aboutsummaryrefslogtreecommitdiffstats
path: root/Bugzilla
Commit message (Collapse)AuthorAgeFilesLines
* Bug 1054702: CSV export vulnerable to formulae injectionSimon Green2014-10-061-1/+3
| | | | r=glob,a=glob
* Bug 1064140: [SECURITY] Private comments can be shown to flagmail recipients ↵Simon Green2014-10-062-13/+30
| | | | | | who aren't in the insider group r=glob,a=glob
* Bug 1075578: [SECURITY] Improper filtering of CGI argumentsFrédéric Buclin2014-10-061-4/+3
| | | | r=dkl,a=sgreen
* Bug 1070640: Update (and rename) Bugzilla::Send::Sendmail to work with ↵Frédéric Buclin2014-10-012-31/+22
| | | | | | Email::Sender::Transport::Sendmail r=dylan a=justdave
* Bug 1070317 - Bugzilla::Flag's attribute modification_date is affected by ↵Dylan William Hardison2014-09-301-2/+3
| | | | | | the user's timezone and differs from the database copy after a call to $flag->update() r=dkl, a=justdave
* Bug 1071317: Remove unused variablesFrédéric Buclin2014-09-292-2/+0
| | | | r=gerv a=sgreen
* Bug 1044457 - PostgreSQL 8.x fails with error: language "plpgsql" does not existDylan William Hardison2014-09-281-0/+3
|
* Bug 1072110: _concatenate_js assumes javascript_urls is an arrayByron Jones2014-09-261-1/+2
| | | | r=dkl,a=glob
* Bug 1065444: Several columns are not legal when displaying queriesFrédéric Buclin2014-09-231-7/+12
| | | | r=dkl a=sgreen
* Bug 502625: Replace Email::Send with Email::SenderFrédéric Buclin2014-09-205-71/+39
| | | | r=dylan a=glob
* Bug 829273: Certain webservice tests failing due to improper error being ↵David Lawrence2014-09-181-2/+2
| | | | | | thrown for undef or empty bug id values r=glob,a=glob
* Bug 1068521: "Use of uninitialized value" warningsPami Ketolainen2014-09-181-4/+11
| | | | r=glob,a=glob
* Bug 1068014: skip strptime() in datetime_from() if the date is in a standard ↵Byron Jones2014-09-181-3/+8
| | | | | | format r=dylan,a=glob
* Bug 1064395: concatenate and slightly minify javascript filesByron Jones2014-09-183-7/+76
| | | | r=dkl,a=glob
* Bug 1039940: serialisation of objects for webservice responses is extremely slowByron Jones2014-09-161-5/+8
| | | | r=dylan,a=sgreen
* Bug 252555: Remove the ANSI mode when running MySQLVishant Gautam2014-09-151-3/+4
| | | | r=LpSolit a=sgreen
* Bug 1066184: data/params.js should be renamed to data/params.json since the ↵David Lawrence2014-09-153-10/+15
| | | | | | data form is JSON and not JS r=LpSolit,a=sgreen
* Bug 1064933: Bugzilla.pm does not compile without Text::MarkdownKoosha KM2014-09-112-4/+4
| | | | r=glob,a=sgreen
* Bug 1052724: Use JSON::XS instead of Data::Dumper to store parameters into ↵Frédéric Buclin2014-09-114-51/+68
| | | | | | data/params r=dkl r=wurblzap a=sgreen
* Bug 1009013 - Require a user to change their password if they log in and ↵Simon Green2014-09-114-15/+49
| | | | | | their current password does not meet the password complexity rules r=glob, a=sgreen
* Bug 1053513 - fix patching errorDylan William Hardison2014-09-101-1/+1
| | | | I yearn for review board and more git-based development.
* Bug 1035080: preload visibility of referenced bugs in _preload_referenced_bugsByron Jones2014-09-101-0/+3
| | | | r=sgreen,a=sgreen
* Bug 1053513 - remove last-visited entries when a user removes involvement ↵Dylan William Hardison2014-09-092-0/+16
| | | | | | from a bug r/a=glob
* Bug 1046126: Do not generate a new API token every time you access a ↵David Lawrence2014-09-081-3/+10
| | | | | | bug-related page r=sgreen,a=glob
* Bug 1046213: datetime_from() generates wrong dates if year < 1901Frédéric Buclin2014-09-081-3/+7
| | | | r=sgreen a=glob
* Bug 1060308: Markdown: URLs and Emails are not rendered literally in code ↵Koosha KM2014-09-051-1/+6
| | | | | | spans and code blocks r=glob,a=sgreen
* Bug 281791 - Add ability to change flags in "change several bugs at once"Simon Green2014-09-022-0/+112
| | | | r=glob, a=sgreen
* Bug 330707: Add optional support for MarkDownKoosha KM2014-08-2810-3/+560
| | | | r=dkl,a=sgreen
* Bug 1054642: quoteUrls() enters an infinite loop with a list of nonexistent ↵Koosha KM2014-08-251-13/+8
| | | | | | bug ids to be linkified r=glob,a=sgreen
* Bug 1008766 - Fix typo in documentation (edit)Simon Green2014-08-241-1/+1
| | | | r=glob, a=glob
* Bug 1053802: Groups used for the comment_taggers_group and debug_group ↵Frédéric Buclin2014-08-191-2/+4
| | | | | | parameters can be deleted r=sgreen a=glob
* Bug 1014337 - Update Bug.fields documentationSimon Green2014-08-191-0/+6
| | | | r=glob, a=glob
* Correctly remove the bugs.alias column, see bug 1012506Frédéric Buclin2014-08-141-4/+0
| | | | r=sgreen
* Bug 1048712: comment tagging suggestions always returns a single resultByron Jones2014-08-141-1/+5
| | | | r=sgreen,a=glob
* Bug 1012506 - Allow a bug to have multiple aliasesSimon Green2014-08-146-52/+217
| | | | r=dkl, a=sgreen
* Bug 996893: Perl 5.18 and newer throw tons of warnings about deprecated modulesFrédéric Buclin2014-08-13147-1/+157
| | | | r=dkl a=sgreen
* Bug 993926: Bugzilla::User::Setting::get_all_settings() should use memcachedByron Jones2014-08-122-11/+44
| | | | r=sgreen,a=glob
* Bug 419568 - Web Service module to create a componentSimon Green2014-08-125-0/+204
| | | | r=dkl, a=sgreen
* Bug 448574 - Let $dbh->bz_commit_transaction send emails which are generated ↵Simon Green2014-08-103-6/+69
| | | | | | during a transaction r=dkl, a=sgreen
* Bug 897915 - Field lists not sorted alphabeticallySimon Green2014-08-101-0/+15
| | | | r=dkl, a=sgreen
* Bug 1044701: "Uninitialized value $token_type" when passing an invalid ↵David Lawrence2014-07-311-1/+4
| | | | | | Bugzilla_api_token value r=sgreen,a=glob
* Bug 1044561: Bad definition of indexes for the new user_api_keys DB tableFrédéric Buclin2014-07-312-2/+19
| | | | r=sgreen a=glob
* Bug 726696 - All authenticated WebServices methods should require ↵Simon Green2014-07-2712-14/+316
| | | | | | username/pass, token or a valid API key for authentication r=dkl, a=sgreen
* Bump version post-releaseDavid Lawrence2014-07-241-1/+1
|
* Bump version to 4.5.5David Lawrence2014-07-241-1/+1
|
* Bug 1036213 - (CVE-2014-1546) add '/**/' before jsonrpc.cgi callback to ↵Reed Loden2014-07-241-1/+3
| | | | | | avoid swf content type sniff vulnerability r=glob,a=sgreen
* Bug 1014345: Add Group.get RPC callDavid Lawrence2014-07-241-2/+2
| | | | - Fixed typo in editusers group name and used $user->can_bless.
* Bug 936275 - In buglists, flags are sorted alphabetically instead of using ↵Simon Green2014-07-153-33/+78
| | | | | | their sortkey r=dylan, a=glob
* Bug 1036225: Return a link to the REST documentation in "method not found" ↵David Lawrence2014-07-102-0/+6
| | | | | | errors r=glob,a=glob
* Bug 1027617: Can't locate object method "_reverseoperator" when searchingByron Jones2014-07-101-1/+1
| | | | r=dylan,a=glob