Flyspray

This is the Bug Tracking System for the Flyspray project. This is not a demo!

2021-04-23: Flyspray 1.0-rc10 released See https://github.com/Flyspray/flyspray/releases

If you are upgrading from older version, please wait for 1.0-rc11.

2021-11-23: New user registration and password forgotten currently not working on bugs.flyspray.org due email server problems. peterdd

ID Category Task Type Severity Summary Status Progress Assigned To Due In Version  desc Opened Last Edited
2221Installer and UpgraderInformationLowNotices on install with PHP7New
50%
1.0124.10.201617.04.2021 Task Description
Notice: Only variables should be assigned by reference in /*/setup/index.php on line 883 
Notice: Only variables should be assigned by reference in /*/setup/index.php on line 949
2453Backend/CoreBug ReportMediumvalidate category before storing a new taskNew
0%
1.014.12.201714.12.2017 Task Description

Currently the category_id is not checked if the value is legal for the project when a new task is created.

  • must be unsigned int
  • must be an active category_id of the project or global category.
  • setting a category_id must be allowed - see project settings.

If invalid category_id is sent, deny creating task and show error message and show filled form again.

If no category_id is sent (or empty string) and category select is enabled:

  • either choose a default category

or

  • implement feature request FS#2451 and show that user should select a category.
2491Backend/CoreBug ReportLowgroup member links if project manager but not adminNew
0%
1.001.09.201801.09.2018 Task Description

When a user has project manager permissions, but not admin permissions, then on the ‘edit group’ pages like index.php?do=pm&area=editgroup&id=8
the links in the list of users of that group are

index.php?do=admin&area=users&user_id=12345

instead of linking to the users page

index.php?do=user&area=users&id=12345

and a redirect follows with Error #4: You don’t have administrative rights.

2635User InterfaceFeature RequestMediumimprove usability of add/remove tags to/from tasksPlanned
70%
1.013.04.202123.04.2021 Task Description

Integrate the selectpure javascript to the new task and edit task form.

By default there is a text field where tag names are separated by ‘;’ character.

Selectpure could instead show the tags with their visual layout with a little ‘x’ inside on the right side for removing a tag and autocomplete when typing a tag name to show existing tags from the flyspray_list_tag-table as possible selections.

Instead implemented a CSS and raw javascript solution with a single taghelper.js without any dependancies.

A button beside the tag input text field toggles a list of available tags for the current task, depending on the project and settings.

Still TODO

  • styling of added tags
  • highlight tags that would be removed when the task will be saved.
  • highlight tags that would be added when the task will be saved.
  • highlight tags that are attached to the task in the available taglist.
  • highlight tags that are added to the task in the available taglist.
  • optimize layout for this feature.
2660Backend/CoreBug ReportLowmention an user with "_" does not work: @user_testConfirmed
30%
peterdd1.0-rc11829.10.202208.11.2022 Task Description

@peterdd: It is not possible to tag the user, for example, @user_test.

It is stopped before “_”.

change by @peterdd: quickfix is now in master branch

2636Installer and UpgraderBug ReportHighFailure to upgrade 1.0-rc9 to 1.0-rc10 (mariadb 10.4.18...Assigned
50%
peterdd1.0-rc11729.04.202123.07.2021 Task Description

I administer a moderate-sized (~14K ticket) 1.0-rc9 instance running on a Fedora 32 host (php 7.4.16, mariadb 10.4.18) Following the upgrade instructions (ie transfer attachments, avatars, flyspray.conf.php) the setup/upgrade tool loads, and prompts me to upgrade.

It churns a while before refreshing the screen, claiming a successful 1.0-rc10 upgrade. However, the upgrade seems to not actually “stick”, because clicking on the “return” button I’m dropped back into the upgrader, which is once again claiming I’m running 1.0-rc9 and prompting me to perform the -rc10 upgrade.

According to Flyspray’s admin ‘checks’ tab:

* PHP 7.4.16
* MariaDB 10.4.18
* default_charset: utf8mb4
* default_collation: utf8mb4_unicode_ci
* All tables are ‘InnoDB’

There are no errors logged that I can find, but the upgrade is clearly not working. If I revert to the -rc9 php files, everything continues along as if nothing was done.

Any suggestions?

2637Installer and UpgraderBug ReportHighFailure to upgrade 1.0-rc9 to 1.0-rc10 (postgresql 12.6...Assigned
50%
peterdd1.0-rc11729.04.202105.05.2021 Task Description

I administer a small personal (<1K ticket) 1.0-rc9 instance running on a Fedora 32 host (php 7.4.16, postgresql 12.6) Following the upgrade instructions (ie transfer attachments, avatars, flyspray.conf.php) the setup/upgrade tool loads, and prompts me to upgrade.

Unfortunately, the upgrade fails spectacularly, with a reported SQL error that belies what’s actually wrong. Here’s a snippet from the postgresql logs where the upgrade is failing:

2021-04-28 10:33:07.190 EDT [2032049] ERROR: column “attachment_id” of relation “flyspray_attachments” already exists
2021-04-28 10:33:07.190 EDT [2032049] STATEMENT: ALTER TABLE flyspray_attachments ADD COLUMN attachment_id SERIAL
2021-04-28 10:33:07.194 EDT [2032049] ERROR: current transaction is aborted, commands ignored until end of transaction block
2021-04-28 10:33:07.194 EDT [2032049] STATEMENT: ALTER TABLE flyspray_attachments ADD COLUMN task_id INTEGER
[…and everything else fails because the transaction aborted…]

It appears that the upgrade script is blindly trying to create columns that already exist in the -rc9 database, and postgresql is treating this as a failure. Because the entire upgrade happens within one transaction, this means the entire upgrade fails at the outset and won’t ever succeed.

The way past this specific problem is to make these ALTER TABLE operations conditional (eg “ALTER TABLE flyspray_attachments ADD COLUMN IF NOT EXISTS task_id INTEGER”).

2609User InterfaceFeature RequestLowAdd an Effort Description fieldPlanned
50%
1.0-rc115107.05.202001.04.2022 Task Description

It would be nice to have a description field to put a brief note about the work done for a given effort item. This would help when using effort tracking for the purpose of making invoices to a client.

2668Backend/CoreBug ReportHighCKeditor update (CVEs)Unconfirmed
10%
peterdd1.0-rc11202.11.202208.11.2022 Task Description

It is possible to update CKeditor?

Currently it is 4.16:
- https://github.com/Flyspray/flyspray/blob/master/js/ckeditor/CHANGES.md

Vulnerabilities / CVEs:
- https://www.cvedetails.com/vulnerability-list/vendor_id-12058/Ckeditor.html

There are at this time:
- 4.20: https://github.com/ckeditor/ckeditor4/tags
- 35.2.1: https://github.com/ckeditor/ckeditor5/tags

2669Database QueriesBug ReportLowuser and registrations tables: Illegal mix of collation...New
50%
peterdd1.0-rc11107.11.202208.11.2022 Task Description

The ajax call to check if a username is taken fails currently on https://bugs.flyspray.org when trying to fill the user registration form.
(beside the fact the registration confirmation loop is not working as mail server not correct configured)

Query {
    SELECT count(u.user_name) AS anz_u_user, count(r.user_name) AS anz_r_user
    FROM `flyspray_users` u
    LEFT JOIN `flyspray_registrations` r ON u.user_name = r.user_name
    WHERE LOWER(u.user_name) = ? OR LOWER(r.user_name) = ?}
 failed! (Illegal mix of collations (utf8_general_ci,IMPLICIT) and (utf8_unicode_ci,IMPLICIT) for operation &#039;=&#039;

Inconsistency probably due misconfiguration due manual upgrade + manual changes to the database.

Affected: maybe only https://bugs.flyspray.org

I fixed it on bugs.flyspray.org by running SQL commands:

ALTER TABLE flyspray_registrations CONVERT TO CHARACTER SET utf8mb4;

and

ALTER TABLE flyspray_users CONVERT TO CHARACTER SET utf8mb4;

Both now using the servers default collation, so they can be joined again by boths user_name field.

This can be seen as just a quickfix.

Why this happened at all?

I can only speculate about this as I can do some administration only since 2021.

I assume the defaults of mysql tables charsets and collation changed with mysql/mariadb versions and the upgrade scripts does not explicit handle that.

So lets say first it was utf8 and utf8_general_ci,
then utf8 and utf8_unicode_ci
and then utf8mb4 and utf8mb4_unicode_ci.

And when upgrading Flyspray and new tables where created they use the servers new default charset and collation while the older tables and varchar fields keep their old charset and collation which leads to inconsistencies.

And then there where probably manual interventions by admins (from 2003-2021?) who fixed/changed charset/collation on certain tables and fields manually by running SQL commands.

How it should be fixed

The Flyspray install and upgrade scripts and xmlschema03 files should contain information and settings for charset and collation for the table fields and upgrade scripts and should convert wrong charset and collation fields during an upgrade if they are wrong in the database.

Sadly ADOdb’s xmlschema03 lacks configuring and handling yet, so this must be done by the upgrade PHP scripts after running xmlschema03 xml files.

How it will be handled meanwhile

Extending Admin Toolbox→Checks sections to compare the current database with the intended configuration.

So admins can fix tables and field charset and collation where required.

Such inconsistency could be detected by admin checks - tab.

I would like to see that field users.user_name and registrations.user_name just be ascii (in mysql) and only accepts allowed username characters.

2116EmailBug ReportMediumError with email notificationUnconfirmed
0%
1908.04.201615.04.2016 Task Description

I have a major problem. At the first I thought that problem is on my server - Windows OS, IIS. But now when I have second bug tracker site on Apache server and error is the same I know that this is not server error but bug tracker error.

How can I help that we resolve this problem?

If e-mail need’s to be sent I got blank white page and nothing happens.

In attachment is my bug tracker with installer (setup) folder. If this somehow helps it?

Version which is used is 1.0 (latest on web) (edit by peterdd: was a mix of older Flyspray versions). The problem is that nothing works because e-mails are not working..

2336Backend/CoreBug ReportLowCaptcha validation always fail on registrationUnconfirmed
0%
1401.02.201715.03.2021 Task Description

Correct or wrong code return false!

The results of Securimage Test Script on my server

This script will test your PHP installation to see if Securimage will run on your server.

Session Functionality: Yes!
GD Support: Yes!
GD Version: bundled (2.1.0 compatible)
imageftbbox function: Yes!
TTF Support (FreeType): Yes!
JPEG Support: Yes!
PNG Support: Yes!
GIF Read Support: Yes!
GIF Create Support: Yes!
SQLite Support: Yes!
SQLite is available. If you choose to use it, Securimage can support users who do not accept cookies.
MySQL Support: Yes!
MySQL is available. If you choose to use it, Securimage can support users who do not accept cookies by storing codes in MySQL.
PostgreSQL Support: No
No PostgreSQL support.
LAME MP3 Support: No
LAME was not found, audio will work in WAV format, but not MP3. See Securimage HTML5 audio documentation for info.
Your server meets the requirements for using Securimage!

on modify.inc.php line:754 got

if( !Post::isAlnum('captcha_code') || !$image->check(Post::val('captcha_code'))) {
if( true == false || false == false ) {

Edit 2021-03-15: Only effects Flyspray source releases on Windows where running composer is required. Releases with included dependencies are not effected!

2466Backend/CoreInformationLowHow to run under httpsUnconfirmed
0%
1303.06.201802.12.2018 Task Description

I have changed the htaccess.dist into .htaccess and modified to force https.
However, despite having https activated on my site I cannot get Flyspray running, it’s waiting forever.When I abort I get a page without makeup. I have all other applications like cms and wiki running under https, so it is something I have not done in the flyspray configs obviously (as this site is running https too). But could you give me a hint?

I installed flyspray in a subdirectory, if that is something to know about...

regards, Albert

1222Backend/CoreFeature RequestMediumWorkflow engine / Role-based State Transition Rules Eng...Unconfirmed
0%
11725.03.200705.05.2019 Task Description

I have been working with Eventum (http://www.mysql.org/downloads/other/eventum/) for quite sometime now and in contrast, I like Flyspray for its simplicity and practicality. But one thing I badly miss (and something that Eventum scores high) is a Workflow Engine. If not a sophisticated W.E., I (as an Admin / Manager) should be able define role-based state transition rules of the tasks reported in a particular project. For example, I should be able to implement the following scenario:

  1. For a “Developer”, the subsequent tasks from various states. Likewise for other roles
  2. “Developer” should not be able close out the bug reports. He/she can only flag them as implemented. The “Reporter” of the bugs or the “Manager” alone should be able to close out issues
  3. ..
  4. .. it will go on like that ;-)

This feature, in my opinion, is very crucial for corporate organizations to give a serious consideration to Flyspray.

2328Backend/CoreFeature RequestMediumAdd [key] support for each project instead of FS#Unconfirmed
0%
1120.01.201710.02.2017 Task Description

Adding key support for each project instead of using the prefix FS#<task_id>

Let the administrator choose the key for project.

What’s a project key?
It prefixes each task in the project

2097User InterfaceBug ReportMediumUrl incorrect for view attachementUnconfirmed
0%
10116.01.201602.03.2016 Task Description

I’m using URL rewriting…

If I click on the link, the picture doesn’t appear.

https://flyspray.xxx.fr/task/27?getfile=8

It’s ok in task history. The right URL is

https://flyspray.xxx.fr/?getfile=8

.

2649Installer and UpgraderFeature RequestLowDocker Container: is there a way to hook into the setup...Unconfirmed
0%
1011.08.202127.08.2021 Task Description

Hi, in my free time of the last few days I begun developping a Docker container: https://github.com/blu-base/flyspray-docker. I derived it from a nextcloud docker container… For now, I limited my focus on an apache/debian buster container. I’d be happy to contribute the project to the official placeholder when it is ready.

Anyhow, in the entrypoint script, I use some environment variables to create the flyspray.conf.php from scratch. and would now need to populate the database. I understand i have to use the respective xml scheme as the setup/index.php does.


I am not experienced with php and database applications and would like to ask you for advice how to proceed efficiently.

Since the current setup is indented to be interactive in the browser, i would need to use a cli tool or a purposely-build php script to do the same task on the command line/on container startup. But this seems to me this would be code duplication and introduce more maintenance work.

  • Is it possible to hook into only some of the functions of the setup/index.php?
  • What could be the next best approach to populate the db on first start?
  • Would it be a viable solution in trying to further modularize the setup - allowing to run parts on cli, like nextcloud’s occ tool?
1999XMPP/JabberFeature RequestMediumjabber xmpp configurationNew
0%
8122.06.201511.02.2017 Task Description

There should be some help at the configuration sections for setting up jabber/xmpp notifications.

How someone can test it?

Must the admin setup his own jabber/xmpp server or are there recommended servers?

I registered with psi+ instant messager as peterdd@ubuntu-jabber.de at ubuntu-jabber.de for testing
and configured it here in my account too, but got no jabber messages.

Email notifications works and I set up both sending.

2068Backend/CoreInformationLowDeprecated: mysql_connect(): The mysql extension is dep...Unconfirmed
0%
810.10.201528.09.2020 Task Description

My version of PHP still shows deprecation warnings with flyspray.

Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /var/www/flyspray.itiab.co.nz/htdocs/adodb/drivers/adodb-mysql.inc.php on line 353

Have all mysql.connect instances been removed? The connect will be removed from PHP soon and will cause problems.

2534Backend/CoreFeature RequestLowPrivate projectsUnconfirmed
0%
816.01.201918.01.2019 Task Description

I would like to restrict certain projects from view from normal users (Basic group.) I couldn’t find out a way to do it. I could restrict them from viewing tasks, which is good, but it would be nice to hide the project entirely from the Overview screen.

2316Backend/CoreBug ReportLow"wrongtoken" is displayed if the comment box is left si...Assigned
0%
peterdd7122.11.201629.07.2019 Task Description

I understand this is likely due to some sort of XSS CSRF protection, but the delay doesn’t appear to be long enough to be useful for a lengthy comment to be posted. I’ve now lost two detailed comments in our tracker because the software threw everything out and generated a meaningless error.

Further, attempting to do the normal thing and making the browser resubmit the page results in Flyspray throwing “Error #3” something something repeated action and causing a redirect to the homepage.

Surely there has to be a better way to handle this that doesn’t incur data loss?

2322User InterfaceFeature RequestMediumMention SystemNew
10%
7107.12.201619.10.2019 Task Description

Hello together,

it would be nice, if you could mention user in your ticket or comment which are not following the task.
for example when i will type @nickname, the user “nickname” should be get a e-mail that he is mentioned in the ticket.

(if we are “fancy” then we can print a automcomplete after the @-sign ist typed)

2449Backend/CoreBug ReportLowUnexepted exception on smtp gmail sendUnconfirmed
10%
729.10.201710.01.2018 Task Description

On creating task we got error on event which must send e-mail via “google mail”.

I hoped that in rc6 this will be solved but not. This error was the same on rc4.

2561Backend/CoreFeature RequestMediumability to limit assignee permissions (was:User without...Confirmed
0%
705.08.201908.08.2019 Task Description

I gave a role the following privileges:

  • view own tasks
  • modify own tasks
  • view comments
  • add comments

A user with the assigned role can still modify the task descriptions and task details. (I want that user to only be able to add comments.)
I think there is a bug.
Is there a fix or walk around?
Thx

2626Backend/CoreBug ReportCriticalCreate a new build, last stable is 0.9.9.7 (2012-05-28)...Unconfirmed
0%
727.02.202107.10.2022 Task Description

The last build is very old, it is possible to create a new build?
- The last RC: 2 years soon
- The last stable: 9 years soon

GitHub Releases section:
- https://github.com/Flyspray/flyspray/releases

Latest release
v1.0-rc9
136c339

Flyspray 1.0-rc9

@peterdd peterdd released this Apr 22, 2019

Stable: http://www.flyspray.org/docs/download/

Flyspray 0.9.9.7 - 28 May 2012
2639JavascriptBug ReportMediumUnable to "deny" a pending requestResearching
0%
peterdd712.05.202113.06.2021
2210User InterfaceInformationLowTasklist color for due dateUnconfirmed
100%
612.10.201618.10.2016
2303User InterfaceFeature RequestVery LowHome screen for private flyspraysRequires testing
30%
625.10.201626.10.2016
2344NotificationsBug ReportLowAdmins still get noticed for new users even with the op...Unconfirmed
50%
616.02.201724.03.2017
2220Backend/CoreInformationLowOne status with different color in tasklistUnconfirmed
0%
524.10.201603.11.2016
2456User InterfaceBug ReportHighMissing GUI controlsUnconfirmed
80%
509.02.201810.02.2018
2521EmailInformationLowTLS email with self-signed certificate doesn't work, "C...Unconfirmed
0%
531.10.201803.11.2018
2528User InterfaceBug ReportLowNew user registration doesn't check for duplicate usern...Confirmed
50%
505.01.201907.01.2019
2627Backend/CoreBug ReportLowcheckLogin: Trying to access array offset on value of t...Unconfirmed
0%
509.03.202111.03.2021
1481User InterfaceFeature RequestLowDiff visualisationUnconfirmed
0%
4104.05.200809.03.2015
2081User InterfaceBug ReportLowUI for adding comment while editing task doesn't use HT...Confirmed
0%
429.10.201506.11.2015
2087Backend/CoreInformationHighSee no Editor in Add New TaskUnconfirmed
0%
4104.11.201505.11.2015
2094EmailBug ReportHighAfter Upgrade All Users Receive Notifications for All T...Unconfirmed
0%
4106.01.201613.01.2016
2101Backend/CoreBug ReportLowMobile view GUI bugConfirmed
20%
418.02.201624.02.2016
2122Backend/CoreBug ReportMediumopen_basedir restrictions for FS_CACHE_DIR not respecte...Suspended
0%
422.04.201616.08.2016
2214Backend/CoreInformationLowChanging status of task automaticallyUnconfirmed
0%
417.10.201606.11.2016
2330Backend/CoreBug ReportLowPHP Notice: Undefined offset: 0 in scripts/index.php o...Unconfirmed
50%
423.01.201730.01.2017
2337DocumentationInformationLowFlyspray ThemesNew
0%
402.02.201716.02.2017
2520NotificationsFeature RequestLowSend a notification for a new task in slack integration...Unconfirmed
0%
424.10.201830.03.2020
2522Backend/CoreFeature RequestLowemail vs username login issuesResearching
0%
431.10.201802.11.2018
2643Backend/CoreInformationLowUnable to delete a wrong TaskUnconfirmed
0%
407.07.202108.07.2021
1236User InterfaceFeature RequestLowMark Issue As Verified or UnverifiableUnconfirmed
0%
3409.04.200718.07.2016
1988Installer and UpgraderBug ReportMediumPassword Field for AdminUnconfirmed
50%
302.04.201512.05.2015
2042Backend/CoreBug ReportMediumfunction absoluteURI not using basedir and force_basedi...Unconfirmed
0%
3104.09.201501.10.2015
2062User InterfaceTODOLowreview do=admin&area=editallusersNew
30%
329.09.201515.04.2020
Showing tasks 101 - 150 of 326 Page 3 of 7

Available keyboard shortcuts

Tasklist

Task Details

Task Editing