Flyspray

This is the Bug Tracking System for the Flyspray project. This is not a demo!

2021-04-23: Flyspray 1.0-rc10 released See https://github.com/Flyspray/flyspray/releases

If you are upgrading from older version, please wait for 1.0-rc11.

2021-11-23: New user registration and password forgotten currently not working on bugs.flyspray.org due email server problems. peterdd

ID Category  asc Task Type Severity Summary Status Progress Assigned To Due In Version Opened Last Edited
2534Backend/CoreFeature RequestLowPrivate projectsUnconfirmed
0%
816.01.201918.01.2019 Task Description

I would like to restrict certain projects from view from normal users (Basic group.) I couldn’t find out a way to do it. I could restrict them from viewing tasks, which is good, but it would be nice to hide the project entirely from the Overview screen.

2582Backend/CoreInformationLowHow to reach internal windows share (was: Internal URL)Unconfirmed
0%
304.11.201905.11.2019 Task Description

I have installed flyspray on an internal server and have problems with the renaming of internal links.

For example:
I want to put this link in the comment section.
\\192.168.200.5\Folder\example.docx

it shows the link correct,
but when you hover over the link it shows:
file://192.168.200.5/Folder/example.docx

And on clicking on it, of course I can´t access the file, because it´s trying to open an external link.
I dont want it to be renamed from ‘\’ to ‘/’.

Can somebody help me please.

I tryed to find it in the sourcecodes, but I have almost no experience in PHP.

Thank you!

2587Backend/CoreTODOMediumdisplay_errors=1 should not set in release candidateUnconfirmed
0%
18.12.201918.12.2019 Task Description

display_errors = 1 should not set in include/fix.inc.php for releases or releases candidate, because with this it is not possibele to disable the error reporting globaly.

The problem is, if I want to enable full error reporting to logfile via “error_log=…” in php.ini, then the error will also full reported to user. Full error reporting is a hig risk for security.

Did you installed an official release or did you used an inoffical docker?!
flyspray-1.0-rc9

Steps done to create the problem:
Create a file php.in in base directory with follow contens:
error_reporting = E_ALL | E_STRICT
log_errors = On
display_errors = Off
error_log = /var/log/php-flyspray-errors.log

Expected behavior:
Errors only to log file

Experienced behavior:
All errors goes also to user.
The option “display_errors = Off” has no effect.

2588Backend/CoreBug ReportLowps_files_cleanup_dir: opendir(/tmp/.priv) failed: Permi...Unconfirmed
0%
218.12.201905.02.2021 Task Description

Sometimes comes this message with a lot of backtrace log.
If you are reporting a bug please provide as much information as possible to help understand and reproduce the problem:

Did you installed an official release or did you used an inoffical docker?!
Official download flyspray-1.0-rc9

mysqlnd 5.0.12-dev
Linux 64bit
PHP Version 7.2.25

Steps done to create the problem:
Wait some weeke and edit a ID.

Experienced behavior:

[18-Dec-2019 13:19:41 Europe/Berlin] PHP Notice:  session_start(): ps_files_cleanup_dir: opendir(/tmp/.priv) failed: Permission denied (13) in /var/foo/htdocs/flyspray/includes/class.flyspray.php on line 1006
[18-Dec-2019 13:19:41 Europe/Berlin] PHP Warning:  session_start(): Cannot send session cache limiter - headers already sent (output started at/var/foo/htdocs/flyspray/includes/class.flyspray.php:1006) in /var/foo/htdocs/flyspray/includes/class.flyspray.php on line 1006
[18-Dec-2019 12:19:41 UTC] PHP Warning:  Cannot modify header information - headers already sent by (output started at /var/foo/htdocs/flyspray/includes/class.flyspray.php:1006) in /var/foo/htdocs/flyspray/index.php on line 96
[18-Dec-2019 12:19:41 UTC] PHP Warning:  Cannot modify header information - headers already sent by (output started at /var/foo/htdocs/flyspray/includes/class.flyspray.php:1006) in /var/foo/htdocs/flyspray/index.php on line 97
[18-Dec-2019 12:19:41 UTC] PHP Warning:  Cannot modify header information - headers already sent by (output started at /var/foo/htdocs/flyspray/includes/class.flyspray.php:1006) in /var/foo/htdocs/flyspray/includes/class.csp.php on line 76
[18-Dec-2019 12:19:41 UTC] PHP Warning:  Cannot modify header information - headers already sent by (output started at /var/foo/htdocs/flyspray/includes/class.flyspray.php:1006) in /var/foo/htdocs/flyspray/includes/class.csp.php on line 80
[18-Dec-2019 12:19:41 UTC] PHP Warning:  Cannot modify header information - headers already sent by (output started at /var/foo/htdocs/flyspray/includes/class.flyspray.php:1006) in /var/foo/htdocs/flyspray/includes/class.csp.php on line 82
2599Backend/CoreInformationLowadd post request on new task creationUnconfirmed
0%
30.03.202012.04.2021 Task Description

I’m currently using flyspray 0.9.9.7

I want to make a little integration of our flyspray installation into slack.
I want make a POST request when a “new task is created”

Any experiment guy can help here ?
1. Where is the best place to achieve this quickly as “hack hardcode” 2. Im not php developer, is there any php lib in flyspray todo quick POST request without installing any additional lib.

2600Backend/CoreInformationLowError #17 when selecting a projectUnconfirmed
0%
31.03.202031.03.2020 Task Description

When I am at the global projects page at index.php?do=admin&area=editallusers and now select a project from the dropdown menu at the top right, I get an error

FEHLER #17: Ungültiger Projektmanager-Bereich!

(according to the the translation area this is key 813: error17 Invalid PM area.)

If I select the project again, the projects start page will be shown correctly.

2626Backend/CoreBug ReportCriticalCreate a new build, last stable is 0.9.9.7 (2012-05-28)...Unconfirmed
0%
727.02.202107.10.2022 Task Description

The last build is very old, it is possible to create a new build?
- The last RC: 2 years soon
- The last stable: 9 years soon

GitHub Releases section:
- https://github.com/Flyspray/flyspray/releases

Latest release
v1.0-rc9
136c339

Flyspray 1.0-rc9

@peterdd peterdd released this Apr 22, 2019

Stable: http://www.flyspray.org/docs/download/

Flyspray 0.9.9.7 - 28 May 2012
2627Backend/CoreBug ReportLowcheckLogin: Trying to access array offset on value of t...Unconfirmed
0%
509.03.202111.03.2021 Task Description

FS version: 1.0-rc9
PHP version: 7.4.15
database: mysql
php.ini: error_reporting = E_ALL | E_STRICT

Steps done to create the problem:
- Login as Admin or User, with name “Admin”, not with email.

Experienced behavior:
PHP Notice: Trying to access array offset on value of type bool in …/flyspray-1.0-rc9/includes/class.flyspray.php on line 812

A possible fix is attached as patch.

Think, it is this line in currend code:
https://github.com/Flyspray/flyspray/blob/5b0a3d80fc9612ca8e8743450fbf2c8243b5bf47/includes/class.flyspray.php#L836

2643Backend/CoreInformationLowUnable to delete a wrong TaskUnconfirmed
0%
407.07.202108.07.2021 Task Description

Today I received a Spam into my Flyspray, I wanted to ban the user and to delete the task, to my surprise I didn’t see an option to -delete- a created task, so I don’t want to keep this spammy content into my DB or even worse, publically viewable to other users / or google (which will impact in seo and also make their spamming successful forever), I just wanted to simply remove the task entirely from the DB

So my only option was to restore the 2-days before database backup in order to remove it, then I upgraded to the last git checkout but I didn’t see that option existing

I think flyspray needs to have that option included

Thank you

2661Backend/CoreBug ReportMediumhttp(s) links are broken with ";" in emailUnconfirmed
0%
329.10.202207.11.2022 Task Description

@peterdd: Links are broken in the received emails:
- https://example.tld/?p=blablabla.test;a=test

In the Flyspray, it works, you can see here.

2663Backend/CoreTODOVery LowImpossible to modify a personal ticketUnconfirmed
0%
201.11.202206.11.2022 Task Description

@peterdd: Modify a personal ticket is not enabled in this bugtracker.

Can you solve it?

Thanks in advance.

2664Backend/CoreBug ReportLow"(" or ")" in a link does not workUnconfirmed
0%
201.11.202206.11.2022 Task Description

“(” or “)” in a link does not work, example:
- https://example.net/test(test).html

Source:

https://example.net/test(test).html 
2665Backend/CoreBug ReportMediumhttp(s) link text has not "http" or "https" in received...Unconfirmed
0%
101.11.202206.11.2022 Task Description

@peterdd: There is a problem, in received email, link texts are cutted.

Example:

https://example.tld/test

becomes in email

example.tld/test
2666Backend/CoreBug ReportLowTag user with ID numberUnconfirmed
0%
01.11.202206.11.2022 Task Description

@peterdd: It is not possible to tag user with ID number?

You can see a lot of problems with tag here:
- https://bugs.flyspray.org/index.php?do=details&task_id=2660

2668Backend/CoreBug ReportHighCKeditor update (CVEs)Unconfirmed
10%
peterdd1.0-rc11202.11.202208.11.2022 Task Description

It is possible to update CKeditor?

Currently it is 4.16:
- https://github.com/Flyspray/flyspray/blob/master/js/ckeditor/CHANGES.md

Vulnerabilities / CVEs:
- https://www.cvedetails.com/vulnerability-list/vendor_id-12058/Ckeditor.html

There are at this time:
- 4.20: https://github.com/ckeditor/ckeditor4/tags
- 35.2.1: https://github.com/ckeditor/ckeditor5/tags

1798Backend/CoreFeature RequestLowBounty System New
0%
2.0113.12.201206.03.2015 Task Description

Add a system where people can donate towards a specific task. For example, I want to donate $10 if someone implements gravatars. The money sits in a pool, and then when someone claims that task and it is marked as completed by the admin, they get the bounty (less some commission that goes towards the project).

1811Backend/CoreFeature RequestLowGoogle Docs/Dropbox IntegrationNew
0%
2.0417.01.201313.03.2015 Task Description

On a project or ticket basis should be able to hook in and possibly also share permissions

1820Backend/CoreFeature RequestLowMerge comments, history, and detailsNew
0%
2.0317.01.201325.05.2016 Task Description

Should be more of a link thread of activity rather than segmented

1924Backend/CoreBug ReportLowBetter errors messages on email errorNew
0%
1.1 devel11.07.201406.03.2015 Task Description

When entering the wrong SMTP information and then adding a user through Multiple New Users page, the error message is bad. It just says 'this should never happen'. Instead, we need to detect that it is an SMTP authentication error and report that issue to the user more clearly.

1960Backend/CoreBug ReportMediumforeign key relations between versions and tasksNew
0%
209.03.201513.08.2015 Task Description

It seem that when deleting a version entry in a project, that tasks that have this version assigned are still connected to this deleted version. For example FS#1222 (on 2015-03-09).

There are several options to solve such things:

  • Deny deletion of version as long as tasks assigned to this project version.
    • Either by doing a testing SQL query to check this case coded in PHP. Take care to keep this centralized, must also be respected by an eventually later added Flyspray API (XMLRPC or whatever).
    • add SQL foreign key constraints with ON DELETE RESTRICT
      • Pro: some business logic can be directly enforced by SQL.
      • Cons: higher requirements for hosting, if using mysql innodb tables must be available on the hosting
  • Move the tasks of this version to a default fallback version before deleting the version tag.
    • Either doing one transaction doing : 1. move the tasks to its fallback version, 2. delete the version
    • add SQL foreing key constraint with ON DELETE SET $fallbackversionid. Some pros & cons like on the the denying option.

The same for other assignments for tasks.

This issue is similiar to the massop issue: (https://github.com/Flyspray/flyspray/issues/130)

1962Backend/CoreFeature RequestLowSMS notification - sending notifications via sms same a...New
0%
211.03.201502.12.2015 Task Description

moved from  FS#1697  into a separate task.

1971Backend/CoreFeature RequestLowa field like challenge level or doom levelNew
0%
12.03.201512.03.2015 Task Description

We have severity field.
We have priority field.
We have estimated effort field.

But we don't have a fíeld to see how hard a task is to solve. Something like in doom 3d shooter a face from normal/easy to angry/bloody/very hard.

Imaging you have some people in a company, some base educated, some high educated, some are experts in their field, some do repeating easy tasks.

By adding the ability to set a 'doom level' on tasks this can complete the view over a project in addition to severity,priority,effort.

1982Backend/CoreBug ReportLowdouble entries in assignees listNew
80%
1.1 devel320.03.201511.02.2016 Task Description

maybe yet fixed in 1.0 dev, but here bugs.flyspray.org my account is shown twice for selection if u edit a task.

Internally in the form also with the same id, so probably not a big problem.

I registered some years ago, maybe this year jordan(?) added me again or with another email adress? Maybe I have two addresses under on account here, which is a feature, not a bug.

But for the assignee list it should “group by user_id”.

2005Backend/CoreFeature RequestLowone account, several authenticationsNew
0%
1.1 devel18.07.201518.07.2015 Task Description

Currently it seems a user needs two accounts
to login by normal user-password and oauth2 login with facebook,g+ etc.

Better would be if a normal username-password registered user could connect a oauth2-login with his existing login.

2007Backend/CoreBug ReportLowtime on project overview activity timelinesNew
0%
18.07.201518.07.2015 Task Description

I find it irritating to have the oldest activity on the right side and newest activity on the left side of the small activity bars.

There is also no time scale description. This could be added by showin it on :hover to keep the simple appearance.

A complete new feature would be to replace the image generation by rendering the bars in the html in the same request, e.g by inline svg or canvas element. This would enable adding some interactivity with the activity bars..
A related feature request is FS#1991 (project progress)

2022Backend/CoreFeature RequestLowdefault or auto options for some settingsNew
0%
1.1 devel103.08.201515.01.2019
2029Backend/CoreFeature RequestLowpossibility to let a user describe himselfNew
0%
112.08.201518.01.2018
2036Backend/CoreBug ReportVery Lowsession timeoutNew
0%
2121.08.201512.01.2016
2038Backend/CoreBug ReportLowJscalendar must be replaced with something elseNew
0%
223.08.201524.08.2015
2053Backend/CoreBug ReportLowambiguous user name display username / realnameNew
0%
1.1 devel217.09.201519.02.2020
2054Backend/CoreFeature RequestLowFields for csv export choosable like for task listNew
0%
2.0117.09.201531.12.2017
2055Backend/CoreBug ReportLowMake the csv export table fields respect the user permi...New
0%
1.1 devel17.09.201517.09.2015
2057Backend/CoreBug ReportLowDo not resubmit forms on browser reload button or F5New
0%
122.09.201523.09.2015
2058Backend/CoreBug ReportLowClosing of github.com 'Issues' featureNew
0%
24.09.201524.09.2015
2059Backend/CoreFeature RequestLowusage of github automated/webhook notificationsNew
0%
24.09.201524.09.2015
2063Backend/CoreFeature RequestVery Lowshow closed/open usage count on do=pm&area=XXXNew
10%
peterdd129.09.201525.03.2021
2073Backend/CoreBug ReportLowCouldn't edit comment of anonymous reporterNew
0%
17.10.201517.10.2015
2089Backend/CoreBug ReportMediumadding same taskid as subtask or related task should be...New
50%
1.0207.11.201518.11.2016
2104Backend/CoreBug ReportLowfiltering by one user on tasks with multiple assignees ...New
0%
226.02.201615.06.2020
2105Backend/CoreFeature RequestMediumcountermeasures for 'add task anonymous' spamNew
0%
127.02.201627.02.2016
2137Backend/CoreBug ReportLowfeature accesskey bad implemented by web browsersNew
0%
15.06.201615.06.2016
2188Backend/CoreBug ReportVery LowIt should not possible to relate a task to itselfNew
0%
01.08.201601.08.2016
2332Backend/CoreBug ReportMediumCSV export filename filteringNew
0%
224.01.201724.01.2017
2436Backend/CoreBug ReportLowdokuwiki renderer creates nonunique html-id for h1,h2,h...New
0%
202.08.201702.08.2017
2439Backend/CoreFeature RequestLowClone a ProjectNew
0%
15.09.201715.09.2017
2441Backend/CoreBug ReportMediumrefactor dokuwiki image tagsNew
0%
15.09.201715.09.2017
2453Backend/CoreBug ReportMediumvalidate category before storing a new taskNew
0%
1.014.12.201714.12.2017
2454Backend/CoreBug ReportLowPHP warning in admin edit user areaNew
0%
15.01.201815.01.2018
2491Backend/CoreBug ReportLowgroup member links if project manager but not adminNew
0%
1.001.09.201801.09.2018
2535Backend/CoreFeature RequestLownew optional Flyspray setting: add new users automatica...New
0%
216.01.201921.01.2019
Showing tasks 51 - 100 of 326 Page 2 of 7

Available keyboard shortcuts

Tasklist

Task Details

Task Editing