Migrate https://eclipse.org/security to Hugo
Designs
Is blocked by
Activity
added to epic &19
assigned to @oliviergoulet
added statetodo label
added prioritylow severitylow labels
We have 4 pages to migrate for this section:
- https://www.eclipse.org/security/
- https://www.eclipse.org/security/known.php
- https://www.eclipse.org/security/policy.php
- https://www.eclipse.org/security/policy_2011.php (simply redirect policy_2011.php to policy_2011/).
For all sections, we need to ensure we have redirects for .php files as they no longer exist. See https://gitlab.eclipse.org/eclipsefdn/it/websites/eclipse.org/-/blob/main/config/nginx/default.conf#L49
/cc fyi @zacharysabourin
Edited by Christopher Guindonadded team:webdev label
added team:security label
added stateblock label and removed statetodo label
marked this issue as related to eclipsefdn/helpdesk#1496 (closed)
-
The challenge for this section will be the https://www.eclipse.org/security/known.php since it's pulling data from Bugzilla. The php code is here: https://git.eclipse.org/c/www.eclipse.org/projects.git/tree/classes/Bug.class.php
Before we get started, I would like to confirm with @mbarbero and @wbeaton if this is still needed. Wayne, Mika, do we still plan on fetching security bugs from Bugzilla?
If not, we can simply post a hardcoded list. However, we have the following options if we need to post up-to-date information from bugzilla:
- If possible, query Bugzilla API to fetch this list of bugs
- Create a simple API that runs that query to allow us to expose this data.
I am not sure if we still plan on leveraging Bugzilla for this since we've been having some conversations about migrating security reports to Gitlab: eclipsefdn/helpdesk#1496 (closed)
Edited by Christopher Guindon Before we get started, I would like to confirm with @mbarbero and @wbeaton if this is still needed. Wayne, Mika, do we still plan on fetching security bugs from Bugzilla?
See issue #38 (closed)
-
Thanks @wbeaton for the link!
@oliviergoulet, @mbarbero and @wbeaton let's discuss the implementation detail for https://www.eclipse.org/security/known.php on #38 (closed)
marked this issue as related to #38 (closed)
mentioned in issue eclipsefdn/it/api/git-eca-rest-api#81 (closed)
removed stateblock label
added statewip label
mentioned in merge request !49 (merged)
added prioritymedium label and removed prioritylow label
@mbarbero Here is a preview for migrating /security to Hugo: https://preview-49--www-eclipse-org.eclipsecontent.org/security/
You may notice the known vulnerabilities page is missing from the preview. This page is handled by another merge request. I'll be sharing the migrated known.php page tomorrow.
The list of team members at the top of the page (the one with the images) will be populated via YAML. It's going to be easier to modify the list this way. The file can be found here.
Terrific. LGTM. Thanks!
/cc @tiagolucas
Edited by Mikaël Barbero-
//cc @mrybczyn
Looks good to me. @cguindon Will links stay the same or change (the old ones have .php, but the new ones do not have that extension)? If they change, we'll need redirections for some time.
Edited by Marta Rybczynska
Amazing! @oliviergoulet I'm sorry but there was a decision yesterday to change the "Volunteers" to "Community Members" on the team page. Furthermore, can we also get a section on that yaml for them?
Edited by Tiago Lucas-
@mrybczyn The links will change and redirects will be in place.
@tiagolucas Certainly! I'll make those changes.
-
@tiagolucas The team page now displays "Community Members" and they can be added from the yaml file just like staff members.
Let me know if there's anything else
@oliviergoulet when do you plan to deploy? I have links in some places and would prefer to change to the new format before we push to many projects.
-
We're planning to deploy by next week when the descriptions for the known vulnerabilities table are fixed on the API.
Edited by Olivier Goulet
added statereview label and removed statewip label
mentioned in commit 141836cd
closed with merge request !49 (merged)
