Flyspray - The bug killer!

This is the Bug Tracking System for the Flyspray project. This is not a demo!

2019-04-22: Flyspray 1.0-rc9 released See https://github.com/Flyspray/flyspray/releases

ID Category  desc Task Type Severity Summary Status Progress Assigned To Due In Version Opened Last Edited
2055Backend/CoreBug ReportLowMake the csv export table fields respect the user permi...New
0%
1.1 devel17.09.201517.09.2015 Task Description

Just moved issue #110 from https://github.com/Flyspray/flyspray/issues/110 to here for centralized task tracking.

Maybe just needs testing with current github master.

2057Backend/CoreBug ReportLowDo not resubmit forms on browser reload button or F5New
0%
122.09.201523.09.2015 Task Description

On some forms, when the user presses the reload button of this browser, the POST submit can be resubmitted.

Browsers can warn about this (Chromium, Firefox, Konqueror tested and they show a warning dialog) before executing the second POST.
But people on Flyspray mailing list wrote they experienced double comments.

Simple solution is just HTTP GET redirects after a successful POST. (HTTP 303 or HTTP 302)
But maybe there is a better method than a second roundtrip always needed?

Success, Error, or Warn-messages to the user are stored in the $_SESSION variable for displaying on the second GET request.
But I think that this is a bit ... mmh... not perfect.

For example, I would like to have in the direct response at which position in a form an input error is, not just the message bar in the top center as it is currently that just dissappear after a few seconds.

Also take care the browser back button still works as expected for the user.

2058Backend/CoreBug ReportLowClosing of github.com 'Issues' featureNew
0%
24.09.201524.09.2015 Task Description

As discussed with the team some time ago, a consolidation of places where issues are discussed is wanted.

One of the results was, that we do not want people post issues to github.com Issues and instead use our own bugs.flyspray.org
and to prefer "to eat our own dogfood" and a have central place to handle tasks.

As a result we tried to reduce the open issueas on github.com. I was in the process of moving 2 of still 7 open issues there to bugs.flyspray.org when suddenly the Issues on github.com were closed. :-( Now the last 5 issues there are lost at the moment for me and the audience, which where mostly informations to interested users, not bugs.

I think just closing it without an easy accessible alternative is not the best solution.

At least we should wait until the oauth2 authentication for github users should be implemented and setup on bugs.flyspray.org , so people browsing github.com, finding Flyspray project just can
"Login with github"-feature on bugs.flyspray.org.

The blocker to do this: Currently there is missing an option to "connect" an oauth "Login with github"- Login with an existend flyspray userlogin.

So that one userid in flyspray can:

  • login with username and password
  • login with one or more of his social accounts (github, facebook, microsoft, g+) if they are enabled (would it restrict to github.com accounts for bugs.flyspray.org)
2059Backend/CoreFeature RequestLowusage of github automated/webhook notificationsNew
0%
24.09.201524.09.2015 Task Description

We have no API yet for Flyspray.

But someone could write a simple php-file that can be called by a github.com auto notification, whenever:

  • a commit on github.com for Flyspray/flyspray is made

Github.com provides the configuration of such notification for a possible target like

https://bugs.flyspray.org/api/github.php

or

https://bugs.flyspray.org/api/github.php?project=1

in the settings of a project.

What the file needs:

  • import some of the existing Flyspray classes from includes/
  • config or load the secrets that are provided by github.com in the setup for the automatic notification
  • check that secrets and more for authentication and authorization of requests coming from github.com
  • parse the messages for Flyspray identifiers like ' FS#1234 ' or 'fix  FS#1234 ' or 'related to  FS#1234 '
  • take actions on the results of that message parsing like making adding comment or modifying a task status
2068Backend/CoreInformationLowDeprecated: mysql_connect(): The mysql extension is dep...Unconfirmed
0%
810.10.201528.09.2020 Task Description

My version of PHP still shows deprecation warnings with flyspray.

Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /var/www/flyspray.itiab.co.nz/htdocs/adodb/drivers/adodb-mysql.inc.php on line 353

Have all mysql.connect instances been removed? The connect will be removed from PHP soon and will cause problems.

2073Backend/CoreBug ReportLowCouldn't edit comment of anonymous reporterNew
0%
17.10.201517.10.2015 Task Description

I wanted edit/fix the comment of an anonymous reporter, but the edit shows empty content on editing..

(here on closed, but non yet implemented  FS#218 )

2101Backend/CoreBug ReportLowMobile view GUI bugConfirmed
20%
418.02.201624.02.2016 Task Description

As you can see on screenshot attachment the GUI on mobile view is not OK.

I marked with red field what need to be fixed.

Phone used: Samsung Note 4.

2104Backend/CoreBug ReportLowfiltering by one user on tasks with multiple assignees ...New
0%
226.02.201615.06.2020 Task Description

If you have a tasklist with tasks that have multiple assignees in a task and you search just by one of the assignees, the resulting tasklist shows only this user in the assignees column.

Expected: all assignees of the tasks are shown.

2137Backend/CoreBug ReportLowfeature accesskey bad implemented by web browsersNew
0%
15.06.201615.06.2016 Task Description

My tests showed that the html accesskey feature is not well and consistent supported by current web browsers and is quite cumbersome to use.
And it seems it will not be better in future..

The only solution I see dropping that feature or replacing them with simple single-key-event javascript listeners, like it is currently done with keys o, j, k, n, and p.

accesskeys in Flyspray I talk about:

  • l (current SHIFT+ALT+l Firefox) login dialog / logout
  • a (current SHIFT+ALT+a Firefox) add new task
  • m (current SHIFT+ALT+m Firefox) my searches
  • t (current SHIFT+ALT+t Firefox) focus taskid search
  • e (current SHIFT+ALT+e + Enter Firefox) edit task
  • x or y? (current SHIFT+ALT+y Firefox) close task
  • s (current SHIFT+ALT+s Firefox) save task

Also related to Keyboard navigation: tabindex

2142Backend/CoreBug ReportLowPost-authenticate redirect does not make use of baseurl...Unconfirmed
0%
28.06.201601.08.2016 Task Description

I run flyspray behind a reverse proxy with the front end url being https and with the actual back end server not being on a standard port and not using https.

Setting force_baseurl seems to sort most areas with flyspray’s url generation using that instead of picking up from $_SERVER, however post-authentication redirection does not do that it just processes redirect_to as is (which in my case means it picks up the protocol, name and port for the back end server rather than what’s set in force_baseurl).

./themes/CleanFS/templates/loginbox.tpl puts out $_SERVER[’REQUEST_URI‘] into a hidden redirect_to input field - on my setup on the front page that’s e.g. “/” or for a ticket url it would be “/index.php?do=details&task_id=999” so no protocol or hostname.

scripts/authenticate.php picks up that redirect_to value and just passes it to Flyspray::Redirect, which in turn calls FlySpray::absoluteURI on what it’s passed, and FlySpray::absoluteURI doesn’t use $baseurl to qualify the url.

Not sure what the best fix is - my suggestion would be that Redirect detects urls that aren’t fully qualified and adds the $baseurl on to the front of them, rather than calling absoluteURI (absoluteURI is used to set $baseurl if force_baseurl is unset, so that’s not appropriate to modify). Alternatively scripts/authenticate.php could check redirect_to and add $baseurl if needed.

2160Backend/CoreBug ReportLowCannot "accept" PM close request if already closedUnconfirmed
0%
14.07.201614.07.2016 Task Description

If a task creator requested closure, and someone (developer) closes the task explicitly, the PM request cannot be later ‘accepted’ and the PM request remains in the queue.

Workaround - Deny request and queue item is removed OK.

It looks like the PM request button invoked details.close which returns early if task is already closed.

2190Backend/CoreFeature RequestLowenable move of a closed clask to other project without ...Researching
0%
06.08.201606.08.2016 Task Description

Problem: By replacing just the project_id of the closed task it is possible the task then has invalid field values within the target project.

Possible scenarios:

  1. Ignore invalid values within the target project
    • Pro: Easy to do, an immidiatly revert back to the old project would “heal” the task properties.
    • Contra: may effect accuracy and reliability of other parts like searching, listing, statistic calculations
  2. Silent change task field values to valid field values of the target project if necessary
    • Pro: relative easy to do
    • Contra: a bit loss of information, little side effects
  3. allow user to modify the fields that must be changed so that every field of the task has valid values within the target project
    • Pro: accuracy
    • Contra: a bit loss of information(fallback to default values) if there are no similiar field values selectable within the project
  4. allow user to modify the fields, fields or field select values that do not exists in target project will be automatically created.
    • Pro: accuracy
    • Contra: target project may be cluttered with too many fields/field values
  5. ???
2203Backend/CoreInformationLowlanguage files are in folder lang. But i can't change l...Unconfirmed
0%
121.09.201621.09.2016 Task Description

In Admins Toolbox (Project preferences) i choose language de. The file exists in folder lang. But only english is shown. the same for french and so on. No really changes.

2208Backend/CoreInformationLowSeverity "medium" by defaultSuspended
50%
2127.09.201629.09.2016 Task Description

Hi,
Where i can change severity and priority by default?
I want change severity to “Medium” by default for group Basic
I cant find this option in the Flyspray settings.

2214Backend/CoreInformationLowChanging status of task automaticallyUnconfirmed
0%
417.10.201606.11.2016 Task Description

Hello again,

I was wondering (again :-) ) if the following scenario is possible for this bug tracking solution:

Our company uses this bug tracker mainly for helpdesk issues. However, our main users (except IT department) don’t seem to easily understand how to change the status of a ticket, they aren’t interested in doing that also.

So I would like to know if there is a way that we can develop some automatisation in changing the status automatically after customer replies to a message.

Let’s see the following scenario:

  1. user A posts a new task
  2. user B assigns himself (or other) to that specific task - the status automatically is changed to Assigned
  3. user B replies to task by adding a comment - as a result of adding the new comment the task status should change automatically to Waiting for customer - without the need that user B to change the status
  4. user A checks the comment from user B and decides to comment back to him. After pressing the Add comment button, the status should change automatically to Waiting for assignee

If the task is needed to have another status, the users can change them manually, but the automated part should be the waiting for customer and assignee.

On a basic algorithm it shouldn’t be hard (if user is logged in and is task owner, then after comment, task detail - status changing to id 4-5 from task-statuses table on mysql; if user is logged in and assigned to task, after adding comment change status 4-5 from task-statuses table).

I saw this thing on an otrs platform and it is quite ok for a simple user like ours.

Is there any way that we can personalise the flyspray in this way?

If yes, please give us an elaborate answer with what I should do for this to work.

Thanks in advance.

2220Backend/CoreInformationLowOne status with different color in tasklistUnconfirmed
0%
524.10.201603.11.2016 Task Description

Since we have a lot of tasks pending, our team leader wants a specific status (let’s say: Waiting for dispatch) to be marked with a green background in tasklist.
Can you please help me to make this mod?

Thanks in advance.

2315Backend/CoreBug ReportLowFiling a new task is possible with no details in the ma...Unconfirmed
0%
21.11.201621.11.2016 Task Description

When filing a task, it’s possible to submit the task without any information at all being added to the main body of the ticket. This leads to reports that are of no value because the user can simply add some vague title, hit submit, and then wonder why nothing happens other than someone closing it later as invalid.

The main body of the ticket should be considered a required field and should throw an error if nothing is in the box.

2316Backend/CoreBug ReportLow"wrongtoken" is displayed if the comment box is left si...Assigned
0%
peterdd7122.11.201629.07.2019 Task Description

I understand this is likely due to some sort of XSS CSRF protection, but the delay doesn’t appear to be long enough to be useful for a lengthy comment to be posted. I’ve now lost two detailed comments in our tracker because the software threw everything out and generated a meaningless error.

Further, attempting to do the normal thing and making the browser resubmit the page results in Flyspray throwing “Error #3” something something repeated action and causing a redirect to the homepage.

Surely there has to be a better way to handle this that doesn’t incur data loss?

2324Backend/CoreInformationLowUpdate composer.jsonUnconfirmed
0%
31.12.201631.12.2016 Task Description
...
symfony/event-dispatcher suggests installing symfony/dependency-injection ()
symfony/event-dispatcher suggests installing symfony/http-kernel ()
guzzle/guzzle suggests installing guzzlehttp/guzzle (Guzzle 5 has moved to a new package name. The package you have installed, Guzzle 3, is deprecated.)
Package guzzle/guzzle is abandoned, you should avoid using it. Use guzzlehttp/guzzle instead.
2327Backend/CoreFeature RequestLowvisibility-option for private tasksUnconfirmed
0%
315.01.201717.01.2017 Task Description

We have some private Tasks in our FS-bugtracker to hide them from normal reporters. But we also have some external beta-testers in a betatesters-group and they should be able to see (and check) the private tasks without giving them a project manager status. So it would be good, if there is a switch in the group option to give specific groups the right to see private tasks.

2330Backend/CoreBug ReportLowPHP Notice: Undefined offset: 0 in scripts/index.php o...Unconfirmed
50%
423.01.201730.01.2017 Task Description

Pretty minor, but seems to show up regularly enough in our logs. The line in question:

$outfile = str_replace(' ', '_', $tasks[0]['project_title']).'_'.date("Y-m-d").'.csv';
2333Backend/CoreInformationLowSet Default View on Login?Unconfirmed
0%
326.01.201727.01.2017 Task Description

I can’t see an option to set the default view after login. It always defaults to tasklist view when it would be useful to show the overview by default on login.

2335Backend/CoreInformationLowPDF Attachment does NOT View/Open in New Window/TabUnconfirmed
0%
127.01.201727.01.2017 Task Description

if a pdf is attached with commentit needs either be forced as download or open target _blank

2346Backend/CoreFeature RequestLowCustom css inheritanceUnconfirmed
0%
220.02.201723.02.2017 Task Description

If i set up a custom css in the main FS settings the style doesn’t get applied to all nested projects. I have to set the css to all projects explicitly to get the stylings work on all project pages.
Wouldn’t it be a good idea to first load the css set in the main dialog and after that load an additional css specified in the sub project? Then it would be possible to specify general stylings for all projects and project based stylings also.

2427Backend/CoreFeature RequestLowallow hotlinking (direct links) to uploaded filesUnconfirmed
0%
207.03.201709.03.2017 Task Description

Currently all attached files get renamed (like “screenshot331.png” → “attachments/14_72a4ca580abcdef69f60b1f”) and they could be downloaded only throught the php script (”/index.php?getfile=1234”) which requires that user must be logged in to view the file.
It is not very convenient when you need to show a file to some person who is on mobile phone at the moment or using not a work computer. Also sometimes you might need to share a file with anyone without having them to register at your bug tracker.

I suggest you to add a checkbox like “create a direct link” when uploading a file, which will save the file with original name and extension but adding some random generated prefix (like “screenshot331.png” → “attachments/14_72a4ca580abcdef69f60b1f.screenshot331.png”).

However this poses a high security risk so there should be a list of allowed file extensions (e.g. “jpg,png,txt,pdf,doc,zip”) - only these files could be saved with the original extension. This list should be accessible by the main administrator only, thus the safest option would be storing it inside the “flyspray.conf.php”.

2429Backend/CoreInformationLowMy tasks URLUnconfirmed
0%
109.03.201720.03.2017
2430Backend/CoreFeature RequestLowUser dependency on projectUnconfirmed
0%
216.03.201720.03.2017
2435Backend/CoreInformationLowMax attach a fileUnconfirmed
0%
118.07.201718.07.2017
2436Backend/CoreBug ReportLowdokuwiki renderer creates nonunique html-id for h1,h2,h...New
0%
202.08.201702.08.2017
2439Backend/CoreFeature RequestLowClone a ProjectNew
0%
15.09.201715.09.2017
2440Backend/CoreFeature RequestLowOption to disable tag featureNew
0%
15.09.201715.09.2017
2448Backend/CoreBug ReportLowerror message in eventlog reportsUnconfirmed
0%
226.10.201729.10.2017
2449Backend/CoreBug ReportLowUnexepted exception on smtp gmail sendUnconfirmed
10%
729.10.201710.01.2018
2451Backend/CoreFeature RequestLowMod: blank Category - user must chose before pressing A...Confirmed
0%
208.12.201714.12.2017
2454Backend/CoreBug ReportLowPHP warning in admin edit user areaNew
0%
15.01.201815.01.2018
2466Backend/CoreInformationLowHow to run under httpsUnconfirmed
0%
1303.06.201802.12.2018
2476Backend/CoreInformationLowGuzzle/Guzzle is abandoned, should use library that's s...Unconfirmed
0%
110.08.201810.08.2018
2477Backend/CoreInformationLowold style MySQL extension is abandoned ..Unconfirmed
0%
110.08.201810.08.2018
2479Backend/CoreInformationLowUser table seems really complexUnconfirmed
0%
110.08.201810.08.2018
2480Backend/CoreInformationLowBetter file organizationUnconfirmed
0%
110.08.201810.08.2018
2481Backend/CoreInformationLowMove to MVCUnconfirmed
0%
10.08.201810.08.2018
2482Backend/CoreInformationLowProtect issues by defaultUnconfirmed
0%
110.08.201810.08.2018
2484Backend/CoreInformationLowIncrease min. version of PHP requirementUnconfirmed
0%
10.08.201810.08.2018
2491Backend/CoreBug ReportLowgroup member links if project manager but not adminNew
0%
1.001.09.201801.09.2018
2522Backend/CoreFeature RequestLowemail vs username login issuesResearching
0%
431.10.201802.11.2018
2527Backend/CoreBug ReportLowDatabase Check »Your mysql supports full utf-8 since 5....Unconfirmed
0%
105.01.201905.01.2019
2534Backend/CoreFeature RequestLowPrivate projectsUnconfirmed
0%
816.01.201918.01.2019
2535Backend/CoreFeature RequestLownew optional Flyspray setting: add new users automatica...New
0%
216.01.201921.01.2019
2559Backend/CoreBug ReportLowa duplicate close accepted even when missing comment/ r...New
0%
peterdd29.07.201929.07.2019
2560Backend/CoreBug ReportLowdo not allow close task with reason duplicate referenci...New
0%
peterdd29.07.201929.07.2019
Showing tasks 251 - 300 of 321 Page 6 of 7

Available keyboard shortcuts

Tasklist

Task Details

Task Editing