Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Bug 1054702: CSV export vulnerable to formulae injection | Simon Green | 2014-10-06 | 1 | -1/+3 |
| | | | | r=glob,a=glob | ||||
* | Bug 1064140: [SECURITY] Private comments can be shown to flagmail recipients ↵ | Simon Green | 2014-10-06 | 2 | -13/+30 |
| | | | | | | who aren't in the insider group r=glob,a=glob | ||||
* | Bug 1075578: [SECURITY] Improper filtering of CGI arguments | Frédéric Buclin | 2014-10-06 | 1 | -4/+3 |
| | | | | r=dkl,a=sgreen | ||||
* | Bug 1070640: Update (and rename) Bugzilla::Send::Sendmail to work with ↵ | Frédéric Buclin | 2014-10-01 | 2 | -31/+22 |
| | | | | | | Email::Sender::Transport::Sendmail r=dylan a=justdave | ||||
* | Bug 1070317 - Bugzilla::Flag's attribute modification_date is affected by ↵ | Dylan William Hardison | 2014-09-30 | 1 | -2/+3 |
| | | | | | | the user's timezone and differs from the database copy after a call to $flag->update() r=dkl, a=justdave | ||||
* | Bug 1071317: Remove unused variables | Frédéric Buclin | 2014-09-29 | 2 | -2/+0 |
| | | | | r=gerv a=sgreen | ||||
* | Bug 1044457 - PostgreSQL 8.x fails with error: language "plpgsql" does not exist | Dylan William Hardison | 2014-09-28 | 1 | -0/+3 |
| | |||||
* | Bug 1072110: _concatenate_js assumes javascript_urls is an array | Byron Jones | 2014-09-26 | 1 | -1/+2 |
| | | | | r=dkl,a=glob | ||||
* | Bug 1065444: Several columns are not legal when displaying queries | Frédéric Buclin | 2014-09-23 | 1 | -7/+12 |
| | | | | r=dkl a=sgreen | ||||
* | Bug 502625: Replace Email::Send with Email::Sender | Frédéric Buclin | 2014-09-20 | 5 | -71/+39 |
| | | | | r=dylan a=glob | ||||
* | Bug 829273: Certain webservice tests failing due to improper error being ↵ | David Lawrence | 2014-09-18 | 1 | -2/+2 |
| | | | | | | thrown for undef or empty bug id values r=glob,a=glob | ||||
* | Bug 1068521: "Use of uninitialized value" warnings | Pami Ketolainen | 2014-09-18 | 1 | -4/+11 |
| | | | | r=glob,a=glob | ||||
* | Bug 1068014: skip strptime() in datetime_from() if the date is in a standard ↵ | Byron Jones | 2014-09-18 | 1 | -3/+8 |
| | | | | | | format r=dylan,a=glob | ||||
* | Bug 1064395: concatenate and slightly minify javascript files | Byron Jones | 2014-09-18 | 3 | -7/+76 |
| | | | | r=dkl,a=glob | ||||
* | Bug 1039940: serialisation of objects for webservice responses is extremely slow | Byron Jones | 2014-09-16 | 1 | -5/+8 |
| | | | | r=dylan,a=sgreen | ||||
* | Bug 252555: Remove the ANSI mode when running MySQL | Vishant Gautam | 2014-09-15 | 1 | -3/+4 |
| | | | | r=LpSolit a=sgreen | ||||
* | Bug 1066184: data/params.js should be renamed to data/params.json since the ↵ | David Lawrence | 2014-09-15 | 3 | -10/+15 |
| | | | | | | data form is JSON and not JS r=LpSolit,a=sgreen | ||||
* | Bug 1064933: Bugzilla.pm does not compile without Text::Markdown | Koosha KM | 2014-09-11 | 2 | -4/+4 |
| | | | | r=glob,a=sgreen | ||||
* | Bug 1052724: Use JSON::XS instead of Data::Dumper to store parameters into ↵ | Frédéric Buclin | 2014-09-11 | 4 | -51/+68 |
| | | | | | | data/params r=dkl r=wurblzap a=sgreen | ||||
* | Bug 1009013 - Require a user to change their password if they log in and ↵ | Simon Green | 2014-09-11 | 4 | -15/+49 |
| | | | | | | their current password does not meet the password complexity rules r=glob, a=sgreen | ||||
* | Bug 1053513 - fix patching error | Dylan William Hardison | 2014-09-10 | 1 | -1/+1 |
| | | | | I yearn for review board and more git-based development. | ||||
* | Bug 1035080: preload visibility of referenced bugs in _preload_referenced_bugs | Byron Jones | 2014-09-10 | 1 | -0/+3 |
| | | | | r=sgreen,a=sgreen | ||||
* | Bug 1053513 - remove last-visited entries when a user removes involvement ↵ | Dylan William Hardison | 2014-09-09 | 2 | -0/+16 |
| | | | | | | from a bug r/a=glob | ||||
* | Bug 1046126: Do not generate a new API token every time you access a ↵ | David Lawrence | 2014-09-08 | 1 | -3/+10 |
| | | | | | | bug-related page r=sgreen,a=glob | ||||
* | Bug 1046213: datetime_from() generates wrong dates if year < 1901 | Frédéric Buclin | 2014-09-08 | 1 | -3/+7 |
| | | | | r=sgreen a=glob | ||||
* | Bug 1060308: Markdown: URLs and Emails are not rendered literally in code ↵ | Koosha KM | 2014-09-05 | 1 | -1/+6 |
| | | | | | | spans and code blocks r=glob,a=sgreen | ||||
* | Bug 281791 - Add ability to change flags in "change several bugs at once" | Simon Green | 2014-09-02 | 2 | -0/+112 |
| | | | | r=glob, a=sgreen | ||||
* | Bug 330707: Add optional support for MarkDown | Koosha KM | 2014-08-28 | 10 | -3/+560 |
| | | | | r=dkl,a=sgreen | ||||
* | Bug 1054642: quoteUrls() enters an infinite loop with a list of nonexistent ↵ | Koosha KM | 2014-08-25 | 1 | -13/+8 |
| | | | | | | bug ids to be linkified r=glob,a=sgreen | ||||
* | Bug 1008766 - Fix typo in documentation (edit) | Simon Green | 2014-08-24 | 1 | -1/+1 |
| | | | | r=glob, a=glob | ||||
* | Bug 1053802: Groups used for the comment_taggers_group and debug_group ↵ | Frédéric Buclin | 2014-08-19 | 1 | -2/+4 |
| | | | | | | parameters can be deleted r=sgreen a=glob | ||||
* | Bug 1014337 - Update Bug.fields documentation | Simon Green | 2014-08-19 | 1 | -0/+6 |
| | | | | r=glob, a=glob | ||||
* | Correctly remove the bugs.alias column, see bug 1012506 | Frédéric Buclin | 2014-08-14 | 1 | -4/+0 |
| | | | | r=sgreen | ||||
* | Bug 1048712: comment tagging suggestions always returns a single result | Byron Jones | 2014-08-14 | 1 | -1/+5 |
| | | | | r=sgreen,a=glob | ||||
* | Bug 1012506 - Allow a bug to have multiple aliases | Simon Green | 2014-08-14 | 6 | -52/+217 |
| | | | | r=dkl, a=sgreen | ||||
* | Bug 996893: Perl 5.18 and newer throw tons of warnings about deprecated modules | Frédéric Buclin | 2014-08-13 | 147 | -1/+157 |
| | | | | r=dkl a=sgreen | ||||
* | Bug 993926: Bugzilla::User::Setting::get_all_settings() should use memcached | Byron Jones | 2014-08-12 | 2 | -11/+44 |
| | | | | r=sgreen,a=glob | ||||
* | Bug 419568 - Web Service module to create a component | Simon Green | 2014-08-12 | 5 | -0/+204 |
| | | | | r=dkl, a=sgreen | ||||
* | Bug 448574 - Let $dbh->bz_commit_transaction send emails which are generated ↵ | Simon Green | 2014-08-10 | 3 | -6/+69 |
| | | | | | | during a transaction r=dkl, a=sgreen | ||||
* | Bug 897915 - Field lists not sorted alphabetically | Simon Green | 2014-08-10 | 1 | -0/+15 |
| | | | | r=dkl, a=sgreen | ||||
* | Bug 1044701: "Uninitialized value $token_type" when passing an invalid ↵ | David Lawrence | 2014-07-31 | 1 | -1/+4 |
| | | | | | | Bugzilla_api_token value r=sgreen,a=glob | ||||
* | Bug 1044561: Bad definition of indexes for the new user_api_keys DB table | Frédéric Buclin | 2014-07-31 | 2 | -2/+19 |
| | | | | r=sgreen a=glob | ||||
* | Bug 726696 - All authenticated WebServices methods should require ↵ | Simon Green | 2014-07-27 | 12 | -14/+316 |
| | | | | | | username/pass, token or a valid API key for authentication r=dkl, a=sgreen | ||||
* | Bump version post-release | David Lawrence | 2014-07-24 | 1 | -1/+1 |
| | |||||
* | Bump version to 4.5.5 | David Lawrence | 2014-07-24 | 1 | -1/+1 |
| | |||||
* | Bug 1036213 - (CVE-2014-1546) add '/**/' before jsonrpc.cgi callback to ↵ | Reed Loden | 2014-07-24 | 1 | -1/+3 |
| | | | | | | avoid swf content type sniff vulnerability r=glob,a=sgreen | ||||
* | Bug 1014345: Add Group.get RPC call | David Lawrence | 2014-07-24 | 1 | -2/+2 |
| | | | | - Fixed typo in editusers group name and used $user->can_bless. | ||||
* | Bug 936275 - In buglists, flags are sorted alphabetically instead of using ↵ | Simon Green | 2014-07-15 | 3 | -33/+78 |
| | | | | | | their sortkey r=dylan, a=glob | ||||
* | Bug 1036225: Return a link to the REST documentation in "method not found" ↵ | David Lawrence | 2014-07-10 | 2 | -0/+6 |
| | | | | | | errors r=glob,a=glob | ||||
* | Bug 1027617: Can't locate object method "_reverseoperator" when searching | Byron Jones | 2014-07-10 | 1 | -1/+1 |
| | | | | r=dylan,a=glob |