On Wednesday, 19 July 2017 16:19:02 UTC-4, Randell Jesup wrote: > >On 2017-07-14 1:31 AM, Jim Blandy wrote: > >> Many people seem to be asking, essentially: What will happen to old bugs? > >> I'm trying to follow the discussion, and I'm not clear on this myself. > >> > >> For example, "Splinter will be turned off." For commenting and reviewing, > >> okay, understood. What about viewing patches on old bugs? > > > >Migration-specific issues are still in flux, since we have still have > >plenty of time to sort them out. I'll be clarifying the migration plan as > >we get closer to turning off old tools. So far we've agreed that keeping > >Splinter in read-only mode to view old patches is totally fine, and Dylan > >(BMO lead) mentioned that there are even nicer diff viewers that we can > >integrate with BMO, like https://diff2html.xyz/, which is currently in use > >by Red Hat's Bugzilla installation. > > Good! your recent posting made me believe you'd gone back to "splinter > must be totally turned off". Thanks. I still have significant > questions about how security-bug access and review (and security of such > items) will work; is there a design? What has changed since our > discussion in May, and have you met with the security engineers and > major security reviewers/triagers?
Some platform-security people were presented with the integration plan, but there wasn't much commentary. Most of the discussion has been around implementation details, some of which have been quite tricky. Not much has changed from the original plan except that we are looking into mirroring the CC list over as well as the security groups. Ideally we will have an exact match of the set of users who can view a bug and the set that can view associated revisions. Some of this stuff has already landed on our development instance. We'll have some docs and screencasts to show how it works. Mark _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
