Flyspray - The bug killer!

This is the Bug Tracking System for the Flyspray project. This is not a demo!

2019-04-22: Flyspray 1.0-rc9 released See https://github.com/Flyspray/flyspray/releases

ID Category Task Type Severity Summary Status Progress Assigned To Due In Version   desc Opened Last Edited
2105Backend/CoreFeature RequestMediumcountermeasures for 'add task anonymous' spamNew
0%
127.02.201627.02.2016 Task Description

Today I got first SPAM on bugtracker.

Question: Is it possible to enable CAPTCHA for anonymus task add?

Question 2: Is it possible to delete SPAM tasks.

2107AuthenticationFeature RequestLowSupport CAS Server AuthenticateUnconfirmed
0%
202.03.201604.09.2019 Task Description

Please support Central Authentication Service, thank you.

2112APIBug ReportMediumAssigned tickets aren't editable for lower privileged u...Unconfirmed
0%
231.03.201611.04.2016 Task Description

An assigned ticket can't be edited by a lower privileged user.

Steps to reproduce:

  • One Project, Two Users. User A is Admin, User B is Basic
  • A creates a Task.
  • A take ownership of the Task. (it’s important to do this AFTER saving the task. You cannot assign User A if you are A in this moment. Maybe another Bug...!?)
  • Now B is allowed to take ownershop too. B click now “Add me to assignees”.
  • Now B can edit the task.
  • If B click “save”, the task can’t be saved, because some fields haven’t the correct values (esp: state is now “unconfirmed”). Many error messages said, that unexpected values exist

Some weird moments:

  • Why can B edit a task? He have no rights to edit tasks...
  • If B are Basic and have “edit own Task”-Right too, this bug also exist.
2114TranslationsTODOMediumStandardize the priority meaning across flyspray transl...New
0%
207.04.201626.03.2018 Task Description

Standardize the priority meaning across flyspray translations.

Idea:

0 - priority unset (database field default value)

1 - defer (or very low priority, often results the task is defered, see “Eisenhower principle”)
2 - low
3 - normal
4 - high
5 - very high

6 - flash (house burns, catastrophic event, website down, “boss” decision)

Some other software (other task planers/ email programs) use a 1-5 step priority. So an export feature to other software may merge priority 6 to priority 5 for such software.

In 2012 meaning was changed only in english translation.

Before normal was priority 2 in a 1-6 range, after it is priority 4 in a 1-6 range.
It should be IMHO 3 in that 1-6 range.

2116EmailBug ReportMediumError with email notificationUnconfirmed
0%
1908.04.201615.04.2016 Task Description

I have a major problem. At the first I thought that problem is on my server - Windows OS, IIS. But now when I have second bug tracker site on Apache server and error is the same I know that this is not server error but bug tracker error.

How can I help that we resolve this problem?

If e-mail need’s to be sent I got blank white page and nothing happens.

In attachment is my bug tracker with installer (setup) folder. If this somehow helps it?

Version which is used is 1.0 (latest on web) (edit by peterdd: was a mix of older Flyspray versions). The problem is that nothing works because e-mails are not working..

2119Backend/CoreBug ReportMediumfunction filter_input not always availableResearching
0%
15.04.201615.04.2016 Task Description

filter_input() is in extension “Filter”.

It is enabled by default since PHP5.2, see http://php.net/manual/en/migration52.new-extensions.php but not “always”, see https://groups.google.com/forum/?hl=de#!topic/flyspray/QM75BvwPqGM

filter_input() is only used at 1 section in Flyspray (since 2014 up to v1.0rc1) in includes/fix.inc.php
This is the commit https://github.com/Flyspray/flyspray/commit/40861911260812c99682fe3456350cb63bb243a9

How do we solve it? Several possibilities:

2124User InterfaceFeature RequestVery LowDefault avatar can't be restoredConfirmed
0%
227.04.201629.04.2016 Task Description

I unchecked the avatar allowed in the admin panel. I checked it back and set size to 50.
I have to upload an Avatar picture to restore it, but the previous avatar looked like to be html avatar.

Is there a way to restore the html one ?

note: ‘default avatar’ is currently just that guy from the fontawesome webfonts:

<i class="fa fa-user"></i>
2126User InterfaceFeature RequestLowdynamic meta description (was: Change page title)Confirmed
0%
1.1 devel217.05.201617.05.2016 Task Description

Hello,

When i put a link in Discord for example, it detects “Flyspray, a Bug Tracking System written in PHP.” as title. How to change it ?

Edit by peterdd: adapted task title/summary to the root of the problem.

2127User InterfaceFeature RequestLowoverhaul task detail page layoutNew
0%
120.05.201625.05.2016 Task Description

There was a question on the mailing list:

I have a suggestion, even though I don´t know if it´s possible to do it. But if it is, it would be great!
In the comments list of a given task, is it possible that the comments appear from the newest one to the oldest ones, and not as it is now, with the new ones coming at the end of the list? This is because I deal with long comments list for a given task, and it is becoming difficult to reach the last one, that is, the newest comment, because the order in the comments is on the top, the older ones. If this could be altered it would be great. Kind regards
Ana ...

Quick anwsers:

  1. Users can use ‘End’-key and ‘Pos1’-key on their keyboard to scroll to bottom and top of page. (lame anwser I know)
  2. Another quick anwser is to just reverse the comments array in the appropriate template themes/CleanFS/templates/details.tabs.comments.tpl :

Replace

<?php foreach($comments as $comment): ?>

with

<?php
$comments_latestfirst=array_reverse($comments);
foreach($comments_latestfirst as $comment): ?>

But the real problem I think is that the details page (and others too..) is not optimized for todays wide screens (landscape views). Laptops have FullHD or higher but the Flyspray users still have to scroll to get an overview of a task.

And for narrows views too (mobile phones, tablet portrait view)

The attached screenshot shows moving the task details tabs beside their task description if the display width is over 1200 css pixel. (and the reversed comments too ;-) ). Done with pure css media query:

E.g. add to a custom stylesheet file custom_detailswidescreen.css in folder themes/CleanFS/ :

@media only screen and (min-width: 1200px) and (orientation: landscape) {
.details .tab.active{
        display:inline-block;
}
 
.details .tab{
width:44%;
padding-left:0px;
/*margin-top:60px;*/
box-sizing:border-box;
}
 
.details .commenttext pre {
overflow:auto;
}
.details .comment_container .comment {
width:auto;
margin-left:30px;
display:block;
}
.details .comment_avatar {
position:absolute;
}
.details #comments .fa.fa-user{
font-size:30px !important;
}
 
#submenu li a{margin-left:0;}
 
.details #submenu{
display:inline-block;
position:absolute;
padding:1em 0 0;
margin-top:26px;
}
 
.details #content{
display:inline-block;
box-sizing:border-box;
vertical-align:top;
width:55%;
}
 
/* just a temporary fix: should be redone in theme.css with class instead ids*/
#comments, #related, #notify, #remind, #effort, #history {margin-top:72px;}
 
}

(Has still some problems with current 1.0-rc1 when the project selector wraps. Also tab labels wrap if not enough width available and tab content do not adapt.)

What do you think? How should the details page look on different display sizes? How can it improve the workflow of the user?

2136User InterfaceBug ReportMediumAfter updating user properties as admin - return to wro...Confirmed
0%
308.06.201623.07.2016 Task Description

Logged in as admin, modify a users group membership. After clicking update, you are returned to your logged-in profile (admin in this case). It should re-display the user’s profile you are editing.

The ‘back’ button will return to updated page.

2137Backend/CoreBug ReportLowfeature accesskey bad implemented by web browsersNew
0%
15.06.201615.06.2016 Task Description

My tests showed that the html accesskey feature is not well and consistent supported by current web browsers and is quite cumbersome to use.
And it seems it will not be better in future..

The only solution I see dropping that feature or replacing them with simple single-key-event javascript listeners, like it is currently done with keys o, j, k, n, and p.

accesskeys in Flyspray I talk about:

  • l (current SHIFT+ALT+l Firefox) login dialog / logout
  • a (current SHIFT+ALT+a Firefox) add new task
  • m (current SHIFT+ALT+m Firefox) my searches
  • t (current SHIFT+ALT+t Firefox) focus taskid search
  • e (current SHIFT+ALT+e + Enter Firefox) edit task
  • x or y? (current SHIFT+ALT+y Firefox) close task
  • s (current SHIFT+ALT+s Firefox) save task

Also related to Keyboard navigation: tabindex

2138User InterfaceFeature RequestVery LowOverhaul dokuwiki editor buttonbarNew
0%
17.06.201617.06.2016 Task Description

Rethink the current sets of buttons and their functionality.

Maybe a mousover hint/cheatsheet of available dokuwiki syntax is more helpful in writing fast and efficient.

  • buttongroup links http,email,ftp
  • buttongroup code, code php: why a single button for php? maybe a cheatsheet or subselect for choosing a language (read directory plugins/dokuwiki/inc/geshi for that). Or even better: Let the project administrator define what source code languages are used/popular in a software project and dependend of that setting prefer/promote that languages
  • I miss a blockquote- or cite-tag for citation, which is more semantic than bold, italic, underline buttons. Update: It is the > character followed by text!
  • Show a cheatsheet (by mouseover?) of dokuwiki smileys as defined at plugins/dokuwiki/conf , update to current config of dokuwiki, facepalm for instance is missing
8-) 8-O 8-o :-( :-) =) :-/ :-\ :-? :-D :-P :-o :-O :-x :-X :-| ;-) ^_^ :?: :!: LOL FIXME DELETEME

8-) icon_cool.gif 8-O icon_eek.gif 8-o icon_eek.gif :-( icon_sad.gif :-) icon_smile.gif =) icon_smile2.gif :-/ icon_doubt.gif :-\ icon_doubt2.gif :-? icon_confused.gif :-D icon_biggrin.gif :-P icon_razz.gif :-o icon_surprised.gif :-O icon_surprised.gif :-x icon_silenced.gif :-X icon_silenced.gif :-| icon_neutral.gif ;-) icon_wink.gif ^_^ icon_fun.gif (not working as first character on a line, bug?) :?: icon_question.gif :!: icon_exclaim.gif LOL icon_lol.gif FIXME fixme.gif DELETEME delete.gif

2139User InterfaceFeature RequestVery LowAdd project setting of popular used programming languag...New
0%
1.1 devel17.06.201617.06.2016 Task Description

This is at the moment just a bit brainstorming ..:

Let the project administrator define what source code languages are used/popular in a software project and dependend of that setting prefer/promote that languages at the dokuwiki editor buttonbar.

This requires probably an additional database field in the flyspay_projects table (if just used for dokuwiki that should be ok)

If thinking further like Filter me all software projects that may ontain CSS code on the projects overview, a m:n-table setup is thinkable. But thats maybe overengineering..
Or can we use the existing tag-feature for that and just ‘tag’ projects with tags?

2142Backend/CoreBug ReportLowPost-authenticate redirect does not make use of baseurl...Unconfirmed
0%
28.06.201601.08.2016 Task Description

I run flyspray behind a reverse proxy with the front end url being https and with the actual back end server not being on a standard port and not using https.

Setting force_baseurl seems to sort most areas with flyspray’s url generation using that instead of picking up from $_SERVER, however post-authentication redirection does not do that it just processes redirect_to as is (which in my case means it picks up the protocol, name and port for the back end server rather than what’s set in force_baseurl).

./themes/CleanFS/templates/loginbox.tpl puts out $_SERVER[’REQUEST_URI‘] into a hidden redirect_to input field - on my setup on the front page that’s e.g. “/” or for a ticket url it would be “/index.php?do=details&task_id=999” so no protocol or hostname.

scripts/authenticate.php picks up that redirect_to value and just passes it to Flyspray::Redirect, which in turn calls FlySpray::absoluteURI on what it’s passed, and FlySpray::absoluteURI doesn’t use $baseurl to qualify the url.

Not sure what the best fix is - my suggestion would be that Redirect detects urls that aren’t fully qualified and adds the $baseurl on to the front of them, rather than calling absoluteURI (absoluteURI is used to set $baseurl if force_baseurl is unset, so that’s not appropriate to modify). Alternatively scripts/authenticate.php could check redirect_to and add $baseurl if needed.

2159Backend/CoreTODOHighfresh registered user accounts created spam tasksNew
0%
204.07.201625.10.2016 Task Description

Today it was first time I see real spam on bugs.flyspray.org

The 2 spam accounts registered today and started creating spam posts as new tasks.

What is the reason? Was it by real humans or bots?

So what can we do to reduce this in future?

Ideas for making it harder and unattractive for spammers:

  • Users who never opened a nonspam-task or contributed a useful comment should solve a captcha
  • Limit the amount of creating tasks for new registered users or a user groups, like limiting to 2 tasks or 1 task per user per day.
  • Settings for a more moderated task creation process? Like a quarantine dbtable for tasks?
  • If we closed such spam tasks with WTF? reason, it will still be listed by search engines like google at the moment:
  1. Move spam tasks to a ‘dumpster project’, that is not visible for guests (search engines!) too.
  2. Or make spamming to visible flyspray projects unattractive, lets set noindex for: closed task for some special reason id?
  3. Delete spam tasks from database if allowed by your organization

Update: another and this time more aggressive phone number spammer.

2160Backend/CoreBug ReportLowCannot "accept" PM close request if already closedUnconfirmed
0%
14.07.201614.07.2016 Task Description

If a task creator requested closure, and someone (developer) closes the task explicitly, the PM request cannot be later ‘accepted’ and the PM request remains in the queue.

Workaround - Deny request and queue item is removed OK.

It looks like the PM request button invoked details.close which returns early if task is already closed.

2188Backend/CoreBug ReportVery LowIt should not possible to relate a task to itselfNew
0%
01.08.201601.08.2016 Task Description

Flyspray should show a warning, and maybe set the focus back to the field (only when it is a this-one-field-only-form.)

2190Backend/CoreFeature RequestLowenable move of a closed clask to other project without ...Researching
0%
06.08.201606.08.2016 Task Description

Problem: By replacing just the project_id of the closed task it is possible the task then has invalid field values within the target project.

Possible scenarios:

  1. Ignore invalid values within the target project
    • Pro: Easy to do, an immidiatly revert back to the old project would “heal” the task properties.
    • Contra: may effect accuracy and reliability of other parts like searching, listing, statistic calculations
  2. Silent change task field values to valid field values of the target project if necessary
    • Pro: relative easy to do
    • Contra: a bit loss of information, little side effects
  3. allow user to modify the fields that must be changed so that every field of the task has valid values within the target project
    • Pro: accuracy
    • Contra: a bit loss of information(fallback to default values) if there are no similiar field values selectable within the project
  4. allow user to modify the fields, fields or field select values that do not exists in target project will be automatically created.
    • Pro: accuracy
    • Contra: target project may be cluttered with too many fields/field values
  5. ???
2193User InterfaceFeature RequestLowEdit a comment while seeing task details and other comm...New
0%
07.08.201608.08.2016 Task Description

If someone with ‘edit comment’-permission wants to edit a comment, the edit comment form is shown on an extra page.

This is not optimal, because the editor cannot see task details or the other comments while modifying the comment.

Possible Solutions

  • with javascript is enabled: Stay on the ‘task detail’-page, just the comment changes from a ‘view’ layout to ‘edit’ layout, similiar to the quickedit-feature (like in FS1.0).
  • when javascript is disabled: The ‘edit comment’-page shows task details (check permissions) and other comments too, but maybe a bit narrow, so ‘visible focus’ is on editing the comment.
2197Backend/CoreBug ReportHighChange Time for everyoneUnconfirmed
0%
121.08.201622.08.2016 Task Description

Flyspray does not recover the time set in php.ini. On display, the system has two hour delay.

2200User InterfaceBug ReportMediumIncomplete list of timezones available in the user pref...Unconfirmed
0%
26.08.201626.08.2016 Task Description

The user preferences and the add new user screens both allow you to set the timezone offset of the user, however, we are only provided with whole hour offsets from GMT. This makes it impossible to select our timezone here in India, which is GMT+5:30 - IST(Indian Standard Time - Asia/Kolkata as per TZ Zoneinfo). In addition, there are also timezones in the GMT+x:45, which wouild also require to be handled. Note, this is totally independent of DST Changes, since some of the countries use DST(Like in Australia) and others do not(Like India).

Here is a link with more details of the same - http://www.timeanddate.com/time/time-zones-interesting.html

I will be trying to identify and fix the codebase to resolve this, and will hopefully have a patch to submit soon.

Regards
R. K. Rajeev

2201APIBug ReportHighI got Fatal Error on the Github OAuthUnconfirmed
0%
1.0107.09.201609.09.2016 Task Description
Fatal error: Class 'League\OAuth2\Client\Provider\Github' not found in /html/bugs/includes/GithubProvider.php on line 11

I have downloaded this:
Precompiled with 3rd party libs for PHP5.6: flyspray-1.0-rc1_php56.tgz
and the file seems really dont exist.

2202Installer and UpgraderBug ReportHighUnable to upgradeUnconfirmed
0%
310.09.201611.10.2016 Task Description

I tried to upgrade from 0.9.9.7 to 1-0-rc1 but I end in an infinite redirection loop

I tried to use the github version, to change the domain name (hosted in dreamhost), to use/not-use the .htaccess, upgraded the version of php from 5.5 to 5.6, to change all the settings in the flyspray.conf.php file, but still having the error after to perform the Upgrade task and removing the setup dir

Used the prepacked dependencies since i cannot install them in this server

Thanks
Thanatermesis

2203Backend/CoreInformationLowlanguage files are in folder lang. But i can't change l...Unconfirmed
0%
121.09.201621.09.2016 Task Description

In Admins Toolbox (Project preferences) i choose language de. The file exists in folder lang. But only english is shown. the same for french and so on. No really changes.

2207Backend/CoreBug ReportHighNonpublic project titles and project description exposi...Confirmed
0%
1.0123.09.201629.09.2016 Task Description

When a anonymous user tries to display a ticket of a non public project (for example by entering a random ticket id), Flyspray exposes the title of the non public project in the header bar.

Edit by peterdd: also applies to project description

2214Backend/CoreInformationLowChanging status of task automaticallyUnconfirmed
0%
417.10.201606.11.2016
2215Text RenderingBug ReportLowwrong output of Geshi syntax highlighting for xml codeNew
0%
117.10.201631.12.2017
2220Backend/CoreInformationLowOne status with different color in tasklistUnconfirmed
0%
524.10.201603.11.2016
2222GreekInformationVery LowGreek translation issuesUnconfirmed
0%
324.10.201624.10.2016
2304Database QueriesBug ReportMediumGreek letters crash tagsConfirmed
0%
126.10.201626.10.2016
2309User InterfaceBug ReportLowPHP noticed displayed on default "All Projects" page.Unconfirmed
0%
302.11.201626.11.2016
2315Backend/CoreBug ReportLowFiling a new task is possible with no details in the ma...Unconfirmed
0%
21.11.201621.11.2016
2319Installer and UpgraderBug ReportHighUpdate failed with "invalid byte sequence for encoding ...Unconfirmed
0%
223.11.201609.12.2016
2323User InterfaceFeature RequestMediumshow category tree in task listUnconfirmed
0%
113.12.201614.12.2016
2324Backend/CoreInformationLowUpdate composer.jsonUnconfirmed
0%
31.12.201631.12.2016
2325User InterfaceFeature RequestLowbig image attachments: fit to browser window width in L...New
0%
310.01.201711.01.2017
2327Backend/CoreFeature RequestLowvisibility-option for private tasksUnconfirmed
0%
315.01.201717.01.2017
2328Backend/CoreFeature RequestMediumAdd [key] support for each project instead of FS#Unconfirmed
0%
1120.01.201710.02.2017
2332Backend/CoreBug ReportMediumCSV export filename filteringNew
0%
224.01.201724.01.2017
2333Backend/CoreInformationLowSet Default View on Login?Unconfirmed
0%
326.01.201727.01.2017
2335Backend/CoreInformationLowPDF Attachment does NOT View/Open in New Window/TabUnconfirmed
0%
127.01.201727.01.2017
2336Backend/CoreBug ReportHighCaptcha validation always fail on registrationUnconfirmed
0%
1301.02.201721.07.2018
2337DocumentationInformationLowFlyspray ThemesNew
0%
402.02.201716.02.2017
2339EmailInformationLowEmailing issuesUnconfirmed
0%
110.02.201710.02.2017
2343EmailBug ReportMediumNotification mailUnconfirmed
0%
214.02.201715.02.2017
2345Text RenderingBug ReportLow<hr> should be in allowed tagsUnconfirmed
0%
220.02.201723.02.2017
2346Backend/CoreFeature RequestLowCustom css inheritanceUnconfirmed
0%
220.02.201723.02.2017
2427Backend/CoreFeature RequestLowallow hotlinking (direct links) to uploaded filesUnconfirmed
0%
207.03.201709.03.2017
2429Backend/CoreInformationLowMy tasks URLUnconfirmed
0%
109.03.201720.03.2017
2430Backend/CoreFeature RequestLowUser dependency on projectUnconfirmed
0%
216.03.201720.03.2017
Showing tasks 201 - 250 of 301 Page 5 of 7<<First - 3 - 4 - 5 - 6 - 7 -

Available keyboard shortcuts

Tasklist

Task Details

Task Editing