happy bmo push day!

the following changes have been pushed to bugzilla.mozilla.org:

  • [1207926] change treeherder@bots.tld to orangefactor@bots.tld
  • [1204683] Add whoami endpoint
  • [1208135] security not being mailed when bugs change core-security-release state
  • [1199090] add printable recovery 2fa codes
  • [1204623] timestamp on flags should reference the latest updated activity, not the first
  • [1209745] Update get_permissions.html.tmpl to reflect new self-canconfirm process

discuss these changes on mozilla.tools.bmo.

happy bmo push day!

the following changes have been pushed to bugzilla.mozilla.org:

  • [1203991] change the suggested fxos 2fa app (again)
  • [1204704] Backport upstream testsuite changes to test against bug 1202447
  • [1205683] Feature request: STR and regression-range pulldowns
  • [1199087] extend 2fa protection beyond login
  • [1204645] the ‘last seen’ value in the group membership report should use a profile’s last-seen date, not the cookie

discuss these changes on mozilla.tools.bmo.

happy bmo push day!

the following changes have been pushed to bugzilla.mozilla.org:

  • [1201415] add message informing users to check their mobile device’s time if they have issues enrolling
  • [1202461] Missing real email syntax check
  • [1201954] Add a “forgot password” link to user preferences -> account
  • [1202147] Performing a Simple Search results in the message “invalid column names: relevance desc”
  • [1202845] Update to Recruiting form (HRBP list, Textio component)
  • [1202975] warning about api key requirement is no longer shown when enabling 2fa
  • [1202976] change the suggested fxos 2fa app

discuss these changes on mozilla.tools.bmo.

happy bmo push day!

the following changes have been pushed to bugzilla.mozilla.org:

  • [1200600] message about 2fa’s interaction with api authentication should be visible when 2fa is enabled
  • [1200610] jsonrpc API requests do not work when “Require API-Key authentication for API requests” is enabled due to missing API tokens
  • [1200618] Layout of the TOTP 2FA leads to missing the token time window and thus frustration
  • [1200957] when a non-admin edits a user the 2fa setting is incorrectly reported
  • [1200974] “API-Key” in 2fa text should be “API key” to match the rest of bugzilla
  • [1196618] add support for group owners
  • [1196508] Intern Request Metric Dashboard
  • [1200961] switching to the modal view doesn’t force the mozilla skin
  • [1201116] remove the duo mobile client from suggested apps due to its lack of handling of expired codes

discuss these changes on mozilla.tools.bmo.

happy bmo push day!

the following changes have been pushed to bugzilla.mozilla.org:

  • [1197073] add support for 2fa using totp (eg. google authenticator)
  • [1199136] security bug group moves for new core-security-release group
  • [1199941] inactive sessions should expire faster (a week)

today’s push lands initial support for two-factor authentication on BMO. we currently support time-based one-time passwords (totp) with protection around just logging in. 2fa protection will be extended to protect other actions in the upcoming weeks.

2fa

visit the ‘two-factor authentication‘ section under your user preferences to enable 2fa.

discuss these changes on mozilla.tools.bmo.