Flyspray - The bug killer!

This is the Bug Tracking System for the Flyspray project. This is not a demo!

2019-04-22: Flyspray 1.0-rc9 released See https://github.com/Flyspray/flyspray/releases

ID Category Task Type Severity Summary Status Progress Assigned To Due In Version   asc Opened Last Edited
2427Backend/CoreFeature RequestLowallow hotlinking (direct links) to uploaded filesUnconfirmed
0%
207.03.201709.03.2017 Task Description

Currently all attached files get renamed (like “screenshot331.png” → “attachments/14_72a4ca580abcdef69f60b1f”) and they could be downloaded only throught the php script (”/index.php?getfile=1234”) which requires that user must be logged in to view the file.
It is not very convenient when you need to show a file to some person who is on mobile phone at the moment or using not a work computer. Also sometimes you might need to share a file with anyone without having them to register at your bug tracker.

I suggest you to add a checkbox like “create a direct link” when uploading a file, which will save the file with original name and extension but adding some random generated prefix (like “screenshot331.png” → “attachments/14_72a4ca580abcdef69f60b1f.screenshot331.png”).

However this poses a high security risk so there should be a list of allowed file extensions (e.g. “jpg,png,txt,pdf,doc,zip”) - only these files could be saved with the original extension. This list should be accessible by the main administrator only, thus the safest option would be storing it inside the “flyspray.conf.php”.

2430Backend/CoreFeature RequestLowUser dependency on projectUnconfirmed
0%
216.03.201720.03.2017 Task Description

So, there would be great option if we can set permission to users to see and post only in specific opened projects in bug tracker.

Idea is, that user has all right to all projects, but in some cases we want that user can see only projects which is allowed and also to publish new tasks to only allowed projects.

In that case tasks overiew is locked and user must be logged in to see opened tasks.

2432Database QueriesInformationLowDelete tasks from all projects (like factory reset)Unconfirmed
0%
208.05.201710.05.2017 Task Description

Is there any “ready” SQL query file to delete all tasks and start again ? (without deleting projects, project settings, categories, task types, tags, task statuses etc...)

2436Backend/CoreBug ReportLowdokuwiki renderer creates nonunique html-id for h1,h2,h...New
0%
202.08.201702.08.2017 Task Description

The dokuwiki renderer automatic creates for each h(1-6) tag an html id attribute, but doesn’t ensure that this:

  • is not used by Flyspray templates
  • is unique across all tasks (tasklist summary/description mouseover!), id must be unique on a webpage.

Example: id=”footer” and id=”title” are used by the default CleanFS template for example.

id=”footer”

title

id=”title”

title

id=”title1”

title

id=”title2”

The original intention I think is to make dokuwiki content each h-section linkable, for instance by a “table of contents” at top of a wiki content page.
This is currently not used by the dokuwiki integrated in Flyspray, but could be in future.

Possible solution

Add the task_id to the generated id h(1-6) tags, for instance “d1234_footer” “d1234_title”

d - like description

(t1234 used for tags/labels id currently)

2447Backend/CoreFeature RequestMediumAllow notifications when a new task is createdUnconfirmed
0%
226.10.201729.10.2017 Task Description

The only (only!) feature that I have missing in Flyspray is an option to receive email notifications when a new task is created

I think that this could be in the profile of the user, and/or in the main configurations as “send a notification to the -group- (admins?) when a new task is created”

Thanks a lot! flyspray r00lz after all these years, never failed, no bugs, no hacks, fast and efficient! :)

A Happy user.

2448Backend/CoreBug ReportLowerror message in eventlog reportsUnconfirmed
0%
226.10.201729.10.2017 Task Description

The last version of Flyspray is simply amazing! it works like a charm :)

This is a small bug report in the eventlog page, that shows this message:

Notice: unserialize(): Error at offset 237 of 808 bytes in /home/elivebugs/bugs.elivecd.org/themes/CleanFS/templates/reports.tpl on line 88 Notice: unserialize(): Error at offset 229 of 796 bytes in /home/elivebugs/bugs.elivecd.org/themes/CleanFS/templates/reports.tpl on line 88

There’s a small screenshot: http://main.elivecd.org/ss/display.php?image=e-59f2541a445543.02125094.jpg

Thank you!
Thanatermesis

2451Backend/CoreFeature RequestLowMod: blank Category - user must chose before pressing A...Confirmed
0%
208.12.201714.12.2017 Task Description

Hello Peter,

I am interested in making the following mod:

When posting a new task, category should be blank by default, in order for the user that opens a new task to select that specific category.
If he doesn’t select any task, when pressing Add this task button, FlySpray should display an error message saying that the Category hasn’t been specified.

Do you think this mod can be made with the current version?
If so, do you mind if you help me a bit with the things that need to be modified?

Thanks!

2496EmailBug ReportLowNotification Mail - Link to the task invalid when quick...Waiting on Customer
0%
213.09.201814.09.2018 Task Description

Hello,

I’m having an issue on the notification’s mail sent to people when quick-editing a task, more precisely on the link to the task below.

I had this in my older mails :
mybugtracker.com/js/callbacks/index.php?do=details&task_id=xxxx

I “corrected” it by adding a str_replace here (see my screenshot), and now it’s good.

Thank you

2535Backend/CoreFeature RequestLownew optional Flyspray setting: add new users automatica...New
0%
216.01.201921.01.2019 Task Description

When a Flyspray installation allows user self registration and has public but also more private projects, this feature could make the required configuration more clear:

In this case, keep the number of global user groups as low as possible and the global user group for basic or just registered users has only the ‘can login’ permission and nothing more.
Because that only would be useless for new registered users, adding them also to a basic user group of a public project could be useful.

So my suggestion is:

A new optional global setting: Something like ‘default project user group’ (store 2 values: a project_id and a group_id). Validity of that setting must be checked during any user registration, so that project must exists now and at later time as also that project user group within that project. (’Checks’ of admin prefs)

So it would be like this for a new registered userA:

  1. userA is in a basic default global user group: only login permission to handle his account registration (login, logout, user preferences, password forgotten)
  2. userA is in project X default user group: some basic permissions you want allow for every (new) registered user in project X
  3. project Y: all ‘allow anyone ...’-settings are unchecked, userA not in any user group of project Y

The setting is probably best put below the ‘Default global group for new users’ setting in the global admin prefs tab #userregistration as

Either: A dropdown list with all public projects with an existing user group and dependend on the selection the available basic project groups are loaded by ajax as a select list too.

Or: Only one dropdown list that contains a list of public projects with possible project user groups. Would not require extra ajax calls and is maybe enough because we could exclude project groups that have project manager permission or such configuration nobody would allow new registered users.

no default project user group
public projectA - simple user groupA1
public projectA - simple user groupA2
public projectB - simple user groupB
public projectC - simple user groupC

This idea could be enhanced further (put the new user to multiple public projects when he registers or let user choose from public allowed projects during registration process), but lets start simple.

2536Backend/CoreFeature RequestMediumstore session in Flyspray databaseNew
0%
221.01.201915.03.2019 Task Description

Currently the sessions are stored by the webservers default settings.

Having this sessions under control by Flyspray by storing it in the database has following advantages:

  1. Allows handling of all sessions of a user by Flyspray.
  2. Providing a session management for each user. The user can see on which devices he is currently logged in and could also force a logout on selective devices.
  3. A forced logoff of all or some user sessions is easy implementable for admins.
  4. Statistics about how many users and who is logged in. (user status: hide always, online, offline, do not disturb, ..)
  5. Could make onpage-notifications easier to implement.
  6. .. ?

Disadvantages:

  1. A potential unknown security bug in Flyspray that could lead to reading a session db table could leak informations like who is currently online/active and make further attacks more focused or makes session takeover easier.
  2. .. ?
2589User InterfaceBug ReportLowTime zone in user settings is confusingUnconfirmed
0%
228.12.201928.12.2019 Task Description

Hello,

When registering and when later editing users settings it’s possible to specify “Time zone” but the way it’s implemented is confusing. What I see is a drop-down list with GMT[+-]:digit: and this is an odd way to set the timezone for multiple reasons:

1. “GMT” is a word without universally accepted and defined meaning these days, see https://www.ucolick.org/~sla/leapsecs/timescales.html#GMT ;

2. Often time zone specification needs to include the rules when (if ever) to apply DST and what abbreviation is to be used in different cases. See TZ description on https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap08.html#tag_08_03 .

Taking these two points into account I can’t see how to meaningfully use this feature.

TIA for looking into it.

1820Backend/CoreFeature RequestLowMerge comments, history, and detailsNew
0%
2.0317.01.201325.05.2016 Task Description

Should be more of a link thread of activity rather than segmented

1876Backend/CoreFeature RequestLowAdd wiki page tabPlanned
0%
2.03126.09.201306.03.2015 Task Description

It will quite useful to have wiki page for project.

1720Backend/CoreFeature RequestLowBetter Access Control Lists and User / Group ManagementPlanned
0%
1.1 devel301.05.201220.03.2015 Task Description

We need to have a better way to do user rights, group rights and manage users.

Here is what I am thinking, global administration can go to a ACL tab. Click on it and you have a simple way to add a new user / group. Two tabs on top are User Rights and Group Rights. These are global so each project will inherit the global setting for user / group.

Clicking on User Rights tab will lists users with a table to grant user rights. Specific to that user, it would be the same for group rights tab.

You can also search by a user name. This will make things faster to find that specific user.

1812Backend/CoreFeature RequestLowMultiple email addressesPlanned
20%
1.1 devel317.01.201330.12.2015 Task Description

An account should be able to have multiple email addresses associated with it. For example, my primary email might be jordan@thevelozgroup.com, but I should also be able to log in via jordanmendler@gmail.com or other addresses I add.

1847User InterfaceFeature RequestLowMake default theme responsivePlanned
20%
1.1 devel314.03.201316.10.2015 Task Description

I think it is time to think about an theme optimizied for mobile Devices.

We will not maintain several themes. We will review the current CleanFS theme to make it responsible instead.

1919Backend/CoreBug ReportLowAJAX Quick-Edit on category and task pagesPlanned
70%
1.1 devel3109.07.201407.12.2015 Task Description

Ability to click field to edit ticket

TODO: return handler if request ok or fail.

TODO: also clicks on label should trigger show form.

Maybe the whole “click to active for editing this field” to one click too much.
So if the user has the rights to edit the value the form input or action button should be shown when viewing a task.
All other people just see the value if they have the right to view the value.

1955Backend/CoreTODOLowCodestyleConfirmed
0%
1.1 devel307.03.201509.03.2015 Task Description

So, the new website is now online, the codestyle part is empty and I think we need to speak about them...

I can happily reformat the whole project once we have decided the whole thing. Don't forget, too strict code style leads to code style not being respected, so crap like max line length should be avoided. I personnaly don't know anybody coding from their mobile phones. I sometimes do check some code on it, but long lines never disturbed me as long as the line is not 5k chars long.

I think we should go for a standard one.

Things like:

- Do use brackets even if single lined condition
- Variable names have spaces replaced by the next words first letter in capital, start with a lower case
- Same goes for functions
- Etc etc. Pretty much of PSR-1 maybe 2

What I don't understand is the use of spaces, and I'd be for tabs instead of 4 spaces (some files use 2 spaces, some 3...). Most of the dev tools are by default set to use tabs and not spaces. And be seeing the code now we see that it clearly. So i'd be for reformatting into tabs, the whole, and same time fixing the broken identation in every files.

I could write it down for the website

1956Backend/CoreTODOLowDatesConfirmed
0%
1.1 devel307.03.201509.03.2015 Task Description

Upon my implementation for an easier date selector, I think we should rework it as follow:

  • Drop extended date concept
  • Add a Time format
  • Extended dates field become a concatenation of date format and time format.
    • The above make it easier to select your preferences
  • Rename GMT to UTC
  • Add automatic daylight saving configs
1969User InterfaceFeature RequestLowsearch form with Advanced search toggle layoutNew
60%
1.1 devel312.03.201519.09.2015 Task Description

I think the button advanced search button should not be placed right beside seach input field as full button.

Maybe a small down arrow under the simple search form with a horizontal line and a title tag as tooltip.

Any comments?

1975Backend/CoreFeature RequestLowBatch processing of tasks in tasklistPlanned
50%
1.1 devel3115.03.201513.12.2016 Task Description

E.g. actual version, dueVersion, ...

Edit by peterdd: Topic was discussed earlier on https://github.com/Flyspray/flyspray/issues/130 (edit:It seems Jordan turned “issues” on github.com off in favor of bugs.flyspray.org)

The feature still exists but it is turned off until finished in a secure way. The possibility of sub and parent tasks requires many checks.

1982Backend/CoreBug ReportLowdouble entries in assignees listNew
80%
1.1 devel320.03.201511.02.2016 Task Description

maybe yet fixed in 1.0 dev, but here bugs.flyspray.org my account is shown twice for selection if u edit a task.

Internally in the form also with the same id, so probably not a big problem.

I registered some years ago, maybe this year jordan(?) added me again or with another email adress? Maybe I have two addresses under on account here, which is a feature, not a bug.

But for the assignee list it should “group by user_id”.

2074User InterfaceBug ReportMediumOpening tasks from tasklistNew
0%
1.0318.10.201518.07.2016 Task Description

Removing table on row click made it impossible to open a task’ details if you do not display the task id and summary on the task list, because now those two cells are the only clickable items to open a task, instead of the entire line being the hyperlink

2121Backend/CoreBug ReportMedium'my assigned tasks' uses like %?% search instead of use...Confirmed
90%
1.0319.04.201603.02.2018 Task Description

Problem: https://github.com/Flyspray/flyspray/pull/552

The button ‘My assigned tasks’ should search only by userid, not in username or realname with the LIKE ‘%...%’ operator.

Currently the button is using the same as doing an advanced search filling the ‘Assigned To’ input field. (currently ‘dev’ param) But that search param searches in userid, username and realname.

Edit: Implemented simpler solution: if param is digitsonly, then search by userid, otherwise by username and realname if that param exists.

1236User InterfaceFeature RequestLowMark Issue As Verified or UnverifiableUnconfirmed
0%
3409.04.200718.07.2016 Task Description

Currently, the Vote functionality provides users a way to say "this issue is important to me". In addition to that functionality, it would be great for users to have a "Verify" ability on open issues; it would provide users a way to say "yes, this happens to me as well".

A "Verified" label would fit nicely right under "Votes", to the right of the label would be "Yes | No", each option being a link. After clicking Yes or No, or if unable to specify (lack of permissions), the text would display "Yes - # | No - # (% verification)" where '%' is the result of ((Yes/(Yes+No))*100).

This feature should not show up on all issues, though. It does not make sense to "verify" a feature request or todo item, for example. When defining task types, the administrator would specify if a type was "Verifiable" by checking a box in a column next to "Show".

If implemented, two great, mini extra features would be:

  1. The ability for the administrator to set the number of "Yes" verifications an issue would need before it was elevated to the next priority, severity, or both (specified by the administrator).
  2. The ability for the administrator to set the number of "No" verifications an issue would need before it was lowered to the previous priority, severity, or both (specified by the administrator).

Both settings should have an option to be incremental (priority / status increased every x verifications) or not (increases once, no matter how many verifications are received); an "Incremental" checkbox would do nicely. Also, a little "Enabled" checkbox next to both settings would be clearer than having zero act as the disable mechanism.

As with voting, a permission should exist to enable or disable this option for a user group. For larger projects, moderators tasked with verifying bugs could be given the permission whereas smaller projects may leave verifications up to the community.

Lastly, a way to send a notification once the number of "Yes" verifications reached a certain value would also be a great addition.

1988Installer and UpgraderBug ReportMediumPassword Field for AdminUnconfirmed
50%
302.04.201512.05.2015
2042Backend/CoreBug ReportMediumfunction absoluteURI not using basedir and force_basedi...Unconfirmed
0%
3104.09.201501.10.2015
2096Backend/CoreFeature RequestVery LowAdd an option to force httpsMaybe
0%
316.01.201617.01.2016
2108User InterfaceFeature RequestMediumSupport local language when install FlysprayConfirmed
30%
3103.03.201615.07.2016
2134Backend/CoreBug ReportHighCannot assign a task to other projectPlanned
0%
3207.06.201617.02.2019
2136User InterfaceBug ReportMediumAfter updating user properties as admin - return to wro...Confirmed
0%
308.06.201623.07.2016
2202Installer and UpgraderBug ReportHighUnable to upgradeUnconfirmed
0%
310.09.201611.10.2016
2222GreekInformationVery LowGreek translation issuesUnconfirmed
0%
324.10.201624.10.2016
2225GreekBug ReportVery LowGreek uses slash for datesConfirmed
20%
324.10.201622.11.2016
2309User InterfaceBug ReportLowPHP noticed displayed on default "All Projects" page.Unconfirmed
0%
302.11.201626.11.2016
2318Installer and UpgraderBug ReportLowsyntax_plugin required when selected ckeditor in SetupRequires testing
50%
323.11.201607.12.2016
2325User InterfaceFeature RequestLowbig image attachments: fit to browser window width in L...New
0%
310.01.201711.01.2017
2327Backend/CoreFeature RequestLowvisibility-option for private tasksUnconfirmed
0%
315.01.201717.01.2017
2333Backend/CoreInformationLowSet Default View on Login?Unconfirmed
0%
326.01.201727.01.2017
2520NotificationsFeature RequestLowSend a notification for a new task in slack integration...Unconfirmed
0%
324.10.201819.03.2019
2545User InterfaceInformationLowCan't delete system wide 'Task Statuses'Unconfirmed
0%
320.04.201905.05.2019
2551AuthenticationInformationLowLDAP/AD integrationUnconfirmed
0%
315.05.201904.09.2019
2582Backend/CoreInformationLowHow to reach internal windows share (was: Internal URL)Unconfirmed
0%
304.11.201905.11.2019
1237Backend/CoreFeature RequestMediumAllow Multiple Owners Per CategoryPlanned
0%
2.04709.04.200710.08.2015
1811Backend/CoreFeature RequestLowGoogle Docs/Dropbox IntegrationNew
0%
2.0417.01.201313.03.2015
1671Database QueriesFeature RequestLowAbility to extract CSV, or ExcelPlanned
50%
1.1 devel4318.12.201008.10.2017
1753Backend/CoreFeature RequestMediumUsergroup Restriction: Only View SummaryConfirmed
0%
1.1 devel4220.06.201227.06.2016
1861Backend/CoreBug ReportMediumLogin-Page should redirect after login to the page, the...Confirmed
30%
1.1 devel4112.04.201309.07.2018
1967User InterfaceBug ReportLowKeep browser scroll position when sorting task listNew
20%
1.1 devel412.03.201519.09.2015
1972User InterfaceFeature RequestLowAdvanced search form - ideas for faster/better usabilit...New
0%
1.1 devel412.03.201518.03.2019
Showing tasks 201 - 250 of 306 Page 5 of 7

Available keyboard shortcuts

Tasklist

Task Details

Task Editing