зеркало из https://github.com/mozilla/bugbot.git
Add survey sec bugs (#872)
* initial attempt * fixes from calixte * fixes from calixte / adding template * fix email, fix whiteboard * activate shell script (disable dry run) * reformat * codespell * address nits
This commit is contained in:
Родитель
a007a0ca81
Коммит
efaf6bce05
|
@ -617,5 +617,14 @@
|
||||||
"mcastelluccio@mozilla.com",
|
"mcastelluccio@mozilla.com",
|
||||||
"cdenizet@mozilla.com"
|
"cdenizet@mozilla.com"
|
||||||
]
|
]
|
||||||
|
},
|
||||||
|
"survey_sec_bugs": {
|
||||||
|
"to_reach_out":
|
||||||
|
[
|
||||||
|
"continuation@gmail.com",
|
||||||
|
"jdemooij@mozilla.com",
|
||||||
|
"nical.bugzilla@gmail.com",
|
||||||
|
"emilio@crisal.io"
|
||||||
|
]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,82 @@
|
||||||
|
# This Source Code Form is subject to the terms of the Mozilla Public
|
||||||
|
# License, v. 2.0. If a copy of the MPL was not distributed with this file,
|
||||||
|
# You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||||
|
|
||||||
|
from auto_nag.bzcleaner import BzCleaner
|
||||||
|
|
||||||
|
|
||||||
|
class SurveySecurityBugs(BzCleaner):
|
||||||
|
def __init__(self):
|
||||||
|
super(SurveySecurityBugs, self).__init__()
|
||||||
|
self.changes_per_bug = {}
|
||||||
|
|
||||||
|
def description(self):
|
||||||
|
return "Submit survey to assignee of a security bug"
|
||||||
|
|
||||||
|
def get_bz_params(self, date):
|
||||||
|
params = {
|
||||||
|
# maybe we need more fields to do our changes (?)
|
||||||
|
"include_fields": ["assigned_to", "whiteboard"],
|
||||||
|
# find fixed bugs
|
||||||
|
"bug_status": "RESOLVED,VERIFIED",
|
||||||
|
"resolution": "FIXED",
|
||||||
|
# find bugs only in these products
|
||||||
|
"f5": "product",
|
||||||
|
"o5": "anywordssubstr",
|
||||||
|
"v5": "Core,DevTools,Firefox,GeckoView,NSPR,NSS,Toolkit,WebExtensions",
|
||||||
|
# bugs changed to RESOLVED in last month
|
||||||
|
"chfield": "bug_status",
|
||||||
|
"chfieldfrom": "-1m",
|
||||||
|
"chfieldto": "NOW",
|
||||||
|
"chfieldvalue": "RESOLVED",
|
||||||
|
# keywords has either sec-critical or sec-high
|
||||||
|
"f1": "keywords",
|
||||||
|
"o1": "anywords",
|
||||||
|
"v1": "sec-critical,sec-high",
|
||||||
|
# whiteboard does not have [sec-survey] (to avoid us asking twice)
|
||||||
|
"f2": "status_whiteboard",
|
||||||
|
"o2": "notsubstring",
|
||||||
|
"v2": "[sec-survey]",
|
||||||
|
# has at least one attachment (i.e., hopefully a patch)
|
||||||
|
"f3": "attachments.count",
|
||||||
|
"o3": "greaterthan",
|
||||||
|
"v3": "0",
|
||||||
|
# assigned to any of those we have agreed to help out
|
||||||
|
"f4": "assigned_to",
|
||||||
|
"o4": "anywords",
|
||||||
|
"v4": ",".join(self.get_config("to_reach_out", default=[])),
|
||||||
|
}
|
||||||
|
|
||||||
|
return params
|
||||||
|
|
||||||
|
def handle_bug(self, bug, data):
|
||||||
|
assignee = bug["assigned_to"]
|
||||||
|
bugid = str(bug["id"])
|
||||||
|
|
||||||
|
new_whiteboard = bug["whiteboard"] + "[sec-survey]"
|
||||||
|
self.changes_per_bug[bugid] = {
|
||||||
|
"comment": {"body": self.comment_tpl_for_bugid(bugid)},
|
||||||
|
"whiteboard": new_whiteboard,
|
||||||
|
"flags": [
|
||||||
|
{
|
||||||
|
"name": "needinfo",
|
||||||
|
"requestee": assignee,
|
||||||
|
"status": "?",
|
||||||
|
"new": "true",
|
||||||
|
}
|
||||||
|
],
|
||||||
|
}
|
||||||
|
|
||||||
|
return bug
|
||||||
|
|
||||||
|
def get_autofix_change(self):
|
||||||
|
return self.changes_per_bug
|
||||||
|
|
||||||
|
def comment_tpl_for_bugid(self, bugid):
|
||||||
|
URL = f"https://docs.google.com/forms/d/e/1FAIpQLSe9uRXuoMK6tRglbNL5fpXbun_oEb6_xC2zpuE_CKA_GUjrvA/viewform?usp=pp_url&entry.2124261401=https%3A%2F%2Fbugzilla.mozilla.org%2Fshow_bug.cgi%3Fid%3D{bugid}"
|
||||||
|
|
||||||
|
return f"As part of a security bug pattern analysis, we are requesting your help with a high level analysis of this bug. It is our hope to develop static analysis (or potentially runtime/dynamic analysis) in the future to identify classes of bugs.\n\nPlease visit [this google form]({URL}) to reply."
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == "__main__":
|
||||||
|
SurveySecurityBugs().run()
|
|
@ -0,0 +1,23 @@
|
||||||
|
#!/bin/bash
|
||||||
|
set -e
|
||||||
|
|
||||||
|
export PYTHONPATH=.
|
||||||
|
|
||||||
|
./runauto_nag_common.sh
|
||||||
|
|
||||||
|
. venv/bin/activate
|
||||||
|
|
||||||
|
# force the update of dependencies
|
||||||
|
pip install -r requirements.txt
|
||||||
|
|
||||||
|
# Clean the log files
|
||||||
|
python -m auto_nag.log --clean
|
||||||
|
|
||||||
|
# Close inactive intermittent bugs
|
||||||
|
python -m auto_nag.scripts.survey_sec_bugs
|
||||||
|
|
||||||
|
# Send a mail if the logs are not empty
|
||||||
|
# MUST ALWAYS BE THE LAST COMMAND
|
||||||
|
python -m auto_nag.log --send
|
||||||
|
|
||||||
|
deactivate
|
|
@ -0,0 +1,20 @@
|
||||||
|
|
||||||
|
<p>Here are security bugs closed in the last month where we asked for feedback about creating static analysis:
|
||||||
|
<table {{ table_attrs }}>
|
||||||
|
<thead>
|
||||||
|
<tr>
|
||||||
|
<th>Bug</th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
|
|
||||||
|
<tbody>
|
||||||
|
{% for i, (bugid, _) in enumerate(data) -%}
|
||||||
|
<tr {% if i % 2 == 0 %}bgcolor="#E0E0E0"{% endif -%}>
|
||||||
|
<td>
|
||||||
|
<a href="https://bugzilla.mozilla.org/show_bug.cgi?id={{ bugid }}">{{ bugid }}</a>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
{% endfor -%}
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
</p>
|
Загрузка…
Ссылка в новой задаче