2020-12-07 - Triage report for "group::fuzz testing"
Hi, @stkerr @sethgitlab @nmccorrison @cam.x
This is a group or stage level triage report that aims to summarize the feature proposals and bugs which have not been scheduled or triaged. For more information please refer to the handbook:
Scheduling the workload is a collaborative effort by the Product Managers and Engineering Managers for that group. Please work together to provide a best estimate on priority and milestone assignments. For each issue please:
- Determine if the issue should be closed if it is no longer relevant or a duplicate.
- If it is still relevant please assign either a best estimate versioned milestone, the %Backlog or the %Awaiting further demand milestone.
- Specifically for ~bug, if there is no priority or clarity on a versioned milestone, please add a Priority label. Priority labels have an estimate SLO attached to them and help team members and the wider community understand roughly when it will be considered to be scheduled.
- Once a milestone has been assigned please check off the box for that issue.
- Please work with your team to complete the list by the due date set.
Unscheduled ~feature (non-customer)
-
gitlab-org/gitlab#291131 (closed) Add API Fuzzing docker image to Secure-Binaries.gitlab-ci.yml Category:Fuzz Testing, GitLab Ultimate, backend, devopssecure, ~"feature", featureaddition, ~"fuzzing::api", ~"group::fuzz testing", sectionsec, workflowrefinement -
gitlab-org/gitlab#284459 How to handle secrets in API Fuzzer reports and assets Category:Fuzz Testing, GitLab Ultimate, backend, devopssecure, ~"feature", featureaddition, ~"fuzzing::api", ~"group::fuzz testing", sectionsec, workflowrefinement -
gitlab-org/gitlab#276644 (closed) Coverage Fuzz - Request error AST Leadership, Category:Fuzz Testing, Deliverable, GitLab Ultimate, backend, devopssecure, ~"feature", frontend, fuzzingcoverage, ~"group::fuzz testing", sectionsec, secure:refinement-backend, secure:refinement-frontend, twdoing, workflowrefinement -
gitlab-org/gitlab#273419 Provide artifact expiration time to frontend for API Fuzzing Category:Fuzz Testing, GitLab Ultimate, backend, devopssecure, ~"feature", ~"fuzzing::api", ~"group::fuzz testing", sectionsec, workflowrefinement -
gitlab-org/gitlab#271563 Continuous Fuzz testing - Allow user select target during creation process Category:Fuzz Testing, UX FY21-Q4, devopssecure, ~"feature", featureenhancement, fuzzingcoverage, ~"group::fuzz testing", sectionsec -
gitlab-org/gitlab#267160 (closed) Follow-up from "Bugfix: add route to coverage_fuzzing_reports" Category:Fuzz Testing, backend, devopssecure, ~"feature", ~"feature::maintenance", fuzzingcoverage, ~"group::fuzz testing", sectionsec -
gitlab-org/gitlab#247641 Support dotenv based dynamic environments in API Fuzzing Category:Fuzz Testing, backend, devopssecure, ~"feature", featureaddition, ~"fuzzing::api", ~"group::fuzz testing", sectionsec, workflowdesign -
gitlab-org/gitlab#244382 (closed) GraphQL example project for API Fuzzing Category:Fuzz Testing, backend, devopssecure, direction, ~"feature", ~"fuzzing::api", ~"group::fuzz testing", sectionsec, workflowscheduling -
gitlab-org/gitlab#241755 Ability to sanitize static API archives such as HAR for API Fuzzing Category:Fuzz Testing, devopssecure, ~"feature", featureaddition, ~"fuzzing::api", ~"group::fuzz testing", sectionsec -
gitlab-org/gitlab#234079 Fuzz testing: quick action of "Copy sent request" to help reproducing crashes Category:Fuzz Testing, backend, devopssecure, ~"feature", ~"fuzzing::api", ~"group::fuzz testing", sectionsec -
gitlab-org/gitlab#232845 Automatic fuzzing harness generation for coverage-guided fuzzing Category:Fuzz Testing, devopssecure, ~"feature", fuzzingcoverage, ~"group::fuzz testing", sectionsec
Bug Section
For the following bugs. Please either close or assign either a versioned milestone, the %Backlog or the %Awaiting further demand milestone and ensure that a priority label is set.
- Engineering Managers: Please add a severity label for those issues without one
- Product Designers: Please add a severity label to UX ~bug issues without one
Heatmap for all bugs
Bugs for their priority and severity label are counted here. Every bug should have severity and priority labels applied. Please take a look at the bugs which fall into the columns indicating that the priority or severity labels are currently missing.
| severity1 | severity2 | severity3 | severity4 | No severity | |
|---|---|---|---|---|---|
| priority1 | 0 | 0 | 0 | 0 | 0 |
| priority2 | 0 | 0 | 1 | 0 | 0 |
| priority3 | 0 | 0 | 0 | 1 | 0 |
| priority4 | 0 | 0 | 0 | 0 | 0 |
| No priority | 0 | 0 | 0 | 0 | 0 |
This is a group level triage report that aims to collate the latest bug reports (for frontend and otherwise) and feature proposals. For more information please refer to the handbook:
If assignees or people mentioned in this individual triage report need to be amended, please edit group-definition.yml.