Flyspray

This is the Bug Tracking System for the Flyspray project. This is not a demo!

2021-04-23: Flyspray 1.0-rc10 released See https://github.com/Flyspray/flyspray/releases

If you are upgrading from older version, please wait for 1.0-rc11.

2021-11-23: New user registration and password forgotten currently not working on bugs.flyspray.org due email server problems. peterdd

ID Category Task Type Severity Summary Status Progress Assigned To Due In Version  asc Opened Last Edited
2601Public RelationsFeature RequestMediumhttp -> https missing redirection (19-04-09)Assigned
10%
Floelejudas_iscariote321.04.202025.09.2020 Task Description

From: https://groups.google.com/forum/?hl=en#!topic/flyspray/rAnks5y_uLk

19-04-09 // More one year ago.

There are not http → https redirections.

Only one example:
- http://www.flyspray.org/docs/download/ is not redirected to https://www.flyspray.org/docs/download/

Note: It is better to have the main website in https://flyspray.org/.

http://www.flyspray.org/ + https://www.flyspray.org/ + http://www.flyspray.org/ must be redirected to https://flyspray.org/

2657EmailBug ReportCriticalcurrently new registration emails are not received by u...Assigned
0%
Floelejudas_iscariote24.11.202124.11.2021 Task Description

Regardless if a gmail.com or other address (tested with my gmail and also other email address)

So this is probably a mail server problem. I try to reach server admin.

I can see my “unfinished registrations” tests in the admin→checks area, but received no emails (waited and checking spam folders too)

2063Backend/CoreFeature RequestVery Lowshow closed/open usage count on do=pm&area=XXXNew
10%
peterdd129.09.201525.03.2021 Task Description

Currently on

  • do=pm&area=cat
  • do=pm&area=version
  • do=pm&area=os
  • do=pm&area=resolution
  • do=pm&area=status
  • do=pm&area=tags
  • do=pm&area=tasktype

a count of usage in tasks is shown for every property.

Interesting would be if the counter shows the count for open/closed tasks on each row.

2316Backend/CoreBug ReportLow"wrongtoken" is displayed if the comment box is left si...Assigned
0%
peterdd7122.11.201629.07.2019 Task Description

I understand this is likely due to some sort of XSS CSRF protection, but the delay doesn’t appear to be long enough to be useful for a lengthy comment to be posted. I’ve now lost two detailed comments in our tracker because the software threw everything out and generated a meaningless error.

Further, attempting to do the normal thing and making the browser resubmit the page results in Flyspray throwing “Error #3” something something repeated action and causing a redirect to the homepage.

Surely there has to be a better way to handle this that doesn’t incur data loss?

2559Backend/CoreBug ReportLowa duplicate close accepted even when missing comment/ r...New
0%
peterdd29.07.201929.07.2019 Task Description

Closing a task with selected close reason duplicate should warn when there is no comment or FS # id is given in the close comment text field.

The task is closed as duplicate without any further notice. The information to which task it is duplicate or a description (if the problem is logged/handled outside Flyspray) is lost.

Possible solutions

Frontend hints

  • variant F1 (soft): When duplicate as close reason is selected, a placeholder attribute in the close comment text field could be shown/updated. (maybe as ‘css only’ possible)
  • variant F2 (harder): Deny sending the form if duplicate selected, but comment text field is empty. and shows warning info. (javascript required, nojs browsers still send form.)
  • variant F3 (hard): Deny sending the form if duplicate selected and no task id detected in comment text field. and shows warning info. (javascript required)

Backend deny

  • variant B1 (soft): When request wants close a task with duplicate reason and (cleaned) comment string is empty, deny closing the task and give feedback to user why it was denied.
  • variant B2 (hard): It requires detecting a task id in the comment field and the first detected task id is taken for referencing as ‘is duplicate of’. Limitation of this is that the duplicate could be also a ticket or something of a complete other system.
2573Backend/CoreTODOLowadd rel nofollow,ugc,.. settingsNew
20%
peterdd114.09.201915.09.2019 Task Description
  1. Find a good configuration name just reuse relnofollow as used by dokuwiki
  2. Find a good translation keyword for that config relnofollow
  3. Find a good translation keyword for config description (title attribute)

Goes into prefs table as it is sitewide configuration.

As first implementation a simple checkbox should be ok. Should be on the tab with other spam handling stuff like captcha configuration.

Is enabled by default (1).
Adapt setup xml files, upgrade procedure.


	
2620Backend/CoreTODOMediumPHP8 compatibilityNew
50%
peterdd226.11.202017.08.2021 Task Description

PHP 8.0 is now released (2020-11-26) and Flyspray should be made compatible with it.

  • Replace removed and deprecated functions with alternatives in our source code.
  • Upgrade used libraries or make used libraries compatible:
    • post github issue or pull requests for ADODB
    • upgrade used dokuwiki or make changes in our integration (probably just review our as official dokuwiki project contains too much stuff we do not need and changed much)
    • review used geshi
    • upgrade our swiftmailer version to PHP8 compatible version
    • upgrade our oauth2-client stuff to PHP8 compatible version
  • The @ operator no longer silences fatal errors. Some checks in installer or other areas might not work anymore as expected when the @-operator was used as silencer for previous PHP versions.
2625User InterfaceTODOLowavoid password manager popups in admin prefs areaNew
0%
peterdd110.02.202110.02.2021 Task Description

We must teach browsers not to use some input fields in the admin prefs area to offer to store it in their password manager.

Steps to reproduce:

  1. Login with Firefox as admin into Flyspray. (Maybe other browsers behave same)
  2. Go to admin prefs area (top right gear icon)
  3. Click link somewhere else (so leaving admin prefs page)
  4. Firefox browser pops up password manager as it detected some password input fields on admim prefs setting page. But in this case this is not wanted.

Either by using different input field names where the browser does not assume it is a login password field or find input field attribute to tell them.

auto-complete="off"

is not working anymore in browsers for password fields.

webbrowser: Firefox 85.0.2

Popup probably triggered by the password fields for configuring Email and XMPP notification: smtp_pass and jabber_password input fields. Firefox heuristic is too stupid to detect that these are for server configuration, not user login fields!

Neither

autocomplete="new-password"

nor

autocomplete="one-time-code"

attribute helped.

Stubborn Firefox ..

2639JavascriptBug ReportMediumUnable to "deny" a pending requestResearching
0%
peterdd712.05.202113.06.2021 Task Description

My project has 37 pending requests. Each has a set of Accept / Deny buttons next to it.

If I click on Deny, a textbox pops up for me to enter “Reason for denial” but the entire page immediately regreshes/reloads back to the task list before I have a chance to enter the reason and submit it.

I can always “Accept” the request implicitly by going to the appropriate task and closing/re-opening it, but there’s no way to “deny” something without going through this UI path.

2652Backend/CoreBug ReportMediumInvalid argument supplied for foreach() in /var/www/htm...Unconfirmed
0%
1.0-rc111227.08.202114.10.2021 Task Description

I have the last version rc10

When I try to update/delete a item from a list in “Categories” I have this message in the top of the page:

http://XXXXX/index.php?do=pm&area=cat&project=2

Warning: Invalid argument supplied for foreach() in /var/www/html/includes/modify.inc.php on line 2215

When I try to update/delete a item from a list in “Versions” I have this message in the top of the page:

http://XXXX/index.php?do=pm&area=version&project=2

Warning: Invalid argument supplied for foreach() in /var/www/html/includes/modify.inc.php on line 2119 

http://XXXX/index.php?do=admin&area=cat

Warning: Invalid argument supplied for foreach() in /var/www/html/includes/modify.inc.php on line 2215
2636Installer and UpgraderBug ReportHighFailure to upgrade 1.0-rc9 to 1.0-rc10 (mariadb 10.4.18...Assigned
50%
peterdd1.0-rc11729.04.202123.07.2021 Task Description

I administer a moderate-sized (~14K ticket) 1.0-rc9 instance running on a Fedora 32 host (php 7.4.16, mariadb 10.4.18) Following the upgrade instructions (ie transfer attachments, avatars, flyspray.conf.php) the setup/upgrade tool loads, and prompts me to upgrade.

It churns a while before refreshing the screen, claiming a successful 1.0-rc10 upgrade. However, the upgrade seems to not actually “stick”, because clicking on the “return” button I’m dropped back into the upgrader, which is once again claiming I’m running 1.0-rc9 and prompting me to perform the -rc10 upgrade.

According to Flyspray’s admin ‘checks’ tab:

* PHP 7.4.16
* MariaDB 10.4.18
* default_charset: utf8mb4
* default_collation: utf8mb4_unicode_ci
* All tables are ‘InnoDB’

There are no errors logged that I can find, but the upgrade is clearly not working. If I revert to the -rc9 php files, everything continues along as if nothing was done.

Any suggestions?

2637Installer and UpgraderBug ReportHighFailure to upgrade 1.0-rc9 to 1.0-rc10 (postgresql 12.6...Assigned
50%
peterdd1.0-rc11729.04.202105.05.2021 Task Description

I administer a small personal (<1K ticket) 1.0-rc9 instance running on a Fedora 32 host (php 7.4.16, postgresql 12.6) Following the upgrade instructions (ie transfer attachments, avatars, flyspray.conf.php) the setup/upgrade tool loads, and prompts me to upgrade.

Unfortunately, the upgrade fails spectacularly, with a reported SQL error that belies what’s actually wrong. Here’s a snippet from the postgresql logs where the upgrade is failing:

2021-04-28 10:33:07.190 EDT [2032049] ERROR: column “attachment_id” of relation “flyspray_attachments” already exists
2021-04-28 10:33:07.190 EDT [2032049] STATEMENT: ALTER TABLE flyspray_attachments ADD COLUMN attachment_id SERIAL
2021-04-28 10:33:07.194 EDT [2032049] ERROR: current transaction is aborted, commands ignored until end of transaction block
2021-04-28 10:33:07.194 EDT [2032049] STATEMENT: ALTER TABLE flyspray_attachments ADD COLUMN task_id INTEGER
[…and everything else fails because the transaction aborted…]

It appears that the upgrade script is blindly trying to create columns that already exist in the -rc9 database, and postgresql is treating this as a failure. Because the entire upgrade happens within one transaction, this means the entire upgrade fails at the outset and won’t ever succeed.

The way past this specific problem is to make these ALTER TABLE operations conditional (eg “ALTER TABLE flyspray_attachments ADD COLUMN IF NOT EXISTS task_id INTEGER”).

1950User InterfaceTODOMediumSolve confusing Flyspray group settings vs Project grou...Confirmed
50%
1.0907.03.201511.11.2015 Task Description

This is taken from FS#1753:

The second reason being there is no way that I know of to automatically set a project usergroup to new members. I only have 1 project, but it seems the Global groups aren’t working (can still see tasks if “View Tasks” is unchecked) and I don’t know how to fix that.

And what I have to say - it is hard to tell if you are on the Flyspray admin settings area or on the admin settings of a project.

Cheapest way is adding some CSS to distinguish this for the user.

But there is in fact more to do to make it user friendly.

  • TODO: list configurations for project(task types, categories, ..) in Manage Project should also show the system wide list values as hint to avoid duplication.
  • TODO: project user groups overview should show system wide user group infos as info for project managers to avoid unnecessary complicated configuration settings.
  • TODO: visualize related permissions that can overrule eachother like ‘view_task’ overrules ‘view_own_tasks’ to avoid misconfigurations
1978User InterfaceBug ReportLowCompensate degraded usability due added token system an...Confirmed
50%
1.0516.03.201512.10.2015 Task Description

Due to the needed implementation of an anti csrf system into Flyspray 1.0,
this are a side effect issues we need to address:

Due the required replacement of action links to form buttons:

  • The user cannot just see anymore the target url of the action by hovering over the link. We can compensate that in the simpliest case by using the title-tag as additional info to the user. Trust not full reestabilished that way, but better than nothing and user has fear to click a form button.

Javascriptless CSS3-toggles:

  • Some clickable labels don’t show pointer icon when :hover. CSS issue, easy fix.
2039Installer and UpgraderTODOLowReview INSTALL, README, documentation files for release...New
30%
1.023.08.201509.04.2016 Task Description

Check if the install, setup and upgrade instruction are correct:

  • dev/github versions (using composer for dependency resolving)
  • release versions (using composer or complete bundled binary releases containing all dependencies (ADODB, oauth2, ..)
2040Installer and UpgraderInformationMediumFS1.0 Release buildsConfirmed
20%
1.0523.08.201517.04.2019 Task Description
  • Use github releases for the release? peterdd: Yes, currently only source releases without 3rd party vendors.

The Flyspray 1.0alpha1 .zip file release unzips directly to the current directory.

.zip files from github unzip to it’s own directory (flyspray-master.zip unzips to flyspray-master/ ). This is a bit safer, because you cannot accidently mess your directory structure with it.

  • The release should contain the binary fontawesome files instead of linking to the external CDN. Removes one dependency/singlepointoffailure. How this can be configured for automation? included in Flyspray source now. :-)
  • document how a release is exactly created. (consistency, reliability, automation, knowledge sharing for maintainers see below :-) )
  • Get in contact with os distributions, that could add Flyspray releases to their repositories (*BSD, Linux distributions, ..) This repositories could add the dependencies like ADODB within the packages (.rpm, .deb,..)
  • Get in contact with web hosting providers who provide integreated 1-click installs of software for their web hossting customers.
  • Get in contact with container builders (docker, ..)

Steps how to do a Flyspray release (since Flyspray 1.0 RC)

  1. Edit includes/class.flyspray.php on github.com and set the correct version for the release there (remove the ' dev’ from the version string), commit as new branch e.g. 1.0-rc1
  2. Prepare a new release on https://github.com/Flyspray/flyspray/releases , write a summary of changes since last release, choose the branch you created in the previous step, save as “draft”.
  3. “Release” the Flyspray source on github when satisfied with layout
  4. Run buildscripts for different php versions (see comments at FS#2040)
  5. Upload the created .zip and .tgz files to https://github.com/Flyspray/flyspray/releases
  6. Upload the created .zip and .tgz files to https://github.com/Flyspray/flyspray.github.io/tree/master/packed stored since 1.0-rc2 only on https://github.com/Flyspray/flyspray/releases to avoid redundancy
  7. Test the created blobs on different servers too.
  8. Edit the https://github.com/Flyspray/flyspray.github.io/blob/master/_docs/download.md and link the source and packaged .zip and .tgz files
  9. Write a new article with a summary of highlights of changes since last release for the www.flyspray.org frontpage on https://github.com/Flyspray/flyspray.github.io/tree/master/_posts/News
  10. Send an email to the Flyspray mailing list
  11. Important: If all is nice and shiny: Update the version string on www.flyspray.org https://github.com/Flyspray/flyspray.github.io/blob/master/version.txt so admins of flyspray get informed a new Flyspray release is available now. For instance change from 1.0-rc to 1.0-rc1 if you are releasing Flyspray 1.0 RC1. Must be the exact version you set in includes/class.flyspray.php .

Maybe we can use this sequence as template on bugs.flyspray.org for releases? :-)

2044Database QueriesBug ReportHighNeed set_charset for DB connect in config fileConfirmed
10%
1.020204.09.201509.04.2021 Task Description

make a option in configuration file

me need set same $db1→set_charset(’utf8mb4’); for my MySQLi

have a problem with national letters

I see this error after i try enter national letters to the summary input text field for create new task

Query {UPDATE `flyspray_tasks` SET project_id = ?, task_type = ?, item_summary = ?, detailed_desc = ?, item_status = ?,
 mark_private = ?, product_category = ?, closedby_version = ?, operating_system = ?, task_severity = ?, task_priority = ?, 
last_edited_by = ?, last_edited_time = ?, due_date = ?, percent_complete = ?, product_version = ?, estimated_effort = ?
 WHERE task_id = ?} 
with params {1,1,тестовая задача,<p>sdfsdfdsfsd</p> ,2,0,4,0,1,2,4,1,1441344777,0,0,1,0,2} Failed!
(Incorrect string value: '\xD1\x82\xD0\xB5\xD1\x81...' for column 'item_summary' at row 1)
2074User InterfaceBug ReportMediumOpening tasks from tasklistNew
0%
1.0318.10.201518.07.2016 Task Description

Removing table on row click made it impossible to open a task’ details if you do not display the task id and summary on the task list, because now those two cells are the only clickable items to open a task, instead of the entire line being the hyperlink

2075NotificationsBug ReportHighToo spammy notifications under some circumstancesRequires testing
40%
1.019.10.201503.11.2015 Task Description

danoh on github wants to work on patch. Couldn’t find him here..

2078User InterfaceBug ReportMediumlayout of requested close on small displaysConfirmed
50%
1.0126.10.201512.04.2021 Task Description

currently absolute positioning overlapping deny button and not full visible

Possible better solution:

  • cssbased toggle
  • left:50%; width:300px;margin-left:-150px;margin-top:50px;
2089Backend/CoreBug ReportMediumadding same taskid as subtask or related task should be...New
50%
1.0207.11.201518.11.2016 Task Description

Both is a bit illogical, but both is currently possible! ;-)

1 ←- 1

So when setting the parent task id checked for creating loops is needed:

Loop with 2 tasks: 1 ←- 2 ←- 1

Loop with 3 tasks: 1 ←- 2 ←- 3 ←- 1
Loop with n tasks: 1 ←- ... ←- n < – 1

As I think there are currently no recursive reads that could lead to an endless loop, but should be kept in mind when someone wants to programm rendering a gantt chart.
E.g. by limiting the depth of subtasks for example.

2121Backend/CoreBug ReportMedium'my assigned tasks' uses like %?% search instead of use...Confirmed
90%
1.0319.04.201603.02.2018 Task Description

Problem: https://github.com/Flyspray/flyspray/pull/552

The button ‘My assigned tasks’ should search only by userid, not in username or realname with the LIKE ‘%...%’ operator.

Currently the button is using the same as doing an advanced search filling the ‘Assigned To’ input field. (currently ‘dev’ param) But that search param searches in userid, username and realname.

Edit: Implemented simpler solution: if param is digitsonly, then search by userid, otherwise by username and realname if that param exists.

2135Backend/CoreBug ReportHigh"Modify own tasks" does not function correctly when add...Confirmed
50%
1.013107.06.201622.08.2016 Task Description

“Oh, there are some incompatible properties set that must be resolved before moving this task to a different project.”

Oh, but I am not moving the task to a different project. Just trying to edit my own submission.

“Edit this task” → “Save details”

See attached screen capture.

2201APIBug ReportHighI got Fatal Error on the Github OAuthUnconfirmed
0%
1.0107.09.201609.09.2016 Task Description
Fatal error: Class 'League\OAuth2\Client\Provider\Github' not found in /html/bugs/includes/GithubProvider.php on line 11

I have downloaded this:
Precompiled with 3rd party libs for PHP5.6: flyspray-1.0-rc1_php56.tgz
and the file seems really dont exist.

2207Backend/CoreBug ReportHighNonpublic project titles and project description exposi...Confirmed
0%
1.0123.09.201629.09.2016 Task Description

When a anonymous user tries to display a ticket of a non public project (for example by entering a random ticket id), Flyspray exposes the title of the non public project in the header bar.

Edit by peterdd: also applies to project description

2221Installer and UpgraderInformationLowNotices on install with PHP7New
50%
1.0124.10.201617.04.2021
2453Backend/CoreBug ReportMediumvalidate category before storing a new taskNew
0%
1.014.12.201714.12.2017
2491Backend/CoreBug ReportLowgroup member links if project manager but not adminNew
0%
1.001.09.201801.09.2018
2635User InterfaceFeature RequestMediumimprove usability of add/remove tags to/from tasksPlanned
70%
1.013.04.202123.04.2021
2598User InterfaceBug ReportLowuser registration in admin area: "username taken" but t...Assigned
0%
peterdd1.0320.03.202014.04.2021
1040User InterfaceFeature RequestLowClose Multiple Tasks at onceNew
30%
1.1 devel5317.08.200601.10.2015
1134User InterfaceFeature RequestLowadd icon/image for each projectPlanned
0%
1.1 devel7329.11.200609.03.2015
1487AuthenticationFeature RequestLowLDAP(Active Directory) AuthenticationPlanned
40%
1.1 devel101121.05.200804.09.2019
1510NotificationsFeature RequestMediumFunction to test mail configuration Planned
40%
1.1 devel1329.10.200828.10.2015
1671Database QueriesFeature RequestLowAbility to extract CSV, or ExcelPlanned
50%
1.1 devel4318.12.201008.10.2017
1673Backend/CoreBug ReportHighOnly white screen after upgrade to 1.0 - reasonsConfirmed
10%
1.1 devel31412.01.201117.08.2016
1720Backend/CoreFeature RequestLowBetter Access Control Lists and User / Group ManagementPlanned
0%
1.1 devel301.05.201220.03.2015
1736User InterfaceFeature RequestLowBe able to add colors for Task StatusesPlanned
50%
1.1 devel516.05.201215.10.2015
1737JavascriptTODOLowJavascript OverhaulNew
10%
1.1 devel6125.05.201217.04.2021
1751Backend/CoreFeature RequestMediumDefault to show all in Event LogConfirmed
20%
1.1 devel1120.06.201209.02.2016
1753Backend/CoreFeature RequestMediumUsergroup Restriction: Only View SummaryConfirmed
0%
1.1 devel4220.06.201227.06.2016
1812Backend/CoreFeature RequestLowMultiple email addressesPlanned
20%
1.1 devel317.01.201330.12.2015
1836Backend/CoreFeature RequestLowNeed permission option to view only own tasksPlanned
80%
1.1 devel727.02.201322.04.2015
1847User InterfaceFeature RequestLowMake default theme responsivePlanned
20%
1.1 devel314.03.201316.10.2015
1849Backend/CoreFeature RequestHighInstaller OverhaulPlanned
50%
1.1 devel515.03.201315.07.2016
1861Backend/CoreBug ReportMediumLogin-Page should redirect after login to the page, the...Confirmed
30%
1.1 devel4112.04.201309.07.2018
1875Backend/CoreFeature RequestMediumAbility to mark project as completedMaybe
20%
1.1 devel6126.09.201312.10.2015
1919Backend/CoreBug ReportLowAJAX Quick-Edit on category and task pagesPlanned
70%
1.1 devel3109.07.201407.12.2015
1924Backend/CoreBug ReportLowBetter errors messages on email errorNew
0%
1.1 devel11.07.201406.03.2015
1956Backend/CoreTODOLowDatesConfirmed
0%
1.1 devel307.03.201509.03.2015
Showing tasks 201 - 250 of 316 Page 5 of 7

Available keyboard shortcuts

Tasklist

Task Details

Task Editing