Flyspray - The bug killer!

This is the Bug Tracking System for the Flyspray project. This is not a demo!

2019-04-22: Flyspray 1.0-rc9 released See https://github.com/Flyspray/flyspray/releases

ID Category Task Type  asc Severity Summary Status Progress Assigned To Due In Version Opened Last Edited
1749User InterfaceBug ReportLowSubmit form buttons on lower rightUnconfirmed
50%
117.06.201224.09.2015 Task Description

Any form should have its submit button directly below and to the right of the form.

This is most egregious on the New Task page where you have to scroll back up to the top right to submit.

1856Backend/CoreBug ReportMediumWrong timezonesResearching
0%
1327.03.201306.03.2015 Task Description

Hello,
when selecting timezone in user profile, it only offers offset based timezones. It should offer timezones like "Europe/Prague", instead, because in summer it is UTC+2 and in the winter UTC+1. Also UTC is the same as GMT.

Using offsets will cause invalid future and past times when crossing daylight saving or when something other changes.

Adding daylight checkbox is not enough and will cause additional troubles. Just use names and store them as ENUM in database, not offset. This problem is pretty complicated and the only solution is to use names and let libraries to solve it for you.

Thank you.

1960Backend/CoreBug ReportMediumforeign key relations between versions and tasksNew
0%
209.03.201513.08.2015 Task Description

It seem that when deleting a version entry in a project, that tasks that have this version assigned are still connected to this deleted version. For example FS#1222 (on 2015-03-09).

There are several options to solve such things:

  • Deny deletion of version as long as tasks assigned to this project version.
    • Either by doing a testing SQL query to check this case coded in PHP. Take care to keep this centralized, must also be respected by an eventually later added Flyspray API (XMLRPC or whatever).
    • add SQL foreign key constraints with ON DELETE RESTRICT
      • Pro: some business logic can be directly enforced by SQL.
      • Cons: higher requirements for hosting, if using mysql innodb tables must be available on the hosting
  • Move the tasks of this version to a default fallback version before deleting the version tag.
    • Either doing one transaction doing : 1. move the tasks to its fallback version, 2. delete the version
    • add SQL foreing key constraint with ON DELETE SET $fallbackversionid. Some pros & cons like on the the denying option.

The same for other assignments for tasks.

This issue is similiar to the massop issue: (https://github.com/Flyspray/flyspray/issues/130)

1977Backend/CoreBug ReportLowWeird URL after closing task with referenceUnconfirmed
0%
115.03.201518.03.2015 Task Description

On Mac OS Safari:

I just closed a task and wrote the following into the comment for closing:

"See also F.S.#.14" (of course without the points). When I then click the link in the comment box (below the task details) I'm redirected to:
"http:/flyspray.stefan-herz%0Aog.tld/index.php?do=details&task_id=%0A14". No matter if #14 is closed or not.
It worked with Firefox.

Any suggestions?

1988Installer and UpgraderBug ReportMediumPassword Field for AdminUnconfirmed
50%
302.04.201512.05.2015 Task Description

The installer requests a password for the admin account, and provides a default one.

Because this field is not type=”password”, the browser caches this data for any field named “admin_password”

This also applies to future installations of the software.

I have marked this as critical as this can pose a security hazard. A different implementation would be allowing entry of password, or in the case of wanting to provide a default one, have two password fields prepopulated, and a text one prepopulated so that it can be viewed by the end user.

2007Backend/CoreBug ReportLowtime on project overview activity timelinesNew
0%
18.07.201518.07.2015 Task Description

I find it irritating to have the oldest activity on the right side and newest activity on the left side of the small activity bars.

There is also no time scale description. This could be added by showin it on :hover to keep the simple appearance.

A complete new feature would be to replace the image generation by rendering the bars in the html in the same request, e.g by inline svg or canvas element. This would enable adding some interactivity with the activity bars..
A related feature request is FS#1991 (project progress)

2028Text RenderingBug ReportMediumupgrade dokuwiki 'plugin'New
0%
12.08.201520.08.2015 Task Description

I see php deprecation notices with php 5.6+ from the geshi syntax highlighter plugin of dokuwiki plugin sometimes. (seems to be go away on the second view, so probably not seen on cached views)

It can't be found easy with

grep -r preg_replace | grep '/e'

Because the preg_replace modifiers are added dynamic depending on the target programming language. At least in the version we have in flyspray.

2036Backend/CoreBug ReportVery Lowsession timeoutNew
0%
2121.08.201512.01.2016 Task Description

Got "wrong token" on creating a task whose form were open for a while in browser tab.

That means probably the session timed out on bugs.flyspray.org, so the anti csrf token doesn't existed anymore on the webserver.

It would'nt be a big problem if the browser backbutton works showing the ready written form again, but it was empty.

One solution would be temporarly storing it offline in the browser storages which are available with html5. But open for other simpler solutions..

2038Backend/CoreBug ReportLowJscalendar must be replaced with something elseNew
0%
223.08.201524.08.2015 Task Description

It's old. There has been a newer version 2.0. Even that one is not supported anymore, although some documents still remain available. The calendar component relies on its language translations files to be complete, or it breaks. Unfortunately, as I found out a few weeks ago, they are not, after switching the default language from english to my native one. Without having a good replacement for it, some of the translations for flyspray itself we've been getting lately are half-way unusable. Not for an ordinary user, but for anyone actually having to edit a task and its due date.

2042Backend/CoreBug ReportMediumfunction absoluteURI not using basedir and force_basedi...Unconfirmed
0%
3104.09.201501.10.2015 Task Description

public static function absoluteURI($url = null, $protocol = null, $port = null)
in
class Flyspray

not using basedir and force_basedir from configuration file

its problem because my web-server inside have port 7777 and outside 80 (nginx and PHP-FPM)

please fix it

2048Backend/CoreBug ReportLowerror when adding data containing national charactersUnconfirmed
0%
09.09.201509.09.2015 Task Description

this one is somehow tricky, it doesn't happens always but sometimes when fields or filenames contain national characters (I'm in Spain) flyspray returns an error looking like this one:

Query {INSERT INTO `flyspray_attachments` ( task_id, comment_id, file_name, file_type, file_size, orig_name, added_by, date_added) VALUES (?, ?, ?, ?, ?, ?, ?, ?)} with params {189,711,189_9c5d837bb10b7e0989a3c8be8d,application/pdf; charset=binary,736986,Guia de aplicación medidas difusicón y publicidad.pdf,4,1441827828} Failed! (Incorrect string value: '\xCC\x81n me...' for column 'orig_name' at row 1)

here we have a pdf named "Guia de aplicación medidas difusicón y publicidad.pdf" but I had this error also with titles or descriptions containing spanish letters...

2057Backend/CoreBug ReportLowDo not resubmit forms on browser reload button or F5New
0%
122.09.201523.09.2015 Task Description

On some forms, when the user presses the reload button of this browser, the POST submit can be resubmitted.

Browsers can warn about this (Chromium, Firefox, Konqueror tested and they show a warning dialog) before executing the second POST.
But people on Flyspray mailing list wrote they experienced double comments.

Simple solution is just HTTP GET redirects after a successful POST. (HTTP 303 or HTTP 302)
But maybe there is a better method than a second roundtrip always needed?

Success, Error, or Warn-messages to the user are stored in the $_SESSION variable for displaying on the second GET request.
But I think that this is a bit ... mmh... not perfect.

For example, I would like to have in the direct response at which position in a form an input error is, not just the message bar in the top center as it is currently that just dissappear after a few seconds.

Also take care the browser back button still works as expected for the user.

2058Backend/CoreBug ReportLowClosing of github.com 'Issues' featureNew
0%
24.09.201524.09.2015 Task Description

As discussed with the team some time ago, a consolidation of places where issues are discussed is wanted.

One of the results was, that we do not want people post issues to github.com Issues and instead use our own bugs.flyspray.org
and to prefer "to eat our own dogfood" and a have central place to handle tasks.

As a result we tried to reduce the open issueas on github.com. I was in the process of moving 2 of still 7 open issues there to bugs.flyspray.org when suddenly the Issues on github.com were closed. :-( Now the last 5 issues there are lost at the moment for me and the audience, which where mostly informations to interested users, not bugs.

I think just closing it without an easy accessible alternative is not the best solution.

At least we should wait until the oauth2 authentication for github users should be implemented and setup on bugs.flyspray.org , so people browsing github.com, finding Flyspray project just can
"Login with github"-feature on bugs.flyspray.org.

The blocker to do this: Currently there is missing an option to "connect" an oauth "Login with github"- Login with an existend flyspray userlogin.

So that one userid in flyspray can:

  • login with username and password
  • login with one or more of his social accounts (github, facebook, microsoft, g+) if they are enabled (would it restrict to github.com accounts for bugs.flyspray.org)
2071EmailBug ReportLowNew user e-mail validationConfirmed
0%
14.10.201514.10.2015 Task Description

On flyspray/index.php?do=admin&area=newuser I sucessfuly register user with email ;

I don’t recieve popup with message ‘You did’nt enter valid e-mail address’

After that on new page i receive error:

Completely unexpected exception: Address in mailbox given [;] does not comply with RFC 2822, 3.6.2.
This should never happend, please inform Flyspray Developers

2073Backend/CoreBug ReportLowCouldn't edit comment of anonymous reporterNew
0%
17.10.201517.10.2015 Task Description

I wanted edit/fix the comment of an anonymous reporter, but the edit shows empty content on editing..

(here on closed, but non yet implemented  FS#218 )

2081User InterfaceBug ReportLowUI for adding comment while editing task doesn't use HT...Confirmed
0%
429.10.201506.11.2015 Task Description

While editing an existing task, there’s a “+” button you can click to add a comment as part of the edit. Unfortunately this is just a plaintext box instead of the HTML editor used everywhere else, so it’s impossible to get proper line/paragraph breaks if a comment is entered with this UI.

This problem makes it necessary to edit a task and add a comment as two separate steps, whereas in 0.9.9.6 it was possible to do them together in one step.

Note that this is the case with syntax_plugin=”none”. I don’t know if it’s also a problem when using other values for that setting.

2086Backend/CoreBug ReportHighBasic User can see all Projects and TasksUnconfirmed
20%
803.11.201526.01.2017 Task Description

Since Update to Flyspray 1.0 Beta2 all users can see every task in every project.

The rights were set up correctly in Flyspray 1.0 Alpha and worked just fine.

2094EmailBug ReportHighAfter Upgrade All Users Receive Notifications for All T...Unconfirmed
0%
4106.01.201613.01.2016 Task Description

I upgraded from 0.9.9 to 1.0-beta2 a few hours ago. I received an error about oauth during the upgrade (didn’t think to take a screenshot). In any case, the upgrade otherwise seemed to go smoothly. When I subsequently closed a few tasks people who weren’t assigned to receive notifications for those tasks, even old consultants whose account I had disabled years ago, received the email notification. I also received lots of bounced emails from accounts whose email addresses were no longer existant.

Has anyone else experienced this? I’ve gone into the database and null’d out the email addresses of old accounts to prevent further spam. Not only did it notify everyone who had an account (active or disabled) but it put their email address in the To: field for all to see.

2097User InterfaceBug ReportMediumUrl incorrect for view attachementUnconfirmed
0%
10116.01.201602.03.2016 Task Description

I’m using URL rewriting…

If I click on the link, the picture doesn’t appear.

https://flyspray.xxx.fr/task/27?getfile=8

It’s ok in task history. The right URL is

https://flyspray.xxx.fr/?getfile=8

.

2101Backend/CoreBug ReportLowMobile view GUI bugConfirmed
20%
418.02.201624.02.2016 Task Description

As you can see on screenshot attachment the GUI on mobile view is not OK.

I marked with red field what need to be fixed.

Phone used: Samsung Note 4.

2104Backend/CoreBug ReportLowfiltering by one user on tasks with multiple assignees ...New
0%
26.02.201626.02.2016 Task Description

If you have a tasklist with tasks that have multiple assignees in a task and you search just by one of the assignees, the resulting tasklist shows only this user in the assignees column.

Expected: all assignees of the tasks are shown.

2111Installer and UpgraderBug ReportMediumUpon trying to install flyspray release, setup says I'm...Planned
10%
224.03.201605.06.2016 Task Description

When I tried to install a instance of flyspray that is a release, I am greeted with a screen that says that I am trying to install a development version of flyspray. Due to me using shared hosting, I am unable to run any composer commands.

My version of flyspray was downloaded from flyspray.org, so why would this be happening? Thanks

2112APIBug ReportMediumAssigned tickets aren't editable for lower privileged u...Unconfirmed
0%
231.03.201611.04.2016 Task Description

An assigned ticket can't be edited by a lower privileged user.

Steps to reproduce:

  • One Project, Two Users. User A is Admin, User B is Basic
  • A creates a Task.
  • A take ownership of the Task. (it’s important to do this AFTER saving the task. You cannot assign User A if you are A in this moment. Maybe another Bug...!?)
  • Now B is allowed to take ownershop too. B click now “Add me to assignees”.
  • Now B can edit the task.
  • If B click “save”, the task can’t be saved, because some fields haven’t the correct values (esp: state is now “unconfirmed”). Many error messages said, that unexpected values exist

Some weird moments:

  • Why can B edit a task? He have no rights to edit tasks...
  • If B are Basic and have “edit own Task”-Right too, this bug also exist.
2116EmailBug ReportMediumError with email notificationUnconfirmed
0%
1908.04.201615.04.2016 Task Description

I have a major problem. At the first I thought that problem is on my server - Windows OS, IIS. But now when I have second bug tracker site on Apache server and error is the same I know that this is not server error but bug tracker error.

How can I help that we resolve this problem?

If e-mail need’s to be sent I got blank white page and nothing happens.

In attachment is my bug tracker with installer (setup) folder. If this somehow helps it?

Version which is used is 1.0 (latest on web) (edit by peterdd: was a mix of older Flyspray versions). The problem is that nothing works because e-mails are not working..

2119Backend/CoreBug ReportMediumfunction filter_input not always availableResearching
0%
15.04.201615.04.2016 Task Description

filter_input() is in extension “Filter”.

It is enabled by default since PHP5.2, see http://php.net/manual/en/migration52.new-extensions.php but not “always”, see https://groups.google.com/forum/?hl=de#!topic/flyspray/QM75BvwPqGM

filter_input() is only used at 1 section in Flyspray (since 2014 up to v1.0rc1) in includes/fix.inc.php
This is the commit https://github.com/Flyspray/flyspray/commit/40861911260812c99682fe3456350cb63bb243a9

How do we solve it? Several possibilities:

2122Backend/CoreBug ReportMediumopen_basedir restrictions for FS_CACHE_DIR not respecte...Suspended
0%
422.04.201616.08.2016
2128Text RenderingBug ReportLowGeshi (part of dokuwiki plugin for code blocks) uses de...Confirmed
20%
2120.05.201605.05.2019
2134Backend/CoreBug ReportHighCannot assign a task to other projectPlanned
0%
3207.06.201617.02.2019
2136User InterfaceBug ReportMediumAfter updating user properties as admin - return to wro...Confirmed
0%
308.06.201623.07.2016
2137Backend/CoreBug ReportLowfeature accesskey bad implemented by web browsersNew
0%
15.06.201615.06.2016
2142Backend/CoreBug ReportLowPost-authenticate redirect does not make use of baseurl...Unconfirmed
0%
28.06.201601.08.2016
2160Backend/CoreBug ReportLowCannot "accept" PM close request if already closedUnconfirmed
0%
14.07.201614.07.2016
2188Backend/CoreBug ReportVery LowIt should not possible to relate a task to itselfNew
0%
01.08.201601.08.2016
2197Backend/CoreBug ReportHighChange Time for everyoneUnconfirmed
0%
121.08.201622.08.2016
2198User InterfaceBug ReportLowMulti-Select from tasklist offers options to those who ...Unconfirmed
0%
1122.08.201622.08.2016
2200User InterfaceBug ReportMediumIncomplete list of timezones available in the user pref...Unconfirmed
0%
26.08.201626.08.2016
2202Installer and UpgraderBug ReportHighUnable to upgradeUnconfirmed
0%
310.09.201611.10.2016
2215Text RenderingBug ReportLowwrong output of Geshi syntax highlighting for xml codeNew
0%
117.10.201631.12.2017
2223GreekBug ReportVery LowSome strings need splitting or replacementUnconfirmed
0%
2124.10.201625.10.2016
2224GreekBug ReportVery LowSemicolon is a bad separatorUnconfirmed
0%
1124.10.201625.10.2016
2225GreekBug ReportVery LowGreek uses slash for datesConfirmed
20%
324.10.201622.11.2016
2304Database QueriesBug ReportMediumGreek letters crash tagsConfirmed
0%
126.10.201626.10.2016
2309User InterfaceBug ReportLowPHP noticed displayed on default "All Projects" page.Unconfirmed
0%
302.11.201626.11.2016
2315Backend/CoreBug ReportLowFiling a new task is possible with no details in the ma...Unconfirmed
0%
21.11.201621.11.2016
2316Backend/CoreBug ReportLow"wrongtoken" is displayed if the comment box is left si...Assigned
0%
peterdd7122.11.201629.07.2019
2318Installer and UpgraderBug ReportLowsyntax_plugin required when selected ckeditor in SetupRequires testing
50%
323.11.201607.12.2016
2330Backend/CoreBug ReportLowPHP Notice: Undefined offset: 0 in scripts/index.php o...Unconfirmed
50%
423.01.201730.01.2017
2332Backend/CoreBug ReportMediumCSV export filename filteringNew
0%
224.01.201724.01.2017
2336Backend/CoreBug ReportHighCaptcha validation always fail on registrationUnconfirmed
0%
1301.02.201721.07.2018
2338Backend/CoreBug ReportMediumExport tasks to csv has issuesUnconfirmed
50%
202.02.201712.03.2019
Showing tasks 1 - 50 of 307 Page 1 of 7

Available keyboard shortcuts

Tasklist

Task Details

Task Editing