul 2003 11:13:02 -0700
Subject: Apache switching to Scarab
Message-ID: <3F2021AE.7070302@mozilla.org>

Apache seems to want to switch to Scarab from Bugzilla.  Anyone have a 
connection there who can find out why?  If it's for the wrong reasons, 
we should correct them.  If it's for good reasons, we should find out, 
as it might help us make Bugzilla better (or at least understand the 
needs out there more).

http://nagoya.apache.org/

-myk




From jason at pyeron.com  Thu Jul 24 18:33:11 2003
From: jason at pyeron.com (Jason Pyeron)
Date: Thu, 24 Jul 2003 14:33:11 -0400 (EDT)
Subject: Apache switching to Scarab
In-Reply-To: <3F2021AE.7070302@mozilla.org>
Message-ID: <Pine.LNX.4.44.0307241424260.8128-100000@ns.pyerotechnics.com>

Isn't scarab servlet based?

I have a lot of customers who say if it ain't servlet... or ain't asp...

maybe someone should point out bug 188570
  http://bugzilla.mozilla.org/show_bug.cgi?id=188570

Apache is probably going JSP/Servlet. Besides they most likely were sold 
on 'features' of scarab, especially the last one

from http://scarab.tigris.org/ last 4 on list
o Modular code design that allows manageable modifications of existing and 
  new features over time. 
o Fully customizable through a set of administrative pages. 
o Easily modified UI look and feel. 
o Can be integrated into larger systems by re-implementing key interfaces. 

Sincerely,

Jason Pyeron

On Thu, 24 Jul 2003, Myk Melez wrote:

> Apache seems to want to switch to Scarab from Bugzilla.  Anyone have a 
> connection there who can find out why?  If it's for the wrong reasons, 
> we should correct them.  If it's for good reasons, we should find out, 
> as it might help us make Bugzilla better (or at least understand the 
> needs out there more).
> 
> http://nagoya.apache.org/
> 
> -myk
> 
> 
> -
> To view or change your list settings, click here:
> <http://bugzilla.org/cgi-bin/mj_wwwusr?user=jpyeron at pyerotechnics.com>
> 

-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-                                                               -
- Jason Pyeron                   http://www.pyerotechnics.com   -
- Owner & Lead                  Pyerotechnics Development, Inc. -
-                               500 West University Parkway #1S -
- +1 (410) 808-6646             Baltimore, Maryland  21210-3253 -
-                                                               -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

This message is for the designated recipient only and may contain 
privileged, proprietary, or otherwise private information. If you 
have received it in error, purge the message from your system and 
notify the sender immediately.  Any other use of the email by you 
is prohibited.





From jeff.hedlund at matrixsi.com  Thu Jul 24 19:10:17 2003
From: jeff.hedlund at matrixsi.com (Jeff Hedlund)
Date: Thu, 24 Jul 2003 15:10:17 -0400
Subject: Apache switching to Scarab
In-Reply-To: <3F2021AE.7070302@mozilla.org>
References: <3F2021AE.7070302@mozilla.org>
Message-ID: <3F202F19.3060801@matrixsi.com>



Myk Melez wrote:

> Apache seems to want to switch to Scarab from Bugzilla.  Anyone have a 
> connection there who can find out why?  If it's for the wrong reasons, 
> we should correct them.  If it's for good reasons, we should find out, 
> as it might help us make Bugzilla better (or at least understand the 
> needs out there more).
> 
> http://nagoya.apache.org/

I found a couple threads on the decision, in particular:

  http://marc.theaimsgroup.com/?t=102045747000001&r=1&w=4
   this post from this thread shows the decision:
    http://marc.theaimsgroup.com/?l=jakarta-general&m=102051589032248&w=4

and

  http://marc.theaimsgroup.com/?t=102194344600001&r=1&w=2

Jeff
-- 

   /\  /\              ..    ..    ..    jeff.hedlund at matrixsi.com
  /  \/  \ a t r i x  .  .  .  .  .  .  .           (770) 794-7233
  s o f t w a r e  i n c  ..    ..    ..   http://www.matrixsi.com



From jimw at bugopolis.com  Thu Jul 24 19:14:12 2003
From: jimw at bugopolis.com (Jim Walters)
Date: 24 Jul 2003 12:14:12 -0700
Subject: Apache switching to Scarab
In-Reply-To: <Pine.LNX.4.44.0307241424260.8128-100000@ns.pyerotechnics.com>
References: <Pine.LNX.4.44.0307241424260.8128-100000@ns.pyerotechnics.com>
Message-ID: <1059074052.6749.155.camel@localhost.localdomain>

OK...

o Modular code design that allows manageable modifications of existing
and new features over time. 

Isn't this already being addressed by Bugzilla?

o Fully customizable through a set of administrative pages. 

Huh? Does this mean you can put new Java business/app logic into a form
and have it compiled and then replace existing JAR files? 

o Easily modified UI look and feel. 

Again, an in-progress Bugzilla attribute. 

o Can be integrated into larger systems by re-implementing key interfaces. 

If this weren't true, I'ld be worried...

I bet there is more to this than just feature sets.

On Thu, 2003-07-24 at 11:33, Jason Pyeron wrote:
> Isn't scarab servlet based?
> 
> I have a lot of customers who say if it ain't servlet... or ain't asp...
> 
> maybe someone should point out bug 188570
>   http://bugzilla.mozilla.org/show_bug.cgi?id=188570
> 
> Apache is probably going JSP/Servlet. Besides they most likely were sold 
> on 'features' of scarab, especially the last one
> 
> from http://scarab.tigris.org/ last 4 on list
> o Modular code design that allows manageable modifications of existing and 
>   new features over time. 
> o Fully customizable through a set of administrative pages. 
> o Easily modified UI look and feel. 
> o Can be integrated into larger systems by re-implementing key interfaces. 
> 
> Sincerely,
> 
> Jason Pyeron
> 
> On Thu, 24 Jul 2003, Myk Melez wrote:
> 
> > Apache seems to want to switch to Scarab from Bugzilla.  Anyone have a 
> > connection there who can find out why?  If it's for the wrong reasons, 
> > we should correct them.  If it's for good reasons, we should find out, 
> > as it might help us make Bugzilla better (or at least understand the 
> > needs out there more).
> > 
> > http://nagoya.apache.org/
> > 
> > -myk
> > 
> > 
> > -
> > To view or change your list settings, click here:
> > <http://bugzilla.org/cgi-bin/mj_wwwusr?user=jpyeron at pyerotechnics.com>
> > 
__________________________
Jim Walters   Director of Technology
Bugopolis, Inc.

phone: +1 206 447 8315 
email: jimw at bugopolis.com
web: http://www.bugopolis.com
_________________________



From kiko at async.com.br  Thu Jul 24 19:40:49 2003
From: kiko at async.com.br (Christian Reis)
Date: Thu, 24 Jul 2003 16:40:49 -0300
Subject: Apache switching to Scarab
In-Reply-To: <1059074052.6749.155.camel@localhost.localdomain>
References: <Pine.LNX.4.44.0307241424260.8128-100000@ns.pyerotechnics.com> <1059074052.6749.155.camel@localhost.localdomain>
Message-ID: <20030724194049.GP1120@async.com.br>

On Thu, Jul 24, 2003 at 12:14:12PM -0700, Jim Walters wrote:
>
> I bet there is more to this than just feature sets.

They were running a pretty old version of Bugzilla, and Pier stated on
the Jakarta mailing list that he was fed up with maintaining it. I think
this was just a case of a tiny group of people making a decision based
on their personal opinions (which may be well justified, but since he
hasn't publically stated them, it's hard to find out).

I filed a bug to help him update the query.cgi Javascript, for instance,
which was `as slow as molasses', and volunteered to do it for them, but
I was ignored and it was said that it would be done "when the next
upgrade was done". I suppose it never will.

Not that we don't have a lot of improving to do -- the UI stands out as
the real problem on our side, given that the functionality, stability
and scalability are very nice. I'm planning on doing work in this area
(if people let me) as soon as I get some time off.

Take care,
--
Christian Reis, Senior Engineer, Async Open Source, Brazil.
http://async.com.br/~kiko/ | [+55 16] 261 2331 | NMFL


From yannick.koehler at colubris.com  Thu Jul 24 19:43:24 2003
From: yannick.koehler at colubris.com (Yannick Koehler)
Date: Thu, 24 Jul 2003 15:43:24 -0400
Subject: Apache switching to Scarab
In-Reply-To: <1059074052.6749.155.camel@localhost.localdomain>
References: <Pine.LNX.4.44.0307241424260.8128-100000@ns.pyerotechnics.com> <1059074052.6749.155.camel@localhost.localdomain>
Message-ID: <200307241543.25895.yannick.koehler@colubris.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


> OK...
>
> o Modular code design that allows manageable modifications of existing
> and new features over time.
>
> Isn't this already being addressed by Bugzilla?

Could you explain to me how Bugzilla is modular?  From my experience with it, 
bugzilla is all but modular.  A change at one place require figuring out its 
side-effect because it is exactly NOT modular.

A module is something contained that if you change you can easily know its 
impact because it has defined input and outputs or services.

> I bet there is more to this than just feature sets.

As you can see in the post, that guy was pissed off of the CGI stopping 
running at 3 am...  Doesn't look to me to be related to bugzilla but ...  
only him will know.

- -- 

Yannick Koehler

Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xD34D4575
Key fingerprint = 8387 F009 A55F FFCD F87D BE18 6DEA 8D06 D34D 4575

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/IDbcbeqNBtNNRXURApCHAJ4zyiiaDazW0yIP1g99oEKMekMmGQCcDmu5
LvMft19hZ77yiI/ThEFVA4c=
=Ck0d
-----END PGP SIGNATURE-----



From bruce_armstrong at yahoo.com  Thu Jul 24 18:27:25 2003
From: bruce_armstrong at yahoo.com (Bruce Armstrong)
Date: Thu, 24 Jul 2003 11:27:25 -0700 (PDT)
Subject: Apache switching to Scarab
In-Reply-To: <3F2021AE.7070302@mozilla.org>
Message-ID: <20030724182725.97264.qmail@web12502.mail.yahoo.com>

Look at the list of technologies in the Scarab
framework:

http://scarab.tigris.org/project_development_tools_and_technology.html

6 of the 7 listed are Apache projects.... (and the 7th
is MySQL).

It might explain their interest...

--- Myk Melez <myk at mozilla.org> wrote:
> Apache seems to want to switch to Scarab from
> Bugzilla.  Anyone have a 
> connection there who can find out why?  If it's for
> the wrong reasons, 
> we should correct them.  If it's for good reasons,
> we should find out, 
> as it might help us make Bugzilla better (or at
> least understand the 
> needs out there more).
> 
> http://nagoya.apache.org/
> 
> -myk
> 
> 
> -
> To view or change your list settings, click here:
>
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=bruce.armstrong at teamsybase.com>


=====
Bruce Armstrong [TeamSybase]
---------------------------------
http://www.teamsybase.com

Preach the gospel at all times.
If necessary, use words.  -- Francis of Assisi
http://www.needhim.org


From bruce.armstrong at teamsybase.com  Thu Jul 24 19:54:08 2003
From: bruce.armstrong at teamsybase.com (Bruce Armstrong [TeamSybase])
Date: Thu, 24 Jul 2003 12:54:08 -0700 (PDT)
Subject: Apache switching to Scarab
In-Reply-To: <20030724182725.97264.qmail@web12502.mail.yahoo.com>
Message-ID: <20030724195408.13764.qmail@web12502.mail.yahoo.com>

Also, look at the section titled:

"What is CollabNet's involvement in Scarab?"

In the project FAQ:

http://scarab.tigris.org/faq.html

The Scarab lead developer is the guy who started the
Turbine, Torque and Village Apache projects...

--- Bruce Armstrong <bruce_armstrong at yahoo.com> wrote:
> Look at the list of technologies in the Scarab
> framework:
> 
>
http://scarab.tigris.org/project_development_tools_and_technology.html
> 
> 6 of the 7 listed are Apache projects.... (and the
> 7th
> is MySQL).
> 
> It might explain their interest...
> 
> --- Myk Melez <myk at mozilla.org> wrote:
> > Apache seems to want to switch to Scarab from
> > Bugzilla.  Anyone have a 
> > connection there who can find out why?  If it's
> for
> > the wrong reasons, 
> > we should correct them.  If it's for good reasons,
> > we should find out, 
> > as it might help us make Bugzilla better (or at
> > least understand the 
> > needs out there more).
> > 
> > http://nagoya.apache.org/
> > 
> > -myk
> > 
> > 
> > -
> > To view or change your list settings, click here:
> >
>
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=bruce.armstrong at teamsybase.com>
> 
> 
> =====
> Bruce Armstrong [TeamSybase]
> ---------------------------------
> http://www.teamsybase.com
> 
> Preach the gospel at all times.
> If necessary, use words.  -- Francis of Assisi
> http://www.needhim.org
> -
> To view or change your list settings, click here:
>
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=bruce.armstrong at teamsybase.com>



From justdave at syndicomm.com  Thu Jul 24 19:56:21 2003
From: justdave at syndicomm.com (David Miller)
Date: Thu, 24 Jul 2003 14:56:21 -0500
Subject: Apache switching to Scarab
In-Reply-To: <200307241543.25895.yannick.koehler@colubris.com>
References: <Pine.LNX.4.44.0307241424260.8128-100000@ns.pyerotechnics.com>
 <1059074052.6749.155.camel@localhost.localdomain>
 <200307241543.25895.yannick.koehler@colubris.com>
Message-ID: <a06001a0cbb45e8d2d40a@[204.185.80.225]>

On 7/24/2003 3:43 PM -0400, Yannick Koehler wrote:

> Could you explain to me how Bugzilla is modular?  From my experience with it,
> bugzilla is all but modular.  A change at one place require figuring out its
> side-effect because it is exactly NOT modular.
>
> A module is something contained that if you change you can easily know its
> impact because it has defined input and outputs or services.

Bugzilla's code has changed a LOT in the last year.  2.16.x is for the most
part NOT modular.  2.17.1 and onwards have been a little bit, and have
gradually been increasingly so.  The bulk of the code has been getting
moved into Perl module files (.pm) with defined objects, and methods and
properties on those objects.

A Bug is an object (though it's read-only at the moment - being able to
write to a Bug object is on the intended features list).
An Attachment is an object.
A User is an object.
The authentication process is now handled by pluggable modules.
A Search/Query is an object, although the input/output to the Search object
is still a little fuzzy (it still depends on CGI input for example, rather
than taking arbitrary data).  That'll eventually be fixed, too.
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/


From yannick.koehler at colubris.com  Thu Jul 24 20:05:58 2003
From: yannick.koehler at colubris.com (Yannick Koehler)
Date: Thu, 24 Jul 2003 16:05:58 -0400
Subject: Apache switching to Scarab
In-Reply-To: <a06001a0cbb45e8d2d40a@[204.185.80.225]>
References: <Pine.LNX.4.44.0307241424260.8128-100000@ns.pyerotechnics.com> <200307241543.25895.yannick.koehler@colubris.com> <a06001a0cbb45e8d2d40a@[204.185.80.225]>
Message-ID: <200307241606.00255.yannick.koehler@colubris.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


> On 7/24/2003 3:43 PM -0400, Yannick Koehler wrote:
> > Could you explain to me how Bugzilla is modular?  From my experience with
> > it, bugzilla is all but modular.  A change at one place require figuring
> > out its side-effect because it is exactly NOT modular.
> >
> > A module is something contained that if you change you can easily know
> > its impact because it has defined input and outputs or services.
>
> Bugzilla's code has changed a LOT in the last year.  2.16.x is for the most
> part NOT modular.  2.17.1 and onwards have been a little bit, and have
> gradually been increasingly so.  The bulk of the code has been getting
> moved into Perl module files (.pm) with defined objects, and methods and
> properties on those objects.

I see, I am still with 2.16 which explain it.  Luckily for me I have not run 
into problems and I am still happy with it.  Except that all enhancement 
request I have been receiving I had to drop because I am too afraid of perl 
and the code was not documented/modular enough for me to tackle it part by 
part.

> A Bug is an object (though it's read-only at the moment - being able to
> write to a Bug object is on the intended features list).
> An Attachment is an object.
> A User is an object.
> The authentication process is now handled by pluggable modules.
> A Search/Query is an object, although the input/output to the Search object
> is still a little fuzzy (it still depends on CGI input for example, rather
> than taking arbitrary data).  That'll eventually be fixed, too.

Nice to hear, continue in this direction please ;-)

- -- 

Yannick Koehler

Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xD34D4575
Key fingerprint = 8387 F009 A55F FFCD F87D BE18 6DEA 8D06 D34D 4575

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/IDwnbeqNBtNNRXURAoHFAKC8IZf73feMgClHVbFgUnB3NYAzcgCghsAT
8DUOhd5+dQpaEHGQMlmOjss=
=kg5x
-----END PGP SIGNATURE-----



From preed at sigkill.com  Thu Jul 24 20:16:14 2003
From: preed at sigkill.com (J. Paul Reed)
Date: Thu, 24 Jul 2003 13:16:14 -0700
Subject: Apache switching to Scarab
In-Reply-To: <200307241543.25895.yannick.koehler@colubris.com>; from yannick.koehler@colubris.com on Thu, Jul 24, 2003 at 03:43:24PM -0400
References: <Pine.LNX.4.44.0307241424260.8128-100000@ns.pyerotechnics.com> <1059074052.6749.155.camel@localhost.localdomain> <200307241543.25895.yannick.koehler@colubris.com>
Message-ID: <20030724131614.B19169@sigkill.com>

On 24 Jul 2003 at 15:43:24, Yannick Koehler arranged the bits on my disk to say:

> As you can see in the post, that guy was pissed off of the CGI stopping
> running at 3 am...  Doesn't look to me to be related to bugzilla but ...
> only him will know.

This is not really directed at you, Yannick:

Well, reading the threads, it looks like it doesn't matter what we say, but
it would be nice to get some *real* information about Pier or whatever his
name was about problems he had; it'd be nice to see what *he'd* improve.

CGIs crapping out at 3 am? Sounds like an Apache 2.0-beta problem to me.

Replacing it with a huge servlet engine that takes 30-50 megs to just sit
there and do nothing, with increasing amounts of memory to do anything
useful... oh yeah, that's a *lot* better...

And, of course, it's better 'cause it's written in Java.

No, I'm not bitter. And yes, thank you for asking. :-)

Later,
Paul
------------------------------------------------------------------------
J. Paul Reed -- 0xDF8708F8 || preed at sigkill.com || web.sigkill.com/preed
To hold on to sanity too tight is insane.   -- Nick Falzone, Pushing Tin

I use PGP; you should use PGP too... if only to piss off John Ashcroft


From justdave at syndicomm.com  Thu Jul 24 20:31:47 2003
From: justdave at syndicomm.com (David Miller)
Date: Thu, 24 Jul 2003 15:31:47 -0500
Subject: Apache switching to Scarab
In-Reply-To: <3F202F19.3060801@matrixsi.com>
References: <3F2021AE.7070302@mozilla.org> <3F202F19.3060801@matrixsi.com>
Message-ID: <a06001a07bb45e7537a5f@[204.185.80.225]>

On 7/24/2003 3:10 PM -0400, Jeff Hedlund wrote:

> Myk Melez wrote:
>
>> Apache seems to want to switch to Scarab from Bugzilla.  Anyone have a
>> connection there who can find out why?  If it's for the wrong reasons,
>> we should correct them.  If it's for good reasons, we should find out,
>> as it might help us make Bugzilla better (or at least understand the
>> needs out there more).
>>
>> http://nagoya.apache.org/

They're running 2.14.2.

Given the options available, I wouldn't be caught dead running 2.14.2 these
days :)  2.16 was such a huge leap over 2.14, and 2.17.4 is light-years
beyond that already :)

But yeah, given all the other stuff I see about the situation, it sounds
like they originally used Bugzilla because it's all there was at the time
that actually worked halfway decent.  Since the main focus of the Apache
Software Foundation seems to be Java-related these days, it kind of only
makes sense for them to use a Java-based bug-tracking system.  As much as I
hate to say it, for them to not be running a Java-based bug-tracking system
would be like the Mozilla Foundation running a proprietary commercial web
server instead of an open source one.

Doh!  We use Netscape Enterprise Server, so I guess we have the same problem.

Anyhow, I would bet he only made it sound like Bugzilla was sucking for
them in order to have justification to give to all the avid Bugzilla
supporters who were obviously screaming about it.  The real reasons, as
stated above, probably had nothing to do with whether Bugzilla sucked or
not, but had more to do with the current goals of the Apache Software
Foundation.
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/


From chicks at chicks.net  Fri Jul 25 01:15:44 2003
From: chicks at chicks.net (Christopher Hicks)
Date: Thu, 24 Jul 2003 21:15:44 -0400 (EDT)
Subject: Apache switching to Scarab
In-Reply-To: <Pine.LNX.4.44.0307241424260.8128-100000@ns.pyerotechnics.com>
Message-ID: <Pine.LNX.4.44.0307242112290.11348-100000@yakko.chicks.net>

On Thu, 24 Jul 2003, Jason Pyeron wrote:
> I have a lot of customers who say if it ain't servlet... or ain't asp...

Let's just say "other perspectives are rampant".  I have lots of users who
are quite happy with my policy of avoiding running either of those things.  
I'm totally free of Windows, ASP's or servlets on my servers and have been
for several years.  Now if I can just get rid of PHP life will be so good.

-- 
</chris>

"Have _you_ looked at the NCSA httpd code?  It was so bad by last March
that even _I_ didn't understand a lot of it anymore, and I wrote all of
it."  -- Rob McCool



From gerv at mozilla.org  Fri Jul 25 07:06:12 2003
From: gerv at mozilla.org (Gervase Markham)
Date: Fri, 25 Jul 2003 08:06:12 +0100
Subject: Apache switching to Scarab
In-Reply-To: <3F2021AE.7070302@mozilla.org>
References: <3F2021AE.7070302@mozilla.org>
Message-ID: <3F20D6E4.9000803@mozilla.org>

Myk Melez wrote:
> Apache seems to want to switch to Scarab from Bugzilla.  Anyone have a 
> connection there who can find out why?  If it's for the wrong reasons, 
> we should correct them.  If it's for good reasons, we should find out, 
> as it might help us make Bugzilla better (or at least understand the 
> needs out there more).

There's one main reason - the lovable John Scott Stevens, a Scarab lead 
developer and occasional troll in n.p.m.webtools, is an Apache 
Foundation member.

I had an email exchange with him a while ago on this exact matter. See 
below. While Jon's comments aren't particularly constructive (and I'm 
afraid I rose to his bait), the reply from Pier Fumagalli, their admin, 
is more enlightening.

Basically, they are set on using Scarab, and we probably won't be able 
to change their minds. The reasons are:

- apache.org once got hacked via an insecure Bugzilla
- Jon, lead developer on Scarab, is a member of the ASF
- None of them understand Perl
- They can get changes made quicker because the people are closer to
   them

As a sidenote, Scarab is still in beta, 18 months after the original 
beta release. The wisdom of the Loginataka says:

"The Rite of the Rewrite is not the only Path to Mastery, but it is 
perhaps the highest and most Sacred of all Paths. Few indeed are those 
who, travelling it, have crossed the dark and yawning Abyss of 
Implementation to Delivery. Many, yea, many in truth stagnate yet in the 
Desert of Delay, or linger ever in the ghastly limbo called Perpetual Beta."
http://www.catb.org/~esr/faqs/loginataka.html

Gerv



-------- Original Message --------
Subject: ASF's Bugzilla
Date: Thu, 06 Feb 2003 07:47:36 +0000
From: Gervase Markham <gerv at mozilla.org>
Organization: mozilla.org
To: bugzilla at apache.org

Hi,

I am writing a presentation on "Advanced Bugzilla Use" for FOSDEM
(http://www.fosdem.org) and was looking around the Bugzillas of a number
of high-profile organisations. I noticed a couple of things about your
Bugzilla.

- You are using 2.14.2. You may know that the 2.14 branch of Bugzilla
became unsupported as of the New Year (this fact was widely trailed for
a long time and advertised on the announce list and the Bugzilla status
updates.)

- You are evaluating Scarab as a possible next-generation bug tracker.

I would be interested to know what deficiences you found in Bugzilla
which made you think that moving to Scarab would be necessary? We'd very
much like to know, because then we may be able to rectify them - for
other people, even if not for you :-) Forgive me if you've already filed
them in our Bugzilla instance - I haven't noticed them.

But, notwithstanding that, Bugzilla has made great leaps and bounds in
features and usability since 2.14 was released nearly 18 months ago. We
try very hard to make upgrading a painless process, and you do not seem
to have customised your Bugzilla to a great extent, so upgrading should
be fine. Even if you are evaluating another tracker in the long term,
given that 2.14 is no longer supported, would you consider an upgrade? I
would be happy to assist with this process.

Please let me know if I can help you in any way.

Gerv



-------- Original Message --------
Subject: Re: ASF's Bugzilla
Date: Thu, 06 Feb 2003 19:30:55 -0800
From: Jon Scott Stevens <jon at latchkey.com>
To: Pier Fumagalli <pier at apache.org>, Gervase Markham <gerv at mozilla.org>

LOL!

     http://mozilla.org/projects/bugzilla/security/2.16.1/

=)

-jon



-------- Original Message --------
Subject: Re: ASF's Bugzilla
Date: Fri, 07 Feb 2003 08:22:05 +0000
From: Gervase Markham <gerv at mozilla.org>
Organization: mozilla.org
To: Jon Scott Stevens <jon at latchkey.com>
CC: Pier Fumagalli <pier at apache.org>
References: <BA68686F.4DE4D%jon at latchkey.com>

Jon Scott Stevens wrote:
 > LOL!
 >
 >     http://mozilla.org/projects/bugzilla/security/2.16.1/

As always, working with Jon is a pleasure. Although I would perhaps
point out that "The default .htaccess scripts do not block access to
backups created by editors such as vi or emacs" is not your most
Internet-destroying security vulnerability. And might perhaps suggest
that the reason Scarab has had no security issues yet is because no-one
is using it...

By the way, congratulations on reaching the first anniversary of your
initial beta release. Even by Mozilla standards, that's pretty good
going. Hope you make it out of beta soon. :-)

Gerv





-------- Original Message --------
Subject: Re: ASF's Bugzilla
Date: Fri, 07 Feb 2003 03:38:24 -0800
From: Jon Scott Stevens <jon at latchkey.com>
To: Gervase Markham <gerv at mozilla.org>
CC: Pier Fumagalli <pier at apache.org>

on 2003/2/7 12:22 AM, "Gervase Markham" <gerv at mozilla.org> wrote:

 > As always, working with Jon is a pleasure. Although I would perhaps
 > point out that "The default .htaccess scripts do not block access to
 > backups created by editors such as vi or emacs" is not your most
 > Internet-destroying security vulnerability.

Doesn't matter. A security hole report for almost every release is pretty
pathetic and shows a fundamental design problem with Bugzilla.

 > And might perhaps suggest
 > that the reason Scarab has had no security issues yet is because no-one
 > is using it...

Ah...that is where you are wrong. There is so much you don't know, but that
is ok.

 > By the way, congratulations on reaching the first anniversary of your
 > initial beta release. Even by Mozilla standards, that's pretty good
 > going. Hope you make it out of beta soon. :-)

Version numbers mean nothing. Look at MySQL, their alpha/gamma releases are
as high quality as every other of their releases.

-jon

-- 
StudioZ.tv /\ Bar/Nightclub/Entertainment
314 11th Street @ Folsom /\ San Francisco
         http://studioz.tv/





-------- Original Message --------
Subject: Re: ASF's Bugzilla
Date: Fri, 07 Feb 2003 02:51:44 +0000
From: Pier Fumagalli <pier at apache.org>
To: Gervase Markham <gerv at mozilla.org>, <bugzilla at apache.org>,   Jon 
Scott Stevens <jon at latchkey.com>

On 6/2/03 7:47, "Gervase Markham" <gerv at mozilla.org> wrote:

 > Hi,
 >
 > I am writing a presentation on "Advanced Bugzilla Use" for FOSDEM
 > (http://www.fosdem.org) and was looking around the Bugzillas of a number
 > of high-profile organisations. I noticed a couple of things about your
 > Bugzilla.
 >
 > - You are using 2.14.2. You may know that the 2.14 branch of Bugzilla
 > became unsupported as of the New Year (this fact was widely trailed for
 > a long time and advertised on the announce list and the Bugzilla status
 > updates.)

Hmmm... Good... Then it's time to switch...

 > - You are evaluating Scarab as a possible next-generation bug tracker.

No, we're not evaluating it... We're _going_ to use it...

 > I would be interested to know what deficiences you found in Bugzilla
 > which made you think that moving to Scarab would be necessary? We'd very
 > much like to know, because then we may be able to rectify them - for
 > other people, even if not for you :-) Forgive me if you've already filed
 > them in our Bugzilla instance - I haven't noticed them.

Oh, it's simple... None of us understands Perl well enough, and Scarab was
actually built by people involved with the Apache community (so, it's easier
to flame someone you know when stuff doesn't work, and actually, we even
have better roundtrip times, as the people who wrote scarab also have the
rights to administer it, upgrade it, tweak it, whatever, on the live
install)...

 > But, notwithstanding that, Bugzilla has made great leaps and bounds in
 > features and usability since 2.14 was released nearly 18 months ago. We
 > try very hard to make upgrading a painless process, and you do not seem
 > to have customised your Bugzilla to a great extent, so upgrading should
 > be fine. Even if you are evaluating another tracker in the long term,
 > given that 2.14 is no longer supported, would you consider an upgrade? I
 > would be happy to assist with this process.

Seriously, not really, of course unless you don't break into my system and
take the whole bugs db down... :-)

Scarab to some extent is our own dogfood, and we have much more control (and
knowledge) onto it, so the switch is already decided. We're going to do
it...

 > Please let me know if I can help you in any way.

Jon, the main author of Scarab and member of the Apache Software Foundation
is in CC...

     Pier



From mark.ingram at nexsan.com  Fri Jul 25 08:26:09 2003
From: mark.ingram at nexsan.com (Mark Ingram)
Date: Fri, 25 Jul 2003 09:26:09 +0100
Subject: Creating a new param
In-Reply-To: <AGEMJAKEHMBHDLCOCBECMECLCAAA.mark.ingram@nexsan.com>
Message-ID: <AGEMJAKEHMBHDLCOCBECGEDBCAAA.mark.ingram@nexsan.com>

Anyone?

Is there anything manual i can do to get the parameter in and displayed on
the editparams.cgi ?

cheers

-----Original Message-----
From: developers-owner at bugzilla.org
[mailto:developers-owner at bugzilla.org]On Behalf Of Mark Ingram
Sent: 24 July 2003 11:49
To: developers at bugzilla.org
Subject: Re: Creating a new param


Hmmm,

ive done that but its still not showing in editparam.cgi

This is what i have in the files:
data/params:
'client_ccmail' => 'Testing this new parameter stuff!',

defparams.pl:
  {
   name => 'client_ccmail',
   desc => 'Just testing this new client_ccmail param!',
   type => 'l',
   default => 'This is the default text in the mail here.

What about a new line?

Another down here.

>From %maintainer%'
  },

Then i ran ./checksetup.pl again.

Is there anything im obviously doing wrong here?



Best Regards,

Mark Ingram
Software Engineer
Nexsan Technologies
33 - 35 Parker Centre
Mansfield Road
Derby
DE21 4SZ

-----Original Message-----
From: developers-owner at bugzilla.org
[mailto:developers-owner at bugzilla.org]On Behalf Of David Miller
Sent: 24 July 2003 11:42
To: developers at bugzilla.org
Subject: Re: Creating a new param


On 7/24/2003 11:31 AM +0100, Mark Ingram wrote:

> Whats the best way to create a new param? Ive looked in data/param but i
> dont think adding it straight into there is the best solution.

Add it and set a default for it in defparams.pl, then remember to run
checksetup.pl again afterwards.
--
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/
-
To view or change your list settings, click here:
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=mark.ingram at nexsan.com>
-
To view or change your list settings, click here:
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=mark.ingram at nexsan.com>



From preed at sigkill.com  Fri Jul 25 08:36:20 2003
From: preed at sigkill.com (J. Paul Reed)
Date: Fri, 25 Jul 2003 01:36:20 -0700
Subject: Creating a new param
In-Reply-To: <AGEMJAKEHMBHDLCOCBECGEDBCAAA.mark.ingram@nexsan.com>; from mark.ingram@nexsan.com on Fri, Jul 25, 2003 at 09:26:09AM +0100
References: <AGEMJAKEHMBHDLCOCBECMECLCAAA.mark.ingram@nexsan.com> <AGEMJAKEHMBHDLCOCBECGEDBCAAA.mark.ingram@nexsan.com>
Message-ID: <20030725013620.A21199@sigkill.com>

On 25 Jul 2003 at 09:26:09, Mark Ingram arranged the bits on my disk to say:

> Is there anything manual i can do to get the parameter in and displayed
> on the editparams.cgi ?

It really is as easy as adding the entry to defparams.pl AND RE-RUNNING
checksetup.pl.

You don't do that, it won't work.

<---- found out the hard way.

Later,
Paul
------------------------------------------------------------------------
J. Paul Reed -- 0xDF8708F8 || preed at sigkill.com || web.sigkill.com/preed
To hold on to sanity too tight is insane.   -- Nick Falzone, Pushing Tin

I use PGP; you should use PGP too... if only to piss off John Ashcroft


From mark.ingram at nexsan.com  Fri Jul 25 08:45:24 2003
From: mark.ingram at nexsan.com (Mark Ingram)
Date: Fri, 25 Jul 2003 09:45:24 +0100
Subject: Creating a new param
In-Reply-To: <20030725013620.A21199@sigkill.com>
Message-ID: <AGEMJAKEHMBHDLCOCBECCEDCCAAA.mark.ingram@nexsan.com>

Hmm,

I tried that yesterday and it didnt work, yet when i tried it now it did!

Thanks anyways!

Best Regards,

Mark Ingram
Software Engineer
Nexsan Technologies
33 - 35 Parker Centre
Mansfield Road
Derby
DE21 4SZ

-----Original Message-----
From: developers-owner at bugzilla.org
[mailto:developers-owner at bugzilla.org]On Behalf Of J. Paul Reed
Sent: 25 July 2003 09:36
To: developers at bugzilla.org
Subject: Re: Creating a new param


On 25 Jul 2003 at 09:26:09, Mark Ingram arranged the bits on my disk to say:

> Is there anything manual i can do to get the parameter in and displayed
> on the editparams.cgi ?

It really is as easy as adding the entry to defparams.pl AND RE-RUNNING
checksetup.pl.

You don't do that, it won't work.

<---- found out the hard way.

Later,
Paul
------------------------------------------------------------------------
J. Paul Reed -- 0xDF8708F8 || preed at sigkill.com || web.sigkill.com/preed
To hold on to sanity too tight is insane.   -- Nick Falzone, Pushing Tin

I use PGP; you should use PGP too... if only to piss off John Ashcroft
-
To view or change your list settings, click here:
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=mark.ingram at nexsan.com>



From mark.ingram at nexsan.com  Fri Jul 25 09:32:42 2003
From: mark.ingram at nexsan.com (Mark Ingram)
Date: Fri, 25 Jul 2003 10:32:42 +0100
Subject: Getting a list of bugs
Message-ID: <AGEMJAKEHMBHDLCOCBECIEDCCAAA.mark.ingram@nexsan.com>

Hi,

ive been trawling through the buglist.cgi this morning and i cant see a
simple way of just displaying a list of bug IDs.
I thought i could get some code base from the above file but i cant work out
where it actually does the selecting.

Basically all i want todo is run this query:
SELECT bug_id, short_desc, product_id FROM bugs WHERE bug_status='RESOLVED'
AND bug_resolution='FIXED' ORDER BY delta_ts DESC

Then using a template i will display the bug ids in a list.

Can anyone point me in the right direction or give me a helpful tip on howto
get a couple of details out of the DB?


Best Regards,

Mark Ingram
Software Engineer
Nexsan Technologies
33 - 35 Parker Centre
Mansfield Road
Derby
DE21 4SZ



From jocuri at softhome.net  Fri Jul 25 10:46:38 2003
From: jocuri at softhome.net (vladd)
Date: Fri, 25 Jul 2003 13:46:38 +0300
Subject: Getting a list of bugs
In-Reply-To: <AGEMJAKEHMBHDLCOCBECIEDCCAAA.mark.ingram@nexsan.com>
References: <AGEMJAKEHMBHDLCOCBECIEDCCAAA.mark.ingram@nexsan.com>
Message-ID: <200307251346.38816.jocuri@softhome.net>

Hi.

If you want just the IDs instead of having the whole list, it's enough to edit 
/template/en/default/list/table.html.tmpl and to eliminate from it the 
undesired values. If you want a list instead of a table you need to eliminate 
also the <tr> tags etc.

> I thought i could get some code base from the above file but i cant work
> out where it actually does the selecting.

Search for the comment:

# Generate the basic SQL query that will be used to generate the bug list.

in the buglist.cgi file.

Thanks,
Vlad - vladd.

> Basically all i want todo is run this query:
> SELECT bug_id, short_desc, product_id FROM bugs WHERE bug_status='RESOLVED'
> AND bug_resolution='FIXED' ORDER BY delta_ts DESC
>
> Then using a template i will display the bug ids in a list.
>
> Can anyone point me in the right direction or give me a helpful tip on
> howto get a couple of details out of the DB?
>
>
> Best Regards,
>
> Mark Ingram
> Software Engineer
> Nexsan Technologies
> 33 - 35 Parker Centre
> Mansfield Road
> Derby
> DE21 4SZ
>
> -
> To view or change your list settings, click here:
> <http://bugzilla.org/cgi-bin/mj_wwwusr?user=jocuri at softhome.net>



From yannick.koehler at colubris.com  Fri Jul 25 12:28:31 2003
From: yannick.koehler at colubris.com (Yannick Koehler)
Date: Fri, 25 Jul 2003 08:28:31 -0400
Subject: Apache switching to Scarab
In-Reply-To: <20030724131614.B19169@sigkill.com>
References: <Pine.LNX.4.44.0307241424260.8128-100000@ns.pyerotechnics.com> <200307241543.25895.yannick.koehler@colubris.com> <20030724131614.B19169@sigkill.com>
Message-ID: <200307250828.40575.yannick.koehler@colubris.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


> On 24 Jul 2003 at 15:43:24, Yannick Koehler arranged the bits on my disk to 
> Replacing it with a huge servlet engine that takes 30-50 megs to just sit
> there and do nothing, with increasing amounts of memory to do anything
> useful... oh yeah, that's a *lot* better...

I was not saying his choice was any better or worst thought.  I also feel that 
Bugzilla is still better to stick with than any servlet stuff that takes a 
lot of resources.

- -- 

Yannick Koehler

Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xD34D4575
Key fingerprint = 8387 F009 A55F FFCD F87D BE18 6DEA 8D06 D34D 4575

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/ISJ2beqNBtNNRXURAnKcAJ9GsCPaC4sDcvFmqtH28J8DQdPJSQCfWPsC
f7Sg6qfowYJ/C2zvQL94NDk=
=+8S8
-----END PGP SIGNATURE-----



From tobias.burnus at physik.fu-berlin.de  Fri Jul 25 12:38:13 2003
From: tobias.burnus at physik.fu-berlin.de (Tobias Burnus)
Date: Fri, 25 Jul 2003 14:38:13 +0200 (CEST)
Subject: Apache switching to Scarab
In-Reply-To: <3F2021AE.7070302@mozilla.org>
Message-ID: <Pine.LNX.4.44.0307251431170.16554-100000@g25.physik.fu-berlin.de>

Hi,

On Thu, 24 Jul 2003, Myk Melez wrote:
> Apache seems to want to switch to Scarab from Bugzilla.  Anyone have a
> connection there who can find out why?
If I remember correctly, I read something like this more then half year
ago: They wanted to switch to Scarab because it doesn't require you to use
cookies as Bugzilla de facto does.

Tobias



From mark.ingram at nexsan.com  Fri Jul 25 14:10:33 2003
From: mark.ingram at nexsan.com (Mark Ingram)
Date: Fri, 25 Jul 2003 15:10:33 +0100
Subject: De-tainting a number
Message-ID: <AGEMJAKEHMBHDLCOCBECGEDECAAA.mark.ingram@nexsan.com>

Hi,

I have the following line:

	SendSQL("INSERT INTO bugs (reg_test) VALUES (" . SqlQuote($reg_test) . ")
WHERE bug_id = $bugid");

which isnt working obviously because the $bugid is still tainted. How do i
de-taint a number?


Best Regards,

Mark Ingram
Software Engineer
Nexsan Technologies
33 - 35 Parker Centre
Mansfield Road
Derby
DE21 4SZ



From justdave at syndicomm.com  Fri Jul 25 15:05:28 2003
From: justdave at syndicomm.com (David Miller)
Date: Fri, 25 Jul 2003 10:05:28 -0500
Subject: De-tainting a number
In-Reply-To: <AGEMJAKEHMBHDLCOCBECGEDECAAA.mark.ingram@nexsan.com>
References: <AGEMJAKEHMBHDLCOCBECGEDECAAA.mark.ingram@nexsan.com>
Message-ID: <p06001a00bb46f73f724b@[204.185.80.225]>

On 7/25/2003 3:10 PM +0100, Mark Ingram wrote:

> I have the following line:
>
> 	SendSQL("INSERT INTO bugs (reg_test) VALUES (" .
>SqlQuote($reg_test) . ")
> WHERE bug_id = $bugid");
>
> which isnt working obviously because the $bugid is still tainted. How do i
> de-taint a number?

detaint_natural($bugid) || ThrowUserError("invalid_bug_id");

You'll have to double-check the error tag, I don't remember them all.  The
errors are in template/en/default/global/user-error.html.tmpl
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/


From mark.ingram at nexsan.com  Fri Jul 25 15:15:24 2003
From: mark.ingram at nexsan.com (Mark Ingram)
Date: Fri, 25 Jul 2003 16:15:24 +0100
Subject: De-tainting a number
In-Reply-To: <p06001a00bb46f73f724b@[204.185.80.225]>
Message-ID: <AGEMJAKEHMBHDLCOCBECOEDECAAA.mark.ingram@nexsan.com>

Thanks alot!

There is just one small problem, a $bugid of 37 gets changed to 1 when i try
it??

I have the following code:

	my $bug_id = detaint_natural($bugid) || ThrowUserError("invalid_bug_id");
	print "bug_id: $bug_id\n<br>bugid: $bugid";

The print out looks like this:
bug_id: 1
bugid: 37

Is there any particular reason for this?

Best Regards,

Mark Ingram
Software Engineer
Nexsan Technologies
33 - 35 Parker Centre
Mansfield Road
Derby
DE21 4SZ

-----Original Message-----
From: developers-owner at bugzilla.org
[mailto:developers-owner at bugzilla.org]On Behalf Of David Miller
Sent: 25 July 2003 16:05
To: developers at bugzilla.org
Subject: Re: De-tainting a number


On 7/25/2003 3:10 PM +0100, Mark Ingram wrote:

> I have the following line:
>
> 	SendSQL("INSERT INTO bugs (reg_test) VALUES (" .
>SqlQuote($reg_test) . ")
> WHERE bug_id = $bugid");
>
> which isnt working obviously because the $bugid is still tainted. How do i
> de-taint a number?

detaint_natural($bugid) || ThrowUserError("invalid_bug_id");

You'll have to double-check the error tag, I don't remember them all.  The
errors are in template/en/default/global/user-error.html.tmpl
--
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/
-
To view or change your list settings, click here:
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=mark.ingram at nexsan.com>



From justdave at syndicomm.com  Fri Jul 25 15:20:57 2003
From: justdave at syndicomm.com (David Miller)
Date: Fri, 25 Jul 2003 10:20:57 -0500
Subject: De-tainting a number
In-Reply-To: <p06001a00bb46f73f724b@[204.185.80.225]>
References: <AGEMJAKEHMBHDLCOCBECGEDECAAA.mark.ingram@nexsan.com>
 <p06001a00bb46f73f724b@[204.185.80.225]>
Message-ID: <p06001a01bb46fa25f97f@[204.185.80.177]>

On 7/25/2003 10:05 AM -0500, David Miller wrote:

> On 7/25/2003 3:10 PM +0100, Mark Ingram wrote:
>
>> I have the following line:
>>
>> 	SendSQL("INSERT INTO bugs (reg_test) VALUES (" .
>>SqlQuote($reg_test) . ")
>> WHERE bug_id = $bugid");
>>
>> which isnt working obviously because the $bugid is still tainted. How do i
>> de-taint a number?
>
> detaint_natural($bugid) || ThrowUserError("invalid_bug_id");
>
> You'll have to double-check the error tag, I don't remember them all.  The
> errors are in template/en/default/global/user-error.html.tmpl

You can do "perldoc Bugzilla::Util" from your Bugzilla directory for more
complete documentation on detaint_natural and trick_taint.
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/


From justdave at syndicomm.com  Fri Jul 25 15:22:47 2003
From: justdave at syndicomm.com (David Miller)
Date: Fri, 25 Jul 2003 10:22:47 -0500
Subject: De-tainting a number
In-Reply-To: <AGEMJAKEHMBHDLCOCBECOEDECAAA.mark.ingram@nexsan.com>
References: <AGEMJAKEHMBHDLCOCBECOEDECAAA.mark.ingram@nexsan.com>
Message-ID: <p06001a02bb46fb654492@[204.185.80.177]>

On 7/25/2003 4:15 PM +0100, Mark Ingram wrote:

> There is just one small problem, a $bugid of 37 gets changed to 1 when i try
> it??
>
> I have the following code:
>
> 	my $bug_id = detaint_natural($bugid) ||
>ThrowUserError("invalid_bug_id");
> 	print "bug_id: $bug_id\n<br>bugid: $bugid";
>
> The print out looks like this:
> bug_id: 1
> bugid: 37
>
> Is there any particular reason for this?

Because that's not what I told you to do.  ;)

Here's my original code sample:

> detaint_natural($bugid) || ThrowUserError("invalid_bug_id");

Notice I'm not assigning it to a variable.  The return value is a 0/1 for
whether the value was successfully detainted or not.  If it succeeded,
$bugid will be detainted.  If it did not succeed, $bugid will now be
undefined (which is why you throw an error if it fails).
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/


From mark.ingram at nexsan.com  Fri Jul 25 15:28:11 2003
From: mark.ingram at nexsan.com (Mark Ingram)
Date: Fri, 25 Jul 2003 16:28:11 +0100
Subject: De-tainting a number
In-Reply-To: <p06001a02bb46fb654492@[204.185.80.177]>
Message-ID: <AGEMJAKEHMBHDLCOCBECIEDFCAAA.mark.ingram@nexsan.com>

Ahhhhhhh right :)

cheers Dave.

Best Regards,

Mark Ingram
Software Engineer
Nexsan Technologies
33 - 35 Parker Centre
Mansfield Road
Derby
DE21 4SZ

-----Original Message-----
From: developers-owner at bugzilla.org
[mailto:developers-owner at bugzilla.org]On Behalf Of David Miller
Sent: 25 July 2003 16:23
To: developers at bugzilla.org
Subject: Re: De-tainting a number


On 7/25/2003 4:15 PM +0100, Mark Ingram wrote:

> There is just one small problem, a $bugid of 37 gets changed to 1 when i
try
> it??
>
> I have the following code:
>
> 	my $bug_id = detaint_natural($bugid) ||
>ThrowUserError("invalid_bug_id");
> 	print "bug_id: $bug_id\n<br>bugid: $bugid";
>
> The print out looks like this:
> bug_id: 1
> bugid: 37
>
> Is there any particular reason for this?

Because that's not what I told you to do.  ;)

Here's my original code sample:

> detaint_natural($bugid) || ThrowUserError("invalid_bug_id");

Notice I'm not assigning it to a variable.  The return value is a 0/1 for
whether the value was successfully detainted or not.  If it succeeded,
$bugid will be detainted.  If it did not succeed, $bugid will now be
undefined (which is why you throw an error if it fails).
--
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/
-
To view or change your list settings, click here:
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=mark.ingram at nexsan.com>



From bbaetz at acm.org  Sat Jul 26 00:11:46 2003
From: bbaetz at acm.org (Bradley Baetz)
Date: Sat, 26 Jul 2003 10:11:46 +1000
Subject: De-tainting a number
In-Reply-To: <AGEMJAKEHMBHDLCOCBECGEDECAAA.mark.ingram@nexsan.com>
References: <AGEMJAKEHMBHDLCOCBECGEDECAAA.mark.ingram@nexsan.com>
Message-ID: <20030726001146.GA1229@mango.home>

On Fri, Jul 25, 2003 at 03:10:33PM +0100, Mark Ingram wrote:
> Hi,
> 
> I have the following line:
> 
> 	SendSQL("INSERT INTO bugs (reg_test) VALUES (" . SqlQuote($reg_test) . ")
> WHERE bug_id = $bugid");
> 
> which isnt working obviously because the $bugid is still tainted. How do i
> de-taint a number?

Assuming that this is 2.17, you should be letting DBI do this, and 
doing:

Bugzilla->dbh->do("INSERT INTO bugs (reg_test) VALUES (?) WHERE
bug_id=?", undef, $reg_test, $bugid);

(except that thats not valid SQL)

You do still need to untaint the values first, however.

Bradley


From gerv at mozilla.org  Mon Jul 28 22:49:17 2003
From: gerv at mozilla.org (Gervase Markham)
Date: Mon, 28 Jul 2003 23:49:17 +0100
Subject: Gerv's away
In-Reply-To: <3F258BB1.1000805@mozilla.org>
References: <3F258BB1.1000805@mozilla.org>
Message-ID: <3F25A86D.2000104@mozilla.org>

Gervase Markham wrote:
> Heads up,
> 
> I'm away in France

Oops. That was a dupe, wasn't it? Sorry.

Gerv



From gerv at mozilla.org  Mon Jul 28 20:46:41 2003
From: gerv at mozilla.org (Gervase Markham)
Date: Mon, 28 Jul 2003 21:46:41 +0100
Subject: Gerv's away
Message-ID: <3F258BB1.1000805@mozilla.org>

Heads up,

I'm away in France (doing this: http://www.interaction-france.org) from 
the 29th of July to the 18th of August.

If you have an urgent matter, see 
http://www.gerv.net/hacking/before-you-mail-gerv.html for details of 
people to contact in my absence.

Gerv



From mark.ingram at nexsan.com  Mon Jul 28 08:57:47 2003
From: mark.ingram at nexsan.com (Mark Ingram)
Date: Mon, 28 Jul 2003 09:57:47 +0100
Subject: Transactions?
Message-ID: <AGEMJAKEHMBHDLCOCBECMEDICAAA.mark.ingram@nexsan.com>

Hi,

is it possible todo transactions with the bugzilla code?

i want to add data into 2 tables and obviously dont want to put it into the
1st table and then have it fail on the second table.

im currently using SendSQL to execute database commands.

Best Regards,

Mark Ingram
Software Engineer
Nexsan Technologies
33 - 35 Parker Centre
Mansfield Road
Derby
DE21 4SZ



From mark.ingram at nexsan.com  Mon Jul 28 10:07:42 2003
From: mark.ingram at nexsan.com (Mark Ingram)
Date: Mon, 28 Jul 2003 11:07:42 +0100
Subject: Transactions?
In-Reply-To: <AGEMJAKEHMBHDLCOCBECMEDICAAA.mark.ingram@nexsan.com>
Message-ID: <AGEMJAKEHMBHDLCOCBECIEDMCAAA.mark.ingram@nexsan.com>

Dunno if this message got lost or there is a delay but ive re-sent it:

-------------------

Hi,

is it possible todo transactions with the bugzilla code?

i want to add data into 2 tables and obviously dont want to put it into the
1st table and then have it fail on the second table.

im currently using SendSQL to execute database commands.

Best Regards,

Mark Ingram
Software Engineer
Nexsan Technologies
33 - 35 Parker Centre
Mansfield Road
Derby
DE21 4SZ



From preed at sigkill.com  Tue Jul 29 00:51:16 2003
From: preed at sigkill.com (J. Paul Reed)
Date: Mon, 28 Jul 2003 17:51:16 -0700
Subject: Transactions?
In-Reply-To: <AGEMJAKEHMBHDLCOCBECMEDICAAA.mark.ingram@nexsan.com>; from mark.ingram@nexsan.com on Mon, Jul 28, 2003 at 09:57:47AM +0100
References: <AGEMJAKEHMBHDLCOCBECMEDICAAA.mark.ingram@nexsan.com>
Message-ID: <20030728175116.B10089@sigkill.com>

On 28 Jul 2003 at 09:57:47, Mark Ingram arranged the bits on my disk to say:

> is it possible todo transactions with the bugzilla code?
> 
> i want to add data into 2 tables and obviously dont want to put it into
> the 1st table and then have it fail on the second table.
> 
> im currently using SendSQL to execute database commands.

Is it possible to do transactions with Bugzilla *code*? Sure.

Is it possible to do transactions with the *database* Bugzilla uses? No.

The solution is to use another database; there are bugs for supporting
PostgreSQL (bug 98304) and Sybase (bug 173130) but both of them are in
different stages of bitrot and completion, and thus are of varying degrees
of use.

You *might* be able to get away with using MySQL 4.x, which has
commit/rollback (MySQL developers think this means they have
"transactions"), and see if you can it working that way.

There's not a real easy solution to your problem, unfortunately.

BTW, SendSQL is deprecated.

Later,
Paul
------------------------------------------------------------------------
J. Paul Reed -- 0xDF8708F8 || preed at sigkill.com || web.sigkill.com/preed
To hold on to sanity too tight is insane.   -- Nick Falzone, Pushing Tin

I use PGP; you should use PGP too... if only to piss off John Ashcroft


From justdave at syndicomm.com  Tue Jul 29 03:01:59 2003
From: justdave at syndicomm.com (David Miller)
Date: Mon, 28 Jul 2003 22:01:59 -0500
Subject: Transactions?
In-Reply-To: <AGEMJAKEHMBHDLCOCBECIEDMCAAA.mark.ingram@nexsan.com>
References: <AGEMJAKEHMBHDLCOCBECIEDMCAAA.mark.ingram@nexsan.com>
Message-ID: <p06001a00bb4b93d3f5d6@[204.185.80.177]>

On 7/28/2003 11:07 AM +0100, Mark Ingram wrote:

> Dunno if this message got lost or there is a delay but ive re-sent it:

The server that handles bugzilla.org's mail has been down for the last two
days because I was an idiot and accidently killed it when everyone with a
key to the office to go fix it was a 14 hour drive away.  It just came back
up earlier this evening.
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/


From mark.ingram at nexsan.com  Tue Jul 29 08:00:27 2003
From: mark.ingram at nexsan.com (Mark Ingram)
Date: Tue, 29 Jul 2003 09:00:27 +0100
Subject: Transactions?
In-Reply-To: <20030728175116.B10089@sigkill.com>
Message-ID: <AGEMJAKEHMBHDLCOCBECMEEBCAAA.mark.ingram@nexsan.com>

> BTW, SendSQL is deprecated.

Oooh right, whats the format for executing database calls now then? Does
this mean MoreSQLData() and FetchSQLData() are depreciated too?

Best Regards,

Mark Ingram
Software Engineer
Nexsan Technologies
33 - 35 Parker Centre
Mansfield Road
Derby
DE21 4SZ



-----Original Message-----
From: developers-owner at bugzilla.org
[mailto:developers-owner at bugzilla.org]On Behalf Of J. Paul Reed
Sent: 29 July 2003 01:51
To: developers at bugzilla.org
Subject: Re: Transactions?


On 28 Jul 2003 at 09:57:47, Mark Ingram arranged the bits on my disk to say:

> is it possible todo transactions with the bugzilla code?
>
> i want to add data into 2 tables and obviously dont want to put it into
> the 1st table and then have it fail on the second table.
>
> im currently using SendSQL to execute database commands.

Is it possible to do transactions with Bugzilla *code*? Sure.

Is it possible to do transactions with the *database* Bugzilla uses? No.

The solution is to use another database; there are bugs for supporting
PostgreSQL (bug 98304) and Sybase (bug 173130) but both of them are in
different stages of bitrot and completion, and thus are of varying degrees
of use.

You *might* be able to get away with using MySQL 4.x, which has
commit/rollback (MySQL developers think this means they have
"transactions"), and see if you can it working that way.

There's not a real easy solution to your problem, unfortunately.

BTW, SendSQL is deprecated.

Later,
Paul
------------------------------------------------------------------------
J. Paul Reed -- 0xDF8708F8 || preed at sigkill.com || web.sigkill.com/preed
To hold on to sanity too tight is insane.   -- Nick Falzone, Pushing Tin

I use PGP; you should use PGP too... if only to piss off John Ashcroft
-
To view or change your list settings, click here:
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=mark.ingram at nexsan.com>



From mark.ingram at nexsan.com  Tue Jul 29 08:26:28 2003
From: mark.ingram at nexsan.com (Mark Ingram)
Date: Tue, 29 Jul 2003 09:26:28 +0100
Subject: Email
Message-ID: <AGEMJAKEHMBHDLCOCBECOEECCAAA.mark.ingram@nexsan.com>

Hi,

ive added a new group to the system called client_cc (based on the existing
cc). When a bug is closed i want to send a different email to this group (i
already have a parameter detailing the layout of the email) saying in polite
terms that the bug has been fixed, thanks for your interest etc.

Whats the best way of getting the email sent?
I checked out BugMail.pm but didnt know where to start really. Do i need to
make changes in there for my new group or is it just a case of passing
through the group name as a parameter?

Any help much appreciated.

Best Regards,

Mark Ingram
Software Engineer
Nexsan Technologies
33 - 35 Parker Centre
Mansfield Road
Derby
DE21 4SZ




From bbaetz at acm.org  Tue Jul 29 09:17:32 2003
From: bbaetz at acm.org (Bradley Baetz)
Date: Tue, 29 Jul 2003 19:17:32 +1000
Subject: Transactions?
In-Reply-To: <AGEMJAKEHMBHDLCOCBECMEEBCAAA.mark.ingram@nexsan.com>
References: <20030728175116.B10089@sigkill.com> <AGEMJAKEHMBHDLCOCBECMEEBCAAA.mark.ingram@nexsan.com>
Message-ID: <20030729091732.GA1306@mango.home>

On Tue, Jul 29, 2003 at 09:00:27AM +0100, Mark Ingram wrote:
> > BTW, SendSQL is deprecated.
> 
> Oooh right, whats the format for executing database calls now then? Does
> this mean MoreSQLData() and FetchSQLData() are depreciated too?

Yep, as is SqlQuote. You can now just use the DBI natively instead - the
dbh is Bugzilla->dbh.

One of the reasons for that was so that we could get to use
transactions, as well as perf improvments.

Bradley


From mark.ingram at nexsan.com  Tue Jul 29 09:19:31 2003
From: mark.ingram at nexsan.com (Mark Ingram)
Date: Tue, 29 Jul 2003 10:19:31 +0100
Subject: Transactions?
In-Reply-To: <20030729091732.GA1306@mango.home>
Message-ID: <AGEMJAKEHMBHDLCOCBECKEEDCAAA.mark.ingram@nexsan.com>

Have you got a quick example / somewhere for me to look at using that?

i searched the directory for bugzilla->dbh but the only results where in the
.pm files?

Best Regards,

Mark Ingram
Software Engineer
Nexsan Technologies
33 - 35 Parker Centre
Mansfield Road
Derby
DE21 4SZ



-----Original Message-----
From: developers-owner at bugzilla.org
[mailto:developers-owner at bugzilla.org]On Behalf Of Bradley Baetz
Sent: 29 July 2003 10:18
To: developers at bugzilla.org
Subject: Re: Transactions?


On Tue, Jul 29, 2003 at 09:00:27AM +0100, Mark Ingram wrote:
> > BTW, SendSQL is deprecated.
>
> Oooh right, whats the format for executing database calls now then? Does
> this mean MoreSQLData() and FetchSQLData() are depreciated too?

Yep, as is SqlQuote. You can now just use the DBI natively instead - the
dbh is Bugzilla->dbh.

One of the reasons for that was so that we could get to use
transactions, as well as perf improvments.

Bradley
-
To view or change your list settings, click here:
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=mark.ingram at nexsan.com>



From bbaetz at acm.org  Tue Jul 29 10:20:42 2003
From: bbaetz at acm.org (Bradley Baetz)
Date: Tue, 29 Jul 2003 20:20:42 +1000
Subject: Transactions?
In-Reply-To: <AGEMJAKEHMBHDLCOCBECKEEDCAAA.mark.ingram@nexsan.com>
References: <20030729091732.GA1306@mango.home> <AGEMJAKEHMBHDLCOCBECKEEDCAAA.mark.ingram@nexsan.com>
Message-ID: <20030729102042.GA1580@mango.home>

On Tue, Jul 29, 2003 at 10:19:31AM +0100, Mark Ingram wrote:
> Have you got a quick example / somewhere for me to look at using that?
> 
> i searched the directory for bugzilla->dbh but the only results where in the
> .pm files?

Yeah, I don't think any of the .cgi files in cvs use it. The concept
is the same, although you'll need to |use Bugzilla| first, of course.

Bradley


From gerv at mozilla.org  Mon Jul 28 15:01:10 2003
From: gerv at mozilla.org (Gervase Markham)
Date: Mon, 28 Jul 2003 16:01:10 +0100
Subject: Holiday notification
Message-ID: <3F253AB6.7030708@mozilla.org>

I'm away helping on holiday camps for kids (see 
http://www.interaction-france.org for info, and to criticise my 
web-design skills) from the 29th of July to the 18th of August, and so 
will be email and web-less for this time.

Gerv



From preed at sigkill.com  Tue Jul 29 08:36:28 2003
From: preed at sigkill.com (J. Paul Reed)
Date: Tue, 29 Jul 2003 01:36:28 -0700
Subject: Email
In-Reply-To: <AGEMJAKEHMBHDLCOCBECOEECCAAA.mark.ingram@nexsan.com>; from mark.ingram@nexsan.com on Tue, Jul 29, 2003 at 09:26:28AM +0100
References: <AGEMJAKEHMBHDLCOCBECOEECCAAA.mark.ingram@nexsan.com>
Message-ID: <20030729013628.B11605@sigkill.com>

On 29 Jul 2003 at 09:26:28, Mark Ingram arranged the bits on my disk to say:

> Whats the best way of getting the email sent?
> I checked out BugMail.pm but didnt know where to start really. Do i need to
> make changes in there for my new group or is it just a case of passing
> through the group name as a parameter?

Since you'll want this done when bugs are updated, you'll probably want to
look through BugMail.pm. Poke around ProcessOneBug and NewProcessOnePerson.

Later,
Paul
------------------------------------------------------------------------
J. Paul Reed -- 0xDF8708F8 || preed at sigkill.com || web.sigkill.com/preed
To hold on to sanity too tight is insane.   -- Nick Falzone, Pushing Tin

I use PGP; you should use PGP too... if only to piss off John Ashcroft


From preed at sigkill.com  Tue Jul 29 08:27:51 2003
From: preed at sigkill.com (J. Paul Reed)
Date: Tue, 29 Jul 2003 01:27:51 -0700
Subject: Transactions?
In-Reply-To: <AGEMJAKEHMBHDLCOCBECMEEBCAAA.mark.ingram@nexsan.com>; from mark.ingram@nexsan.com on Tue, Jul 29, 2003 at 09:00:27AM +0100
References: <20030728175116.B10089@sigkill.com> <AGEMJAKEHMBHDLCOCBECMEEBCAAA.mark.ingram@nexsan.com>
Message-ID: <20030729012751.A11605@sigkill.com>

On 29 Jul 2003 at 09:00:27, Mark Ingram arranged the bits on my disk to say:

> > BTW, SendSQL is deprecated.
> 
> Oooh right, whats the format for executing database calls now then? Does
> this mean MoreSQLData() and FetchSQLData() are depreciated too?

Yes.

Use the standard Perl DBI methods now. There's a little bit of
documentation in Bugzilla/DB.pm (run "perldoc
path/to/installation/Bugzilla/DB.pm" to see it.)

bbaetz would have all the details on this; I don't know if you can use just
standard DBI calls and it all works, or if there's something else you need
to do, too.

Later,
Paul
------------------------------------------------------------------------
J. Paul Reed -- 0xDF8708F8 || preed at sigkill.com || web.sigkill.com/preed
To hold on to sanity too tight is insane.   -- Nick Falzone, Pushing Tin

I use PGP; you should use PGP too... if only to piss off John Ashcroft


From ludovic at netratings.com  Tue Jul 29 20:47:10 2003
From: ludovic at netratings.com (Ludovic Dubost)
Date: Tue, 29 Jul 2003 22:47:10 +0200
Subject: Newer custom fields patch
In-Reply-To: <20030718010714.ED9D3BD81@diggity.schwag.org>
References: <20030718010714.ED9D3BD81@diggity.schwag.org>
Message-ID: <3F26DD4E.6010106@netratings.com>


Hi Sean and the list,

I'm currently looking at your new custom fields patch and have some
questions about it.
First, We are using at our company the custom fields patch in bug 91037
on an older bugzilla version.
Since we want to customize the interface much more than allowed in the
older bugzilla versions, we are looking to switch to the more recent
versions.

Since your patch seems to be designed with templates and integrated in
v. 2.17.4, I'm quite interested in it.
So the first question would be:

- what's the chance to see this patch in a mainstream release of
bugzilla ? (2.19 ?)
- how far away from primetime is this patch to be at least usable and
minimize the migration work to the mainstream release ?
- is it already possible to use 'global' fields and 'group fields'
associated to multiple products ? It seems the admin interface is not
complete on this part, but is the rest of the code ok if I modify the
database directly ?
- have you planned any migration from the older custom field patch ?
- how can I help ?

Also, I'm thinking about some enhancements which would be needed for
additional features we need to build.

Let me explain:

- We are using bugzilla not only as a bug tracking tool, but more
generally as a task tracking tool as well as a project management tool.
- In particular we would need to have a notion of project which would
have additional fields (and some hidden) and where the dependency tree
would get a proeminent place..

I see that this patch has an interesting architecture that could help:

- If I add a generic field for bug types: bug, task, issue, idea,
project, other
  -> this could be a general field
  -> or a custom field itself
- If I add a notion of custom fields linked to the specific values of a
field
- I would need also to add the ability to have specific visualisation
and search templates for types of bugs.
   -> Standard templates for everything
   -> Specific SHOW/EDIT/SEARCH templates for 'project' bugs
-> Modification of the Home Page and  Footers to have a specific entry
view for projects.

Let me know what you think and if you don't think this is too crazy ?
Anyway, great job on the patch..

Ludovic

Sean McAfee wrote:

>Attached is a patch against bugzilla-2.17.4 that provides custom field
>capabilities.  It's the same as my previous custom fields patch, with the
>addition of query functionality.
>
>Querying custom fields using boolean charts is not yet possible, but it
>shouldn't be too difficult to add.
>
>All of my previous comments/warnings apply.  Comments welcome.
>
>
>  
>
>------------------------------------------------------------------------
>
>-
>To view or change your list settings, click here:
><http://bugzilla.org/cgi-bin/mj_wwwusr?user=ludovic at netvalue.com>
>  
>





From JWilmoth at starbucks.com  Tue Jul 29 22:18:16 2003
From: JWilmoth at starbucks.com (Jon Wilmoth)
Date: Tue, 29 Jul 2003 15:18:16 -0700
Subject: Newer custom fields patch
Message-ID: <E2291D136BD35647A074B1053785B05B02C4E42A@seams042.starbucks.net>


Bug # 9412 (http://bugzilla.mozilla.org/show_bug.cgi?id=9412) already
covers the bug/issue type field.  While it was suggested it could be
implemented as a custom field, I agree with the other comments on that
bug that classification is a core feature which should receive native
support.

-----Original Message-----
From: Ludovic Dubost [mailto:ludovic at netratings.com] 
Sent: Tuesday, July 29, 2003 1:47 PM
To: developers at bugzilla.org
Subject: Re: Newer custom fields patch


Hi Sean and the list,

I'm currently looking at your new custom fields patch and have some
questions about it.
First, We are using at our company the custom fields patch in bug 91037
on an older bugzilla version.
Since we want to customize the interface much more than allowed in the
older bugzilla versions, we are looking to switch to the more recent
versions.

Since your patch seems to be designed with templates and integrated in
v. 2.17.4, I'm quite interested in it.
So the first question would be:

- what's the chance to see this patch in a mainstream release of
bugzilla ? (2.19 ?)
- how far away from primetime is this patch to be at least usable and
minimize the migration work to the mainstream release ?
- is it already possible to use 'global' fields and 'group fields'
associated to multiple products ? It seems the admin interface is not
complete on this part, but is the rest of the code ok if I modify the
database directly ?
- have you planned any migration from the older custom field patch ?
- how can I help ?

Also, I'm thinking about some enhancements which would be needed for
additional features we need to build.

Let me explain:

- We are using bugzilla not only as a bug tracking tool, but more
generally as a task tracking tool as well as a project management tool.
- In particular we would need to have a notion of project which would
have additional fields (and some hidden) and where the dependency tree
would get a proeminent place..

I see that this patch has an interesting architecture that could help:

- If I add a generic field for bug types: bug, task, issue, idea,
project, other
  -> this could be a general field
  -> or a custom field itself
- If I add a notion of custom fields linked to the specific values of a
field
- I would need also to add the ability to have specific visualisation
and search templates for types of bugs.
   -> Standard templates for everything
   -> Specific SHOW/EDIT/SEARCH templates for 'project' bugs
-> Modification of the Home Page and  Footers to have a specific entry
view for projects.

Let me know what you think and if you don't think this is too crazy ?
Anyway, great job on the patch..

Ludovic

Sean McAfee wrote:

>Attached is a patch against bugzilla-2.17.4 that provides custom field
>capabilities.  It's the same as my previous custom fields patch, with
the
>addition of query functionality.
>
>Querying custom fields using boolean charts is not yet possible, but it
>shouldn't be too difficult to add.
>
>All of my previous comments/warnings apply.  Comments welcome.
>
>
>  
>
>-----------------------------------------------------------------------
-
>
>-
>To view or change your list settings, click here:
><http://bugzilla.org/cgi-bin/mj_wwwusr?user=ludovic at netvalue.com>
>  
>



-
To view or change your list settings, click here:
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=jwilmoth at starbucks.com>



From stew_ at yahoo.com  Thu Jul 31 19:52:06 2003
From: stew_ at yahoo.com (Craig Stewart)
Date: Thu, 31 Jul 2003 12:52:06 -0700 (PDT)
Subject: Newer custom fields patch
In-Reply-To: <E2291D136BD35647A074B1053785B05B02C4E42A@seams042.starbucks.net>
Message-ID: <20030731195206.73747.qmail@web41004.mail.yahoo.com>

Sean,

I tried to get onto the archive of this list to
download the custom fields attachment to 2.17.4, but
when running the executable, it errored out on a Win2K
machine.  Is there any way you could email me or post
this as a patch instead of the .exe (or tell me I'm
blind because it's posted as a patch attached to a
bug...I checked 91037 & it wasn't there)?

Thanks,
Craig
 
> -----Original Message-----
> From: Ludovic Dubost [mailto:ludovic at netratings.com]
> 
> Sent: Tuesday, July 29, 2003 1:47 PM
> To: developers at bugzilla.org
> Subject: Re: Newer custom fields patch
> 
> 
> Hi Sean and the list,
> 
> I'm currently looking at your new custom fields
> patch and have some
> questions about it.
> First, We are using at our company the custom fields
> patch in bug 91037
> on an older bugzilla version.
> Since we want to customize the interface much more
> than allowed in the
> older bugzilla versions, we are looking to switch to
> the more recent
> versions.
> 
> Since your patch seems to be designed with templates
> and integrated in
> v. 2.17.4, I'm quite interested in it.
> So the first question would be:
> 
> - what's the chance to see this patch in a
> mainstream release of
> bugzilla ? (2.19 ?)
> - how far away from primetime is this patch to be at
> least usable and
> minimize the migration work to the mainstream
> release ?
> - is it already possible to use 'global' fields and
> 'group fields'
> associated to multiple products ? It seems the admin
> interface is not
> complete on this part, but is the rest of the code
> ok if I modify the
> database directly ?
> - have you planned any migration from the older
> custom field patch ?
> - how can I help ?
> 
> Also, I'm thinking about some enhancements which
> would be needed for
> additional features we need to build.
> 
> Let me explain:
> 
> - We are using bugzilla not only as a bug tracking
> tool, but more
> generally as a task tracking tool as well as a
> project management tool.
> - In particular we would need to have a notion of
> project which would
> have additional fields (and some hidden) and where
> the dependency tree
> would get a proeminent place..
> 
> I see that this patch has an interesting
> architecture that could help:
> 
> - If I add a generic field for bug types: bug, task,
> issue, idea,
> project, other
>   -> this could be a general field
>   -> or a custom field itself
> - If I add a notion of custom fields linked to the
> specific values of a
> field
> - I would need also to add the ability to have
> specific visualisation
> and search templates for types of bugs.
>    -> Standard templates for everything
>    -> Specific SHOW/EDIT/SEARCH templates for
> 'project' bugs
> -> Modification of the Home Page and  Footers to
> have a specific entry
> view for projects.
> 
> Let me know what you think and if you don't think
> this is too crazy ?
> Anyway, great job on the patch..
> 
> Ludovic
> 
> Sean McAfee wrote:
> 
> >Attached is a patch against bugzilla-2.17.4 that
> provides custom field
> >capabilities.  It's the same as my previous custom
> fields patch, with
> the
> >addition of query functionality.
> >
> >Querying custom fields using boolean charts is not
> yet possible, but it
> >shouldn't be too difficult to add.
> >
> >All of my previous comments/warnings apply. 
> Comments welcome.
> >
> >
> >  
> >
>
>-----------------------------------------------------------------------
> -
> >
> >-
> >To view or change your list settings, click here:
>
><http://bugzilla.org/cgi-bin/mj_wwwusr?user=ludovic at netvalue.com>
> >  
> >
> 
> 
> 
> -
> To view or change your list settings, click here:
>
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=jwilmoth at starbucks.com>
> 
> -
> To view or change your list settings, click here:
>
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=stew_ at yahoo.com>


__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com


From caseyg at chsamerica.com  Thu Jul 31 20:56:03 2003
From: caseyg at chsamerica.com (Casey Gregoire)
Date: Thu, 31 Jul 2003 16:56:03 -0400
Subject: LDAP
Message-ID: <C3EB95A31BDAD511827C00B0D0F95AF5929733@BUCKWHEAT>

Does anyone know the current State of the LDAP authentication in Bugzilla
2.17.4? I was looking at the docs and it says be cautious.
 
Thank you,
            Casey Gregoire
            Programmer
            CHS of America
            100 1st Ave S. Suite 601
            St. Petersburg, FL 33701
            Phone - (727) 824-0800 ext 1236

Every great achievement was once impossible. -- Anonymous
I'd like to get started on time, if we can, inasmuch as we're late already.
-- Larry Gelbart
Nothing is accomplished without passion. -- My Fortune Cookie
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bugzilla.org/pipermail/developers/attachments/20030731/7ddc94f0/attachment.html>

From mike.morgan at oregonstate.edu  Thu Jul 31 21:03:08 2003
From: mike.morgan at oregonstate.edu (Morgan, Mike)
Date: Thu, 31 Jul 2003 14:03:08 -0700
Subject: LDAP
Message-ID: <8D4D06C3F0E9934AB4DE7729DFA7CA3E4C17F4@mtshasta.nws.oregonstate.edu>

Casey,

LDAP works great if you use 2.17.4 and you configure the parameters
correctly.  When you test, make sure you have the right Perl modules
installed.

At Oregon State University we use a 2.17.4 install that uses our central
LDAP server for authentication (which is used for many other services).
It uses an encrypted connection and works great for us.

Regards,
Mike Morgan


-----Original Message-----
From: Casey Gregoire [mailto:caseyg at chsamerica.com] 
Sent: Thursday, July 31, 2003 1:56 PM
To: Bugzilla Developers (E-mail)
Subject: LDAP


Does anyone know the current State of the LDAP authentication in
Bugzilla 2.17.4? I was looking at the docs and it says be cautious.
 
Thank you,
            Casey Gregoire
            Programmer
            CHS of America
            100 1st Ave S. Suite 601
            St. Petersburg, FL 33701
            Phone - (727) 824-0800 ext 1236

Every great achievement was once impossible. -- Anonymous
I'd like to get started on time, if we can, inasmuch as we're late
already. -- Larry Gelbart
Nothing is accomplished without passion. -- My Fortune Cookie
 



From justdave at syndicomm.com  Thu Jul 31 21:02:35 2003
From: justdave at syndicomm.com (David Miller)
Date: Thu, 31 Jul 2003 17:02:35 -0400
Subject: LDAP
In-Reply-To: <C3EB95A31BDAD511827C00B0D0F95AF5929733@BUCKWHEAT>
References: <C3EB95A31BDAD511827C00B0D0F95AF5929733@BUCKWHEAT>
Message-ID: <p06001a02bb4f3412943b@[192.168.1.204]>

On 7/31/2003 4:56 PM -0400, Casey Gregoire wrote:

> Does anyone know the current State of the LDAP authentication in Bugzilla
>2.17.4? I was looking at the docs and it says be cautious.

What's in 2.17.4 should work pretty good now.  I'm not sure if the docs
were updated since the Auth stuff was redone.  It uses Net::LDAP now, and
does proper error checking and so forth (as far as I know).
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/


From mike.morgan at oregonstate.edu  Thu Jul 31 21:13:14 2003
From: mike.morgan at oregonstate.edu (Morgan, Mike)
Date: Thu, 31 Jul 2003 14:13:14 -0700
Subject: LDAP
Message-ID: <8D4D06C3F0E9934AB4DE7729DFA7CA3E080FAA@mtshasta.nws.oregonstate.edu>

Casey,

Forgot to add that if you want to use an encrypted connection  between
Bugzilla and your LDAP server (which I would definitely recommend if
these passwords are used for other services), you'd have to use the
start_tls() function that is a part of Net::LDAP inside of
./Bugzilla/Auth/LDAP.pm.

Additionally, in case you'd like to take a look at our copy, I've sent
it to your email address.

Regards,
Mike Morgan

-----Original Message-----
From: Morgan, Mike 
Sent: Thursday, July 31, 2003 2:03 PM
To: developers at bugzilla.org
Subject: Re: LDAP


Casey,

LDAP works great if you use 2.17.4 and you configure the parameters
correctly.  When you test, make sure you have the right Perl modules
installed.

At Oregon State University we use a 2.17.4 install that uses our central
LDAP server for authentication (which is used for many other services).
It uses an encrypted connection and works great for us.

Regards,
Mike Morgan


-----Original Message-----
From: Casey Gregoire [mailto:caseyg at chsamerica.com] 
Sent: Thursday, July 31, 2003 1:56 PM
To: Bugzilla Developers (E-mail)
Subject: LDAP


Does anyone know the current State of the LDAP authentication in
Bugzilla 2.17.4? I was looking at the docs and it says be cautious.
 
Thank you,
            Casey Gregoire
            Programmer
            CHS of America
            100 1st Ave S. Suite 601
            St. Petersburg, FL 33701
            Phone - (727) 824-0800 ext 1236

Every great achievement was once impossible. -- Anonymous
I'd like to get started on time, if we can, inasmuch as we're late
already. -- Larry Gelbart Nothing is accomplished without passion. -- My
Fortune Cookie
 

-
To view or change your list settings, click here:
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=mike.morgan at oregonstate.edu>



From ludovic at netratings.com  Tue Jul 29 20:33:42 2003
From: ludovic at netratings.com (Ludovic Dubost)
Date: Tue, 29 Jul 2003 22:33:42 +0200
Subject: Newer custom fields patch
In-Reply-To: <20030718010714.ED9D3BD81@diggity.schwag.org>
References: <20030718010714.ED9D3BD81@diggity.schwag.org>
Message-ID: <3F26DA26.9040501@netratings.com>


Hi Sean and the list,

I'm currently looking at your new custom fields patch and have some 
questions about it.
First, We are using at our company the custom fields patch in bug 91037 
on an older bugzilla version.
Since we want to customize the interface much more than allowed in the 
older bugzilla versions, we are looking to switch to the more recent 
versions.

Since your patch seems to be designed with templates and integrated in 
v. 2.17.4, I'm quite interested in it.
So the first question would be:

- what's the chance to see this patch in a mainstream release of 
bugzilla ? (2.19 ?)
- how far away from primetime is this patch to be at least usable and 
minimize the migration work to the mainstream release ?
- is it already possible to use 'global' fields and 'group fields' 
associated to multiple products ? It seems the admin interface is not 
complete on this part, but is the rest of the code ok if I modify the 
database directly ?
- have you planned any migration from the older custom field patch ?
- how can I help ?

Also, I'm thinking about some enhancements which would be needed for 
additional features we need to build.

Let me explain:

- We are using bugzilla not only as a bug tracking tool, but more 
generally as a task tracking tool as well as a project management tool.
- In particular we would need to have a notion of project which would 
have additional fields (and some hidden) and where the dependency tree 
would get a proeminent place..

I see that this patch has an interesting architecture that could help:

- If I add a generic field for bug types: bug, task, issue, idea, 
project, other
  -> this could be a general field
  -> or a custom field itself
- If I add a notion of custom fields linked to the specific values of a 
field
- I would need also to add the ability to have specific visualisation 
and search templates for types of bugs.
   -> Standard templates for everything
   -> Specific SHOW/EDIT/SEARCH templates for 'project' bugs
-> Modification of the Home Page and  Footers to have a specific entry 
view for projects.

Let me know what you think and if you don't think this is too crazy ?
Anyway, great job on the patch..

Ludovic

Sean McAfee wrote:

>Attached is a patch against bugzilla-2.17.4 that provides custom field
>capabilities.  It's the same as my previous custom fields patch, with the
>addition of query functionality.
>
>Querying custom fields using boolean charts is not yet possible, but it
>shouldn't be too difficult to add.
>
>All of my previous comments/warnings apply.  Comments welcome.
>
>
>  
>
>------------------------------------------------------------------------
>
>-
>To view or change your list settings, click here:
><http://bugzilla.org/cgi-bin/mj_wwwusr?user=ludovic at netvalue.com>
>  
>