All Projects

IDProjectCategoryTask TypeSeveritySummaryStatusOpened byOpenedProgress
2536Flyspray - The bug killer!Backend/CoreFeature RequestMediumstore session in Flyspray databaseNewpeterdd21.01.2019
0%
2 Task Description

Currently the sessions are stored by the webservers default settings.

Having this sessions under control by Flyspray by storing it in the database has following advantages:

  1. Allows handling of all sessions of a user by Flyspray.
  2. Providing a session management for each user. The user can see on which devices he is currently logged in and could also force a logout on selective devices.
  3. A forced logoff of all or some user sessions is easy implementable for admins.
  4. Statistics about how many users and who is logged in. (user status: hide always, online, offline, do not disturb, ..)
  5. Could make onpage-notifications easier to implement.
  6. .. ?

Disadvantages:

  1. A potential unknown security bug in Flyspray that could lead to reading a session db table could leak informations like who is currently online/active and make further attacks more focused or makes session takeover easier.
  2. .. ?
2535Flyspray - The bug killer!Backend/CoreFeature RequestLownew optional Flyspray setting: add new users automatica...Newpeterdd16.01.2019
0%
2 Task Description

When a Flyspray installation allows user self registration and has public but also more private projects, this feature could make the required configuration more clear:

In this case, keep the number of global user groups as low as possible and the global user group for basic or just registered users has only the ‘can login’ permission and nothing more.
Because that only would be useless for new registered users, adding them also to a basic user group of a public project could be useful.

So my suggestion is:

A new optional global setting: Something like ‘default project user group’ (store 2 values: a project_id and a group_id). Validity of that setting must be checked during any user registration, so that project must exists now and at later time as also that project user group within that project. (’Checks’ of admin prefs)

So it would be like this for a new registered userA:

  1. userA is in a basic default global user group: only login permission to handle his account registration (login, logout, user preferences, password forgotten)
  2. userA is in project X default user group: some basic permissions you want allow for every (new) registered user in project X
  3. project Y: all ‘allow anyone ...’-settings are unchecked, userA not in any user group of project Y

The setting is probably best put below the ‘Default global group for new users’ setting in the global admin prefs tab #userregistration as

Either: A dropdown list with all public projects with an existing user group and dependend on the selection the available basic project groups are loaded by ajax as a select list too.

Or: Only one dropdown list that contains a list of public projects with possible project user groups. Would not require extra ajax calls and is maybe enough because we could exclude project groups that have project manager permission or such configuration nobody would allow new registered users.

no default project user group
public projectA - simple user groupA1
public projectA - simple user groupA2
public projectB - simple user groupB
public projectC - simple user groupC

This idea could be enhanced further (put the new user to multiple public projects when he registers or let user choose from public allowed projects during registration process), but lets start simple.

 2532 Flyspray - The bug killer!Backend/CoreBug ReportMedium spaces before or after a single word search gives too m ...Closedpeterdd11.01.2019
100%
1 Task Description

Spaces before or after a task search string gives too many results in the tasklist.

Example search strings:

test (space after word test)
 test
 test (space after word test)

Found this on bugs.archlinux.org, but also current 1.0-rc7 has this problem.

2491Flyspray - The bug killer!Backend/CoreBug ReportLowgroup member links if project manager but not adminNewpeterdd01.09.2018
0%
Task Description

When a user has project manager permissions, but not admin permissions, then on the ‘edit group’ pages like index.php?do=pm&area=editgroup&id=8
the links in the list of users of that group are

index.php?do=admin&area=users&user_id=12345

instead of linking to the users page

index.php?do=user&area=users&id=12345

and a redirect follows with Error #4: You don’t have administrative rights.

2454Flyspray - The bug killer!Backend/CoreBug ReportLowPHP warning in admin edit user areaNewpeterdd15.01.2018
0%
Task Description

Since PHP7.2 shows a warning in admin area ?do=admin&area=users&user_id=1234567890, when user_id is set, but no alternative user_name parameter.

Probably related to scripts/admin.php

$id = Flyspray::UserNameToId(Req::val('user_name'));
if (!$id) {
  $id = Req::val('user_id');
}
2453Flyspray - The bug killer!Backend/CoreBug ReportMediumvalidate category before storing a new taskNewpeterdd14.12.2017
0%
Task Description

Currently the category_id is not checked if the value is legal for the project when a new task is created.

  • must be unsigned int
  • must be an active category_id of the project or global category.
  • setting a category_id must be allowed - see project settings.

If invalid category_id is sent, deny creating task and show error message and show filled form again.

If no category_id is sent (or empty string) and category select is enabled:

  • either choose a default category

or

  • implement feature request FS#2451 and show that user should select a category.
 2452 Flyspray - The bug killer!Backend/CoreBug ReportHigh deprecated functions since PHP7.2 Closedpeterdd13.12.2017
100%
1 Task Description

Well, as everybody can see at the moment, someone (who? @floele ?) updated the server hosting bugs.flyspray.org to PHP7.2.x and now some ‘deprecated’-warnings are shown.
Edit: For example not working Flyspray 1.0-rc6 and older with the brand new PHP7.2:

  • shows deprecated info on top
  • shows deprecated info at every comment
  • tells task in work by other user when you want to save a task.
  • Uploaded files aren’t downloaded correct (open a downloaded image with a hexeditor for example to see)
  • probably also scheduler (cronjob/schedule.php and sending emails effected)
2444Flyspray - The bug killer!Installer and UpgraderInformationLowcomposer hits memory limitsNewpeterdd04.10.2017
0%
Task Description

Quick anwser: enable swap partition on your server.

Tried upgrading a rc4-dev to rc5-dev/rc6/flyspray-master on a virtual server with 500MB RAM and php5.6.30 on the commandline (debian)

After file upgrade, I wanted also update the vendor stuff according to composer.json changes.

But surprisingly this failed:

php composer.phar update

and also after

php composer.phar selfupdate


to version Composer version 1.5.2 2017-09-11 the memory limit bug exists:

The following exception is caused by a lack of memory or swap, or not having swap configured
Check https://getcomposer.org/doc/articles/troubleshooting.md#proc-open-fork-failed-errors for details

PHP Warning:  proc_open(): fork failed - Cannot allocate memory in phar:///var/www/***/composer.phar/vendor/symfony/console/Application.php on line 979

Warning: proc_open(): fork failed - Cannot allocate memory in phar:///var/www/***/composer.phar/vendor/symfony/console/Application.php on line 979

  [ErrorException]
  proc_open(): fork failed - Cannot allocate memory

Also doing a more fresh vendor install like

rm composer.lock
rm vendor/*
(keeps the .htaccess there)
php composer.phar install

300 MB not enough for a handful of php package installations? wtf, but didn’t dig deeper..

I temporarly solved the problem by making a swap partition on this vServer like suggested at
https://getcomposer.org/doc/articles/troubleshooting.md#proc-open-fork-failed-errors

/bin/dd if=/dev/zero of=/var/swap.1 bs=1M count=1024
/sbin/mkswap /var/swap.1
chmod 600 /var/swap.1
/sbin/swapon /var/swap.1
free
             total       used       free     shared    buffers     cached
Mem:        506300     374920     131380      30628      21904     143872
-/+ buffers/cache:     209144     297156
Swap:      1048572          0    1048572

This is just documentation and is for the people who prefer a Flyspray development version from github.com

Full Flyspray release download files do not needs to fiddle with composer.

Maybe an entry for the FAQ

2441Flyspray - The bug killer!Backend/CoreBug ReportMediumrefactor dokuwiki image tagsNewpeterdd15.09.2017
0%
Task Description
I’ve tried inserting an image in the intro message but it doesn’t show. Is there something broken in the formattext.inc file? Seems unlikley because it’s so old but can’t work out why nothing shows.
Alan

I had to disable some parts last year within dokuwiki quickly due sever reported security issues in that area.

As tradeoff embedding images currently don’t work within dokuwiki textareas in Flyspray.

As I too wish that feature reappear working for my projects, this is on my personal list. But requires focused free time because must be made secure.

Maybe instead of using fetch.php of dokuwiki, we can use Flypsray’s ?getfile=id , which also checks permissions.
But must check also securly file types and maybe resize images to fit into the desired page (thumbnails).

2440Flyspray - The bug killer!Backend/CoreFeature RequestLowOption to disable tag featureNewpeterdd15.09.2017
0%
Task Description

There is a wish on the Flyspray mailing list:

Is there a way of hiding the TAGS input field from the Add New Task form?
Alan

If it is just hiding on that form, there are several options to achieve this (from simple to complex)

A) Hide by CSS

Add that rule to themes/CleanFS/theme.css CSS file:

#edit_tags{display:none;}

B) Hide by CSS (better)

Add a rule to a custom_*.css, for instance themes/CleanFS/custom_mytheme.css

#edit_tags{display:none;}

and choose custom_mytheme.css in your project settings.

D) Edit themes/CleanFS/templates/newtask.tpl directly

and remove the whole div-tag with id=”edit_tags” (all between ‘<div id=”edit_tags>”’ and its closing ‘</div>’ (not recommended)

E) Use a custom template

  1. Create a folder in themes/, for instances themes/mynotagtheme/
  2. Only copy themes/CleanFS/templates/newtask.tpl to themes/mynotagtheme/templates/newtask.tpl
  3. Make the changes to that newtask.tpl like in B) (custom theme not overwritten by Flyspray Updates if you keep or backup your themes/mynotagtheme/ folders, but requires review if something has changed within themes/CleanFS/templates/newtask.tpl between version updates)
  4. Choose your mynotagtheme as project theme. All other files fall back to default themes/CleanFS/

(not tested, but thats the way it should work with current Flyspray 1.0-rc5)

D) Nag or caress someone

to finish tag feature for Flyspray with options/permissions to turn it off per project or project group or something like that.

This would effect not only that newtask form but all places where that options should kick in (listing tags in tasklist, tasklist filters etc)

2439Flyspray - The bug killer!Backend/CoreFeature RequestLowClone a ProjectNewpeterdd15.09.2017
0%
3 Task Description

There is a request for cloning a project on Flyspray mailing list:

Would be a very welcome features to have Project Templates for repetitive workflow. Any idea if its in the pipeline?
Thanks

Well, not yet.

The question is, how exactly you want that project clone.

Do you want just a rough copy of the project table entry?
Thats quite easy and can even be done without programming or writing a line of SQL just by using PHPMyAdmin (or similiar Tools for PostgreSQL) and copy a row of the project table for example.
See yellow marked project table on the right of the attached dbschema screenshot.

The other extreme is copying every project depending list table entries to new ones.
This sure requires some programming, but not too hard to add this to Flyspray. (all yellow marked tables in the attached dbschema screenshot.

I attach a rough form mockup how could this could look like.

Possible solution

  1. add a new file scripts/ folder for instance copyproject.php (check admin permission)
  2. add a template file to themes/CleanFS/templates/copyproject.tpl
  3. Set a link to that clone form page somewhere, for example on the toplevel page of a project (see screenshot)
  4. Handle the adminuser (or add a clonepermission for that project manager usergroup) submitted form careful and savely either by includes/modify.inc.php (or like scripts/copyproject.php to keep it seperate from core)

The link to the clone form looks then ?project=123&do=copyproject

2436Flyspray - The bug killer!Backend/CoreBug ReportLowdokuwiki renderer creates nonunique html-id for h1,h2,h...Newpeterdd02.08.2017
0%
21 Task Description

The dokuwiki renderer automatic creates for each h(1-6) tag an html id attribute, but doesn’t ensure that this:

  • is not used by Flyspray templates
  • is unique across all tasks (tasklist summary/description mouseover!), id must be unique on a webpage.

Example: id=”footer” and id=”title” are used by the default CleanFS template for example.

id=”footer”

title

id=”title”

title

id=”title1”

title

id=”title2”

The original intention I think is to make dokuwiki content each h-section linkable, for instance by a “table of contents” at top of a wiki content page.
This is currently not used by the dokuwiki integrated in Flyspray, but could be in future.

Possible solution

Add the task_id to the generated id h(1-6) tags, for instance “d1234_footer” “d1234_title”

d - like description

(t1234 used for tags/labels id currently)

2337Flyspray - The bug killer!DocumentationInformationLowFlyspray ThemesNewpeterdd02.02.2017
0%
418 Task Description
  • Flyspray 1.0 includes 1 default theme CleanFS. That decision was made to reduce maintainance effort and the old blue theme was dropped. Also the CleanFS contains UI-logic implemented in HTML/CSS and tries to be usable even for the people who turned off javascript in their web browsers for security reasons. (and reduces spam on many other websites too without an adblocker)
  • Current Flyspray source and the theme CleanFS provides several methods to customize the layout without touching the .tpl files. These are:
    1. custom_*.css files that extend or overwrite properties of CleanFS/theme.css
    2. 2 fields in admin area where to put code
      ?do=admin&area=prefs#lookandfeel

      For instance a corporate footer menu or something like that.

Advantages of CleanFS instead running your own

  • Theme is maintained with Flyspray source. Detected security issues related with themes are fixed with Flyspray releases.
  • Added features or capabilities are implemented for the default theme.

‘Subtheme’ can be a compromise: Theme CleanFS is always uptodate in sync with Flyspray. Subthemer only needs to check changes required for own subtheme .tpl files.

I do not want complete stop people from writing their whole new template, it allows new ideas implemented or alternative usability. For them, it is probably better to create a Github project for that theme.

This is just raw info from me and can be discussed. Something should be finally written on https://www.flyspray.org in the documentation area.

2332Flyspray - The bug killer!Backend/CoreBug ReportMediumCSV export filename filteringNewpeterdd24.01.2017
0%
2 Task Description

The filename for the csv export is build based on project name and current date.

Due different handling of web browsers, the appropriate http header should send the filename in ascii and also provide them as utf-8 for web browsers who can handle that.

Related RFC5987

2325Flyspray - The bug killer!User InterfaceFeature RequestLowbig image attachments: fit to browser window width in L...Newpeterdd10.01.2017
0%
32 Task Description

Maybe this is not an issue, but my problem is: upload images approximately 3000 px x 2000 px and this image appears larger than the monitor
is it possible that the image is automatically resized to 800 px x xxx px size

(reported by Ivan Cilic)

 2313 Flyspray - The bug killer!Backend/CoreInformationMedium different composer.json for different php versions? Closedpeterdd17.11.2016
100%
Task Description

I still struggle with composer.json for doing Flyspray builds with included 3rd party libs for different PHP versions.

It is annoying composer.json is just an array, no comments, no conditionals
- and I’m still noob with composer and phpunit stuff.

Main source of problem: oauth2-client and guzzle breaking compatibility with PHP5.3 and PHP5.4

PHP5.3 oauth2-client 0.3 with additional patches (peterdd), guzzle 3.*
PHP5.4 oauth2-client 0.12.1, guzzlehttp ???
PHP5.5 oauth2-client 1.*, guzzlehttp &gt;=6.2.1
PHP5.6 oauth2-client @stable, guzzlehttp &gt;=6.2.1
PHP7 oauth2-client @stable, guzzlehttp &gt;=6.2.1

Any suggestions how to solve this?

Do we really have to maintain different flyspray source trees just with different composer.json files???
Or backport auth2-client to PHP5.3 and PHP5.4 and use our versions in composer.json (no manpower for this)

Also the oauth2 stuff is not tested at the moment, so OAuth2 for Flyspay could be broken for some PHP versions.

2308Flyspray - The bug killer!User InterfaceFeature RequestLowimprove user management for adminsNewpeterdd27.10.2016
20%
1 Task Description

The register spam by probably bots in 2016 is annoying.

I ticked the setting, that an admin must accept a new registration. It helps to reduce spam task, but now admin must decide if the registrations are ok or just spam bots.

Beside the need of antispam-plugins, the management of users can be improved:

  • column sorting of user list, similiar to the tasklist
  • filtering user list, similiar to the tasklist
  • pagination of user list (25,50,100,200,all?)
  • more columns like ‘last login’, ‘last activity/tasks/comments created/votes/edit’ that may help to decide what status or settings a user should have in future.
  • show time zone setting and language setting of users implemented in userlist now
  • mass accept/deny of a list of user registrations waiting for admin approval.
2221Flyspray - The bug killer!Installer and UpgraderInformationLowNotices on install with PHP7Newpeterdd24.10.2016
50%
Task Description
Notice: Only variables should be assigned by reference in /*/setup/index.php on line 883 
Notice: Only variables should be assigned by reference in /*/setup/index.php on line 949
2215Flyspray - The bug killer!Text RenderingBug ReportLowwrong output of Geshi syntax highlighting for xml codeNewpeterdd17.10.2016
0%
11 Task Description

Geshi 1.0.8.17 from https://github.com/easybook/geshi is quite slow at the current integration of Flyspray v1.0-rc3 on the first run. (But any further read uses the cache.)

But it produces garbled output for xml code highlighting:

Example without xml, just format as preformatted code:

<table>blabla</table>

Or as php syntax highlighting (even if it doesn’t contain a real php-tag ;-) ):

<table>blabla</table>

Example with xml choosen as language:

blabla

The table tag is stripped away instead of converting the tag for output inside code/pre tags (by converting the < and > chars). Maybe just a configuration issue?

 2213 Flyspray - The bug killer!Backend/CoreBug ReportMedium fix warnings with PHP7 Closedpeterdd17.10.2016
100%
Task Description

There are still some warnings about deprecated constructors when Flyspray runs with php7.

 2195 Flyspray - The bug killer!Backend/CoreTODOHigh Release Flyspray 1.0-rc2/rc3/rc4 Closedpeterdd15.08.2016
80%
Task Description
  1. Edit includes/class.flyspray.php on github.com and set the correct version for the release there (remove the ' dev’ from the version string), commit as new branch e.g. 1.0-rc2
  2. Prepare a new release on https://github.com/Flyspray/flyspray/releases , write a summary of changes since last release, choose the branch you created in the previous step, save as “draft”.
  3. “Release” the Flyspray source on github when satified with layout
  1. Run buildscripts for different php versions (see comments at FS#2040)
  2. Upload the created .zip and .tgz files to https://github.com/Flyspray/flyspray/releases
  3. Edit the https://github.com/Flyspray/flyspray.github.io/blob/master/_docs/download.md and link the source and packaged .zip and .tgz files
  4. Write a new article with a summary of highlights of changes since last release for the www.flyspray.org frontpage on https://github.com/Flyspray/flyspray.github.io/tree/master/_posts/News
  5. Important: If all is nice and shiny: Update the version string on www.flyspray.org https://github.com/Flyspray/flyspray.github.io/blob/master/version.txt so admins of flyspray get informed a new Flyspray release is available now. For instance change from 1.0-rc1 to 1.0-rc4 if you are releasing Flyspray 1.0-rc4. Must be the exact version you set in includes/class.flyspray.php .
2193Flyspray - The bug killer!User InterfaceFeature RequestLowEdit a comment while seeing task details and other comm...Newpeterdd07.08.2016
0%
Task Description

If someone with ‘edit comment’-permission wants to edit a comment, the edit comment form is shown on an extra page.

This is not optimal, because the editor cannot see task details or the other comments while modifying the comment.

Possible Solutions

  • with javascript is enabled: Stay on the ‘task detail’-page, just the comment changes from a ‘view’ layout to ‘edit’ layout, similiar to the quickedit-feature (like in FS1.0).
  • when javascript is disabled: The ‘edit comment’-page shows task details (check permissions) and other comments too, but maybe a bit narrow, so ‘visible focus’ is on editing the comment.
2190Flyspray - The bug killer!Backend/CoreFeature RequestLowenable move of a closed clask to other project without ...Researchingpeterdd06.08.2016
0%
Task Description

Problem: By replacing just the project_id of the closed task it is possible the task then has invalid field values within the target project.

Possible scenarios:

  1. Ignore invalid values within the target project
    • Pro: Easy to do, an immidiatly revert back to the old project would “heal” the task properties.
    • Contra: may effect accuracy and reliability of other parts like searching, listing, statistic calculations
  2. Silent change task field values to valid field values of the target project if necessary
    • Pro: relative easy to do
    • Contra: a bit loss of information, little side effects
  3. allow user to modify the fields that must be changed so that every field of the task has valid values within the target project
    • Pro: accuracy
    • Contra: a bit loss of information(fallback to default values) if there are no similiar field values selectable within the project
  4. allow user to modify the fields, fields or field select values that do not exists in target project will be automatically created.
    • Pro: accuracy
    • Contra: target project may be cluttered with too many fields/field values
  5. ???
2188Flyspray - The bug killer!Backend/CoreBug ReportVery LowIt should not possible to relate a task to itselfNewpeterdd01.08.2016
0%
Task Description

Flyspray should show a warning, and maybe set the focus back to the field (only when it is a this-one-field-only-form.)

2159Flyspray - The bug killer!Backend/CoreTODOHighfresh registered user accounts created spam tasksNewpeterdd04.07.2016
0%
2 Task Description

Today it was first time I see real spam on bugs.flyspray.org

The 2 spam accounts registered today and started creating spam posts as new tasks.

What is the reason? Was it by real humans or bots?

So what can we do to reduce this in future?

Ideas for making it harder and unattractive for spammers:

  • Users who never opened a nonspam-task or contributed a useful comment should solve a captcha
  • Limit the amount of creating tasks for new registered users or a user groups, like limiting to 2 tasks or 1 task per user per day.
  • Settings for a more moderated task creation process? Like a quarantine dbtable for tasks?
  • If we closed such spam tasks with WTF? reason, it will still be listed by search engines like google at the moment:
  1. Move spam tasks to a ‘dumpster project’, that is not visible for guests (search engines!) too.
  2. Or make spamming to visible flyspray projects unattractive, lets set noindex for: closed task for some special reason id?
  3. Delete spam tasks from database if allowed by your organization

Update: another and this time more aggressive phone number spammer.

2143Flyspray - The bug killer!TranslationsTODOVery Lowjscalendar: week start should be monday, ISO 8601Confirmedpeterdd01.07.2016
10%
2 Task Description

The current jscalendar shows sunday as the first day of the week by default.

Could be modified for a language by adding

// First day of the week. 0 means Sunday, 1 means Monday
Calendar._FD = 1;

js/jscalendar/lang/calendar-XX.js

See also https://github.com/Flyspray/flyspray/commit/f7831b7f6845e237b79da2a68d475f21a24fff72#diff-70a18ca66e215fc5aa282d4c58fed4ab

It should default to Monday as defined by ISO 8601.

https://en.wikipedia.org/wiki/ISO_8601#Week_dates

https://en.wikipedia.org/wiki/Week#Week_numbering

2139Flyspray - The bug killer!User InterfaceFeature RequestVery LowAdd project setting of popular used programming languag...Newpeterdd17.06.2016
0%
Task Description

This is at the moment just a bit brainstorming ..:

Let the project administrator define what source code languages are used/popular in a software project and dependend of that setting prefer/promote that languages at the dokuwiki editor buttonbar.

This requires probably an additional database field in the flyspay_projects table (if just used for dokuwiki that should be ok)

If thinking further like Filter me all software projects that may ontain CSS code on the projects overview, a m:n-table setup is thinkable. But thats maybe overengineering..
Or can we use the existing tag-feature for that and just ‘tag’ projects with tags?

2138Flyspray - The bug killer!User InterfaceFeature RequestVery LowOverhaul dokuwiki editor buttonbarNewpeterdd17.06.2016
0%
1 Task Description

Rethink the current sets of buttons and their functionality.

Maybe a mousover hint/cheatsheet of available dokuwiki syntax is more helpful in writing fast and efficient.

  • buttongroup links http,email,ftp
  • buttongroup code, code php: why a single button for php? maybe a cheatsheet or subselect for choosing a language (read directory plugins/dokuwiki/inc/geshi for that). Or even better: Let the project administrator define what source code languages are used/popular in a software project and dependend of that setting prefer/promote that languages
  • I miss a blockquote- or cite-tag for citation, which is more semantic than bold, italic, underline buttons. Update: It is the > character followed by text!
  • Show a cheatsheet (by mouseover?) of dokuwiki smileys as defined at plugins/dokuwiki/conf , update to current config of dokuwiki, facepalm for instance is missing
8-) 8-O 8-o :-( :-) =) :-/ :-\ :-? :-D :-P :-o :-O :-x :-X :-| ;-) ^_^ :?: :!: LOL FIXME DELETEME

8-) icon_cool.gif 8-O icon_eek.gif 8-o icon_eek.gif :-( icon_sad.gif :-) icon_smile.gif =) icon_smile2.gif :-/ icon_doubt.gif :-\ icon_doubt2.gif :-? icon_confused.gif :-D icon_biggrin.gif :-P icon_razz.gif :-o icon_surprised.gif :-O icon_surprised.gif :-x icon_silenced.gif :-X icon_silenced.gif :-| icon_neutral.gif ;-) icon_wink.gif ^_^ icon_fun.gif (not working as first character on a line, bug?) :?: icon_question.gif :!: icon_exclaim.gif LOL icon_lol.gif FIXME fixme.gif DELETEME delete.gif

2137Flyspray - The bug killer!Backend/CoreBug ReportLowfeature accesskey bad implemented by web browsersNewpeterdd15.06.2016
0%
Task Description

My tests showed that the html accesskey feature is not well and consistent supported by current web browsers and is quite cumbersome to use.
And it seems it will not be better in future..

The only solution I see dropping that feature or replacing them with simple single-key-event javascript listeners, like it is currently done with keys o, j, k, n, and p.

accesskeys in Flyspray I talk about:

  • l (current SHIFT+ALT+l Firefox) login dialog / logout
  • a (current SHIFT+ALT+a Firefox) add new task
  • m (current SHIFT+ALT+m Firefox) my searches
  • t (current SHIFT+ALT+t Firefox) focus taskid search
  • e (current SHIFT+ALT+e + Enter Firefox) edit task
  • x or y? (current SHIFT+ALT+y Firefox) close task
  • s (current SHIFT+ALT+s Firefox) save task

Also related to Keyboard navigation: tabindex

2127Flyspray - The bug killer!User InterfaceFeature RequestLowoverhaul task detail page layoutNewpeterdd20.05.2016
0%
11 Task Description

There was a question on the mailing list:

I have a suggestion, even though I don´t know if it´s possible to do it. But if it is, it would be great!
In the comments list of a given task, is it possible that the comments appear from the newest one to the oldest ones, and not as it is now, with the new ones coming at the end of the list? This is because I deal with long comments list for a given task, and it is becoming difficult to reach the last one, that is, the newest comment, because the order in the comments is on the top, the older ones. If this could be altered it would be great. Kind regards
Ana ...

Quick anwsers:

  1. Users can use ‘End’-key and ‘Pos1’-key on their keyboard to scroll to bottom and top of page. (lame anwser I know)
  2. Another quick anwser is to just reverse the comments array in the appropriate template themes/CleanFS/templates/details.tabs.comments.tpl :

Replace

<?php foreach($comments as $comment): ?>

with

<?php
$comments_latestfirst=array_reverse($comments);
foreach($comments_latestfirst as $comment): ?>

But the real problem I think is that the details page (and others too..) is not optimized for todays wide screens (landscape views). Laptops have FullHD or higher but the Flyspray users still have to scroll to get an overview of a task.

And for narrows views too (mobile phones, tablet portrait view)

The attached screenshot shows moving the task details tabs beside their task description if the display width is over 1200 css pixel. (and the reversed comments too ;-) ). Done with pure css media query:

E.g. add to a custom stylesheet file custom_detailswidescreen.css in folder themes/CleanFS/ :

@media only screen and (min-width: 1200px) and (orientation: landscape) {
.details .tab.active{
        display:inline-block;
}
 
.details .tab{
width:44%;
padding-left:0px;
/*margin-top:60px;*/
box-sizing:border-box;
}
 
.details .commenttext pre {
overflow:auto;
}
.details .comment_container .comment {
width:auto;
margin-left:30px;
display:block;
}
.details .comment_avatar {
position:absolute;
}
.details #comments .fa.fa-user{
font-size:30px !important;
}
 
#submenu li a{margin-left:0;}
 
.details #submenu{
display:inline-block;
position:absolute;
padding:1em 0 0;
margin-top:26px;
}
 
.details #content{
display:inline-block;
box-sizing:border-box;
vertical-align:top;
width:55%;
}
 
/* just a temporary fix: should be redone in theme.css with class instead ids*/
#comments, #related, #notify, #remind, #effort, #history {margin-top:72px;}
 
}

(Has still some problems with current 1.0-rc1 when the project selector wraps. Also tab labels wrap if not enough width available and tab content do not adapt.)

What do you think? How should the details page look on different display sizes? How can it improve the workflow of the user?

2121Flyspray - The bug killer!Backend/CoreBug ReportMedium'my assigned tasks' uses like %?% search instead of use...Confirmedpeterdd19.04.2016
90%
32 Task Description

Problem: https://github.com/Flyspray/flyspray/pull/552

The button ‘My assigned tasks’ should search only by userid, not in username or realname with the LIKE ‘%...%’ operator.

Currently the button is using the same as doing an advanced search filling the ‘Assigned To’ input field. (currently ‘dev’ param) But that search param searches in userid, username and realname.

Edit: Implemented simpler solution: if param is digitsonly, then search by userid, otherwise by username and realname if that param exists.

 2120 Flyspray - The bug killer!Backend/CoreBug ReportMedium anonymous task creation in restricted project not possi ...Closedpeterdd19.04.2016
100%
2 Task Description

with this general project settings for everyone (users and anon):

Project is active ('project_is_active'): yes
Allow anyone to view tasks of this project ('others_view'): no
Allow anyone to view roadmap of this project: no 
Allow anonymous users to open tasks: yes
  1. Project is not selectable from Project drop down list with this settings, but should.
  2. The can_view_project permission is currently a calculated value, currently using ‘others_view’ permission for guests.
  3. Review where can_view_project() permission is used to limit access.
  1. Evaluate if “Allow anonymous users to open tasks”- perm make can_view_project()-permission true is sufficient.
  2. Or just use the “Allow anonymous users to open tasks”- perm at the relevant places. (I tend to prefer this, because of very limited places.)
  1. TODO: Maybe move
Allow anyone to view tasks of this project: no
Allow anyone to view roadmap of this project: no 
Allow anonymous users to open tasks: yes

from ‘Preferences’ project settings tab to the ‘User Groups’ project settings tab. So everything permission related is at one place.

I think the problem is within index.php, put in with commit https://github.com/Flyspray/flyspray/commit/651f09801a35533205971cf322483a0e52ad0a1d

A anon user cannot pass behind this code lines:

// make sure people are not attempting to manually fiddle with projects they are not allowed to play with
if (Req::has('project') && Req::val('project') != 0 && !$user->can_view_project(Req::val('project'))) {
    Flyspray::show_error( L('nopermission') );
    exit;
}

But before just removing removing the “exit;” here, needs too review if anon users cannot trigger bad actions.

2119Flyspray - The bug killer!Backend/CoreBug ReportMediumfunction filter_input not always availableResearchingpeterdd15.04.2016
0%
Task Description

filter_input() is in extension “Filter”.

It is enabled by default since PHP5.2, see http://php.net/manual/en/migration52.new-extensions.php but not “always”, see https://groups.google.com/forum/?hl=de#!topic/flyspray/QM75BvwPqGM

filter_input() is only used at 1 section in Flyspray (since 2014 up to v1.0rc1) in includes/fix.inc.php
This is the commit https://github.com/Flyspray/flyspray/commit/40861911260812c99682fe3456350cb63bb243a9

How do we solve it? Several possibilities:

2118Flyspray - The bug killer!User InterfaceFeature RequestLowShow overview of existing tags for usersNewpeterdd09.04.2016
0%
Task Description

At several places it could be useful to let the user view available tags:

  1. When editing a task a toggle popup could show a list of selectable and existing tags.
  2. Make the list of tags searchable for the advanced search.
 2117 Flyspray - The bug killer!DocumentationInformationLow FS 1.0 RC1 release Closedpeterdd09.04.2016
100%
Task Description
  1. Edit includes/class.flyspray.php on github.com and set the correct version for the release there (remove the ' dev’ from the version string), commit as new branch e.g. 1.0-rc1 :-)
  2. Prepare a new release on https://github.com/Flyspray/flyspray/releases , write a summary of changes since last release, choose the branch you created in the previous step, save as “draft”. :-)
  3. “Release” the Flyspray source on github when satified with layout :-)
  4. Run buildscripts for different php versions (see comments at FS#2040) :-)
  5. Upload the created .zip and .tgz files to https://github.com/Flyspray/flyspray.github.io/tree/master/packed :-)
  6. Edit the https://github.com/Flyspray/flyspray.github.io/blob/master/_docs/download.md and link the source and packaged .zip and .tgz files :-)
  7. Write a new article with a summary of highlights of changes since last release for the www.flyspray.org frontpage on https://github.com/Flyspray/flyspray.github.io/tree/master/_posts/News
  8. Important: If all is nice and shiny: Update the version string on www.flyspray.org https://github.com/Flyspray/flyspray.github.io/blob/master/version.txt so admins of flyspray get informed a new Flyspray release is available now. For instance change from 1.0-rc to 1.0-rc1 if you are releasing Flyspray 1.0 RC1. Must be the exact version you set in includes/class.flyspray.php .
2114Flyspray - The bug killer!TranslationsTODOMediumStandardize the priority meaning across flyspray transl...Newpeterdd07.04.2016
0%
21 Task Description

Standardize the priority meaning across flyspray translations.

Idea:

0 - priority unset (database field default value)

1 - defer (or very low priority, often results the task is defered, see “Eisenhower principle”)
2 - low
3 - normal
4 - high
5 - very high

6 - flash (house burns, catastrophic event, website down, “boss” decision)

Some other software (other task planers/ email programs) use a 1-5 step priority. So an export feature to other software may merge priority 6 to priority 5 for such software.

In 2012 meaning was changed only in english translation.

Before normal was priority 2 in a 1-6 range, after it is priority 4 in a 1-6 range.
It should be IMHO 3 in that 1-6 range.

2104Flyspray - The bug killer!Backend/CoreBug ReportLowfiltering by one user on tasks with multiple assignees ...Newpeterdd26.02.2016
0%
Task Description

If you have a tasklist with tasks that have multiple assignees in a task and you search just by one of the assignees, the resulting tasklist shows only this user in the assignees column.

Expected: all assignees of the tasks are shown.

 2102 Flyspray - The bug killer!Backend/CoreBug ReportMedium strict ordering of tags required  Closedpeterdd19.02.2016
100%
2 Task Description

When saving the tag list at admin and project area, the ordering of the tags must be recalculated.

So it is not more legal to have a list ordering like (0,0,0,1,3,4,7)

That should be recalculated and stored as (1,2,3,4,5,6, 7) (or 0,1,2,3,4,5,6)
currently in file includes/modify.inc.php

Why?

The SQL for the tasklist uses currently GROUP_CONCAT (and a equivalent syntax for postgres) that groups by list_tag.list_position.
Well, we could just ‘group by’ the tag_id too, but with list_position value we can show the most important tags first.

3 times, and that 3 result fields must be in the same order. (tag id, tag name, tag class field)

Also that sql-query part there needs a little modification, but first fix that strict ordering.

Alternative

Don’t use group_concat() or similiar for list_tag.tag_name or list_tag.class. Instead load an indexed array once per http request and only when needed.

For instance as function within class.flyspray.inc.php:

        /**
         * load all tags into array
         *
         * compared to listTags of class project, this preloads all tags in flyspray database
         * ideally maximal called once per http request, then using the array index for getting info
         *
         * @return array
         */
        public static function getAllTags()
        {
                global $db;
                $at=array();
                $res = $db->query('SELECT tag_id, project_id, list_position, tag_name, class, show_in_list FROM {list_tag}');
                while ($t = $db->fetchRow($res)){
                        $at[$t['tag_id']]=array(
                                'project_id'=>$t['project_id'],
                                'list_position'=>$t['list_position'],
                                'tag_name'=>$t['tag_name'],
                                'class'=>$t['class'],
                                'show_in_list'=>$t['show_in_list']
                        );
                }
                return $at;
        }

in scripts/index.php in function tpl_draw_cell():

function tpl_draw_cell($task, $colname, $format = "<td class='%s'>%s</td>") {
  global $fs, $db, $proj, $page, $user, $alltags;
...
  case 'summary':
...
    if($task['tagids']!=''){
                        # if global $alltags are yet undefined, preload the tags now.
                        if(!is_array($alltags)) {
                                $alltags=$fs->getAllTags();
...
 foreach($tagids as $tagid){
                                $tgs.='<i class="tag t'.$tagid
                                        .(isset($alltags[$tagid]['class']) ? ' ' .htmlspecialchars($alltags[$tagid]['class'], ENT_QUOTES, 'utf-8') : '').'" title="'.htmlspecialchars($alltags[$tagid]['tag_name'], ENT_QUOTES, 'utf-8').'"></i>';
                        }
 2090 Flyspray - The bug killer!Backend/CoreBug ReportLow dokuwiki code /e modifer deprecated .. Closedpeterdd10.11.2015
100%
Task Description

When code with language attribute:


<code php> echo 'hallo';

</code>

‘The /e modifier is deprecated, use preg_replace_callback instead in (..)/plugins/dokuwiki/inc/geshi.php’

2089Flyspray - The bug killer!Backend/CoreBug ReportMediumadding same taskid as subtask or related task should be...Newpeterdd07.11.2015
50%
21 Task Description

Both is a bit illogical, but both is currently possible! ;-)

1 ←- 1

So when setting the parent task id checked for creating loops is needed:

Loop with 2 tasks: 1 ←- 2 ←- 1

Loop with 3 tasks: 1 ←- 2 ←- 3 ←- 1
Loop with n tasks: 1 ←- ... ←- n < – 1

As I think there are currently no recursive reads that could lead to an endless loop, but should be kept in mind when someone wants to programm rendering a gantt chart.
E.g. by limiting the depth of subtasks for example.

2078Flyspray - The bug killer!User InterfaceBug ReportMediumlayout of requested close on small displaysNewpeterdd26.10.2015
0%
1 Task Description

currently absolute positioning overlapping deny button and not full visible

Possible better solution:

  • cssbased toggle
  • left:50%; width:300px;margin-left:-150px;margin-top:50px;
2075Flyspray - The bug killer!NotificationsBug ReportHighToo spammy notifications under some circumstancesRequires testingpeterdd19.10.2015
40%
Task Description

danoh on github wants to work on patch. Couldn’t find him here..

2073Flyspray - The bug killer!Backend/CoreBug ReportLowCouldn't edit comment of anonymous reporterNewpeterdd17.10.2015
0%
Task Description

I wanted edit/fix the comment of an anonymous reporter, but the edit shows empty content on editing..

(here on closed, but non yet implemented  FS#218 )

2059Flyspray - The bug killer!Backend/CoreFeature RequestLowusage of github automated/webhook notificationsNewpeterdd24.09.2015
0%
Task Description

We have no API yet for Flyspray.

But someone could write a simple php-file that can be called by a github.com auto notification, whenever:

  • a commit on github.com for Flyspray/flyspray is made

Github.com provides the configuration of such notification for a possible target like

https://bugs.flyspray.org/api/github.php

or

https://bugs.flyspray.org/api/github.php?project=1

in the settings of a project.

What the file needs:

  • import some of the existing Flyspray classes from includes/
  • config or load the secrets that are provided by github.com in the setup for the automatic notification
  • check that secrets and more for authentication and authorization of requests coming from github.com
  • parse the messages for Flyspray identifiers like ' FS#1234 ' or 'fix  FS#1234 ' or 'related to  FS#1234 '
  • take actions on the results of that message parsing like making adding comment or modifying a task status
2058Flyspray - The bug killer!Backend/CoreBug ReportLowClosing of github.com 'Issues' featureNewpeterdd24.09.2015
0%
Task Description

As discussed with the team some time ago, a consolidation of places where issues are discussed is wanted.

One of the results was, that we do not want people post issues to github.com Issues and instead use our own bugs.flyspray.org
and to prefer "to eat our own dogfood" and a have central place to handle tasks.

As a result we tried to reduce the open issueas on github.com. I was in the process of moving 2 of still 7 open issues there to bugs.flyspray.org when suddenly the Issues on github.com were closed. :-( Now the last 5 issues there are lost at the moment for me and the audience, which where mostly informations to interested users, not bugs.

I think just closing it without an easy accessible alternative is not the best solution.

At least we should wait until the oauth2 authentication for github users should be implemented and setup on bugs.flyspray.org , so people browsing github.com, finding Flyspray project just can
"Login with github"-feature on bugs.flyspray.org.

The blocker to do this: Currently there is missing an option to "connect" an oauth "Login with github"- Login with an existend flyspray userlogin.

So that one userid in flyspray can:

  • login with username and password
  • login with one or more of his social accounts (github, facebook, microsoft, g+) if they are enabled (would it restrict to github.com accounts for bugs.flyspray.org)
2057Flyspray - The bug killer!Backend/CoreBug ReportLowDo not resubmit forms on browser reload button or F5Newpeterdd22.09.2015
0%
1 Task Description

On some forms, when the user presses the reload button of this browser, the POST submit can be resubmitted.

Browsers can warn about this (Chromium, Firefox, Konqueror tested and they show a warning dialog) before executing the second POST.
But people on Flyspray mailing list wrote they experienced double comments.

Simple solution is just HTTP GET redirects after a successful POST. (HTTP 303 or HTTP 302)
But maybe there is a better method than a second roundtrip always needed?

Success, Error, or Warn-messages to the user are stored in the $_SESSION variable for displaying on the second GET request.
But I think that this is a bit ... mmh... not perfect.

For example, I would like to have in the direct response at which position in a form an input error is, not just the message bar in the top center as it is currently that just dissappear after a few seconds.

Also take care the browser back button still works as expected for the user.

 2056 Flyspray - The bug killer!Backend/CoreFeature RequestLow Do not do pagination on csv export  Closedpeterdd17.09.2015
100%
Task Description

The result of pressing the task list csv export button should not do pagination (limit on the database query)

The wanted download of the csv is in most cases a complete list of the task list search. So users can it simple import into OpenOffice Calc, LibreOffice Calc, MS Excel or for importing it somewhere else like another database.

Implementation of this task should be quite easy by just ignoring the limit and offset, because the same query is used for task list viewing and csv export.

2055Flyspray - The bug killer!Backend/CoreBug ReportLowMake the csv export table fields respect the user permi...Newpeterdd17.09.2015
0%
Task Description

Just moved issue #110 from https://github.com/Flyspray/flyspray/issues/110 to here for centralized task tracking.

Maybe just needs testing with current github master.

2054Flyspray - The bug killer!Backend/CoreFeature RequestLowFields for csv export choosable like for task listNewpeterdd17.09.2015
0%
1 Task Description

Currently the task list columns are used, which are choosed by admin or project manager for the task list view.

2053Flyspray - The bug killer!Backend/CoreBug ReportLowambiguous user name displayNewpeterdd17.09.2015
0%
Task Description

With the existence of now two peoples named "Peter" on bugs.flyspray.org (I - peterdd , and PeterTheOne)
there are several places where the full names are display instead of usernames and the user can't know who is which "Peter" until he visits the users profile page.

Different solutions possible:

  • more profile image/gravatar usage where user names are shown
  • display username instead of full name
  • display full name and username (where much space available and precision needed)
  • ...
Showing tasks 1 - 50 of 109 Page 1 of 31 - 2 - 3 -

Available keyboard shortcuts

Tasklist

Task Details

Task Editing