Flyspray - The bug killer!

The last build is very old, it is possible to create a new build?
- The last RC: 2 years soon
- The last stable: 9 years soon

GitHub Releases section:
- https://github.com/Flyspray/flyspray/releases

Latest release
v1.0-rc9
136c339

Flyspray 1.0-rc9

@peterdd peterdd released this Apr 22, 2019

Stable: http://www.flyspray.org/docs/download/

Flyspray 0.9.9.7 - 28 May 2012

The register spam by probably bots in 2016 is annoying.

I ticked the setting, that an admin must accept a new registration. It helps to reduce spam task, but now admin must decide if the registrations are ok or just spam bots.

Beside the need of antispam-plugins, the management of users can be improved:

• column sorting of user list, similiar to the tasklist
• filtering user list, similiar to the tasklist
• pagination of user list (25,50,100,200,all?)
• more columns:
  • last login implemented
  • last activity (a resulting task/comment/project change in database)
  • tasks created implemented
  • comments created implemented
  • votes implemented

that may help to decide what status or settings a user should have in future.

• show time zone setting and language setting of users implemented in userlist now

• mass accept/deny of a list of user registrations waiting for admin approval.

We must teach browsers not to use some input fields in the admin prefs area to offer to store it in their password manager.

Steps to reproduce:

1. Login with Firefox as admin into Flyspray. (Maybe other browsers behave same)
2. Go to admin prefs area (top right gear icon)
3. Click link somewhere else (so leaving admin prefs page)
4. Firefox browser pops up password manager as it detected some password input fields on admim prefs setting page. But in this case this is not wanted.

Either by using different input field names where the browser does not assume it is a login password field or find input field attribute to tell them.

auto-complete="off"

is not working anymore in browsers for password fields.

webbrowser: Firefox 85.0.2

Popup probably triggered by the password fields for configuring Email and XMPP notification: smtp_pass and jabber_password input fields. Firefox heuristic is too stupid to detect that these are for server configuration, not user login fields!

Neither

autocomplete="new-password"

nor

autocomplete="one-time-code"

attribute helped.

Stubborn Firefox ..

PHP 8.0 is now released (2020-11-26) and Flyspray should be made compatible with it.

• Replace removed and deprecated functions with alternatives in our source code.
• Upgrade used libraries or make used libraries compatible:
  • post github issue or pull requests for ADODB
  • upgrade used dokuwiki or make changes in our integration (probably just review our as official dokuwiki project contains to much stuff we do not need and changed much)
  • review used geshi
  • upgrade our swiftmailer version to PHP8 compatible version
  • upgrade our oauth2-client stuff to PHP8 compatible version

When we add http/https links there is a problem.

I think, the problem is here for other URI too.

Examples:

1/ With this code without code section :
The code:

blablabla
- https://example.tld
- https://example.tld

We obtain:

The code :
blablabla
- https://example.tld - https://example.tld

2/ Same to with a text in more, with this code without code section :
The code:

blablabla
- example 1 https://example.tld/
- example 2 https://example.tld/

We obtain:

The code :
blablabla
- example 1 https://example.tld/ - example 2 https://example.tld/

Sometimes comes this message with a lot of backtrace log.
If you are reporting a bug please provide as much information as possible to help understand and reproduce the problem:

Did you installed an official release or did you used an inoffical docker?!
Official download flyspray-1.0-rc9

mysqlnd 5.0.12-dev
Linux 64bit
PHP Version 7.2.25

Steps done to create the problem:
Wait some weeke and edit a ID.

Experienced behavior:

[18-Dec-2019 13:19:41 Europe/Berlin] PHP Notice:  session_start(): ps_files_cleanup_dir: opendir(/tmp/.priv) failed: Permission denied (13) in /var/foo/htdocs/flyspray/includes/class.flyspray.php on line 1006
[18-Dec-2019 13:19:41 Europe/Berlin] PHP Warning:  session_start(): Cannot send session cache limiter - headers already sent (output started at/var/foo/htdocs/flyspray/includes/class.flyspray.php:1006) in /var/foo/htdocs/flyspray/includes/class.flyspray.php on line 1006
[18-Dec-2019 12:19:41 UTC] PHP Warning:  Cannot modify header information - headers already sent by (output started at /var/foo/htdocs/flyspray/includes/class.flyspray.php:1006) in /var/foo/htdocs/flyspray/index.php on line 96
[18-Dec-2019 12:19:41 UTC] PHP Warning:  Cannot modify header information - headers already sent by (output started at /var/foo/htdocs/flyspray/includes/class.flyspray.php:1006) in /var/foo/htdocs/flyspray/index.php on line 97
[18-Dec-2019 12:19:41 UTC] PHP Warning:  Cannot modify header information - headers already sent by (output started at /var/foo/htdocs/flyspray/includes/class.flyspray.php:1006) in /var/foo/htdocs/flyspray/includes/class.csp.php on line 76
[18-Dec-2019 12:19:41 UTC] PHP Warning:  Cannot modify header information - headers already sent by (output started at /var/foo/htdocs/flyspray/includes/class.flyspray.php:1006) in /var/foo/htdocs/flyspray/includes/class.csp.php on line 80
[18-Dec-2019 12:19:41 UTC] PHP Warning:  Cannot modify header information - headers already sent by (output started at /var/foo/htdocs/flyspray/includes/class.flyspray.php:1006) in /var/foo/htdocs/flyspray/includes/class.csp.php on line 82

An incorrect email configuration may cause flyspray to hung during several seconds and report an exception.

Environment

* Linux Debian 10
* Nginx
* PHP-7.3 FPM
* Mariadb 10.3
* Flyspray 1.0-rc9

Steps done to create the problem:

1. Cause a misconfiguration in the email configuration (e.g. an email server rejecting the user authentication)
2. Try to post a comment on a ticket to generate a notification

Expected behavior:

Report the error in a logfile and gently show a user-friendly notification

Experienced behavior:

Flyspray hungs during several seconds and reports a user-unfriendly error:
The exception occurs in conditions that generate email notifications (e.g. posting a comment on a ticket):

Notice: fwrite(): send of 6 bytes failed with errno=104 Connection reset by peer in /var/www/flyspray/vendor/swiftmailer/swiftmailer/lib/classes/Swift/Transport/StreamBuffer.php on line 240 Completely unexpected exception: Expected response code 250 but got code "421", with message "XXX edited XXX"
This should never happend, please inform Flyspray Developers

Reopening a task triggers a PHP notice with PHP7.4 under some circumstances.
Reopening a task triggers a PHP warning with PHP8.0 under some circumstances.

Reproduce:

1. Create task
2. Close task directly without setting a completion percentage
3. Reopen the task

Notice: Trying to access array offset on value of type bool in /***/includes/modify.inc.php on line 684
Notice: Trying to access array offset on value of type bool in /***/includes/modify.inc.php on line 686
Notice: Trying to access array offset on value of type bool in /***/includes/modify.inc.php on line 686

From: https://groups.google.com/forum/?hl=en#!topic/flyspray/ItWHIOcu8wk

19-04-09 // More one year ago.

On the Flyspray homepage, no informations about https://github.com/flyspray/flyspray…

A lot of people think that the project is dead.

In the same time, can you change the https://github.com/Flyspray to https://github.com/flyspray ?

No lost, you can try it already works but it is not the default.

https://github.com/organizations/Flyspray/settings/profile → “Rename organization” and replace Flyspray → flyspray.

My version of PHP still shows deprecation warnings with flyspray.

Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /var/www/flyspray.itiab.co.nz/htdocs/adodb/drivers/adodb-mysql.inc.php on line 353

Have all mysql.connect instances been removed? The connect will be removed from PHP soon and will cause problems.

The “Preview” button is not at the good place.

The “Preview” must to be near “Add this task” with same background button color.

Thanks in advance.

From: https://groups.google.com/forum/?hl=en#!topic/flyspray/rAnks5y_uLk

19-04-09 // More one year ago.

There are not http → https redirections.

Only one example:
- http://www.flyspray.org/docs/download/ is not redirected to https://www.flyspray.org/docs/download/

Note: It is better to have the main website in https://flyspray.org/.

http://www.flyspray.org/ + https://www.flyspray.org/ + http://www.flyspray.org/ must be redirected to https://flyspray.org/

From: https://groups.google.com/forum/?hl=en#!topic/flyspray/jC5BBQ1XiQo

19-04-09 // More one year ago.

On https://www.flyspray.org/ On https://www.flyspray.org/devel/team/

Replace :
- https://www.psi-im.org/ → https://psi-im.org/

→ Remove the WWW.

If you are reporting a bug please provide as much information as possible to help understand and reproduce the problem:

Did you installed an official release or did you used an inoffical docker?!

database type and version, php version and OS version/linux distribution flavour, global or project settings you used that could be relevant for reproducing the problem

Steps done to create the problem: Deleate a Task

Expected behavior: Send a email

Experienced behavior:
Completely unexpected exception: Connection could not be established with host smtp.gmail.com [Connection timed out #110]
This should never happend, please inform Flyspray Developers

My School has blocked me from signing up for the Mailing list, how do I sign up or can you add me?

It would be nice to have a description field to put a brief note about the work done for a given effort item. This would help when using effort tracking for the purpose of making invoices to a client.

It would be terrific to have a small pop-up window that appears when you click to start tracking of an item. In the window could be:

• the task name
• a timer
• a button to close the timer pop-up and jump to the effort tracking screen, or even to stop the effort timer in FlySpray if possible.

This would help tremendously to remind a developer that he has one or more timers going in FlySpray.

If multiple timers are started, there could be multiple timer windows, each identified by the task name showing as part of the window (title bar or some text near the timer).

Hi,
it could be fine that we could restricted some projects to some users; for example, user #1 could access (and see) project#1, project#3; user#2 could access project#1, project#2, project#4 …

thanks if you can take care of this sincerly,
Domi
Belgium/Europe

If you have a tasklist with tasks that have multiple assignees in a task and you search just by one of the assignees, the resulting tasklist shows only this user in the assignees column.

Expected: all assignees of the tasks are shown.

I tried to register a user test3, and in my flyspray Installation the adminstratior disabled the notifications.
So I could only select “None” as text next to “Notifications”. After I pressed the button “Send Code!”, I received the email with the confirmation code. I clicked on the link in the email, and on the appearing website I entered the confirmation code and password and pressed the button “Register this account”.

Then I got the next e-mail message.
This message begins with:

“You have registered at Flyspray. Your details are as follows:”

This e-mail ends with the sentences:

“You are receiving this message because you have requested it from the Flyspray bugtracking system. If you did not expect this message or don’t want to receive mails in future, you can change your notification settings at the URL shown above.”

But this is not true. I have not requested this email. I as user test3 cannot change the notification settings because the notifications are disabled by the administrator.

When I try to register at flyspray and add a space before the email address, registering does not work, I get the error message: “You did not enter a valid email address”. But my email progam ignores the space when I do the same there.

When a tasklist contains the duedate column and the user sorts by duedate ascending, the tasks that do not have a duedate set should not be listed first. Instead they should be listed after the tasks with duedates.

This way a user can see the task with the earliest duedate first instead of seeing a bunch of probably not so important tasks without duedates set.

Bugs

Missing features

For Flyspray installations with many users (several thousands) a pagination of the user list in the admin area is required.

2000 users no problem to display (aside the PHP max_input_vars limit which is only 1000 by default, so maybe not all checked checkboxes are handled.)

More users might send your mysql to long running blocking queries creating temp tables … bad!

(I killed them by watching show processlist; and kill id; on mysql console.)

Official release

Steps done to create the problem:
Insert correct (tested with gmail) data into the notification tab and click on “Test”

SSL and TLS are checked.

Expected behavior:
Send test email and confirm it.

Experienced behavior:
Following error message

Error message:
Warning: stream_socket_enable_crypto(): Peer certificate CN=`*.netcup.net’ did not match expected CN=`mail*.netcup.net’ in /var/www/vhosts/.netcup.net/httpdocs/**/flyspray/vendor/swiftmailer/swiftmailer/lib/classes/Swift/Transport/StreamBuffer.php on line 103 Completely unexpected exception: Unable to connect with TLS encryption
This should never happend, please inform Flyspray Developers