New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. Weβll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[git-webkit] Provide mechanism to exempt bugs from redaction #12382
[git-webkit] Provide mechanism to exempt bugs from redaction #12382
Conversation
EWS run on previous version of this PR (hash 2401da9) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
r=me with some suggestions
if self.exemption: | ||
if self.reason: | ||
return '{} and is exempt from redaction'.format(self.reason) | ||
return 'is exempt from redaction for an unknown reason' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why do we want to support the "unknown reason" case? Seems like that should be a hard error.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One potential way to implement this suggestion is to change exemption from a boolean with a separate reason field to a combined exemptionReason field, which is either a string or null. (Or maybe use an enum instead.)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We don't really support the "unknown reason" case, I was just being thorough in exhausting cases. I'll raise an exception in the constructor, in practice, this should be generated from metadata/trackers.json
where we define reason in all cases.
metadata/trackers.json
Outdated
@@ -23,6 +23,7 @@ | |||
"redact" : { | |||
"classification:Security": true, | |||
"tentpole:.*Security.*": true | |||
} | |||
}, | |||
"redact_exemption" : {"keywords:[^:]*WebKit Cleared for Publication" : true} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If we can tie this keyword to the condition it hopes to express, then we can reduce the chances that someone will apply it blindly just to merge their patch. How about:
WebKit Security Does Not Repro in Shipping
Is there any condition where a Security bug does repro in shipping, but we want to support publishing it anyway?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We would need to use this same mechanism after shipping security fixes too during merge-back, because all merge-back commits will be referencing security commits which did reproduce in the latest shipping release when the bug was first filed.
We can also support multiple keywords here, so could have multiple supported keywords.
2401da9
to
c9608ea
Compare
EWS run on current version of this PR (hash c9608ea) |
https://bugs.webkit.org/show_bug.cgi?id=254993 rdar://107615755 Reviewed by Geoffrey Garen. It is often the case that we with to (eventually) publish changes which are redacted when they are written. git-webkit should support a mechanism to mark bugs (and by extension, the commits associated with those bug) as exempt from redaction. * Tools/Scripts/hooks/pre-push: Do not flag class 3 commits if an issue is exempt from redaction. * Tools/Scripts/libraries/webkitbugspy/setup.py: Bump version. * Tools/Scripts/libraries/webkitbugspy/webkitbugspy/__init__.py: Ditto. * Tools/Scripts/libraries/webkitbugspy/webkitbugspy/bugzilla.py: (Tracker.__init__): Pass redact_exemption. * Tools/Scripts/libraries/webkitbugspy/webkitbugspy/github.py: (Tracker.__init__): Pass redact_exemption. * Tools/Scripts/libraries/webkitbugspy/webkitbugspy/issue.py: (Issue.redacted): Check if an issue is exempt from redaction. * Tools/Scripts/libraries/webkitbugspy/webkitbugspy/radar.py: (Tracker.__init__): Pass redact_exemption. * Tools/Scripts/libraries/webkitbugspy/webkitbugspy/tests/bugzilla_unittest.py: * Tools/Scripts/libraries/webkitbugspy/webkitbugspy/tests/github_unittest.py: * Tools/Scripts/libraries/webkitbugspy/webkitbugspy/tests/radar_unittest.py: * Tools/Scripts/libraries/webkitbugspy/webkitbugspy/tracker.py: (Tracker.Redaction): Support defining a redaction exemption. (Tracker.from_json): Pass redact_exemption. (Tracker.__init__): Ditto. * Tools/Scripts/libraries/webkitscmpy/setup.py: Bump version. * Tools/Scripts/libraries/webkitscmpy/webkitscmpy/__init__.py: Ditto. * Tools/Scripts/libraries/webkitscmpy/webkitscmpy/program/pull_request.py: (PullRequest.create_pull_request): * Tools/Scripts/libraries/webkitscmpy/webkitscmpy/test/pull_request_unittest.py: * metadata/trackers.json: Exempt radars with the 'WebKit Cleared for Publication' keyword. Canonical link: https://commits.webkit.org/262617@main
c9608ea
to
e7a1365
Compare
Committed 262617@main (e7a1365): https://commits.webkit.org/262617@main Reviewed commits have been landed. Closing PR #12382 and removing active labels. |
e7a1365
c9608ea
π wincairoπ§ͺ wpe-wk2π§ͺ ios-wk2π§ͺ api-macπ§ͺ api-iosπ§ͺ mac-wk1π§ͺ gtk-wk2π tvπ§ͺ mac-wk2π§ͺ api-gtkπ tv-simπ§ͺ mac-AS-debug-wk2π watchπ§ͺ mac-wk2-stress