Flyspray

This is the Bug Tracking System for the Flyspray project. This is not a demo!

2021-04-23: Flyspray 1.0-rc10 released See https://github.com/Flyspray/flyspray/releases

If you are upgrading from older version, please wait for 1.0-rc11.

2021-11-23: New user registration and password forgotten currently not working on bugs.flyspray.org due email server problems. peterdd

ID Category Task Type Severity Summary Status Progress Assigned To  desc Due In Version Opened Last Edited
2598User InterfaceBug ReportLowuser registration in admin area: "username taken" but t...Assigned
0%
peterdd1.0320.03.202014.04.2021 Task Description

Trying to add a new user having the same email address as an another user in the do=admin&area=newuser section results in

“That username is already taken. You will need to choose another one.”

instead of

“Email address has already been taken”

(I’ve stumbled on this issue because I have an older disabled user with the same email address)

2639JavascriptBug ReportMediumUnable to "deny" a pending requestResearching
0%
peterdd712.05.202113.06.2021 Task Description

My project has 37 pending requests. Each has a set of Accept / Deny buttons next to it.

If I click on Deny, a textbox pops up for me to enter “Reason for denial” but the entire page immediately regreshes/reloads back to the task list before I have a chance to enter the reason and submit it.

I can always “Accept” the request implicitly by going to the appropriate task and closing/re-opening it, but there’s no way to “deny” something without going through this UI path.

2063Backend/CoreFeature RequestVery Lowshow closed/open usage count on do=pm&area=XXXNew
10%
peterdd129.09.201525.03.2021 Task Description

Currently on

  • do=pm&area=cat
  • do=pm&area=version
  • do=pm&area=os
  • do=pm&area=resolution
  • do=pm&area=status
  • do=pm&area=tags
  • do=pm&area=tasktype

a count of usage in tasks is shown for every property.

Interesting would be if the counter shows the count for open/closed tasks on each row.

2620Backend/CoreTODOMediumPHP8 compatibilityNew
50%
peterdd226.11.202017.08.2021 Task Description

PHP 8.0 is now released (2020-11-26) and Flyspray should be made compatible with it.

  • Replace removed and deprecated functions with alternatives in our source code.
  • Upgrade used libraries or make used libraries compatible:
    • post github issue or pull requests for ADODB
    • upgrade used dokuwiki or make changes in our integration (probably just review our as official dokuwiki project contains too much stuff we do not need and changed much)
    • review used geshi
    • upgrade our swiftmailer version to PHP8 compatible version
    • upgrade our oauth2-client stuff to PHP8 compatible version
  • The @ operator no longer silences fatal errors. Some checks in installer or other areas might not work anymore as expected when the @-operator was used as silencer for previous PHP versions.
2637Installer and UpgraderBug ReportHighFailure to upgrade 1.0-rc9 to 1.0-rc10 (postgresql 12.6...Assigned
50%
peterdd1.0-rc11729.04.202105.05.2021 Task Description

I administer a small personal (<1K ticket) 1.0-rc9 instance running on a Fedora 32 host (php 7.4.16, postgresql 12.6) Following the upgrade instructions (ie transfer attachments, avatars, flyspray.conf.php) the setup/upgrade tool loads, and prompts me to upgrade.

Unfortunately, the upgrade fails spectacularly, with a reported SQL error that belies what’s actually wrong. Here’s a snippet from the postgresql logs where the upgrade is failing:

2021-04-28 10:33:07.190 EDT [2032049] ERROR: column “attachment_id” of relation “flyspray_attachments” already exists
2021-04-28 10:33:07.190 EDT [2032049] STATEMENT: ALTER TABLE flyspray_attachments ADD COLUMN attachment_id SERIAL
2021-04-28 10:33:07.194 EDT [2032049] ERROR: current transaction is aborted, commands ignored until end of transaction block
2021-04-28 10:33:07.194 EDT [2032049] STATEMENT: ALTER TABLE flyspray_attachments ADD COLUMN task_id INTEGER
[…and everything else fails because the transaction aborted…]

It appears that the upgrade script is blindly trying to create columns that already exist in the -rc9 database, and postgresql is treating this as a failure. Because the entire upgrade happens within one transaction, this means the entire upgrade fails at the outset and won’t ever succeed.

The way past this specific problem is to make these ALTER TABLE operations conditional (eg “ALTER TABLE flyspray_attachments ADD COLUMN IF NOT EXISTS task_id INTEGER”).

2636Installer and UpgraderBug ReportHighFailure to upgrade 1.0-rc9 to 1.0-rc10 (mariadb 10.4.18...Assigned
50%
peterdd1.0-rc11729.04.202123.07.2021 Task Description

I administer a moderate-sized (~14K ticket) 1.0-rc9 instance running on a Fedora 32 host (php 7.4.16, mariadb 10.4.18) Following the upgrade instructions (ie transfer attachments, avatars, flyspray.conf.php) the setup/upgrade tool loads, and prompts me to upgrade.

It churns a while before refreshing the screen, claiming a successful 1.0-rc10 upgrade. However, the upgrade seems to not actually “stick”, because clicking on the “return” button I’m dropped back into the upgrader, which is once again claiming I’m running 1.0-rc9 and prompting me to perform the -rc10 upgrade.

According to Flyspray’s admin ‘checks’ tab:

* PHP 7.4.16
* MariaDB 10.4.18
* default_charset: utf8mb4
* default_collation: utf8mb4_unicode_ci
* All tables are ‘InnoDB’

There are no errors logged that I can find, but the upgrade is clearly not working. If I revert to the -rc9 php files, everything continues along as if nothing was done.

Any suggestions?

2625User InterfaceTODOLowavoid password manager popups in admin prefs areaNew
0%
peterdd110.02.202110.02.2021 Task Description

We must teach browsers not to use some input fields in the admin prefs area to offer to store it in their password manager.

Steps to reproduce:

  1. Login with Firefox as admin into Flyspray. (Maybe other browsers behave same)
  2. Go to admin prefs area (top right gear icon)
  3. Click link somewhere else (so leaving admin prefs page)
  4. Firefox browser pops up password manager as it detected some password input fields on admim prefs setting page. But in this case this is not wanted.

Either by using different input field names where the browser does not assume it is a login password field or find input field attribute to tell them.

auto-complete="off"

is not working anymore in browsers for password fields.

webbrowser: Firefox 85.0.2

Popup probably triggered by the password fields for configuring Email and XMPP notification: smtp_pass and jabber_password input fields. Firefox heuristic is too stupid to detect that these are for server configuration, not user login fields!

Neither

autocomplete="new-password"

nor

autocomplete="one-time-code"

attribute helped.

Stubborn Firefox ..

2573Backend/CoreTODOLowadd rel nofollow,ugc,.. settingsNew
20%
peterdd114.09.201915.09.2019 Task Description
  1. Find a good configuration name just reuse relnofollow as used by dokuwiki
  2. Find a good translation keyword for that config relnofollow
  3. Find a good translation keyword for config description (title attribute)

Goes into prefs table as it is sitewide configuration.

As first implementation a simple checkbox should be ok. Should be on the tab with other spam handling stuff like captcha configuration.

Is enabled by default (1).
Adapt setup xml files, upgrade procedure.


	
2559Backend/CoreBug ReportLowa duplicate close accepted even when missing comment/ r...New
0%
peterdd29.07.201929.07.2019 Task Description

Closing a task with selected close reason duplicate should warn when there is no comment or FS # id is given in the close comment text field.

The task is closed as duplicate without any further notice. The information to which task it is duplicate or a description (if the problem is logged/handled outside Flyspray) is lost.

Possible solutions

Frontend hints

  • variant F1 (soft): When duplicate as close reason is selected, a placeholder attribute in the close comment text field could be shown/updated. (maybe as ‘css only’ possible)
  • variant F2 (harder): Deny sending the form if duplicate selected, but comment text field is empty. and shows warning info. (javascript required, nojs browsers still send form.)
  • variant F3 (hard): Deny sending the form if duplicate selected and no task id detected in comment text field. and shows warning info. (javascript required)

Backend deny

  • variant B1 (soft): When request wants close a task with duplicate reason and (cleaned) comment string is empty, deny closing the task and give feedback to user why it was denied.
  • variant B2 (hard): It requires detecting a task id in the comment field and the first detected task id is taken for referencing as ‘is duplicate of’. Limitation of this is that the duplicate could be also a ticket or something of a complete other system.
2316Backend/CoreBug ReportLow"wrongtoken" is displayed if the comment box is left si...Assigned
0%
peterdd7122.11.201629.07.2019 Task Description

I understand this is likely due to some sort of XSS CSRF protection, but the delay doesn’t appear to be long enough to be useful for a lengthy comment to be posted. I’ve now lost two detailed comments in our tracker because the software threw everything out and generated a meaningless error.

Further, attempting to do the normal thing and making the browser resubmit the page results in Flyspray throwing “Error #3” something something repeated action and causing a redirect to the homepage.

Surely there has to be a better way to handle this that doesn’t incur data loss?

2601Public RelationsFeature RequestMediumhttp -> https missing redirection (19-04-09)Assigned
10%
Floelejudas_iscariote321.04.202025.09.2020 Task Description

From: https://groups.google.com/forum/?hl=en#!topic/flyspray/rAnks5y_uLk

19-04-09 // More one year ago.

There are not http → https redirections.

Only one example:
- http://www.flyspray.org/docs/download/ is not redirected to https://www.flyspray.org/docs/download/

Note: It is better to have the main website in https://flyspray.org/.

http://www.flyspray.org/ + https://www.flyspray.org/ + http://www.flyspray.org/ must be redirected to https://flyspray.org/

2657EmailBug ReportCriticalcurrently new registration emails are not received by u...Assigned
0%
Floelejudas_iscariote24.11.202124.11.2021 Task Description

Regardless if a gmail.com or other address (tested with my gmail and also other email address)

So this is probably a mail server problem. I try to reach server admin.

I can see my “unfinished registrations” tests in the admin→checks area, but received no emails (waited and checking spam folders too)

2568DocumentationBug ReportMedium[MANUAL] a missing image in "Understanding Permissions:...Unconfirmed
0%
101.09.201902.09.2019 Task Description

In the page http://www.flyspray.org/manual/group_permissions/ , it is written

Shown is an image of the permissions page for the Flyspray project’s Contributors group

but there is no image in there.

I can think of two ways of dealing with that I guess:

  1. add an image
  2. remove the sentence

What do you think?

1856Backend/CoreBug ReportMediumWrong timezonesResearching
0%
1327.03.201306.03.2015 Task Description

Hello,
when selecting timezone in user profile, it only offers offset based timezones. It should offer timezones like "Europe/Prague", instead, because in summer it is UTC+2 and in the winter UTC+1. Also UTC is the same as GMT.

Using offsets will cause invalid future and past times when crossing daylight saving or when something other changes.

Adding daylight checkbox is not enough and will cause additional troubles. Just use names and store them as ENUM in database, not offset. This problem is pretty complicated and the only solution is to use names and let libraries to solve it for you.

Thank you.

2215Text RenderingBug ReportLowwrong output of Geshi syntax highlighting for xml codeNew
0%
117.10.201631.12.2017 Task Description

Geshi 1.0.8.17 from https://github.com/easybook/geshi is quite slow at the current integration of Flyspray v1.0-rc3 on the first run. (But any further read uses the cache.)

But it produces garbled output for xml code highlighting:

Example without xml, just format as preformatted code:

<table>blabla</table>

Or as php syntax highlighting (even if it doesn’t contain a real php-tag ;-) ):

<table>blabla</table>

Example with xml choosen as language:

blabla

The table tag is stripped away instead of converting the tag for output inside code/pre tags (by converting the < and > chars). Maybe just a configuration issue?

1222Backend/CoreFeature RequestMediumWorkflow engine / Role-based State Transition Rules Eng...Unconfirmed
0%
11725.03.200705.05.2019 Task Description

I have been working with Eventum (http://www.mysql.org/downloads/other/eventum/) for quite sometime now and in contrast, I like Flyspray for its simplicity and practicality. But one thing I badly miss (and something that Eventum scores high) is a Workflow Engine. If not a sophisticated W.E., I (as an Admin / Manager) should be able define role-based state transition rules of the tasks reported in a particular project. For example, I should be able to implement the following scenario:

  1. For a “Developer”, the subsequent tasks from various states. Likewise for other roles
  2. “Developer” should not be able close out the bug reports. He/she can only flag them as implemented. The “Reporter” of the bugs or the “Manager” alone should be able to close out issues
  3. ..
  4. .. it will go on like that ;-)

This feature, in my opinion, is very crucial for corporate organizations to give a serious consideration to Flyspray.

1977Backend/CoreBug ReportLowWeird URL after closing task with referenceUnconfirmed
0%
115.03.201518.03.2015 Task Description

On Mac OS Safari:

I just closed a task and wrote the following into the comment for closing:

"See also F.S.#.14" (of course without the points). When I then click the link in the comment box (below the task details) I'm redirected to:
"http:/flyspray.stefan-herz%0Aog.tld/index.php?do=details&task_id=%0A14". No matter if #14 is closed or not.
It worked with Firefox.

Any suggestions?

2327Backend/CoreFeature RequestLowvisibility-option for private tasksUnconfirmed
0%
315.01.201717.01.2017 Task Description

We have some private Tasks in our FS-bugtracker to hide them from normal reporters. But we also have some external beta-testers in a betatesters-group and they should be able to see (and check) the private tasks without giving them a project manager status. So it would be good, if there is a switch in the group option to give specific groups the right to see private tasks.

2453Backend/CoreBug ReportMediumvalidate category before storing a new taskNew
0%
1.014.12.201714.12.2017 Task Description

Currently the category_id is not checked if the value is legal for the project when a new task is created.

  • must be unsigned int
  • must be an active category_id of the project or global category.
  • setting a category_id must be allowed - see project settings.

If invalid category_id is sent, deny creating task and show error message and show filled form again.

If no category_id is sent (or empty string) and category select is enabled:

  • either choose a default category

or

  • implement feature request FS#2451 and show that user should select a category.
1753Backend/CoreFeature RequestMediumUsergroup Restriction: Only View SummaryConfirmed
0%
1.1 devel4220.06.201227.06.2016 Task Description

I was really impressed with Flyspray and about to use it as our bug tracker, but then I discovered quite a big problem. You can't restrict users from seeing full task details.

I would really love the ability to let them only see the summary. My reason being is that I'm needing a bug tracker for my game, and bugs reported can be easily abused, and will be abused, if people can just read bug reports and see how to replicate them.

The reason I don't like just unchecking the "View Tasks" option, is because they wont be able to see if there is already a task about the bug, so we would just get flooded with duplicate reports on the same bugs.

2479Backend/CoreInformationLowUser table seems really complexUnconfirmed
0%
110.08.201810.08.2018 Task Description

why not store all the user preferences in preferences or user_prefernces? Then users can just be simple username, email, password?

1834Backend/CoreFeature RequestLowuser profile pageMaybe
80%
2.0125.02.201307.04.2021 Task Description

Should have a page that is a users profile page. so clicking in that users name on a ticket takes you there and you can see what bugs are assigned to them, what they have commented on, and other info about them and about their activity.

2430Backend/CoreFeature RequestLowUser dependency on projectUnconfirmed
0%
216.03.201720.03.2017 Task Description

So, there would be great option if we can set permission to users to see and post only in specific opened projects in bug tracker.

Idea is, that user has all right to all projects, but in some cases we want that user can see only projects which is allowed and also to publish new tasks to only allowed projects.

In that case tasks overiew is locked and user must be logged in to see opened tasks.

2059Backend/CoreFeature RequestLowusage of github automated/webhook notificationsNew
0%
24.09.201524.09.2015 Task Description

We have no API yet for Flyspray.

But someone could write a simple php-file that can be called by a github.com auto notification, whenever:

  • a commit on github.com for Flyspray/flyspray is made

Github.com provides the configuration of such notification for a possible target like

https://bugs.flyspray.org/api/github.php

or

https://bugs.flyspray.org/api/github.php?project=1

in the settings of a project.

What the file needs:

  • import some of the existing Flyspray classes from includes/
  • config or load the secrets that are provided by github.com in the setup for the automatic notification
  • check that secrets and more for authentication and authorization of requests coming from github.com
  • parse the messages for Flyspray identifiers like ' FS#1234 ' or 'fix  FS#1234 ' or 'related to  FS#1234 '
  • take actions on the results of that message parsing like making adding comment or modifying a task status
1973Backend/CoreTODOLowurl rewritePlanned
80%
1.1 devel214.03.201511.02.2016 Task Description

Well, it needs a cleanup, per example:

fixed now http://127.0.0.1/flyspray/task/3?project=1

That should be something like:

The actual one is actually half a rewrite and half a GET version

2097User InterfaceBug ReportMediumUrl incorrect for view attachementUnconfirmed
0%
10116.01.201602.03.2016
2111Installer and UpgraderBug ReportMediumUpon trying to install flyspray release, setup says I'm...Planned
10%
224.03.201605.06.2016
2324Backend/CoreInformationLowUpdate composer.jsonUnconfirmed
0%
31.12.201631.12.2016
1981Backend/CoreTODOLowUnify event logging and notificationsConfirmed
0%
1.1 devel220.03.201522.03.2015
2449Backend/CoreBug ReportLowUnexepted exception on smtp gmail sendUnconfirmed
10%
729.10.201710.01.2018
2202Installer and UpgraderBug ReportHighUnable to upgradeUnconfirmed
0%
310.09.201611.10.2016
2643Backend/CoreInformationLowUnable to delete a wrong TaskUnconfirmed
0%
407.07.202108.07.2021
2081User InterfaceBug ReportLowUI for adding comment while editing task doesn't use HT...Confirmed
0%
429.10.201506.11.2015
2425SlovenianFeature RequestVery LowTranslation: SlovenianConfirmed
40%
105.03.201705.03.2017
2075NotificationsBug ReportHighToo spammy notifications under some circumstancesRequires testing
40%
1.019.10.201503.11.2015
2209AuthenticationFeature RequestMediumTLS support for LDAPUnconfirmed
0%
109.10.201604.09.2019
2521EmailInformationLowTLS email with self-signed certificate doesn't work, "C...Unconfirmed
0%
531.10.201803.11.2018
2019User InterfaceFeature RequestMediumtitle -tag Waiting on Customer
0%
1.1 devel26.07.201526.07.2015
2589User InterfaceBug ReportLowTime zone in user settings is confusingUnconfirmed
0%
228.12.201928.12.2019
2007Backend/CoreBug ReportLowtime on project overview activity timelinesNew
0%
18.07.201518.07.2015
2210User InterfaceInformationLowTasklist color for due dateUnconfirmed
100%
612.10.201618.10.2016
1980User InterfaceFeature RequestMediumTasklist - PDF ExportMaybe
0%
2.0119.03.201526.05.2016
2318Installer and UpgraderBug ReportLowsyntax_plugin required when selected ckeditor in SetupRequires testing
50%
323.11.201607.12.2016
2108User InterfaceFeature RequestMediumSupport local language when install FlysprayConfirmed
30%
3103.03.201617.04.2021
2107AuthenticationFeature RequestLowSupport CAS Server AuthenticateUnconfirmed
0%
202.03.201604.09.2019
1749User InterfaceBug ReportLowSubmit form buttons on lower rightUnconfirmed
50%
117.06.201224.09.2015
2536Backend/CoreFeature RequestMediumstore session in Flyspray databaseNew
0%
221.01.201915.03.2019
2114TranslationsTODOMediumStandardize the priority meaning across flyspray transl...New
0%
207.04.201626.03.2018
2223GreekBug ReportVery LowSome strings need splitting or replacementUnconfirmed
0%
2124.10.201625.10.2016
1950User InterfaceTODOMediumSolve confusing Flyspray group settings vs Project grou...Confirmed
50%
1.0907.03.201511.11.2015
Showing tasks 1 - 50 of 315 Page 1 of 7

Available keyboard shortcuts

Tasklist

Task Details

Task Editing