Flyspray - The bug killer!

This is the Bug Tracking System for the Flyspray project. This is not a demo!

2019-04-22: Flyspray 1.0-rc9 released See https://github.com/Flyspray/flyspray/releases

ID Category  asc Task Type Severity Summary Status Progress Assigned To Due In Version Opened Last Edited
1987APIFeature RequestMediumREST API to get metrics from flyspray projectsUnconfirmed
0%
229.03.201506.10.2015 Task Description

I need metrics for flyspray projects about a rest api. For example the count of issues for status, priority. I want use this values for my code analysis system http://www.sonarqube.org/ and other internal tools. It is possible to create a rest api with user authorization and only for metrics data?

2201APIBug ReportHighI got Fatal Error on the Github OAuthUnconfirmed
0%
1.0107.09.201609.09.2016 Task Description
Fatal error: Class 'League\OAuth2\Client\Provider\Github' not found in /html/bugs/includes/GithubProvider.php on line 11

I have downloaded this:
Precompiled with 3rd party libs for PHP5.6: flyspray-1.0-rc1_php56.tgz
and the file seems really dont exist.

2112APIBug ReportMediumAssigned tickets aren't editable for lower privileged u...Unconfirmed
0%
231.03.201611.04.2016 Task Description

An assigned ticket can't be edited by a lower privileged user.

Steps to reproduce:

  • One Project, Two Users. User A is Admin, User B is Basic
  • A creates a Task.
  • A take ownership of the Task. (it’s important to do this AFTER saving the task. You cannot assign User A if you are A in this moment. Maybe another Bug...!?)
  • Now B is allowed to take ownershop too. B click now “Add me to assignees”.
  • Now B can edit the task.
  • If B click “save”, the task can’t be saved, because some fields haven’t the correct values (esp: state is now “unconfirmed”). Many error messages said, that unexpected values exist

Some weird moments:

  • Why can B edit a task? He have no rights to edit tasks...
  • If B are Basic and have “edit own Task”-Right too, this bug also exist.
2209AuthenticationFeature RequestMediumTLS support for LDAPUnconfirmed
0%
109.10.201604.09.2019 Task Description

It would be helpful to have communication with LDAP via TLS

2107AuthenticationFeature RequestLowSupport CAS Server AuthenticateUnconfirmed
0%
202.03.201604.09.2019 Task Description

Please support Central Authentication Service, thank you.

2551AuthenticationInformationLowLDAP/AD integrationUnconfirmed
0%
315.05.201904.09.2019 Task Description

Hi

Please advise if there are known issues when integrating Flyspray with Active Directory using LDAP.

1487AuthenticationFeature RequestLowLDAP(Active Directory) AuthenticationPlanned
40%
1.1 devel101121.05.200804.09.2019 Task Description

I have done a very quick bit of work to bring ldap (through active directory) authentication to flyspray for our implementation in the office. I hope it will be of use to others. There is a readme.txt inside talking through the process and the patch to apply. My plan is to expand on this and make it part of the setup process but this will take a bit longer.

1856Backend/CoreBug ReportMediumWrong timezonesResearching
0%
1227.03.201306.03.2015 Task Description

Hello,
when selecting timezone in user profile, it only offers offset based timezones. It should offer timezones like "Europe/Prague", instead, because in summer it is UTC+2 and in the winter UTC+1. Also UTC is the same as GMT.

Using offsets will cause invalid future and past times when crossing daylight saving or when something other changes.

Adding daylight checkbox is not enough and will cause additional troubles. Just use names and store them as ENUM in database, not offset. This problem is pretty complicated and the only solution is to use names and let libraries to solve it for you.

Thank you.

1222Backend/CoreFeature RequestMediumWorkflow engine / Role-based State Transition Rules Eng...Unconfirmed
0%
11625.03.200705.05.2019 Task Description

I have been working with Eventum (http://www.mysql.org/downloads/other/eventum/) for quite sometime now and in contrast, I like Flyspray for its simplicity and practicality. But one thing I badly miss (and something that Eventum scores high) is a Workflow Engine. If not a sophisticated W.E., I (as an Admin / Manager) should be able define role-based state transition rules of the tasks reported in a particular project. For example, I should be able to implement the following scenario:

  1. For a “Developer”, the subsequent tasks from various states. Likewise for other roles
  2. “Developer” should not be able close out the bug reports. He/she can only flag them as implemented. The “Reporter” of the bugs or the “Manager” alone should be able to close out issues
  3. ..
  4. .. it will go on like that ;-)

This feature, in my opinion, is very crucial for corporate organizations to give a serious consideration to Flyspray.

1977Backend/CoreBug ReportLowWeird URL after closing task with referenceUnconfirmed
0%
115.03.201518.03.2015 Task Description

On Mac OS Safari:

I just closed a task and wrote the following into the comment for closing:

"See also F.S.#.14" (of course without the points). When I then click the link in the comment box (below the task details) I'm redirected to:
"http:/flyspray.stefan-herz%0Aog.tld/index.php?do=details&task_id=%0A14". No matter if #14 is closed or not.
It worked with Firefox.

Any suggestions?

2327Backend/CoreFeature RequestLowvisibility-option for private tasksUnconfirmed
0%
315.01.201717.01.2017 Task Description

We have some private Tasks in our FS-bugtracker to hide them from normal reporters. But we also have some external beta-testers in a betatesters-group and they should be able to see (and check) the private tasks without giving them a project manager status. So it would be good, if there is a switch in the group option to give specific groups the right to see private tasks.

2453Backend/CoreBug ReportMediumvalidate category before storing a new taskNew
0%
1.014.12.201714.12.2017 Task Description

Currently the category_id is not checked if the value is legal for the project when a new task is created.

  • must be unsigned int
  • must be an active category_id of the project or global category.
  • setting a category_id must be allowed - see project settings.

If invalid category_id is sent, deny creating task and show error message and show filled form again.

If no category_id is sent (or empty string) and category select is enabled:

  • either choose a default category

or

  • implement feature request FS#2451 and show that user should select a category.
1753Backend/CoreFeature RequestMediumUsergroup Restriction: Only View SummaryConfirmed
0%
1.1 devel4220.06.201227.06.2016 Task Description

I was really impressed with Flyspray and about to use it as our bug tracker, but then I discovered quite a big problem. You can't restrict users from seeing full task details.

I would really love the ability to let them only see the summary. My reason being is that I'm needing a bug tracker for my game, and bugs reported can be easily abused, and will be abused, if people can just read bug reports and see how to replicate them.

The reason I don't like just unchecking the "View Tasks" option, is because they wont be able to see if there is already a task about the bug, so we would just get flooded with duplicate reports on the same bugs.

2479Backend/CoreInformationLowUser table seems really complexUnconfirmed
0%
110.08.201810.08.2018 Task Description

why not store all the user preferences in preferences or user_prefernces? Then users can just be simple username, email, password?

1834Backend/CoreFeature RequestLowuser profile pageMaybe
0%
2.025.02.201306.03.2015 Task Description

Should have a page that is a users profile page. so clicking in that users name on a ticket takes you there and you can see what bugs are assigned to them, what they have commented on, and other info about them and about their activity.

2430Backend/CoreFeature RequestLowUser dependency on projectUnconfirmed
0%
216.03.201720.03.2017 Task Description

So, there would be great option if we can set permission to users to see and post only in specific opened projects in bug tracker.

Idea is, that user has all right to all projects, but in some cases we want that user can see only projects which is allowed and also to publish new tasks to only allowed projects.

In that case tasks overiew is locked and user must be logged in to see opened tasks.

2059Backend/CoreFeature RequestLowusage of github automated/webhook notificationsNew
0%
24.09.201524.09.2015 Task Description

We have no API yet for Flyspray.

But someone could write a simple php-file that can be called by a github.com auto notification, whenever:

  • a commit on github.com for Flyspray/flyspray is made

Github.com provides the configuration of such notification for a possible target like

https://bugs.flyspray.org/api/github.php

or

https://bugs.flyspray.org/api/github.php?project=1

in the settings of a project.

What the file needs:

  • import some of the existing Flyspray classes from includes/
  • config or load the secrets that are provided by github.com in the setup for the automatic notification
  • check that secrets and more for authentication and authorization of requests coming from github.com
  • parse the messages for Flyspray identifiers like ' FS#1234 ' or 'fix  FS#1234 ' or 'related to  FS#1234 '
  • take actions on the results of that message parsing like making adding comment or modifying a task status
1973Backend/CoreTODOLowurl rewritePlanned
80%
1.1 devel214.03.201511.02.2016 Task Description

Well, it needs a cleanup, per example:

fixed now http://127.0.0.1/flyspray/task/3?project=1

That should be something like:

The actual one is actually half a rewrite and half a GET version

2324Backend/CoreInformationLowUpdate composer.jsonUnconfirmed
0%
31.12.201631.12.2016 Task Description
...
symfony/event-dispatcher suggests installing symfony/dependency-injection ()
symfony/event-dispatcher suggests installing symfony/http-kernel ()
guzzle/guzzle suggests installing guzzlehttp/guzzle (Guzzle 5 has moved to a new package name. The package you have installed, Guzzle 3, is deprecated.)
Package guzzle/guzzle is abandoned, you should avoid using it. Use guzzlehttp/guzzle instead.
1981Backend/CoreTODOLowUnify event logging and notificationsConfirmed
0%
1.1 devel220.03.201522.03.2015 Task Description

They are currently two separate mechanisms. Shouldn't be so. Events happen always, notifications when someone should be or have chosen to be notified about those events.

Besides, the current code is just a total mess that should be fixed/rewritten anyway, and we unfortunately also overlooked during the development phase 2 things: one new table, users_emails, and the fact that the user is now allowed to give several email addresses separated by a semicolon.

2449Backend/CoreBug ReportLowUnexepted exception on smtp gmail sendUnconfirmed
10%
729.10.201710.01.2018 Task Description

On creating task we got error on event which must send e-mail via “google mail”.

I hoped that in rc6 this will be solved but not. This error was the same on rc4.

2007Backend/CoreBug ReportLowtime on project overview activity timelinesNew
0%
18.07.201518.07.2015 Task Description

I find it irritating to have the oldest activity on the right side and newest activity on the left side of the small activity bars.

There is also no time scale description. This could be added by showin it on :hover to keep the simple appearance.

A complete new feature would be to replace the image generation by rendering the bars in the html in the same request, e.g by inline svg or canvas element. This would enable adding some interactivity with the activity bars..
A related feature request is FS#1991 (project progress)

2536Backend/CoreFeature RequestMediumstore session in Flyspray databaseNew
0%
221.01.201915.03.2019 Task Description

Currently the sessions are stored by the webservers default settings.

Having this sessions under control by Flyspray by storing it in the database has following advantages:

  1. Allows handling of all sessions of a user by Flyspray.
  2. Providing a session management for each user. The user can see on which devices he is currently logged in and could also force a logout on selective devices.
  3. A forced logoff of all or some user sessions is easy implementable for admins.
  4. Statistics about how many users and who is logged in. (user status: hide always, online, offline, do not disturb, ..)
  5. Could make onpage-notifications easier to implement.
  6. .. ?

Disadvantages:

  1. A potential unknown security bug in Flyspray that could lead to reading a session db table could leak informations like who is currently online/active and make further attacks more focused or makes session takeover easier.
  2. .. ?
1962Backend/CoreFeature RequestLowSMS notification - sending notifications via sms same a...New
0%
211.03.201502.12.2015 Task Description

moved from FS#1697 into a separate task.

1539Backend/CoreFeature RequestLowSitemap.xml GenerationUnconfirmed
0%
2.12112.01.200911.03.2015 Task Description

I would like the feature to have a sitemap.xml file be generated, say every xx days, set in the configuration.

2063Backend/CoreFeature RequestVery Lowshow closed/open usage count on do=pm&area=XXXNew
0%
29.09.201529.09.2015
2208Backend/CoreInformationLowSeverity "medium" by defaultSuspended
50%
2127.09.201629.09.2016
2333Backend/CoreInformationLowSet Default View on Login?Unconfirmed
0%
326.01.201727.01.2017
2036Backend/CoreBug ReportVery Lowsession timeoutNew
0%
2121.08.201512.01.2016
2087Backend/CoreInformationHighSee no Editor in Add New TaskUnconfirmed
0%
4104.11.201505.11.2015
1976Backend/CoreFeature RequestLowSave sorting for actual projectPlanned
0%
1.1 devel15.03.201515.03.2015
1871Backend/CoreFeature RequestLowRestricted Task Types Based on GroupMaybe
0%
2.019.07.201306.03.2015
2441Backend/CoreBug ReportMediumrefactor dokuwiki image tagsNew
0%
15.09.201715.09.2017
2482Backend/CoreInformationLowProtect issues by defaultUnconfirmed
0%
110.08.201810.08.2018
2534Backend/CoreFeature RequestLowPrivate projectsUnconfirmed
0%
816.01.201918.01.2019
2142Backend/CoreBug ReportLowPost-authenticate redirect does not make use of baseurl...Unconfirmed
0%
28.06.201601.08.2016
2029Backend/CoreFeature RequestLowpossibility to let a user describe himselfNew
0%
112.08.201518.01.2018
407Backend/CoreFeature RequestMediumPlugin systemConfirmed
0%
2.0261404.12.200417.01.2013
2454Backend/CoreBug ReportLowPHP warning in admin edit user areaNew
0%
15.01.201815.01.2018
2330Backend/CoreBug ReportLowPHP Notice: Undefined offset: 0 in scripts/index.php o...Unconfirmed
50%
423.01.201730.01.2017
2335Backend/CoreInformationLowPDF Attachment does NOT View/Open in New Window/TabUnconfirmed
0%
127.01.201727.01.2017
2440Backend/CoreFeature RequestLowOption to disable tag featureNew
0%
15.09.201715.09.2017
2122Backend/CoreBug ReportMediumopen_basedir restrictions for FS_CACHE_DIR not respecte...Suspended
0%
422.04.201616.08.2016
1673Backend/CoreBug ReportHighOnly white screen after upgrade to 1.0 - reasonsConfirmed
10%
1.1 devel31412.01.201117.08.2016
2220Backend/CoreInformationLowOne status with different color in tasklistUnconfirmed
0%
524.10.201603.11.2016
1868Backend/CoreFeature RequestLowOne issue for multiple componentsMaybe
0%
2.0222.06.201312.11.2015
2005Backend/CoreFeature RequestLowone account, several authenticationsNew
0%
1.1 devel18.07.201518.07.2015
2477Backend/CoreInformationLowold style MySQL extension is abandoned ..Unconfirmed
0%
110.08.201810.08.2018
2207Backend/CoreBug ReportHighNonpublic project titles and project description exposi...Confirmed
0%
1.0123.09.201629.09.2016
2535Backend/CoreFeature RequestLownew optional Flyspray setting: add new users automatica...New
0%
216.01.201921.01.2019
Showing tasks 1 - 50 of 302 Page 1 of 71 - 2 - 3 - 4 - 5 - Last >>

Available keyboard shortcuts

Tasklist

Task Details

Task Editing