Flyspray - The bug killer!

This is the Bug Tracking System for the Flyspray project. This is not a demo!

2019-04-22: Flyspray 1.0-rc9 released See

ID Category Task Type Severity Summary Status Progress Assigned To Due In Version   asc Opened Last Edited
2063Backend/CoreFeature RequestVery Lowshow closed/open usage count on do=pm&area=XXXNew
29.09.201529.09.2015 Task Description

Currently on

  • do=pm&area=version
  • do=pm&area=os
  • do=pm&area=resolution
  • do=pm&area=status
  • do=pm&area=tags
  • do=pm&area=tasktype

a count of usage in tasks is shown for every property.

Interesting would be if the counter shows the count for open/closed tasks on each row.

2066Installer and UpgraderFeature RequestMediumAutomated site update (like Wordpress)Unconfirmed
209.10.201510.10.2015 Task Description

All is in the title

vote for this task please

2071EmailBug ReportLowNew user e-mail validationConfirmed
14.10.201514.10.2015 Task Description

On flyspray/index.php?do=admin&area=newuser I sucessfuly register user with email ;

I don’t recieve popup with message ‘You did’nt enter valid e-mail address’

After that on new page i receive error:

Completely unexpected exception: Address in mailbox given [;] does not comply with RFC 2822, 3.6.2.
This should never happend, please inform Flyspray Developers

2073Backend/CoreBug ReportLowCouldn't edit comment of anonymous reporterNew
17.10.201517.10.2015 Task Description

I wanted edit/fix the comment of an anonymous reporter, but the edit shows empty content on editing..

(here on closed, but non yet implemented  FS#218 )

2083User InterfaceInformationLowDrag and drop tasks on roadmapUnconfirmed
30.10.201530.10.2015 Task Description

On the roadmap it would make life a lot easier if it was possible to drag and drop tasks into versions.

2119Backend/CoreBug ReportMediumfunction filter_input not always availableResearching
15.04.201615.04.2016 Task Description

filter_input() is in extension “Filter”.

It is enabled by default since PHP5.2, see but not “always”, see!topic/flyspray/QM75BvwPqGM

filter_input() is only used at 1 section in Flyspray (since 2014 up to v1.0rc1) in includes/
This is the commit

How do we solve it? Several possibilities:

2137Backend/CoreBug ReportLowfeature accesskey bad implemented by web browsersNew
15.06.201615.06.2016 Task Description

My tests showed that the html accesskey feature is not well and consistent supported by current web browsers and is quite cumbersome to use.
And it seems it will not be better in future..

The only solution I see dropping that feature or replacing them with simple single-key-event javascript listeners, like it is currently done with keys o, j, k, n, and p.

accesskeys in Flyspray I talk about:

  • l (current SHIFT+ALT+l Firefox) login dialog / logout
  • a (current SHIFT+ALT+a Firefox) add new task
  • m (current SHIFT+ALT+m Firefox) my searches
  • t (current SHIFT+ALT+t Firefox) focus taskid search
  • e (current SHIFT+ALT+e + Enter Firefox) edit task
  • x or y? (current SHIFT+ALT+y Firefox) close task
  • s (current SHIFT+ALT+s Firefox) save task

Also related to Keyboard navigation: tabindex

2138User InterfaceFeature RequestVery LowOverhaul dokuwiki editor buttonbarNew
17.06.201617.06.2016 Task Description

Rethink the current sets of buttons and their functionality.

Maybe a mousover hint/cheatsheet of available dokuwiki syntax is more helpful in writing fast and efficient.

  • buttongroup links http,email,ftp
  • buttongroup code, code php: why a single button for php? maybe a cheatsheet or subselect for choosing a language (read directory plugins/dokuwiki/inc/geshi for that). Or even better: Let the project administrator define what source code languages are used/popular in a software project and dependend of that setting prefer/promote that languages
  • I miss a blockquote- or cite-tag for citation, which is more semantic than bold, italic, underline buttons. Update: It is the > character followed by text!
  • Show a cheatsheet (by mouseover?) of dokuwiki smileys as defined at plugins/dokuwiki/conf , update to current config of dokuwiki, facepalm for instance is missing
8-) 8-O 8-o :-( :-) =) :-/ :-\ :-? :-D :-P :-o :-O :-x :-X :-| ;-) ^_^ :?: :!: LOL FIXME DELETEME

8-) icon_cool.gif 8-O icon_eek.gif 8-o icon_eek.gif :-( icon_sad.gif :-) icon_smile.gif =) icon_smile2.gif :-/ icon_doubt.gif :-\ icon_doubt2.gif :-? icon_confused.gif :-D icon_biggrin.gif :-P icon_razz.gif :-o icon_surprised.gif :-O icon_surprised.gif :-x icon_silenced.gif :-X icon_silenced.gif :-| icon_neutral.gif ;-) icon_wink.gif ^_^ icon_fun.gif (not working as first character on a line, bug?) :?: icon_question.gif :!: icon_exclaim.gif LOL icon_lol.gif FIXME fixme.gif DELETEME delete.gif

2142Backend/CoreBug ReportLowPost-authenticate redirect does not make use of baseurl...Unconfirmed
28.06.201601.08.2016 Task Description

I run flyspray behind a reverse proxy with the front end url being https and with the actual back end server not being on a standard port and not using https.

Setting force_baseurl seems to sort most areas with flyspray’s url generation using that instead of picking up from $_SERVER, however post-authentication redirection does not do that it just processes redirect_to as is (which in my case means it picks up the protocol, name and port for the back end server rather than what’s set in force_baseurl).

./themes/CleanFS/templates/loginbox.tpl puts out $_SERVER[’REQUEST_URI‘] into a hidden redirect_to input field - on my setup on the front page that’s e.g. “/” or for a ticket url it would be “/index.php?do=details&task_id=999” so no protocol or hostname.

scripts/authenticate.php picks up that redirect_to value and just passes it to Flyspray::Redirect, which in turn calls FlySpray::absoluteURI on what it’s passed, and FlySpray::absoluteURI doesn’t use $baseurl to qualify the url.

Not sure what the best fix is - my suggestion would be that Redirect detects urls that aren’t fully qualified and adds the $baseurl on to the front of them, rather than calling absoluteURI (absoluteURI is used to set $baseurl if force_baseurl is unset, so that’s not appropriate to modify). Alternatively scripts/authenticate.php could check redirect_to and add $baseurl if needed.

2160Backend/CoreBug ReportLowCannot "accept" PM close request if already closedUnconfirmed
14.07.201614.07.2016 Task Description

If a task creator requested closure, and someone (developer) closes the task explicitly, the PM request cannot be later ‘accepted’ and the PM request remains in the queue.

Workaround - Deny request and queue item is removed OK.

It looks like the PM request button invoked details.close which returns early if task is already closed.

2188Backend/CoreBug ReportVery LowIt should not possible to relate a task to itselfNew
01.08.201601.08.2016 Task Description

Flyspray should show a warning, and maybe set the focus back to the field (only when it is a this-one-field-only-form.)

2190Backend/CoreFeature RequestLowenable move of a closed clask to other project without ...Researching
06.08.201606.08.2016 Task Description

Problem: By replacing just the project_id of the closed task it is possible the task then has invalid field values within the target project.

Possible scenarios:

  1. Ignore invalid values within the target project
    • Pro: Easy to do, an immidiatly revert back to the old project would “heal” the task properties.
    • Contra: may effect accuracy and reliability of other parts like searching, listing, statistic calculations
  2. Silent change task field values to valid field values of the target project if necessary
    • Pro: relative easy to do
    • Contra: a bit loss of information, little side effects
  3. allow user to modify the fields that must be changed so that every field of the task has valid values within the target project
    • Pro: accuracy
    • Contra: a bit loss of information(fallback to default values) if there are no similiar field values selectable within the project
  4. allow user to modify the fields, fields or field select values that do not exists in target project will be automatically created.
    • Pro: accuracy
    • Contra: target project may be cluttered with too many fields/field values
  5. ???
2193User InterfaceFeature RequestLowEdit a comment while seeing task details and other comm...New
07.08.201608.08.2016 Task Description

If someone with ‘edit comment’-permission wants to edit a comment, the edit comment form is shown on an extra page.

This is not optimal, because the editor cannot see task details or the other comments while modifying the comment.

Possible Solutions

  • with javascript is enabled: Stay on the ‘task detail’-page, just the comment changes from a ‘view’ layout to ‘edit’ layout, similiar to the quickedit-feature (like in FS1.0).
  • when javascript is disabled: The ‘edit comment’-page shows task details (check permissions) and other comments too, but maybe a bit narrow, so ‘visible focus’ is on editing the comment.
2200User InterfaceBug ReportMediumIncomplete list of timezones available in the user pref...Unconfirmed
26.08.201626.08.2016 Task Description

The user preferences and the add new user screens both allow you to set the timezone offset of the user, however, we are only provided with whole hour offsets from GMT. This makes it impossible to select our timezone here in India, which is GMT+5:30 - IST(Indian Standard Time - Asia/Kolkata as per TZ Zoneinfo). In addition, there are also timezones in the GMT+x:45, which wouild also require to be handled. Note, this is totally independent of DST Changes, since some of the countries use DST(Like in Australia) and others do not(Like India).

Here is a link with more details of the same -

I will be trying to identify and fix the codebase to resolve this, and will hopefully have a patch to submit soon.

R. K. Rajeev

2209AuthenticationFeature RequestMediumTLS support for LDAPUnconfirmed
109.10.201604.09.2019 Task Description

It would be helpful to have communication with LDAP via TLS

2315Backend/CoreBug ReportLowFiling a new task is possible with no details in the ma...Unconfirmed
21.11.201621.11.2016 Task Description

When filing a task, it’s possible to submit the task without any information at all being added to the main body of the ticket. This leads to reports that are of no value because the user can simply add some vague title, hit submit, and then wonder why nothing happens other than someone closing it later as invalid.

The main body of the ticket should be considered a required field and should throw an error if nothing is in the box.

2324Backend/CoreInformationLowUpdate composer.jsonUnconfirmed
31.12.201631.12.2016 Task Description
symfony/event-dispatcher suggests installing symfony/dependency-injection ()
symfony/event-dispatcher suggests installing symfony/http-kernel ()
guzzle/guzzle suggests installing guzzlehttp/guzzle (Guzzle 5 has moved to a new package name. The package you have installed, Guzzle 3, is deprecated.)
Package guzzle/guzzle is abandoned, you should avoid using it. Use guzzlehttp/guzzle instead.
2439Backend/CoreFeature RequestLowClone a ProjectNew
15.09.201715.09.2017 Task Description

There is a request for cloning a project on Flyspray mailing list:

Would be a very welcome features to have Project Templates for repetitive workflow. Any idea if its in the pipeline?

Well, not yet.

The question is, how exactly you want that project clone.

Do you want just a rough copy of the project table entry?
Thats quite easy and can even be done without programming or writing a line of SQL just by using PHPMyAdmin (or similiar Tools for PostgreSQL) and copy a row of the project table for example.
See yellow marked project table on the right of the attached dbschema screenshot.

The other extreme is copying every project depending list table entries to new ones.
This sure requires some programming, but not too hard to add this to Flyspray. (all yellow marked tables in the attached dbschema screenshot.

I attach a rough form mockup how could this could look like.

Possible solution

  1. add a new file scripts/ folder for instance copyproject.php (check admin permission)
  2. add a template file to themes/CleanFS/templates/copyproject.tpl
  3. Set a link to that clone form page somewhere, for example on the toplevel page of a project (see screenshot)
  4. Handle the adminuser (or add a clonepermission for that project manager usergroup) submitted form careful and savely either by includes/ (or like scripts/copyproject.php to keep it seperate from core)

The link to the clone form looks then ?project=123&do=copyproject

2440Backend/CoreFeature RequestLowOption to disable tag featureNew
15.09.201715.09.2017 Task Description

There is a wish on the Flyspray mailing list:

Is there a way of hiding the TAGS input field from the Add New Task form?

If it is just hiding on that form, there are several options to achieve this (from simple to complex)

A) Hide by CSS

Add that rule to themes/CleanFS/theme.css CSS file:


B) Hide by CSS (better)

Add a rule to a custom_*.css, for instance themes/CleanFS/custom_mytheme.css


and choose custom_mytheme.css in your project settings.

D) Edit themes/CleanFS/templates/newtask.tpl directly

and remove the whole div-tag with id=”edit_tags” (all between ‘<div id=”edit_tags>”’ and its closing ‘</div>’ (not recommended)

E) Use a custom template

  1. Create a folder in themes/, for instances themes/mynotagtheme/
  2. Only copy themes/CleanFS/templates/newtask.tpl to themes/mynotagtheme/templates/newtask.tpl
  3. Make the changes to that newtask.tpl like in B) (custom theme not overwritten by Flyspray Updates if you keep or backup your themes/mynotagtheme/ folders, but requires review if something has changed within themes/CleanFS/templates/newtask.tpl between version updates)
  4. Choose your mynotagtheme as project theme. All other files fall back to default themes/CleanFS/

(not tested, but thats the way it should work with current Flyspray 1.0-rc5)

D) Nag or caress someone

to finish tag feature for Flyspray with options/permissions to turn it off per project or project group or something like that.

This would effect not only that newtask form but all places where that options should kick in (listing tags in tasklist, tasklist filters etc)

2441Backend/CoreBug ReportMediumrefactor dokuwiki image tagsNew
15.09.201715.09.2017 Task Description
I’ve tried inserting an image in the intro message but it doesn’t show. Is there something broken in the file? Seems unlikley because it’s so old but can’t work out why nothing shows.

I had to disable some parts last year within dokuwiki quickly due sever reported security issues in that area.

As tradeoff embedding images currently don’t work within dokuwiki textareas in Flyspray.

As I too wish that feature reappear working for my projects, this is on my personal list. But requires focused free time because must be made secure.

Maybe instead of using fetch.php of dokuwiki, we can use Flypsray’s ?getfile=id , which also checks permissions.
But must check also securly file types and maybe resize images to fit into the desired page (thumbnails).

2444Installer and UpgraderInformationLowcomposer hits memory limitsNew
04.10.201704.10.2017 Task Description

Quick anwser: enable swap partition on your server.

Tried upgrading a rc4-dev to rc5-dev/rc6/flyspray-master on a virtual server with 500MB RAM and php5.6.30 on the commandline (debian)

After file upgrade, I wanted also update the vendor stuff according to composer.json changes.

But surprisingly this failed:

php composer.phar update

and also after

php composer.phar selfupdate

to version Composer version 1.5.2 2017-09-11 the memory limit bug exists:

The following exception is caused by a lack of memory or swap, or not having swap configured
Check for details

PHP Warning:  proc_open(): fork failed - Cannot allocate memory in phar:///var/www/***/composer.phar/vendor/symfony/console/Application.php on line 979

Warning: proc_open(): fork failed - Cannot allocate memory in phar:///var/www/***/composer.phar/vendor/symfony/console/Application.php on line 979

  proc_open(): fork failed - Cannot allocate memory

Also doing a more fresh vendor install like

rm composer.lock
rm vendor/*
(keeps the .htaccess there)
php composer.phar install

300 MB not enough for a handful of php package installations? wtf, but didn’t dig deeper..

I temporarly solved the problem by making a swap partition on this vServer like suggested at

/bin/dd if=/dev/zero of=/var/swap.1 bs=1M count=1024
/sbin/mkswap /var/swap.1
chmod 600 /var/swap.1
/sbin/swapon /var/swap.1
             total       used       free     shared    buffers     cached
Mem:        506300     374920     131380      30628      21904     143872
-/+ buffers/cache:     209144     297156
Swap:      1048572          0    1048572

This is just documentation and is for the people who prefer a Flyspray development version from

Full Flyspray release download files do not needs to fiddle with composer.

Maybe an entry for the FAQ

2454Backend/CoreBug ReportLowPHP warning in admin edit user areaNew
15.01.201815.01.2018 Task Description

Since PHP7.2 shows a warning in admin area ?do=admin&area=users&user_id=1234567890, when user_id is set, but no alternative user_name parameter.

Probably related to scripts/admin.php

$id = Flyspray::UserNameToId(Req::val('user_name'));
if (!$id) {
  $id = Req::val('user_id');
2481Backend/CoreInformationLowMove to MVCUnconfirmed
10.08.201810.08.2018 Task Description

That way you can just protect the setup routes after installation, etc.

And have a much less cumbersome .htaccess file.

And take sensitive files outside of the server path and not risk letting them get out in the public

2484Backend/CoreInformationLowIncrease min. version of PHP requirementUnconfirmed
10.08.201810.08.2018 Task Description

Then you can gracefully drop support of old MySQL extension AND drop the need for password compat, since BCRYPT and password_hash are built into PHP from version 5.5 onwards

2524EmailInformationLowSMTP Mailer doesn't accept custom portsUnconfirmed
05.11.201827.11.2018 Task Description

Did you installed an official release or did you used an inoffical docker?!
MySQL 8.0.12, 7.2.9 on debian buster

Steps done to create the problem:
Enter server:port at Mail-Settings

Expected behavior: would make use of the custom port

Experienced behavior:
TLS Errors

          if ($fs->prefs['email_tls']) {
              $swiftconn = Swift_SmtpTransport::newInstance($fs->prefs['smtp_server'], 587, 'tls');
          } else if ($fs->prefs['email_ssl']) {
              $swiftconn = Swift_SmtpTransport::newInstance($fs->prefs['smtp_server'], 465, 'ssl');
          } else {
              $swiftconn = Swift_SmtpTransport::newInstance($fs->prefs['smtp_server']);

Should be changed to

          $someTemporaryVariable = explode(':',$fs->prefs['smtp_server']);
          if ($fs->prefs['email_tls']) {
              $swiftconn = Swift_SmtpTransport::newInstance($someTemporaryVariable[0], $someTemporaryVariable[1] || 587, 'tls');
          } else if ($fs->prefs['email_ssl']) {
              $swiftconn = Swift_SmtpTransport::newInstance($someTemporaryVariable[0], $someTemporaryVariable[1] || 465, 'ssl');
          } else {
              $swiftconn = Swift_SmtpTransport::newInstance($someTemporaryVariable[0], $someTemporaryVariable[1] || 25);
2548User InterfaceFeature RequestLowCSS grid layout for task details page typeNew
2549User InterfaceBug ReportLowOauth register template always shows "Username already ...Unconfirmed
2550EmailBug ReportLowException handling sending email notificationUnconfirmed
2554User InterfaceTODOLowkeyboard shortcuts help box should adapt to current pag...New
2559Backend/CoreBug ReportLowa duplicate close accepted even when missing comment/ r...New
2560Backend/CoreBug ReportLowdo not allow close task with reason duplicate referenci...New
2572User InterfaceTODOLowadd link attributes ugc and nofollow to user generated ...New
2575Backend/CoreFeature RequestLowability to view and reset Flyspray default settingsNew
2577User InterfaceFeature RequestVery Lowdistinguish between anonymous reporter and deleted userNew
2581User InterfaceFeature RequestLowreplace bitmap icons of default themeNew
2585User InterfaceTODOMediumUpgrade CKEditor to 4.13New
2587Backend/CoreTODOMediumdisplay_errors=1 should not set in release candidateUnconfirmed
2599Backend/CoreInformationLowad post request on new task creationUnconfirmed
2600Backend/CoreInformationLowError #17 when selecting a projectUnconfirmed
2606Database QueriesFeature RequestLowduedate column sort asc in tasklist should put unset du...New
2607AuthenticationBug ReportLowWhitespaces in email address fieldUnconfirmed
2613Public RelationsInformationVery LowEmail ist SignupUnconfirmed
2614EmailBug ReportCriticalConnection timed out #110Unconfirmed
1628NotificationsFeature RequestLowGlobal Notification addressUnconfirmed
1734Backend/CoreBug ReportLowAdd Timezone Selection to Admin PanelMaybe
1760Backend/CoreFeature RequestLowColumn 'last commenter' in tasks list viewMaybe
1766Backend/CoreFeature RequestLowAllow users to choose their favourite themePlanned
1772Backend/CoreFeature RequestLowDifferent kinds of votesMaybe
1798Backend/CoreFeature RequestLowBounty System New
1857User InterfaceFeature RequestLowLogin and then submit new taskResearching
Showing tasks 51 - 100 of 323 Page 2 of 7

Available keyboard shortcuts


Task Details

Task Editing