Flyspray

This is the Bug Tracking System for the Flyspray project. This is not a demo!

2021-04-23: Flyspray 1.0-rc10 released See https://github.com/Flyspray/flyspray/releases

If you are upgrading from older version, please wait for 1.0-rc11.

ID Category Task Type  asc Severity Summary Status Progress Assigned To Due In Version Opened Last Edited
2603Backend/CoreBug ReportVery Low Psi XMPP client (19-04-09)Waiting on Customer
0%
221.04.202025.09.2020 Task Description

From: https://groups.google.com/forum/?hl=en#!topic/flyspray/jC5BBQ1XiQo

19-04-09 // More one year ago.

On https://www.flyspray.org/ On https://www.flyspray.org/devel/team/

Replace :
- https://www.psi-im.org/https://psi-im.org/

→ Remove the WWW.

2135Backend/CoreBug ReportHigh"Modify own tasks" does not function correctly when add...Confirmed
50%
1.013107.06.201622.08.2016 Task Description

“Oh, there are some incompatible properties set that must be resolved before moving this task to a different project.”

Oh, but I am not moving the task to a different project. Just trying to edit my own submission.

“Edit this task” → “Save details”

See attached screen capture.

2316Backend/CoreBug ReportLow"wrongtoken" is displayed if the comment box is left si...Assigned
0%
peterdd7122.11.201629.07.2019 Task Description

I understand this is likely due to some sort of XSS CSRF protection, but the delay doesn’t appear to be long enough to be useful for a lengthy comment to be posted. I’ve now lost two detailed comments in our tracker because the software threw everything out and generated a meaningless error.

Further, attempting to do the normal thing and making the browser resubmit the page results in Flyspray throwing “Error #3” something something repeated action and causing a redirect to the homepage.

Surely there has to be a better way to handle this that doesn’t incur data loss?

2121Backend/CoreBug ReportMedium'my assigned tasks' uses like %?% search instead of use...Confirmed
90%
1.0319.04.201603.02.2018 Task Description

Problem: https://github.com/Flyspray/flyspray/pull/552

The button ‘My assigned tasks’ should search only by userid, not in username or realname with the LIKE ‘%...%’ operator.

Currently the button is using the same as doing an advanced search filling the ‘Assigned To’ input field. (currently ‘dev’ param) But that search param searches in userid, username and realname.

Edit: Implemented simpler solution: if param is digitsonly, then search by userid, otherwise by username and realname if that param exists.

2559Backend/CoreBug ReportLowa duplicate close accepted even when missing comment/ r...New
0%
peterdd29.07.201929.07.2019 Task Description

Closing a task with selected close reason duplicate should warn when there is no comment or FS # id is given in the close comment text field.

The task is closed as duplicate without any further notice. The information to which task it is duplicate or a description (if the problem is logged/handled outside Flyspray) is lost.

Possible solutions

Frontend hints

  • variant F1 (soft): When duplicate as close reason is selected, a placeholder attribute in the close comment text field could be shown/updated. (maybe as ‘css only’ possible)
  • variant F2 (harder): Deny sending the form if duplicate selected, but comment text field is empty. and shows warning info. (javascript required, nojs browsers still send form.)
  • variant F3 (hard): Deny sending the form if duplicate selected and no task id detected in comment text field. and shows warning info. (javascript required)

Backend deny

  • variant B1 (soft): When request wants close a task with duplicate reason and (cleaned) comment string is empty, deny closing the task and give feedback to user why it was denied.
  • variant B2 (hard): It requires detecting a task id in the comment field and the first detected task id is taken for referencing as ‘is duplicate of’. Limitation of this is that the duplicate could be also a ticket or something of a complete other system.
2629Backend/CoreBug ReportLowactivating history tab sends same request 2 timesNew
0%
11.03.202111.03.2021 Task Description

There should be only one request to

js/callbacks/gethistory.php when activating the History tab

The request is made:

  • on mousedown event
  • on click event

So holding down the tab sends the first request and releasing sends the second request.

1734Backend/CoreBug ReportLowAdd Timezone Selection to Admin PanelMaybe
0%
2.0112.05.201207.03.2015 Task Description

Add Timezone Selection to Admin Panel

2089Backend/CoreBug ReportMediumadding same taskid as subtask or related task should be...New
50%
1.0207.11.201518.11.2016 Task Description

Both is a bit illogical, but both is currently possible! ;-)

1 ←- 1

So when setting the parent task id checked for creating loops is needed:

Loop with 2 tasks: 1 ←- 2 ←- 1

Loop with 3 tasks: 1 ←- 2 ←- 3 ←- 1
Loop with n tasks: 1 ←- ... ←- n < – 1

As I think there are currently no recursive reads that could lead to an endless loop, but should be kept in mind when someone wants to programm rendering a gantt chart.
E.g. by limiting the depth of subtasks for example.

2344NotificationsBug ReportLowAdmins still get noticed for new users even with the op...Unconfirmed
50%
616.02.201724.03.2017 Task Description

/index.php?do=admin&area=prefs

There’s a checkbox on this menu to toggle whether admins get notices for new user registrations or not. Ours is off, but I’m still getting those notices.

2136User InterfaceBug ReportMediumAfter updating user properties as admin - return to wro...Confirmed
0%
308.06.201623.07.2016 Task Description

Logged in as admin, modify a users group membership. After clicking update, you are returned to your logged-in profile (admin in this case). It should re-display the user’s profile you are editing.

The ‘back’ button will return to updated page.

2094EmailBug ReportHighAfter Upgrade All Users Receive Notifications for All T...Unconfirmed
0%
4106.01.201613.01.2016 Task Description

I upgraded from 0.9.9 to 1.0-beta2 a few hours ago. I received an error about oauth during the upgrade (didn’t think to take a screenshot). In any case, the upgrade otherwise seemed to go smoothly. When I subsequently closed a few tasks people who weren’t assigned to receive notifications for those tasks, even old consultants whose account I had disabled years ago, received the email notification. I also received lots of bounced emails from accounts whose email addresses were no longer existant.

Has anyone else experienced this? I’ve gone into the database and null’d out the email addresses of old accounts to prevent further spam. Not only did it notify everyone who had an account (active or disabled) but it put their email address in the To: field for all to see.

1919Backend/CoreBug ReportLowAJAX Quick-Edit on category and task pagesPlanned
70%
1.1 devel3109.07.201407.12.2015 Task Description

Ability to click field to edit ticket

TODO: return handler if request ok or fail.

TODO: also clicks on label should trigger show form.

Maybe the whole “click to active for editing this field” to one click too much.
So if the user has the rights to edit the value the form input or action button should be shown when viewing a task.
All other people just see the value if they have the right to view the value.

2053Backend/CoreBug ReportLowambiguous user name display username / realnameNew
0%
1.1 devel217.09.201519.02.2020 Task Description

With the existence of now two peoples named “Peter” on bugs.flyspray.org (I - peterdd , and PeterTheOne)
there are several places where the full names are display instead of usernames and the user can’t know who is which “Peter” until he visits the users profile page.

Different solutions possible:

  • more profile image/gravatar usage where user names are shown, on mouseover link title attribute shows username and realname
  • display user name (username) instead of full name (realname)
  • display full name and username (where much space available and precision needed)

When adding the mention feature, the username will be probably the prefered setting as the username is unique but the realname not.

2112APIBug ReportMediumAssigned tickets aren't editable for lower privileged u...Unconfirmed
0%
231.03.201611.04.2016 Task Description

An assigned ticket can't be edited by a lower privileged user.

Steps to reproduce:

  • One Project, Two Users. User A is Admin, User B is Basic
  • A creates a Task.
  • A take ownership of the Task. (it’s important to do this AFTER saving the task. You cannot assign User A if you are A in this moment. Maybe another Bug...!?)
  • Now B is allowed to take ownershop too. B click now “Add me to assignees”.
  • Now B can edit the task.
  • If B click “save”, the task can’t be saved, because some fields haven’t the correct values (esp: state is now “unconfirmed”). Many error messages said, that unexpected values exist

Some weird moments:

  • Why can B edit a task? He have no rights to edit tasks...
  • If B are Basic and have “edit own Task”-Right too, this bug also exist.
1924Backend/CoreBug ReportLowBetter errors messages on email errorNew
0%
1.1 devel11.07.201406.03.2015 Task Description

When entering the wrong SMTP information and then adding a user through Multiple New Users page, the error message is bad. It just says 'this should never happen'. Instead, we need to detect that it is an SMTP authentication error and report that issue to the user more clearly.

2645Backend/CoreBug ReportLowBug in estimated_time - class.effort.phpUnconfirmed
0%
1.0-rc1108.07.202108.07.2021 Task Description

From the Mailing List:

Hello,

I’v found the following bug in rc10:

flyspray-1.0-rc10

/includes/class.effort.php

Line 261:

$minutes = floor(($seconds - ($hours * 3600)) / 60);

should be:

$minutes = floor(($seconds - ($days * $factor) - ($hours * 3600)) / 60);

Can you add the patch in the next version?

Best regards,
Mario Stiffel

2160Backend/CoreBug ReportLowCannot "accept" PM close request if already closedUnconfirmed
0%
14.07.201614.07.2016 Task Description

If a task creator requested closure, and someone (developer) closes the task explicitly, the PM request cannot be later ‘accepted’ and the PM request remains in the queue.

Workaround - Deny request and queue item is removed OK.

It looks like the PM request button invoked details.close which returns early if task is already closed.

2134Backend/CoreBug ReportHighCannot assign a task to other projectPlanned
0%
3207.06.201617.02.2019 Task Description

Moving task to another project seems to require fields updated to target project options. This operation is not possible on the task category field and possibly others. Attempting to submit changes gives error:

“Oh, there are some incompatible properties set that must be resolved before moving this task to a different project.”

However, you cannot select a new value (from the target list) for the properties in question.

2336Backend/CoreBug ReportLowCaptcha validation always fail on registrationUnconfirmed
0%
1401.02.201715.03.2021 Task Description

Correct or wrong code return false!

The results of Securimage Test Script on my server

This script will test your PHP installation to see if Securimage will run on your server.

Session Functionality: Yes!
GD Support: Yes!
GD Version: bundled (2.1.0 compatible)
imageftbbox function: Yes!
TTF Support (FreeType): Yes!
JPEG Support: Yes!
PNG Support: Yes!
GIF Read Support: Yes!
GIF Create Support: Yes!
SQLite Support: Yes!
SQLite is available. If you choose to use it, Securimage can support users who do not accept cookies.
MySQL Support: Yes!
MySQL is available. If you choose to use it, Securimage can support users who do not accept cookies by storing codes in MySQL.
PostgreSQL Support: No
No PostgreSQL support.
LAME MP3 Support: No
LAME was not found, audio will work in WAV format, but not MP3. See Securimage HTML5 audio documentation for info.
Your server meets the requirements for using Securimage!

on modify.inc.php line:754 got

if( !Post::isAlnum('captcha_code') || !$image->check(Post::val('captcha_code'))) {
if( true == false || false == false ) {

Edit 2021-03-15: Only effects Flyspray source releases on Windows where running composer is required. Releases with included dependencies are not effected!

2499User InterfaceBug ReportHighChange recaptcha from using file_get_contents to CurlUnconfirmed
0%
118.09.201802.11.2018 Task Description

The issue with many servers now and the reason that recaptcha does not work is because it requires servers to enable allow_url_fopen which is a huge security risk. That is why you get the warning message when you try to run recaptcha that file_get_contents failed to connect.

So the solution is to use Curl to do that job.

Here is the fixed file, excuse my mess i had not cleaned up my code yet... but recaptcha now works.

this file goes in the includes dir... you can clean up the file if you like again sorry about that.

2197Backend/CoreBug ReportHighChange Time for everyoneUnconfirmed
0%
121.08.201622.08.2016 Task Description

Flyspray does not recover the time set in php.ini. On display, the system has two hour delay.

2627Backend/CoreBug ReportLowcheckLogin: Trying to access array offset on value of t...Unconfirmed
0%
509.03.202111.03.2021 Task Description

FS version: 1.0-rc9
PHP version: 7.4.15
database: mysql
php.ini: error_reporting = E_ALL | E_STRICT

Steps done to create the problem:
- Login as Admin or User, with name “Admin”, not with email.

Experienced behavior:
PHP Notice: Trying to access array offset on value of type bool in …/flyspray-1.0-rc9/includes/class.flyspray.php on line 812

A possible fix is attached as patch.

Think, it is this line in currend code:
https://github.com/Flyspray/flyspray/blob/5b0a3d80fc9612ca8e8743450fbf2c8243b5bf47/includes/class.flyspray.php#L836

2058Backend/CoreBug ReportLowClosing of github.com 'Issues' featureNew
0%
24.09.201524.09.2015 Task Description

As discussed with the team some time ago, a consolidation of places where issues are discussed is wanted.

One of the results was, that we do not want people post issues to github.com Issues and instead use our own bugs.flyspray.org
and to prefer "to eat our own dogfood" and a have central place to handle tasks.

As a result we tried to reduce the open issueas on github.com. I was in the process of moving 2 of still 7 open issues there to bugs.flyspray.org when suddenly the Issues on github.com were closed. :-( Now the last 5 issues there are lost at the moment for me and the audience, which where mostly informations to interested users, not bugs.

I think just closing it without an easy accessible alternative is not the best solution.

At least we should wait until the oauth2 authentication for github users should be implemented and setup on bugs.flyspray.org , so people browsing github.com, finding Flyspray project just can
"Login with github"-feature on bugs.flyspray.org.

The blocker to do this: Currently there is missing an option to "connect" an oauth "Login with github"- Login with an existend flyspray userlogin.

So that one userid in flyspray can:

  • login with username and password
  • login with one or more of his social accounts (github, facebook, microsoft, g+) if they are enabled (would it restrict to github.com accounts for bugs.flyspray.org)
1978User InterfaceBug ReportLowCompensate degraded usability due added token system an...Confirmed
50%
1.0516.03.201512.10.2015 Task Description

Due to the needed implementation of an anti csrf system into Flyspray 1.0,
this are a side effect issues we need to address:

Due the required replacement of action links to form buttons:

  • The user cannot just see anymore the target url of the action by hovering over the link. We can compensate that in the simpliest case by using the title-tag as additional info to the user. Trust not full reestabilished that way, but better than nothing and user has fear to click a form button.

Javascriptless CSS3-toggles:

  • Some clickable labels don’t show pointer icon when :hover. CSS issue, easy fix.
2623EmailBug ReportMediumCompletely unexpected exception on email errorsUnconfirmed
0%
01.02.202115.03.2021 Task Description

An incorrect email configuration may cause flyspray to hung during several seconds and report an exception.

Environment

* Linux Debian 10
* Nginx
* PHP-7.3 FPM
* Mariadb 10.3
* Flyspray 1.0-rc9

Steps done to create the problem:

  1. Cause a misconfiguration in the email configuration (e.g. an email server rejecting the user authentication)
  2. Try to post a comment on a ticket to generate a notification

Expected behavior:

Report the error in a logfile and gently show a user-friendly notification

Experienced behavior:

Flyspray hungs during several seconds and reports a user-unfriendly error:
The exception occurs in conditions that generate email notifications (e.g. posting a comment on a ticket):

Notice: fwrite(): send of 6 bytes failed with errno=104 Connection reset by peer in /var/www/flyspray/vendor/swiftmailer/swiftmailer/lib/classes/Swift/Transport/StreamBuffer.php on line 240 Completely unexpected exception: Expected response code 250 but got code "421", with message "XXX edited XXX"
This should never happend, please inform Flyspray Developers
2614EmailBug ReportCriticalConnection timed out #110Unconfirmed
0%
16.09.202016.09.2020
2073Backend/CoreBug ReportLowCouldn't edit comment of anonymous reporterNew
0%
17.10.201517.10.2015
2626Backend/CoreBug ReportCriticalCreate a new build, last stable is 0.9.9.7 (2012-05-28)...Unconfirmed
0%
527.02.202105.05.2021
2332Backend/CoreBug ReportMediumCSV export filename filteringNew
0%
224.01.201724.01.2017
2527Backend/CoreBug ReportLowDatabase Check »Your mysql supports full utf-8 since 5....Unconfirmed
0%
105.01.201905.01.2019
2317User InterfaceBug ReportMediumDate format wrongConfirmed
20%
1.1 devel122.11.201622.11.2016
2057Backend/CoreBug ReportLowDo not resubmit forms on browser reload button or F5New
0%
122.09.201523.09.2015
2436Backend/CoreBug ReportLowdokuwiki renderer creates nonunique html-id for h1,h2,h...New
0%
202.08.201702.08.2017
1982Backend/CoreBug ReportLowdouble entries in assignees listNew
80%
1.1 devel320.03.201511.02.2016
2552EmailBug ReportHighEmail TLS error (was 'Mail Adress encryption')Unconfirmed
0%
330.05.201908.04.2020
2448Backend/CoreBug ReportLowerror message in eventlog reportsUnconfirmed
0%
226.10.201729.10.2017
2048Backend/CoreBug ReportLowerror when adding data containing national charactersUnconfirmed
0%
09.09.201509.09.2015
2544EmailBug ReportLowError when registering new accountUnconfirmed
0%
123.03.201923.03.2019
1882EmailBug ReportMediumError with email notificationPlanned
0%
2.0622.12.201308.04.2016
2116EmailBug ReportMediumError with email notificationUnconfirmed
0%
1908.04.201615.04.2016
2550EmailBug ReportLowException handling sending email notificationUnconfirmed
0%
06.05.201906.05.2019
2338Backend/CoreBug ReportMediumExport tasks to csv has issuesUnconfirmed
50%
202.02.201712.03.2019
2636Installer and UpgraderBug ReportHighFailure to upgrade 1.0-rc9 to 1.0-rc10 (mariadb 10.4.18...Assigned
50%
peterdd1.0-rc11729.04.202123.07.2021
2637Installer and UpgraderBug ReportHighFailure to upgrade 1.0-rc9 to 1.0-rc10 (postgresql 12.6...Assigned
50%
peterdd1.0-rc11729.04.202105.05.2021
2137Backend/CoreBug ReportLowfeature accesskey bad implemented by web browsersNew
0%
15.06.201615.06.2016
2315Backend/CoreBug ReportLowFiling a new task is possible with no details in the ma...Unconfirmed
0%
21.11.201621.11.2016
2104Backend/CoreBug ReportLowfiltering by one user on tasks with multiple assignees ...New
0%
226.02.201615.06.2020
1960Backend/CoreBug ReportMediumforeign key relations between versions and tasksNew
0%
209.03.201513.08.2015
2042Backend/CoreBug ReportMediumfunction absoluteURI not using basedir and force_basedi...Unconfirmed
0%
3104.09.201501.10.2015
2119Backend/CoreBug ReportMediumfunction filter_input not always availableResearching
0%
15.04.201615.04.2016
Showing tasks 1 - 50 of 312 Page 1 of 7

Available keyboard shortcuts

Tasklist

Task Details

Task Editing