When we generate links from URL's in messages, we add rel="nofollow" to combat link spam. This change turns that into rel="nofollow noopener". This prevents the page at the end of the link from having access to the roundup window that displays the link. Details on the issue are are at: https://mathiasbynens.github.io/rel-noopener/ search web for noopener vulnerability. This problem usually requires a target="_blank" to really exploit it and we don't provide that. But adding noopener is extra protection.

def preset_new(db, cl, nodeid, newvalues):
    """ Make sure the status is set on new issues"""

    if 'status' in newvalues and newvalues['status']:
        return

    new = db.status.lookup('new')
    newvalues['status'] = new


def init(db):
    # fire before changes are made
    db.issue.audit('create', preset_new)