aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Bug 1054702: CSV export vulnerable to formulae injectionSimon Green2014-10-062-4/+8
| | | | r=glob,a=glob
* Bug 1064140: [SECURITY] Private comments can be shown to flagmail recipients ↵Simon Green2014-10-063-18/+38
| | | | | | who aren't in the insider group r=glob,a=glob
* Bug 1074980: Forbid the { foo => $cgi->param() } syntax to prevent data overrideFrédéric Buclin2014-10-061-1/+32
| | | | r=dkl,a=sgreen
* Bug 1075578: [SECURITY] Improper filtering of CGI argumentsFrédéric Buclin2014-10-0611-45/+46
| | | | r=dkl,a=sgreen
* Bug 1071276: Markdown comment checkbox value is not passed through properly ↵Koosha2014-10-051-0/+1
| | | | | | when a mid air collision has occurred and user chooses to submit comment r=dkl a=sgreen
* Bug 1076155: Remove "?" from table columns and labels + code cleanupFrédéric Buclin2014-10-023-23/+14
| | | | r=dkl a=justdave
* Bug 1069760 - Cannot use 'component' in a templateSimon Green2014-10-013-17/+17
| | | | r=gerv, a=justdave
* Bug 1070640: Update (and rename) Bugzilla::Send::Sendmail to work with ↵Frédéric Buclin2014-10-012-31/+22
| | | | | | Email::Sender::Transport::Sendmail r=dylan a=justdave
* Fix bustage due to bug 1061247Frédéric Buclin2014-10-011-0/+1
|
* Bug 1061247 - Successfully using a password change token should invalidate ↵Reed Loden2014-09-301-0/+2
| | | | | | all other password change tokens for that user r=gerv a=glob
* Bug 1070317 - Bugzilla::Flag's attribute modification_date is affected by ↵Dylan William Hardison2014-09-301-2/+3
| | | | | | the user's timezone and differs from the database copy after a call to $flag->update() r=dkl, a=justdave
* Bug 1071317: Remove unused variablesFrédéric Buclin2014-09-293-4/+0
| | | | r=gerv a=sgreen
* Bug 1044457 - PostgreSQL 8.x fails with error: language "plpgsql" does not existDylan William Hardison2014-09-281-0/+3
|
* Bug 1071024 - improve description of mail_delivery_method. r=glob.Gervase Markham2014-09-261-1/+6
|
* Bug 1071033: Variable "$user" will not stay shared at buglist.cgiFrédéric Buclin2014-09-261-5/+4
| | | | r=dkl a=sgreen
* Bug 1072110: _concatenate_js assumes javascript_urls is an arrayByron Jones2014-09-263-3/+4
| | | | r=dkl,a=glob
* Bug 1059685: Add user help for MarkdownKoosha KM2014-09-231-4/+4
| | | | - Fixed template filter for constant in markdown.html.tmpl
* Bug 1059685: Add user help for MarkdownKoosha KM2014-09-233-10/+270
| | | | r=dkl,a=sgreen
* Bug 1065444: Several columns are not legal when displaying queriesFrédéric Buclin2014-09-232-41/+46
| | | | r=dkl a=sgreen
* Bug 1069363: "show user list again" link does not include is_enabled for ↵David Lawrence2014-09-221-1/+3
| | | | | | showing previous results list r=glob,a=glob
* Bug 502625: Replace Email::Send with Email::SenderFrédéric Buclin2014-09-206-73/+41
| | | | r=dylan a=glob
* Bug 829273: Certain webservice tests failing due to improper error being ↵David Lawrence2014-09-181-2/+2
| | | | | | thrown for undef or empty bug id values r=glob,a=glob
* Bug 1068521: "Use of uninitialized value" warningsPami Ketolainen2014-09-182-5/+12
| | | | r=glob,a=glob
* Bug 1068014: skip strptime() in datetime_from() if the date is in a standard ↵Byron Jones2014-09-181-3/+8
| | | | | | format r=dylan,a=glob
* Bug 1064395: concatenate and slightly minify javascript filesByron Jones2014-09-184-14/+100
| | | | r=dkl,a=glob
* Bug 1068277: No longer able to save/edit/forget a saved search if results ↵David Lawrence2014-09-171-27/+27
| | | | | | are 0 in buglist.cgi r=LpSolit,a=sgreen
* Bug 1039940: serialisation of objects for webservice responses is extremely slowByron Jones2014-09-161-5/+8
| | | | r=dylan,a=sgreen
* Bug 252555: Remove the ANSI mode when running MySQLVishant Gautam2014-09-151-3/+4
| | | | r=LpSolit a=sgreen
* Bug 1066184: data/params.js should be renamed to data/params.json since the ↵David Lawrence2014-09-156-16/+21
| | | | | | data form is JSON and not JS r=LpSolit,a=sgreen
* Bug 1064933: Bugzilla.pm does not compile without Text::MarkdownKoosha KM2014-09-113-4/+6
| | | | r=glob,a=sgreen
* Bug 1052724: Use JSON::XS instead of Data::Dumper to store parameters into ↵Frédéric Buclin2014-09-118-61/+77
| | | | | | data/params r=dkl r=wurblzap a=sgreen
* Bug 1041306: Kill global/site-navigation.html.tmpl to conform to the HTML5 ↵Frédéric Buclin2014-09-114-81/+3
| | | | | | spec about valid <link rel="..."> keywords r=dkl a=sgreen
* Bug 1009013 - Require a user to change their password if they log in and ↵Simon Green2014-09-116-23/+63
| | | | | | their current password does not meet the password complexity rules r=glob, a=sgreen
* Bug 1053513 - fix patching errorDylan William Hardison2014-09-101-1/+1
| | | | I yearn for review board and more git-based development.
* Bug 1035080: preload visibility of referenced bugs in _preload_referenced_bugsByron Jones2014-09-101-0/+3
| | | | r=sgreen,a=sgreen
* Bug 1036242: "TypeError: bug_status is undefined" when creating a bugMatt Tyson2014-09-101-4/+8
| | | | r=glob,a=glob
* Bug 1053513 - remove last-visited entries when a user removes involvement ↵Dylan William Hardison2014-09-092-0/+16
| | | | | | from a bug r/a=glob
* Bug 1046126: Do not generate a new API token every time you access a ↵David Lawrence2014-09-081-3/+10
| | | | | | bug-related page r=sgreen,a=glob
* Bug 1046213: datetime_from() generates wrong dates if year < 1901Frédéric Buclin2014-09-081-3/+7
| | | | r=sgreen a=glob
* Bug 768892 - Specific Search without search words yields invalid_column_name ↵Simon Green2014-09-081-1/+1
| | | | | | message, complaining about sort order "relevance desc" r=sgreen, a=glob
* Bug 1057838 - Update Autolinkification documentation to cover a list of ↵Koosha KM2014-09-081-0/+4
| | | | | | bug/comment ids r=sgreen, a=sgreen
* Bug 1060308: Markdown: URLs and Emails are not rendered literally in code ↵Koosha KM2014-09-051-1/+6
| | | | | | spans and code blocks r=glob,a=sgreen
* Bug 1040728 - testserver.pl on Ubuntu 12.04 with Apache2 invalidly gives ↵Dylan William Hardison2014-09-031-1/+1
| | | | | | error 'Failed to find the GID for the 'httpd' process' due to truncated command name r=gerv,a=sgreen
* Bug 281791 - Add ability to change flags in "change several bugs at once"Simon Green2014-09-026-1/+184
| | | | r=glob, a=sgreen
* Bug 1054175 - Exclude Bugzilla::Migrate:: from requiring POD documentationSimon Green2014-09-021-0/+1
| | | | r=gerv, a=sgreen
* Bug 1060233 - Aliases are not displayed correctly in some placesSimon Green2014-08-302-5/+6
| | | | r=dkl, a=sgreen
* Bug 330707: Add optional support for MarkDownKoosha KM2014-08-2825-15/+624
| | | | r=dkl,a=sgreen
* Bug 1056087 - contrib/merge-users.pl fails if there are no duplicate ↵Dylan William Hardison2014-08-261-2/+7
| | | | bug_user_last_visit rows
* Bug 1054642: quoteUrls() enters an infinite loop with a list of nonexistent ↵Koosha KM2014-08-251-13/+8
| | | | | | bug ids to be linkified r=glob,a=sgreen
* Bug 1008766 - Fix typo in documentation (edit)Simon Green2014-08-241-1/+1
| | | | r=glob, a=glob