Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[HOLD for payment 2023-11-21] [$500] Security - Status bar color does not match with header #27453

Closed
6 tasks done
kbecciv opened this issue Sep 14, 2023 · 31 comments
Closed
6 tasks done
Assignees
Labels
Awaiting Payment Auto-added when associated PR is deployed to production Bug Something is broken. Auto assigns a BugZero manager. Daily KSv2 External Added to denote the issue can be worked on by a contributor

Comments

@kbecciv
Copy link

kbecciv commented Sep 14, 2023

If you haven’t already, check out our contributing guidelines for onboarding and email [email protected] to request to join our Slack channel!


Action Performed:

  1. Go to settings > security

Expected Result:

Status bar color should be blue same as header

Actual Result:

Status bar color does not match with header

Workaround:

Can the user still use Expensify without this being fixed? Have you informed them of the workaround?

Platforms:

Which of our officially supported platforms is this issue occurring on?

  • Android / native
  • Android / Chrome
  • iOS / native
  • iOS / Safari
  • MacOS / Chrome / Safari
  • MacOS / Desktop

Version Number: 1.3.70.2
Reproducible in staging?: y
Reproducible in production?: y
If this was caught during regression testing, add the test name, ID and link from TestRail:
Email or phone of affected tester (no customers):
Logs: https://stackoverflow.com/c/expensify/questions/4856
Notes/Photos/Videos: Any additional supporting documentation

IMG_0437 (1)

IMG_6593

Expensify/Expensify Issue URL:
Issue reported by:@gadhiyamanan
Slack conversation: https://expensify.slack.com/archives/C049HHMV9SM/p1694494708815589

View all open jobs on GitHub

@kbecciv kbecciv added External Added to denote the issue can be worked on by a contributor Daily KSv2 Bug Something is broken. Auto assigns a BugZero manager. labels Sep 14, 2023
@melvin-bot melvin-bot bot changed the title Security - Status bar color does not match with header [$500] Security - Status bar color does not match with header Sep 14, 2023
@melvin-bot
Copy link

melvin-bot bot commented Sep 14, 2023

Job added to Upwork: https://www.upwork.com/jobs/~01217477790895e67d

@melvin-bot
Copy link

melvin-bot bot commented Sep 14, 2023

Triggered auto assignment to @trjExpensify (Bug), see https://stackoverflow.com/c/expensify/questions/14418 for more details.

@melvin-bot melvin-bot bot added the Help Wanted Apply this label when an issue is open to proposals by contributors label Sep 14, 2023
@melvin-bot
Copy link

melvin-bot bot commented Sep 14, 2023

Bug0 Triage Checklist (Main S/O)

  • This "bug" occurs on a supported platform (ensure Platforms in OP are ✅)
  • This bug is not a duplicate report (check E/App issues and #expensify-bugs)
    • If it is, comment with a link to the original report, close the issue and add any novel details to the original issue instead
  • This bug is reproducible using the reproduction steps in the OP. S/O
    • If the reproduction steps are clear and you're unable to reproduce the bug, check with the reporter and QA first, then close the issue.
    • If the reproduction steps aren't clear and you determine the correct steps, please update the OP.
  • This issue is filled out as thoroughly and clearly as possible
    • Pay special attention to the title, results, platforms where the bug occurs, and if the bug happens on staging/production.
  • I have reviewed and subscribed to the linked Slack conversation to ensure Slack/Github stay in sync

@melvin-bot
Copy link

melvin-bot bot commented Sep 14, 2023

Triggered auto assignment to @sophiepintoraetz (External), see https://stackoverflow.com/c/expensify/questions/8582 for more details.

@melvin-bot
Copy link

melvin-bot bot commented Sep 14, 2023

Triggered auto assignment to Contributor-plus team member for initial proposal review - @burczu (External)

@ishpaul777
Copy link
Contributor

ishpaul777 commented Sep 14, 2023

Proposal

Problem

Security - Status bar color does not match with header.

Root Cause

We are using Route instead of route name for defining the color for Header. https://github.com/Expensify/App/blob/main/src/styles/themes/default.js#L90

Changes

Add and new variable SECURITY under SETTINGS as Settings_Security.
https://github.com/Expensify/App/blob/8fcb69eed005554030734060e6e56dee218d043a/src/SCREENS.ts

use SCREENS.SETTINGS.SECURITY here instead of ROUTES.SETTINGS_SECURITY also replace all Settings_Security with variable.

Screenshot 2023-09-14 at 9 45 51 PM

also we need to do the same for I_KNOW_A_TEACHER route

@trjExpensify
Copy link
Contributor

Commented on the issue that implemented this: #26775 (comment)

@roryabraham roryabraham removed the Help Wanted Apply this label when an issue is open to proposals by contributors label Sep 15, 2023
@roryabraham
Copy link
Contributor

Hey, this is a regression so we should not pay an additional bounty to fix it.

@roryabraham roryabraham self-assigned this Sep 15, 2023
@melvin-bot melvin-bot bot added Reviewing Has a PR in review Weekly KSv2 and removed Daily KSv2 labels Sep 15, 2023
@roryabraham
Copy link
Contributor

#27482

@sophiepintoraetz sophiepintoraetz removed their assignment Sep 15, 2023
@trjExpensify
Copy link
Contributor

Yuppp, we'll just pay out the bug report to @gadhiyamanan!

@melvin-bot
Copy link

melvin-bot bot commented Oct 9, 2023

This issue has not been updated in over 15 days. @burczu, @trjExpensify, @roryabraham eroding to Monthly issue.

P.S. Is everyone reading this sure this is really a near-term priority? Be brave: if you disagree, go ahead and close it out. If someone disagrees, they'll reopen it, and if they don't: one less thing to do!

@trjExpensify trjExpensify added the Weekly KSv2 label Nov 2, 2023
@melvin-bot melvin-bot bot added Weekly KSv2 Awaiting Payment Auto-added when associated PR is deployed to production and removed Weekly KSv2 labels Nov 14, 2023
@melvin-bot melvin-bot bot changed the title [$500] Security - Status bar color does not match with header [HOLD for payment 2023-11-21] [$500] Security - Status bar color does not match with header Nov 14, 2023
@melvin-bot melvin-bot bot removed the Reviewing Has a PR in review label Nov 14, 2023
Copy link

melvin-bot bot commented Nov 14, 2023

Reviewing label has been removed, please complete the "BugZero Checklist".

Copy link

melvin-bot bot commented Nov 14, 2023

The solution for this issue has been 🚀 deployed to production 🚀 in version 1.3.98-5 and is now subject to a 7-day regression period 📆. Here is the list of pull requests that resolve this issue:

If no regressions arise, payment will be issued on 2023-11-21. 🎊

After the hold period is over and BZ checklist items are completed, please complete any of the applicable payments for this issue, and check them off once done.

  • External issue reporter
  • Contributor that fixed the issue
  • Contributor+ that helped on the issue and/or PR

For reference, here are some details about the assignees on this issue:

  • @burczu does not require payment (Contractor)

Copy link

melvin-bot bot commented Nov 14, 2023

BugZero Checklist: The PR fixing this issue has been merged! The following checklist (instructions) will need to be completed before the issue can be closed:

  • [@burczu] The PR that introduced the bug has been identified. Link to the PR:
  • [@burczu] The offending PR has been commented on, pointing out the bug it caused and why, so the author and reviewers can learn from the mistake. Link to comment:
  • [@burczu] A discussion in #expensify-bugs has been started about whether any other steps should be taken (e.g. updating the PR review checklist) in order to catch this type of bug sooner. Link to discussion:
  • [@burczu] Determine if we should create a regression test for this bug.
  • [@burczu] If we decide to create a regression test for the bug, please propose the regression test steps to ensure the same bug will not reach production again.
  • [@trjExpensify] Link the GH issue for creating/updating the regression test once above steps have been agreed upon:

@melvin-bot melvin-bot bot added Daily KSv2 and removed Weekly KSv2 labels Nov 21, 2023
@trjExpensify
Copy link
Contributor

👋 @burczu checklist time please! I'm curious how this can be caught in the future in development.

As for payments, I think @gadhiyamanan is the only one due $50 for the bug report as per here. Correct?

@trjExpensify
Copy link
Contributor

Bump on the above!

@burczu
Copy link
Contributor

burczu commented Nov 27, 2023

@trjExpensify Sorry for the delay - I'll get back to BZ Checklists soon, after I finish reviewing my PR's and proposals.

@melvin-bot melvin-bot bot added the Overdue label Nov 27, 2023
@trjExpensify
Copy link
Contributor

Sounds good!

@melvin-bot melvin-bot bot removed the Overdue label Nov 27, 2023
@trjExpensify
Copy link
Contributor

Any luck? :)

@burczu
Copy link
Contributor

burczu commented Dec 1, 2023

BugZero Checklist: The PR fixing this issue has been merged! The following checklist (instructions) will need to be completed before the issue can be closed:

  • [@burczu] The PR that introduced the bug has been identified. Link to the PR:

I'm not sure how to treat this one because the issue was actually fixed somewhere else, I think here: #27483, and this issue and related PR actually does not fix anything (it just switches from using withLocalize to useLocalize in few places, so it's unrelated).

But the issue itself was introduced by the new feature (link to PR).

  • [@burczu] The offending PR has been commented on, pointing out the bug it caused and why, so the author and reviewers can learn from the mistake. Link to comment:

#26784 (review)

  • [@burczu] A discussion in #expensify-bugs has been started about whether any other steps should be taken (e.g. updating the PR review checklist) in order to catch this type of bug sooner. Link to discussion:
  • [@burczu] Determine if we should create a regression test for this bug.
  • [@burczu] If we decide to create a regression test for the bug, please propose the regression test steps to ensure the same bug will not reach production again.

Regression test proposal in a separate comment.

  • [@trjExpensify] Link the GH issue for creating/updating the regression test once above steps have been agreed upon:

@burczu
Copy link
Contributor

burczu commented Dec 1, 2023

Regression Test Proposal

  1. Login to the App on mWeb or native Android/iOS
  2. Navigate to Settings -> Security
  3. Verify if the Status bar animates to light blue (should be the same as the header of the page)
  4. Click on back button
  5. Verify if the Status bar animates back to dark green (Should be the same as header of the page)
  6. Do we agree 👍 or 👎

@roryabraham
Copy link
Contributor

LGTM 👍🏼

@melvin-bot melvin-bot bot added the Overdue label Dec 4, 2023
@trjExpensify
Copy link
Contributor

trjExpensify commented Dec 4, 2023

Okay cool! I'm curious if there's something in the dev lifecycle, like in the PR checklist or something for ensuring the status bar colour matches when introducing a new animation?

As for the regression test, we have this one below. So I was thinking of adding a couple of items bolded to accommodate this:

image
  1. Navigate to Settings > Security > Two Factor Authentication (2FA)
  2. [On Android/iOS] Verify the status bar animates to light blue (should be the same as the header of the page)
  3. Verify the first step is to save the recovery codes
  4. Click on Next
  5. Verify there's an error indicating the user to copy/download the codes before continuing
  6. Click on "Copy" and save the codes somewhere (for next test case)
  7. Verify the "Next" button is enabled if the user clicks on "Copy"
  8. Click Next
  9. Verify the next step is to verify the authenticator app
  10. Verify a QR code is displayed to use for the authenticator app
  11. Note: We recommend Google Authenticator to execute these tests, can be downloaded from Google Play Store or the AppStore
  12. Enter a incorrect 6 digit code
  13. Verify an error is displayed and a incorrect 6-digit code is entered
  14. Open your authenticator app and scan the QR or paste the secret key to set up the authenticator
  15. Enter the 6 digit code provided by the authenticator app
  16. Click Next
  17. Verify a success screen is displayed and that it contains an animation
  18. Navigate back to the main settings page
  19. Verify the status bar animates back to dark green (should be the same as header of the page)

I'll float that with Applause here.

@melvin-bot melvin-bot bot removed the Overdue label Dec 4, 2023
@trjExpensify
Copy link
Contributor

In the meantime, @gadhiyamanan sent you an offer for the bug report.

@gadhiyamanan
Copy link
Contributor

@trjExpensify offer accepted, thanks!

@trjExpensify
Copy link
Contributor

@gadhiyamanan - paid!

@burczu
Copy link
Contributor

burczu commented Dec 4, 2023

@trjExpensify regarding this:

Okay cool! I'm curious if there's something in the dev lifecycle, like in the PR checklist or something for ensuring the status bar colour matches when introducing a new animation?

I don't think so, but I think it's quite rare when we change this particular part of the app. Maybe we should add something like I verified that the feature matches the design or something to the PR checklist, because I guess, this was on designs for this feature? But probably this won't be enough because this type of issue might be introduced by PR's fixing some other bugs that has no related designs...

@trjExpensify
Copy link
Contributor

Maybe we should add something like I verified that the feature matches the design or something to the PR checklist

Hm yeah, I think it's pretty generic -- we'd want to offer some direction. We do also have a note somewhere to add the design label for design changes. Okay, maybe we leave it for now then 👍

Everyone is settled up here, closing!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Awaiting Payment Auto-added when associated PR is deployed to production Bug Something is broken. Auto assigns a BugZero manager. Daily KSv2 External Added to denote the issue can be worked on by a contributor
Projects
None yet
Development

No branches or pull requests

7 participants