Flyspray

This is the Bug Tracking System for the Flyspray project. This is not a demo!

2021-04-23: Flyspray 1.0-rc10 released See https://github.com/Flyspray/flyspray/releases

If you are upgrading from older version, please wait for 1.0-rc11.

2021-11-23: New user registration and password forgotten currently not working on bugs.flyspray.org due email server problems. peterdd

ID Category Task Type Severity Summary Status Progress Assigned To Due In Version Opened Last Edited  desc
2671Text RenderingBug ReportLowgeshi xmlNew
0%
09.11.202209.11.2022 Task Description

geshi dokuwiki does not render properly simple code tag as xml.

just code:

<sql>ALTER TABLE</sql>

as code xml:

ALTER TABLE

as code html:

<sql>ALTER TABLE</sql>
2670Installer and UpgraderTODOHighUpgrader should fix charset and collation if necessaryNew
0%
09.11.202209.11.2022 Task Description

Even if ADOdb xmlschema03 does not support setting charset and collation of table fields yet, this must be handled by the upgrading process.

So this must be either done by php install and upgrade functions or

<sql>ALTER TABLE ...
</sql>

section in the install and upgrade.xml

2660Backend/CoreBug ReportLowmention an user with "_" does not work: @user_testConfirmed
30%
peterdd1.0-rc11829.10.202208.11.2022 Task Description

@peterdd: It is not possible to tag the user, for example, @user_test.

It is stopped before “_”.

change by @peterdd: quickfix is now in master branch

2668Backend/CoreBug ReportHighCKeditor update (CVEs)Unconfirmed
10%
peterdd1.0-rc11202.11.202208.11.2022 Task Description

It is possible to update CKeditor?

Currently it is 4.16:
- https://github.com/Flyspray/flyspray/blob/master/js/ckeditor/CHANGES.md

Vulnerabilities / CVEs:
- https://www.cvedetails.com/vulnerability-list/vendor_id-12058/Ckeditor.html

There are at this time:
- 4.20: https://github.com/ckeditor/ckeditor4/tags
- 35.2.1: https://github.com/ckeditor/ckeditor5/tags

2669Database QueriesBug ReportLowuser and registrations tables: Illegal mix of collation...New
50%
peterdd1.0-rc11107.11.202208.11.2022 Task Description

The ajax call to check if a username is taken fails currently on https://bugs.flyspray.org when trying to fill the user registration form.
(beside the fact the registration confirmation loop is not working as mail server not correct configured)

Query {
    SELECT count(u.user_name) AS anz_u_user, count(r.user_name) AS anz_r_user
    FROM `flyspray_users` u
    LEFT JOIN `flyspray_registrations` r ON u.user_name = r.user_name
    WHERE LOWER(u.user_name) = ? OR LOWER(r.user_name) = ?}
 failed! (Illegal mix of collations (utf8_general_ci,IMPLICIT) and (utf8_unicode_ci,IMPLICIT) for operation &#039;=&#039;

Inconsistency probably due misconfiguration due manual upgrade + manual changes to the database.

Affected: maybe only https://bugs.flyspray.org

I fixed it on bugs.flyspray.org by running SQL commands:

ALTER TABLE flyspray_registrations CONVERT TO CHARACTER SET utf8mb4;

and

ALTER TABLE flyspray_users CONVERT TO CHARACTER SET utf8mb4;

Both now using the servers default collation, so they can be joined again by boths user_name field.

This can be seen as just a quickfix.

Why this happened at all?

I can only speculate about this as I can do some administration only since 2021.

I assume the defaults of mysql tables charsets and collation changed with mysql/mariadb versions and the upgrade scripts does not explicit handle that.

So lets say first it was utf8 and utf8_general_ci,
then utf8 and utf8_unicode_ci
and then utf8mb4 and utf8mb4_unicode_ci.

And when upgrading Flyspray and new tables where created they use the servers new default charset and collation while the older tables and varchar fields keep their old charset and collation which leads to inconsistencies.

And then there where probably manual interventions by admins (from 2003-2021?) who fixed/changed charset/collation on certain tables and fields manually by running SQL commands.

How it should be fixed

The Flyspray install and upgrade scripts and xmlschema03 files should contain information and settings for charset and collation for the table fields and upgrade scripts and should convert wrong charset and collation fields during an upgrade if they are wrong in the database.

Sadly ADOdb’s xmlschema03 lacks configuring and handling yet, so this must be done by the upgrade PHP scripts after running xmlschema03 xml files.

How it will be handled meanwhile

Extending Admin Toolbox→Checks sections to compare the current database with the intended configuration.

So admins can fix tables and field charset and collation where required.

Such inconsistency could be detected by admin checks - tab.

I would like to see that field users.user_name and registrations.user_name just be ascii (in mysql) and only accepts allowed username characters.

2661Backend/CoreBug ReportMediumhttp(s) links are broken with ";" in emailUnconfirmed
0%
329.10.202207.11.2022 Task Description

@peterdd: Links are broken in the received emails:
- https://example.tld/?p=blablabla.test;a=test

In the Flyspray, it works, you can see here.

2659Backend/CoreFeature RequestLow/task/NUMBER links have been removedConfirmed
0%
125.10.202206.11.2022 Task Description

Hello all, Flyspray team,

I see that now /task/NUMBER links have been removed.

Here it works (for example) : https://bugs.archlinux.org/task/1.

Currently it is (for example) : https://bugs.flyspray.org/index.php?do=details&task_id=1

Can you readd this feature?

Thanks in advance.

Regards.

2662Backend/CoreInformationMediumA lot of users have been created by bots and create com...Feedback
0%
129.10.202206.11.2022 Task Description

A lot of users have been created by bots and create comments…

What are the solution to secure registration…

2663Backend/CoreTODOVery LowImpossible to modify a personal ticketUnconfirmed
0%
201.11.202206.11.2022 Task Description

@peterdd: Modify a personal ticket is not enabled in this bugtracker.

Can you solve it?

Thanks in advance.

2664Backend/CoreBug ReportLow"(" or ")" in a link does not workUnconfirmed
0%
201.11.202206.11.2022 Task Description

“(” or “)” in a link does not work, example:
- https://example.net/test(test).html

Source:

https://example.net/test(test).html 
2665Backend/CoreBug ReportMediumhttp(s) link text has not "http" or "https" in received...Unconfirmed
0%
101.11.202206.11.2022 Task Description

@peterdd: There is a problem, in received email, link texts are cutted.

Example:

https://example.tld/test

becomes in email

example.tld/test
2666Backend/CoreBug ReportLowTag user with ID numberUnconfirmed
0%
01.11.202206.11.2022 Task Description

@peterdd: It is not possible to tag user with ID number?

You can see a lot of problems with tag here:
- https://bugs.flyspray.org/index.php?do=details&task_id=2660

2667Backend/CoreBug ReportLowWhen we search, ticket links are big...Maybe
0%
101.11.202206.11.2022 Task Description

When we search, ticket links are big…

Example with this search:
-

https://bugs.flyspray.org/index.php?do=tasklist&project=0&string=&search_name=&type%5B0%5D=&sev%5B0%5D=&pri%5B0%5D=&due%5B0%5D=&reported%5B0%5D=&cat%5B0%5D=&status%5B0%5D=&percent%5B0%5D=&opened=Neustradamus&dev=&closed=&duedatefrom=&duedateto=&changedfrom=&changedto=&openedfrom=&openedto=&closedfrom=&closedto=&order=id&sort=desc

Look ticket links, example:
- 2666:

https://bugs.flyspray.org/index.php?do=details&task_id=2666&string=&search_name=&type%5B0%5D=&sev%5B0%5D=&pri%5B0%5D=&due%5B0%5D=&reported%5B0%5D=&cat%5B0%5D=&status%5B0%5D=&percent%5B0%5D=&opened=Neustradamus&dev=&closed=&duedatefrom=&duedateto=&changedfrom=&changedto=&openedfrom=&openedto=&closedfrom=&closedto=&order=id&sort=desc 

It is possible to keep in ticket result link only “https://bugs.flyspray.org/index.php?do=details&task_id=2666” or the best “https://bugs.flyspray.org/task/2666“.

Linked to:
- /task/number: https://bugs.flyspray.org/index.php?do=details&task_id=2659

Thanks in advance.

2626Backend/CoreBug ReportCriticalCreate a new build, last stable is 0.9.9.7 (2012-05-28)...Unconfirmed
0%
727.02.202107.10.2022 Task Description

The last build is very old, it is possible to create a new build?
- The last RC: 2 years soon
- The last stable: 9 years soon

GitHub Releases section:
- https://github.com/Flyspray/flyspray/releases

Latest release
v1.0-rc9
136c339

Flyspray 1.0-rc9

@peterdd peterdd released this Apr 22, 2019

Stable: http://www.flyspray.org/docs/download/

Flyspray 0.9.9.7 - 28 May 2012
2609User InterfaceFeature RequestLowAdd an Effort Description fieldPlanned
50%
1.0-rc115107.05.202001.04.2022 Task Description

It would be nice to have a description field to put a brief note about the work done for a given effort item. This would help when using effort tracking for the purpose of making invoices to a client.

2656Backend/CoreFeature RequestLowkeep link parameters for new task if not yet logged inNew
0%
24.11.202124.11.2021 Task Description

When there is a link to the new task action from another site to a Flyspray installation and the user is not yet logged in, there is a redirect to the Flyspray start page losing the GET parameters.

Example:

https://bugs.flyspray.org/index.php?do=newtask&project=1&item_summary=blablabla%product_category=1

Or short example (nicer urls using .htaccess rules)

https://bugs.flyspray.org.de/newtask/proj1?item_summary=blablabla&product_category=1

After login the user should see the form with the original link parameters (if the user is allowed to and parameters are valid)

Currently the user must navigate to the correct project (if there are several) and the parameters from the origin link are lost.

2657EmailBug ReportCriticalcurrently new registration emails are not received by u...Assigned
0%
Floelejudas_iscariote24.11.202124.11.2021 Task Description

Regardless if a gmail.com or other address (tested with my gmail and also other email address)

So this is probably a mail server problem. I try to reach server admin.

I can see my “unfinished registrations” tests in the admin→checks area, but received no emails (waited and checking spam folders too)

2654Backend/CoreTODOMediumPHP8.1 compatibilityNew
0%
19.10.202119.10.2021 Task Description

[ ] ADOdb xmlschema03 issues
[ ] other warnings/notices

2649Installer and UpgraderFeature RequestLowDocker Container: is there a way to hook into the setup...Unconfirmed
0%
1011.08.202127.08.2021 Task Description

Hi, in my free time of the last few days I begun developping a Docker container: https://github.com/blu-base/flyspray-docker. I derived it from a nextcloud docker container… For now, I limited my focus on an apache/debian buster container. I’d be happy to contribute the project to the official placeholder when it is ready.

Anyhow, in the entrypoint script, I use some environment variables to create the flyspray.conf.php from scratch. and would now need to populate the database. I understand i have to use the respective xml scheme as the setup/index.php does.


I am not experienced with php and database applications and would like to ask you for advice how to proceed efficiently.

Since the current setup is indented to be interactive in the browser, i would need to use a cli tool or a purposely-build php script to do the same task on the command line/on container startup. But this seems to me this would be code duplication and introduce more maintenance work.

  • Is it possible to hook into only some of the functions of the setup/index.php?
  • What could be the next best approach to populate the db on first start?
  • Would it be a viable solution in trying to further modularize the setup - allowing to run parts on cli, like nextcloud’s occ tool?
2620Backend/CoreTODOMediumPHP8 compatibilityNew
50%
peterdd226.11.202017.08.2021 Task Description

PHP 8.0 is now released (2020-11-26) and Flyspray should be made compatible with it.

  • Replace removed and deprecated functions with alternatives in our source code.
  • Upgrade used libraries or make used libraries compatible:
    • post github issue or pull requests for ADODB
    • upgrade used dokuwiki or make changes in our integration (probably just review our as official dokuwiki project contains too much stuff we do not need and changed much)
    • review used geshi
    • upgrade our swiftmailer version to PHP8 compatible version
    • upgrade our oauth2-client stuff to PHP8 compatible version
  • The @ operator no longer silences fatal errors. Some checks in installer or other areas might not work anymore as expected when the @-operator was used as silencer for previous PHP versions.
2650NotificationsFeature RequestLownotification content or fields dependent of user permis...New
0%
113.08.202113.08.2021 Task Description

From mailing list:

Hello,

I could not find if this was already posted before. We have this basic profile where customers only can create new tasks and receive some notifications when the status or details change. The idea is that they do not see the comments, we want to use them for internal communication.
The think is that we just realized that they can not see the comments when they login but they receive them as notifications by email!

We want this notification for the admin users involved in the task but not for the customers. Is there a way to correct this behavior?

Thanks,
Manu

2636Installer and UpgraderBug ReportHighFailure to upgrade 1.0-rc9 to 1.0-rc10 (mariadb 10.4.18...Assigned
50%
peterdd1.0-rc11729.04.202123.07.2021 Task Description

I administer a moderate-sized (~14K ticket) 1.0-rc9 instance running on a Fedora 32 host (php 7.4.16, mariadb 10.4.18) Following the upgrade instructions (ie transfer attachments, avatars, flyspray.conf.php) the setup/upgrade tool loads, and prompts me to upgrade.

It churns a while before refreshing the screen, claiming a successful 1.0-rc10 upgrade. However, the upgrade seems to not actually “stick”, because clicking on the “return” button I’m dropped back into the upgrader, which is once again claiming I’m running 1.0-rc9 and prompting me to perform the -rc10 upgrade.

According to Flyspray’s admin ‘checks’ tab:

* PHP 7.4.16
* MariaDB 10.4.18
* default_charset: utf8mb4
* default_collation: utf8mb4_unicode_ci
* All tables are ‘InnoDB’

There are no errors logged that I can find, but the upgrade is clearly not working. If I revert to the -rc9 php files, everything continues along as if nothing was done.

Any suggestions?

2644Backend/CoreFeature RequestMediummark specific task as spam and punish user account who ...New
0%
08.07.202108.07.2021 Task Description

For users with administrative permissions, a moderation UI for spam tasks could be useful.

For other normal users a “mark as spam”-button (similiar to voting for a task) could help moderators to identify spam tasks.

  1. Modify the spam task: Move to a hidden “Trash” project, replace summary and description with a default spam summary text end empty description.
  2. The decision which kind of punishment of the account who created the spam depends on several things:
    • Is it a previously normal used account who got captured by a bad guy and suddenly started spamming?
    • Is it a fresh bot created account who tried creating many spam task to promote bad websites or do search ranking manipulation?
    • Is it a sneaky smart account who waits for the opportunity to offload spam in a subtile manner?

I think this is not so easy to automate without producing false positives, especially for a project without commercial interest and funding and no huge meta informations like Google or similiar data collecting corporation who have the ability to identify spam waves across the internet.

2643Backend/CoreInformationLowUnable to delete a wrong TaskUnconfirmed
0%
407.07.202108.07.2021 Task Description

Today I received a Spam into my Flyspray, I wanted to ban the user and to delete the task, to my surprise I didn’t see an option to -delete- a created task, so I don’t want to keep this spammy content into my DB or even worse, publically viewable to other users / or google (which will impact in seo and also make their spamming successful forever), I just wanted to simply remove the task entirely from the DB

So my only option was to restore the 2-days before database backup in order to remove it, then I upgraded to the last git checkout but I didn’t see that option existing

I think flyspray needs to have that option included

Thank you

2639JavascriptBug ReportMediumUnable to "deny" a pending requestResearching
0%
peterdd712.05.202113.06.2021 Task Description

My project has 37 pending requests. Each has a set of Accept / Deny buttons next to it.

If I click on Deny, a textbox pops up for me to enter “Reason for denial” but the entire page immediately regreshes/reloads back to the task list before I have a chance to enter the reason and submit it.

I can always “Accept” the request implicitly by going to the appropriate task and closing/re-opening it, but there’s no way to “deny” something without going through this UI path.

2012Backend/CoreFeature RequestMediumManaging TagsPlanned
70%
1.1 devel818.07.201505.05.2021
2637Installer and UpgraderBug ReportHighFailure to upgrade 1.0-rc9 to 1.0-rc10 (postgresql 12.6...Assigned
50%
peterdd1.0-rc11729.04.202105.05.2021
2635User InterfaceFeature RequestMediumimprove usability of add/remove tags to/from tasksPlanned
70%
1.013.04.202123.04.2021
1737JavascriptTODOLowJavascript OverhaulNew
10%
1.1 devel6125.05.201217.04.2021
2108User InterfaceFeature RequestMediumSupport local language when install FlysprayConfirmed
30%
3103.03.201617.04.2021
2221Installer and UpgraderInformationLowNotices on install with PHP7New
50%
1.0124.10.201617.04.2021
2598User InterfaceBug ReportLowuser registration in admin area: "username taken" but t...Assigned
0%
peterdd1.0320.03.202014.04.2021
2599Backend/CoreInformationLowadd post request on new task creationUnconfirmed
0%
30.03.202012.04.2021
2078User InterfaceBug ReportMediumlayout of requested close on small displaysConfirmed
50%
1.0126.10.201512.04.2021
2044Database QueriesBug ReportHighNeed set_charset for DB connect in config fileConfirmed
10%
1.020204.09.201509.04.2021
2198User InterfaceBug ReportLowMulti-Select from tasklist offers options to those who ...Unconfirmed
0%
1122.08.201607.04.2021
1834Backend/CoreFeature RequestLowuser profile pageMaybe
80%
2.0125.02.201307.04.2021
920User InterfaceFeature RequestLowCharts (gantt, severities, OSes, opened-closed, ...)Researching
10%
2.017906.05.200607.04.2021
2581User InterfaceFeature RequestLowreplace bitmap icons of default themeNew
20%
31.10.201905.04.2021
2063Backend/CoreFeature RequestVery Lowshow closed/open usage count on do=pm&area=XXXNew
10%
peterdd129.09.201525.03.2021
2336Backend/CoreBug ReportLowCaptcha validation always fail on registrationUnconfirmed
0%
1401.02.201715.03.2021
2623EmailBug ReportMediumCompletely unexpected exception on email errorsUnconfirmed
0%
01.02.202115.03.2021
2627Backend/CoreBug ReportLowcheckLogin: Trying to access array offset on value of t...Unconfirmed
0%
509.03.202111.03.2021
2629Backend/CoreBug ReportLowactivating history tab sends same request 2 timesNew
0%
11.03.202111.03.2021
2308User InterfaceFeature RequestLowimprove user management for adminsNew
30%
227.10.201610.02.2021
2625User InterfaceTODOLowavoid password manager popups in admin prefs areaNew
0%
peterdd110.02.202110.02.2021
2588Backend/CoreBug ReportLowps_files_cleanup_dir: opendir(/tmp/.priv) failed: Permi...Unconfirmed
0%
218.12.201905.02.2021
2068Backend/CoreInformationLowDeprecated: mysql_connect(): The mysql extension is dep...Unconfirmed
0%
810.10.201528.09.2020
2617Backend/CoreFeature RequestLowPreview button not at the good placeMaybe
0%
226.09.202026.09.2020
2601Public RelationsFeature RequestMediumhttp -> https missing redirection (19-04-09)Assigned
10%
Floelejudas_iscariote321.04.202025.09.2020
Showing tasks 1 - 50 of 326 Page 1 of 7

Available keyboard shortcuts

Tasklist

Task Details

Task Editing