Flyspray

From: https://groups.google.com/forum/?hl=en#!topic/flyspray/jC5BBQ1XiQo

19-04-09 // More one year ago.

On https://www.flyspray.org/ On https://www.flyspray.org/devel/team/

Replace :
- https://www.psi-im.org/ → https://psi-im.org/

→ Remove the WWW.

The “Preview” button is not at the good place.

The “Preview” must to be near “Add this task” with same background button color.

Thanks in advance.

PHP 8.0 is now released (2020-11-26) and Flyspray should be made compatible with it.

• Replace removed and deprecated functions with alternatives in our source code.
• Upgrade used libraries or make used libraries compatible:
  • post github issue or pull requests for ADODB
  • upgrade used dokuwiki or make changes in our integration (probably just review our as official dokuwiki project contains too much stuff we do not need and changed much)
  • review used geshi
  • upgrade our swiftmailer version to PHP8 compatible version
  • upgrade our oauth2-client stuff to PHP8 compatible version

• The @ operator no longer silences fatal errors. Some checks in installer or other areas might not work anymore as expected when the @-operator was used as silencer for previous PHP versions.

The last build is very old, it is possible to create a new build?
- The last RC: 2 years soon
- The last stable: 9 years soon

GitHub Releases section:
- https://github.com/Flyspray/flyspray/releases

Latest release
v1.0-rc9
136c339

Flyspray 1.0-rc9

@peterdd peterdd released this Apr 22, 2019

Stable: http://www.flyspray.org/docs/download/

Flyspray 0.9.9.7 - 28 May 2012

FS version: 1.0-rc9
PHP version: 7.4.15
database: mysql
php.ini: error_reporting = E_ALL | E_STRICT

Steps done to create the problem:
- Login as Admin or User, with name “Admin”, not with email.

Experienced behavior:
PHP Notice: Trying to access array offset on value of type bool in …/flyspray-1.0-rc9/includes/class.flyspray.php on line 812

A possible fix is attached as patch.

Think, it is this line in currend code:
https://github.com/Flyspray/flyspray/blob/5b0a3d80fc9612ca8e8743450fbf2c8243b5bf47/includes/class.flyspray.php#L836

There should be only one request to

js/callbacks/gethistory.php when activating the History tab

The request is made:

• on mousedown event
• on click event

So holding down the tab sends the first request and releasing sends the second request.

Today I received a Spam into my Flyspray, I wanted to ban the user and to delete the task, to my surprise I didn’t see an option to -delete- a created task, so I don’t want to keep this spammy content into my DB or even worse, publically viewable to other users / or google (which will impact in seo and also make their spamming successful forever), I just wanted to simply remove the task entirely from the DB

So my only option was to restore the 2-days before database backup in order to remove it, then I upgraded to the last git checkout but I didn’t see that option existing

I think flyspray needs to have that option included

Thank you

For users with administrative permissions, a moderation UI for spam tasks could be useful.

For other normal users a “mark as spam”-button (similiar to voting for a task) could help moderators to identify spam tasks.

1. Modify the spam task: Move to a hidden “Trash” project, replace summary and description with a default spam summary text end empty description.
2. The decision which kind of punishment of the account who created the spam depends on several things:
   • Is it a previously normal used account who got captured by a bad guy and suddenly started spamming?
   • Is it a fresh bot created account who tried creating many spam task to promote bad websites or do search ranking manipulation?
   • Is it a sneaky smart account who waits for the opportunity to offload spam in a subtile manner?

I think this is not so easy to automate without producing false positives, especially for a project without commercial interest and funding and no huge meta informations like Google or similiar data collecting corporation who have the ability to identify spam waves across the internet.

[ ] ADOdb xmlschema03 issues
[ ] other warnings/notices

When there is a link to the new task action from another site to a Flyspray installation and the user is not yet logged in, there is a redirect to the Flyspray start page losing the GET parameters.

Example:

https://bugs.flyspray.org/index.php?do=newtask&project=1&item_summary=blablabla%product_category=1

Or short example (nicer urls using .htaccess rules)

https://bugs.flyspray.org.de/newtask/proj1?item_summary=blablabla&product_category=1

After login the user should see the form with the original link parameters (if the user is allowed to and parameters are valid)

Currently the user must navigate to the correct project (if there are several) and the parameters from the origin link are lost.

Please support Central Authentication Service, thank you.

It would be helpful to have communication with LDAP via TLS

Hi

Please advise if there are known issues when integrating Flyspray with Active Directory using LDAP.

I need metrics for flyspray projects about a rest api. For example the count of issues for status, priority. I want use this values for my code analysis system http://www.sonarqube.org/ and other internal tools. It is possible to create a rest api with user authorization and only for metrics data?

An assigned ticket can't be edited by a lower privileged user.