From jochen.wiedmann at gmail.com Sun Aug 2 01:19:32 2009 From: jochen.wiedmann at gmail.com (Jochen Wiedmann) Date: Sun, 2 Aug 2009 03:19:32 +0200 Subject: Announce: BZ::Client 1.0 Message-ID: Hi, I'd like to announce the availability of BZ::Client on CPAN. BZ::Client is a client library for the Bugzilla Webservices API. It provides an object oriented API, which is relatively close to the server side API, but hides the XML-RPC related details completely. Jochen -- Base64 decoding, 300% faster than sun.misc.BASE64Decoder: http://archive.netbsd.se/?ml=commons-dev&a=2008-05&t=7522166 From itamar at ispbrasil.com.br Sun Aug 2 23:39:42 2009 From: itamar at ispbrasil.com.br (Itamar Reis Peixoto) Date: Sun, 2 Aug 2009 20:39:42 -0300 Subject: Help Required for Bugzilla Installation on Windows In-Reply-To: <6e38ab950907310600s78338b2bg55b15901b71de171@mail.gmail.com> References: <6e38ab950907310600s78338b2bg55b15901b71de171@mail.gmail.com> Message-ID: installing in windows is a hard work. in linux (fedora) for example you can setup bugzilla in less than 5 minutes. On Fri, Jul 31, 2009 at 10:00 AM, NIKHIL GAUTAM wrote: > Hi There, > > I was looking after salient features of Bugzilla and I found it very > effective tool in Bug tracking. So I decided to check for the tool. I am > using windows XP SP2. I tried to follow the steps for Win32 Installation: > https://wiki.mozilla.org/Bugzilla:Win32Install#Installing_Bugzilla_From_CVS > > I downloaded and install CVSNT client tool but while logging to server i got > the following message: > Microsoft Windows XP [Version 5.1.2600] > (C) Copyright 1985-2001 Microsoft Corp. > C:\>set CVSROOT=:pserver:anonymous at cvs-mirror.mozilla.org:/cvsroot > C:\>cvs login > Logging in to :pserver:anonymous at cvs-mirror.mozilla.org:2401:/cvsroot > CVS Password: > connect to cvs-mirror.mozilla.org:2401 failed: A connection attempt failed > becau > se the connected party did not properly respond after a period of time, or > estab > lished connection failed because connected host has failed to respond. > C:\> > > > > Can anybody help me on this issue that why I am unable to Login to the > server as I am unable to download the tool to windows. > > I would highly appreciate your resposne to solve my issue. Thanks in > Advance. > -- > Nikhil Gautam > -- ------------ Itamar Reis Peixoto e-mail/msn: itamar at ispbrasil.com.br sip: itamar at ispbrasil.com.br skype: itamarjp icq: 81053601 +55 11 4063 5033 +55 34 3221 8599 From powellc at powelltechs.com Sun Aug 2 23:47:47 2009 From: powellc at powelltechs.com (Charlie Powell) Date: Sun, 2 Aug 2009 19:47:47 -0400 (EDT) Subject: Help Required for Bugzilla Installation on Windows In-Reply-To: Message-ID: <321492552.751249256867146.JavaMail.root@zimbra> Yeah, if you want to test out the features of BZ, I'd be partial to suggest grabbing VirtualBox from Sun, installing that on your windows machine, then running some Linux OS as a virtual machine. May save a lot of time and headaches, as I know Perl and win32 don't play together extremely nicely all the time. Other then that, the error message you received looks like cvs-mirror.mozilla.org doesn't exist, probably because it doesn't. Instead of downloading the newest source version, just grab the 3.4 package. ----- Original Message ----- From: "Itamar Reis Peixoto" To: developers at bugzilla.org Cc: support-bugzilla at lists.mozilla.org, ag at effectsoft.com Sent: Sunday, August 2, 2009 7:39:42 PM GMT -05:00 US/Canada Eastern Subject: Re: Help Required for Bugzilla Installation on Windows installing in windows is a hard work. in linux (fedora) for example you can setup bugzilla in less than 5 minutes. On Fri, Jul 31, 2009 at 10:00 AM, NIKHIL GAUTAM wrote: > Hi There, > > I was looking after salient features of Bugzilla and I found it very > effective tool in Bug tracking. So I decided to check for the tool. I am > using windows XP SP2. I tried to follow the steps for Win32 Installation: > https://wiki.mozilla.org/Bugzilla:Win32Install#Installing_Bugzilla_From_CVS > > I downloaded and install CVSNT client tool but while logging to server i got > the following message: > Microsoft Windows XP [Version 5.1.2600] > (C) Copyright 1985-2001 Microsoft Corp. > C:\>set CVSROOT=:pserver:anonymous at cvs-mirror.mozilla.org:/cvsroot > C:\>cvs login > Logging in to :pserver:anonymous at cvs-mirror.mozilla.org:2401:/cvsroot > CVS Password: > connect to cvs-mirror.mozilla.org:2401 failed: A connection attempt failed > becau > se the connected party did not properly respond after a period of time, or > estab > lished connection failed because connected host has failed to respond. > C:\> > > > > Can anybody help me on this issue that why I am unable to Login to the > server as I am unable to download the tool to windows. > > I would highly appreciate your resposne to solve my issue. Thanks in > Advance. > -- > Nikhil Gautam > -- ------------ Itamar Reis Peixoto e-mail/msn: itamar at ispbrasil.com.br sip: itamar at ispbrasil.com.br skype: itamarjp icq: 81053601 +55 11 4063 5033 +55 34 3221 8599 - To view or change your list settings, click here: -------------- next part -------------- An HTML attachment was scrubbed... URL: From mkanat at bugzilla.org Mon Aug 3 00:18:45 2009 From: mkanat at bugzilla.org (Max Kanat-Alexander) Date: Sun, 02 Aug 2009 17:18:45 -0700 Subject: Help Required for Bugzilla Installation on Windows In-Reply-To: <6e38ab950907310600s78338b2bg55b15901b71de171@mail.gmail.com> References: <6e38ab950907310600s78338b2bg55b15901b71de171@mail.gmail.com> Message-ID: <4A762CE5.9090305@bugzilla.org> Hi Nikhil. This mailing list is not the right place to get Bugzilla support. The correct places are listed on: http://www.bugzilla.org/support/ -Max -- http://www.everythingsolved.com/ Competent, Friendly Bugzilla and Perl Services. Everything Else, too. From mkanat at bugzilla.org Mon Aug 3 00:19:15 2009 From: mkanat at bugzilla.org (Max Kanat-Alexander) Date: Sun, 02 Aug 2009 17:19:15 -0700 Subject: Announce: BZ::Client 1.0 In-Reply-To: References: Message-ID: <4A762D03.6020601@bugzilla.org> Jochen Wiedmann wrote: > I'd like to announce the availability of BZ::Client on CPAN. > BZ::Client is a client library for the Bugzilla Webservices API. It > provides an object oriented API, which is relatively close to the > server side API, but hides the XML-RPC related details completely. Great!! Maybe in the future Bugzilla itself will actually use this module to access other Bugzillas. :-) -Max -- http://www.everythingsolved.com/ Competent, Friendly Bugzilla and Perl Services. Everything Else, too. From olivier.berger at it-sudparis.eu Tue Aug 4 12:30:15 2009 From: olivier.berger at it-sudparis.eu (Olivier Berger) Date: Tue, 04 Aug 2009 14:30:15 +0200 Subject: Mapping bugzilla bugs to RDF as EvoOnt BOM ontology : RFC Message-ID: <1249389015.18489.33.camel@hortense> Hello. (I was not subscribed to the list, and started over to overcome moderation issues, sorry for potential duplicate, then.) FYI, as part of our work on the Helios project [0], we've devised a prototype of a small app based on triplify [1] to export data about Bugzilla bugs as RDF, using the EvoOnt BOM [2] ontology (and extensions). We now have a prototype which can take a Bugzilla's DB and output RDF, that will model relationships between people, bugs, comments, together with some bugs properties. We'd like to ask for review of interested people, and maybe try and attract interest of bugzilla owners that would be willing to test this, in order to validate the use of the ontologies, and see if we can contribute to the Semantic Web and LinkedData [3]. Ultimately, we seek at improving the work of OpenSource maintainers in allowing bug data to be found on the Semantic Web, in order to facilitate the development of applications through the interoperability offered by RDF and standard ontologies. Example of such applications could be the monitoring of remote bugs status changes (thanks to the recently added "see also" feature in bugzilla 3.4 ;), much like what bts-link does in Debian. You'll find more details at : https://picoforge.int-evry.fr/cgi-bin/twiki/view/Helios_wp3/Web/TriplifyBugzillaToRdf and a protoype online at : http://kilauea.int-evry.fr:8081/triplify/bugzilla/ (starting point here for instance : http://kilauea.int-evry.fr:8081/triplify/bugzilla/person/1 ) Of course, RDF triples are best viewed with appropriate tools like Firefox plugins like Tabulator. Btw, there's a maybe more realistic prototype working on Debian bugs data available at : http://kilauea.int-evry.fr:8081/triplify/UDD/ (more details here : https://picoforge.int-evry.fr/cgi-bin/twiki/view/Helios_wp3/Web/TriplifyUddToRdf ) Should you whish to test triplify on your Bugzilla, the code is available here : [4]. Any comments, remarks, and flames (yes, triplify is PHP ;) much welcome. Best regards, [0] : https://picoforge.int-evry.fr/cgi-bin/twiki/view/Helios_wp3/Web/ [1] : http://triplify.org/ [2] : http://www.ifi.uzh.ch/ddis/evo/ [3] : http://LinkedData.org/ [4] : http://picoforge.int-evry.fr/websvn/listing.php?repname=helios_wp3&path=%2Ftrunk%2Ftriplify%2Fbugzilla%2F&rev=0&sc=0 P.S.: all our development are to be published as Free Software, btw. -- Olivier BERGER http://www-public.it-sudparis.eu/~berger_o/ - OpenPGP-Id: 1024D/6B829EEC Ing?nieur Recherche - Dept INF Institut TELECOM, SudParis (http://www.it-sudparis.eu/), Evry (France) From olivier.berger at it-sudparis.eu Tue Aug 4 13:54:00 2009 From: olivier.berger at it-sudparis.eu (Olivier Berger) Date: Tue, 4 Aug 2009 06:54:00 -0700 (PDT) Subject: Mapping bugzilla bugs to RDF as EvoOnt BOM ontology : RFC Message-ID: Hello. (I was not subscribed to the list, and started over to overcome moderation issues, sorry for potential duplicate, then.) FYI, as part of our work on the Helios project [0], we've devised a prototype of a small app based on triplify [1] to export data about Bugzilla bugs as RDF, using the EvoOnt BOM [2] ontology (and extensions). We now have a prototype which can take a Bugzilla's DB and output RDF, that will model relationships between people, bugs, comments, together with some bugs properties. We'd like to ask for review of interested people, and maybe try and attract interest of bugzilla owners that would be willing to test this, in order to validate the use of the ontologies, and see if we can contribute to the Semantic Web and LinkedData [3]. Ultimately, we seek at improving the work of OpenSource maintainers in allowing bug data to be found on the Semantic Web, in order to facilitate the development of applications through the interoperability offered by RDF and standard ontologies. Example of such applications could be the monitoring of remote bugs status changes (thanks to the recently added "see also" feature in bugzilla 3.4 ;), much like what bts-link does in Debian. You'll find more details at : https://picoforge.int-evry.fr/cgi-bin/twiki/view/Helios_wp3/Web/TriplifyBugzillaToRdf and a protoype online at : http://kilauea.int-evry.fr:8081/triplify/bugzilla/ (starting point here for instance : http://kilauea.int-evry.fr:8081/triplify/bugzilla/person/1 ) Of course, RDF triples are best viewed with appropriate tools like Firefox plugins like Tabulator. Btw, there's a maybe more realistic prototype working on Debian bugs data available at : http://kilauea.int-evry.fr:8081/triplify/UDD/ (more details here : https://picoforge.int-evry.fr/cgi-bin/twiki/view/Helios_wp3/Web/TriplifyUddToRdf ) Should you whish to test triplify on your Bugzilla, the code is available here : [4]. Any comments, remarks, and flames (yes, triplify is PHP ;) much welcome. Best regards, [0] : https://picoforge.int-evry.fr/cgi-bin/twiki/view/Helios_wp3/Web/ [1] : http://triplify.org/ [2] : http://www.ifi.uzh.ch/ddis/evo/ [3] : http://LinkedData.org/ [4] : http://picoforge.int-evry.fr/websvn/listing.php?repname=helios_wp3&path=%2Ftrunk%2Ftriplify%2Fbugzilla%2F&rev=0&sc=0 P.S.: all our development are to be published as Free Software, btw. -- Olivier BERGER http://www-public.it-sudparis.eu/~berger_o/ - OpenPGP-Id: 1024D/ 6B829EEC Ing?nieur Recherche - Dept INF Institut TELECOM, SudParis (http://www.it-sudparis.eu/), Evry (France) _______________________________________________ dev-apps-bugzilla mailing list dev-apps-bugzilla at lists.mozilla.org https://lists.mozilla.org/listinfo/dev-apps-bugzilla From mkanat at bugzilla.org Wed Aug 5 00:05:49 2009 From: mkanat at bugzilla.org (Max Kanat-Alexander) Date: Tue, 04 Aug 2009 17:05:49 -0700 Subject: Mapping bugzilla bugs to RDF as EvoOnt BOM ontology : RFC In-Reply-To: <1249389015.18489.33.camel@hortense> References: <1249389015.18489.33.camel@hortense> Message-ID: <4A78CCDD.3070201@bugzilla.org> Olivier Berger wrote: > FYI, as part of our work on the Helios project [0], we've devised a > prototype of a small app based on triplify [1] to export data about > Bugzilla bugs as RDF, using the EvoOnt BOM [2] ontology (and > extensions). Hey Olivier! I think the first question that we'd have is--could you explain to us how the RDF generated by triplify is different and more useful than the RDF normally generated by Bugzilla itself for a buglist? I don't think any of us (or at least, very few of us) are familiar with triplify. -Max -- http://www.everythingsolved.com/ Competent, Friendly Bugzilla and Perl Services. Everything Else, too. From olivier.berger at it-sudparis.eu Wed Aug 5 10:56:27 2009 From: olivier.berger at it-sudparis.eu (Olivier Berger) Date: Wed, 05 Aug 2009 12:56:27 +0200 Subject: [long] Re: Mapping bugzilla bugs to RDF as EvoOnt BOM ontology : RFC In-Reply-To: <4A78CCDD.3070201@bugzilla.org> References: <1249389015.18489.33.camel@hortense> <4A78CCDD.3070201@bugzilla.org> Message-ID: <1249469787.15544.57.camel@hortense> Le mardi 04 ao?t 2009 ? 17:05 -0700, Max Kanat-Alexander a ?crit : > Olivier Berger wrote: > > FYI, as part of our work on the Helios project [0], we've devised a > > prototype of a small app based on triplify [1] to export data about > > Bugzilla bugs as RDF, using the EvoOnt BOM [2] ontology (and > > extensions). > > Hey Olivier! I think the first question that we'd have is--could you > explain to us how the RDF generated by triplify is different and more > useful than the RDF normally generated by Bugzilla itself for a buglist? > I don't think any of us (or at least, very few of us) are familiar with > triplify. > Yes, obvious questions, of course. To make it short, we're trying to produce "real" standard-based RDF, containing resources, classes, etc. and using ontologies that are not application specific, in order to foster interoperability, and make sure that such RDF can participate the LinkedData ecosystem. Here triplify is just one such tool that can do RDBMS to RDF conversion, to serve as a demonstrator, but of course this is just to have a reference, and such RDF should ideally be produced by Bugzilla itself, IMHO. Long version bellow. Pardon me in advance if I'm a bit pedantic... as I'll try and explain what I find great in RDF and standard ontologies. RDF is just about triples like "subject verb object". And the magic of it is to allow to embed, in the same document (for instance as XML+RDF) several schema/ontologies which describe the same object/resource. On which ontologies are used to do so, depend the usefulness of such data, and its ability to interlink resources on the Semantic Web. Compared to traditional XML (with DTDs for instance), RDF brings *semantics*, which can be agreed on, in turn benefiting to interoperability. In the case of the bugzilla RDF (which if I understand it well, is acquired by using &ctype=rdf in some CGIs), it's RDF, but it's not so much more interesting, I would say, than what you get in the classical XML output. For instance, the severity, priority, status and other such fields are not typed... 177692 normal -- All general@bugzilla.bugs NEW normalize column names and make them consistent with those reflected externally in RDF Here, there's not much semantics that you can extract from it, as it doesn't relate to standard ontologies, nor to real Semantic Web resources. By comparison, we're seeking to provide RDF which would use more Semantically-defined ontologies, which would help render such RDF consuming applications interoperable with any bugtracker. We're trying to reuse as much as possible standard ontologies (FOAF, SIOC, DC etc.), and to propose a standard for bugs description (based on EvoOnt BOM) For instance, when dealing with relationships between user accounts on the bugzilla and (real) people, and the bugs they submitted, we implement links between a resource in a bug ontology (EvoOnt BOM's "Issue" class), an account (SIOC's "User" class) and a person (FOAF's "Person" class). It gives things like (converted from the triplify output): 6688a14521cd97db162af8f9757f2e2232300e50 Olivier Berger 6688a14521cd97db162af8f9757f2e2232300e50 Olivier Berger make_snapshot script complains on error http://erty.int-evry.fr/bugzilla/show_bug.cgi?id=1 Bug 1 I hope you can see the difference (yes, I know, it's verbose ;-) Another way to see it, as turtle, may be more human friendly : @prefix rdf: . @prefix s: . @prefix dc: . @prefix sioc: . @prefix foaf: . @prefix owl: . @prefix bom: . @prefix helios_bt: . a foaf:Person ; foaf:name "Olivier Berger" ; foaf:mbox_sha1sum "6688a14521cd97db162af8f9757f2e2232300e50" ; foaf:holdsAccount ; s:seeAlso . a sioc:User ; s:label "Olivier Berger" ; sioc:email_sha1 "6688a14521cd97db162af8f9757f2e2232300e50" ; s:seeAlso ; bom:isReporterOf . a bom:Issue ; s:label "Bug 1" ; dc:title "make_snapshot script complains on error" ; bom:bugURL "http://erty.int-evry.fr/bugzilla/show_bug.cgi?id=1" ; bom:hasAssignee ; bom:hasComputerSystem ; bom:hasPriority helios_bt:BugzillaPriorityP2 ; bom:hasReporter ; bom:hasResolution helios_bt:BugzillaResolutionFIXED ; bom:hasSeverity helios_bt:BugzillaSeveritynormal ; bom:hasState helios_bt:BugzillaStateRESOLVED ; bom:isInProduct ; bom:isIssueOf . The real interest here will be if/when every bugtracker would start outputing facts about its bugs in the EvoOnt BOM (if agreed on), FOAF, etc. That's why we sought your opinion on what EvoOnt BOM and our extensions may provide. Thanks in advance for your comments, and sorry for the long post. Best regards, -- Olivier BERGER http://www-public.it-sudparis.eu/~berger_o/ - OpenPGP-Id: 1024D/6B829EEC Ing?nieur Recherche - Dept INF Institut TELECOM, SudParis (http://www.it-sudparis.eu/), Evry (France) From lajjr at yahoo.com Sat Aug 8 17:55:13 2009 From: lajjr at yahoo.com (Leo Jackson) Date: Sat, 8 Aug 2009 10:55:13 -0700 (PDT) Subject: Self-Introduction: Leo A Jackson Jr (lajjr) Message-ID: <598833.34818.qm@web84303.mail.re1.yahoo.com> My Intro: * Leo Jackson * Your IRC nick on irc.mozilla.org (if you have one) lajjr * Scranton, Pa 18505 USA EST * Owner Head Programmer. * LJSES * I want to help with bugs, features, patches. * Historical qualifications o Maverik, Leg, Ubuntu, Debian, GNU, FSF, Libre. o Experienced code patcher. o UI Creation, C, C++, Python, Perl, HTML, XML, PHP, Ruby, CGI, Pascal, * I would like to help in muliple area. Leo Albert Jackson Jr Owner Head Programmer LJ's Electronics and Software From olivier.berger at it-sudparis.eu Mon Aug 3 13:39:09 2009 From: olivier.berger at it-sudparis.eu (Olivier Berger) Date: Mon, 03 Aug 2009 15:39:09 +0200 Subject: Mapping bugzilla bugs to RDF as EvoOnt BOM ontology : RFC Message-ID: <1249306750.6682.86.camel@hortense> Hello. (I'm not subscribed to the list, so please pardon me in advance in asking to keep me or our helios_wp3 list in CC: of any responses) FYI, as part of our work on the Helios project [0], we've devised a prototype of a small app based on triplify [1] to export data about Bugzilla bugs as RDF, using the EvoOnt BOM [2] ontology (and extensions). We now have a prototype which can take a Bugzilla's DB and output RDF, that will model relationships between people, bugs, comments, together with some bugs properties. We'd like to ask for review of interested people, and maybe try and attract interest of bugzilla owners that would be willing to test this, in order to validate the use of the ontologies, and see if we can contribute to the Semantic Web and LinkedData [3]. Ultimately, we seek at improving the work of OpenSource maintainers in allowing bug data to be found on the Semantic Web, in order to facilitate the development of applications through the interoperability offered by RDF and standard ontologies. Example of such applications could be the monitoring of remote bugs status changes (thanks to the recently added "see also" feature in bugzilla 3.4 ;), much like what bts-link does in Debian. You'll find more details at : https://picoforge.int-evry.fr/cgi-bin/twiki/view/Helios_wp3/Web/TriplifyBugzillaToRdf and a protoype online at : http://kilauea.int-evry.fr:8081/triplify/bugzilla/ (starting point here for instance : http://kilauea.int-evry.fr:8081/triplify/bugzilla/person/1 ) Of course, RDF triples are best viewed with appropriate tools like Firefox plugins like Tabulator. Btw, there's a maybe more realistic prototype working on Debian bugs data available at : http://kilauea.int-evry.fr:8081/triplify/UDD/ (more details here : https://picoforge.int-evry.fr/cgi-bin/twiki/view/Helios_wp3/Web/TriplifyUddToRdf ) Should you whish to test triplify on your Bugzilla, the code is available here : [4]. Any comments, remarks, and flames (yes, triplify is PHP ;) much welcome. Best regards, [0] : https://picoforge.int-evry.fr/cgi-bin/twiki/view/Helios_wp3/Web/ [1] : http://triplify.org/ [2] : http://www.ifi.uzh.ch/ddis/evo/ [3] : http://LinkedData.org/ [4] : http://picoforge.int-evry.fr/websvn/listing.php?repname=helios_wp3&path=%2Ftrunk%2Ftriplify%2Fbugzilla%2F&rev=0&sc=0 P.S.: all our development are to be published as Free Software, btw. -- Olivier BERGER http://www-public.it-sudparis.eu/~berger_o/ - OpenPGP-Id: 1024D/6B829EEC Ing?nieur Recherche - Dept INF Institut TELECOM, SudParis (http://www.it-sudparis.eu/), Evry (France) From aaron.trevena at gmail.com Mon Aug 10 14:57:22 2009 From: aaron.trevena at gmail.com (Aaron Trevena) Date: Mon, 10 Aug 2009 15:57:22 +0100 Subject: Announce: BZ::Client 1.0 In-Reply-To: References: Message-ID: Hi Jochen, > I'd like to announce the availability of BZ::Client on CPAN. > BZ::Client is a client library for the Bugzilla Webservices API. It > provides an object oriented API, which is relatively close to the > server side API, but hides the XML-RPC related details completely. That sounds good - I've been thinking about how to move some of the functionality you see in tracs version control/bug integration into Padre (http://padre.perlide.org/), so that, for instance, you could close a bug on commit, etc - this would be very helpful for that. Having said that it would be nice if it installed cleanly through CPAN - there are several problems I spotted that would be worth spending a little time fixing : - looking at the Makefile.PL I don't see any dependancies, and when I try to install I get errors as it "Can't locate XML/Parser.pm" amongst other modules (they should be listed in PREREQ_PM) - tests will never pass when using the cpan client as they are done via the command line, and don't skip or prompt the user (I'd prefer skipping unless environment variables were set) - I couldn't easily find an example of actually using the Bugzilla API through it - a worked example of closing or updating a bug would be immensely helpful. I'd recommend reading http://www.perlfoundation.org/perl5/index.cgi?cpan_packaging for more advice. It's a good start, it means I can make a start on my padre plugin quickly, but wouldn't be happy releasing a plugin that uses it until it installs halfway reliably via cpan. I've replied to list in the hope that other bugzilla users/hackers who want to write CPAN modules can pick up some tips too - even if you don't upload to CPAN there is plenty of good practice that still applies to packaging perl applications and libraries in general. Cheers, A. -- Aaron J Trevena, BSc Hons http://www.aarontrevena.co.uk LAMP System Integration, Development and Consulting From jochen.wiedmann at gmail.com Mon Aug 10 15:38:04 2009 From: jochen.wiedmann at gmail.com (Jochen Wiedmann) Date: Mon, 10 Aug 2009 17:38:04 +0200 Subject: Announce: BZ::Client 1.0 In-Reply-To: References: Message-ID: On Mon, Aug 10, 2009 at 4:57 PM, Aaron Trevena wrote: > ?- looking at the Makefile.PL I don't see any dependancies, and when I > try to install I get errors as it "Can't locate XML/Parser.pm" amongst > other modules (they should be listed in PREREQ_PM) Fixed in 1.01, thank you! I'll upload it as soon as pause.cpan.org is online again. > ?- tests will never pass when using the cpan client as they are done > via the command line, and don't skip or prompt the user (I'd prefer > skipping unless environment variables were set) I can't follow you here. The command line is only used to configure the Makefile. Absent any command line parameters, tests are skipped. Should be perfectly CPAN compliant. > - I couldn't easily find an example of actually using the Bugzilla API > through it - a worked example of closing or updating a bug would be > immensely helpful. Examples of closing or updating a bug are hard to give: That functionality is still missing on the server side. Jochen From aaron.trevena at gmail.com Tue Aug 11 08:37:06 2009 From: aaron.trevena at gmail.com (Aaron Trevena) Date: Tue, 11 Aug 2009 09:37:06 +0100 Subject: Announce: BZ::Client 1.0 In-Reply-To: References: Message-ID: >> ?- looking at the Makefile.PL I don't see any dependancies, and when I >> try to install I get errors as it "Can't locate XML/Parser.pm" amongst >> other modules (they should be listed in PREREQ_PM) > > Fixed in 1.01, thank you! I'll upload it as soon as pause.cpan.org is > online again. Nice work. Thanks. > >> ?- tests will never pass when using the cpan client as they are done >> via the command line, and don't skip or prompt the user (I'd prefer >> skipping unless environment variables were set) > > I can't follow you here. The command line is only used to configure > the Makefile. Absent any > command line parameters, tests are skipped. Should be perfectly CPAN compliant. Ah ok - I missed that - I saw the command line arguments and the tests failing and jumped to the wrong conclusion. >> - I couldn't easily find an example of actually using the Bugzilla API >> through it - a worked example of closing or updating a bug would be >> immensely helpful. > > Examples of closing or updating a bug are hard to give: That > functionality is still missing > on the server side. OMG. If I can't close or update a bug, what on earth can I do - what kind of webservice is that? That puts bugzilla back down to the same "hey you can always screenscrape" level solution as Trac that I wanted to avoid. Somebody let me know when bugzilla lets you do useful things via a webservice as I'll give up on integration until at least one bugtracking system can provide a useful webservice as an alternative to webscraping. *sigh* A. -- Aaron J Trevena, BSc Hons http://www.aarontrevena.co.uk LAMP System Integration, Development and Consulting From emmanuel.seyman at club-internet.fr Tue Aug 11 09:18:33 2009 From: emmanuel.seyman at club-internet.fr (Emmanuel Seyman) Date: Tue, 11 Aug 2009 11:18:33 +0200 Subject: Announce: BZ::Client 1.0 In-Reply-To: References: Message-ID: <20090811091833.GA1452@orient.maison.lan> * Aaron Trevena [11/08/2009 11:11] : > > If I can't close or update a bug, what on earth can I do - what kind > of webservice is that? Get comments, Get bug info, Get bug history, Search for bugs, Create a bug, Add a comment, Update the "See Also" field. Emmanuel From mbd at dbc.dk Tue Aug 11 11:53:06 2009 From: mbd at dbc.dk (Mads Bondo Dydensborg) Date: Tue, 11 Aug 2009 13:53:06 +0200 Subject: Announce: BZ::Client 1.0 In-Reply-To: References: Message-ID: <200908111353.06538.mbd@dbc.dk> Tirsdag 11 august 2009 skrev Aaron Trevena: > > Examples of closing or updating a bug are hard to give: That > > functionality is still missing > > on the server side. > > OMG. > > If I can't close or update a bug, what on earth can I do - what kind > of webservice is that? I agree it is limited. But, you can actually use it to create bugs, display lists of bugs and a number of other things. I wrote a C# proxy for it, which interesstingly, was usuable outside my own organization: http://www.codeproject.com/KB/vb/BugZillaImporter.aspx > That puts bugzilla back down to the same "hey you can always > screenscrape" level solution as Trac that I wanted to avoid. Yes, this is a pain. > > Somebody let me know when bugzilla lets you do useful things via a > webservice You can always follow the bugs at https://bugzilla.mozilla.org/query.cgi - select Product Bugzilla, component WebService. You may even want to contribute some code/time towards the goal. Regards Mads -- Mads Bondo Dydensborg mads at dydensborg.dk http://www.madsdydensborg.dk/ Philosopher's syndrome: mistaking a failure of imagination for an insight into necessity. - Daniel Dennett (could also be said of others than philosphers) From aaron.trevena at gmail.com Tue Aug 11 11:59:51 2009 From: aaron.trevena at gmail.com (Aaron Trevena) Date: Tue, 11 Aug 2009 12:59:51 +0100 Subject: Announce: BZ::Client 1.0 In-Reply-To: <200908111353.06538.mbd@dbc.dk> References: <200908111353.06538.mbd@dbc.dk> Message-ID: 2009/8/11 Mads Bondo Dydensborg : > I agree it is limited. But, you can actually use it to create bugs, display > lists of bugs and a number of other things. I know - that's a bit better than Trac, but not what I was hoping for. > I wrote a C# proxy for it, which interesstingly, was usuable outside my own > organization: > > http://www.codeproject.com/KB/vb/BugZillaImporter.aspx > >> That puts bugzilla back down to the same "hey you can always >> screenscrape" level solution as Trac that I wanted to avoid. > > Yes, this is a pain. Yes, I've basically given up on the padre plugin now, as I have plenty of things I'd sooner do that write code to screenscrape bugtrackers that haven't managed to crawl into the 21st century ;p >> Somebody let me know when bugzilla lets you do useful things via a >> webservice > > You can always follow the bugs at https://bugzilla.mozilla.org/query.cgi - > select Product Bugzilla, component WebService. > > You may even want to contribute some code/time towards the goal. That's part of the problem - I could do that but it would require anybody who wants to use the code I write that uses the new webservice features to get their bugzilla updated to the release it eventually makes it to, so it would solve my current problem in 18 months, 3 or 4 years - depending on how often the majority of the userbase updates bugzilla. I was looking for something that would give an immediate "wow" factor to the padre IDE, this avenue looks like a dead end until at least one bug tracker manages to provide actual interactive webservices - much as it's tempting to write an extension that does it, it would still not help as most bugzilla users would never have any input on when the server get's updated or any extra bits installed. oh well. A. -- Aaron J Trevena, BSc Hons http://www.aarontrevena.co.uk LAMP System Integration, Development and Consulting From aaron.trevena at gmail.com Tue Aug 11 12:11:13 2009 From: aaron.trevena at gmail.com (Aaron Trevena) Date: Tue, 11 Aug 2009 13:11:13 +0100 Subject: Announce: BZ::Client 1.0 In-Reply-To: References: <200908111353.06538.mbd@dbc.dk> Message-ID: 2009/8/11 Aaron Trevena : > I was looking for something that would give an immediate "wow" factor > to the padre IDE, this avenue looks like a dead end until at least one > bug tracker manages to provide actual interactive webservices - much > as it's tempting to write an extension that does it, it would still > not help as most bugzilla users would never have any input on when the > server get's updated or any extra bits installed. Fortunately it looks like somebody else decided to screenscrape it. WWW::Bugzilla on CPAN, and it has a nicer API than the webservice client (sorry). I'll give that a go until the bugzilla webservices can match it's functionality. A. -- Aaron J Trevena, BSc Hons http://www.aarontrevena.co.uk LAMP System Integration, Development and Consulting From gelhaus at uni-paderborn.de Tue Aug 11 19:53:54 2009 From: gelhaus at uni-paderborn.de (Martin Gelhaus) Date: Tue, 11 Aug 2009 21:53:54 +0200 Subject: =?UTF-8?B?U3R1ZHkgb24gY29tbXVuaWNhdGlvbiBhbmQgY29sbGFib3JhdGlvbiBpbiBzb2Z0d2FyZSBkZXZlbG9wbWVudCB0ZWFtcw==?= Message-ID: <3a0267ac8c5912abb5be876145befbd3@thales.cs.upb.de> Dear Bugzilla developer, within the scope of my diploma thesis at the University of Paderborn, Germany, with the title "Study about communication and collaboration in software development in teams" I am conducting a survey of members of software development teams. I would be very grateful if you help me in my studies and answer the survey at http://thales.cs.upb.de/limesurvey185/index.php?lang=en&sid=91192&token=bvqk4gmcdwezxj5 This is the official description of the survey: In the last years many means of communication and collaboration were introduced in software projects to assist the development teams with their daily work. With this study we want to identify requirements for a communication- and collaboration-supporting platform for software development. For this purpose we will evaluate the utilization and effectiveness of different means of communication and collaboration in solving software and managerial problems in software development teams. The survey will take about 10-15 minutes and contains 55 questions that cover various topics. Many thanks for your support of my research. If there are any further questions, don't hesitate to contact me. Best regards from Paderborn, Germany Martin Gelhaus (gelhaus at uni-paderborn.de) ---------------------------------------------- Click here to do the survey: http://thales.cs.upb.de/limesurvey185/index.php?lang=en&sid=91192&token=bvqk4gmcdwezxj5 ---- Martin Gelhaus Graduand at Didactics of Informatics chair at University of Paderborn F?rstenallee 11 Room F2.416 D-33102 Paderborn _______________________________________________ dev-apps-bugzilla mailing list dev-apps-bugzilla at lists.mozilla.org https://lists.mozilla.org/listinfo/dev-apps-bugzilla From mkanat at bugzilla.org Wed Aug 12 01:49:49 2009 From: mkanat at bugzilla.org (Max Kanat-Alexander) Date: Tue, 11 Aug 2009 18:49:49 -0700 Subject: Self-Introduction: Leo A Jackson Jr (lajjr) In-Reply-To: <598833.34818.qm@web84303.mail.re1.yahoo.com> References: <598833.34818.qm@web84303.mail.re1.yahoo.com> Message-ID: <4A821FBD.3010106@bugzilla.org> Leo Jackson wrote: > * I want to help with bugs, features, patches. > * Historical qualifications > o Maverik, Leg, Ubuntu, Debian, GNU, FSF, Libre. > o Experienced code patcher. > o UI Creation, C, C++, Python, Perl, HTML, XML, PHP, Ruby, CGI, Pascal, > * I would like to help in muliple area. Great! Welcome! :-) -Max -- http://www.everythingsolved.com/ Competent, Friendly Bugzilla and Perl Services. Everything Else, too. From mkanat at bugzilla.org Wed Aug 12 01:51:14 2009 From: mkanat at bugzilla.org (Max Kanat-Alexander) Date: Tue, 11 Aug 2009 18:51:14 -0700 Subject: Self-Introduction: Sun Xin In-Reply-To: <4A4CAFB0.7090005@redhat.com> References: <4A4CAFB0.7090005@redhat.com> Message-ID: <4A822012.5000407@bugzilla.org> Sun Xin wrote: > Thank you for your time to read my self-Introduction. I am the new > guy to this community. Hey. :-) It's taken me a while to respond, but I did want to say welcome to the project! :-) > * What do you want to help out with? I am interesting in bugzilla, > maybe I can try to provide patch for some bugs or develop the test > case. That sounds good! Test case development would be particularly helpful--talk to LpSolit on IRC about that. -Max -- http://www.everythingsolved.com/ Competent, Friendly Bugzilla and Perl Services. Everything Else, too. From lpsolit at gmail.com Fri Aug 14 00:23:04 2009 From: lpsolit at gmail.com (=?ISO-8859-1?Q?Fr=E9d=E9ric_Buclin?=) Date: Fri, 14 Aug 2009 02:23:04 +0200 Subject: Bugzilla meeting next Tuesday, August 18 Message-ID: <4A84AE68.9040906@gmail.com> Hi all, Our next Bugzilla meeting will take place next Tuesday, August 18 at 11:00 PDT (18:00 GMT, 20:00 CEST) in the #bugzilla-meeting channel on IRC. The agenda is available at https://wiki.mozilla.org/Bugzilla:Meetings. Feel free to add more items to the agenda, assuming you can attend the meeting, of course. Everyone is welcome! Meanwhile, I just blogged about recent progress we did towards Bugzilla 3.6, in case you are interested: http://lpsolit.wordpress.com/2009/08/14/latest-news-from-bugzilla-3-5/ See you next Tuesday, LpSolit From lpsolit at gmail.com Wed Aug 19 00:58:27 2009 From: lpsolit at gmail.com (=?ISO-8859-1?Q?Fr=E9d=E9ric_Buclin?=) Date: Wed, 19 Aug 2009 02:58:27 +0200 Subject: What to do with ssl="authenticated sessions" + code freeze date for Bugzilla 3.6 Message-ID: <4A8B4E33.9060705@gmail.com> Hi all, At the Bugzilla meeting today, there has been some discussion about what to do with the "authenticated sessions" value of the ssl parameter now that you can log in from every page. It seems that it doesn't make sense to keep this value anymore as all pages must be protected using SSL as you can potentially use any of them to log in. Does anyone see a valid reason to not kill this value? This means the ssl parameter would become a single yes/no to use ssl or not, see bug 329638. Now something unrelated to SSL, I just wanted to inform you that the code freeze for Bugzilla 3.6 will happen at the end of September, two months after the release of Bugzilla 3.4. No new features will be accepted for 3.6 past this deadline, only bug fixes. So your contributions should be attached to b.m.o before this date if you expect to see them implemented for 3.6. And keep in mind that most patches don't get review+ on the first revision, so include in your timing enough time to update your patches before the freezing date. ;) I think that's all for today. :) LpSolit From dkl at redhat.com Wed Aug 19 14:18:38 2009 From: dkl at redhat.com (David Lawrence) Date: Wed, 19 Aug 2009 10:18:38 -0400 Subject: What to do with ssl="authenticated sessions" + code freeze date for Bugzilla 3.6 In-Reply-To: <4A8B4E33.9060705@gmail.com> References: <4A8B4E33.9060705@gmail.com> Message-ID: <4A8C09BE.6020607@redhat.com> On 08/18/2009 08:58 PM, Fr?d?ric Buclin wrote: > At the Bugzilla meeting today, there has been some discussion about what > to do with the "authenticated sessions" value of the ssl parameter now > that you can log in from every page. It seems that it doesn't make sense > to keep this value anymore as all pages must be protected using SSL as > you can potentially use any of them to log in. Does anyone see a valid > reason to not kill this value? This means the ssl parameter would become > a single yes/no to use ssl or not, see bug 329638. > > As mentioned in the meeting, we (Red Hat) do not utilize this functionality since our multiple web servers sit behind a load balancing proxy which does the automatic redirect to SSL for all requests. So we normally keep the ssl param set to 'never' now anyway. So I vote yes for this change. Dave -- David Lawrence, RHCE dkl at redhat.com ------------------------------------ Red Hat, Inc. Web: www.redhat.com 1801 Varsity Drive Raleigh, NC 27606 From justdave at bugzilla.org Wed Aug 19 18:02:19 2009 From: justdave at bugzilla.org (David Miller) Date: Wed, 19 Aug 2009 14:02:19 -0400 Subject: What to do with ssl="authenticated sessions" + code freeze date for Bugzilla 3.6 In-Reply-To: <4A8C09BE.6020607@redhat.com> References: <4A8B4E33.9060705@gmail.com> <4A8C09BE.6020607@redhat.com> Message-ID: <4A8C3E2B.6050207@bugzilla.org> David Lawrence wrote on 8/19/09 10:18 AM: > On 08/18/2009 08:58 PM, Fr?d?ric Buclin wrote: >> At the Bugzilla meeting today, there has been some discussion about what >> to do with the "authenticated sessions" value of the ssl parameter now >> that you can log in from every page. It seems that it doesn't make sense >> to keep this value anymore as all pages must be protected using SSL as >> you can potentially use any of them to log in. Does anyone see a valid >> reason to not kill this value? This means the ssl parameter would become >> a single yes/no to use ssl or not, see bug 329638. > > As mentioned in the meeting, we (Red Hat) do not utilize this functionality > since our multiple web servers sit behind a load balancing proxy which does > the automatic redirect to SSL for all requests. So we normally keep the > ssl param set to 'never' now anyway. So I vote yes for this change. Same at Mozilla. We'd always had it set to "never" with the https: in the urlbase. Looking at the config now, it looks like it's set to "always" at the moment, but both urlbase and sslbase are the same. -- Dave Miller http://www.justdave.net/ System Administrator, Mozilla Corporation http://www.mozilla.com/ Project Leader, Bugzilla Bug Tracking System http://www.bugzilla.org/ From dkl at redhat.com Wed Aug 19 18:18:24 2009 From: dkl at redhat.com (David Lawrence) Date: Wed, 19 Aug 2009 14:18:24 -0400 Subject: What to do with ssl="authenticated sessions" + code freeze date for Bugzilla 3.6 In-Reply-To: <4A8C3E2B.6050207@bugzilla.org> References: <4A8B4E33.9060705@gmail.com> <4A8C09BE.6020607@redhat.com> <4A8C3E2B.6050207@bugzilla.org> Message-ID: <4A8C41F0.1080300@redhat.com> On 08/19/2009 02:02 PM, David Miller wrote: > David Lawrence wrote on 8/19/09 10:18 AM: > >> On 08/18/2009 08:58 PM, Fr?d?ric Buclin wrote: >> >>> At the Bugzilla meeting today, there has been some discussion about what >>> to do with the "authenticated sessions" value of the ssl parameter now >>> that you can log in from every page. It seems that it doesn't make sense >>> to keep this value anymore as all pages must be protected using SSL as >>> you can potentially use any of them to log in. Does anyone see a valid >>> reason to not kill this value? This means the ssl parameter would become >>> a single yes/no to use ssl or not, see bug 329638. >>> >> As mentioned in the meeting, we (Red Hat) do not utilize this functionality >> since our multiple web servers sit behind a load balancing proxy which does >> the automatic redirect to SSL for all requests. So we normally keep the >> ssl param set to 'never' now anyway. So I vote yes for this change. >> > Same at Mozilla. We'd always had it set to "never" with the https: in > the urlbase. Looking at the config now, it looks like it's set to > "always" at the moment, but both urlbase and sslbase are the same. > We had it mistakenly once set to ssl == 'always' and any request to the server got stuck in an endless looping redirect. Dave -- David Lawrence, RHCE dkl at redhat.com ------------------------------------ Red Hat, Inc. Web: www.redhat.com 1801 Varsity Drive Raleigh, NC 27606 From wurblzap at gmail.com Wed Aug 19 20:25:32 2009 From: wurblzap at gmail.com (Marc Schumann) Date: Wed, 19 Aug 2009 22:25:32 +0200 Subject: What to do with ssl="authenticated sessions" + code freeze date for Bugzilla 3.6 In-Reply-To: <4A8B4E33.9060705@gmail.com> References: <4A8B4E33.9060705@gmail.com> Message-ID: 2009/8/19 Fr?d?ric Buclin : > At the Bugzilla meeting today, there has been some discussion about what > to do with the "authenticated sessions" value of the ssl parameter now > that you can log in from every page. It seems that it doesn't make sense > to keep this value anymore as all pages must be protected using SSL as > you can potentially use any of them to log in. Does anyone see a valid > reason to not kill this value? This means the ssl parameter would become > a single yes/no to use ssl or not, see bug 329638. I've got two installs with the param set to authenticated_sessions. Most traffic on them is happening via SSL, though, because the vast majority of bugs are not public, so people usually are logged in. So I won't miss the value much, but I like the idea of being able to browse unencrypted... I gather that we should log in *from* an encrypted page, though, and since this means every page allows a log in now, every page must be encrypted. Can you shed some light on why this is so? Why can't we log in from an unencrypted page, moving to SSL just when logging in? Is it some man-in-the-middle thing? Marc From ghendricks at novell.com Wed Aug 19 21:46:49 2009 From: ghendricks at novell.com (Gregary Hendricks) Date: Wed, 19 Aug 2009 15:46:49 -0600 Subject: What to do with ssl="authenticated sessions" + code freeze date for Bugzilla 3.6 In-Reply-To: <4A8C41F0.1080300@redhat.com> References: <4A8B4E33.9060705@gmail.com> <4A8C09BE.6020607@redhat.com> <4A8C3E2B.6050207@bugzilla.org> <4A8C41F0.1080300@redhat.com> Message-ID: <4A8C1E69020000D20005305E@lucius.provo.novell.com> >>> On 8/19/2009 at 12:18 PM, in message <4A8C41F0.1080300 at redhat.com>, David Lawrence wrote: > On 08/19/2009 02:02 PM, David Miller wrote: > > David Lawrence wrote on 8/19/09 10:18 AM: > > > >> On 08/18/2009 08:58 PM, Fr?d?ric Buclin wrote: > >> > >>> At the Bugzilla meeting today, there has been some discussion about what > >>> to do with the "authenticated sessions" value of the ssl parameter now > >>> that you can log in from every page. It seems that it doesn't make sense > >>> to keep this value anymore as all pages must be protected using SSL as > >>> you can potentially use any of them to log in. Does anyone see a valid > >>> reason to not kill this value? This means the ssl parameter would become > >>> a single yes/no to use ssl or not, see bug 329638. > >>> > >> As mentioned in the meeting, we (Red Hat) do not utilize this functionality > >> since our multiple web servers sit behind a load balancing proxy which does > >> the automatic redirect to SSL for all requests. So we normally keep the > >> ssl param set to 'never' now anyway. So I vote yes for this change. > >> > > Same at Mozilla. We'd always had it set to "never" with the https: in > > the urlbase. Looking at the config now, it looks like it's set to > > "always" at the moment, but both urlbase and sslbase are the same. > > > > We had it mistakenly once set to ssl == 'always' and any request to the > server got stuck in > an endless looping redirect. > We also use a proxy that handles the SSL redirect. In our case urlbase is set to http and the proxy handles the SSL since we don't want to encrypt the data between the apache server and the proxy. Authentication in our system is also handled external to Bugzilla anyway so the reasons for using SSL are based on bug content. Since that is arbitrary, we enforce SSL always, but again, this is all handled external to Bugzilla. If we put https or set sslbase at all, we also see endless redirect loops. Greg From lpsolit at gmail.com Thu Aug 20 00:37:55 2009 From: lpsolit at gmail.com (=?ISO-8859-1?Q?Fr=E9d=E9ric_Buclin?=) Date: Thu, 20 Aug 2009 02:37:55 +0200 Subject: What to do with ssl="authenticated sessions" + code freeze date for Bugzilla 3.6 In-Reply-To: References: <4A8B4E33.9060705@gmail.com> Message-ID: <4A8C9AE3.8030500@gmail.com> Le 19. 08. 09 22:25, Marc Schumann a ?crit : > this is so? Why can't we log in from an unencrypted page, moving to > SSL just when logging in? Is it some man-in-the-middle thing? No idea about MITM attacks. Probably justdave, dveditz, jruderman and some others would know. LpSolit From justdave at bugzilla.org Wed Aug 19 23:58:49 2009 From: justdave at bugzilla.org (David Miller) Date: Wed, 19 Aug 2009 19:58:49 -0400 Subject: What to do with ssl="authenticated sessions" + code freeze date for Bugzilla 3.6 In-Reply-To: References: <4A8B4E33.9060705@gmail.com> Message-ID: <4A8C91B9.9060609@bugzilla.org> Marc Schumann wrote on 8/19/09 4:25 PM: > I gather that we should log in *from* an > encrypted page, though, and since this means every page allows a log > in now, every page must be encrypted. Can you shed some light on why > this is so? Why can't we log in from an unencrypted page, moving to > SSL just when logging in? Is it some man-in-the-middle thing? Yes. If you got man-in-the-middled on your way to the http page, you'd never know, and you have no proof the form is going to submit to an https destination without viewing the source. If the form is https to begin with then you have the certificate validation to know you got the form itself from the trusted source as well. -- Dave Miller http://www.justdave.net/ System Administrator, Mozilla Corporation http://www.mozilla.com/ Project Leader, Bugzilla Bug Tracking System http://www.bugzilla.org/ From justdave at bugzilla.org Wed Aug 19 23:57:31 2009 From: justdave at bugzilla.org (David Miller) Date: Wed, 19 Aug 2009 19:57:31 -0400 Subject: What to do with ssl="authenticated sessions" + code freeze date for Bugzilla 3.6 In-Reply-To: <4A8C1E69020000D20005305E@lucius.provo.novell.com> References: <4A8B4E33.9060705@gmail.com> <4A8C09BE.6020607@redhat.com> <4A8C3E2B.6050207@bugzilla.org> <4A8C41F0.1080300@redhat.com> <4A8C1E69020000D20005305E@lucius.provo.novell.com> Message-ID: <4A8C916B.2020907@bugzilla.org> Gregary Hendricks wrote on 8/19/09 5:46 PM: > We also use a proxy that handles the SSL redirect. In our case urlbase > is set to http and the proxy handles the SSL since we don't want to > encrypt the data between the apache server and the proxy. Authentication > in our system is also handled external to Bugzilla anyway so the reasons > for using SSL are based on bug content. Since that is arbitrary, we > enforce SSL always, but again, this is all handled external to Bugzilla. > If we put https or set sslbase at all, we also see endless redirect > loops. Our proxy also handles the SSL with traffic between the proxy and bugzilla unencrypted. Bugzilla's apache is actually listening on ports 80 and 81 for cleartext and encrypted, and the port 81 vhost sets the HTTPS environment variable so that mod_perl thinks it's SSL. -- Dave Miller http://www.justdave.net/ System Administrator, Mozilla Corporation http://www.mozilla.com/ Project Leader, Bugzilla Bug Tracking System http://www.bugzilla.org/ From vitaly.fedrushkov at gmail.com Mon Aug 31 04:13:17 2009 From: vitaly.fedrushkov at gmail.com (SnowyOwl) Date: Sun, 30 Aug 2009 21:13:17 -0700 (PDT) Subject: What to do with ssl="authenticated sessions" + code freeze date for Bugzilla 3.6 References: Message-ID: On 19 ???, 06:58, "Fr?d?ric Buclin" wrote: > At the Bugzilla meeting today, there has been some discussion about what > to do with the "authenticated sessions" value of the ssl parameter now > that you can log in from every page. It seems that it doesn't make sense > to keep this value anymore as all pages must be protected using SSL as > you can potentially use any of them to log in. Does anyone see a valid > reason to not kill this value? This means the ssl parameter would become > a single yes/no to use ssl or not, see bug 329638. The only scenario I could see is where some users do not have HTTPS access at all. For example, Bugzilla is used by staff from intranet using HTTPS, but exposed to public internet as read-only searchable knowledge base for users. HTTPS may be unavailable to those users to reduce server load, as it protects nothing in this setup. _______________________________________________ dev-apps-bugzilla mailing list dev-apps-bugzilla at lists.mozilla.org https://lists.mozilla.org/listinfo/dev-apps-bugzilla From mkanat at bugzilla.org Mon Aug 31 05:41:18 2009 From: mkanat at bugzilla.org (Max Kanat-Alexander) Date: Sun, 30 Aug 2009 22:41:18 -0700 Subject: What to do with ssl="authenticated sessions" + code freeze date for Bugzilla 3.6 In-Reply-To: References: Message-ID: <4A9B627E.40801@bugzilla.org> On 08/30/2009 09:13 PM, SnowyOwl wrote: > The only scenario I could see is where some users do not have HTTPS > access at all. For example, Bugzilla is used by staff from intranet > using HTTPS, but exposed to public internet as read-only searchable > knowledge base for users. > > HTTPS may be unavailable to those users to reduce server load, as it > protects nothing in this setup. Well, this situation seems fairly unlikely, and also really doesn't matter that much, because honestly Bugzilla doesn't put that much load on a web server, and the load it *does* put on the server is already much more significant than the load put on by SSL. So I don't think we have to worry too much about this situation. And anybody who *really* needed it could still accomplish it with a proxy. -Max -- http://www.everythingsolved.com/ Competent, Friendly Bugzilla and Perl Services. Everything Else, too.