When we generate links from URL's in messages, we add rel="nofollow" to combat link spam. This change turns that into rel="nofollow noopener". This prevents the page at the end of the link from having access to the roundup window that displays the link. Details on the issue are are at: https://mathiasbynens.github.io/rel-noopener/ search web for noopener vulnerability. This problem usually requires a target="_blank" to really exploit it and we don't provide that. But adding noopener is extra protection.

def init_severity(db, cl, nodeid, newvalues):
    """Make sure severity is set on new issues"""
    if 'severity' in newvalues and newvalues['severity']:
        return

    normal = db.severity.lookup('normal')
    newvalues['severity'] = normal

def init(db):
    db.issue.audit('create', init_severity)