diff options
| -rw-r--r-- | Bugzilla/Chart.pm | 2 | ||||
| -rw-r--r-- | Bugzilla/Constants.pm | 2 | ||||
| -rw-r--r-- | Bugzilla/DB.pm | 14 | ||||
| -rw-r--r-- | Bugzilla/DB/Oracle.pm | 4 | ||||
| -rw-r--r-- | Bugzilla/DB/Pg.pm | 34 | ||||
| -rw-r--r-- | Bugzilla/DB/Schema.pm | 5 | ||||
| -rw-r--r-- | Bugzilla/DB/Schema/Oracle.pm | 65 | ||||
| -rw-r--r-- | Bugzilla/DB/Schema/Pg.pm | 25 | ||||
| -rw-r--r-- | Bugzilla/Field.pm | 6 | ||||
| -rw-r--r-- | Bugzilla/Install/DB.pm | 38 | ||||
| -rw-r--r-- | Bugzilla/Search/Recent.pm | 14 | ||||
| -rw-r--r-- | Bugzilla/User.pm | 37 | ||||
| -rw-r--r-- | Bugzilla/WebService/Constants.pm | 1 | ||||
| -rw-r--r-- | Bugzilla/WebService/User.pm | 26 | ||||
| -rwxr-xr-x | createaccount.cgi | 32 | ||||
| -rw-r--r-- | docs/en/xml/Bugzilla-Guide.xml | 4 | ||||
| -rw-r--r-- | js/field.js | 2 | ||||
| -rwxr-xr-x | report.cgi | 4 | ||||
| -rw-r--r-- | template/en/default/pages/release-notes.html.tmpl | 3972 | ||||
| -rw-r--r-- | template/en/default/pages/release-notes3.html.tmpl | 3483 | ||||
| -rw-r--r-- | template/en/default/setup/strings.txt.pl | 2 | ||||
| -rwxr-xr-x | token.cgi | 2 |
22 files changed, 4262 insertions, 3512 deletions
diff --git a/Bugzilla/Chart.pm b/Bugzilla/Chart.pm index 760db135d..dfbf32a51 100644 --- a/Bugzilla/Chart.pm +++ b/Bugzilla/Chart.pm @@ -438,7 +438,7 @@ sub dump { require Data::Dumper; print "<pre>Bugzilla::Chart object:\n"; - print Data::Dumper::Dumper($self); + print html_quote(Data::Dumper::Dumper($self)); print "</pre>"; } diff --git a/Bugzilla/Constants.pm b/Bugzilla/Constants.pm index 43b36547f..5f5489aea 100644 --- a/Bugzilla/Constants.pm +++ b/Bugzilla/Constants.pm @@ -202,7 +202,7 @@ use Memoize; # CONSTANTS # # Bugzilla version -use constant BUGZILLA_VERSION => "4.1.3+"; +use constant BUGZILLA_VERSION => "4.2rc1+"; # Location of the remote and local XML files to track new releases. use constant REMOTE_FILE => 'http://updates.bugzilla.org/bugzilla-update.xml'; diff --git a/Bugzilla/DB.pm b/Bugzilla/DB.pm index 083a1c208..0c841632f 100644 --- a/Bugzilla/DB.pm +++ b/Bugzilla/DB.pm @@ -548,7 +548,7 @@ sub bz_setup_foreign_keys { # prior to 4.2, and also to handle problems caused # by enabling an extension pre-4.2, disabling it for # the 4.2 upgrade, and then re-enabling it later. - if (!$fk) { + unless ($fk && $fk->{created}) { my $standard_def = $self->_bz_schema->get_column_abstract($table, $column); if (exists $standard_def->{REFERENCES}) { @@ -1058,6 +1058,18 @@ sub bz_rename_table { my $new = $self->bz_table_info($new_name); ThrowCodeError('db_rename_conflict', { old => $old_name, new => $new_name }) if $new; + + # FKs will all have the wrong names unless we drop and then let them + # be re-created later. Under normal circumstances, checksetup.pl will + # automatically re-create these dropped FKs at the end of its DB upgrade + # run, so we don't need to re-create them in this method. + my @columns = $self->bz_table_columns($old_name); + foreach my $column (@columns) { + # these just return silently if there's no FK to drop + $self->bz_drop_fk($old_name, $column); + $self->bz_drop_related_fks($old_name, $column); + } + my @sql = $self->_bz_real_schema->get_rename_table_sql($old_name, $new_name); print get_text('install_table_rename', { old => $old_name, new => $new_name }) . "\n" diff --git a/Bugzilla/DB/Oracle.pm b/Bugzilla/DB/Oracle.pm index 711b84141..2cbd19a82 100644 --- a/Bugzilla/DB/Oracle.pm +++ b/Bugzilla/DB/Oracle.pm @@ -648,6 +648,10 @@ sub bz_setup_database { my $fk_name = $self->_bz_schema->_get_fk_name($table, $column, $references); + # bz_rename_table didn't rename the trigger correctly. + if ($table eq 'bug_tag' && $to_table eq 'tags') { + $to_table = 'tag'; + } if ( $update =~ /CASCADE/i ){ my $trigger_name = uc($fk_name . "_UC"); my $exist_trigger = $self->selectcol_arrayref( diff --git a/Bugzilla/DB/Pg.pm b/Bugzilla/DB/Pg.pm index e59a638a4..b6be64011 100644 --- a/Bugzilla/DB/Pg.pm +++ b/Bugzilla/DB/Pg.pm @@ -282,14 +282,18 @@ END $self->bz_add_index('products', 'products_name_lower_idx', {FIELDS => ['LOWER(name)'], TYPE => 'UNIQUE'}); - # bz_rename_column didn't correctly rename the sequence. - if ($self->bz_column_info('fielddefs', 'id') - && $self->bz_sequence_exists('fielddefs_fieldid_seq')) - { - print "Fixing fielddefs_fieldid_seq sequence...\n"; - $self->do("ALTER TABLE fielddefs_fieldid_seq RENAME TO fielddefs_id_seq"); - $self->do("ALTER TABLE fielddefs ALTER COLUMN id - SET DEFAULT NEXTVAL('fielddefs_id_seq')"); + # bz_rename_column and bz_rename_table didn't correctly rename + # the sequence. + $self->_fix_bad_sequence('fielddefs', 'id', 'fielddefs_fieldid_seq', 'fielddefs_id_seq'); + # If the 'tags' table still exists, then bz_rename_table() + # will fix the sequence for us. + if (!$self->bz_table_info('tags')) { + my $res = $self->_fix_bad_sequence('tag', 'id', 'tags_id_seq', 'tag_id_seq'); + # If $res is true, then the sequence has been renamed, meaning that + # the primary key must be renamed too. + if ($res) { + $self->do('ALTER INDEX tags_pkey RENAME TO tag_pkey'); + } } # Certain sequences got upgraded before we required Pg 8.3, and @@ -320,6 +324,20 @@ END } } +sub _fix_bad_sequence { + my ($self, $table, $column, $old_seq, $new_seq) = @_; + if ($self->bz_column_info($table, $column) + && $self->bz_sequence_exists($old_seq)) + { + print "Fixing $old_seq sequence...\n"; + $self->do("ALTER SEQUENCE $old_seq RENAME TO $new_seq"); + $self->do("ALTER TABLE $table ALTER COLUMN $column + SET DEFAULT NEXTVAL('$new_seq')"); + return 1; + } + return 0; +} + # Renames things that differ only in case. sub _fix_case_differences { my ($table, $field) = @_; diff --git a/Bugzilla/DB/Schema.pm b/Bugzilla/DB/Schema.pm index 6d9a33ef7..7b7e4ffb6 100644 --- a/Bugzilla/DB/Schema.pm +++ b/Bugzilla/DB/Schema.pm @@ -255,7 +255,8 @@ use constant ABSTRACT_SCHEMA => { assigned_to => {TYPE => 'INT3', NOTNULL => 1, REFERENCES => {TABLE => 'profiles', COLUMN => 'userid'}}, - bug_file_loc => {TYPE => 'MEDIUMTEXT'}, + bug_file_loc => {TYPE => 'MEDIUMTEXT', + NOTNULL => 1, DEFAULT => "''"}, bug_severity => {TYPE => 'varchar(64)', NOTNULL => 1}, bug_status => {TYPE => 'varchar(64)', NOTNULL => 1}, creation_ts => {TYPE => 'DATETIME'}, @@ -501,7 +502,7 @@ use constant ABSTRACT_SCHEMA => { COLUMN => 'bug_id', DELETE => 'CASCADE'}}, value => {TYPE => 'varchar(255)', NOTNULL => 1}, - class => {TYPE => 'varchar(255)', NOTNULL => 1}, + class => {TYPE => 'varchar(255)', NOTNULL => 1, DEFAULT => "''"}, ], INDEXES => [ bug_see_also_bug_id_idx => {FIELDS => [qw(bug_id value)], diff --git a/Bugzilla/DB/Schema/Oracle.pm b/Bugzilla/DB/Schema/Oracle.pm index 6011cecfc..cdc39409d 100644 --- a/Bugzilla/DB/Schema/Oracle.pm +++ b/Bugzilla/DB/Schema/Oracle.pm @@ -351,17 +351,10 @@ sub get_rename_column_ddl { my $def = $self->get_column_abstract($table, $old_name); if ($def->{TYPE} =~ /SERIAL/i) { # We have to rename the series also, and fix the default of the series. - push(@sql, "RENAME ${table}_${old_name}_SEQ TO - ${table}_${new_name}_seq"); - my $serial_sql = - "CREATE OR REPLACE TRIGGER ${table}_${new_name}_TR " - . " BEFORE INSERT ON ${table} " - . " FOR EACH ROW " - . " BEGIN " - . " SELECT ${table}_${new_name}_SEQ.NEXTVAL " - . " INTO :NEW.${new_name} FROM DUAL; " - . " END;"; - push(@sql, $serial_sql); + my $old_seq = "${table}_${old_name}_SEQ"; + my $new_seq = "${table}_${new_name}_SEQ"; + push(@sql, "RENAME $old_seq TO $new_seq"); + push(@sql, $self->_get_create_trigger_ddl($table, $new_name, $new_seq)); push(@sql, "DROP TRIGGER ${table}_${old_name}_TR"); } if ($def->{TYPE} =~ /varchar|text/i && $def->{NOTNULL} ) { @@ -371,6 +364,35 @@ sub get_rename_column_ddl { return @sql; } +sub get_rename_table_sql { + my ($self, $old_name, $new_name) = @_; + if (lc($old_name) eq lc($new_name)) { + # if the only change is a case change, return an empty list. + return (); + } + + my @sql = ("ALTER TABLE $old_name RENAME TO $new_name"); + my @columns = $self->get_table_columns($old_name); + foreach my $column (@columns) { + my $def = $self->get_column_abstract($old_name, $column); + if ($def->{TYPE} =~ /SERIAL/i) { + # If there's a SERIAL column on this table, we also need + # to rename the sequence. + my $old_seq = "${old_name}_${column}_SEQ"; + my $new_seq = "${new_name}_${column}_SEQ"; + push(@sql, "RENAME $old_seq TO $new_seq"); + push(@sql, $self->_get_create_trigger_ddl($new_name, $column, $new_seq)); + push(@sql, "DROP TRIGGER ${old_name}_${column}_TR"); + } + if ($def->{TYPE} =~ /varchar|text/i && $def->{NOTNULL}) { + push(@sql, _get_notnull_trigger_ddl($new_name, $column)); + push(@sql, "DROP TRIGGER ${$old_name}_${column}"); + } + } + + return @sql; +} + sub _get_notnull_trigger_ddl { my ($table, $column) = @_; @@ -398,19 +420,24 @@ sub _get_create_seq_ddl { . " NOMAXVALUE " . " NOCYCLE " . " NOCACHE"; - my $serial_sql = "CREATE OR REPLACE TRIGGER ${table}_${column}_TR " - . " BEFORE INSERT ON ${table} " - . " FOR EACH ROW " - . " BEGIN " - . " SELECT ${seq_name}.NEXTVAL " - . " INTO :NEW.${column} FROM DUAL; " - . " END;"; push (@ddl, $seq_sql); - push (@ddl, $serial_sql); + push(@ddl, $self->_get_create_trigger_ddl($table, $column, $seq_name)); return @ddl; } +sub _get_create_trigger_ddl { + my ($self, $table, $column, $seq_name) = @_; + my $serial_sql = "CREATE OR REPLACE TRIGGER ${table}_${column}_TR " + . " BEFORE INSERT ON $table " + . " FOR EACH ROW " + . " BEGIN " + . " SELECT ${seq_name}.NEXTVAL " + . " INTO :NEW.$column FROM DUAL; " + . " END;"; + return $serial_sql; +} + sub get_set_serial_sql { my ($self, $table, $column, $value) = @_; my @sql; diff --git a/Bugzilla/DB/Schema/Pg.pm b/Bugzilla/DB/Schema/Pg.pm index 517837dcc..ef6e5671d 100644 --- a/Bugzilla/DB/Schema/Pg.pm +++ b/Bugzilla/DB/Schema/Pg.pm @@ -114,7 +114,30 @@ sub get_rename_table_sql { # is case-insensitive and will return an error about a duplicate name return (); } - return ("ALTER TABLE $old_name RENAME TO $new_name"); + + my @sql = ("ALTER TABLE $old_name RENAME TO $new_name"); + + # If there's a SERIAL column on this table, we also need to rename the + # sequence. + # If there is a PRIMARY KEY, we need to rename it too. + my @columns = $self->get_table_columns($old_name); + foreach my $column (@columns) { + my $def = $self->get_column_abstract($old_name, $column); + if ($def->{TYPE} =~ /SERIAL/i) { + my $old_seq = "${old_name}_${column}_seq"; + my $new_seq = "${new_name}_${column}_seq"; + push(@sql, "ALTER SEQUENCE $old_seq RENAME TO $new_seq"); + push(@sql, "ALTER TABLE $new_name ALTER COLUMN $column + SET DEFAULT NEXTVAL('$new_seq')"); + } + if ($def->{PRIMARYKEY}) { + my $old_pk = "${old_name}_pkey"; + my $new_pk = "${new_name}_pkey"; + push(@sql, "ALTER INDEX $old_pk RENAME to $new_pk"); + } + } + + return @sql; } sub get_set_serial_sql { diff --git a/Bugzilla/Field.pm b/Bugzilla/Field.pm index e47e92231..5442c6401 100644 --- a/Bugzilla/Field.pm +++ b/Bugzilla/Field.pm @@ -154,10 +154,12 @@ use constant UPDATE_COLUMNS => qw( use constant SQL_DEFINITIONS => { # Using commas because these are constants and they shouldn't # be auto-quoted by the "=>" operator. - FIELD_TYPE_FREETEXT, { TYPE => 'varchar(255)' }, + FIELD_TYPE_FREETEXT, { TYPE => 'varchar(255)', + NOTNULL => 1, DEFAULT => "''"}, FIELD_TYPE_SINGLE_SELECT, { TYPE => 'varchar(64)', NOTNULL => 1, DEFAULT => "'---'" }, - FIELD_TYPE_TEXTAREA, { TYPE => 'MEDIUMTEXT' }, + FIELD_TYPE_TEXTAREA, { TYPE => 'MEDIUMTEXT', + NOTNULL => 1, DEFAULT => "''"}, FIELD_TYPE_DATETIME, { TYPE => 'DATETIME' }, FIELD_TYPE_BUG_ID, { TYPE => 'INT3' }, }; diff --git a/Bugzilla/Install/DB.pm b/Bugzilla/Install/DB.pm index e8304cfbb..622facdc4 100644 --- a/Bugzilla/Install/DB.pm +++ b/Bugzilla/Install/DB.pm @@ -29,6 +29,7 @@ use Bugzilla::Install::Util qw(indicate_progress install_string); use Bugzilla::Util; use Bugzilla::Series; use Bugzilla::BugUrl; +use Bugzilla::Field; use Date::Parse; use Date::Format; @@ -659,6 +660,9 @@ sub update_table_definitions { # 2011-10-11 miketosh - Bug 690173 _on_delete_set_null_for_audit_log_userid(); + # 2011-11-28 dkl@mozilla.com - Bug 685611 + _fix_notnull_defaults(); + ################################################################ # New --TABLE-- changes should go *** A B O V E *** this point # ################################################################ @@ -3569,7 +3573,7 @@ sub _populate_bug_see_also_class { } $dbh->bz_add_column('bug_see_also', 'class', - {TYPE => 'varchar(255)', NOTNULL => 1}, ''); + {TYPE => 'varchar(255)', NOTNULL => 1, DEFAULT => "''"}, ''); my $result = $dbh->selectall_arrayref( "SELECT id, value FROM bug_see_also"); @@ -3608,6 +3612,13 @@ sub _rename_tags_to_tag { $dbh->bz_add_index('tag', 'tag_user_id_idx', {FIELDS => [qw(user_id name)], TYPE => 'UNIQUE'}); } + if (my $bug_tag_fk = $dbh->bz_fk_info('bug_tag', 'tag_id')) { + # bz_rename_table() didn't handle FKs correctly. + if ($bug_tag_fk->{TABLE} eq 'tags') { + $bug_tag_fk->{TABLE} = 'tag'; + $dbh->bz_alter_fk('bug_tag', 'tag_id', $bug_tag_fk); + } + } } sub _on_delete_set_null_for_audit_log_userid { @@ -3619,6 +3630,31 @@ sub _on_delete_set_null_for_audit_log_userid { } } +sub _fix_notnull_defaults { + my $dbh = Bugzilla->dbh; + + $dbh->bz_alter_column('bugs', 'bug_file_loc', + {TYPE => 'MEDIUMTEXT', NOTNULL => 1, + DEFAULT => "''"}, ''); + + my $custom_fields = Bugzilla::Field->match({ + custom => 1, type => [ FIELD_TYPE_FREETEXT, FIELD_TYPE_TEXTAREA ] + }); + + foreach my $field (@$custom_fields) { + if ($field->type == FIELD_TYPE_FREETEXT) { + $dbh->bz_alter_column('bugs', $field->name, + {TYPE => 'varchar(255)', NOTNULL => 1, + DEFAULT => "''"}, ''); + } + if ($field->type == FIELD_TYPE_TEXTAREA) { + $dbh->bz_alter_column('bugs', $field->name, + {TYPE => 'MEDIUMTEXT', NOTNULL => 1, + DEFAULT => "''"}, ''); + } + } +} + 1; __END__ diff --git a/Bugzilla/Search/Recent.pm b/Bugzilla/Search/Recent.pm index 89d9cf6ff..ccd4a0f09 100644 --- a/Bugzilla/Search/Recent.pm +++ b/Bugzilla/Search/Recent.pm @@ -57,14 +57,16 @@ sub create { my $class = shift; my $dbh = Bugzilla->dbh; $dbh->bz_start_transaction(); - my $search = $class->SUPER::create(@_); + my $search = $class->SUPER::create(@_); + my $user_id = $search->user_id; # Enforce there only being SAVE_NUM_SEARCHES per user. - my ($num_searches, $min_id) = $dbh->selectrow_array( - 'SELECT COUNT(*), MIN(id) FROM profile_search WHERE user_id = ?', - undef, $search->user_id); - if ($num_searches > SAVE_NUM_SEARCHES) { - $dbh->do('DELETE FROM profile_search WHERE id = ?', undef, $min_id); + my $min_id = $dbh->selectrow_array( + 'SELECT id FROM profile_search WHERE user_id = ? ORDER BY id DESC ' + . $dbh->sql_limit(1, SAVE_NUM_SEARCHES), undef, $user_id); + if ($min_id) { + $dbh->do('DELETE FROM profile_search WHERE user_id = ? AND id <= ?', + undef, ($user_id, $min_id)); } $dbh->bz_commit_transaction(); return $search; diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm index c1c364fd9..61ebdbab1 100644 --- a/Bugzilla/User.pm +++ b/Bugzilla/User.pm @@ -1984,6 +1984,32 @@ sub is_available_username { return 1; } +sub check_account_creation_enabled { + my $self = shift; + + # If we're using e.g. LDAP for login, then we can't create a new account. + $self->authorizer->user_can_create_account + || ThrowUserError('auth_cant_create_account'); + + Bugzilla->params->{'createemailregexp'} + || ThrowUserError('account_creation_disabled'); +} + +sub check_and_send_account_creation_confirmation { + my ($self, $login) = @_; + + $login = $self->check_login_name_for_creation($login); + my $creation_regexp = Bugzilla->params->{'createemailregexp'}; + + if ($login !~ /$creation_regexp/i) { + ThrowUserError('account_creation_restricted'); + } + + # Create and send a token for this new account. + require Bugzilla::Token; + Bugzilla::Token::issue_new_user_account_token($login); +} + # This is used in a few performance-critical areas where we don't want to # do check() and pull all the user data from the database. sub login_to_id { @@ -2540,6 +2566,17 @@ Params: login_name - B<Required> The login name for the new user. Takes a username as its only argument. Throws an error if there is no user with that username. Returns a C<Bugzilla::User> object. +=item C<check_account_creation_enabled> + +Checks that users can create new user accounts, and throws an error +if user creation is disabled. + +=item C<check_and_send_account_creation_confirmation($login)> + +If the user request for a new account passes validation checks, an email +is sent to this user for confirmation. Otherwise an error is thrown +indicating why the request has been rejected. + =item C<is_available_username> Returns a boolean indicating whether or not the supplied username is diff --git a/Bugzilla/WebService/Constants.pm b/Bugzilla/WebService/Constants.pm index 123b14d68..ab3111eed 100644 --- a/Bugzilla/WebService/Constants.pm +++ b/Bugzilla/WebService/Constants.pm @@ -130,6 +130,7 @@ use constant WS_ERROR_CODE => { # User errors are 500-600. account_exists => 500, illegal_email_address => 501, + auth_cant_create_account => 501, account_creation_disabled => 501, account_creation_restricted => 501, password_too_short => 502, diff --git a/Bugzilla/WebService/User.pm b/Bugzilla/WebService/User.pm index 984f41c8a..1efe6179e 100644 --- a/Bugzilla/WebService/User.pm +++ b/Bugzilla/WebService/User.pm @@ -28,7 +28,6 @@ use Bugzilla::Error; use Bugzilla::Group; use Bugzilla::User; use Bugzilla::Util qw(trim); -use Bugzilla::Token; use Bugzilla::WebService::Util qw(filter validate); use Bugzilla::Hook; @@ -92,19 +91,8 @@ sub offer_account_by_email { my $email = trim($params->{email}) || ThrowCodeError('param_required', { param => 'email' }); - my $createexp = Bugzilla->params->{'createemailregexp'}; - if (!$createexp) { - ThrowUserError("account_creation_disabled"); - } - elsif ($email !~ /$createexp/i) { - ThrowUserError("account_creation_restricted"); - } - - $email = Bugzilla::User->check_login_name_for_creation($email); - - # Create and send a token for this new account. - Bugzilla::Token::issue_new_user_account_token($email); - + Bugzilla->user->check_account_creation_enabled; + Bugzilla->user->check_and_send_account_creation_confirmation($email); return undef; } @@ -400,14 +388,14 @@ This is the recommended way to create a Bugzilla account. =over -=item 500 (Illegal Email Address) +=item 500 (Account Already Exists) -This Bugzilla does not allow you to create accounts with the format of -email address you specified. Account creation may be entirely disabled. +An account with that email address already exists in Bugzilla. -=item 501 (Account Already Exists) +=item 501 (Illegal Email Address) -An account with that email address already exists in Bugzilla. +This Bugzilla does not allow you to create accounts with the format of +email address you specified. Account creation may be entirely disabled. =back diff --git a/createaccount.cgi b/createaccount.cgi index 2348d4e91..acc63e891 100755 --- a/createaccount.cgi +++ b/createaccount.cgi @@ -31,34 +31,19 @@ use lib qw(. lib); use Bugzilla; use Bugzilla::Constants; use Bugzilla::Error; -use Bugzilla::User; -use Bugzilla::BugMail; -use Bugzilla::Util; +use Bugzilla::Token; # Just in case someone already has an account, let them get the correct footer # on an error message. The user is logged out just after the account is # actually created. -Bugzilla->login(LOGIN_OPTIONAL); - -my $dbh = Bugzilla->dbh; +my $user = Bugzilla->login(LOGIN_OPTIONAL); my $cgi = Bugzilla->cgi; my $template = Bugzilla->template; -my $vars = {}; - -$vars->{'doc_section'} = 'myaccount.html'; +my $vars = { doc_section => 'myaccount.html' }; print $cgi->header(); -# If we're using LDAP for login, then we can't create a new account here. -unless (Bugzilla->user->authorizer->user_can_create_account) { - ThrowUserError("auth_cant_create_account"); -} - -my $createexp = Bugzilla->params->{'createemailregexp'}; -unless ($createexp) { - ThrowUserError("account_creation_disabled"); -} - +$user->check_account_creation_enabled; my $login = $cgi->param('login'); if (defined($login)) { @@ -67,16 +52,9 @@ if (defined($login)) { my $token = $cgi->param('token'); check_hash_token($token, ['create_account']); - $login = Bugzilla::User->check_login_name_for_creation($login); + $user->check_and_send_account_creation_confirmation($login); $vars->{'login'} = $login; - if ($login !~ /$createexp/i) { - ThrowUserError("account_creation_restricted"); - } - - # Create and send a token for this new account. - Bugzilla::Token::issue_new_user_account_token($login); - $template->process("account/created.html.tmpl", $vars) || ThrowTemplateError($template->error()); exit; diff --git a/docs/en/xml/Bugzilla-Guide.xml b/docs/en/xml/Bugzilla-Guide.xml index 5a6dc5a2b..8ac3389f7 100644 --- a/docs/en/xml/Bugzilla-Guide.xml +++ b/docs/en/xml/Bugzilla-Guide.xml @@ -32,9 +32,9 @@ For a devel release, simple bump bz-ver and bz-date --> -<!ENTITY bz-ver "4.1.3"> +<!ENTITY bz-ver "4.2rc1"> <!ENTITY bz-nextver "4.2"> -<!ENTITY bz-date "2011-08-04"> +<!ENTITY bz-date "2011-12-28"> <!ENTITY current-year "2011"> <!ENTITY landfillbase "http://landfill.bugzilla.org/bugzilla-tip/"> diff --git a/js/field.js b/js/field.js index 8be6d5487..8353100f0 100644 --- a/js/field.js +++ b/js/field.js @@ -547,7 +547,7 @@ function handleValControllerChange(e, args) { YAHOO.util.Dom.removeClass(item, 'bz_hidden_option'); item.disabled = false; } - else if (!item.disabled) { + else if (!item.disabled && controller_item && !controller_item.selected) { YAHOO.util.Dom.addClass(item, 'bz_hidden_option'); if (item.selected) { item.selected = false; diff --git a/report.cgi b/report.cgi index a71776bfe..dccc470a7 100755 --- a/report.cgi +++ b/report.cgi @@ -288,9 +288,9 @@ print $cgi->header(-type => $format->{'ctype'}, if ($cgi->param('debug')) { require Data::Dumper; print "<pre>data hash:\n"; - print Data::Dumper::Dumper(%data) . "\n\n"; + print html_quote(Data::Dumper::Dumper(%data)) . "\n\n"; print "data array:\n"; - print Data::Dumper::Dumper(@image_data) . "\n\n</pre>"; + print html_quote(Data::Dumper::Dumper(@image_data)) . "\n\n</pre>"; } # All formats point to the same section of the documentation. diff --git a/template/en/default/pages/release-notes.html.tmpl b/template/en/default/pages/release-notes.html.tmpl index a094b5cc2..819b22e2d 100644 --- a/template/en/default/pages/release-notes.html.tmpl +++ b/template/en/default/pages/release-notes.html.tmpl @@ -15,10 +15,11 @@ # Everything Solved. All Rights Reserved. # # Contributor(s): Max Kanat-Alexander <mkanat@bugzilla.org> + # Frédéric Buclin <LpSolit@gmail.com> #%] [% PROCESS global/variables.none.tmpl %] -[% SET title = "$terms.Bugzilla 4.0 Release Notes" %] +[% SET title = "$terms.Bugzilla 4.2 Release Notes" %] [% INCLUDE global/header.html.tmpl title = title style_urls = ['skins/standard/page.css'] @@ -27,6 +28,352 @@ <h1>[% title FILTER html %]</h1> <ul class="bz_toc"> + <li><a href="#v42_introduction">Introduction</a></li> + <!-- li><a href="#v42_point">Updates in this 4.2.x Release</a></li --> + <li><a href="#v42_req">Minimum Requirements</a></li> + <li><a href="#v42_feat">New Features and Improvements</a></li> + <li><a href="#v42_issues">Outstanding Issues</a></li> + <li><a href="#v42_code_changes">Code Changes Which May Affect + Customizations and Extensions</a></li> + <li><a href="#v42_previous">Release Notes for Previous Versions</a></li> +</ul> + +<h2 id="v42_introduction">Introduction</h2> + +<p>Welcome to [% terms.Bugzilla %] 4.2! It has been almost a year since we + released [% terms.Bugzilla %] 4.0 on February 2011, and this new major + release comes with several new features and improvements. This release + contains major improvements to search, support for SQLite, improved + WebServices, and lots of other enhancements.</p> + +<p>If you are upgrading from a release before 4.0, make sure to read the + release notes for all the <a href="#v42_previous">previous versions</a> + in between your version and this one, <strong>particularly the Upgrading + section of each version's release notes</strong>.</p> + +<!-- h2 id="v42_point">Updates in this 4.2.x Release</h2 --> + + +<h2 id="v42_req">Minimum Requirements</h2> + +<p>Any requirements that are new since 4.0.2 will look like + <span class="req_new">this</span>.</p> + +<ul> + <li><a href="#v42_req_perl">Perl</a></li> + <li><a href="#v42_req_mysql">For MySQL Users</a></li> + <li><a href="#v42_req_pg">For PostgreSQL Users</a></li> + <li><a href="#v42_req_oracle">For Oracle Users</a></li> + <li><a href="#v42_req_sqlite">For SQLite Users</a></li> + <li><a href="#v42_req_modules">Required Perl Modules</a></li> + <li><a href="#v42_req_optional_mod">Optional Perl Modules</a></li> + <li><a href="#v42_req_apache">Optional Apache Modules</a></li> +</ul> + +<h3 id="v42_req_perl">Perl</h3> + +<p>Perl v5.8.1</p> + +[% INCLUDE db_req db='mysql' db_new => 1 dbd_new => 1 %] + +[% INCLUDE db_req db='pg' db_new => 1 %] + +[% INCLUDE db_req db='oracle' %] + +[% INCLUDE db_req db='sqlite' %] + +<h3 id="v42_req_modules">Required Perl Modules</h3> + +[% INCLUDE req_table reqs = REQUIRED_MODULES + new = ['Math-Random-ISAAC'] + updated = ['URI'] %] + +<h3 id="v42_req_optional_mod">Optional Perl Modules</h3> + +<p>The following perl modules, if installed, enable various + features of [% terms.Bugzilla %]:</p> + +[% INCLUDE req_table reqs = OPTIONAL_MODULES + new = ['Encode', 'Encode-Detect'] + updated = ['PatchReader'] + include_feature = 1 %] + +<h3 id="v42_req_apache">Optional Apache Modules</h3> + +<p>If you are using Apache as your webserver, [% terms.Bugzilla %] can + take advantage of some Apache features if you have the below Apache + modules installed and enabled. Currently, + <a href="#v40_feat_js_css_update">certain [% terms.Bugzilla %] features</a> + are enabled only if you have all of the following modules installed + and enabled:</p> + +<ul> + <li>mod_headers</li> + <li>mod_expires</li> + <li>mod_env</li> +</ul> + +<p>On most systems (but not on Windows), <kbd>checksetup.pl</kbd> is able to + tell whether or not you have these modules installed, and it will tell + you.</p> + + +<h2 id="v42_feat">New Features and Improvements</h2> + +<ul> + <li><a href="#v42_feat_sqlite">Experimental SQLite Support</a></li> + <li><a href="#v42_feat_attach">Creating an Attachment by Pasting Text Into + a Text Field</a></li> + <li><a href="#v42_feat_email">HTML [% terms.Bug %]mail</a></li> + <li><a href="#v42_feat_search">Improved Searching System</a></li> + <li><a href="#v42_feat_product">Disabling Old Components, Versions and Milestones</a></li> + <li><a href="#v42_feat_custom">Displaying a Custom Field Value Based on Multiple + Values of Another Field</a></li> + <li><a href="#v42_feat_audit">Auditing of All Changes Within [% terms.Bugzilla %]</a></li> + <li><a href="#v42_feat_wai">Accessibility Improvements</a></li> + <li><a href="#v42_feat_other">Other Enhancements and Changes</a></li> +</ul> + +<h3 id="v42_feat_sqlite">Experimental SQLite Support</h3> + +<p>SQLite is now supported by [% terms.Bugzilla %] and becomes the 4th supported + database besides MySQL, PostgreSQL and Oracle. SQLite support must be considered + as experimental, at least till the next major release.</p> + +<p>Note that use of SQLite is only recommended for small installations. Larger + installations should use MySQL, PostgreSQL, or Oracle.</p> + +<h3 id="v42_feat_attach">Creating an Attachment by Pasting Text Into a Text Field</h3> + +<p>You can now create a new attachment simply by pasting some text into a text + field, in addition to the normal upload process for attachments.</p> + +<h3 id="v42_feat_email">HTML [% terms.Bug %]mail</h3> + +<p>By default, [% terms.bug %]mails (email notifications about changes to + [%+ terms.bugs %]) are now sent in an HTML format that is more readable than + the old text format. Those who prefer the old text format can still choose it + in their Preferences, however.</p> + +<h3 id="v42_feat_search">Improved Searching System</h3> + +<p>The Custom Search section in the Advanced Search page has been redesigned + to work in a more sensible way. Complex queries are easier to build and have + more sensible results, as they are built using a more intuitive logic. + Some very complicated queries are still impossible to generate, though. + Things should improve in future releases.</p> + +<h3 id="v42_feat_product">Disabling Old Components, Versions and Milestones</h3> + +<p>Older components, versions and milestones can now be disabled. [% terms.Bugs %] + already using them are not affected, but these values will no longer be + available for new [% terms.bugs %].</p> + +<h3 id="v42_feat_custom">Displaying a Custom Field Value Based on Multiple Values + of Another Field</h3> + +<p>A custom field can now be displayed based on multiple values of another field. + (For example, one custom field could now appear in multiple products.) + Previously, you could only display a custom field based on a single value of + another field.</p> + +<h3 id="v42_feat_audit">Auditing of All Changes Within [% terms.Bugzilla %]</h3> + +<p>Most changes made through the admin interface are now logged to the database, + in the <kbd>audit_log</kbd> table. There is no UI to access this table yet, + but developers are free to create their own tools to track changes made into + their installation. This is only a first step, and improvements are expected + in future releases.</p> + +<h3 id="v42_feat_wai">Accessibility Improvements</h3> + +<p>A project has started thanks to Francisco Donalisio from IBM to make + [%+ terms.Bugzilla %] compliant with the W3C Web Accessibility Initiative + standards. A lot more work still needs to be done, but we expect a much + better compatibility for the next major release.</p> + +<h3 id="v42_feat_other">Other Enhancements and Changes</h3> + +<h4>Enhancements for Users</h4> + +<ul> + <li><strong>[% terms.Bugs %]:</strong> Users without editbugs privileges can + no longer remove other users from the CC list of [% terms.bugs %].</li> + <li><strong>[% terms.Bugs %]:</strong> Local [% terms.bug %] IDs are now valid + in the See Also field. Adding such an ID will also add a reciprocal link in + the other [% terms.bug %].</li> + <li><strong>[% terms.Bugs %]:</strong> After editing [% terms.abug %] or an + attachment, the URL is automatically changed to <kbd>show_bug.cgi</kbd> + instead of <kbd>post_bug.cgi</kbd>, <kbd>process_bug.cgi</kbd> or + <kbd>attachment.cgi</kbd> so that reloading the page (for instance when + restarting the web browser) displays the right page. This feature is supported + by Firefox, Chrome and Safari, but not by Internet Explorer 9.</li> + <li><strong>[% terms.Bugs %]:</strong> Inactive accounts are no longer + displayed in user fields when user-autocompletion is enabled.</li> + <li><strong>[% terms.Bugs %]:</strong> User-autocompletion is now much faster + on installations with many user accounts.</li> + <li><strong>[% terms.Bugs %]:</strong> The See Also field now accepts URLs + pointing to MantisBT, Trac, JIRA and the sourceforge.net b[%%]ug trackers.</li> + <li><strong>[% terms.Bugs %]:</strong> Displaying [% terms.abug %] with many + dependencies is now much faster.</li> + <li><strong>Attachments:</strong> The encoding of text files can be automatically + detected when uploading them as attachments.</li> + <li><strong>Flags:</strong> Changing the requestee of a flag no longer changes + the requester.</li> + <li><strong>Reports:</strong> If JavaScript is enabled in your web browser, + tabular reports are now sortable based on any displayed column.</li> + <li><strong>Dependency graphs:</strong> The <em>Show every [% terms.bug %] in + the system with dependencies</em> option has been removed.</li> + <li><strong>Searches:</strong> The columns displayed by default in + [%+ terms.bug %]lists have changed. These columns are now displayed by default + unless otherwise specified:<br> + <kbd>product | component | assignee | [% terms.bug %] status | resolution | + [%+ terms.bug %] summary | last change date</kbd><br> + This means that the priority, severity and operating system columns are no + longer displayed by default.</li> + <li><strong>Searches:</strong> [% terms.Bug %]lists will now only display the + first 500 [% terms.bugs %] by default. It is still possible to display the + whole list, though.</li> + <li><strong>Searches:</strong> When using relative dates and times, <kbd>-1w</kbd> + is now a synonym for <kbd>-7d</kbd> and means exactly 7 days. Previously, + <kbd>-1w</kbd> meant the beginning of the week, which was confusing some users. + The same confusion existed for <kbd>-1d</kbd> which was different from + <kbd>-24h</kbd>, and for <kbd>-1m</kbd> which was different from <kbd>-30d</kbd>. + Now if you really want the beginning of the day, week or month, you must use + <kbd>-1ds</kbd>, <kbd>-1ws</kbd>, and <kbd>-1ms</kbd> respectively, where + "s" means "start of". This change will affect existing saved searches using + relative dates.</li> + <li><strong>Searches:</strong> A new <em>Include fulltext when performing quick + searches</em> user preference has been added which permits users to include + or exclude comments when using quicksearches.</li> + <li><strong>Searches:</strong> It is now possible to query for [% terms.bugs %] + based on personal tags in the Custom Search section in the Advanced Search + page.</li> + <li><strong>Email notifications: </strong> The date and time of comments are no + longer displayed in the comment header in [% terms.bug%]mails. This information + is already available in the email header itself.</li> +</ul> + +<h4>Enhancements for Administrators and Developers</h4> + +<ul> + <li><strong>Installation:</strong> <kbd>checksetup.pl</kbd> is now much quieter + when creating a new database.</li> + <li><strong>Security:</strong> [% terms.Bugzilla %] 4.0 is using + <kbd>Math::Random::Secure</kbd> to generate cryptographically secure + pseudorandom numbers, but it appeared that installing this Perl module from + CPAN caused a lot of trouble for some people due to its numerous dependencies. + So the RNG code has been rewritten to only depend on <kbd>Math::Random::ISAAC</kbd>, + which was already in use in previous versions of [% terms.Bugzilla %].</li> + <li><strong>Security:</strong> <kbd>X-Frame-Options = SAMEORIGIN</kbd> is now + passed to all page headers (except when viewing attachments, as they can be + on a different host) to protect users from framing and subsequent possible + clickjacking problems.</li> + <li><strong>Configuration:</strong> A new parameter <em>password_complexity</em> + has been added (default: no_constraints) which allows admins to force users + to use passwords with a higher complexity, such as a combination of uppercase + and lowercase letters, numbers and special characters, or a subset of them.</li> + <li><strong>Configuration:</strong> A new parameter <em>search_allow_no_criteria</em> + has been added (default: on) which allows admins to forbid queries with no + criteria. This is particularly useful for large installations with several + tens of thousands [% terms.bugs %] where returning all [% terms.bugs %] + doesn't make sense and would have a performance impact on the database.</li> + <li><strong>Configuration:</strong> A new parameter <em>default_search_limit</em> + has been added (default: 500) which limits the number of [% terms.bugs %] + displayed by default in a [% terms.bug%]list. The user can ask to see a larger + list, though.</li> + <li><strong>Configuration:</strong> A new parameter <em>max_search_results</em> + has been added (default: 10000) which limits the number of [% terms.bugs %] + a user can request at once in a [% terms.bug%]list. This is a hard limit and + a user cannot bypass this value.</li> + <li><strong>Configuration:</strong> A new parameter <em>ajax_user_autocompletion</em> + has been added (default: on) to allow administrators to disable auto-completion + when typing characters in user fields. This parameter should only be disabled + if your installation is unable to support the load generated by this feature.</li> + <li><strong>Configuration:</strong> The <em>config_modify_panels</em> hook now + lets you add additional parameters to existing parameters panels.</li> + <li><strong>Flags:</strong> Users with local editcomponents privileges can now + edit flag types for products they can administer.</li> + <li><strong>Quips:</strong> A new system group <em>bz_quip_moderators</em> has + been created to moderate quips. Till now, you had to be in the <em>admin</em> + group to do that.</li> + <li><kbd>importxml.pl</kbd> now inserts each comment separately into the imported + [%+ terms.bug %] instead of concatenating them all into a single comment.</li> + <li><kbd>email_in.pl</kbd> now ignores auto-submitted incoming emails (for + instance, all these "out of office" emails).</li> + <li>New code hooks: email_in_before_parse, email_in_after_parse, + install_filesystem, install_update_db_fielddefs, job_map, object_end_of_create, + quicksearch_map, user_preferences.</li> +</ul> + +<h4>WebService Changes</h4> + +<ul> + <li>Two new methods have been added: <kbd>Product.create</kbd> and + <kbd>Group.create</kbd>.</li> + <li><kbd>B[%%]ug.update</kbd> no longer throws an error when passing an empty + string to <kbd>see_also</kbd>. It now simply ignores this empty value.</li> + <li><kbd>Product.get</kbd> now also returns data about the classification it + belongs to as well as its components, milestones and versions. It also + returns the <kbd>default_milestone</kbd> and <kbd>has_unconfirmed</kbd> + attributes.</li> + <li>In <kbd>B[%%]ug.fields</kbd>, the <kbd>sortkey</kbd> attribute used in + <kbd>values</kbd> has been renamed to <kbd>sort_key</kbd>.</li> + <li>In <kbd>B[%%]ug.attachments</kbd> and <kbd>B[%%]ug.add_attachment</kbd>, + the <kbd>is_url</kbd> attribute no longer exists.</li> +</ul> + + +<h2 id="v42_issues">Outstanding Issues</h2> + +<ul> + <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=89822"> + [%- terms.Bug %] 89822</a>: When changing multiple [% terms.bugs %] at + the same time, there is no "mid-air collision" protection.</li> + <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=276230"> + [%- terms.Bug %] 276230</a>: The support for restricting access to + particular Categories of New Charts is not complete. You should treat the + <em>chartgroup</em> parameter as the only access mechanism available.</li> + <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=584742"> + [%- terms.Bug %] 584742</a>: When viewing [% terms.abug %], WebKit-based + browsers can automatically reset a field's selected value when the field + has disabled values.</li> + <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=706753"> + [%- terms.Bug %] 706753</a>: Automatic [% terms.bug %] detection and + user auto-completion do not work with JSON::RPC 1.x due to a backwards + incompatible change. You should install JSON::RPC 0.96 instead.</li> +</ul> + + +<h2 id="v42_code_changes">Code Changes Which May Affect Customizations and Extensions</h2> + +<ul> + <li>The <kbd>email/newchangedmail.txt.tmpl</kbd> template is now fully templatized, + meaning that the diff table displaying changes in [% terms.bug %] fields is + now generated in the template itself. This means [% terms.bug %]mails are now + fully localizable.</li> + <li>The bugmail_recipients hook has been modified to pass <kbd>diffs</kbd> with + changes made to the [% terms.bug %] as well as <kbd>users</kbd> including + recipients of the email notification.</li> + <li>YUI has been upgraded to 2.9.0.</li> + <li>Due to the major code refactor of <kbd>B[%%]ugzilla/Search.pm</kbd>, any + customization made against this file will probably need to be rewritten.</li> + <li><kbd>long_list.cgi</kbd>, <kbd>showattachment.cgi</kbd> and <kbd>xml.cgi</kbd> + have been removed from the codebase. As <a href="#v40_code_changes">announced</a> + in the release notes of [% terms.Bugzilla %] 4.0, these scripts were deprecated + since [% terms.Bugzilla %] 2.19.</li> + <li><kbd>sidebar.cgi</kbd> has been removed, because Gecko-based browsers no + longer support remote XUL, and its popularity is very low.</li> + <li><kbd>contrib/yp_nomail.sh</kbd> has been removed. This script is no longer + useful since [% terms.Bugzilla %] 3.0.</li> + <li><kbd>contrib/bugzilla_ldapsync.rb</kbd> has been removed. This script didn't + work for a long time.</li> +</ul> + + +<h1 id="v42_previous">[% terms.Bugzilla %] 4.0 Release Notes</h1> + +<ul class="bz_toc"> <li><a href="#v40_introduction">Introduction</a></li> <li><a href="#v40_point">Updates in this 4.0.x Release</a></li> <li><a href="#v40_req">Minimum Requirements</a></li> @@ -165,32 +512,223 @@ <li><a href="#v40_req_apache">Optional Apache Modules</a></li> </ul> - <h3 id="v40_req_perl">Perl</h3> <p>Perl v5.8.1</p> +<h3 id="v40_req_mysql">For MySQL Users</h3> -[% INCLUDE db_req db='mysql' %] + <ul> + <li>MySQL v4.1.2</li> + <li><strong>perl module:</strong> DBD::mysql v4.00</li> + </ul> -[% INCLUDE db_req db='pg' %] +<h3 id="v40_req_pg">For PostgreSQL Users</h3> -[% INCLUDE db_req db='oracle' %] + <ul> + <li>PostgreSQL v8.00.0000</li> + <li><strong>perl module:</strong> DBD::Pg v1.45</li> + </ul> + +<h3 id="v40_req_oracle">For Oracle Users</h3> + + <ul> + <li>Oracle v10.02.0</li> + <li><strong>perl module:</strong> DBD::Oracle v1.19</li> + </ul> <h3 id="v40_req_modules">Required Perl Modules</h3> -[% INCLUDE req_table reqs = REQUIRED_MODULES - new = ['List-MoreUtils'] - updated = ['Email-MIME', 'CGI.pm', 'Apache-SizeLimit'] %] + <table cellspacing="0" cellpadding="0" border="0" class="req_table"> + <tbody> + <tr> + <th>Module</th><th>Version</th> + </tr> + <tr> + <td>CGI</td> + <td class="req_new">3.51</td> + </tr> + <tr> + <td>Digest::SHA</td> + <td>(Any)</td> + </tr> + <tr> + <td>Date::Format</td> + <td>2.21</td> + </tr> + <tr> + <td>DateTime</td> + <td>0.28</td> + </tr> + <tr> + <td>DateTime::TimeZone</td> + <td>0.71</td> + </tr> + <tr> + <td>DBI</td> + <td>1.41</td> + </tr> + <tr> + <td>Template</td> + <td>2.22</td> + </tr> + <tr> + <td>Email::Send</td> + <td>2.00</td> + </tr> + + <tr> + <td>Email::MIME</td> + <td class="req_new">1.904</td> + </tr> + <tr> + <td>URI</td> + <td>(Any)</td> + </tr> + <tr> + <td class="req_new">List::MoreUtils</td> + <td class="req_new">0.22</td> + </tr> + </tbody> + </table> <h3 id="v40_req_optional_mod">Optional Perl Modules</h3> <p>The following perl modules, if installed, enable various features of [% terms.Bugzilla %]:</p> -[% INCLUDE req_table reqs = OPTIONAL_MODULES - new = ['JSON-XS', 'Win32-API', 'Math-Random-Secure'] - updated = ['Apache-SizeLimit', 'SOAP-Lite'] - include_feature = 1 %] + <table cellspacing="0" cellpadding="0" border="0" class="req_table"> + <tbody> + <tr> + <th>Module</th><th>Version</th><th>Enables Feature</th> + </tr> + <tr> + <td>GD</td> + <td>1.20</td> + <td>Graphical Reports, New Charts, Old Charts</td> + </tr> + <tr> + <td>Chart::Lines</td> + <td>2.1</td> + <td>New Charts, Old Charts</td> + </tr> + <tr> + <td>Template::Plugin::GD::Image</td> + <td>(Any)</td> + <td>Graphical Reports</td> + </tr> + <tr> + <td>GD::Text</td> + <td>(Any)</td> + <td>Graphical Reports</td> + </tr> + <tr> + <td>GD::Graph</td> + <td>(Any)</td> + <td>Graphical Reports</td> + </tr> + <tr> + <td>MIME::Parser</td> + <td>5.406</td> + <td>Move [% terms.Bugs %] Between Installations</td> + </tr> + <tr> + <td>LWP::UserAgent</td> + <td>(Any)</td> + <td>Automatic Update Notifications</td> + </tr> + <tr> + <td>XML::Twig</td> + <td>(Any)</td> + <td>Move [% terms.Bugs %] Between Installations, Automatic Update + Notifications</td> + </tr> + <tr> + <td>PatchReader</td> + <td>0.9.4</td> + <td>Patch Viewer</td> + </tr> + <tr> + <td>Net::LDAP</td> + <td>(Any)</td> + <td>LDAP Authentication</td> + </tr> + <tr> + <td>Authen::SASL</td> + <td>(Any)</td> + <td>SMTP Authentication</td> + </tr> + <tr> + <td>Authen::Radius</td> + <td>(Any)</td> + <td>RADIUS Authentication</td> + </tr> + <tr> + <td>SOAP::Lite</td> + <td class="req_new">0.712</td> + <td>XML-RPC Interface</td> + </tr> + <tr> + <td>JSON::RPC</td> + <td>(Any)</td> + <td>JSON-RPC Interface</td> + </tr> + <tr> + <td class="req_new">JSON::XS</td> + <td class="req_new">2.0</td> + <td>Make JSON-RPC Faster</td> + </tr> + <tr> + <td>Test::Taint</td> + <td>(Any)</td> + <td>JSON-RPC Interface, XML-RPC Interface</td> + </tr> + <tr> + <td>HTML::Parser</td> + <td>3.40</td> + <td>More HTML in Product/Group Descriptions</td> + </tr> + <tr> + <td>HTML::Scrubber</td> + <td>(Any)</td> + <td>More HTML in Product/Group Descriptions</td> + </tr> + <tr> + <td>Email::MIME::Attachment::Stripper</td> + <td>(Any)</td> + <td>Inbound Email</td> + </tr> + <tr> + <td>Email::Reply</td> + <td>(Any)</td> + <td>Inbound Email</td> + </tr> + <tr> + <td>TheSchwartz</td> + <td>(Any)</td> + <td>Mail Queueing</td> + </tr> + <tr> + <td>Daemon::Generic</td> + <td>(Any)</td> + <td>Mail Queueing</td> + </tr> + <tr> + <td>mod_perl2</td> + <td>1.999022</td> + <td>mod_perl</td> + </tr> + <tr> + <td>Apache2::SizeLimit</td> + <td class="req_new">0.93</td> + <td>mod_perl</td> + </tr> + <tr> + <td class="req_new">Math::Random::Secure</td> + <td class="req_new">0.05</td> + <td>Improve cookie and token security</td> + </tr> + </tbody> + </table> <h3 id="v40_req_apache">Optional Apache Modules</h3> @@ -773,3418 +1311,16 @@ [%+ terms.Bugzilla %] 4.2.</li> </ul> +<h2 id="v40_previous">Release Notes For Previous Versions</h2> -<h1 id="v40_previous">[% terms.Bugzilla %] 3.6 Release Notes</h1> - -<ul class="bz_toc"> - <li><a href="#v36_introduction">Introduction</a></li> - <li><a href="#v36_point">Updates in this 3.6.x Release</a></li> - <li><a href="#v36_req">Minimum Requirements</a></li> - <li><a href="#v36_feat">New Features and Improvements</a></li> - <li><a href="#v36_issues">Outstanding Issues</a></li> - <li><a href="#v36_upgrading">Notes On Upgrading From a Previous Version</a></li> - <li><a href="#v36_code_changes">Code Changes Which May Affect - Customizations</a></li> - <li><a href="#v36_previous">Release Notes for Previous Versions</a></li> -</ul> - -<h2 id="v36_introduction">Introduction</h2> - -<p>Welcome to [% terms.Bugzilla %] 3.6! The focus of the 3.6 release is - on improving usability and "polishing up" all our features (by adding - some pieces that were "missing" or always wanted), although we - also have a few great new features for you, as well!</p> - -<p>If you're upgrading, make sure to read <a href="#v36_upgrading">Notes - On Upgrading From a Previous Version</a>. If you are upgrading from a release - before 3.4, make sure to read the release notes for all the - <a href="#v36_previous">previous versions</a> in between your version - and this one, <strong>particularly the Upgrading section of each - version's release notes</strong>.</p> - -<p>We would like to thank <a href="http://www.canonical.com/">Canonical - Ltd.</a>, <a href="http://www.itasoftware.com/">ITA Software</a>, - the <a href="http://www.ibm.com/linux/ltc/">IBM Linux Technology Center</a>, - <a href="http://www.redhat.com/">Red Hat</a>, and - <a href="http://www.novell.com/">Novell</a> for funding the development - of various features and improvements in this release of - [%+ terms.Bugzilla %].</p> - -<h2 id="v36_point">Updates in this 3.6.x Release</h2> - -<h3>3.6.2</h3> - -<p>This release fixes various security issues. See the - <a href="http://www.bugzilla.org/security/3.2.7/">Security Advisory</a> - for details.</p> - -<p>In addition, the following important fixes/changes have been made in - this release:</p> - -<ul> - <li>[% terms.Bugzilla %] installations running on older versions of IIS - will no longer experience the "Undef to trick_taint" errors that would - sometimes occur. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=521416">[% terms.Bug %] 521416</a>) - </li> - <li>Email notifications were missing the dates that comments were made. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=578003">[% terms.Bug %] 578003</a>) - </li> - <li>Putting a phrase in quotes in the Quicksearch box now works properly, - again. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=578494">[% terms.Bug %] 578494</a> - and <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=553884">[% terms.Bug %] 553884</a>) - </li> - <li>Quicksearch was usually (incorrectly) being limited to 200 results. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=581622">[% terms.Bug %] 581622</a>) - </li> - <li>On Windows, <kbd>install-module.pl</kbd> can now properly install - DateTime and certain other Perl modules that didn't install properly - before. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=576105">[% terms.Bug %] 576105</a>) - </li> - <li>Searching "keywords" for "contains none of the words" or "does not - match regular expression" now works properly. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=562014">[% terms.Bug %] 562014</a>) - </li> - <li>Doing <kbd>collectstats.pl --regenerate</kbd> now works on installations - using PostgreSQL. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=577058">[% terms.Bug %] 577058</a>) - </li> - <li>The "Field Values" administrative control panel was sometimes denying - admins the ability to delete field values when there was no reason - to deny the deletion. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=577054">[% terms.Bug %] 577054</a>) - </li> - <li>Eliminate the "uninitialized value" warnings that would happen when - editing a product's components. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=576911">[% terms.Bug %] 576911</a>) - </li> - <li>The updating of bugs_fulltext that happens during - <kbd>checksetup.pl</kbd> for upgrades to 3.6 should now be MUCH faster. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=577754">[% terms.Bug %] 577754</a>) - </li> - <li><kbd>email_in.pl</kbd> was not allowing the setting of time-tracking - fields via inbound emails. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=583622">[% terms.Bug %] 583622</a>) - </li> -</ul> - -<h3>3.6.1</h3> - -<p>This release fixes two security issues. See the - <a href="http://www.bugzilla.org/security/3.2.6/">Security Advisory</a> - for details.</p> - -<p>In addition, the following important fixes/changes have been made in - this release:</p> - -<ul> - <li>Using the "Change Columns" page would sometimes result in a - plain-text page instead of HTML. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=376044">[% terms.Bug %] 376044</a>) - </li> - <li>Extensions that have only templates and no code are now working. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=562551">[% terms.Bug %] 562551</a>) - </li> - <li><kbd>install-module.pl</kbd> has been fixed so that it installs - modules properly on both new and old versions of Perl. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=560318">[% terms.Bug %] 560318</a> - and <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=560330">[% terms.Bug %] 560330</a>) - </li> - <li>It is now possible to upgrade from 3.4 to 3.6 when using Oracle. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=561379">[% terms.Bug %] 561379</a>) - </li> - <li>Editing a field value's name (using the Field Values admin control - panel) wasn't working if the value was set as the default for that - field. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=561296">[% terms.Bug %] 561296</a>) - </li> - <li>If you had the <kbd>noresolveonopenblockers</kbd> parameter set, - [%+ terms.bugs %] couldn't be edited at all if they were marked FIXED - and had any open blockers. (The parameter is only supposed to prevent - <em>changing</em> [% terms.bugs %] to FIXED, not modifying already-FIXED - [%+ terms.bugs %].) - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=565314">[% terms.Bug %] 565314</a>) - </li> - <li>Some minor issues with Perl 5.12 were fixed (mostly warnings that Perl - 5.12 was throwing). [% terms.Bugzilla %] now supports Perl 5.12.</li> -</ul> - -<h2 id="v36_req">Minimum Requirements</h2> - -<p>Any requirements that are new since 3.4.5 will look like - <span class="req_new">this</span>.</p> - -<ul> - <li><a href="#v36_req_perl">Perl</a></li> - <li><a href="#v36_req_mysql">For MySQL Users</a></li> - <li><a href="#v36_req_pg">For PostgreSQL Users</a></li> - <li><a href="#v36_req_oracle">For Oracle Users</a></li> - <li><a href="#v36_req_modules">Required Perl Modules</a></li> - <li><a href="#v36_req_optional_mod">Optional Perl Modules</a></li> -</ul> - -<h3 id="v36_req_perl">Perl</h3> - -<p>Perl v5.8.1</p> - -<h3 id="v36_req_mysql">For MySQL Users</h3> - - <ul> - <li>MySQL - v4.1.2 - </li> - <li><strong>perl module:</strong> - DBD::mysql v4.00</li> - </ul> - -<h3 id="v36_req_pg">For PostgreSQL Users</h3> - - <ul> - <li>PostgreSQL - v8.00.0000 - </li> - <li><strong>perl module:</strong> - DBD::Pg v1.45</li> - </ul> -<h3 id="v36_req_oracle">For Oracle Users</h3> - - <ul> - <li>Oracle - v10.02.0 - </li> - <li><strong>perl module:</strong> - DBD::Oracle v1.19</li> - </ul> - -<h3 id="v36_req_modules">Required Perl Modules</h3> - -<table class="req_table" border="0" cellspacing="0" cellpadding="0"> - <tr> - <th>Module</th> <th>Version</th> - </tr> - <tr> - <td >CGI</td> - <td >3.21 - </td> - </tr> - <tr> - <td >Digest::SHA</td> - <td > - (Any) - </td> - </tr> - <tr> - <td >Date::Format</td> - <td >2.21 - </td> - </tr> - <tr> - <td >DateTime</td> - <td >0.28 - </td> - </tr> - <tr> - <td >DateTime::TimeZone</td> - <td >0.71 - </td> - </tr> - <tr> - <td >DBI</td> - <td >1.41 - </td> - </tr> - <tr> - <td >Template</td> - <td >2.22 - </td> - </tr> - <tr> - <td >Email::Send</td> - <td >2.00 - </td> - </tr> - <tr> - <td >Email::MIME</td> - <td >1.861 - </td> - </tr> - <tr> - <td >Email::MIME::Encodings</td> - <td >1.313 - </td> - </tr> - <tr> - <td >Email::MIME::Modifier</td> - <td >1.442 - </td> - </tr> - <tr> - <td >URI</td> - <td > - (Any) - </td> - </tr> -</table> - -<h3 id="v36_req_optional_mod">Optional Perl Modules</h3> - -<p>The following perl modules, if installed, enable various - features of [% terms.Bugzilla %]:</p> - -<table class="req_table" border="0" cellspacing="0" cellpadding="0"> - <tr> - <th>Module</th> <th>Version</th> - <th>Enables Feature</th> - </tr> - <tr> - <td >GD</td> - <td >1.20 - </td> - <td>Graphical Reports, New Charts, Old Charts</td> - </tr> - <tr> - <td >Chart::Lines</td> - <td class="req_new">2.1 - </td> - <td>New Charts, Old Charts</td> - </tr> - <tr> - <td >Template::Plugin::GD::Image</td> - <td > - (Any) - </td> - <td>Graphical Reports</td> - </tr> - <tr> - <td >GD::Text</td> - <td > - (Any) - </td> - <td>Graphical Reports</td> - </tr> - <tr> - <td >GD::Graph</td> - <td > - (Any) - </td> - <td>Graphical Reports</td> - </tr> - <tr> - <td >XML::Twig</td> - <td > - (Any) - </td> - <td>Move [% terms.Bugs %] Between Installations, - Automatic Update Notifications</td> - </tr> - <tr> - <td >MIME::Parser</td> - <td >5.406 - </td> - <td>Move [% terms.Bugs %] Between Installations</td> - </tr> - <tr> - <td >LWP::UserAgent</td> - <td > - (Any) - </td> - <td>Automatic Update Notifications</td> - </tr> - <tr> - <td >PatchReader</td> - <td >0.9.4 - </td> - <td>Patch Viewer</td> - </tr> - <tr> - <td >Net::LDAP</td> - <td > - (Any) - </td> - <td>LDAP Authentication</td> - </tr> - <tr> - <td >Authen::SASL</td> - <td > - (Any) - </td> - <td>SMTP Authentication</td> - </tr> - <tr> - <td >Authen::Radius</td> - <td > - (Any) - </td> - <td>RADIUS Authentication</td> - </tr> - <tr> - <td >SOAP::Lite</td> - <td >0.710.06 - </td> - <td>XML-RPC Interface</td> - </tr> - <tr> - <td class="req_new">JSON::RPC</td> - <td class="req_new"> - (Any) - </td> - <td>JSON-RPC Interface</td> - </tr> - <tr> - <td class="req_new">Test::Taint</td> - <td class="req_new"> - (Any) - </td> - <td>JSON-RPC Interface, XML-RPC Interface</td> - </tr> - <tr> - <td >HTML::Parser</td> - <td >3.40 - </td> - <td>More HTML in Product/Group Descriptions</td> - </tr> - <tr> - <td >HTML::Scrubber</td> - <td > - (Any) - </td> - <td>More HTML in Product/Group Descriptions</td> - </tr> - <tr> - <td >Email::MIME::Attachment::Stripper</td> - <td > - (Any) - </td> - <td>Inbound Email</td> - </tr> - <tr> - <td >Email::Reply</td> - <td > - (Any) - </td> - <td>Inbound Email</td> - </tr> - <tr> - <td >TheSchwartz</td> - <td > - (Any) - </td> - <td>Mail Queueing</td> - </tr> - <tr> - <td >Daemon::Generic</td> - <td > - (Any) - </td> - <td>Mail Queueing</td> - </tr> - <tr> - <td >mod_perl2</td> - <td >1.999022 - </td> - <td>mod_perl</td> - </tr> -</table> - -<h2 id="v36_feat">New Features and Improvements</h2> - -<ul> - <li><a href="#v36_feat_usability">General Usability Improvements</a></li> - <li><a href="#v36_feat_extensions">New Extensions System</a></li> - <li><a href="#v36_feat_qs">Improved Quicksearch</a></li> - <li><a href="#v36_feat_browse">Simple "Browse" Interface</a></li> - <li><a href="#v36_feat_suexec">SUExec Support</a></li> - <li><a href="#v36_feat_mpwindows">Experimental mod_perl Support on Windows</a></li> - <li><a href="#v36_email_attachments">Send Attachments by Email</a></li> - <li><a href="#v36_feat_jsonrpc">JSON-RPC Interface</a></li> - <li><a href="#v36_feat_migrate">Migration From Other [% terms.Bug %]-Trackers</a></li> - <li><a href="#v36_feat_other">Other Enhancements and Changes</a></li> -</ul> - -<h3 id="v36_feat_usability">General Usability Improvements</h3> - -<p>A <a href="https://wiki.mozilla.org/Bugzilla:CMU_HCI_Research_2008">scientific - usability study</a> was done on [% terms.Bugzilla %] by researchers - from Carnegie-Mellon University. As a result of this study, - <a href="https://bugzilla.mozilla.org/showdependencytree.cgi?id=490786&hide_resolved=0">several - usability issues</a> were prioritized to be fixed, based on specific data - from the study.</p> - -<p>As a result, you will see many small improvements in [% terms.Bugzilla %]'s - usability, such as using Javascript to validate certain forms before - they are submitted, standardizing the words that we use in the user interface, - being clearer about what [% terms.Bugzilla %] needs from the user, - and other changes, all of which are also listed individually in this New - Features section.</p> - -<p>Work continues on improving usability for the next release of - [%+ terms.Bugzilla %], but the results of the research have already - had an impact on this 3.6 release.</p> - -<h3 id="v36_feat_extensions">New Extensions System</h3> - -<p>[% terms.Bugzilla %] has a brand-new Extensions system. The system is - consistent, fast, and - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Extension.html">fully - documented</a>. It makes it possible to easily extend [% terms.Bugzilla %]'s - code and user interface to add new features or change existing features. - There's even - <a href="[% docs_urlbase FILTER html %]api/extensions/create.html">a - script</a> that will create the basic layout of an extension for you, to - help you get started. For more information about the new system, see the - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Extension.html">Extensions - documentation</a>.</p> - -<p>If you had written any extensions using [% terms.Bugzilla %]'s previous - extensions system, there is - <a href="[% docs_urlbase FILTER html %]api/contrib/extension-convert.html">a - script to help convert old extensions into the new format</a>.</p> - -<h3 id="v36_feat_qs">Improved Quicksearch</h3> - -<p>The "quicksearch" box that appears on the front page of - [%+ terms.Bugzilla %] and in the header/footer of every page - is now simplified and made more powerful. There is a - <kbd>[?]</kbd> link next to the box that will take you to - the simplified <a href="page.cgi?id=quicksearch.html">Quicksearch Help</a>, - which describes every single feature of the system in a simple layout, - including new features such as the ability to use partial field names - when searching.</p> - -<p>Quicksearch should also be much faster than it was before, particularly - on large installations.</p> - -<p>Note that in order to implement the new quicksearch, certain old - and rarely-used features had to be removed: - -<ul> - <li><b>+</b> as a prefix to mean "search additional resolutions", and - <b>+</b> as a prefix to mean "search just the summary". You can - instead use <kbd>summary:</kbd> to explicitly search summaries.</li> - <li>Searching the Severity field if you type something that matches - the first few characters of a severity. You can explicitly search - the Severity field if you want to find [% terms.bugs %] by severity.</li> - <li>Searching the Priority field if you typed something that exactly - matched the name of a priority. You can explicitly search the - Priority field if you want to find [% terms.bugs %] by priority.</li> - <li>Searching the Platform and OS fields if you typed in one of a - certain hard-coded list of strings (like "pc", "windows", etc.). - You can explicitly search these fields, instead, if you want to - find [% terms.bugs %] with a specific Platform or OS set.</li> -</ul> - -<h3 id="v36_feat_browse">Simple "Browse" Interface</h3> - -<p>There is now a "Browse" link in the header of each [% terms.Bugzilla %] - page that presents a very basic interface that allows users to simply - browse through all open [% terms.bugs %] in particular components.</p> - -<h3 id="v36_feat_suexec">SUExec Support</h3> - -<p>[% terms.Bugzilla %] can now be run in Apache's "SUExec" mode, - which is what control panel software like cPanel and Plesk use - (so [% terms.Bugzilla %] should now be much easier to install - on shared hosting). SUExec support shows up as an option - in the <kbd>localconfig</kbd> file during installation.</p> - -<h3 id="v36_feat_mpwindows">Experimental mod_perl Support on Windows</h3> - -<p>There is now experimental support for running [% terms.Bugzilla %] - under mod_perl on Windows, for a significant performance enhancement - (in exchange for using more memory).</p> - -<h3 id="v36_email_attachments">Send Attachments by Email</h3> - -<p>The <a href="[% docs_urlbase FILTER html %]api/email_in.html">email_in</a> - script now supports attaching multiple attachments to [% terms.abug %] - by email, both when filing and when updating [% terms.abug %].</p> - -<h3 id="v36_feat_jsonrpc">JSON-RPC Interface</h3> - -<p>[% terms.Bugzilla %] now has support for the - <a href="http://json-rpc.org/">JSON-RPC</a> WebServices protocol via - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Server/JSONRPC.html">jsonrpc.cgi</a>. - The JSON-RPC interface is experimental in this release--if you want any - fundamental changes in how it works, - <a href="http://www.bugzilla.org/developers/reporting_bugs.html">let us - know</a>, for the next release of [% terms.Bugzilla %].</p> - -<h3 id="v36_feat_migrate">Migration From Other [% terms.Bug %]-Trackers</h3> - -<p>[% terms.Bugzilla %] 3.6 comes with a new script, - <a href="[% docs_urlbase FILTER html %]api/migrate.html">migrate.pl</a>, - which allows migration from other [% terms.bug %]-tracking systems. - Among the various features of the migration system are:</p> - -<ul> - <li>It is non-destructive--you can migrate into an existing - [%+ terms.Bugzilla %] installation without destroying any data - in the installation.</li> - <li>It has a "dry-run" mode so you can test your migration - before actually running it.</li> - <li>It is relatively easy to write new migrators for new systems, - if you know Perl. The basic migration framework does most of the work - for you, you just have to provide it with the data from your - [%+ terms.bug %]-tracker. See the - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Migrate.html">Bugzilla::Migrate</a> - documentation and see our current migrator, - <kbd>Bugzilla/Migrate/GNATS.pm</kbd> for information on how to make your - own migrator.</li> -</ul> - -<p>The first migrator that has been implemented is for the GNATS - [%+ terms.bug %]-tracking system. We'd love to see migrators for - other systems! If you want to contribute a new migrator, see our - <a href="http://wiki.mozilla.org/Bugzilla:Developers">development - process</a> for details on how to get code into [% terms.Bugzilla %].</p> - -<p>Thanks to <a href="http://lambdares.com/">Lambda Research</a> for - funding the initial development of this feature.</p> - -<h3 id="v36_feat_other">Other Enhancements and Changes</h3> - -<h4>Enhancements for Users</h4> - -<ul> - <li><b>[% terms.Bug %] Filing:</b> When filing [% terms.abug %], - [%+ terms.Bugzilla %] now visually indicates which fields are - mandatory.</li> - <li><b>[% terms.Bug %] Filing:</b> "Bookmarkable templates" now - support the "alias" and "estimated hours" fields.</li> - - <li><b>[% terms.Bug %] Editing:</b> In previous versions of - [%+ terms.Bugzilla %], if you added a private comment to [% terms.abug %], - then <em>none</em> of the changes that you made at that time were - sent to users who couldn't see the private comment. Now, for users - who can't see private comments, public changes are sent, but the private - comment is excluded from their email notification.</li> - <li><b>[% terms.Bug %] Editing:</b> The controls for groups now - appear to the right of the attachment and time-tracking tables, - when editing [% terms.abug %].</li> - <li><b>[% terms.Bug %] Editing:</b> The "Collapse All Comments" - and "Expand All Comments" links now appear to the right of the - comment list instead of above it.</li> - <li><b>[% terms.Bug %] Editing:</b> The See Also field now supports - URLs for Google Code Issues and the Debian B[% %]ug-Tracking System.</li> - <li><b>[% terms.Bug %] Editing:</b> There have been significant performance - improvements in <kbd>show_bug.cgi</kbd> (the script that displays the - [% terms.bug %]-editing form), particularly for [% terms.bugs %] that - have lots of comments or attachments.</li> - - <li><b>Attachments:</b> The "Details" page of an attachment - now displays itself as uneditable if you can't edit the fields - there.</li> - <li><b>Attachments:</b> We now make sure that there is - a Description specified for an attachment, using JavaScript, before - the form is submitted.</li> - <li><b>Attachments:</b> There is now a link back to the [% terms.bug %] - at the bottom of the "Details" page for an attachment.</li> - <li><b>Attachments:</b> When you click on an "attachment 12345" link - in a comment, if the attachment is a patch, you will now see the - formatted "Diff" view instead of the raw patch.</li> - <li><b>Attachments</b>: For text attachments, we now let the browser - auto-detect the character encoding, instead of forcing the browser to - always assume the attachment is in UTF-8.</li> - - <li><b>Search:</b> You can now display [% terms.bug %] flags as a column - in search results.</li> - <li><b>Search:</b> When viewing search results, you can see which columns are - being sorted on, and which direction the sort is on, as indicated - by arrows next to the column headers.</li> - <li><b>Search:</b> You can now search the Deadline field using relative - dates (like "1d", "2w", etc.).</li> - <li><b>Search:</b> The iCalendar format of search results now includes - a PRIORITY field.</li> - <li><b>Search:</b> It is no longer an error to enter an invalid search - order in a search URL--[% terms.Bugzilla %] will simply warn you that - some of your order options are invalid.</li> - <li><b>Search:</b> When there are no search results, some helpful - links are displayed, offering actions you might want to take.</li> - <li><b>Search:</b> For those who like to make their own - <kbd>buglist.cgi</kbd> URLs (and for people working on customizations), - <kbd>buglist.cgi</kbd> now accepts nearly every valid field in - [%+ terms.Bugzilla %] as a direct URL parameter, like - <kbd>&field=value</kbd>.</li> - - <li><b>Requests:</b> When viewing the "My Requests" page, you can now - see the lists as a normal search result by clicking a link at the - bottom of each table.</li> - <li><b>Requests:</b> When viewing the "My Requests" page, if you are - using Classifications, the Product drop-down will be grouped by - Classification.</li> - - <li><b>Inbound Email:</b> When filing [% terms.abug %] by email, if the - product that you are filing the [% terms.bug %] into has some groups - set as Default for you, the [% terms.bug %] will now be placed into those - groups automatically.</li> - <li><b>Inbound Email:</b> The field names that can be used when creating - [%+ terms.bugs %] by email now exactly matches the set of valid parameters - to the - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bug.html#create">B[% %]ug.create - WebService function</a>. You can still use most of the old field names - that 3.4 and earlier used for inbound emails, though, for - backwards-compatibility.</li> - - <li>If there are multiple languages available for your - [%+ terms.Bugzilla %], you can now select what language you want - [%+ terms.Bugzilla %] displayed in using links at the top of every - page.</li> - <li>When creating a new account, you will be automatically logged in - after setting your password.</li> - <li>There is no longer a maximum password length for accounts.</li> - <li>In the Dusk skin, it's now easier to see links.</li> - <li>In the Whining system, you can now choose to receive emails even - if there are no [% terms.bugs %] that match your searches.</li> - <li>The arrows in dependency graphs now point the other way, so that - [%+ terms.bugs %] point at their dependencies.</li> - - <li><b>New Charts:</b> You can now convert an existing Saved Search - into a data series for New Charts.</li> - <li><b>New Charts:</b> There is now an interface that allows you to - delete data series.</li> - <li><b>New Charts:</b> When deleting a product, you now have the option - to delete the data series that are associated with that product.</li> -</ul> - -<h4>Enhancements for Administrators and Developers</h4> - -<ul> - <li>Depending on how your workflow is set up, it is now possible to - have both UNCONFIRMED and REOPENED show up as status choices for - a closed [% terms.bug %]. If you only want one or the other to - show up, you should edit your status workflow appropriately - (possibly by removing or disabling the REOPENED status).</li> - <li>You can now "disable" field values so that they don't show - up as choices on [% terms.abug %] unless they are already set as - the value for that [% terms.bug %]. This doesn't work for the - per-product field values (component, target_milestone, and version) - yet, though.</li> - <li>Users are now locked out of their accounts for 30 minutes after - trying five bad passwords in a row during login. Every time a - user is locked out like this, the user in the "maintainer" parameter - will get an email.</li> - <li>The minimum length allowed for a password is now 6 characters.</li> - <li>The <kbd>UNCONFIRMED</kbd> status being enabled in a product - is now unrelated to the voting parameters. Instead, there is a checkbox - to enable the <kbd>UNCONFIRMED</kbd> status in a product.</li> - <li>Information about duplicates is now stored in the database instead - of being stored in the <kbd>data/</kbd> directory. On large installations - this could save several hundred megabytes of disk space.</li> - - <li><b>Installation:</b> When installing [% terms.Bugzilla %], the - "maintainer" parameter will be automatically set to the administrator - that was created by <kbd>checksetup.pl</kbd>.</li> - <li><b>Installation:</b> <kbd>checksetup.pl</kbd> now prints out - certain errors in a special color so that you know that something - needs to be done.</li> - <li><b>Installation:</b> <kbd>checksetup.pl</kbd> is now <em>much</em> - faster at upgrading installations, particularly older installations. - Also, it's been made faster to run for the case where it's not - doing an upgrade.</li> - <li><b>Installation:</b> If you install [% terms.Bugzilla %] using the - tarball, the <kbd>CGI.pm</kbd> module from CPAN is now included in - the <kbd>lib/</kbd> dir. If you would rather use the CGI.pm from your - global Perl installation, you can delete <kbd>CGI.pm</kbd> and the - <kbd>CGI</kbd> directory from the <kbd>lib/</kbd> directory.</li> - - <li>When editing a group, you can now specify that members of a group - are allowed to grant others membership in that group itself.</li> - <li>The ability to compress BMP attachments to PNGs is now an Extension. - To enable the feature, remove the file - <kbd>extensions/BmpConvert/disabled</kbd> and then run <kbd>checksetup.pl</kbd>.</li> - <li>The default list of values for the Priority field are now clear English - words instead of P1, P2, etc.</li> - <li>There is now a system in place so that all field values can be - localized. See the <kbd>value_descs</kbd> variable in - <kbd>template/en/default/global/field-descs.none.tmpl</kbd>.</li> - <li><kbd>config.cgi</kbd> now returns an ETag header and understands - the If-None-Match header in HTTP requests.</li> - <li>The XML format of <kbd>show_bug.cgi</kbd> now returns more information: - the numeric id of each comment, whether an attachment is a URL, - the modification time of an attachment, the numeric id of a flag, - and the numeric id of a flag's type.</li> - - <li><b>Parameters:</b> Parameters that aren't actually required are no longer - in the "Required" section of the Parameters page. Instead, some are in the - new "General" section, and some are in the new "Advanced" section.</li> - <li><b>Parameters:</b> The old <kbd>ssl</kbd> parameter has been - changed to <kbd>ssl_redirect</kbd>, and can only be turned "on" or "off". - If "on", then all users will be forcibly redirected to SSL whenever - they access [% terms.Bugzilla %]. When the parameter is off, - no SSL-related redirects will occur (even if the user directly - accesses [% terms.Bugzilla %] via SSL, they will <em>not</em> be - redirected to a non-SSL page).</li> - <li><b>Parameters:</b> In the Advanced parameters, there is a new parameter, - <kbd>inbound_proxies</kbd>. If your [% terms.Bugzilla %] is behind a - proxy, you should set this parameter to the IP address of that proxy. - Then, [% terms.Bugzilla %] will "believe" any "X-Forwarded-For" - header sent from that proxy, and correctly use the X-Forwarded-For - as the end user's IP, instead of believing that all traffic is coming - from the proxy.</li> - - <li><b>Removed Parameter:</b> The <kbd>loginnetmask</kbd> parameter has - been removed. Since [% terms.Bugzilla %] sends secure cookies, it's no - longer necessary to always restrict logins to a specific IP or block - of addresses.</li> - <li><b>Removed Parameter:</b> The <kbd>quicksearch_comment_cutoff</kbd> - parameter is gone. Quicksearch now always searches comments; however, it - uses a much faster algorithm to do it.</li> - <li><b>Removed Parameter:</b> The <kbd>usermatchmode</kbd> parameter has - been removed. User-matching is now <em>always</em> done.</li> - <li><b>Removed Parameter:</b> The <kbd>useentrygroupdefault</kbd> parameter - has been removed. [% terms.Bugzilla %] now always behaves as though - that parameter were off.</li> - <li>The <kbd>t/001compile.t</kbd> test should now always pass, no matter - what configuration of optional modules you do or don't have installed.</li> - <li>New script: <kbd>contrib/console.pl</kbd>, which allows you to have - a "command line" into [% terms.Bugzilla %] by inputting Perl code - or using a few custom commands.</li> -</ul> - -<h4>WebService Changes</h4> - -<ul> - <li>The WebService now returns all dates and times in the UTC timezone. - <kbd>B[% %]ugzilla.time</kbd> now acts as though the [% terms.Bugzilla %] - server were in the UTC timezone, always. If you want to write clients - that are compatible across all [% terms.Bugzilla %] versions, - check the timezone from <kbd>B[% %]ugzilla.timezone</kbd> or - <kbd>B[% %]ugzilla.time</kbd>, and always input times in that timezone - and expect times to be returned in that format.</li> - <li>You can now log in by passing <kbd>Bugzilla_login</kbd> and - <kbd>Bugzilla_password</kbd> as arguments to any WebService function. - See the - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService.html#LOGGING_IN">Bugzilla::WebService</a> - documentation for details.</li> - <li>New Method: - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bug.html#attachments">B[% %]ug.attachments</a> - which allows getting information about attachments.</li> - <li>New Method: - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bug.html#fields">B[% %]ug.fields</a>, - which gets information about all the fields that [% terms.abug %] can have - in [% terms.Bugzilla %], include custom fields and legal values for - all fields. The <kbd>B[% %]ug.legal_values</kbd> method is now deprecated.</li> - <li>In the <kbd>B[% %]ug.add_comment</kbd> method, the "private" parameter - has been renamed to "is_private" (for consistency with other methods). - You can still use "private", though, for backwards-compatibility.</li> - <li>The WebService now has Perl's "taint mode" turned on. This means that - it validates all data passed in before sending it to the database. - Also, all parameter names are validated, and if you pass in a parameter - whose name contains anything other than letters, numbers, or underscores, - that parameter will be ignored. Mostly this just affects - customizers--[% terms.Bugzilla %]'s WebService is not functionally - affected by these changes.</li> - <li>In previous versions of [% terms.Bugzilla %], error messages were - sent word-wrapped to the client, from the WebService. Error messages - are now sent as one unbroken line.</li> -</ul> - -<h2 id="v36_issues">Outstanding Issues</h2> - -<ul> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=423439"> - [%- terms.Bug %] 423439</a>: Tabs in comments will be converted - to four spaces, due to a b<!-- -->ug in Perl as of Perl 5.8.8.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=69621"> - [%- terms.Bug %] 69621</a>: If you rename or remove a keyword that is - in use on [% terms.bugs %], you will need to rebuild the "keyword cache" - by running <a href="sanitycheck.cgi">sanitycheck.cgi</a> and choosing - the option to rebuild the cache when it asks. Otherwise keywords may - not show up properly in search results.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=89822"> - [%- terms.Bug %] 89822</a>: When changing multiple [% terms.bugs %] at - the same time, there is no "mid-air collision" protection.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=276230"> - [%- terms.Bug %] 276230</a>: The support for restricting access to - particular Categories of New Charts is not complete. You should treat - the 'chartgroup' Param as the only access mechanism available.<br> - However, charts migrated from Old Charts will be restricted to - the groups that are marked MANDATORY for the corresponding Product. - There is currently no way to change this restriction, and the - groupings will not be updated if the group configuration - for the Product changes.</li> -</ul> - -<h2 id="v36_upgrading">Notes On Upgrading From a Previous Version</h2> - -<p>When upgrading to 3.6, <kbd>checksetup.pl</kbd> will create foreign keys - for many columns in the database. Before doing this, it will check the - database for consistency. If there are an unresolvable consistency - problems, it will tell you what table and column in the database contain - the bad values, and which values are bad. If you don't know what else to do, - you can always delete the database records which contain the bad values by - logging in to your database and running the following command:</p> - -<p><code>DELETE FROM <var>table</var> WHERE <var>column</var> IN - (<var>1, 2, 3, 4</var>)</code></p> - -<p>Just replace "table" and "column" with the name of the table - and column that <kbd>checksetup.pl</kbd> mentions, and "1, 2, 3, 4" - with the invalid values that <kbd>checksetup.pl</kbd> prints out.</p> - -<p>Remember that you should always back up your database before doing - an upgrade.</p> - -<h2 id="v36_code_changes">Code Changes Which May Affect Customizations</h2> - -<ul> - <li>There is no longer a SendBugMail method in the templates, and bugmail - is no longer sent by processing a template. Instead, it is sent - by using <kbd>Bugzilla::BugMail::Send</kbd>.</li> - <li>Comments are now represented as a - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Comment.html">Bugzilla::Comment</a> - object instead of just being hashes.</li> - <li>In previous versions of [% terms.Bugzilla %], the template for displaying - [%+ terms.abug %] required a lot of extra variables that are now global - template variables instead.</li> - <li>You can now check if optional modules are installed by using - <kbd>Bugzilla->feature</kbd> in Perl code or - <kbd>feature_enabled</kbd> in template code.</li> - <li>All of the various template header information required to display - the [% terms.bug %] form is now in one template, - <kbd>template/en/default/bug/show-header.html.tmpl</kbd>.</li> - <li>You should now use <kbd>display_value</kbd> instead of - <kbd>get_status</kbd> or <kbd>get_resolution</kbd> in templates. - <kbd>display_value</kbd> should be used anywhere that a - <select>-type field has its values displayed.</li> -</ul> - - -<h1 id="v36_previous">[% terms.Bugzilla %] 3.4 Release Notes</h1> - -<ul class="bz_toc"> - <li><a href="#v34_introduction">Introduction</a></li> - <li><a href="#v34_point">Updates in this 3.4.x Release</a></li> - <li><a href="#v34_req">Minimum Requirements</a></li> - <li><a href="#v34_feat">New Features and Improvements</a></li> - <li><a href="#v34_issues">Outstanding Issues</a></li> - <li><a href="#v34_upgrading">Notes On Upgrading From a Previous Version</a></li> - <li><a href="#v34_code_changes">Code Changes Which May Affect - Customizations</a></li> - <li><a href="#v34_previous">Release Notes for Previous Versions</a></li> -</ul> - -<h2 id="v34_introduction">Introduction</h2> - -<p>This is [% terms.Bugzilla %] 3.4! [% terms.Bugzilla %] 3.4 brings a lot - of great enhancements for [% terms.Bugzilla %] over previous versions, - with various improvements to the user interface, lots of interesting new - features, and many long-standing requests finally being addressed.</p> - -<p>If you're upgrading, make sure to read <a href="#v34_upgrading">Notes - On Upgrading From a Previous Version</a>. If you are upgrading from a release - before 3.2, make sure to read the release notes for all the - <a href="#v34_previous">previous versions</a> in between your version - and this one, <strong>particularly the Upgrading section of each - version's release notes</strong>.</p> - -<p>We would like to thank <a href="http://www.canonical.com/">Canonical - Ltd.</a> for funding development of one new feature, and NASA for funding - development of several new features through the - <a href="http://www.sjsufoundation.org/">San Jose State University - Foundation</a>.</p> - -<h2 id="v34_point">Updates In This 3.4.x Release</h2> - -<h3>3.4.6</h3> - -<ul> - <li>When doing a search that involves "not equals" or "does not contain the - string" or similar "negative" search types, the search description that - appears at the top of the resulting [% terms.bug %] list will indicate - that the search was of that type. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=474738">[% terms.Bug %] 474738</a>) - </li> - <li>In Internet Explorer, users couldn't easily mark a RESOLVED DUPLICATE - [%+ terms.bug %] as REOPENED, due to a JavaScript error. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=546719">[% terms.Bug %] 546719</a>) - </li> - <li>If you use a "bookmarkable template" to pre-fill forms on - the [% terms.bug %]-filing page, and you have custom fields - that are only supposed to appear (or only supposed to have certain - values) based on the values of other fields, those custom fields will - now work properly. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=538211">[% terms.Bug %] 538211</a>) - </li> - <li>If you have a custom field that's only supposed to appear when - a [% terms.bug %]'s resolution is FIXED, it will now behave properly - on the [% terms.bug %]-editing form when a user sets the [% terms.bug %]'s - status to RESOLVED. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=520993">[% terms.Bug %] 520993</a>) - </li> - <li>If you are logged-out and using <kbd>request.cgi</kbd>, the Requester - and Requestee fields no longer respect the <kbd>usermatching</kbd> - parameter--they always require full usernames. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=533018">[% terms.Bug %] 533018</a>) - </li> - <li>If you tried to do a search with too many terms (resulting in a URL - that was longer than about 7000 characters), Apache would return a - 500 error instead of your search results. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=513989">[% terms.Bug %] 513989</a>) - </li> - <li>[% terms.Bugzilla %] would sometimes lose fields from your sort order - when you added new fields to your sort order. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=470214">[% terms.Bug %] 470214</a>) - </li> - <li>The Atom format of search results would sometimes be missing the - Reporter or Assignee field for some [% terms.bugs %]. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=537834">[% terms.Bug %] 537834</a>) - </li> -</ul> - -<h3>3.4.5</h3> - -<p>This release contains fixes for multiple security issues. See the - <a href="http://www.bugzilla.org/security/3.0.10/">Security Advisory</a> - for details.</p> - -<p>In addition, the following important fixes/changes have been made in - this release:</p> - -<ul> - <li>Whining was failing if jobqueue.pl was enabled. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=530270">[% terms.Bug %] 530270</a>) - </li> - <li>The Assignee field was empty in Whine mails. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=511216">[% terms.Bug %] 511216</a>) - </li> - <li>Administrators can now successfully create user accounts using - editusers.cgi when using the "Env" authentication method. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=483987">[% terms.Bug %] 483987</a>) - </li> - <li>[% terms.Bug %]mail now uses the timezone of the recipient of the email, - when displaying the time a comment was made, instead of the timezone of the - person who made the change. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=534587">[% terms.Bug %] 534587</a>) - </li> - <li>"[% terms.bug %] 1234" in comments sometimes would not become a link if - word-wrapping happened between "[% terms.bug %]" and the number. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=514703">[% terms.Bug %] 514703</a>) - </li> - <li>Running <kbd>checksetup.pl</kbd> on Windows will no longer pop up an error box - about OCI.dll. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=480968">[% terms.Bug %] 480968</a>) - </li> -</ul> - -<h3>3.4.4</h3> - -<p>This release contains a fix for a security issue. See the - <a href="http://www.bugzilla.org/security/3.4.3/">Security Advisory</a> - for details.</p> - -<p>Additionally, this release fixes a few minor [% terms.bugs %].</p> - -<h3>3.4.3</h3> - -<ul> - <li>[% terms.Bugzilla %] installations running under mod_perl were leaking - about 512K of RAM per page load. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=517793">[% terms.Bug %] 517793</a>) - </li> - <li>Attachments with Unicode characters in their names were being downloaded - with mangled names. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=328628">[% terms.Bug %] 328628</a>) - </li> - <li>Creating custom fields with Unicode in their database column name - is now no longer allowed, as it would break [% terms.Bugzilla %]. If you - created such a custom field, you should delete it by first marking it - obsolete and then clicking "Delete" in the custom field list, using - <a href="editfields.cgi">editfields.cgi</a>. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=525025">[% terms.Bug %] 525025</a>) - </li> - <li>Clicking "submit only my comment" on the "mid-air collisions" page - was leading to a "Suspicious Action" warning. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=514378">[% terms.Bug %] 514378</a>) - </li> - <li>The XML format of [% terms.abug %] accidentally contained the - word-wrapped content of comments instead of the unwrapped content. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=509152">[% terms.Bug %] 509152</a>) - </li> - <li>You can now do <kbd>./install-module.pl --shell</kbd> to get a CPAN - shell using the configuration of - <a href="[% docs_urlbase FILTER html %]api/install-module.html">install-module.pl</a>, - which allows you to do more advanced Perl module installation tasks. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=445875">[% terms.Bug %] 445875</a>) - </li> -</ul> - -<h3>3.4.2</h3> - -<p>This release contains fixes for multiple security issues, one of which - is highly critical. See the - <a href="http://www.bugzilla.org/security/3.0.8/">Security Advisory</a> - for details.</p> - -<p>In addition, the following important fixes/changes have been made in - this release:</p> - -<ul> - <li>Upgrades from older releases were sometimes failing during UTF-8 - conversion with a foreign key error. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=508181">[% terms.Bug %] 508181</a>) - </li> - <li>Sorting [% terms.bug %] lists on certain fields would result in an error. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=510944">[% terms.Bug %] 510944</a>) - </li> - <li>[% terms.Bug %] update emails had two or three blank lines at the top - and between the various sections of the email. There is now only one - blank line in each of those places, making these emails more compact. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=73330">[% terms.Bug %] 73330</a>) - </li> - <li>[% terms.Bug %] email notifications for new [% terms.bugs %] incorrectly - had a line saying that the description was "Comment 0". - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=510798">[% terms.Bug %] 510798</a>) - </li> - <li>Running <kbd>./collectstats.pl --regenerate</kbd> is now much faster, - on the order of 20x or 100x faster. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=286625">[% terms.Bug %] 286625</a>) - </li> - <li>For users of RHEL, CentOS, Fedora, etc. jobqueue.pl can now automatically - be installed as a daemon by running <kbd>./jobqueue.pl install</kbd> - as root. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=475403">[% terms.Bug %] 475403</a>) - </li> - <li>XML-RPC interface responses had an incorrect Content-Length header - and would sometimes be truncated, if they contained certain UTF-8 - characters. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=486306">[% terms.Bug %] 486306</a>) - </li> - <li>Users who didn't have access to the time-tracking fields would get an - empty [% terms.bug %] update email when the time-tracking fields were - changed. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=509035">[% terms.Bug %] 509035</a>) - </li> - <li>In the New Charts, non-public series now no longer show up as selectable - if you cannot access them. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=389396">[% terms.Bug %] 389396</a>) - </li> -</ul> - -<h3>3.4.1</h3> - -<p>This release contains an important security fix. See the - <a href="http://www.bugzilla.org/security/3.4/">Security Advisory</a> - for details.</p> - -<h2 id="v34_req">Minimum Requirements</h2> - -<p>Any requirements that are new since 3.2.3 will look like - <span class="req_new">this</span>.</p> - -<ul> - <li><a href="#v34_req_perl">Perl</a></li> - <li><a href="#v34_req_mysql">For MySQL Users</a></li> - <li><a href="#v34_req_pg">For PostgreSQL Users</a></li> - <li><a href="#v34_req_oracle">For Oracle Users</a></li> - <li><a href="#v34_req_modules">Required Perl Modules</a></li> - <li><a href="#v34_req_optional_mod">Optional Perl Modules</a></li> -</ul> - -<h3 id="v34_req_perl">Perl</h3> - -<p>Perl v5.8.1</p> - -<h3 id="v34_req_mysql">For MySQL Users</h3> - -<ul> - <li>MySQL v4.1.2</li> - <li><strong>perl module:</strong> DBD::mysql v4.00</li> -</ul> - -<h3 id="v34_req_pg">For PostgreSQL Users</h3> - -<ul> - <li>PostgreSQL v8.00.0000</li> - <li><strong>perl module:</strong> DBD::Pg v1.45</li> -</ul> - -<h3 id="v34_req_oracle">For Oracle Users</h3> - -<ul> - <li>Oracle v10.02.0</li> - <li><strong>perl module:</strong> DBD::Oracle v1.19</li> -</ul> - -<h3 id="v34_req_modules">Required Perl Modules</h3> - -<table class="req_table" border="0" cellspacing="0" cellpadding="0"> - <tr> - <th>Module</th> <th>Version</th> - </tr> - <tr> - <td>CGI</td> - <td>3.21</td> - </tr> - <tr> - <td class="req_new">Digest::SHA</td> - <td class="req_new"> (Any)</td> - </tr> - <tr> - <td>Date::Format</td> - <td>2.21</td> - </tr> - <tr> - <td class="req_new">DateTime</td> - <td class="req_new">0.28</td> - </tr> - <tr> - <td class="req_new">DateTime::TimeZone</td> - <td class="req_new">0.71</td> - </tr> - <tr> - <td>DBI</td> - <td>1.41</td> - </tr> - <tr> - <td>Template</td> - <td class="req_new">2.22</td> - </tr> - <tr> - <td>Email::Send</td> - <td>2.00</td> - </tr> - <tr> - <td>Email::MIME</td> - <td>1.861</td> - </tr> - <tr> - <td>Email::MIME::Encodings</td> - <td>1.313</td> - </tr> - <tr> - <td>Email::MIME::Modifier</td> - <td>1.442</td> - </tr> - <tr> - <td class="req_new">URI</td> - <td class="req_new">(Any)</td> - </tr> -</table> - -<h3 id="v34_req_optional_mod">Optional Perl Modules</h3> - -<p>The following perl modules, if installed, enable various - features of [% terms.Bugzilla %]:</p> - -<table class="req_table" border="0" cellspacing="0" cellpadding="0"> - <tr> - <th>Module</th> - <th>Version</th> - <th>Enables Feature</th> - </tr> - <tr> - <td>LWP::UserAgent</td> - <td>(Any)</td> - <td>Automatic Update Notifications</td> - </tr> - <tr> - <td>Template::Plugin::GD::Image</td> - <td>(Any)</td> - <td>Graphical Reports</td> - </tr> - <tr> - <td>GD::Text</td> - <td>(Any)</td> - <td>Graphical Reports</td> - </tr> - <tr> - <td>GD::Graph</td> - <td>(Any)</td> - <td>Graphical Reports</td> - </tr> - <tr> - <td>GD</td> - <td>1.20</td> - <td>Graphical Reports, New Charts, Old Charts</td> - </tr> - <tr> - <td>Email::MIME::Attachment::Stripper</td> - <td>(Any)</td> - <td>Inbound Email</td> - </tr> - <tr> - <td>Email::Reply</td> - <td>(Any)</td> - <td>Inbound Email</td> - </tr> - <tr> - <td>Net::LDAP</td> - <td>(Any)</td> - <td>LDAP Authentication</td> - </tr> - <tr> - <td class="req_new">TheSchwartz</td> - <td class="req_new">(Any)</td> - <td>Mail Queueing</td> - </tr> - <tr> - <td class="req_new">Daemon::Generic</td> - <td class="req_new">(Any)</td> - <td>Mail Queueing</td> - </tr> - <tr> - <td>HTML::Parser</td> - <td>3.40</td> - <td>More HTML in Product/Group Descriptions</td> - </tr> - <tr> - <td>HTML::Scrubber</td> - <td>(Any)</td> - <td>More HTML in Product/Group Descriptions</td> - </tr> - <tr> - <td>XML::Twig</td> - <td>(Any)</td> - <td>Move [% terms.Bugs %] Between Installations</td> - </tr> - <tr> - <td>MIME::Parser</td> - <td>5.406</td> - <td>Move [% terms.Bugs %] Between Installations</td> - </tr> - <tr> - <td>Chart::Base</td> - <td>1.0</td> - <td>New Charts, Old Charts</td> - </tr> - <tr> - <td>Image::Magick</td> - <td>(Any)</td> - <td>Optionally Convert BMP Attachments to PNGs</td> - </tr> - <tr> - <td>PatchReader</td> - <td>0.9.4</td> - <td>Patch Viewer</td> - </tr> - <tr> - <td>Authen::Radius</td> - <td>(Any)</td> - <td>RADIUS Authentication</td> - </tr> - <tr> - <td>Authen::SASL</td> - <td>(Any)</td> - <td>SMTP Authentication</td> - </tr> - <tr> - <td>SOAP::Lite</td> - <td>0.710.06</td> - <td>XML-RPC Interface</td> - </tr> - <tr> - <td>mod_perl2</td> - <td>1.999022</td> - <td>mod_perl</td> - </tr> -</table> - -<h2 id="v34_feat">New Features and Improvements</h2> - -<ul> - <li><a href="#v34_feat_enter">Simple [% terms.Bug %] Filing</a></li> - <li><a href="#v34_feat_index">New Home Page</a></li> - <li><a href="#v34_feat_spam">Email Addresses Hidden From Logged-Out - Users</a></li> - <li><a href="#v34_feat_urls">Shorter Search URLs</a></li> - <li><a href="#v34_feat_async">Asynchronous Email Sending</a></li> - <li><a href="#v34_feat_tz">Dates and Times Displayed In User's Time - Zone</a></li> - <li><a href="#v34_feat_vis">Custom Fields That Only Appear When - Another Field Has a Particular Value</a></li> - <li><a href="#v34_feat_vals">Custom Fields Whose List of Values - Change Depending on the Value of Another Field</a></li> - <li><a href="#v34_feat_bugid">New Custom Field Type: - [%+ terms.Bug %] ID</a></li> - <li><a href="#v34_feat_see">"See Also" Field</a></li> - <li><a href="#v34_feat_cols">Re-order Columns in Search Results</a></li> - <li><a href="#v34_feat_desc">Search Descriptions</a></li> - <li><a href="#v34_feat_other">Other Enhancements and Changes</a></li> -</ul> - -<h3 id="v34_feat_enter">Simple [% terms.Bug %] Filing</h3> - -<p>When entering a new [% terms.bug %], the vast majority of fields are - now hidden by default, which enormously simplifies the bug-filing form. - You can click "Show Advanced Fields" to show all the fields, if you want - them. [%+ terms.Bugzilla %] remembers whether you last used the "Advanced" - or "Simple" version of the [% terms.bug %]-entry form, and will display the - same version to you again next time you file [% terms.abug %].</p> - -<h3 id="v34_feat_index">New Home Page</h3> - -<p>[% terms.Bugzilla %]'s front page has been redesigned to be better at - guiding new users into the activities that they most commonly want to - do. Further enhancements to the home page are coming in future versions - of [% terms.Bugzilla %].</p> - -<h3 id="v34_feat_spam">Email Addresses Hidden From Logged-Out Users</h3> - -<p>To help prevent spam to [% terms.Bugzilla %] users, all email addresses - stored in [% terms.Bugzilla %] are now displayed only if you are logged in. - If you are logged out, only the part before the "@" of the email address is - displayed. This includes [% terms.bug %] lists, viewing [% terms.bugs %], the - XML format of [% terms.abug %], and any other place in the web interface that - an email address could appear.</p> - -<p>Email addresses are not filtered out of [% terms.bug %] comments. - The WebService still returns full email addresses, even if you are logged - out.</p> - -<h3 id="v34_feat_urls">Shorter Search URLs</h3> - -<p>When submitting a search, all the unused fields are now stripped from - the URL, so search URLs are much more meaningful, and much shorter.</p> - -<h3 id="v34_feat_async">Asynchronous Email Sending</h3> - -<p>The largest performance problem in former versions of [% terms.Bugzilla %] - was that when updating [% terms.bugs %], email would be sent immediately - to every user who needed to be notified, and <kbd>process_bug.cgi</kbd> - would wait for the emails to be sent before continuing.</p> - -<p>Now [% terms.Bugzilla %] is capable of queueing emails to be sent - while [% terms.abug %] is being updated, and sending them in the - background. This requires the administrator to run a daemon - that comes with [% terms.Bugzilla %], named - <a href="[% docs_urlbase FILTER html %]api/jobqueue.html">jobqueue.pl</a>, - and to enable the <a href="editparams.cgi?section=mta#use_mailer_queue"> - use_mailer_queue</a> parameter.</p> - -<p>Using the background email-sending daemon instead of sending mail directly - should result in a very large speed-up for updating [% terms.bugs %], - particularly on larger installations.</p> - -<h3 id="v34_feat_tz">Dates and Times Displayed In User's Time Zone</h3> - -<p>Users can now select what time zone they are in and [% terms.Bugzilla %] - will adjust displayed times to be correct for their time zone. However, - times the user inputs are unfortunately still in [% terms.Bugzilla %]'s - time zone.</p> - -<h3 id="v34_feat_vis">Custom Fields That Only Appear When Another Field - Has a Particular Value</h3> - -<p>When creating a new custom field (or updating the definition of - an existing custom field), you can now say that "this field only - appears when field X has value Y". (In the future, you will be able - to select multiple values for "Y", so a field will appear when any - one of those values is selected.)</p> - -<p>This feature only hides fields--it doesn't make their values go away. - So [% terms.bugs %] will still show up in searches for that field's - value, but the field won't appear in the user interface.</p> - -<p>This is a good way of making Product-specific fields.</p> - -<h3 id="v34_feat_vals">Custom Fields Whose List of Values Change - Depending on the Value of Another Field</h3> - -<p>When creating a drop-down or multiple-selection custom field, you can - now specify that another field "controls the values" of this field. - Then, when adding values to this field, you can say that a particular - value only appears when the other field is set to a particular - value.</p> - -<p>Here's an example: Let's say that we create a field called "Colors", - and we make the Product field "control the values" for Colors. Then we - add Blue, Red, Black, and Yellow as legal values for the "Colors" field. - Now we can say that "Blue" and "Red" only appear as valid choices in - Product A, "Yellow" only appears in Product B, but "Black" <em>always</em> - appears.</p> - -<p>One thing to note is that this feature only controls what values appear in - the <em>user interface</em>. [% terms.Bugzilla %] itself will still accept - any combination of values as valid, in the backend.</p> - -<h3 id="v34_feat_bugid">New Custom Field Type: [% terms.Bug %] ID</h3> - -<p>You can now create a custom field that holds a reference to a single - valid [% terms.bug %] ID. In the future this will be enhanced to allow - [%+ terms.bugs %] to refer to each other via this field.</p> - -<h3 id="v34_feat_see">"See Also" Field</h3> - -<p>We have added a new standard field called "See Also" to - [%+ terms.Bugzilla %]. In this field, you can put URLs to multiple - [%+ terms.bugs %] in any [% terms.Bugzilla %] installation, to indicate - that those [% terms.bugs %] are related to this one. It also supports - adding URLs to [% terms.bugs %] in - <a href="http://launchpad.net/">Launchpad</a>.</p> - -<p>Right now, the field just validates the URLs and then displays them, but - in the future, it will grab information from the other installation about - the [% terms.bug %] and display it here, and possibly even update the - other installation.</p> - -<p>If your installation does not need this field, you can hide it by disabling - the <a href="editparams.cgi?section=bugfields#use_see_also">use_see_also - parameter</a>.</p> - -<h3 id="v34_feat_cols">Re-order Columns in Search Results</h3> - -<p>There is a new interface for choosing what columns appear in search - results, which allows you to change the order in which columns appear - from left to right when viewing the [% terms.bug %] list.</p> - -<h3 id="v34_feat_desc">Search Descriptions</h3> - -<p>When displaying search results, [% terms.Bugzilla %] will now show - a brief description of what you searched for, at the top of the - [%+ terms.bug %] list.</p> - -<h3 id="v34_feat_other">Other Enhancements and Changes</h3> - -<h4>Enhancements for Users</h4> - -<ul> - <li>You can now log in from every page, using the login form that appears - in the header or footer when you click "Log In".</li> - <li>When viewing [% terms.abug %], obsolete attachments are now - hidden from the attachment list by default. You can show them - by clicking "Show Obsolete" at the bottom of the attachment list.</li> - <li>In the Email Preferences, you can now choose to get email when - a new [% terms.bug %] report is filed and you have a particular - role on it.</li> - <li>When resolving a mid-air collision, you can now choose to submit - only your comment.</li> - <li>You can now set the Blocks and Depends On field on the "Change - Several [% terms.Bugs %] At Once" page.</li> - <li>If your installation uses the "insidergroup" feature, you can now add - private comments on the "Change Several [% terms.Bugs %] At Once" - page.</li> - <li>When viewing a search result, you can now hover over any abbreviated - field to see its full value.</li> - <li>When logging out, users are now redirected to the main page of - [%+ terms.Bugzilla %] instead of an empty page.</li> - <li>When editing [% terms.abug %], text fields (except the comment box) now - grow longer when you widen your browser window.</li> - <li>When viewing [% terms.abug %], the Depends On and Blocks list will - display [% terms.abug %]'s alias if it has one, instead of its id. - Also, closed [% terms.bugs %] will be sorted to the end of the list.</li> - - <li>If you use the time-tracking features of [% terms.Bugzilla %], and - you enable the time-tracking related columns in a search result, - then you will see a summary of the time-tracking data at the - bottom of the search result.</li> - <li>For users of time-tracking, the <kbd>summarize_time.cgi</kbd> page - now contains more data.</li> - - <li>When viewing an attachment's details page while you are logged-out, - flags are no longer shown as editable.</li> - <li>Cloning [% terms.abug %] will now retain the "Blocks" and "Depends On" - fields from the [% terms.bug %] being cloned.</li> - <li>[% terms.Bug %]mail for new [% terms.bugs %] will now indicate - what security groups the [% terms.bug %] has been restricted to.</li> - <li>You can now use any custom drop-down field as an axis for a tabular - or graphical report.</li> - <li>The <kbd>X-Bugzilla-Type</kbd> header in emails sent by - [%+ terms.Bugzilla %] is now "new" for [% terms.bug %]mail sent for - newly-filed [% terms.bugs %], and "changed" for emails having to do - with updated [% terms.bugs %].</li> - <li>Mails sent by the "Whining" system now contain the header - <kbd>X-Bugzilla-Type: whine</kbd>.</li> - <li>[% terms.bug %]mail now contains a X-Bugzilla-URL header to uniquely - identify which [% terms.Bugzilla %] installation the email came from.</li> - <li>If you input an invalid regular expression anywhere in - [%+ terms.Bugzilla %], it will now tell you explicitly instead of failing - cryptically.</li> - <li>The <kbd>duplicates.xul</kbd> page (which wasn't used by very many - people) is now gone.</li> -</ul> - -<h4>Enhancements for Administrators and Developers</h4> - -<ul> - <li>[% terms.Bugzilla %] now uses the SHA-256 algorithm (a variant of - SHA-2) to encrypt passwords in the database, instead of using Unix's - "crypt" function. This allows passwords longer than eight characters - to actually be effective. Each user's password will be converted to - SHA-256 the first time they log in after you upgrade to - [%+ terms.Bugzilla %] 3.4 or later.</li> - <li>If you are using database replication with [% terms.Bugzilla %], - many more scripts now take advantage of the read-only slave (the - "shadowdb"). It may be safe to open up <kbd>show_bug.cgi</kbd> - to search-engine indexing by editing your <kbd>robots.txt</kbd> file, - now, if your [% terms.Bugzilla %] is on fast-enough hardware.</li> - <li>The database now uses foreign keys to enforce the validity of - relationships between tables. Not every single table has all its - foreign keys yet, but most do.</li> - <li>Various parameters have been removed, in an effort to de-clutter - the parameter interface and simplify [% terms.Bugzilla %]'s code. - The parameters that were removed were: timezone, supportwatchers, - maxpatchsize, commentonclearresolution, commentonreassignbycomponent, - showallproducts. They have all been replaced with sensible default - behaviors. (For example, user watching is now always enabled.)</li> - <li>When adding <code>&debug=1</code> to the end of a - <kbd>buglist.cgi</kbd> URL, [% terms.Bugzilla %] will now also do an - EXPLAIN on the query, to help debug performance issues.</li> - <li>When editing flag types in the administrative interface, you can now - see how many flags of each type have been set.</li> -</ul> - -<h4>WebService Changes</h4> - -<ul> - <li>Various functions have been added to the WebService: - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bug.html#history">B[% %]ug.history</a>, - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bug.html#search">B[% %]ug.search</a>, - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bug.html#comments">B[% %]ug.comments</a>, - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bug.html#update_see_also">B[% %]ug.update_see_also</a>, - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/User.html#get">User.get</a>, - and <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bugzilla.html#time">B[% %]ugzilla.time</a> - (<kbd>B[% %]ugzilla.timezone</kbd> is now deprecated). - </li> - <li>For network efficiency, you can now limit which fields are returned - from certain WebService functions, like <kbd>User.get</kbd>.</li> - <li>There is now a "permissive" argument for the <kbd>B[% %]ug.get</kbd> - WebService function, which causes it not to throw an error when you - ask for [% terms.bugs %] you can't see.</li> - - <li>The <kbd>B[% %]ug.get</kbd> method now returns many more fields.</li> - <li>The <kbd>B[% %]ug.add_comment</kbd> method now returns the ID of the comment - that was just added.</li> - <li>The <kbd>B[% %]ug.add_comment</kbd> method will now throw an error if you - try to add a private comment but do not have the correct permissions. - (In previous versions, it would just silently ignore the <kbd>private</kbd> - argument if you didn't have the correct permissions.)</li> - <li>Many WebService function parameters now take individual values in - addition to arrays.</li> - <li>The WebService now validates input types--it makes sure that dates - are in the right format, that ints are actually ints, etc. It will throw - an error if you send it invalid data. It also accepts empty ints, doubles, - and dateTimes, and translates them to <kbd>undef</kbd>.</li> -</ul> - -<h2 id="v34_issues">Outstanding Issues</h2> - -<ul> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=423439"> - [%- terms.Bug %] 423439</a>: Tabs in comments will be converted - to four spaces, due to a b<!-- -->ug in Perl as of Perl 5.8.8.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=69621"> - [%- terms.Bug %] 69621</a>: If you rename or remove a keyword that is - in use on [% terms.bugs %], you will need to rebuild the "keyword cache" - by running <a href="sanitycheck.cgi">sanitycheck.cgi</a> and choosing - the option to rebuild the cache when it asks. Otherwise keywords may - not show up properly in search results.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=89822"> - [%- terms.Bug %] 89822</a>: When changing multiple [% terms.bugs %] at - the same time, there is no "mid-air collision" protection.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=276230"> - [%- terms.Bug %] 276230</a>: The support for restricting access to - particular Categories of New Charts is not complete. You should treat - the 'chartgroup' Param as the only access mechanism available.<br> - However, charts migrated from Old Charts will be restricted to - the groups that are marked MANDATORY for the corresponding Product. - There is currently no way to change this restriction, and the - groupings will not be updated if the group configuration - for the Product changes.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=370370"> - [%- terms.Bug %] 370370</a>: mod_perl support is currently not - working on Windows machines.</li> -</ul> - -<h2 id="v34_upgrading">Notes On Upgrading From a Previous Version</h2> - -<p>When upgrading to 3.4, <kbd>checksetup.pl</kbd> will create foreign keys - for many columns in the database. Before doing this, it will check the - database for consistency. If there are an unresolvable consistency - problems, it will tell you what table and column in the database contain - the bad values, and which values are bad. If you don't know what else to do, - you can always delete the database records which contain the bad values by - logging in to your database and running the following command:</p> - -<p><code>DELETE FROM <var>table</var> WHERE <var>column</var> IN - (<var>1, 2, 3, 4</var>)</code></p> - -<p>Just replace "table" and "column" with the name of the table - and column that <kbd>checksetup.pl</kbd> mentions, and "1, 2, 3, 4" - with the invalid values that <kbd>checksetup.pl</kbd> prints out.</p> - -<p>Remember that you should always back up your database before doing - an upgrade.</p> - -<h2 id="v34_code_changes">Code Changes Which May Affect Customizations</h2> - -<ul> - <li><kbd>checksetup.pl</kbd> now re-writes the <kbd>localconfig</kbd> - file every time it runs, keeping the current values set (if there - are any), but moving any unexpected variables into a file called - <kbd>localconfig.old</kbd>. If you want to continue having custom - varibles in <kbd>localconfig</kbd>, you will have to add them to - the <code>LOCALCONFIG_VARS</code> constant in - <kbd>Bugzilla::Install::Localconfig</kbd>.</li> - <li><kbd>Bugzilla::Object->update()</kbd> now returns something different - in list context than it does in scalar context.</li> - <li><kbd>Bugzilla::Object->check()</kbd> now can take object - ids in addition to names. Just pass in <code>{ id => $some_value - }</code>.</li> - <li>Instead of being defined in <kbd>buglist.cgi</kbd>, columns for - search results are now defined in a subroutine called <code>COLUMNS</code> - in <kbd>Bugzilla::Search</kbd>. The data now mostly comes from the - <kbd>fielddefs</kbd> table in the database. Search.pm now takes a list - of column names from fielddefs for its <kbd>fields</kbd> argument instead - of literal SQL columns.</li> - <li><kbd>Bugzilla::Field->legal_values</kbd> now returns an array of - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Field/Choice.html">Bugzilla::Field::Choice</a> - objects instead of an array of strings. Bugzilla::Field::Choice will be used - in more places, in the future.</li> - <li>We now use <kbd>Bugzilla::Bug->check()</kbd> instead of - <kbd>ValidateBugId</kbd>.</li> - <li>The <kbd>groups</kbd> and <kbd>bless_groups</kbd> methods in - <kbd>Bugzilla::User</kbd> now return an arrayref of - <kbd>Bugzilla::Group</kbd> objects instead of a hashref with - group ids and group names.</li> - <li>Standard [% terms.Bugzilla %] drop-down fields now have their type - set to <kbd>FIELD_TYPE_SINGLE_SELECT</kbd> in the fielddefs table.</li> - <li><kbd>Bugzilla->usage_mode</kbd> now defaults to - <kbd>USAGE_MODE_CMDLINE</kbd> if we are not running inside a web - server.</li> - <li>We no longer delete environment variables like <kbd>$ENV{PATH}</kbd> - automatically unless we're actually running in taint mode.</li> - <li>We are now using YUI 2.6.0.</li> - <li>In <a href="config.cgi?ctype=rdf">the RDF format of config.cgi</a>, - the "resource" attribute for flags now contains "flag.cgi" instead - of "flags.cgi".</li> -</ul> - - - - - - - -<h1 id="v34_previous">[% terms.Bugzilla %] 3.2 Release Notes</h1> - -<h2>Table of Contents</h2> - -<ul class="bz_toc"> - <li><a href="#v32_introduction">Introduction</a></li> - <li><a href="#v32_point">Updates In This 3.2.x Release</a></li> - <li><a href="#v32_security">Security Fixes In This 3.2.x Release</a></li> - <li><a href="#v32_req">Minimum Requirements</a></li> - <li><a href="#v32_feat">New Features and Improvements</a></li> - <li><a href="#v32_issues">Outstanding Issues</a></li> - <li><a href="#v32_upgrading">How to Upgrade From An Older Version</a></li> - <li><a href="#v32_code_changes">Code Changes Which May Affect - Customizations</a></li> - <li><a href="#v32_previous">Release Notes for Previous Versions</a></li> -</ul> - -<h2 id="v32_introduction">Introduction</h2> - -<p>Welcome to [% terms.Bugzilla %] 3.2! This is our first major feature - release since [% terms.Bugzilla %] 3.0, and it brings a lot of great - improvements and polish to the [% terms.Bugzilla %] experience.</p> - -<p>If you're upgrading, make sure to read <a href="#v32_upgrading">How to - Upgrade From An Older Version</a>. If you are upgrading from a release - before 3.0, make sure to read the release notes for all the - <a href="#v32_previous">previous versions</a> in between your version - and this one, <strong>particularly the "Notes For Upgraders" section of each - version's release notes</strong>.</p> - -<h2 id="v32_point">Updates in this 3.2.x Release</h2> - -<p>This section describes what's changed in the most recent b<!-- -->ug-fix - releases of [% terms.Bugzilla %] after 3.2. We only list the - most important fixes in each release. If you want a detailed list of - <em>everything</em> that's changed in each version, you should use our - <a href="http://www.bugzilla.org/status/changes.html">Change Log - Page</a>.</p> - -<h3>3.2.3</h3> - -<ul> - <li>[% terms.Bugzilla %] is now compatible with MySQL 5.1.x versions 5.1.31 - and greater. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=480001">[% terms.Bug %] 480001</a>)</li> - <li>On Windows, [% terms.Bugzilla %] sometimes would send mangled emails - (that would often fail to send). - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=467920">[% terms.Bug %] 467920</a>)</li> - <li><code>recode.pl</code> would sometimes crash when trying to convert - databases from older versions of [% terms.Bugzilla %]. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=431201">[% terms.Bug %] 431201</a>)</li> - <li>Running a saved search with Unicode characters in its name would - cause [% terms.Bugzilla %] to crash. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=477513">[% terms.Bug %] 477513</a>)</li> - <li>[% terms.Bugzilla %] clients like Mylyn can now update [% terms.bugs %] - again (the [% terms.bug %] XML format now contains a "token" element that - can be used when updating [% terms.abug %]). - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=476678">[% terms.Bug %] 476678</a>)</li> - <li>For installations using the <code>shadowdb</code> parameter, - [%+ terms.Bugzilla %] was accidentally writing to the "tokens" table - in the shadow database (instead of the master database) when using the - "Change Several [% terms.Bugs %] at Once" page. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=476943">[% terms.Bug %] 476943</a>)</li> -</ul> - -<p>This release also contains a security fix. See the - <a href="#v32_security">Security Fixes Section</a> for details.</p> - -<h3>3.2.2</h3> - -<p>This release fixes one security issue that is critical for installations - running 3.2.1 under mod_perl. See the - <a href="http://www.bugzilla.org/security/3.0.7/">Security Advisory</a> - for details.</p> - -<h3>3.2.1</h3> - -<ul> - <li>Attachments, charts, and graphs would sometimes be garbled on Windows. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=464992">[% terms.Bug %] 464992</a>)</li> - - <li>Saving changes to parameters would sometimes fail silently (particularly - on Windows when the web server didn't have the right permissions to - update the <code>params</code> file). [% terms.Bugzilla %] will now - throw an error in this case, telling you what is wrong. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=347707">[% terms.Bug %] 347707</a>)</li> - - <li>If you were using the <code>usemenuforusers</code> parameter, - and [% terms.abug %] was assigned to (or had a QA Contact of) a disabled - user, that field would be reset to the first user in the list when - updating [% terms.abug %]. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=465589">[% terms.Bug %] 465589</a>)</li> - - <li>If you were using the <code>PROJECT</code> environment variable - to have multiple [% terms.Bugzilla %] installations using one codebase, - project-specific templates were being ignored. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=467324">[% terms.Bug %] 467324</a>)</li> - - <li>Some versions of the SOAP::Lite Perl module had a b[% %]ug that caused - [%+ terms.Bugzilla %]'s XML-RPC service to break. - <kbd>checksetup.pl</kbd> now checks for these bad versions and - will reject them. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=468009">[% terms.Bug %] 468009</a>)</li> - - <li>The font sizes in various places were too small, when using the - Classic skin. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=469136">[% terms.Bug %] 469136</a>)</li> -</ul> - -<h2 id="v32_security">Security Fixes In This 3.2.x Release</h2> - -<h3>3.2.3</h3> - -<p>This release fixes one security issue related to attachments. See the - <a href="http://www.bugzilla.org/security/3.2.2/">Security Advisory</a> - for details.</p> - -<h3>3.2.2</h3> - -<p>This release fixes one security issue that is critical for installations - running 3.2.1 under mod_perl. See the - <a href="http://www.bugzilla.org/security/3.0.7/">Security Advisory</a> - for details.</p> - -<h3>3.2.1</h3> - -<p>This release contains several security fixes. One fix may break any - automated scripts you have that are loading <kbd>process_bug.cgi</kbd> - directly. We recommend that you read the entire - <a href="http://www.bugzilla.org/security/2.22.6/">Security Advisory</a> - for this release.</p> - -<h2 id="v32_req">Minimum Requirements</h2> - -<p>Any requirements that are new since 3.0.5 will look like - <span class="req_new">this</span>.</p> - -<ul> - <li><a href="#v32_req_perl">Perl</a></li> - <li><a href="#v32_req_mysql">For MySQL Users</a></li> - <li><a href="#v32_req_pg">For PostgreSQL Users</a></li> - <li><a href="#v32_req_oracle">For Oracle Users</a></li> - <li><a href="#v32_req_modules">Required Perl Modules</a></li> - <li><a href="#v32_req_optional_mod">Optional Perl - Modules</a></li> -</ul> - -<h3 id="v32_req_perl">Perl</h3> - -<p>Perl <span class="req_new">v<strong>5.8.1</strong></span></p> - -<h3 id="v32_req_mysql">For MySQL Users</h3> - -<ul> - <li>MySQL v4.1.2</li> - <li><strong>perl module:</strong> - DBD::mysql <span class="req_new">v4.00</span></li> -</ul> - -<h3 id="v32_req_pg">For PostgreSQL Users</h3> - -<ul> - <li>PostgreSQL v8.00.0000</li> - <li><strong>perl module:</strong> DBD::Pg v1.45</li> -</ul> - -<h3 id="v32_req_oracle">Email Addresses Hidden From Logged-Out Users - For Oracle Users</h3> - -<ul> - <li>Oracle v10.02.0</li> - <li><strong>perl module:</strong> DBD::Oracle v1.19</li> -</ul> - -<h3 id="v32_req_modules">Required Perl Modules</h3> - -<table class="req_table" border="0" cellpadding="0" cellspacing="0"> -<tr> <th>Module</th> <th>Version</th> </tr> -<tr> <td>CGI</td> <td class="req_new">3.21 (on Perl 5.8.x) - or 3.33 (on Perl 5.10.x)</td> </tr> -<tr> <td>Date::Format</td> <td>2.21</td> </tr> -<tr> <td>File::Spec</td> <td>0.84</td> </tr> -<tr> <td>DBI</td> <td>1.41</td> </tr> -<tr> <td>Template</td> <td class="req_new">2.15</td> </tr> -<tr> <td>Email::Send</td> <td>2.00</td> </tr> -<tr> <td>Email::MIME</td> <td class="req_new">1.861</td> </tr> -<tr> - <td class="req_new">Email::MIME::Encodings</td> - <td class="req_new">1.313</td> -</tr> -<tr> - <td>Email::MIME::Modifier</td> - <td class="req_new">1.442</td> -</tr> -</table> - -<h3 id="v32_req_optional_mod">Optional Perl Modules</h3> - -<p>The following perl modules, if installed, enable various - features of [% terms.Bugzilla %]:</p> - -<table class="req_table" border="0" cellpadding="0" cellspacing="0"> -<tr> - <th>Module</th> - <th>Version</th> - <th>Enables Feature</th> -</tr> -<tr> - <td>LWP::UserAgent</td> - <td>(Any)</td> - <td>Automatic Update Notifications</td> -</tr> -<tr> - <td>Template::Plugin::GD::Image</td> - <td>(Any)</td> - <td>Graphical Reports</td> -</tr> -<tr> - <td>GD::Text</td> - <td>(Any)</td> - <td>Graphical Reports</td> -</tr> -<tr> - <td>GD::Graph</td> - <td>(Any)</td> - <td>Graphical Reports</td> -</tr> -<tr> - <td>GD</td> - <td>1.20</td> - <td>Graphical Reports, New Charts, Old Charts</td> -</tr> -<tr> - <td>Email::MIME::Attachment::Stripper</td> - <td>(Any)</td> - <td>Inbound Email</td> -</tr> -<tr> - <td>Email::Reply</td> - <td>(Any)</td> - <td>Inbound Email</td> -</tr> -<tr> - <td>Net::LDAP</td> - <td>(Any)</td> - <td>LDAP Authentication</td> -</tr> -<tr> - <td>HTML::Parser</td> - <td>3.40</td> - <td>More HTML in Product/Group Descriptions</td> -</tr> -<tr> - <td>HTML::Scrubber</td> - <td>(Any)</td> - <td>More HTML in Product/Group Descriptions</td> -</tr> -<tr> - <td>XML::Twig</td> - <td>(Any)</td> - <td>Move [% terms.Bugs %] Between Installations</td> -</tr> -<tr> - <td>MIME::Parser</td> - <td>5.406</td> - <td>Move [% terms.Bugs %] Between Installations</td> -</tr> -<tr> - <td>Chart::Base</td> - <td>1.0</td> - <td>New Charts, Old Charts</td> -</tr> -<tr> - <td>Image::Magick</td> - <td>(Any)</td> - <td>Optionally Convert BMP Attachments to PNGs</td> -</tr> -<tr> - <td>PatchReader</td> - <td>0.9.4</td> - <td>Patch Viewer</td> -</tr> -<tr> - <td class="req_new">Authen::Radius</td> - <td class="req_new">(Any)</td> - <td>RADIUS Authentication</td> -</tr> -<tr> - <td class="req_new">Authen::SASL</td> - <td class="req_new">(Any)</td> - <td>SMTP Authentication</td> -</tr> -<tr> - <td>SOAP::Lite</td> - <td>(Any)</td> - <td>XML-RPC Interface</td> -</tr> -<tr> - <td>mod_perl2</td> - <td>1.999022</td> - <td>mod_perl</td> -</tr> -</table> - -<h2 id="v32_feat">New Features and Improvements</h2> - -<ul> - <li><a href="#v32_feat_ui">Major UI Improvements</a></li> - <li><a href="#v32_feat_skin">New Default Skin: Dusk</a></li> - <li><a href="#v32_feat_status">Custom Status Workflow</a></li> - <li><a href="#v32_feat_fields">New Custom Field Types</a></li> - <li><a href="#v32_feat_install">Easier Installation</a></li> - <li><a href="#v32_feat_oracle">Experimental Oracle Support</a></li> - <li><a href="#v32_feat_utf8">Improved UTF-8 Support</a></li> - <li><a href="#v32_feat_grcons">Group Icons</a></li> - <li><a href="#v32_feat_other">Other Enhancements and Changes</a></li> -</ul> - -<h3 id="v32_feat_ui">Major UI Improvements</h3> - -<p>[% terms.Bugzilla %] 3.2 has had some UI assistance from the NASA - Human-Computer Interaction department and the new - <a href="http://wiki.mozilla.org/Bugzilla:UE">[% terms.Bugzilla %] - User Interface Team</a>.</p> - -<p>In particular, you will notice a massively redesigned [% terms.bug %] - editing form, in addition to our <a href="#v32_feat_skin">new skin</a>.</p> - -<h3 id="v32_feat_skin">New Default Skin: Dusk</h3> - -<p>[% terms.Bugzilla %] 3.2 now ships with a skin called "Dusk" that is - a bit more colorful than old default "Classic" skin.</p> - -<p>Upgrading installations will still default to the "Classic" - skin--administrators can change the default in the Default Preferences - control panel. Users can also choose to use the old skin in their - Preferences (or using the View :: Page Style menu in Firefox).</p> - -<p>The changes that [% terms.Bugzilla %] required for Dusk made - [%+ terms.Bugzilla %] much easier to skin. See the - <a href="http://wiki.mozilla.org/Bugzilla:Addons#Skins">Addons page</a> - for additional skins, or try making your own!</p> - -<h3 id="v32_feat_status">Custom Status Workflow</h3> - -<p>You can now customize the list of statuses in [% terms.Bugzilla %], - and transitions between them.</p> - -<p>You can also specify that a comment must be made on certain transitions.</p> - -<h3 id="v32_feat_fields">New Custom Field Types</h3> - -<p>[% terms.Bugzilla %] 3.2 has support for three new types of - custom fields:</p> - -<ul> - <li>Large Text: Adds a multi-line textbox to your [% terms.bugs %].</li> - <li>Multiple Selection Box: Adds a box that allows you to choose - multiple items from a list.</li> - <li>Date/Time: Displays a date and time, along with a JavaScript - calendar popup to make picking a date easier.</li> -</ul> - -<h3 id="v32_feat_install">Easier Installation</h3> - -<p>[% terms.Bugzilla %] now comes with a script called - <kbd>install-module.pl</kbd> that can automatically download - and install all of the required Perl modules for [% terms.Bugzilla %]. - It stores them in a directory inside your [% terms.Bugzilla %] - installation, so you can use it even if you don't have administrator-level - access to your machine, and without modifying your main Perl install.</p> - -<p><kbd>checksetup.pl</kbd> will print out instructions for using - <kbd>install-module.pl</kbd>, or you can read its - <a href="[% docs_urlbase FILTER html %]api/install-module.html">documentation</a>.</p> - -<h3 id="v32_feat_oracle">Experimental Oracle Support</h3> - -<p>[% terms.Bugzilla %] 3.2 contains experimental support for using - Oracle as its database. Some features of [% terms.Bugzilla %] are known - to be broken on Oracle, but hopefully will be working by our next major - release.</p> - -<p>The [% terms.Bugzilla %] Project, as an open-source project, of course - does not recommend the use of proprietary database solutions. However, - if your organization requires that you use Oracle, this will allow - you to use [% terms.Bugzilla %]!</p> - -<p>The [% terms.Bugzilla %] Project thanks Oracle Corp. for their extensive - development contributions to [% terms.Bugzilla %] which allowed this to - happen!</p> - -<h3 id="v32_feat_utf8">Improved UTF-8 Support</h3> - -<p>[% terms.Bugzilla %] 3.2 now has advanced UTF-8 support in its code, - including correct handling for truncating and wrapping multi-byte - languages. Major issues with multi-byte or unusual languages - are now resolved, and [% terms.Bugzilla %] should now be usable - by users in every country with little (or at least much less) - customization.</p> - -<h3 id="v32_feat_grcons">Group Icons</h3> - -<p>Administrators can now specify that users who are in certain groups - should have an icon appear next to their name whenever they comment. - This is particularly useful for distinguishing developers from - [%+ terms.bug %] reporters.</p> - -<h3 id="v32_feat_other">Other Enhancements and Changes</h3> - -<p>These are either minor enhancements, or enhancements that have - very short descriptions. Some of these are very useful, though!</p> - -<h4>Enhancements For Users</h4> - -<ul> - <li><strong>[% terms.Bugs %]</strong>: You can now reassign - [%+ terms.abug %] at the same time as you are changing its status.</li> - <li><strong>[% terms.Bugs %]</strong>: When entering [% terms.abug %], - you will now see the description of a component when you select it.</li> - <li><strong>[% terms.Bugs %]</strong>: The [% terms.bug %] view now - contains some <a href="http://microformats.org/about/">Microformats</a>, - most notably for users' names and email addresses.</li> - <li><strong>[% terms.Bugs %]</strong>: You can now remove a QA Contact - from [% terms.abug %] simply by clearing the QA Contact field.</li> - <li><strong>[% terms.Bugs %]</strong>: There is now a user preference - that will allow you to exclude the quoted text when replying - to comments.</li> - <li><strong>[% terms.Bugs %]</strong>: You can now expand or collapse - individual comments in the [% terms.bug %] view.</li> - - <li><strong>Attachments</strong>: There is now "mid-air collision" - protection when editing attachments.</li> - <li><strong>Attachments</strong>: Patches in the Diff Viewer now show - line numbers (<a href="https://bugzilla.mozilla.org/attachment.cgi?id=327546">Example</a>).</li> - <li><strong>Attachments</strong>: After creating or updating an attachment, - you will be immediately shown the [% terms.bug %] that the attachment - is on.</li> - - <li><strong>Search</strong>: You can now reverse the sort of - [%+ terms.abug %] list by clicking on a column header again.</li> - <li><strong>Search</strong>: Atom feeds of [% terms.bug %] lists now - contain more fields.</li> - <li><strong>Search</strong>: QuickSearch now supports searching flags - and groups. It also now includes the OS field in the list of fields - it searches by default.</li> - <li><strong>Search</strong>: "Help" text can now appear on query.cgi - for Internet Explorer and other non-Firefox browsers. (It always - could appear for Firefox.)</li> - - <li>[% terms.Bugzilla %] now ships with an icon that will show - up next to the URL in most browsers. If you want to replace it, - it's in <kbd>images/favicon.ico</kbd>.</li> - - <li>You can now set the Deadline when using "Change Several - [%+ terms.Bugs %] At Once"</li> - <li><strong>Saved Searches</strong> now save their column list, so if - you customize the list of columns and save your search, it will - always contain those columns.</li> - <li><strong>Saved Searches</strong>: When you share a search, you can - now see how many users have subscribed to it, on - <kbd>userprefs.cgi</kbd>.</li> - <li><strong>Saved Searches</strong>: You can now see what group a - shared search was shared to, on the list of available shared searches - in <kbd>userprefs.cgi</kbd>.</li> - <li><strong>Flags</strong>: If your installation uses drop-down user - lists, the flag requestee box will now contain only users who are - actually allowed to take requests.</li> - <li><strong>Flags</strong>: If somebody makes a request to you, and you - change the requestee to somebody else, the requester is no longer set - to you. In other words, you can "redirect" requests and maintain the - original requester.</li> - <li><strong>Flags</strong>: Emails about flags now will thread properly - in email clients to be a part of [% terms.abug %]'s thread.</li> - <li>When using <kbd>email_in.pl</kbd>, you can now add users to the CC - list by just using <kbd>@cc</kbd> as the field name.</li> - <li>Many pages (particularly administrative pages) now contain links to - the relevant section of the [% terms.Bugzilla %] Guide, so you can read - the documentation for that page.</li> - <li>Dependency Graphs should render more quickly, as they now (by default) - only include the same [% terms.bugs %] that you'd see in the dependency - tree.</li> -</ul> - -<h4>Enhancements For Administrators</h4> - -<ul> - <li><strong>Admin UI</strong>: Instead of having the Administration - Control Panel links in the footer, there is now just one link called - "Administration" that takes you to a page that links to all the - administrative controls for [% terms.Bugzilla %].</li> - <li><strong>Admin UI</strong>: Administrative pages no longer display - confirmation pages, instead they redirect you to some useful page - and display a message about what changed.</li> - <li><strong>Admin UI</strong>: The interface for editing group - inheritance in <kbd>editgroups.cgi</kbd> is much clearer now.</li> - <li><strong>Admin UI</strong>: When editing a user, you can now see - all the components where that user is the Default Assignee or Default - QA Contact.</li> - - <li><strong>Email</strong>: For installations that use SMTP to send - mail (as opposed to Sendmail), [%+ terms.Bugzilla %] now supports - SMTP Authentication, so that it can log in to your mail server - before sending messages.</li> - <li><strong>Email</strong>: Using the "Test" mail delivery method now - creates a valid mbox file to make testing easier.</li> - - <li><strong>Authentication</strong>: [% terms.Bugzilla %] now correctly - handles LDAP records which contain multiple email addresses. (The first - email address in the list that is a valid [% terms.Bugzilla %] account - will be used, or if this is a new user, the first email address in - the list will be used.)</li> - <li><strong>Authentication</strong>: [% terms.Bugzilla %] can now take - a list of LDAP servers to try in order until it gets a successful - connection.</li> - <li><strong>Authentication</strong>: [% terms.Bugzilla %] now supports - RADIUS authentication.</li> - - <li><strong>Security</strong>: The login cookie is now created as - "HTTPOnly" so that it can't be read by possibly malicious scripts. - Also, if SSL is enabled on your installation, the login cookie is - now only sent over SSL connections.</li> - <li><strong>Security</strong>: The <code>ssl</code> parameter now protects - every page a logged-in user accesses, when set to "authenticated sessions." - Also, SSL is now enforced appropriately in the WebServices interface when - the parameter is set.</li> - - <li><strong>Database</strong>: [% terms.Bugzilla %] now uses transactions in - the database instead of table locks. This should generally improve - performance with many concurrent users. It also means if there is - an unexpected error in the middle of a page, all database changes made - during that page will be rolled back.</li> - <li><strong>Database</strong>: You no longer have to set - <code>max_packet_size</code> in MySQL to add large attachments. However, - you may need to set it manually if you restore a mysqldump into your - database.</li> - - <li>New WebService functions: - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bug.html">B<!-- -->ug.add_comment</a> - and <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bugzilla.html">Bugzilla.extensions</a>.</li> - - <li>You can now delete custom fields, but only if they have never been - set on any [% terms.bug %].</li> - <li>There is now a <kbd>--reset-password</kbd> argument to - <kbd>checksetup.pl</kbd> that allows you to reset a user's password - from the command line.</li> - <li>There is now a script called <kbd>sanitycheck.pl</kbd> that you can - run from the command line. It works just like <kbd>sanitycheck.cgi</kbd>. - By default, it only outputs anything if there's an error, so it's - ideal for administrators who want to run it nightly in a cron job.</li> - <li>The <kbd>strict_isolation</kbd> parameter now prevents you from setting - users who cannot see [% terms.abug %] as a CC, Assignee, or QA - Contact. Previously it only prevented you from adding users who - could not <em>edit</em> the [% terms.bug %].</li> - <li>Extensions can now add their own headers to the HTML <head> - for things like custom CSS and so on.</li> - <li><kbd>sanitycheck.cgi</kbd> has been templatized, meaning that the - entire [% terms.Bugzilla %] UI is now contained in templates.</li> - <li>When setting the <kbd>sslbase</kbd> parameter, you can now specify - a port number in the URL.</li> - <li>When importing [% terms.bugs %] using <kbd>importxml.pl</kbd>, - attachments will have their actual creator set as their creator, - instead of the person who exported the [% terms.bug %] from the other - system.</li> - <li>The voting system is off by default in new installs. This is to - prepare for the fact that it will be moved into an extension at - some point in the future.</li> - <li>The <code>shutdownhtml</code> parameter now works even when - [%+ terms.Bugzilla %]'s database server is down.</li> -</ul> - -<h3>Enhancements for Localizers (or Localized Installations)</h3> - -<ul> - <li>The documentation can now be localized--in other words, you can have - documentation installed for multiple languages at once and - [%+ terms.Bugzilla %] will link to the correct language in its internal - documentation links.</li> - <li>[% terms.Bugzilla %] no longer uses the <kbd>languages</kbd> parameter. - Instead it reads the <kbd>template/</kbd> directory to see which - languages are available.</li> - <li>Some of the messages printed by <kbd>checksetup.pl</kbd> can now - be localized. See <kbd>template/en/default/setup/strings.txt.pl</kbd>. -</ul> - -<h2 id="v32_issues">Outstanding Issues</h2> - -<ul> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=423439"> - [%- terms.Bug %] 423439</a>: Tabs in comments will be converted - to four spaces, due to a b<!-- -->ug in Perl as of Perl 5.8.8.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=69621"> - [%- terms.Bug %] 69621</a>: If you rename or remove a keyword that is - in use on [% terms.bugs %], you will need to rebuild the "keyword cache" - by running <a href="sanitycheck.cgi">sanitycheck.cgi</a> and choosing - the option to rebuild the cache when it asks. Otherwise keywords may - not show up properly in search results.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=89822"> - [%- terms.Bug %] 89822</a>: When changing multiple [% terms.bugs %] at - the same time, there is no "mid-air collision" protection.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=276230"> - [%- terms.Bug %] 276230</a>: The support for restricting access to - particular Categories of New Charts is not complete. You should treat - the 'chartgroup' Param as the only access mechanism available.<br> - However, charts migrated from Old Charts will be restricted to - the groups that are marked MANDATORY for the corresponding Product. - There is currently no way to change this restriction, and the - groupings will not be updated if the group configuration - for the Product changes.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=370370"> - [%- terms.Bug %] 370370</a>: mod_perl support is currently not - working on Windows machines.</li> -</ul> - -<h2 id="v32_upgrading">How to Upgrade From An Older Version</h2> - -<h3 id="v32_upgrading_notes">Notes For Upgraders</h3> - -<ul> - <li>If you upgrade by CVS, the <kbd>extensions</kbd> and - <kbd>skins/contrib</kbd> directories are now in CVS instead of - being created by <kbd>checksetup.pl</kbd> If you do a <kbd>cvs update</kbd> - from 3.0, you will be told that your directories are "in the way" and - you should delete (or move) them and then do <kbd>cvs update</kbd> - again. Also, the <kbd>docs</kbd> directory has been restructured - and after you <kbd>cvs update</kbd> you can delete the <kbd>docs/html</kbd>, - <kbd>docs/pdf</kbd>, <kbd>docs/txt</kbd>, and <kbd>docs/xml</kbd> - directories.</li> - <li>If you are using MySQL, you should know that [% terms.Bugzilla %] - now uses InnoDB for all tables. <kbd>checksetup.pl</kbd> will convert - your tables automatically, but if you have InnoDB disabled, - the upgrade will not be able to complete (and <kbd>checksetup.pl</kbd> - will tell you so).</li> - - <li><strong>You should also read the - <a href="#v30_upgrading_notes">[% terms.Bugzilla %] 3.0 Notes For Upgraders - section</a> of the - <a href="#v32_previous">previous release notes</a> if you are upgrading - from a version before 3.0.</strong></li> -</ul> - -<h3>Steps For Upgrading</h3> - -<p>Once you have read the notes above, see the - <a href="[% docs_urlbase FILTER html %]upgrade.html">Upgrading - documentation</a> for instructions on how to upgrade.</p> - -<h2 id="v32_code_changes">Code Changes Which May Affect Customizations</h2> - -<ul> - <li><a href="#v32_code_hooks">More Hooks!</a></li> - <li><a href="#v32_code_search">Search.pm Rearchitecture</a></li> - <li><a href="#v32_code_lib">lib Directory</a></li> - <li><a href="#v32_code_other">Other Changes</a></li> -</ul> - -<h3 id="v32_code_hooks">More Hooks!</h3> - -<p>There are more code hooks in 3.2 than there were in 3.0. See the - documentation of <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Hook.html">Bugzilla::Hook</a> - for more details.</p> - -<h3 id="v32_code_search">Search.pm Rearchitecture</h3> - -<p><kbd>Bugzilla/Search.pm</kbd> has been heavily modified, to be much - easier to read and use. It contains mostly the same code as it did in - 3.0, but it has been moved around and reorganized significantly.</p> - -<h3 id="v32_code_lib">lib Directory</h3> - -<p>As part of implementing <a href="#v32_feat_install">install-module.pl</a>, - [%+ terms.Bugzilla %] was given a local <kbd>lib</kbd> directory which - it searches for modules, in addition to the standard system path.</p> - -<p>This means that all [% terms.Bugzilla %] scripts now start with - <code>use lib qw(. lib);</code> as one of the first lines.</p> - -<h3 id="v32_code_other">Other Changes</h3> - -<ul> - <li>You should now be using <code>get_status('NEW')</code> instead of - <code>status_descs.NEW</code> in templates.</li> - <li>The <code>[%# version = 1.0 %]</code> comment at the top of every - template file has been removed.</li> -</ul> - -<h1 id="v32_previous">[% terms.Bugzilla %] 3.0.x Release Notes</h1> - -<h2>Table of Contents</h2> - -<ul class="bz_toc"> - <li><a href="#v30_introduction">Introduction</a></li> - <li><a href="#v30_point">Updates In This 3.0.x Release</a></li> - <li><a href="#v30_req">Minimum Requirements</a></li> - <li><a href="#v30_feat">New Features and Improvements</a></li> - <li><a href="#v30_issues">Outstanding Issues</a></li> - <li><a href="#v30_security">Security Fixes In This Release</a></li> - <li><a href="#v30_upgrading">How to Upgrade From An Older Version</a></li> - <li><a href="#v30_code_changes">Code Changes Which May Affect - Customizations</a></li> - <li><a href="#v30_previous">Release Notes for Previous Versions</a></li> -</ul> - -<h2 id="v30_introduction">Introduction</h2> - -<p>Welcome to [% terms.Bugzilla %] 3.0! It's been over eight years since - we released [% terms.Bugzilla %] 2.0, and everything has changed since - then. Even just since our previous release, [% terms.Bugzilla %] 2.22, - we've added a <em>lot</em> of new features. So enjoy the release, we're - happy to bring it to you.</p> - -<p>If you're upgrading, make sure to read <a href="#v30_upgrading">How to - Upgrade From An Older Version</a>. If you are upgrading from a release - before 2.22, make sure to read the release notes for all the - <a href="#v30_previous">previous versions</a> in between your version - and this one.</p> - -<h2 id="v30_point">Updates in this 3.0.x Release</h2> - -<p>This section describes what's changed in the most recent b<!-- -->ug-fix - releases of [% terms.Bugzilla %] after 3.0. We only list the - most important fixes in each release. If you want a detailed list of - <em>everything</em> that's changed in each version, you should use our - <a href="http://www.bugzilla.org/status/changes.html">Change Log Page</a>.</p> - -<h3>3.0.6</h3> - -<ul> - <li>Before 3.0.6, unexpected fatal WebService errors would result in - a <code>faultCode</code> that was a string instead of a number. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=446327">[% terms.Bug %] 446327</a>)</li> - <li>If you created a product or component with the same name as one you - previously deleted, it would fail with an error about the series table. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=247936">[% terms.Bug %] 247936</a>)</li> -</ul> - -<p>See also the <a href="#v30_security">Security Advisory</a> section for - information about a security issue fixed in this release.</p> - -<h3>3.0.5</h3> - -<ul> - <li>If you don't have permission to set a flag, it will now appear - unchangeable in the UI. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=433851">[% terms.Bug %] 433851</a>)</li> - <li>If you were running mod_perl, [% terms.Bugzilla %] was not correctly - closing its connections to the database since 3.0.3, and so sometimes - the DB would run out of connections. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=441592">[% terms.Bug %] 441592</a>)</li> - <li>The installation script is now clear about exactly which - <code>Email::</code> modules are required in Perl, thus avoiding the - problem where emails show up with a body like - <samp>SCALAR(0xBF126795)</samp>. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=441541">[% terms.Bug %] 441541</a>)</li> - <li><a href="[% docs_urlbase FILTER html %]api/email_in.html">email_in.pl</a> - is no longer case-sensitive for values of <kbd>@product</kbd>. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=365697">[% terms.Bug %] 365697</a>)</li> -</ul> - -<p>See also the <a href="#v30_security">Security Advisory</a> section for - information about security issues fixed in this release.</p> - -<h3>3.0.4</h3> - -<ul> - <li>[% terms.Bugzilla %] administrators were not being correctly notified - about new releases. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=414726">[% terms.Bug %] 414726</a>)</li> - - <li>There could be extra whitespace in email subject lines. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=411544">[% terms.Bug %] 411544</a>)</li> - - <li>The priority, severity, OS, and platform fields were always required by - the <kbd>B<!-- -->ug.create</kbd> WebService function, even if they had - defaults specified. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=384009">[% terms.Bug %] 384009</a>)</li> - - <li>Better threading of [% terms.bug %]mail in some email clients. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=376453">[% terms.Bug %] 376453</a>)</li> - - <li>There were many fixes to the Inbound Email Interface - (<kbd>email_in.pl</kbd>). - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=92274">[% terms.Bug %] 92274</a>, - <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=377025">[% terms.Bug %] 377025</a>, - <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=412943">[% terms.Bug %] 412943</a>, - <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=413672">[% terms.Bug %] 413672</a>, and - <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=431721">[% terms.Bug %] 431721</a>)</li> - - <li><kbd>checksetup.pl</kbd> now handles UTF-8 conversion more reliably during upgrades. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=374951">[% terms.Bug %] 374951</a>)</li> - - <li>Comments written in CJK languages are now correctly word-wrapped. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=388723">[% terms.Bug %] 388723</a>)</li> - - <li>All emails will now be sent in the correct language, when the user - has chosen a language for emails. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=405946">[% terms.Bug %] 405946</a>) - - <li>On Windows, temporary files created when uploading attachments are now - correctly deleted when the upload is complete. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=414002">[% terms.Bug %] 414002</a>)</li> - - <li><kbd>checksetup.pl</kbd> now prints correct installation instructions - for Windows users using Perl 5.10. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=414430">[% terms.Bug %] 414430</a>) -</ul> - -<p>See also the <a href="#v30_security">Security Advisory</a> section for - information about security issues fixed in this release.</p> - -<h3>3.0.3</h3> - -<ul> - <li>mod_perl no longer compiles [% terms.Bugzilla %]'s code for each Apache - process individually. It now compiles code only once and shares it among - each Apache process. This greatly improves performance and highly - decreases the memory footprint. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=398241">[% terms.Bug %] 398241</a>)</li> - - <li>You can now search for '---' (without quotes) in versions and milestones. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=362436">[% terms.Bug %] 362436</a>)</li> - - <li>[% terms.Bugzilla %] should no longer break lines unnecessarily in - email subjects. This was causing trouble with some email clients. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=374424">[% terms.Bug %] 374424</a>)</li> - - <li>If you had selected "I'm added to or removed from this capacity" option - for the "CC" role in your email preferences, you wouldn't get mail when - more than one person was added to the CC list at once. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=394796">[% terms.Bug %] 394796</a>)</li> - - <li>Deleting a user account no longer deletes whines from another user who - has the deleted account as addressee. The schedule is simply removed, - but the whine itself is left intact. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=395924">[% terms.Bug %] 395924</a>)</li> - - <li><kbd>contrib/merge-users.pl</kbd> now correctly merges all required - fields when merging two user accounts. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=400160">[% terms.Bug %] 400160</a>)</li> - - <li>[% terms.Bugzilla %] no longer requires Apache::DBI to run under - mod_perl. It caused troubles such as lost connections with the DB and - didn't give any important performance gain. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=408766">[% terms.Bug %] 408766</a>)</li> -</ul> - -<h3>3.0.2</h3> - -<ul> - <li>[% terms.Bugzilla %] should now work on Perl 5.9.5 (and thus the - upcoming Perl 5.10.0). - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=390442">[% terms.Bug %] 390442</a>)</li> -</ul> - -<p>See also the <a href="#v30_security">Security Advisory</a> section for - information about an important security issue fixed in this release.</p> - -<h3>3.0.1</h3> - -<ul> - <li>For users of Firefox 2, the <code>show_bug.cgi</code> user interface - should no longer "collapse" after you modify [% terms.abug %]. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=370739">[% terms.Bug %] 370739</a>)</li> - <li>If you can bless a group, and you share a saved search with that - group, it will no longer automatically appear in all of that group's - footers unless you specifically request that it automatically appear - in their footers. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=365890">[% terms.Bug %] 365890</a>)</li> - <li>There is now a parameter to allow users to perform searches without - any search terms. (In other words, to search for just a Product - and Status on the Simple Search page.) The parameter is called - <code>specific_search_allow_empty_words</code>. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=385910">[% terms.Bug %] 385910</a>)</li> - <li>If you attach a file that has a MIME-type of <code>text/x-patch</code> - or <code>text/x-diff</code>, it will automatically be treated as a - patch by [% terms.Bugzilla %]. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=365756">[% terms.Bug %] 365756</a>)</li> - <li>Dependency Graphs now work correctly on all mod_perl installations. - There should now be no remaining signficant problems with running - [%+ terms.Bugzilla %] under mod_perl. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=370398">[% terms.Bug %] 370398</a>)</li> - <li>If moving [% terms.abug %] between products would remove groups - from the [% terms.bug %], you are now warned. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=303183">[% terms.Bug %] 303183</a>)</li> - <li>On IIS, whenever [% terms.Bugzilla %] threw a warning, it would - actually appear on the web page. Now warnings are suppressed, - unless you have a file in the <code>data</code> directory called - <code>errorlog</code>, in which case warnings will be printed there. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=390148">[% terms.Bug %] 390148</a>)</li> - <li>If you used <kbd>email_in.pl</kbd> to edit [% terms.abug %] that was - protected by groups, all of the groups would be cleared. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=385453">[% terms.Bug %] 385453</a>)</li> - <li>PostgreSQL users: New Charts were failing to collect data over time. - They will now start collecting data correctly. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=257351">[% terms.Bug %] 257351</a>)</li> - <li>Some flag mails didn't specify who the requestee was. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=379787">[% terms.Bug %] 379787</a>)</li> - <li>Instead of throwing real errors, <kbd>collectstats.pl</kbd> would - just say that it couldn't find <code>ThrowUserError</code>. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=380709">[% terms.Bug %] 380709</a>)</li> - <li>Logging into [% terms.Bugzilla %] from the home page works again - with IIS5. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=364008">[% terms.Bug %] 364008</a>)</li> - <li>If you were using SMTP for sending email, sometimes emails would - be missing the <code>Date</code> header. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=304999">[% terms.Bug %] 304999</a>).</li> - <li>In the XML-RPC WebService, <code>B<!-- -->ug.legal_values</code> now - correctly returns values for custom fields if you request values - for custom fields. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=381737">[% terms.Bug %] 381737</a>)</li> - <li>The "[% terms.Bug %]-Writing Guidelines" page has been shortened - and re-written. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=378590">[% terms.Bug %] 378590</a>)</li> - <li>If your <code>urlbase</code> parameter included a port number, - like <code>www.domain.com:8080</code>, SMTP might have failed. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=384501">[% terms.Bug %] 384501</a>)</li> - <li>For SMTP users, there is a new parameter, <code>smtp_debug</code>. - Turning on this parameter will log the full information about - every SMTP session to your web server's error log, to help with - debugging issues with SMTP. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=384497">[% terms.Bug %] 384497</a>)</li> - <li>If you are a "global watcher" (you get all mails from every - [%+ terms.bug %]), you can now see that in your Email Preferences. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=365302">[% terms.Bug %] 365302</a>)</li> - <li>The Status and Resolution of [% terms.bugs %] are now correctly - localized in CSV search results. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=389517">[% terms.Bug %] 389517</a>)</li> - <li>The "Subject" line of an email was being mangled if it contained - non-Latin characters. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=387860">[% terms.Bug %] 387860</a>)</li> - <li>Editing the "languages" parameter using <kbd>editparams.cgi</kbd> would - sometimes fail, causing [% terms.Bugzilla %] to throw an error. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=335354">[% terms.Bug %] 335354</a>)</li> -</ul> - -<h2 id="v30_req">Minimum Requirements</h2> - -<p>Any requirements that are new since 2.22 will look like - <span class="req_new">this</span>.</p> - -<ul> - <li><a href="#v30_req_perl">Perl</a></li> - <li><a href="#v30_req_mysql">For MySQL Users</a></li> - <li><a href="#v30_req_pg">For PostgreSQL Users</a></li> - <li><a href="#v30_req_modules">Required Perl Modules</a></li> - <li><a href="#v30_req_optional_mod">Optional Perl - Modules</a></li> -</ul> - - -<h3 id="v30_req_perl">Perl</h3> - -<ul> - <li>Perl <span class="req_new">v<strong>5.8.0</strong></span> (non-Windows - platforms)</li> - <li>Perl v<strong>5.8.1</strong> (Windows platforms)</li> -</ul> - -<h3 id="v30_req_mysql">For MySQL Users</h3> - -<ul> - <li>MySQL <span class="req_new">v4.1.2</span></li> - <li><strong>perl module:</strong> DBD::mysql v2.9003</li> -</ul> - -<h3 id="v30_req_pg">For PostgreSQL Users</h3> - -<ul> - <li>PostgreSQL v8.00.0000</li> - <li><strong>perl module:</strong> DBD::Pg v1.45</li> -</ul> - -<h3 id="v30_req_modules">Required Perl Modules</h3> - -<table class="req_table" border="0" cellspacing="0" cellpadding="0"> - <tr> - <th>Module</th> <th>Version</th> - </tr> - <tr><td>CGI</td> <td>2.93</td> - </tr> - <tr> - <td>Date::Format</td> <td>2.21</td> - </tr> - <tr> - <td>DBI</td> - <td class="req_new">1.41</td> - </tr> - <tr> - <td>File::Spec</td> <td>0.84</td> - </tr> - <tr> - <td>Template</td> <td>2.12</td> - </tr> - <tr> - <td class="req_new">Email::Send</td> - <td class="req_new">2.00</td> - </tr> - <tr> - <td>Email::MIME</td> - <td>1.861</td> - </tr> - <tr> - <td class="req_new">Email::MIME::Modifier</td> - <td class="req_new">1.442</td> - </tr> -</table> - -<h3 id="v30_req_optional_mod">Optional Perl Modules</h3> - -<p>The following perl modules, if installed, enable various - features of [% terms.Bugzilla %]:</p> - -<table class="req_table" border="0" cellspacing="0" cellpadding="0"> - <tr> - <th>Module</th> <th>Version</th> - <th>Enables Feature</th> - </tr> - <tr> - <td class="req_new">LWP::UserAgent</td> - <td class="req_new">(Any)</td> - <td>Automatic Update Notifications</td> - </tr> - <tr> - <td>Template::Plugin::GD::Image</td> - <td>(Any)</td> - <td>Graphical Reports</td> - </tr> - <tr> - <td>GD::Graph</td> - <td>(Any)</td> - <td>Graphical Reports</td> - </tr> - <tr> - <td>GD::Text</td> - <td>(Any)</td> - <td>Graphical Reports</td> - </tr> - <tr> - <td>GD</td> - <td>1.20</td> - <td>Graphical Reports, New Charts, Old Charts</td> - </tr> - <tr> - <td class="req_new">Email::MIME::Attachment::Stripper</td> - <td class="req_new">(Any)</td> - <td>Inbound Email</td> - </tr> - <tr> - <td class="req_new">Email::Reply</td> - <td class="req_new">(Any)</td> - <td>Inbound Email</td> - </tr> - <tr> - <td>Net::LDAP</td> - <td>(Any)</td> - <td>LDAP Authentication</td> - </tr> - <tr> - <td>HTML::Parser</td> - <td>3.40</td> - <td>More HTML in Product/Group Descriptions</td> - </tr> - <tr> - <td>HTML::Scrubber</td> - <td>(Any)</td> - <td>More HTML in Product/Group Descriptions</td> - </tr> - <tr> - <td>XML::Twig</td> - <td>(Any)</td> - <td>Move [% terms.Bugs %] Between Installations</td> - </tr> - <tr> - <td>MIME::Parser</td> - <td>5.406</td> - <td>Move [% terms.Bugs %] Between Installations</td> - </tr> - <tr> - <td>Chart::Base</td> - <td>1.0</td> - <td>New Charts, Old Charts</td> - </tr> - <tr> - <td>Image::Magick</td> - <td>(Any)</td> - <td>Optionally Convert BMP Attachments to PNGs</td> - </tr> - <tr> - <td>PatchReader</td> - <td>0.9.4</td> - <td>Patch Viewer</td> - </tr> - <tr> - <td class="req_new">SOAP::Lite</td> - <td class="req_new">(Any)</td> - <td>XML-RPC Interface</td> - </tr> - <tr> - <td class="req_new">mod_perl2</td> - <td class="req_new">1.999022</td> - <td>mod_perl</td> - </tr> - <tr> - <td> CGI</td> - <td>3.11</td> - <td>mod_perl</td> - </tr> -</table> - -<h2 id="v30_feat">New Features and Improvements</h2> - -<ul> - <li><a href="#v30_feat_cf">Custom Fields</a></li> - <li><a href="#v30_feat_mp">mod_perl Support</a></li> - <li><a href="#v30_feat_sq">Shared Saved Searches</a></li> - <li> - <a href="#v30_feat_afn">Attachments and Flags on New [% terms.Bugs %]</a> - </li> - <li><a href="#v30_feat_cr">Custom Resolutions</a></li> - <li><a href="#v30_feat_ppp">Per-Product Permissions</a></li> - <li><a href="#v30_feat_ui">User Interface Improvements</a></li> - <li><a href="#v30_feat_xml">XML-RPC Interface</a></li> - <li><a href="#v30_feat_skin">Skins</a></li> - <li><a href="#v30_feat_sbu">Unchangeable Fields Appear - Unchangeable</a></li> - <li><a href="#v30_feat_et">All Emails in Templates</a></li> - <li><a href="#v30_feat_df">No More Double-Filed [% terms.Bugs %]</a></li> - <li><a href="#v30_feat_cc">Default CC List for Components</a></li> - <li><a href="#v30_feat_emi">File/Modify [% terms.Bugs %] By Email</a></li> - <li><a href="#v30_feat_gw">Users Who Get All [% terms.Bug %] - Notifications</a></li> - <li><a href="#v30_feat_utf8">Improved UTF-8 Support</a></li> - <li><a href="#v30_feat_upda">Automatic Update Notification</a></li> - <li><a href="#v30_feat_welc">Welcome Page for New Installs</a></li> - <li><a href="#v30_feat_other">Other Enhancements and Changes</a></li> -</ul> - -<h3 id="v30_feat_cf">Custom Fields</h3> - -<p>[% terms.Bugzilla %] now includes very basic support for custom fields.</p> - -<p>Users in the <kbd>admin</kbd> group can add plain-text or drop-down - custom fields. You can edit the values available for drop-down fields - using the "Field Values" control panel.</p> - -<p>Don't add too many custom fields! It can make [% terms.Bugzilla %] - very difficult to use. Try your best to get along with the default - fields, and then if you find that you can't live without custom fields - after a few weeks of using [% terms.Bugzilla %], only then should you - start your custom fields.</p> - -<h3 id="v30_feat_mp">mod_perl Support</h3> - -<p>[% terms.Bugzilla %] 3.0 supports mod_perl, which allows for extremely - enhanced page-load performance. mod_perl trades memory usage for performance, - allowing near-instantaneous page loads, but using much more memory.</p> - -<p>If you want to enable mod_perl for your [% terms.Bugzilla %], we recommend - a minimum of 1.5GB of RAM, and for a site with heavy traffic, 4GB to 8GB.</p> - -<p>If performance isn't that critical on your installation, you don't - have the memory, or you are running some other web server than - Apache, [% terms.Bugzilla %] still runs perfectly as a normal CGI - application, as well.</p> - -<h3 id="v30_feat_sq">Shared Saved Searches</h3> - -<p>Users can now choose to "share" their saved searches - with a certain group. That group will then be able to - "subscribe" to those searches, and have them appear - in their footer.</p> - -<p>If the sharer can "bless" the group he's sharing to, - (that is, if he can add users to that group), it's considered - that he's a manager of that group, and his queries show up - automatically in that group's footer (although they can - unsubscribe from any particular search, if they want.)</p> - -<p>In order to allow a user to share their queries, they also - have to be a member of the group specified in the - <code>querysharegroup</code> parameter.</p> - -<p>Users can control their shared and subscribed queries from - the "Preferences" screen.</p> - -<h3 id="v30_feat_afn">Attachments and Flags on New [% terms.Bugs %]</h3> - -<p>You can now add an attachment while you are filing a new - [%+ terms.bug %].</p> - -<p>You can also set flags on the [% terms.bug %] and on attachments, while - filing a new [% terms.bug %].</p> - -<h3 id="v30_feat_cr">Custom Resolutions</h3> - -<p>You can now customize the list of resolutions available - in [% terms.Bugzilla %], including renaming the default resolutions.</p> - -<p>The resolutions <code>FIXED</code>, <code>DUPLICATE</code> - and <code>MOVED</code> have a special meaning to [% terms.Bugzilla %], - though, and cannot be renamed or deleted.</p> - -<h3 id="v30_feat_ppp">Per-Product Permissions</h3> - -<p>You can now grant users <kbd>editbugs</kbd> and <kbd>canconfirm</kbd> - for only certain products. You can also grant users <kbd>editcomponents</kbd> - on a product, which means they will be able to edit that product - including adding/removing components and other product-specific - controls.</p> - -<h3 id="v30_feat_ui">User Interface Improvements</h3> - -<p>There has been some work on the user interface for [% terms.Bugzilla %] 3.0, - including:</p> - -<ul> - <li>There is now navigation and a search box a the <em>top</em> of - each page, in addition to the bar at the bottom of the page.</li> - <li>A re-designed "Format for Printing" page for - [%+ terms.bugs %].</li> - <li>The layout of <kbd>show_bug.cgi</kbd> (the [% terms.bug %] editing - page) has been changed, and the attachment table has been redesigned.</li> -</ul> - -<h3 id="v30_feat_xml">XML-RPC Interface</h3> - -<p>[% terms.Bugzilla %] now has a Web Services interface using the XML-RPC - protocol. It can be accessed by external applications by going - to the <kbd>xmlrpc.cgi</kbd> on your installation.</p> - -<p>Documentation can be found in the - <a href="[% docs_urlbase FILTER html %]api/">[% terms.Bugzilla %] - API Docs</a>, in the various <kbd>Bugzilla::WebService</kbd> modules.</p> - -<h3 id="v30_feat_skin">Skins</h3> - -<p>[% terms.Bugzilla %] can have multiple "skins" installed, - and users can pick between them. To write a skin, you just have to - write several CSS files. See the <a href="[% docs_urlbase FILTER html %]cust-skins.html">Custom - Skins Documentation</a> for more details.</p> - -<p>We currently don't have any alternate skins shipping with - [%+ terms.Bugzilla %]. If you write an alternate skin, please - let us know!</p> - -<h3 id="v30_feat_sbu">Unchangeable Fields Appear Unchangeable</h3> - -<p>As long as you are logged in, when viewing [% terms.abug %], if you - cannot change a field, it will not look like you can change it. That - is, the value will just appear as plain text.</p> - -<h3 id="v30_feat_et">All Emails in Templates</h3> - -<p>All outbound emails are now controlled by the templating system. - What used to be the <code>passwordmail</code>, <code>whinemail</code>, - <code>newchangedmail</code> and <code>voteremovedmail</code> - parameters are now all templates in the <kbd>template/</kbd> directory.</p> - -<p>This means that it's now much easier to customize your outbound - emails, and it's also possible for localizers to have more - localized emails as part of their language packs, if they want.</p> - -<p>We also added a <code>mailfrom</code> parameter to let you set - who shows up in the <code>From</code> field on all emails that - [%+ terms.Bugzilla %] sends.</p> - -<h3 id="v30_feat_df">No More Double-Filed [% terms.Bugs %]</h3> - -<p>Users of [% terms.Bugzilla %] will sometimes accidentally submit - [%+ terms.abug %] twice, either by going back in their web browser, - or just by refreshing a page. In the past, this could file the same - [%+ terms.bug %] twice (or even three times) in a row, irritating - developers and confusing users.</p> - -<p>Now, if you try to submit [% terms.abug %] twice from the same screen - (by going back or by refreshing the page), [% terms.Bugzilla %] will warn - you about what you're doing, before it actually submits the duplicate - [%+ terms.bug %].</p> - -<h3 id="v30_feat_cc">Default CC List for Components</h3> - -<p>You can specify a list of users who will <em>always</em> be added to - the CC list of new [% terms.bugs %] in a component.</p> - -<h3 id="v30_feat_emi">File/Modify [% terms.Bugs %] By Email</h3> - -<p>You can now file or modify [% terms.bugs %] via email. Previous versions - of [% terms.Bugzilla %] included this feature only as an - unsupported add-on, but it is now an official interface to - [%+ terms.Bugzilla %].</p> - -<p>For more details see the <a href="[% docs_urlbase FILTER html %]api/email_in.html">documentation - for email_in.pl</a>.</p> - -<h3 id="v30_feat_gw">Users Who Get All [% terms.Bug %] Notifications</h3> - -<p>There is now a parameter called <kbd>globalwatchers</kbd>. This - is a comma-separated list of [% terms.Bugzilla %] users who will - get all [% terms.bug %] notifications generated by [% terms.Bugzilla %].</p> - -<p>Group controls still apply, though, so users who can't see [% terms.abug %] - still won't get notifications about that [% terms.bug %].</p> - -<h3 id="v30_feat_utf8">Improved UTF-8 Support</h3> - -<p>[% terms.Bugzilla %] users running MySQL should now have excellent - UTF-8 support if they turn on the <kbd>utf8</kbd> parameter. (New - installs have this parameter on by default.) [% terms.Bugzilla %] - now correctly supports searching and sorting in non-English languages, - including multi-bytes languages such as Chinese.</p> - -<h3 id="v30_feat_upda">Automatic Update Notification</h3> - -<p>If you belong to the <kbd>admin</kbd> group, you will be notified - when you log in if there is a new release of [% terms.Bugzilla %] - available to download.</p> - -<p>You can control these notifications by changing the - <kbd>upgrade_notification</kbd> parameter.</p> - -<p>If your [% terms.Bugzilla %] installation is on a machine that needs to go - through a proxy to access the web, you may also have to set the - <kbd>proxy_url</kbd> parameter.</p> - -<h3 id="v30_feat_welc">Welcome Page for New Installs</h3> - -<p>When you log in for the first time on a brand-new [% terms.Bugzilla %] - installation, you will be presented with a page that describes - where you should go from here, and what parameters you should set.</p> - -<h3 id="v30_feat_qs">QuickSearch Plugin for IE7 and Firefox 2</h3> - -<p>Firefox 2 users and Internet Explorer 7 users will be presented - with the option to add [% terms.Bugzilla %] to their search bar. - This uses the - <a href="page.cgi?id=quicksearch.html">QuickSearch syntax</a>.</p> - -<h3 id="v30_feat_other">Other Enhancements and Changes</h3> - -<p>These are either minor enhancements, or enhancements that have - very short descriptions. Some of these are very useful, though!</p> - -<h4>Enhancements That Affect [% terms.Bugzilla %] Users</h4> - -<ul> - <li>In comments, quoted text (lines that start with <kbd>></kbd>) - will be a different color from normal text.</li> - <li>There is now a user preference that will add you to the CC list - of any [% terms.bug %] you modify. Note that it's <strong>on</strong> - by default.</li> - <li>[% terms.Bugs %] can now be filed with an initial state of - <kbd>ASSIGNED</kbd>, if you are in the <kbd>editbugs</kbd> group.</li> - <li>By default, comment fields will zoom large when you are typing in them, - and become small when you move out of them. You can disable this - in your user preferences.</li> - <li>You can hide obsolete attachments on [% terms.abug %] by clicking - "Hide Obsolete" at the bottom of the attachment table.</li> - <li>If [% terms.abug %] has flags set, and you move it to a different - product that has flags with the same name, the flags will be - preserved.</li> - <li>You now can't request a flag to be set by somebody who can't set it - ([% terms.Bugzilla %] will throw an error if you try).</li> - <li>Many new headers have been added to outbound [% terms.Bugzilla %] - [%+ terms.bug %] emails: <code>X-Bugzilla-Status</code>, - <code>X-Bugzilla-Priority</code>, <code>X-Bugzilla-Assigned-To</code>, - <code>X-Bugzilla-Target-Milestone</code>, and - <code>X-Bugzilla-Changed-Fields</code>, <code>X-Bugzilla-Who</code>. - You can look at an email to get an idea of what they contain.</li> - <li>In addition to the old <code>X-Bugzilla-Reason</code> email header - which tells you why you got an email, if you got an email because - you were watching somebody, there is now an - <code>X-Bugzilla-Watch-Reason</code> header that tells you who you - were watching and what role they had.</li> - <li>If you hover your mouse over a full URL (like - <code>http://bugs.mycompany.com/show_bug.cgi?id=1212</code>) that - links to [% terms.abug %], you will see the title of the - [%+ terms.bug %]. Of course, this only works for [% terms.bugs %] in your - [%+ terms.Bugzilla %] installation.</li> - <li>If your installation has user watching enabled, you will now see - the users that you can remove from your watch-list as a multi-select - box, much like the current CC list. (Previously it was just a text - box.)</li> - <li>When a user creates their own account in [% terms.Bugzilla %], the - account is now not actually created until they verify their email - address by clicking on a link that is emailed to them.</li> - <li>You can change [% terms.abug %]'s resolution without reopening it.</li> - <li>When you view the dependency tree on [% terms.abug %], resolved - [%+ terms.bugs %] will be hidden by default. (In previous versions, - resolved [% terms.bugs %] were shown by default.)</li> - <li>When viewing [% terms.bug %] activity, fields that hold [% terms.bug %] - numbers (such as "Blocks") will have the [% terms.bug %] numbers - displayed as links to those [% terms.bugs %].</li> - <li>When viewing the "Keywords" field in [% terms.abug %] list, - it will be sorted alphabetically, so you can sanely sort a list on - that field.</li> - <li>In most places, the Version field is now sorted using a version-sort - (so 1.10 is greater than 1.2) instead of an alphabetical sort.</li> - <li>Options for flags will only appear if you can set them. So, for - example, if you can't grant <kbd>+</kbd> on a flag, that option - won't appear for you.</li> - <li>You can limit the product-related output of <kbd>config.cgi</kbd> - by specifying a <kbd>product=</kbd> URL argument, containing the name - of a product. You can specify the argument more than once for multiple - products.</li> - <li>You can now search the boolean charts on whether or not a comment - is private.</li> -</ul> - -<h4>Enhancements For Administrators</h4> - -<ul> - <li>Administrators can now delete attachments, making them disappear - entirely from [% terms.Bugzilla %].</li> - <li><kbd>sanitycheck.cgi</kbd> can now only be accessed by users - in the <kbd>editcomponents</kbd> group.</li> - <li>The "Field Values" control panel can now only be accessed - by users in the <kbd>admin</kbd> group. (Previously it was accessible - to anybody in the <kbd>editcomponents</kbd> group.)</li> - <li>There is a new parameter <kbd>announcehtml</kbd>, that will allow - you to enter some HTML that will be displayed at the top of every - page, as an announcement.</li> - <li>The <kbd>loginnetmask</kbd> parameter now defaults to 0 for new - installations, meaning that as long as somebody has the right - login cookie, they can log in from any IP address. This makes - life a lot easier for dial-up users or other users whose IP - changes a lot. This could be done because the login cookie is now - very random, and thus secure.</li> - <li>Classifications now have sortkeys, so they can be sorted in an - order that isn't alphabetical.</li> - <li>Authentication now supports LDAP over SSL (LDAPS) or TLS (using - the STARTLS command) in addition to plain LDAP.</li> - <li>LDAP users can have their LDAP username be their email address, - instead of having the LDAP <kbd>mail</kbd> attribute be their - email address. You may wish to set the <kbd>emailsuffix</kbd> - parameter if you do this.</li> - <li>Administrators can now see what has changed in a user account, - when using the "Users" control panel.</li> - <li><code>REMIND</code> and <code>LATER</code> are no longer part - of the default list of resolutions. Upgrading installations will - not be affected--they will still have these resolutions.</li> - <li><kbd>editbugs</kbd> is now the default for the <kbd>timetrackinggroup</kbd> - parameter, meaning that time-tracking will be on by default in a new - installation.</li> -</ul> - -<h2 id="v30_issues">Outstanding Issues</h2> - -<ul> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=69621"> - [%- terms.Bug %] 69621</a>: If you rename or remove a keyword that is - in use on [% terms.bugs %], you will need to rebuild the "keyword cache" - by running <a href="sanitycheck.cgi">sanitycheck.cgi</a> and choosing - the option to rebuild the cache when it asks. Otherwise keywords may - not show up properly in search results.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=99215"> - [%- terms.Bug %] 99215</a>: Flags are not protected by "mid-air - collision" detection. Nor are any attachment changes.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=89822"> - [%- terms.Bug %] 89822</a>: When changing multiple [% terms.bugs %] at - the same time, there is no "mid-air collision" protection.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=276230"> - [%- terms.Bug %] 276230</a>: The support for restricting access to - particular Categories of New Charts is not complete. You should treat - the 'chartgroup' Param as the only access mechanism available.<br> - However, charts migrated from Old Charts will be restricted to - the groups that are marked MANDATORY for the corresponding Product. - There is currently no way to change this restriction, and the - groupings will not be updated if the group configuration - for the Product changes.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=370370"> - [%- terms.Bug %] 370370</a>: mod_perl support is currently not - working on Windows machines.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=361149"> - [%- terms.Bug %] 361149</a>: If you are using Perl 5.8.0, you may - get a lot of warnings in your Apache error_log about "deprecated - pseudo-hashes." These are harmless--they are a b[%# fool test %]ug in - Perl 5.8.0. Perl 5.8.1 and later do not have this problem.</li> - <li>[% terms.Bugzilla %] 3.0rc1 allowed custom field column names in - the database to be mixed-case. [% terms.Bugzilla %] 3.0 only allows - lowercase column names. It will fix any column names that you have - made mixed-case, but if you have custom fields that previously were - mixed-case in any Saved Search, you will have to re-create that Saved - Search yourself.</li> -</ul> - -<h2 id="v30_security">Security Updates in This Release</h2> - -<h3>3.0.6</h3> - -<p>[% terms.Bugzilla %] contains a minor security fix. For details, see the - <a href="http://www.bugzilla.org/security/2.20.6/">Security Advisory</a>.</p> - -<h3>3.0.5</h3> - -<p>[% terms.Bugzilla %] contains one security fix for - <a href="[% docs_urlbase FILTER html %]api/importxml.html">importxml.pl</a>. - For details, see the - <a href="http://www.bugzilla.org/security/2.22.4/">Security Advisory</a>.</p> - -<h3>3.0.4</h3> - -<p>[% terms.Bugzilla %] 3.0.4 contains three security fixes. - For details, see the - <a href="http://www.bugzilla.org/security/2.20.5/">Security Advisory</a>.</p> - -<h3>3.0.3</h3> - -<p>No security fixes in this release.</p> - -<h3>3.0.2</h3> - -<p>[% terms.Bugzilla %] 3.0.1 had an important security fix that is - critical for public installations with "requirelogin" turned on. - For details, see the - <a href="http://www.bugzilla.org/security/3.0.1/">Security Advisory</a></p> - -<h3>3.0.1</h3> - -<p>[% terms.Bugzilla %] 3.0 had three security issues that have been - fixed in this release: one minor information leak, one hole only - exploitable by an admin or using <code>email_in.pl</code>, and one in an - uncommonly-used template. For details, see the - <a href="http://www.bugzilla.org/security/2.20.4/">Security Advisory</a>.</p> - -<h2 id="v30_upgrading">How to Upgrade From An Older Version</h2> - -<h3 id="v30_upgrading_notes">Notes For Upgraders</h3> - -<ul> - <li>If you upgrade by CVS, there are several .cvsignore files - that are now in CVS instead of being locally created by - <kbd>checksetup.pl</kbd>. This means that you will have to - delete those files when CVS tells you there's a conflict, and - then run <kbd>cvs update</kbd> again.</li> - <li>In this version of [% terms.Bugzilla %], the Summary field - is now limited to 255 characters. When you upgrade, any Summary - longer than that will be truncated, and the old summary will be - preserved in a comment.</li> - <li>If you have the <kbd>utf8</kbd> parameter turned on, at some - point you will have to convert your database. <kbd>checksetup.pl</kbd> - will tell you when this is, and it will give you certain instructions - at that time, that you have to follow before you can complete - the upgrade. Don't do the conversion yourself manually--follow - the instructions of <kbd>checksetup.pl</kbd>.</li> - <li>If you ever ran 2.23.3, 2.23.4, or 3.0rc1, you will have to run - <kbd>./collectstats.pl --regenerate</kbd> at the command line, because - the data for your Old Charts is corrupted. This can take several days, - so you may only want to run it if you use Old Charts.</li> - <li>You should also read the Outstanding Issues sections of - <a href="#v30_previous">older release notes</a> if you are upgrading - from a version lower than 2.22.</li> -</ul> - -<h3>Steps For Upgrading</h3> - -<p>Once you have read the notes above, see the - <a href="[% docs_urlbase FILTER html %]upgrade.html">Upgrading - documentation</a> for instructions on how to upgrade.</p> - -<h2 id="v30_code_changes">Code Changes Which May Affect Customizations</h2> - -<ul> - <li><a href="#v30_code_loc"><strong>Packagers:</strong> Location - Variables Have Moved</a></li> - <li><a href="#v30_code_hooks">Hooks!</a></li> - <li><a href="#v30_code_api">API Documentation</a></li> - <li><a href="#v30_code_globals">Elimination of globals.pl</a></li> - <li><a href="#v30_code_scope">Cleaned Up Variable Scoping Issues</a></li> - <li><a href="#v30_code_sql">No More SendSQL</a></li> - <li><a href="#v30_code_auth">Auth Re-write</a></li> - <li><a href="#v30_code_obj">Bugzilla::Object</a></li> - <li><a href="#v30_code_req">Bugzilla->request_cache</a></li> - <li><a href="#v30_code_other">Other Changes</a></li> -</ul> - -<h3 id="v30_code_loc"><strong>Packagers:</strong> Location Variables - Have Moved</h3> - -<p>In previous versions of [% terms.Bugzilla %], <kbd>Bugzilla::Config</kbd> - held all the paths for different things, such as the path to localconfig - and the path to the <kbd>data/</kbd> directory.</p> - -<p>Now, all of this data is stored in a subroutine, - <kbd>Bugzilla::Constants::bz_locations</kbd>.</p> - -<p>Also, note that for mod_perl, <kbd>bz_locations</kbd> must return - <em>absolute</em> (not relative) paths. There is already code in that - subroutine to help you with this.</p> - -<h3 id="v30_code_hooks">Hooks!</h3> - -<p>[% terms.Bugzilla %] now supports a code hook mechanism. See the - documentation for - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Hook.html">Bugzilla::Hook</a> - for more details.</p> - -<p>This gives [% terms.Bugzilla %] very advanced plugin support. You can - hook templates, hook code, add new parameters, and use the XML-RPC - interface. So we'd like to see some [% terms.Bugzilla %] plugins - written! Let us know on the <a href="http://bugzilla.org/cgi-bin/mj_wwwusr?func=lists-long-full&extra=developers">developers@bugzilla.org</a> - mailing list if you write a plugin.</p> - -<p>If you need more hooks, please - <a href="http://www.bugzilla.org/developers/reporting_bugs.html">File a b<!-- -->ug</a>!</p> - -<h3 id="v30_code_api">API Documentation</h3> - -<p>[% terms.Bugzilla %] now ships with all of its perldoc built - as HTML. Go ahead and read the - <a href="[% docs_urlbase FILTER html %]api/">API Documentation</a> - for all of the [% terms.Bugzilla %] modules now! Even scripts like - <kbd>checksetup.pl</kbd> have HTML documentation.</p> - -<h3 id="v30_code_globals">Elimination of globals.pl</h3> - -<p>The old file <kbd>globals.pl</kbd> has been eliminated. - Its code is now in various modules. Each function went to the module - that was appropriate for it.</p> - -<p>Usually we filed [% terms.abug %] in - <a href="https://bugzilla.mozilla.org">bugzilla.mozilla.org</a> for - each function we moved. You can search there for the old name of - the function, and that should get you the information about what - it's called now and where it lives.</p> - -<h3 id="v30_code_scope">Cleaned Up Variable Scoping Issues</h3> - -<p>In normal perl, you can have code like this:</p> -<pre>my $var = 0; -sub y { $var++ }</pre> - -<p>However, under mod_perl that doesn't work. So variables are no - longer "shared" with subroutines--instead all variables - that a subroutine needs must be declared inside the subroutine itself.</p> - -<h3 id="v30_code_sql">No More SendSQL</h3> - -<p>The old <kbd>SendSQL</kbd> function and all of its companions are - <strong>gone</strong>. Instead, we now use DBI for all database - interaction.</p> - -<p>For more information about how to use - <a href="http://search.cpan.org/perldoc?DBI">DBI</a> with - [%+ terms.Bugzilla %], see the - <a href="http://www.bugzilla.org/docs/developer.html#sql-sendreceive">Developer's - Guide Section About DBI</a></p> - -<h3 id="v30_code_auth">Auth Re-write</h3> - -<p>The <kbd>Bugzilla::Auth</kbd> family of modules have been completely - re-written. For details on how the new structure of authentication, - read the - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Auth.html">Bugzilla::Auth - API docs</a>.</p> - -<p>It should be very easy to write new authentication plugins, now.</p> - -<h3 id="v30_code_obj">Bugzilla::Object</h3> - -<p>There is a new base class for most of our objects, - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Object.html">Bugzilla::Object</a>. - It makes it really easy to create new objects based on things that are - in the database.</p> - -<h3 id="v30_code_req">Bugzilla->request-cache</h3> - -<p><kbd>Bugzilla.pm</kbd> used to cache things like the database - connection in package-global variables (like <kbd>$_dbh</kbd>). - That doesn't work in mod_perl, so instead now there's a hash - that can be accessed through <code>Bugzilla->request_cache</code> - to store things for the rest of the current page request.</p> - -<p>You shouldn't access <code>Bugzilla->request_cache</code> directly, - but you should use it inside of <kbd>Bugzilla.pm</kbd> if you modify - that. The only time you should be accessing it directly is if you need - to reset one of the caches. Hash keys are always named after the function - that they cache, so to reset the template object, you'd do: - <code>delete Bugzilla->request_cache->{template};</code>.</p> - -<h3 id="v30_code_other">Other Changes</h3> - -<ul> - <li><kbd>checksetup.pl</kbd> has been completely re-written, and most - of its code moved into modules in the <kbd>Bugzilla::Install</kbd> - namespace. See the - <a href="[% docs_urlbase FILTER html %]api/checksetup.html">checksetup - documentation</a> and <a href="https://bugzilla.mozilla.org/showdependencytree.cgi?id=277502&hide_resolved=0">[% terms.Bugzilla %] - [%+ terms.bug %] 277502</a> for details.</li> - <li>Instead of <kbd>UserInGroup()</kbd>, all of [% terms.Bugzilla %] now - uses <kbd>Bugzilla->user->in_group</kbd></li> - <li>mod_perl doesn't like dependency loops in modules, so we now have - a test for that detects dependency loops in modules when you run - <kbd>runtests.pl</kbd>.</li> - <li><kbd>globals.pl</kbd> used to modify the environment variables, - like <kbd>PATH</kbd>. That now happens in <kbd>Bugzilla.pm</kbd>.</li> - <li>Templates can now link to the documentation more easily. - See the <kbd>global/code-error.html.tmpl</kbd> and - <kbd>global/user-error.html.tmpl</kbd> templates for examples. - (Search for "docslinks.")</li> - <li>Parameters are accessed through <kbd>Bugzilla->params</kbd> - instead of using the <kbd>Param()</kbd> function, now.</li> - <li>The variables from the <kbd>localconfig</kbd> file are accessed - through the <code>Bugzilla->localconfig</code> hash instead of through - <kbd>Bugzilla::Config</kbd>.</li> - <li><kbd>Bugzilla::BugMail::MessageToMTA()</kbd> has moved into its - own module, along with other mail-handling code, called - <kbd>Bugzilla::Mailer</kbd></li> - <li>The <kbd>CheckCanChangeField()</kbd> subroutine in - <kbd>process_bug.cgi</kbd> has been moved to <kbd>Bugzilla::Bug</kbd>, - and is now a method of [% terms.abug %] object.</li> - <li>The code that used to be in the <kbd>global/banner.html.tmpl</kbd> - template is now in <kbd>global/header.html.tmpl</kbd>. The banner - still exists, but the file is empty.</li> -</ul> - -<h2 id="v30_previous">Release Notes For Previous Versions</h2> - -<p>Release notes for versions of [% terms.Bugzilla %] for versions - prior to 3.0 are only available in text format: - <a href="[% docs_urlbase FILTER remove('html/$') FILTER html %]rel_notes.txt">Release Notes for [% terms.Bugzilla %] 2.22 - and Earlier</a>.</p> +<p><a href="page.cgi?id=release-notes3.html">Release Notes for + [%+ terms.Bugzilla %] 3.x and Earlier</a></p> [% INCLUDE global/footer.html.tmpl %] [% BLOCK db_req %] [% SET m = DB_MODULE.$db %] - <h3 id="v40_req_[% db FILTER html %]">For [% m.name FILTER html %] Users</h3> + <h3 id="v42_req_[% db FILTER html %]">For [% m.name FILTER html %] Users</h3> <ul> <li>[% m.name FILTER html %] diff --git a/template/en/default/pages/release-notes3.html.tmpl b/template/en/default/pages/release-notes3.html.tmpl new file mode 100644 index 000000000..79f0528ed --- /dev/null +++ b/template/en/default/pages/release-notes3.html.tmpl @@ -0,0 +1,3483 @@ +[%# The contents of this file are subject to the Mozilla Public + # License Version 1.1 (the "License"); you may not use this file + # except in compliance with the License. You may obtain a copy of + # the License at http://www.mozilla.org/MPL/ + # + # Software distributed under the License is distributed on an "AS + # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + # implied. See the License for the specific language governing + # rights and limitations under the License. + # + # The Original Code is the Bugzilla Bug Tracking System. + # + # The Initial Developer of the Original Code is Everything Solved. + # Portions created by Everything Solved are Copyright (C) 2006 + # Everything Solved. All Rights Reserved. + # + # Contributor(s): Max Kanat-Alexander <mkanat@bugzilla.org> + #%] + +[% PROCESS global/variables.none.tmpl %] +[% SET title = "$terms.Bugzilla 3.6 Release Notes" %] +[% INCLUDE global/header.html.tmpl + title = title + style_urls = ['skins/standard/page.css'] +%] + +<h3>Release Notes For Newer Versions</h3> + +<p>Release notes for versions of [% terms.Bugzilla %] of the 4.x series are + available <a href="page.cgi?id=release-notes.html">here</a>.</p> + +<h1>[% title FILTER html %]</h1> + +<ul class="bz_toc"> + <li><a href="#v36_introduction">Introduction</a></li> + <li><a href="#v36_point">Updates in this 3.6.x Release</a></li> + <li><a href="#v36_req">Minimum Requirements</a></li> + <li><a href="#v36_feat">New Features and Improvements</a></li> + <li><a href="#v36_issues">Outstanding Issues</a></li> + <li><a href="#v36_upgrading">Notes On Upgrading From a Previous Version</a></li> + <li><a href="#v36_code_changes">Code Changes Which May Affect + Customizations</a></li> + <li><a href="#v36_previous">Release Notes for Previous Versions</a></li> +</ul> + +<h2 id="v36_introduction">Introduction</h2> + +<p>Welcome to [% terms.Bugzilla %] 3.6! The focus of the 3.6 release is + on improving usability and "polishing up" all our features (by adding + some pieces that were "missing" or always wanted), although we + also have a few great new features for you, as well!</p> + +<p>If you're upgrading, make sure to read <a href="#v36_upgrading">Notes + On Upgrading From a Previous Version</a>. If you are upgrading from a release + before 3.4, make sure to read the release notes for all the + <a href="#v36_previous">previous versions</a> in between your version + and this one, <strong>particularly the Upgrading section of each + version's release notes</strong>.</p> + +<p>We would like to thank <a href="http://www.canonical.com/">Canonical + Ltd.</a>, <a href="http://www.itasoftware.com/">ITA Software</a>, + the <a href="http://www.ibm.com/linux/ltc/">IBM Linux Technology Center</a>, + <a href="http://www.redhat.com/">Red Hat</a>, and + <a href="http://www.novell.com/">Novell</a> for funding the development + of various features and improvements in this release of + [%+ terms.Bugzilla %].</p> + +<h2 id="v36_point">Updates in this 3.6.x Release</h2> + +<h3>3.6.2</h3> + +<p>This release fixes various security issues. See the + <a href="http://www.bugzilla.org/security/3.2.7/">Security Advisory</a> + for details.</p> + +<p>In addition, the following important fixes/changes have been made in + this release:</p> + +<ul> + <li>[% terms.Bugzilla %] installations running on older versions of IIS + will no longer experience the "Undef to trick_taint" errors that would + sometimes occur. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=521416">[% terms.Bug %] 521416</a>) + </li> + <li>Email notifications were missing the dates that comments were made. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=578003">[% terms.Bug %] 578003</a>) + </li> + <li>Putting a phrase in quotes in the Quicksearch box now works properly, + again. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=578494">[% terms.Bug %] 578494</a> + and <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=553884">[% terms.Bug %] 553884</a>) + </li> + <li>Quicksearch was usually (incorrectly) being limited to 200 results. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=581622">[% terms.Bug %] 581622</a>) + </li> + <li>On Windows, <kbd>install-module.pl</kbd> can now properly install + DateTime and certain other Perl modules that didn't install properly + before. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=576105">[% terms.Bug %] 576105</a>) + </li> + <li>Searching "keywords" for "contains none of the words" or "does not + match regular expression" now works properly. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=562014">[% terms.Bug %] 562014</a>) + </li> + <li>Doing <kbd>collectstats.pl --regenerate</kbd> now works on installations + using PostgreSQL. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=577058">[% terms.Bug %] 577058</a>) + </li> + <li>The "Field Values" administrative control panel was sometimes denying + admins the ability to delete field values when there was no reason + to deny the deletion. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=577054">[% terms.Bug %] 577054</a>) + </li> + <li>Eliminate the "uninitialized value" warnings that would happen when + editing a product's components. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=576911">[% terms.Bug %] 576911</a>) + </li> + <li>The updating of bugs_fulltext that happens during + <kbd>checksetup.pl</kbd> for upgrades to 3.6 should now be MUCH faster. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=577754">[% terms.Bug %] 577754</a>) + </li> + <li><kbd>email_in.pl</kbd> was not allowing the setting of time-tracking + fields via inbound emails. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=583622">[% terms.Bug %] 583622</a>) + </li> +</ul> + +<h3>3.6.1</h3> + +<p>This release fixes two security issues. See the + <a href="http://www.bugzilla.org/security/3.2.6/">Security Advisory</a> + for details.</p> + +<p>In addition, the following important fixes/changes have been made in + this release:</p> + +<ul> + <li>Using the "Change Columns" page would sometimes result in a + plain-text page instead of HTML. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=376044">[% terms.Bug %] 376044</a>) + </li> + <li>Extensions that have only templates and no code are now working. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=562551">[% terms.Bug %] 562551</a>) + </li> + <li><kbd>install-module.pl</kbd> has been fixed so that it installs + modules properly on both new and old versions of Perl. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=560318">[% terms.Bug %] 560318</a> + and <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=560330">[% terms.Bug %] 560330</a>) + </li> + <li>It is now possible to upgrade from 3.4 to 3.6 when using Oracle. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=561379">[% terms.Bug %] 561379</a>) + </li> + <li>Editing a field value's name (using the Field Values admin control + panel) wasn't working if the value was set as the default for that + field. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=561296">[% terms.Bug %] 561296</a>) + </li> + <li>If you had the <kbd>noresolveonopenblockers</kbd> parameter set, + [%+ terms.bugs %] couldn't be edited at all if they were marked FIXED + and had any open blockers. (The parameter is only supposed to prevent + <em>changing</em> [% terms.bugs %] to FIXED, not modifying already-FIXED + [%+ terms.bugs %].) + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=565314">[% terms.Bug %] 565314</a>) + </li> + <li>Some minor issues with Perl 5.12 were fixed (mostly warnings that Perl + 5.12 was throwing). [% terms.Bugzilla %] now supports Perl 5.12.</li> +</ul> + +<h2 id="v36_req">Minimum Requirements</h2> + +<p>Any requirements that are new since 3.4.5 will look like + <span class="req_new">this</span>.</p> + +<ul> + <li><a href="#v36_req_perl">Perl</a></li> + <li><a href="#v36_req_mysql">For MySQL Users</a></li> + <li><a href="#v36_req_pg">For PostgreSQL Users</a></li> + <li><a href="#v36_req_oracle">For Oracle Users</a></li> + <li><a href="#v36_req_modules">Required Perl Modules</a></li> + <li><a href="#v36_req_optional_mod">Optional Perl Modules</a></li> +</ul> + +<h3 id="v36_req_perl">Perl</h3> + +<p>Perl v5.8.1</p> + +<h3 id="v36_req_mysql">For MySQL Users</h3> + + <ul> + <li>MySQL + v4.1.2 + </li> + <li><strong>perl module:</strong> + DBD::mysql v4.00</li> + </ul> + +<h3 id="v36_req_pg">For PostgreSQL Users</h3> + + <ul> + <li>PostgreSQL + v8.00.0000 + </li> + <li><strong>perl module:</strong> + DBD::Pg v1.45</li> + </ul> +<h3 id="v36_req_oracle">For Oracle Users</h3> + + <ul> + <li>Oracle + v10.02.0 + </li> + <li><strong>perl module:</strong> + DBD::Oracle v1.19</li> + </ul> + +<h3 id="v36_req_modules">Required Perl Modules</h3> + +<table class="req_table" border="0" cellspacing="0" cellpadding="0"> + <tr> + <th>Module</th> <th>Version</th> + </tr> + <tr> + <td >CGI</td> + <td >3.21 + </td> + </tr> + <tr> + <td >Digest::SHA</td> + <td > + (Any) + </td> + </tr> + <tr> + <td >Date::Format</td> + <td >2.21 + </td> + </tr> + <tr> + <td >DateTime</td> + <td >0.28 + </td> + </tr> + <tr> + <td >DateTime::TimeZone</td> + <td >0.71 + </td> + </tr> + <tr> + <td >DBI</td> + <td >1.41 + </td> + </tr> + <tr> + <td >Template</td> + <td >2.22 + </td> + </tr> + <tr> + <td >Email::Send</td> + <td >2.00 + </td> + </tr> + <tr> + <td >Email::MIME</td> + <td >1.861 + </td> + </tr> + <tr> + <td >Email::MIME::Encodings</td> + <td >1.313 + </td> + </tr> + <tr> + <td >Email::MIME::Modifier</td> + <td >1.442 + </td> + </tr> + <tr> + <td >URI</td> + <td > + (Any) + </td> + </tr> +</table> + +<h3 id="v36_req_optional_mod">Optional Perl Modules</h3> + +<p>The following perl modules, if installed, enable various + features of [% terms.Bugzilla %]:</p> + +<table class="req_table" border="0" cellspacing="0" cellpadding="0"> + <tr> + <th>Module</th> <th>Version</th> + <th>Enables Feature</th> + </tr> + <tr> + <td >GD</td> + <td >1.20 + </td> + <td>Graphical Reports, New Charts, Old Charts</td> + </tr> + <tr> + <td >Chart::Lines</td> + <td class="req_new">2.1 + </td> + <td>New Charts, Old Charts</td> + </tr> + <tr> + <td >Template::Plugin::GD::Image</td> + <td > + (Any) + </td> + <td>Graphical Reports</td> + </tr> + <tr> + <td >GD::Text</td> + <td > + (Any) + </td> + <td>Graphical Reports</td> + </tr> + <tr> + <td >GD::Graph</td> + <td > + (Any) + </td> + <td>Graphical Reports</td> + </tr> + <tr> + <td >XML::Twig</td> + <td > + (Any) + </td> + <td>Move [% terms.Bugs %] Between Installations, + Automatic Update Notifications</td> + </tr> + <tr> + <td >MIME::Parser</td> + <td >5.406 + </td> + <td>Move [% terms.Bugs %] Between Installations</td> + </tr> + <tr> + <td >LWP::UserAgent</td> + <td > + (Any) + </td> + <td>Automatic Update Notifications</td> + </tr> + <tr> + <td >PatchReader</td> + <td >0.9.4 + </td> + <td>Patch Viewer</td> + </tr> + <tr> + <td >Net::LDAP</td> + <td > + (Any) + </td> + <td>LDAP Authentication</td> + </tr> + <tr> + <td >Authen::SASL</td> + <td > + (Any) + </td> + <td>SMTP Authentication</td> + </tr> + <tr> + <td >Authen::Radius</td> + <td > + (Any) + </td> + <td>RADIUS Authentication</td> + </tr> + <tr> + <td >SOAP::Lite</td> + <td >0.710.06 + </td> + <td>XML-RPC Interface</td> + </tr> + <tr> + <td class="req_new">JSON::RPC</td> + <td class="req_new"> + (Any) + </td> + <td>JSON-RPC Interface</td> + </tr> + <tr> + <td class="req_new">Test::Taint</td> + <td class="req_new"> + (Any) + </td> + <td>JSON-RPC Interface, XML-RPC Interface</td> + </tr> + <tr> + <td >HTML::Parser</td> + <td >3.40 + </td> + <td>More HTML in Product/Group Descriptions</td> + </tr> + <tr> + <td >HTML::Scrubber</td> + <td > + (Any) + </td> + <td>More HTML in Product/Group Descriptions</td> + </tr> + <tr> + <td >Email::MIME::Attachment::Stripper</td> + <td > + (Any) + </td> + <td>Inbound Email</td> + </tr> + <tr> + <td >Email::Reply</td> + <td > + (Any) + </td> + <td>Inbound Email</td> + </tr> + <tr> + <td >TheSchwartz</td> + <td > + (Any) + </td> + <td>Mail Queueing</td> + </tr> + <tr> + <td >Daemon::Generic</td> + <td > + (Any) + </td> + <td>Mail Queueing</td> + </tr> + <tr> + <td >mod_perl2</td> + <td >1.999022 + </td> + <td>mod_perl</td> + </tr> +</table> + +<h2 id="v36_feat">New Features and Improvements</h2> + +<ul> + <li><a href="#v36_feat_usability">General Usability Improvements</a></li> + <li><a href="#v36_feat_extensions">New Extensions System</a></li> + <li><a href="#v36_feat_qs">Improved Quicksearch</a></li> + <li><a href="#v36_feat_browse">Simple "Browse" Interface</a></li> + <li><a href="#v36_feat_suexec">SUExec Support</a></li> + <li><a href="#v36_feat_mpwindows">Experimental mod_perl Support on Windows</a></li> + <li><a href="#v36_email_attachments">Send Attachments by Email</a></li> + <li><a href="#v36_feat_jsonrpc">JSON-RPC Interface</a></li> + <li><a href="#v36_feat_migrate">Migration From Other [% terms.Bug %]-Trackers</a></li> + <li><a href="#v36_feat_other">Other Enhancements and Changes</a></li> +</ul> + +<h3 id="v36_feat_usability">General Usability Improvements</h3> + +<p>A <a href="https://wiki.mozilla.org/Bugzilla:CMU_HCI_Research_2008">scientific + usability study</a> was done on [% terms.Bugzilla %] by researchers + from Carnegie-Mellon University. As a result of this study, + <a href="https://bugzilla.mozilla.org/showdependencytree.cgi?id=490786&hide_resolved=0">several + usability issues</a> were prioritized to be fixed, based on specific data + from the study.</p> + +<p>As a result, you will see many small improvements in [% terms.Bugzilla %]'s + usability, such as using Javascript to validate certain forms before + they are submitted, standardizing the words that we use in the user interface, + being clearer about what [% terms.Bugzilla %] needs from the user, + and other changes, all of which are also listed individually in this New + Features section.</p> + +<p>Work continues on improving usability for the next release of + [%+ terms.Bugzilla %], but the results of the research have already + had an impact on this 3.6 release.</p> + +<h3 id="v36_feat_extensions">New Extensions System</h3> + +<p>[% terms.Bugzilla %] has a brand-new Extensions system. The system is + consistent, fast, and + <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Extension.html">fully + documented</a>. It makes it possible to easily extend [% terms.Bugzilla %]'s + code and user interface to add new features or change existing features. + There's even + <a href="[% docs_urlbase FILTER html %]api/extensions/create.html">a + script</a> that will create the basic layout of an extension for you, to + help you get started. For more information about the new system, see the + <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Extension.html">Extensions + documentation</a>.</p> + +<p>If you had written any extensions using [% terms.Bugzilla %]'s previous + extensions system, there is + <a href="[% docs_urlbase FILTER html %]api/contrib/extension-convert.html">a + script to help convert old extensions into the new format</a>.</p> + +<h3 id="v36_feat_qs">Improved Quicksearch</h3> + +<p>The "quicksearch" box that appears on the front page of + [%+ terms.Bugzilla %] and in the header/footer of every page + is now simplified and made more powerful. There is a + <kbd>[?]</kbd> link next to the box that will take you to + the simplified <a href="page.cgi?id=quicksearch.html">Quicksearch Help</a>, + which describes every single feature of the system in a simple layout, + including new features such as the ability to use partial field names + when searching.</p> + +<p>Quicksearch should also be much faster than it was before, particularly + on large installations.</p> + +<p>Note that in order to implement the new quicksearch, certain old + and rarely-used features had to be removed: + +<ul> + <li><b>+</b> as a prefix to mean "search additional resolutions", and + <b>+</b> as a prefix to mean "search just the summary". You can + instead use <kbd>summary:</kbd> to explicitly search summaries.</li> + <li>Searching the Severity field if you type something that matches + the first few characters of a severity. You can explicitly search + the Severity field if you want to find [% terms.bugs %] by severity.</li> + <li>Searching the Priority field if you typed something that exactly + matched the name of a priority. You can explicitly search the + Priority field if you want to find [% terms.bugs %] by priority.</li> + <li>Searching the Platform and OS fields if you typed in one of a + certain hard-coded list of strings (like "pc", "windows", etc.). + You can explicitly search these fields, instead, if you want to + find [% terms.bugs %] with a specific Platform or OS set.</li> +</ul> + +<h3 id="v36_feat_browse">Simple "Browse" Interface</h3> + +<p>There is now a "Browse" link in the header of each [% terms.Bugzilla %] + page that presents a very basic interface that allows users to simply + browse through all open [% terms.bugs %] in particular components.</p> + +<h3 id="v36_feat_suexec">SUExec Support</h3> + +<p>[% terms.Bugzilla %] can now be run in Apache's "SUExec" mode, + which is what control panel software like cPanel and Plesk use + (so [% terms.Bugzilla %] should now be much easier to install + on shared hosting). SUExec support shows up as an option + in the <kbd>localconfig</kbd> file during installation.</p> + +<h3 id="v36_feat_mpwindows">Experimental mod_perl Support on Windows</h3> + +<p>There is now experimental support for running [% terms.Bugzilla %] + under mod_perl on Windows, for a significant performance enhancement + (in exchange for using more memory).</p> + +<h3 id="v36_email_attachments">Send Attachments by Email</h3> + +<p>The <a href="[% docs_urlbase FILTER html %]api/email_in.html">email_in</a> + script now supports attaching multiple attachments to [% terms.abug %] + by email, both when filing and when updating [% terms.abug %].</p> + +<h3 id="v36_feat_jsonrpc">JSON-RPC Interface</h3> + +<p>[% terms.Bugzilla %] now has support for the + <a href="http://json-rpc.org/">JSON-RPC</a> WebServices protocol via + <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Server/JSONRPC.html">jsonrpc.cgi</a>. + The JSON-RPC interface is experimental in this release--if you want any + fundamental changes in how it works, + <a href="http://www.bugzilla.org/developers/reporting_bugs.html">let us + know</a>, for the next release of [% terms.Bugzilla %].</p> + +<h3 id="v36_feat_migrate">Migration From Other [% terms.Bug %]-Trackers</h3> + +<p>[% terms.Bugzilla %] 3.6 comes with a new script, + <a href="[% docs_urlbase FILTER html %]api/migrate.html">migrate.pl</a>, + which allows migration from other [% terms.bug %]-tracking systems. + Among the various features of the migration system are:</p> + +<ul> + <li>It is non-destructive--you can migrate into an existing + [%+ terms.Bugzilla %] installation without destroying any data + in the installation.</li> + <li>It has a "dry-run" mode so you can test your migration + before actually running it.</li> + <li>It is relatively easy to write new migrators for new systems, + if you know Perl. The basic migration framework does most of the work + for you, you just have to provide it with the data from your + [%+ terms.bug %]-tracker. See the + <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Migrate.html">Bugzilla::Migrate</a> + documentation and see our current migrator, + <kbd>Bugzilla/Migrate/GNATS.pm</kbd> for information on how to make your + own migrator.</li> +</ul> + +<p>The first migrator that has been implemented is for the GNATS + [%+ terms.bug %]-tracking system. We'd love to see migrators for + other systems! If you want to contribute a new migrator, see our + <a href="http://wiki.mozilla.org/Bugzilla:Developers">development + process</a> for details on how to get code into [% terms.Bugzilla %].</p> + +<p>Thanks to <a href="http://lambdares.com/">Lambda Research</a> for + funding the initial development of this feature.</p> + +<h3 id="v36_feat_other">Other Enhancements and Changes</h3> + +<h4>Enhancements for Users</h4> + +<ul> + <li><b>[% terms.Bug %] Filing:</b> When filing [% terms.abug %], + [%+ terms.Bugzilla %] now visually indicates which fields are + mandatory.</li> + <li><b>[% terms.Bug %] Filing:</b> "Bookmarkable templates" now + support the "alias" and "estimated hours" fields.</li> + + <li><b>[% terms.Bug %] Editing:</b> In previous versions of + [%+ terms.Bugzilla %], if you added a private comment to [% terms.abug %], + then <em>none</em> of the changes that you made at that time were + sent to users who couldn't see the private comment. Now, for users + who can't see private comments, public changes are sent, but the private + comment is excluded from their email notification.</li> + <li><b>[% terms.Bug %] Editing:</b> The controls for groups now + appear to the right of the attachment and time-tracking tables, + when editing [% terms.abug %].</li> + <li><b>[% terms.Bug %] Editing:</b> The "Collapse All Comments" + and "Expand All Comments" links now appear to the right of the + comment list instead of above it.</li> + <li><b>[% terms.Bug %] Editing:</b> The See Also field now supports + URLs for Google Code Issues and the Debian B[% %]ug-Tracking System.</li> + <li><b>[% terms.Bug %] Editing:</b> There have been significant performance + improvements in <kbd>show_bug.cgi</kbd> (the script that displays the + [% terms.bug %]-editing form), particularly for [% terms.bugs %] that + have lots of comments or attachments.</li> + + <li><b>Attachments:</b> The "Details" page of an attachment + now displays itself as uneditable if you can't edit the fields + there.</li> + <li><b>Attachments:</b> We now make sure that there is + a Description specified for an attachment, using JavaScript, before + the form is submitted.</li> + <li><b>Attachments:</b> There is now a link back to the [% terms.bug %] + at the bottom of the "Details" page for an attachment.</li> + <li><b>Attachments:</b> When you click on an "attachment 12345" link + in a comment, if the attachment is a patch, you will now see the + formatted "Diff" view instead of the raw patch.</li> + <li><b>Attachments</b>: For text attachments, we now let the browser + auto-detect the character encoding, instead of forcing the browser to + always assume the attachment is in UTF-8.</li> + + <li><b>Search:</b> You can now display [% terms.bug %] flags as a column + in search results.</li> + <li><b>Search:</b> When viewing search results, you can see which columns are + being sorted on, and which direction the sort is on, as indicated + by arrows next to the column headers.</li> + <li><b>Search:</b> You can now search the Deadline field using relative + dates (like "1d", "2w", etc.).</li> + <li><b>Search:</b> The iCalendar format of search results now includes + a PRIORITY field.</li> + <li><b>Search:</b> It is no longer an error to enter an invalid search + order in a search URL--[% terms.Bugzilla %] will simply warn you that + some of your order options are invalid.</li> + <li><b>Search:</b> When there are no search results, some helpful + links are displayed, offering actions you might want to take.</li> + <li><b>Search:</b> For those who like to make their own + <kbd>buglist.cgi</kbd> URLs (and for people working on customizations), + <kbd>buglist.cgi</kbd> now accepts nearly every valid field in + [%+ terms.Bugzilla %] as a direct URL parameter, like + <kbd>&field=value</kbd>.</li> + + <li><b>Requests:</b> When viewing the "My Requests" page, you can now + see the lists as a normal search result by clicking a link at the + bottom of each table.</li> + <li><b>Requests:</b> When viewing the "My Requests" page, if you are + using Classifications, the Product drop-down will be grouped by + Classification.</li> + + <li><b>Inbound Email:</b> When filing [% terms.abug %] by email, if the + product that you are filing the [% terms.bug %] into has some groups + set as Default for you, the [% terms.bug %] will now be placed into those + groups automatically.</li> + <li><b>Inbound Email:</b> The field names that can be used when creating + [%+ terms.bugs %] by email now exactly matches the set of valid parameters + to the + <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bug.html#create">B[% %]ug.create + WebService function</a>. You can still use most of the old field names + that 3.4 and earlier used for inbound emails, though, for + backwards-compatibility.</li> + + <li>If there are multiple languages available for your + [%+ terms.Bugzilla %], you can now select what language you want + [%+ terms.Bugzilla %] displayed in using links at the top of every + page.</li> + <li>When creating a new account, you will be automatically logged in + after setting your password.</li> + <li>There is no longer a maximum password length for accounts.</li> + <li>In the Dusk skin, it's now easier to see links.</li> + <li>In the Whining system, you can now choose to receive emails even + if there are no [% terms.bugs %] that match your searches.</li> + <li>The arrows in dependency graphs now point the other way, so that + [%+ terms.bugs %] point at their dependencies.</li> + + <li><b>New Charts:</b> You can now convert an existing Saved Search + into a data series for New Charts.</li> + <li><b>New Charts:</b> There is now an interface that allows you to + delete data series.</li> + <li><b>New Charts:</b> When deleting a product, you now have the option + to delete the data series that are associated with that product.</li> +</ul> + +<h4>Enhancements for Administrators and Developers</h4> + +<ul> + <li>Depending on how your workflow is set up, it is now possible to + have both UNCONFIRMED and REOPENED show up as status choices for + a closed [% terms.bug %]. If you only want one or the other to + show up, you should edit your status workflow appropriately + (possibly by removing or disabling the REOPENED status).</li> + <li>You can now "disable" field values so that they don't show + up as choices on [% terms.abug %] unless they are already set as + the value for that [% terms.bug %]. This doesn't work for the + per-product field values (component, target_milestone, and version) + yet, though.</li> + <li>Users are now locked out of their accounts for 30 minutes after + trying five bad passwords in a row during login. Every time a + user is locked out like this, the user in the "maintainer" parameter + will get an email.</li> + <li>The minimum length allowed for a password is now 6 characters.</li> + <li>The <kbd>UNCONFIRMED</kbd> status being enabled in a product + is now unrelated to the voting parameters. Instead, there is a checkbox + to enable the <kbd>UNCONFIRMED</kbd> status in a product.</li> + <li>Information about duplicates is now stored in the database instead + of being stored in the <kbd>data/</kbd> directory. On large installations + this could save several hundred megabytes of disk space.</li> + + <li><b>Installation:</b> When installing [% terms.Bugzilla %], the + "maintainer" parameter will be automatically set to the administrator + that was created by <kbd>checksetup.pl</kbd>.</li> + <li><b>Installation:</b> <kbd>checksetup.pl</kbd> now prints out + certain errors in a special color so that you know that something + needs to be done.</li> + <li><b>Installation:</b> <kbd>checksetup.pl</kbd> is now <em>much</em> + faster at upgrading installations, particularly older installations. + Also, it's been made faster to run for the case where it's not + doing an upgrade.</li> + <li><b>Installation:</b> If you install [% terms.Bugzilla %] using the + tarball, the <kbd>CGI.pm</kbd> module from CPAN is now included in + the <kbd>lib/</kbd> dir. If you would rather use the CGI.pm from your + global Perl installation, you can delete <kbd>CGI.pm</kbd> and the + <kbd>CGI</kbd> directory from the <kbd>lib/</kbd> directory.</li> + + <li>When editing a group, you can now specify that members of a group + are allowed to grant others membership in that group itself.</li> + <li>The ability to compress BMP attachments to PNGs is now an Extension. + To enable the feature, remove the file + <kbd>extensions/BmpConvert/disabled</kbd> and then run <kbd>checksetup.pl</kbd>.</li> + <li>The default list of values for the Priority field are now clear English + words instead of P1, P2, etc.</li> + <li>There is now a system in place so that all field values can be + localized. See the <kbd>value_descs</kbd> variable in + <kbd>template/en/default/global/field-descs.none.tmpl</kbd>.</li> + <li><kbd>config.cgi</kbd> now returns an ETag header and understands + the If-None-Match header in HTTP requests.</li> + <li>The XML format of <kbd>show_bug.cgi</kbd> now returns more information: + the numeric id of each comment, whether an attachment is a URL, + the modification time of an attachment, the numeric id of a flag, + and the numeric id of a flag's type.</li> + + <li><b>Parameters:</b> Parameters that aren't actually required are no longer + in the "Required" section of the Parameters page. Instead, some are in the + new "General" section, and some are in the new "Advanced" section.</li> + <li><b>Parameters:</b> The old <kbd>ssl</kbd> parameter has been + changed to <kbd>ssl_redirect</kbd>, and can only be turned "on" or "off". + If "on", then all users will be forcibly redirected to SSL whenever + they access [% terms.Bugzilla %]. When the parameter is off, + no SSL-related redirects will occur (even if the user directly + accesses [% terms.Bugzilla %] via SSL, they will <em>not</em> be + redirected to a non-SSL page).</li> + <li><b>Parameters:</b> In the Advanced parameters, there is a new parameter, + <kbd>inbound_proxies</kbd>. If your [% terms.Bugzilla %] is behind a + proxy, you should set this parameter to the IP address of that proxy. + Then, [% terms.Bugzilla %] will "believe" any "X-Forwarded-For" + header sent from that proxy, and correctly use the X-Forwarded-For + as the end user's IP, instead of believing that all traffic is coming + from the proxy.</li> + + <li><b>Removed Parameter:</b> The <kbd>loginnetmask</kbd> parameter has + been removed. Since [% terms.Bugzilla %] sends secure cookies, it's no + longer necessary to always restrict logins to a specific IP or block + of addresses.</li> + <li><b>Removed Parameter:</b> The <kbd>quicksearch_comment_cutoff</kbd> + parameter is gone. Quicksearch now always searches comments; however, it + uses a much faster algorithm to do it.</li> + <li><b>Removed Parameter:</b> The <kbd>usermatchmode</kbd> parameter has + been removed. User-matching is now <em>always</em> done.</li> + <li><b>Removed Parameter:</b> The <kbd>useentrygroupdefault</kbd> parameter + has been removed. [% terms.Bugzilla %] now always behaves as though + that parameter were off.</li> + <li>The <kbd>t/001compile.t</kbd> test should now always pass, no matter + what configuration of optional modules you do or don't have installed.</li> + <li>New script: <kbd>contrib/console.pl</kbd>, which allows you to have + a "command line" into [% terms.Bugzilla %] by inputting Perl code + or using a few custom commands.</li> +</ul> + +<h4>WebService Changes</h4> + +<ul> + <li>The WebService now returns all dates and times in the UTC timezone. + <kbd>B[% %]ugzilla.time</kbd> now acts as though the [% terms.Bugzilla %] + server were in the UTC timezone, always. If you want to write clients + that are compatible across all [% terms.Bugzilla %] versions, + check the timezone from <kbd>B[% %]ugzilla.timezone</kbd> or + <kbd>B[% %]ugzilla.time</kbd>, and always input times in that timezone + and expect times to be returned in that format.</li> + <li>You can now log in by passing <kbd>Bugzilla_login</kbd> and + <kbd>Bugzilla_password</kbd> as arguments to any WebService function. + See the + <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService.html#LOGGING_IN">Bugzilla::WebService</a> + documentation for details.</li> + <li>New Method: + <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bug.html#attachments">B[% %]ug.attachments</a> + which allows getting information about attachments.</li> + <li>New Method: + <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bug.html#fields">B[% %]ug.fields</a>, + which gets information about all the fields that [% terms.abug %] can have + in [% terms.Bugzilla %], include custom fields and legal values for + all fields. The <kbd>B[% %]ug.legal_values</kbd> method is now deprecated.</li> + <li>In the <kbd>B[% %]ug.add_comment</kbd> method, the "private" parameter + has been renamed to "is_private" (for consistency with other methods). + You can still use "private", though, for backwards-compatibility.</li> + <li>The WebService now has Perl's "taint mode" turned on. This means that + it validates all data passed in before sending it to the database. + Also, all parameter names are validated, and if you pass in a parameter + whose name contains anything other than letters, numbers, or underscores, + that parameter will be ignored. Mostly this just affects + customizers--[% terms.Bugzilla %]'s WebService is not functionally + affected by these changes.</li> + <li>In previous versions of [% terms.Bugzilla %], error messages were + sent word-wrapped to the client, from the WebService. Error messages + are now sent as one unbroken line.</li> +</ul> + +<h2 id="v36_issues">Outstanding Issues</h2> + +<ul> + <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=423439"> + [%- terms.Bug %] 423439</a>: Tabs in comments will be converted + to four spaces, due to a b<!-- -->ug in Perl as of Perl 5.8.8.</li> + <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=69621"> + [%- terms.Bug %] 69621</a>: If you rename or remove a keyword that is + in use on [% terms.bugs %], you will need to rebuild the "keyword cache" + by running <a href="sanitycheck.cgi">sanitycheck.cgi</a> and choosing + the option to rebuild the cache when it asks. Otherwise keywords may + not show up properly in search results.</li> + <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=89822"> + [%- terms.Bug %] 89822</a>: When changing multiple [% terms.bugs %] at + the same time, there is no "mid-air collision" protection.</li> + <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=276230"> + [%- terms.Bug %] 276230</a>: The support for restricting access to + particular Categories of New Charts is not complete. You should treat + the 'chartgroup' Param as the only access mechanism available.<br> + However, charts migrated from Old Charts will be restricted to + the groups that are marked MANDATORY for the corresponding Product. + There is currently no way to change this restriction, and the + groupings will not be updated if the group configuration + for the Product changes.</li> +</ul> + +<h2 id="v36_upgrading">Notes On Upgrading From a Previous Version</h2> + +<p>When upgrading to 3.6, <kbd>checksetup.pl</kbd> will create foreign keys + for many columns in the database. Before doing this, it will check the + database for consistency. If there are an unresolvable consistency + problems, it will tell you what table and column in the database contain + the bad values, and which values are bad. If you don't know what else to do, + you can always delete the database records which contain the bad values by + logging in to your database and running the following command:</p> + +<p><code>DELETE FROM <var>table</var> WHERE <var>column</var> IN + (<var>1, 2, 3, 4</var>)</code></p> + +<p>Just replace "table" and "column" with the name of the table + and column that <kbd>checksetup.pl</kbd> mentions, and "1, 2, 3, 4" + with the invalid values that <kbd>checksetup.pl</kbd> prints out.</p> + +<p>Remember that you should always back up your database before doing + an upgrade.</p> + +<h2 id="v36_code_changes">Code Changes Which May Affect Customizations</h2> + +<ul> + <li>There is no longer a SendBugMail method in the templates, and bugmail + is no longer sent by processing a template. Instead, it is sent + by using <kbd>Bugzilla::BugMail::Send</kbd>.</li> + <li>Comments are now represented as a + <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Comment.html">Bugzilla::Comment</a> + object instead of just being hashes.</li> + <li>In previous versions of [% terms.Bugzilla %], the template for displaying + [%+ terms.abug %] required a lot of extra variables that are now global + template variables instead.</li> + <li>You can now check if optional modules are installed by using + <kbd>Bugzilla->feature</kbd> in Perl code or + <kbd>feature_enabled</kbd> in template code.</li> + <li>All of the various template header information required to display + the [% terms.bug %] form is now in one template, + <kbd>template/en/default/bug/show-header.html.tmpl</kbd>.</li> + <li>You should now use <kbd>display_value</kbd> instead of + <kbd>get_status</kbd> or <kbd>get_resolution</kbd> in templates. + <kbd>display_value</kbd> should be used anywhere that a + <select>-type field has its values displayed.</li> +</ul> + + +<h1 id="v36_previous">[% terms.Bugzilla %] 3.4 Release Notes</h1> + +<ul class="bz_toc"> + <li><a href="#v34_introduction">Introduction</a></li> + <li><a href="#v34_point">Updates in this 3.4.x Release</a></li> + <li><a href="#v34_req">Minimum Requirements</a></li> + <li><a href="#v34_feat">New Features and Improvements</a></li> + <li><a href="#v34_issues">Outstanding Issues</a></li> + <li><a href="#v34_upgrading">Notes On Upgrading From a Previous Version</a></li> + <li><a href="#v34_code_changes">Code Changes Which May Affect + Customizations</a></li> + <li><a href="#v34_previous">Release Notes for Previous Versions</a></li> +</ul> + +<h2 id="v34_introduction">Introduction</h2> + +<p>This is [% terms.Bugzilla %] 3.4! [% terms.Bugzilla %] 3.4 brings a lot + of great enhancements for [% terms.Bugzilla %] over previous versions, + with various improvements to the user interface, lots of interesting new + features, and many long-standing requests finally being addressed.</p> + +<p>If you're upgrading, make sure to read <a href="#v34_upgrading">Notes + On Upgrading From a Previous Version</a>. If you are upgrading from a release + before 3.2, make sure to read the release notes for all the + <a href="#v34_previous">previous versions</a> in between your version + and this one, <strong>particularly the Upgrading section of each + version's release notes</strong>.</p> + +<p>We would like to thank <a href="http://www.canonical.com/">Canonical + Ltd.</a> for funding development of one new feature, and NASA for funding + development of several new features through the + <a href="http://www.sjsufoundation.org/">San Jose State University + Foundation</a>.</p> + +<h2 id="v34_point">Updates In This 3.4.x Release</h2> + +<h3>3.4.6</h3> + +<ul> + <li>When doing a search that involves "not equals" or "does not contain the + string" or similar "negative" search types, the search description that + appears at the top of the resulting [% terms.bug %] list will indicate + that the search was of that type. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=474738">[% terms.Bug %] 474738</a>) + </li> + <li>In Internet Explorer, users couldn't easily mark a RESOLVED DUPLICATE + [%+ terms.bug %] as REOPENED, due to a JavaScript error. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=546719">[% terms.Bug %] 546719</a>) + </li> + <li>If you use a "bookmarkable template" to pre-fill forms on + the [% terms.bug %]-filing page, and you have custom fields + that are only supposed to appear (or only supposed to have certain + values) based on the values of other fields, those custom fields will + now work properly. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=538211">[% terms.Bug %] 538211</a>) + </li> + <li>If you have a custom field that's only supposed to appear when + a [% terms.bug %]'s resolution is FIXED, it will now behave properly + on the [% terms.bug %]-editing form when a user sets the [% terms.bug %]'s + status to RESOLVED. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=520993">[% terms.Bug %] 520993</a>) + </li> + <li>If you are logged-out and using <kbd>request.cgi</kbd>, the Requester + and Requestee fields no longer respect the <kbd>usermatching</kbd> + parameter--they always require full usernames. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=533018">[% terms.Bug %] 533018</a>) + </li> + <li>If you tried to do a search with too many terms (resulting in a URL + that was longer than about 7000 characters), Apache would return a + 500 error instead of your search results. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=513989">[% terms.Bug %] 513989</a>) + </li> + <li>[% terms.Bugzilla %] would sometimes lose fields from your sort order + when you added new fields to your sort order. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=470214">[% terms.Bug %] 470214</a>) + </li> + <li>The Atom format of search results would sometimes be missing the + Reporter or Assignee field for some [% terms.bugs %]. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=537834">[% terms.Bug %] 537834</a>) + </li> +</ul> + +<h3>3.4.5</h3> + +<p>This release contains fixes for multiple security issues. See the + <a href="http://www.bugzilla.org/security/3.0.10/">Security Advisory</a> + for details.</p> + +<p>In addition, the following important fixes/changes have been made in + this release:</p> + +<ul> + <li>Whining was failing if jobqueue.pl was enabled. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=530270">[% terms.Bug %] 530270</a>) + </li> + <li>The Assignee field was empty in Whine mails. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=511216">[% terms.Bug %] 511216</a>) + </li> + <li>Administrators can now successfully create user accounts using + editusers.cgi when using the "Env" authentication method. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=483987">[% terms.Bug %] 483987</a>) + </li> + <li>[% terms.Bug %]mail now uses the timezone of the recipient of the email, + when displaying the time a comment was made, instead of the timezone of the + person who made the change. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=534587">[% terms.Bug %] 534587</a>) + </li> + <li>"[% terms.bug %] 1234" in comments sometimes would not become a link if + word-wrapping happened between "[% terms.bug %]" and the number. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=514703">[% terms.Bug %] 514703</a>) + </li> + <li>Running <kbd>checksetup.pl</kbd> on Windows will no longer pop up an error box + about OCI.dll. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=480968">[% terms.Bug %] 480968</a>) + </li> +</ul> + +<h3>3.4.4</h3> + +<p>This release contains a fix for a security issue. See the + <a href="http://www.bugzilla.org/security/3.4.3/">Security Advisory</a> + for details.</p> + +<p>Additionally, this release fixes a few minor [% terms.bugs %].</p> + +<h3>3.4.3</h3> + +<ul> + <li>[% terms.Bugzilla %] installations running under mod_perl were leaking + about 512K of RAM per page load. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=517793">[% terms.Bug %] 517793</a>) + </li> + <li>Attachments with Unicode characters in their names were being downloaded + with mangled names. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=328628">[% terms.Bug %] 328628</a>) + </li> + <li>Creating custom fields with Unicode in their database column name + is now no longer allowed, as it would break [% terms.Bugzilla %]. If you + created such a custom field, you should delete it by first marking it + obsolete and then clicking "Delete" in the custom field list, using + <a href="editfields.cgi">editfields.cgi</a>. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=525025">[% terms.Bug %] 525025</a>) + </li> + <li>Clicking "submit only my comment" on the "mid-air collisions" page + was leading to a "Suspicious Action" warning. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=514378">[% terms.Bug %] 514378</a>) + </li> + <li>The XML format of [% terms.abug %] accidentally contained the + word-wrapped content of comments instead of the unwrapped content. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=509152">[% terms.Bug %] 509152</a>) + </li> + <li>You can now do <kbd>./install-module.pl --shell</kbd> to get a CPAN + shell using the configuration of + <a href="[% docs_urlbase FILTER html %]api/install-module.html">install-module.pl</a>, + which allows you to do more advanced Perl module installation tasks. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=445875">[% terms.Bug %] 445875</a>) + </li> +</ul> + +<h3>3.4.2</h3> + +<p>This release contains fixes for multiple security issues, one of which + is highly critical. See the + <a href="http://www.bugzilla.org/security/3.0.8/">Security Advisory</a> + for details.</p> + +<p>In addition, the following important fixes/changes have been made in + this release:</p> + +<ul> + <li>Upgrades from older releases were sometimes failing during UTF-8 + conversion with a foreign key error. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=508181">[% terms.Bug %] 508181</a>) + </li> + <li>Sorting [% terms.bug %] lists on certain fields would result in an error. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=510944">[% terms.Bug %] 510944</a>) + </li> + <li>[% terms.Bug %] update emails had two or three blank lines at the top + and between the various sections of the email. There is now only one + blank line in each of those places, making these emails more compact. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=73330">[% terms.Bug %] 73330</a>) + </li> + <li>[% terms.Bug %] email notifications for new [% terms.bugs %] incorrectly + had a line saying that the description was "Comment 0". + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=510798">[% terms.Bug %] 510798</a>) + </li> + <li>Running <kbd>./collectstats.pl --regenerate</kbd> is now much faster, + on the order of 20x or 100x faster. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=286625">[% terms.Bug %] 286625</a>) + </li> + <li>For users of RHEL, CentOS, Fedora, etc. jobqueue.pl can now automatically + be installed as a daemon by running <kbd>./jobqueue.pl install</kbd> + as root. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=475403">[% terms.Bug %] 475403</a>) + </li> + <li>XML-RPC interface responses had an incorrect Content-Length header + and would sometimes be truncated, if they contained certain UTF-8 + characters. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=486306">[% terms.Bug %] 486306</a>) + </li> + <li>Users who didn't have access to the time-tracking fields would get an + empty [% terms.bug %] update email when the time-tracking fields were + changed. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=509035">[% terms.Bug %] 509035</a>) + </li> + <li>In the New Charts, non-public series now no longer show up as selectable + if you cannot access them. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=389396">[% terms.Bug %] 389396</a>) + </li> +</ul> + +<h3>3.4.1</h3> + +<p>This release contains an important security fix. See the + <a href="http://www.bugzilla.org/security/3.4/">Security Advisory</a> + for details.</p> + +<h2 id="v34_req">Minimum Requirements</h2> + +<p>Any requirements that are new since 3.2.3 will look like + <span class="req_new">this</span>.</p> + +<ul> + <li><a href="#v34_req_perl">Perl</a></li> + <li><a href="#v34_req_mysql">For MySQL Users</a></li> + <li><a href="#v34_req_pg">For PostgreSQL Users</a></li> + <li><a href="#v34_req_oracle">For Oracle Users</a></li> + <li><a href="#v34_req_modules">Required Perl Modules</a></li> + <li><a href="#v34_req_optional_mod">Optional Perl Modules</a></li> +</ul> + +<h3 id="v34_req_perl">Perl</h3> + +<p>Perl v5.8.1</p> + +<h3 id="v34_req_mysql">For MySQL Users</h3> + +<ul> + <li>MySQL v4.1.2</li> + <li><strong>perl module:</strong> DBD::mysql v4.00</li> +</ul> + +<h3 id="v34_req_pg">For PostgreSQL Users</h3> + +<ul> + <li>PostgreSQL v8.00.0000</li> + <li><strong>perl module:</strong> DBD::Pg v1.45</li> +</ul> + +<h3 id="v34_req_oracle">For Oracle Users</h3> + +<ul> + <li>Oracle v10.02.0</li> + <li><strong>perl module:</strong> DBD::Oracle v1.19</li> +</ul> + +<h3 id="v34_req_modules">Required Perl Modules</h3> + +<table class="req_table" border="0" cellspacing="0" cellpadding="0"> + <tr> + <th>Module</th> <th>Version</th> + </tr> + <tr> + <td>CGI</td> + <td>3.21</td> + </tr> + <tr> + <td class="req_new">Digest::SHA</td> + <td class="req_new"> (Any)</td> + </tr> + <tr> + <td>Date::Format</td> + <td>2.21</td> + </tr> + <tr> + <td class="req_new">DateTime</td> + <td class="req_new">0.28</td> + </tr> + <tr> + <td class="req_new">DateTime::TimeZone</td> + <td class="req_new">0.71</td> + </tr> + <tr> + <td>DBI</td> + <td>1.41</td> + </tr> + <tr> + <td>Template</td> + <td class="req_new">2.22</td> + </tr> + <tr> + <td>Email::Send</td> + <td>2.00</td> + </tr> + <tr> + <td>Email::MIME</td> + <td>1.861</td> + </tr> + <tr> + <td>Email::MIME::Encodings</td> + <td>1.313</td> + </tr> + <tr> + <td>Email::MIME::Modifier</td> + <td>1.442</td> + </tr> + <tr> + <td class="req_new">URI</td> + <td class="req_new">(Any)</td> + </tr> +</table> + +<h3 id="v34_req_optional_mod">Optional Perl Modules</h3> + +<p>The following perl modules, if installed, enable various + features of [% terms.Bugzilla %]:</p> + +<table class="req_table" border="0" cellspacing="0" cellpadding="0"> + <tr> + <th>Module</th> + <th>Version</th> + <th>Enables Feature</th> + </tr> + <tr> + <td>LWP::UserAgent</td> + <td>(Any)</td> + <td>Automatic Update Notifications</td> + </tr> + <tr> + <td>Template::Plugin::GD::Image</td> + <td>(Any)</td> + <td>Graphical Reports</td> + </tr> + <tr> + <td>GD::Text</td> + <td>(Any)</td> + <td>Graphical Reports</td> + </tr> + <tr> + <td>GD::Graph</td> + <td>(Any)</td> + <td>Graphical Reports</td> + </tr> + <tr> + <td>GD</td> + <td>1.20</td> + <td>Graphical Reports, New Charts, Old Charts</td> + </tr> + <tr> + <td>Email::MIME::Attachment::Stripper</td> + <td>(Any)</td> + <td>Inbound Email</td> + </tr> + <tr> + <td>Email::Reply</td> + <td>(Any)</td> + <td>Inbound Email</td> + </tr> + <tr> + <td>Net::LDAP</td> + <td>(Any)</td> + <td>LDAP Authentication</td> + </tr> + <tr> + <td class="req_new">TheSchwartz</td> + <td class="req_new">(Any)</td> + <td>Mail Queueing</td> + </tr> + <tr> + <td class="req_new">Daemon::Generic</td> + <td class="req_new">(Any)</td> + <td>Mail Queueing</td> + </tr> + <tr> + <td>HTML::Parser</td> + <td>3.40</td> + <td>More HTML in Product/Group Descriptions</td> + </tr> + <tr> + <td>HTML::Scrubber</td> + <td>(Any)</td> + <td>More HTML in Product/Group Descriptions</td> + </tr> + <tr> + <td>XML::Twig</td> + <td>(Any)</td> + <td>Move [% terms.Bugs %] Between Installations</td> + </tr> + <tr> + <td>MIME::Parser</td> + <td>5.406</td> + <td>Move [% terms.Bugs %] Between Installations</td> + </tr> + <tr> + <td>Chart::Base</td> + <td>1.0</td> + <td>New Charts, Old Charts</td> + </tr> + <tr> + <td>Image::Magick</td> + <td>(Any)</td> + <td>Optionally Convert BMP Attachments to PNGs</td> + </tr> + <tr> + <td>PatchReader</td> + <td>0.9.4</td> + <td>Patch Viewer</td> + </tr> + <tr> + <td>Authen::Radius</td> + <td>(Any)</td> + <td>RADIUS Authentication</td> + </tr> + <tr> + <td>Authen::SASL</td> + <td>(Any)</td> + <td>SMTP Authentication</td> + </tr> + <tr> + <td>SOAP::Lite</td> + <td>0.710.06</td> + <td>XML-RPC Interface</td> + </tr> + <tr> + <td>mod_perl2</td> + <td>1.999022</td> + <td>mod_perl</td> + </tr> +</table> + +<h2 id="v34_feat">New Features and Improvements</h2> + +<ul> + <li><a href="#v34_feat_enter">Simple [% terms.Bug %] Filing</a></li> + <li><a href="#v34_feat_index">New Home Page</a></li> + <li><a href="#v34_feat_spam">Email Addresses Hidden From Logged-Out + Users</a></li> + <li><a href="#v34_feat_urls">Shorter Search URLs</a></li> + <li><a href="#v34_feat_async">Asynchronous Email Sending</a></li> + <li><a href="#v34_feat_tz">Dates and Times Displayed In User's Time + Zone</a></li> + <li><a href="#v34_feat_vis">Custom Fields That Only Appear When + Another Field Has a Particular Value</a></li> + <li><a href="#v34_feat_vals">Custom Fields Whose List of Values + Change Depending on the Value of Another Field</a></li> + <li><a href="#v34_feat_bugid">New Custom Field Type: + [%+ terms.Bug %] ID</a></li> + <li><a href="#v34_feat_see">"See Also" Field</a></li> + <li><a href="#v34_feat_cols">Re-order Columns in Search Results</a></li> + <li><a href="#v34_feat_desc">Search Descriptions</a></li> + <li><a href="#v34_feat_other">Other Enhancements and Changes</a></li> +</ul> + +<h3 id="v34_feat_enter">Simple [% terms.Bug %] Filing</h3> + +<p>When entering a new [% terms.bug %], the vast majority of fields are + now hidden by default, which enormously simplifies the bug-filing form. + You can click "Show Advanced Fields" to show all the fields, if you want + them. [%+ terms.Bugzilla %] remembers whether you last used the "Advanced" + or "Simple" version of the [% terms.bug %]-entry form, and will display the + same version to you again next time you file [% terms.abug %].</p> + +<h3 id="v34_feat_index">New Home Page</h3> + +<p>[% terms.Bugzilla %]'s front page has been redesigned to be better at + guiding new users into the activities that they most commonly want to + do. Further enhancements to the home page are coming in future versions + of [% terms.Bugzilla %].</p> + +<h3 id="v34_feat_spam">Email Addresses Hidden From Logged-Out Users</h3> + +<p>To help prevent spam to [% terms.Bugzilla %] users, all email addresses + stored in [% terms.Bugzilla %] are now displayed only if you are logged in. + If you are logged out, only the part before the "@" of the email address is + displayed. This includes [% terms.bug %] lists, viewing [% terms.bugs %], the + XML format of [% terms.abug %], and any other place in the web interface that + an email address could appear.</p> + +<p>Email addresses are not filtered out of [% terms.bug %] comments. + The WebService still returns full email addresses, even if you are logged + out.</p> + +<h3 id="v34_feat_urls">Shorter Search URLs</h3> + +<p>When submitting a search, all the unused fields are now stripped from + the URL, so search URLs are much more meaningful, and much shorter.</p> + +<h3 id="v34_feat_async">Asynchronous Email Sending</h3> + +<p>The largest performance problem in former versions of [% terms.Bugzilla %] + was that when updating [% terms.bugs %], email would be sent immediately + to every user who needed to be notified, and <kbd>process_bug.cgi</kbd> + would wait for the emails to be sent before continuing.</p> + +<p>Now [% terms.Bugzilla %] is capable of queueing emails to be sent + while [% terms.abug %] is being updated, and sending them in the + background. This requires the administrator to run a daemon + that comes with [% terms.Bugzilla %], named + <a href="[% docs_urlbase FILTER html %]api/jobqueue.html">jobqueue.pl</a>, + and to enable the <a href="editparams.cgi?section=mta#use_mailer_queue"> + use_mailer_queue</a> parameter.</p> + +<p>Using the background email-sending daemon instead of sending mail directly + should result in a very large speed-up for updating [% terms.bugs %], + particularly on larger installations.</p> + +<h3 id="v34_feat_tz">Dates and Times Displayed In User's Time Zone</h3> + +<p>Users can now select what time zone they are in and [% terms.Bugzilla %] + will adjust displayed times to be correct for their time zone. However, + times the user inputs are unfortunately still in [% terms.Bugzilla %]'s + time zone.</p> + +<h3 id="v34_feat_vis">Custom Fields That Only Appear When Another Field + Has a Particular Value</h3> + +<p>When creating a new custom field (or updating the definition of + an existing custom field), you can now say that "this field only + appears when field X has value Y". (In the future, you will be able + to select multiple values for "Y", so a field will appear when any + one of those values is selected.)</p> + +<p>This feature only hides fields--it doesn't make their values go away. + So [% terms.bugs %] will still show up in searches for that field's + value, but the field won't appear in the user interface.</p> + +<p>This is a good way of making Product-specific fields.</p> + +<h3 id="v34_feat_vals">Custom Fields Whose List of Values Change + Depending on the Value of Another Field</h3> + +<p>When creating a drop-down or multiple-selection custom field, you can + now specify that another field "controls the values" of this field. + Then, when adding values to this field, you can say that a particular + value only appears when the other field is set to a particular + value.</p> + +<p>Here's an example: Let's say that we create a field called "Colors", + and we make the Product field "control the values" for Colors. Then we + add Blue, Red, Black, and Yellow as legal values for the "Colors" field. + Now we can say that "Blue" and "Red" only appear as valid choices in + Product A, "Yellow" only appears in Product B, but "Black" <em>always</em> + appears.</p> + +<p>One thing to note is that this feature only controls what values appear in + the <em>user interface</em>. [% terms.Bugzilla %] itself will still accept + any combination of values as valid, in the backend.</p> + +<h3 id="v34_feat_bugid">New Custom Field Type: [% terms.Bug %] ID</h3> + +<p>You can now create a custom field that holds a reference to a single + valid [% terms.bug %] ID. In the future this will be enhanced to allow + [%+ terms.bugs %] to refer to each other via this field.</p> + +<h3 id="v34_feat_see">"See Also" Field</h3> + +<p>We have added a new standard field called "See Also" to + [%+ terms.Bugzilla %]. In this field, you can put URLs to multiple + [%+ terms.bugs %] in any [% terms.Bugzilla %] installation, to indicate + that those [% terms.bugs %] are related to this one. It also supports + adding URLs to [% terms.bugs %] in + <a href="http://launchpad.net/">Launchpad</a>.</p> + +<p>Right now, the field just validates the URLs and then displays them, but + in the future, it will grab information from the other installation about + the [% terms.bug %] and display it here, and possibly even update the + other installation.</p> + +<p>If your installation does not need this field, you can hide it by disabling + the <a href="editparams.cgi?section=bugfields#use_see_also">use_see_also + parameter</a>.</p> + +<h3 id="v34_feat_cols">Re-order Columns in Search Results</h3> + +<p>There is a new interface for choosing what columns appear in search + results, which allows you to change the order in which columns appear + from left to right when viewing the [% terms.bug %] list.</p> + +<h3 id="v34_feat_desc">Search Descriptions</h3> + +<p>When displaying search results, [% terms.Bugzilla %] will now show + a brief description of what you searched for, at the top of the + [%+ terms.bug %] list.</p> + +<h3 id="v34_feat_other">Other Enhancements and Changes</h3> + +<h4>Enhancements for Users</h4> + +<ul> + <li>You can now log in from every page, using the login form that appears + in the header or footer when you click "Log In".</li> + <li>When viewing [% terms.abug %], obsolete attachments are now + hidden from the attachment list by default. You can show them + by clicking "Show Obsolete" at the bottom of the attachment list.</li> + <li>In the Email Preferences, you can now choose to get email when + a new [% terms.bug %] report is filed and you have a particular + role on it.</li> + <li>When resolving a mid-air collision, you can now choose to submit + only your comment.</li> + <li>You can now set the Blocks and Depends On field on the "Change + Several [% terms.Bugs %] At Once" page.</li> + <li>If your installation uses the "insidergroup" feature, you can now add + private comments on the "Change Several [% terms.Bugs %] At Once" + page.</li> + <li>When viewing a search result, you can now hover over any abbreviated + field to see its full value.</li> + <li>When logging out, users are now redirected to the main page of + [%+ terms.Bugzilla %] instead of an empty page.</li> + <li>When editing [% terms.abug %], text fields (except the comment box) now + grow longer when you widen your browser window.</li> + <li>When viewing [% terms.abug %], the Depends On and Blocks list will + display [% terms.abug %]'s alias if it has one, instead of its id. + Also, closed [% terms.bugs %] will be sorted to the end of the list.</li> + + <li>If you use the time-tracking features of [% terms.Bugzilla %], and + you enable the time-tracking related columns in a search result, + then you will see a summary of the time-tracking data at the + bottom of the search result.</li> + <li>For users of time-tracking, the <kbd>summarize_time.cgi</kbd> page + now contains more data.</li> + + <li>When viewing an attachment's details page while you are logged-out, + flags are no longer shown as editable.</li> + <li>Cloning [% terms.abug %] will now retain the "Blocks" and "Depends On" + fields from the [% terms.bug %] being cloned.</li> + <li>[% terms.Bug %]mail for new [% terms.bugs %] will now indicate + what security groups the [% terms.bug %] has been restricted to.</li> + <li>You can now use any custom drop-down field as an axis for a tabular + or graphical report.</li> + <li>The <kbd>X-Bugzilla-Type</kbd> header in emails sent by + [%+ terms.Bugzilla %] is now "new" for [% terms.bug %]mail sent for + newly-filed [% terms.bugs %], and "changed" for emails having to do + with updated [% terms.bugs %].</li> + <li>Mails sent by the "Whining" system now contain the header + <kbd>X-Bugzilla-Type: whine</kbd>.</li> + <li>[% terms.bug %]mail now contains a X-Bugzilla-URL header to uniquely + identify which [% terms.Bugzilla %] installation the email came from.</li> + <li>If you input an invalid regular expression anywhere in + [%+ terms.Bugzilla %], it will now tell you explicitly instead of failing + cryptically.</li> + <li>The <kbd>duplicates.xul</kbd> page (which wasn't used by very many + people) is now gone.</li> +</ul> + +<h4>Enhancements for Administrators and Developers</h4> + +<ul> + <li>[% terms.Bugzilla %] now uses the SHA-256 algorithm (a variant of + SHA-2) to encrypt passwords in the database, instead of using Unix's + "crypt" function. This allows passwords longer than eight characters + to actually be effective. Each user's password will be converted to + SHA-256 the first time they log in after you upgrade to + [%+ terms.Bugzilla %] 3.4 or later.</li> + <li>If you are using database replication with [% terms.Bugzilla %], + many more scripts now take advantage of the read-only slave (the + "shadowdb"). It may be safe to open up <kbd>show_bug.cgi</kbd> + to search-engine indexing by editing your <kbd>robots.txt</kbd> file, + now, if your [% terms.Bugzilla %] is on fast-enough hardware.</li> + <li>The database now uses foreign keys to enforce the validity of + relationships between tables. Not every single table has all its + foreign keys yet, but most do.</li> + <li>Various parameters have been removed, in an effort to de-clutter + the parameter interface and simplify [% terms.Bugzilla %]'s code. + The parameters that were removed were: timezone, supportwatchers, + maxpatchsize, commentonclearresolution, commentonreassignbycomponent, + showallproducts. They have all been replaced with sensible default + behaviors. (For example, user watching is now always enabled.)</li> + <li>When adding <code>&debug=1</code> to the end of a + <kbd>buglist.cgi</kbd> URL, [% terms.Bugzilla %] will now also do an + EXPLAIN on the query, to help debug performance issues.</li> + <li>When editing flag types in the administrative interface, you can now + see how many flags of each type have been set.</li> +</ul> + +<h4>WebService Changes</h4> + +<ul> + <li>Various functions have been added to the WebService: + <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bug.html#history">B[% %]ug.history</a>, + <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bug.html#search">B[% %]ug.search</a>, + <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bug.html#comments">B[% %]ug.comments</a>, + <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bug.html#update_see_also">B[% %]ug.update_see_also</a>, + <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/User.html#get">User.get</a>, + and <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bugzilla.html#time">B[% %]ugzilla.time</a> + (<kbd>B[% %]ugzilla.timezone</kbd> is now deprecated). + </li> + <li>For network efficiency, you can now limit which fields are returned + from certain WebService functions, like <kbd>User.get</kbd>.</li> + <li>There is now a "permissive" argument for the <kbd>B[% %]ug.get</kbd> + WebService function, which causes it not to throw an error when you + ask for [% terms.bugs %] you can't see.</li> + + <li>The <kbd>B[% %]ug.get</kbd> method now returns many more fields.</li> + <li>The <kbd>B[% %]ug.add_comment</kbd> method now returns the ID of the comment + that was just added.</li> + <li>The <kbd>B[% %]ug.add_comment</kbd> method will now throw an error if you + try to add a private comment but do not have the correct permissions. + (In previous versions, it would just silently ignore the <kbd>private</kbd> + argument if you didn't have the correct permissions.)</li> + <li>Many WebService function parameters now take individual values in + addition to arrays.</li> + <li>The WebService now validates input types--it makes sure that dates + are in the right format, that ints are actually ints, etc. It will throw + an error if you send it invalid data. It also accepts empty ints, doubles, + and dateTimes, and translates them to <kbd>undef</kbd>.</li> +</ul> + +<h2 id="v34_issues">Outstanding Issues</h2> + +<ul> + <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=423439"> + [%- terms.Bug %] 423439</a>: Tabs in comments will be converted + to four spaces, due to a b<!-- -->ug in Perl as of Perl 5.8.8.</li> + <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=69621"> + [%- terms.Bug %] 69621</a>: If you rename or remove a keyword that is + in use on [% terms.bugs %], you will need to rebuild the "keyword cache" + by running <a href="sanitycheck.cgi">sanitycheck.cgi</a> and choosing + the option to rebuild the cache when it asks. Otherwise keywords may + not show up properly in search results.</li> + <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=89822"> + [%- terms.Bug %] 89822</a>: When changing multiple [% terms.bugs %] at + the same time, there is no "mid-air collision" protection.</li> + <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=276230"> + [%- terms.Bug %] 276230</a>: The support for restricting access to + particular Categories of New Charts is not complete. You should treat + the 'chartgroup' Param as the only access mechanism available.<br> + However, charts migrated from Old Charts will be restricted to + the groups that are marked MANDATORY for the corresponding Product. + There is currently no way to change this restriction, and the + groupings will not be updated if the group configuration + for the Product changes.</li> + <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=370370"> + [%- terms.Bug %] 370370</a>: mod_perl support is currently not + working on Windows machines.</li> +</ul> + +<h2 id="v34_upgrading">Notes On Upgrading From a Previous Version</h2> + +<p>When upgrading to 3.4, <kbd>checksetup.pl</kbd> will create foreign keys + for many columns in the database. Before doing this, it will check the + database for consistency. If there are an unresolvable consistency + problems, it will tell you what table and column in the database contain + the bad values, and which values are bad. If you don't know what else to do, + you can always delete the database records which contain the bad values by + logging in to your database and running the following command:</p> + +<p><code>DELETE FROM <var>table</var> WHERE <var>column</var> IN + (<var>1, 2, 3, 4</var>)</code></p> + +<p>Just replace "table" and "column" with the name of the table + and column that <kbd>checksetup.pl</kbd> mentions, and "1, 2, 3, 4" + with the invalid values that <kbd>checksetup.pl</kbd> prints out.</p> + +<p>Remember that you should always back up your database before doing + an upgrade.</p> + +<h2 id="v34_code_changes">Code Changes Which May Affect Customizations</h2> + +<ul> + <li><kbd>checksetup.pl</kbd> now re-writes the <kbd>localconfig</kbd> + file every time it runs, keeping the current values set (if there + are any), but moving any unexpected variables into a file called + <kbd>localconfig.old</kbd>. If you want to continue having custom + varibles in <kbd>localconfig</kbd>, you will have to add them to + the <code>LOCALCONFIG_VARS</code> constant in + <kbd>Bugzilla::Install::Localconfig</kbd>.</li> + <li><kbd>Bugzilla::Object->update()</kbd> now returns something different + in list context than it does in scalar context.</li> + <li><kbd>Bugzilla::Object->check()</kbd> now can take object + ids in addition to names. Just pass in <code>{ id => $some_value + }</code>.</li> + <li>Instead of being defined in <kbd>buglist.cgi</kbd>, columns for + search results are now defined in a subroutine called <code>COLUMNS</code> + in <kbd>Bugzilla::Search</kbd>. The data now mostly comes from the + <kbd>fielddefs</kbd> table in the database. Search.pm now takes a list + of column names from fielddefs for its <kbd>fields</kbd> argument instead + of literal SQL columns.</li> + <li><kbd>Bugzilla::Field->legal_values</kbd> now returns an array of + <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Field/Choice.html">Bugzilla::Field::Choice</a> + objects instead of an array of strings. Bugzilla::Field::Choice will be used + in more places, in the future.</li> + <li>We now use <kbd>Bugzilla::Bug->check()</kbd> instead of + <kbd>ValidateBugId</kbd>.</li> + <li>The <kbd>groups</kbd> and <kbd>bless_groups</kbd> methods in + <kbd>Bugzilla::User</kbd> now return an arrayref of + <kbd>Bugzilla::Group</kbd> objects instead of a hashref with + group ids and group names.</li> + <li>Standard [% terms.Bugzilla %] drop-down fields now have their type + set to <kbd>FIELD_TYPE_SINGLE_SELECT</kbd> in the fielddefs table.</li> + <li><kbd>Bugzilla->usage_mode</kbd> now defaults to + <kbd>USAGE_MODE_CMDLINE</kbd> if we are not running inside a web + server.</li> + <li>We no longer delete environment variables like <kbd>$ENV{PATH}</kbd> + automatically unless we're actually running in taint mode.</li> + <li>We are now using YUI 2.6.0.</li> + <li>In <a href="config.cgi?ctype=rdf">the RDF format of config.cgi</a>, + the "resource" attribute for flags now contains "flag.cgi" instead + of "flags.cgi".</li> +</ul> + + + + + + + +<h1 id="v34_previous">[% terms.Bugzilla %] 3.2 Release Notes</h1> + +<h2>Table of Contents</h2> + +<ul class="bz_toc"> + <li><a href="#v32_introduction">Introduction</a></li> + <li><a href="#v32_point">Updates In This 3.2.x Release</a></li> + <li><a href="#v32_security">Security Fixes In This 3.2.x Release</a></li> + <li><a href="#v32_req">Minimum Requirements</a></li> + <li><a href="#v32_feat">New Features and Improvements</a></li> + <li><a href="#v32_issues">Outstanding Issues</a></li> + <li><a href="#v32_upgrading">How to Upgrade From An Older Version</a></li> + <li><a href="#v32_code_changes">Code Changes Which May Affect + Customizations</a></li> + <li><a href="#v32_previous">Release Notes for Previous Versions</a></li> +</ul> + +<h2 id="v32_introduction">Introduction</h2> + +<p>Welcome to [% terms.Bugzilla %] 3.2! This is our first major feature + release since [% terms.Bugzilla %] 3.0, and it brings a lot of great + improvements and polish to the [% terms.Bugzilla %] experience.</p> + +<p>If you're upgrading, make sure to read <a href="#v32_upgrading">How to + Upgrade From An Older Version</a>. If you are upgrading from a release + before 3.0, make sure to read the release notes for all the + <a href="#v32_previous">previous versions</a> in between your version + and this one, <strong>particularly the "Notes For Upgraders" section of each + version's release notes</strong>.</p> + +<h2 id="v32_point">Updates in this 3.2.x Release</h2> + +<p>This section describes what's changed in the most recent b<!-- -->ug-fix + releases of [% terms.Bugzilla %] after 3.2. We only list the + most important fixes in each release. If you want a detailed list of + <em>everything</em> that's changed in each version, you should use our + <a href="http://www.bugzilla.org/status/changes.html">Change Log + Page</a>.</p> + +<h3>3.2.3</h3> + +<ul> + <li>[% terms.Bugzilla %] is now compatible with MySQL 5.1.x versions 5.1.31 + and greater. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=480001">[% terms.Bug %] 480001</a>)</li> + <li>On Windows, [% terms.Bugzilla %] sometimes would send mangled emails + (that would often fail to send). + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=467920">[% terms.Bug %] 467920</a>)</li> + <li><code>recode.pl</code> would sometimes crash when trying to convert + databases from older versions of [% terms.Bugzilla %]. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=431201">[% terms.Bug %] 431201</a>)</li> + <li>Running a saved search with Unicode characters in its name would + cause [% terms.Bugzilla %] to crash. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=477513">[% terms.Bug %] 477513</a>)</li> + <li>[% terms.Bugzilla %] clients like Mylyn can now update [% terms.bugs %] + again (the [% terms.bug %] XML format now contains a "token" element that + can be used when updating [% terms.abug %]). + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=476678">[% terms.Bug %] 476678</a>)</li> + <li>For installations using the <code>shadowdb</code> parameter, + [%+ terms.Bugzilla %] was accidentally writing to the "tokens" table + in the shadow database (instead of the master database) when using the + "Change Several [% terms.Bugs %] at Once" page. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=476943">[% terms.Bug %] 476943</a>)</li> +</ul> + +<p>This release also contains a security fix. See the + <a href="#v32_security">Security Fixes Section</a> for details.</p> + +<h3>3.2.2</h3> + +<p>This release fixes one security issue that is critical for installations + running 3.2.1 under mod_perl. See the + <a href="http://www.bugzilla.org/security/3.0.7/">Security Advisory</a> + for details.</p> + +<h3>3.2.1</h3> + +<ul> + <li>Attachments, charts, and graphs would sometimes be garbled on Windows. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=464992">[% terms.Bug %] 464992</a>)</li> + + <li>Saving changes to parameters would sometimes fail silently (particularly + on Windows when the web server didn't have the right permissions to + update the <code>params</code> file). [% terms.Bugzilla %] will now + throw an error in this case, telling you what is wrong. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=347707">[% terms.Bug %] 347707</a>)</li> + + <li>If you were using the <code>usemenuforusers</code> parameter, + and [% terms.abug %] was assigned to (or had a QA Contact of) a disabled + user, that field would be reset to the first user in the list when + updating [% terms.abug %]. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=465589">[% terms.Bug %] 465589</a>)</li> + + <li>If you were using the <code>PROJECT</code> environment variable + to have multiple [% terms.Bugzilla %] installations using one codebase, + project-specific templates were being ignored. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=467324">[% terms.Bug %] 467324</a>)</li> + + <li>Some versions of the SOAP::Lite Perl module had a b[% %]ug that caused + [%+ terms.Bugzilla %]'s XML-RPC service to break. + <kbd>checksetup.pl</kbd> now checks for these bad versions and + will reject them. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=468009">[% terms.Bug %] 468009</a>)</li> + + <li>The font sizes in various places were too small, when using the + Classic skin. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=469136">[% terms.Bug %] 469136</a>)</li> +</ul> + +<h2 id="v32_security">Security Fixes In This 3.2.x Release</h2> + +<h3>3.2.3</h3> + +<p>This release fixes one security issue related to attachments. See the + <a href="http://www.bugzilla.org/security/3.2.2/">Security Advisory</a> + for details.</p> + +<h3>3.2.2</h3> + +<p>This release fixes one security issue that is critical for installations + running 3.2.1 under mod_perl. See the + <a href="http://www.bugzilla.org/security/3.0.7/">Security Advisory</a> + for details.</p> + +<h3>3.2.1</h3> + +<p>This release contains several security fixes. One fix may break any + automated scripts you have that are loading <kbd>process_bug.cgi</kbd> + directly. We recommend that you read the entire + <a href="http://www.bugzilla.org/security/2.22.6/">Security Advisory</a> + for this release.</p> + +<h2 id="v32_req">Minimum Requirements</h2> + +<p>Any requirements that are new since 3.0.5 will look like + <span class="req_new">this</span>.</p> + +<ul> + <li><a href="#v32_req_perl">Perl</a></li> + <li><a href="#v32_req_mysql">For MySQL Users</a></li> + <li><a href="#v32_req_pg">For PostgreSQL Users</a></li> + <li><a href="#v32_req_oracle">For Oracle Users</a></li> + <li><a href="#v32_req_modules">Required Perl Modules</a></li> + <li><a href="#v32_req_optional_mod">Optional Perl + Modules</a></li> +</ul> + +<h3 id="v32_req_perl">Perl</h3> + +<p>Perl <span class="req_new">v<strong>5.8.1</strong></span></p> + +<h3 id="v32_req_mysql">For MySQL Users</h3> + +<ul> + <li>MySQL v4.1.2</li> + <li><strong>perl module:</strong> + DBD::mysql <span class="req_new">v4.00</span></li> +</ul> + +<h3 id="v32_req_pg">For PostgreSQL Users</h3> + +<ul> + <li>PostgreSQL v8.00.0000</li> + <li><strong>perl module:</strong> DBD::Pg v1.45</li> +</ul> + +<h3 id="v32_req_oracle">Email Addresses Hidden From Logged-Out Users + For Oracle Users</h3> + +<ul> + <li>Oracle v10.02.0</li> + <li><strong>perl module:</strong> DBD::Oracle v1.19</li> +</ul> + +<h3 id="v32_req_modules">Required Perl Modules</h3> + +<table class="req_table" border="0" cellpadding="0" cellspacing="0"> +<tr> <th>Module</th> <th>Version</th> </tr> +<tr> <td>CGI</td> <td class="req_new">3.21 (on Perl 5.8.x) + or 3.33 (on Perl 5.10.x)</td> </tr> +<tr> <td>Date::Format</td> <td>2.21</td> </tr> +<tr> <td>File::Spec</td> <td>0.84</td> </tr> +<tr> <td>DBI</td> <td>1.41</td> </tr> +<tr> <td>Template</td> <td class="req_new">2.15</td> </tr> +<tr> <td>Email::Send</td> <td>2.00</td> </tr> +<tr> <td>Email::MIME</td> <td class="req_new">1.861</td> </tr> +<tr> + <td class="req_new">Email::MIME::Encodings</td> + <td class="req_new">1.313</td> +</tr> +<tr> + <td>Email::MIME::Modifier</td> + <td class="req_new">1.442</td> +</tr> +</table> + +<h3 id="v32_req_optional_mod">Optional Perl Modules</h3> + +<p>The following perl modules, if installed, enable various + features of [% terms.Bugzilla %]:</p> + +<table class="req_table" border="0" cellpadding="0" cellspacing="0"> +<tr> + <th>Module</th> + <th>Version</th> + <th>Enables Feature</th> +</tr> +<tr> + <td>LWP::UserAgent</td> + <td>(Any)</td> + <td>Automatic Update Notifications</td> +</tr> +<tr> + <td>Template::Plugin::GD::Image</td> + <td>(Any)</td> + <td>Graphical Reports</td> +</tr> +<tr> + <td>GD::Text</td> + <td>(Any)</td> + <td>Graphical Reports</td> +</tr> +<tr> + <td>GD::Graph</td> + <td>(Any)</td> + <td>Graphical Reports</td> +</tr> +<tr> + <td>GD</td> + <td>1.20</td> + <td>Graphical Reports, New Charts, Old Charts</td> +</tr> +<tr> + <td>Email::MIME::Attachment::Stripper</td> + <td>(Any)</td> + <td>Inbound Email</td> +</tr> +<tr> + <td>Email::Reply</td> + <td>(Any)</td> + <td>Inbound Email</td> +</tr> +<tr> + <td>Net::LDAP</td> + <td>(Any)</td> + <td>LDAP Authentication</td> +</tr> +<tr> + <td>HTML::Parser</td> + <td>3.40</td> + <td>More HTML in Product/Group Descriptions</td> +</tr> +<tr> + <td>HTML::Scrubber</td> + <td>(Any)</td> + <td>More HTML in Product/Group Descriptions</td> +</tr> +<tr> + <td>XML::Twig</td> + <td>(Any)</td> + <td>Move [% terms.Bugs %] Between Installations</td> +</tr> +<tr> + <td>MIME::Parser</td> + <td>5.406</td> + <td>Move [% terms.Bugs %] Between Installations</td> +</tr> +<tr> + <td>Chart::Base</td> + <td>1.0</td> + <td>New Charts, Old Charts</td> +</tr> +<tr> + <td>Image::Magick</td> + <td>(Any)</td> + <td>Optionally Convert BMP Attachments to PNGs</td> +</tr> +<tr> + <td>PatchReader</td> + <td>0.9.4</td> + <td>Patch Viewer</td> +</tr> +<tr> + <td class="req_new">Authen::Radius</td> + <td class="req_new">(Any)</td> + <td>RADIUS Authentication</td> +</tr> +<tr> + <td class="req_new">Authen::SASL</td> + <td class="req_new">(Any)</td> + <td>SMTP Authentication</td> +</tr> +<tr> + <td>SOAP::Lite</td> + <td>(Any)</td> + <td>XML-RPC Interface</td> +</tr> +<tr> + <td>mod_perl2</td> + <td>1.999022</td> + <td>mod_perl</td> +</tr> +</table> + +<h2 id="v32_feat">New Features and Improvements</h2> + +<ul> + <li><a href="#v32_feat_ui">Major UI Improvements</a></li> + <li><a href="#v32_feat_skin">New Default Skin: Dusk</a></li> + <li><a href="#v32_feat_status">Custom Status Workflow</a></li> + <li><a href="#v32_feat_fields">New Custom Field Types</a></li> + <li><a href="#v32_feat_install">Easier Installation</a></li> + <li><a href="#v32_feat_oracle">Experimental Oracle Support</a></li> + <li><a href="#v32_feat_utf8">Improved UTF-8 Support</a></li> + <li><a href="#v32_feat_grcons">Group Icons</a></li> + <li><a href="#v32_feat_other">Other Enhancements and Changes</a></li> +</ul> + +<h3 id="v32_feat_ui">Major UI Improvements</h3> + +<p>[% terms.Bugzilla %] 3.2 has had some UI assistance from the NASA + Human-Computer Interaction department and the new + <a href="http://wiki.mozilla.org/Bugzilla:UE">[% terms.Bugzilla %] + User Interface Team</a>.</p> + +<p>In particular, you will notice a massively redesigned [% terms.bug %] + editing form, in addition to our <a href="#v32_feat_skin">new skin</a>.</p> + +<h3 id="v32_feat_skin">New Default Skin: Dusk</h3> + +<p>[% terms.Bugzilla %] 3.2 now ships with a skin called "Dusk" that is + a bit more colorful than old default "Classic" skin.</p> + +<p>Upgrading installations will still default to the "Classic" + skin--administrators can change the default in the Default Preferences + control panel. Users can also choose to use the old skin in their + Preferences (or using the View :: Page Style menu in Firefox).</p> + +<p>The changes that [% terms.Bugzilla %] required for Dusk made + [%+ terms.Bugzilla %] much easier to skin. See the + <a href="http://wiki.mozilla.org/Bugzilla:Addons#Skins">Addons page</a> + for additional skins, or try making your own!</p> + +<h3 id="v32_feat_status">Custom Status Workflow</h3> + +<p>You can now customize the list of statuses in [% terms.Bugzilla %], + and transitions between them.</p> + +<p>You can also specify that a comment must be made on certain transitions.</p> + +<h3 id="v32_feat_fields">New Custom Field Types</h3> + +<p>[% terms.Bugzilla %] 3.2 has support for three new types of + custom fields:</p> + +<ul> + <li>Large Text: Adds a multi-line textbox to your [% terms.bugs %].</li> + <li>Multiple Selection Box: Adds a box that allows you to choose + multiple items from a list.</li> + <li>Date/Time: Displays a date and time, along with a JavaScript + calendar popup to make picking a date easier.</li> +</ul> + +<h3 id="v32_feat_install">Easier Installation</h3> + +<p>[% terms.Bugzilla %] now comes with a script called + <kbd>install-module.pl</kbd> that can automatically download + and install all of the required Perl modules for [% terms.Bugzilla %]. + It stores them in a directory inside your [% terms.Bugzilla %] + installation, so you can use it even if you don't have administrator-level + access to your machine, and without modifying your main Perl install.</p> + +<p><kbd>checksetup.pl</kbd> will print out instructions for using + <kbd>install-module.pl</kbd>, or you can read its + <a href="[% docs_urlbase FILTER html %]api/install-module.html">documentation</a>.</p> + +<h3 id="v32_feat_oracle">Experimental Oracle Support</h3> + +<p>[% terms.Bugzilla %] 3.2 contains experimental support for using + Oracle as its database. Some features of [% terms.Bugzilla %] are known + to be broken on Oracle, but hopefully will be working by our next major + release.</p> + +<p>The [% terms.Bugzilla %] Project, as an open-source project, of course + does not recommend the use of proprietary database solutions. However, + if your organization requires that you use Oracle, this will allow + you to use [% terms.Bugzilla %]!</p> + +<p>The [% terms.Bugzilla %] Project thanks Oracle Corp. for their extensive + development contributions to [% terms.Bugzilla %] which allowed this to + happen!</p> + +<h3 id="v32_feat_utf8">Improved UTF-8 Support</h3> + +<p>[% terms.Bugzilla %] 3.2 now has advanced UTF-8 support in its code, + including correct handling for truncating and wrapping multi-byte + languages. Major issues with multi-byte or unusual languages + are now resolved, and [% terms.Bugzilla %] should now be usable + by users in every country with little (or at least much less) + customization.</p> + +<h3 id="v32_feat_grcons">Group Icons</h3> + +<p>Administrators can now specify that users who are in certain groups + should have an icon appear next to their name whenever they comment. + This is particularly useful for distinguishing developers from + [%+ terms.bug %] reporters.</p> + +<h3 id="v32_feat_other">Other Enhancements and Changes</h3> + +<p>These are either minor enhancements, or enhancements that have + very short descriptions. Some of these are very useful, though!</p> + +<h4>Enhancements For Users</h4> + +<ul> + <li><strong>[% terms.Bugs %]</strong>: You can now reassign + [%+ terms.abug %] at the same time as you are changing its status.</li> + <li><strong>[% terms.Bugs %]</strong>: When entering [% terms.abug %], + you will now see the description of a component when you select it.</li> + <li><strong>[% terms.Bugs %]</strong>: The [% terms.bug %] view now + contains some <a href="http://microformats.org/about/">Microformats</a>, + most notably for users' names and email addresses.</li> + <li><strong>[% terms.Bugs %]</strong>: You can now remove a QA Contact + from [% terms.abug %] simply by clearing the QA Contact field.</li> + <li><strong>[% terms.Bugs %]</strong>: There is now a user preference + that will allow you to exclude the quoted text when replying + to comments.</li> + <li><strong>[% terms.Bugs %]</strong>: You can now expand or collapse + individual comments in the [% terms.bug %] view.</li> + + <li><strong>Attachments</strong>: There is now "mid-air collision" + protection when editing attachments.</li> + <li><strong>Attachments</strong>: Patches in the Diff Viewer now show + line numbers (<a href="https://bugzilla.mozilla.org/attachment.cgi?id=327546">Example</a>).</li> + <li><strong>Attachments</strong>: After creating or updating an attachment, + you will be immediately shown the [% terms.bug %] that the attachment + is on.</li> + + <li><strong>Search</strong>: You can now reverse the sort of + [%+ terms.abug %] list by clicking on a column header again.</li> + <li><strong>Search</strong>: Atom feeds of [% terms.bug %] lists now + contain more fields.</li> + <li><strong>Search</strong>: QuickSearch now supports searching flags + and groups. It also now includes the OS field in the list of fields + it searches by default.</li> + <li><strong>Search</strong>: "Help" text can now appear on query.cgi + for Internet Explorer and other non-Firefox browsers. (It always + could appear for Firefox.)</li> + + <li>[% terms.Bugzilla %] now ships with an icon that will show + up next to the URL in most browsers. If you want to replace it, + it's in <kbd>images/favicon.ico</kbd>.</li> + + <li>You can now set the Deadline when using "Change Several + [%+ terms.Bugs %] At Once"</li> + <li><strong>Saved Searches</strong> now save their column list, so if + you customize the list of columns and save your search, it will + always contain those columns.</li> + <li><strong>Saved Searches</strong>: When you share a search, you can + now see how many users have subscribed to it, on + <kbd>userprefs.cgi</kbd>.</li> + <li><strong>Saved Searches</strong>: You can now see what group a + shared search was shared to, on the list of available shared searches + in <kbd>userprefs.cgi</kbd>.</li> + <li><strong>Flags</strong>: If your installation uses drop-down user + lists, the flag requestee box will now contain only users who are + actually allowed to take requests.</li> + <li><strong>Flags</strong>: If somebody makes a request to you, and you + change the requestee to somebody else, the requester is no longer set + to you. In other words, you can "redirect" requests and maintain the + original requester.</li> + <li><strong>Flags</strong>: Emails about flags now will thread properly + in email clients to be a part of [% terms.abug %]'s thread.</li> + <li>When using <kbd>email_in.pl</kbd>, you can now add users to the CC + list by just using <kbd>@cc</kbd> as the field name.</li> + <li>Many pages (particularly administrative pages) now contain links to + the relevant section of the [% terms.Bugzilla %] Guide, so you can read + the documentation for that page.</li> + <li>Dependency Graphs should render more quickly, as they now (by default) + only include the same [% terms.bugs %] that you'd see in the dependency + tree.</li> +</ul> + +<h4>Enhancements For Administrators</h4> + +<ul> + <li><strong>Admin UI</strong>: Instead of having the Administration + Control Panel links in the footer, there is now just one link called + "Administration" that takes you to a page that links to all the + administrative controls for [% terms.Bugzilla %].</li> + <li><strong>Admin UI</strong>: Administrative pages no longer display + confirmation pages, instead they redirect you to some useful page + and display a message about what changed.</li> + <li><strong>Admin UI</strong>: The interface for editing group + inheritance in <kbd>editgroups.cgi</kbd> is much clearer now.</li> + <li><strong>Admin UI</strong>: When editing a user, you can now see + all the components where that user is the Default Assignee or Default + QA Contact.</li> + + <li><strong>Email</strong>: For installations that use SMTP to send + mail (as opposed to Sendmail), [%+ terms.Bugzilla %] now supports + SMTP Authentication, so that it can log in to your mail server + before sending messages.</li> + <li><strong>Email</strong>: Using the "Test" mail delivery method now + creates a valid mbox file to make testing easier.</li> + + <li><strong>Authentication</strong>: [% terms.Bugzilla %] now correctly + handles LDAP records which contain multiple email addresses. (The first + email address in the list that is a valid [% terms.Bugzilla %] account + will be used, or if this is a new user, the first email address in + the list will be used.)</li> + <li><strong>Authentication</strong>: [% terms.Bugzilla %] can now take + a list of LDAP servers to try in order until it gets a successful + connection.</li> + <li><strong>Authentication</strong>: [% terms.Bugzilla %] now supports + RADIUS authentication.</li> + + <li><strong>Security</strong>: The login cookie is now created as + "HTTPOnly" so that it can't be read by possibly malicious scripts. + Also, if SSL is enabled on your installation, the login cookie is + now only sent over SSL connections.</li> + <li><strong>Security</strong>: The <code>ssl</code> parameter now protects + every page a logged-in user accesses, when set to "authenticated sessions." + Also, SSL is now enforced appropriately in the WebServices interface when + the parameter is set.</li> + + <li><strong>Database</strong>: [% terms.Bugzilla %] now uses transactions in + the database instead of table locks. This should generally improve + performance with many concurrent users. It also means if there is + an unexpected error in the middle of a page, all database changes made + during that page will be rolled back.</li> + <li><strong>Database</strong>: You no longer have to set + <code>max_packet_size</code> in MySQL to add large attachments. However, + you may need to set it manually if you restore a mysqldump into your + database.</li> + + <li>New WebService functions: + <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bug.html">B<!-- -->ug.add_comment</a> + and <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bugzilla.html">Bugzilla.extensions</a>.</li> + + <li>You can now delete custom fields, but only if they have never been + set on any [% terms.bug %].</li> + <li>There is now a <kbd>--reset-password</kbd> argument to + <kbd>checksetup.pl</kbd> that allows you to reset a user's password + from the command line.</li> + <li>There is now a script called <kbd>sanitycheck.pl</kbd> that you can + run from the command line. It works just like <kbd>sanitycheck.cgi</kbd>. + By default, it only outputs anything if there's an error, so it's + ideal for administrators who want to run it nightly in a cron job.</li> + <li>The <kbd>strict_isolation</kbd> parameter now prevents you from setting + users who cannot see [% terms.abug %] as a CC, Assignee, or QA + Contact. Previously it only prevented you from adding users who + could not <em>edit</em> the [% terms.bug %].</li> + <li>Extensions can now add their own headers to the HTML <head> + for things like custom CSS and so on.</li> + <li><kbd>sanitycheck.cgi</kbd> has been templatized, meaning that the + entire [% terms.Bugzilla %] UI is now contained in templates.</li> + <li>When setting the <kbd>sslbase</kbd> parameter, you can now specify + a port number in the URL.</li> + <li>When importing [% terms.bugs %] using <kbd>importxml.pl</kbd>, + attachments will have their actual creator set as their creator, + instead of the person who exported the [% terms.bug %] from the other + system.</li> + <li>The voting system is off by default in new installs. This is to + prepare for the fact that it will be moved into an extension at + some point in the future.</li> + <li>The <code>shutdownhtml</code> parameter now works even when + [%+ terms.Bugzilla %]'s database server is down.</li> +</ul> + +<h3>Enhancements for Localizers (or Localized Installations)</h3> + +<ul> + <li>The documentation can now be localized--in other words, you can have + documentation installed for multiple languages at once and + [%+ terms.Bugzilla %] will link to the correct language in its internal + documentation links.</li> + <li>[% terms.Bugzilla %] no longer uses the <kbd>languages</kbd> parameter. + Instead it reads the <kbd>template/</kbd> directory to see which + languages are available.</li> + <li>Some of the messages printed by <kbd>checksetup.pl</kbd> can now + be localized. See <kbd>template/en/default/setup/strings.txt.pl</kbd>. +</ul> + +<h2 id="v32_issues">Outstanding Issues</h2> + +<ul> + <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=423439"> + [%- terms.Bug %] 423439</a>: Tabs in comments will be converted + to four spaces, due to a b<!-- -->ug in Perl as of Perl 5.8.8.</li> + <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=69621"> + [%- terms.Bug %] 69621</a>: If you rename or remove a keyword that is + in use on [% terms.bugs %], you will need to rebuild the "keyword cache" + by running <a href="sanitycheck.cgi">sanitycheck.cgi</a> and choosing + the option to rebuild the cache when it asks. Otherwise keywords may + not show up properly in search results.</li> + <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=89822"> + [%- terms.Bug %] 89822</a>: When changing multiple [% terms.bugs %] at + the same time, there is no "mid-air collision" protection.</li> + <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=276230"> + [%- terms.Bug %] 276230</a>: The support for restricting access to + particular Categories of New Charts is not complete. You should treat + the 'chartgroup' Param as the only access mechanism available.<br> + However, charts migrated from Old Charts will be restricted to + the groups that are marked MANDATORY for the corresponding Product. + There is currently no way to change this restriction, and the + groupings will not be updated if the group configuration + for the Product changes.</li> + <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=370370"> + [%- terms.Bug %] 370370</a>: mod_perl support is currently not + working on Windows machines.</li> +</ul> + +<h2 id="v32_upgrading">How to Upgrade From An Older Version</h2> + +<h3 id="v32_upgrading_notes">Notes For Upgraders</h3> + +<ul> + <li>If you upgrade by CVS, the <kbd>extensions</kbd> and + <kbd>skins/contrib</kbd> directories are now in CVS instead of + being created by <kbd>checksetup.pl</kbd> If you do a <kbd>cvs update</kbd> + from 3.0, you will be told that your directories are "in the way" and + you should delete (or move) them and then do <kbd>cvs update</kbd> + again. Also, the <kbd>docs</kbd> directory has been restructured + and after you <kbd>cvs update</kbd> you can delete the <kbd>docs/html</kbd>, + <kbd>docs/pdf</kbd>, <kbd>docs/txt</kbd>, and <kbd>docs/xml</kbd> + directories.</li> + <li>If you are using MySQL, you should know that [% terms.Bugzilla %] + now uses InnoDB for all tables. <kbd>checksetup.pl</kbd> will convert + your tables automatically, but if you have InnoDB disabled, + the upgrade will not be able to complete (and <kbd>checksetup.pl</kbd> + will tell you so).</li> + + <li><strong>You should also read the + <a href="#v30_upgrading_notes">[% terms.Bugzilla %] 3.0 Notes For Upgraders + section</a> of the + <a href="#v32_previous">previous release notes</a> if you are upgrading + from a version before 3.0.</strong></li> +</ul> + +<h3>Steps For Upgrading</h3> + +<p>Once you have read the notes above, see the + <a href="[% docs_urlbase FILTER html %]upgrade.html">Upgrading + documentation</a> for instructions on how to upgrade.</p> + +<h2 id="v32_code_changes">Code Changes Which May Affect Customizations</h2> + +<ul> + <li><a href="#v32_code_hooks">More Hooks!</a></li> + <li><a href="#v32_code_search">Search.pm Rearchitecture</a></li> + <li><a href="#v32_code_lib">lib Directory</a></li> + <li><a href="#v32_code_other">Other Changes</a></li> +</ul> + +<h3 id="v32_code_hooks">More Hooks!</h3> + +<p>There are more code hooks in 3.2 than there were in 3.0. See the + documentation of <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Hook.html">Bugzilla::Hook</a> + for more details.</p> + +<h3 id="v32_code_search">Search.pm Rearchitecture</h3> + +<p><kbd>Bugzilla/Search.pm</kbd> has been heavily modified, to be much + easier to read and use. It contains mostly the same code as it did in + 3.0, but it has been moved around and reorganized significantly.</p> + +<h3 id="v32_code_lib">lib Directory</h3> + +<p>As part of implementing <a href="#v32_feat_install">install-module.pl</a>, + [%+ terms.Bugzilla %] was given a local <kbd>lib</kbd> directory which + it searches for modules, in addition to the standard system path.</p> + +<p>This means that all [% terms.Bugzilla %] scripts now start with + <code>use lib qw(. lib);</code> as one of the first lines.</p> + +<h3 id="v32_code_other">Other Changes</h3> + +<ul> + <li>You should now be using <code>get_status('NEW')</code> instead of + <code>status_descs.NEW</code> in templates.</li> + <li>The <code>[%# version = 1.0 %]</code> comment at the top of every + template file has been removed.</li> +</ul> + +<h1 id="v32_previous">[% terms.Bugzilla %] 3.0.x Release Notes</h1> + +<h2>Table of Contents</h2> + +<ul class="bz_toc"> + <li><a href="#v30_introduction">Introduction</a></li> + <li><a href="#v30_point">Updates In This 3.0.x Release</a></li> + <li><a href="#v30_req">Minimum Requirements</a></li> + <li><a href="#v30_feat">New Features and Improvements</a></li> + <li><a href="#v30_issues">Outstanding Issues</a></li> + <li><a href="#v30_security">Security Fixes In This Release</a></li> + <li><a href="#v30_upgrading">How to Upgrade From An Older Version</a></li> + <li><a href="#v30_code_changes">Code Changes Which May Affect + Customizations</a></li> + <li><a href="#v30_previous">Release Notes for Previous Versions</a></li> +</ul> + +<h2 id="v30_introduction">Introduction</h2> + +<p>Welcome to [% terms.Bugzilla %] 3.0! It's been over eight years since + we released [% terms.Bugzilla %] 2.0, and everything has changed since + then. Even just since our previous release, [% terms.Bugzilla %] 2.22, + we've added a <em>lot</em> of new features. So enjoy the release, we're + happy to bring it to you.</p> + +<p>If you're upgrading, make sure to read <a href="#v30_upgrading">How to + Upgrade From An Older Version</a>. If you are upgrading from a release + before 2.22, make sure to read the release notes for all the + <a href="#v30_previous">previous versions</a> in between your version + and this one.</p> + +<h2 id="v30_point">Updates in this 3.0.x Release</h2> + +<p>This section describes what's changed in the most recent b<!-- -->ug-fix + releases of [% terms.Bugzilla %] after 3.0. We only list the + most important fixes in each release. If you want a detailed list of + <em>everything</em> that's changed in each version, you should use our + <a href="http://www.bugzilla.org/status/changes.html">Change Log Page</a>.</p> + +<h3>3.0.6</h3> + +<ul> + <li>Before 3.0.6, unexpected fatal WebService errors would result in + a <code>faultCode</code> that was a string instead of a number. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=446327">[% terms.Bug %] 446327</a>)</li> + <li>If you created a product or component with the same name as one you + previously deleted, it would fail with an error about the series table. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=247936">[% terms.Bug %] 247936</a>)</li> +</ul> + +<p>See also the <a href="#v30_security">Security Advisory</a> section for + information about a security issue fixed in this release.</p> + +<h3>3.0.5</h3> + +<ul> + <li>If you don't have permission to set a flag, it will now appear + unchangeable in the UI. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=433851">[% terms.Bug %] 433851</a>)</li> + <li>If you were running mod_perl, [% terms.Bugzilla %] was not correctly + closing its connections to the database since 3.0.3, and so sometimes + the DB would run out of connections. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=441592">[% terms.Bug %] 441592</a>)</li> + <li>The installation script is now clear about exactly which + <code>Email::</code> modules are required in Perl, thus avoiding the + problem where emails show up with a body like + <samp>SCALAR(0xBF126795)</samp>. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=441541">[% terms.Bug %] 441541</a>)</li> + <li><a href="[% docs_urlbase FILTER html %]api/email_in.html">email_in.pl</a> + is no longer case-sensitive for values of <kbd>@product</kbd>. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=365697">[% terms.Bug %] 365697</a>)</li> +</ul> + +<p>See also the <a href="#v30_security">Security Advisory</a> section for + information about security issues fixed in this release.</p> + +<h3>3.0.4</h3> + +<ul> + <li>[% terms.Bugzilla %] administrators were not being correctly notified + about new releases. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=414726">[% terms.Bug %] 414726</a>)</li> + + <li>There could be extra whitespace in email subject lines. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=411544">[% terms.Bug %] 411544</a>)</li> + + <li>The priority, severity, OS, and platform fields were always required by + the <kbd>B<!-- -->ug.create</kbd> WebService function, even if they had + defaults specified. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=384009">[% terms.Bug %] 384009</a>)</li> + + <li>Better threading of [% terms.bug %]mail in some email clients. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=376453">[% terms.Bug %] 376453</a>)</li> + + <li>There were many fixes to the Inbound Email Interface + (<kbd>email_in.pl</kbd>). + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=92274">[% terms.Bug %] 92274</a>, + <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=377025">[% terms.Bug %] 377025</a>, + <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=412943">[% terms.Bug %] 412943</a>, + <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=413672">[% terms.Bug %] 413672</a>, and + <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=431721">[% terms.Bug %] 431721</a>)</li> + + <li><kbd>checksetup.pl</kbd> now handles UTF-8 conversion more reliably during upgrades. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=374951">[% terms.Bug %] 374951</a>)</li> + + <li>Comments written in CJK languages are now correctly word-wrapped. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=388723">[% terms.Bug %] 388723</a>)</li> + + <li>All emails will now be sent in the correct language, when the user + has chosen a language for emails. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=405946">[% terms.Bug %] 405946</a>) + + <li>On Windows, temporary files created when uploading attachments are now + correctly deleted when the upload is complete. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=414002">[% terms.Bug %] 414002</a>)</li> + + <li><kbd>checksetup.pl</kbd> now prints correct installation instructions + for Windows users using Perl 5.10. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=414430">[% terms.Bug %] 414430</a>) +</ul> + +<p>See also the <a href="#v30_security">Security Advisory</a> section for + information about security issues fixed in this release.</p> + +<h3>3.0.3</h3> + +<ul> + <li>mod_perl no longer compiles [% terms.Bugzilla %]'s code for each Apache + process individually. It now compiles code only once and shares it among + each Apache process. This greatly improves performance and highly + decreases the memory footprint. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=398241">[% terms.Bug %] 398241</a>)</li> + + <li>You can now search for '---' (without quotes) in versions and milestones. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=362436">[% terms.Bug %] 362436</a>)</li> + + <li>[% terms.Bugzilla %] should no longer break lines unnecessarily in + email subjects. This was causing trouble with some email clients. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=374424">[% terms.Bug %] 374424</a>)</li> + + <li>If you had selected "I'm added to or removed from this capacity" option + for the "CC" role in your email preferences, you wouldn't get mail when + more than one person was added to the CC list at once. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=394796">[% terms.Bug %] 394796</a>)</li> + + <li>Deleting a user account no longer deletes whines from another user who + has the deleted account as addressee. The schedule is simply removed, + but the whine itself is left intact. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=395924">[% terms.Bug %] 395924</a>)</li> + + <li><kbd>contrib/merge-users.pl</kbd> now correctly merges all required + fields when merging two user accounts. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=400160">[% terms.Bug %] 400160</a>)</li> + + <li>[% terms.Bugzilla %] no longer requires Apache::DBI to run under + mod_perl. It caused troubles such as lost connections with the DB and + didn't give any important performance gain. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=408766">[% terms.Bug %] 408766</a>)</li> +</ul> + +<h3>3.0.2</h3> + +<ul> + <li>[% terms.Bugzilla %] should now work on Perl 5.9.5 (and thus the + upcoming Perl 5.10.0). + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=390442">[% terms.Bug %] 390442</a>)</li> +</ul> + +<p>See also the <a href="#v30_security">Security Advisory</a> section for + information about an important security issue fixed in this release.</p> + +<h3>3.0.1</h3> + +<ul> + <li>For users of Firefox 2, the <code>show_bug.cgi</code> user interface + should no longer "collapse" after you modify [% terms.abug %]. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=370739">[% terms.Bug %] 370739</a>)</li> + <li>If you can bless a group, and you share a saved search with that + group, it will no longer automatically appear in all of that group's + footers unless you specifically request that it automatically appear + in their footers. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=365890">[% terms.Bug %] 365890</a>)</li> + <li>There is now a parameter to allow users to perform searches without + any search terms. (In other words, to search for just a Product + and Status on the Simple Search page.) The parameter is called + <code>specific_search_allow_empty_words</code>. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=385910">[% terms.Bug %] 385910</a>)</li> + <li>If you attach a file that has a MIME-type of <code>text/x-patch</code> + or <code>text/x-diff</code>, it will automatically be treated as a + patch by [% terms.Bugzilla %]. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=365756">[% terms.Bug %] 365756</a>)</li> + <li>Dependency Graphs now work correctly on all mod_perl installations. + There should now be no remaining signficant problems with running + [%+ terms.Bugzilla %] under mod_perl. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=370398">[% terms.Bug %] 370398</a>)</li> + <li>If moving [% terms.abug %] between products would remove groups + from the [% terms.bug %], you are now warned. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=303183">[% terms.Bug %] 303183</a>)</li> + <li>On IIS, whenever [% terms.Bugzilla %] threw a warning, it would + actually appear on the web page. Now warnings are suppressed, + unless you have a file in the <code>data</code> directory called + <code>errorlog</code>, in which case warnings will be printed there. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=390148">[% terms.Bug %] 390148</a>)</li> + <li>If you used <kbd>email_in.pl</kbd> to edit [% terms.abug %] that was + protected by groups, all of the groups would be cleared. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=385453">[% terms.Bug %] 385453</a>)</li> + <li>PostgreSQL users: New Charts were failing to collect data over time. + They will now start collecting data correctly. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=257351">[% terms.Bug %] 257351</a>)</li> + <li>Some flag mails didn't specify who the requestee was. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=379787">[% terms.Bug %] 379787</a>)</li> + <li>Instead of throwing real errors, <kbd>collectstats.pl</kbd> would + just say that it couldn't find <code>ThrowUserError</code>. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=380709">[% terms.Bug %] 380709</a>)</li> + <li>Logging into [% terms.Bugzilla %] from the home page works again + with IIS5. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=364008">[% terms.Bug %] 364008</a>)</li> + <li>If you were using SMTP for sending email, sometimes emails would + be missing the <code>Date</code> header. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=304999">[% terms.Bug %] 304999</a>).</li> + <li>In the XML-RPC WebService, <code>B<!-- -->ug.legal_values</code> now + correctly returns values for custom fields if you request values + for custom fields. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=381737">[% terms.Bug %] 381737</a>)</li> + <li>The "[% terms.Bug %]-Writing Guidelines" page has been shortened + and re-written. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=378590">[% terms.Bug %] 378590</a>)</li> + <li>If your <code>urlbase</code> parameter included a port number, + like <code>www.domain.com:8080</code>, SMTP might have failed. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=384501">[% terms.Bug %] 384501</a>)</li> + <li>For SMTP users, there is a new parameter, <code>smtp_debug</code>. + Turning on this parameter will log the full information about + every SMTP session to your web server's error log, to help with + debugging issues with SMTP. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=384497">[% terms.Bug %] 384497</a>)</li> + <li>If you are a "global watcher" (you get all mails from every + [%+ terms.bug %]), you can now see that in your Email Preferences. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=365302">[% terms.Bug %] 365302</a>)</li> + <li>The Status and Resolution of [% terms.bugs %] are now correctly + localized in CSV search results. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=389517">[% terms.Bug %] 389517</a>)</li> + <li>The "Subject" line of an email was being mangled if it contained + non-Latin characters. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=387860">[% terms.Bug %] 387860</a>)</li> + <li>Editing the "languages" parameter using <kbd>editparams.cgi</kbd> would + sometimes fail, causing [% terms.Bugzilla %] to throw an error. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=335354">[% terms.Bug %] 335354</a>)</li> +</ul> + +<h2 id="v30_req">Minimum Requirements</h2> + +<p>Any requirements that are new since 2.22 will look like + <span class="req_new">this</span>.</p> + +<ul> + <li><a href="#v30_req_perl">Perl</a></li> + <li><a href="#v30_req_mysql">For MySQL Users</a></li> + <li><a href="#v30_req_pg">For PostgreSQL Users</a></li> + <li><a href="#v30_req_modules">Required Perl Modules</a></li> + <li><a href="#v30_req_optional_mod">Optional Perl + Modules</a></li> +</ul> + + +<h3 id="v30_req_perl">Perl</h3> + +<ul> + <li>Perl <span class="req_new">v<strong>5.8.0</strong></span> (non-Windows + platforms)</li> + <li>Perl v<strong>5.8.1</strong> (Windows platforms)</li> +</ul> + +<h3 id="v30_req_mysql">For MySQL Users</h3> + +<ul> + <li>MySQL <span class="req_new">v4.1.2</span></li> + <li><strong>perl module:</strong> DBD::mysql v2.9003</li> +</ul> + +<h3 id="v30_req_pg">For PostgreSQL Users</h3> + +<ul> + <li>PostgreSQL v8.00.0000</li> + <li><strong>perl module:</strong> DBD::Pg v1.45</li> +</ul> + +<h3 id="v30_req_modules">Required Perl Modules</h3> + +<table class="req_table" border="0" cellspacing="0" cellpadding="0"> + <tr> + <th>Module</th> <th>Version</th> + </tr> + <tr><td>CGI</td> <td>2.93</td> + </tr> + <tr> + <td>Date::Format</td> <td>2.21</td> + </tr> + <tr> + <td>DBI</td> + <td class="req_new">1.41</td> + </tr> + <tr> + <td>File::Spec</td> <td>0.84</td> + </tr> + <tr> + <td>Template</td> <td>2.12</td> + </tr> + <tr> + <td class="req_new">Email::Send</td> + <td class="req_new">2.00</td> + </tr> + <tr> + <td>Email::MIME</td> + <td>1.861</td> + </tr> + <tr> + <td class="req_new">Email::MIME::Modifier</td> + <td class="req_new">1.442</td> + </tr> +</table> + +<h3 id="v30_req_optional_mod">Optional Perl Modules</h3> + +<p>The following perl modules, if installed, enable various + features of [% terms.Bugzilla %]:</p> + +<table class="req_table" border="0" cellspacing="0" cellpadding="0"> + <tr> + <th>Module</th> <th>Version</th> + <th>Enables Feature</th> + </tr> + <tr> + <td class="req_new">LWP::UserAgent</td> + <td class="req_new">(Any)</td> + <td>Automatic Update Notifications</td> + </tr> + <tr> + <td>Template::Plugin::GD::Image</td> + <td>(Any)</td> + <td>Graphical Reports</td> + </tr> + <tr> + <td>GD::Graph</td> + <td>(Any)</td> + <td>Graphical Reports</td> + </tr> + <tr> + <td>GD::Text</td> + <td>(Any)</td> + <td>Graphical Reports</td> + </tr> + <tr> + <td>GD</td> + <td>1.20</td> + <td>Graphical Reports, New Charts, Old Charts</td> + </tr> + <tr> + <td class="req_new">Email::MIME::Attachment::Stripper</td> + <td class="req_new">(Any)</td> + <td>Inbound Email</td> + </tr> + <tr> + <td class="req_new">Email::Reply</td> + <td class="req_new">(Any)</td> + <td>Inbound Email</td> + </tr> + <tr> + <td>Net::LDAP</td> + <td>(Any)</td> + <td>LDAP Authentication</td> + </tr> + <tr> + <td>HTML::Parser</td> + <td>3.40</td> + <td>More HTML in Product/Group Descriptions</td> + </tr> + <tr> + <td>HTML::Scrubber</td> + <td>(Any)</td> + <td>More HTML in Product/Group Descriptions</td> + </tr> + <tr> + <td>XML::Twig</td> + <td>(Any)</td> + <td>Move [% terms.Bugs %] Between Installations</td> + </tr> + <tr> + <td>MIME::Parser</td> + <td>5.406</td> + <td>Move [% terms.Bugs %] Between Installations</td> + </tr> + <tr> + <td>Chart::Base</td> + <td>1.0</td> + <td>New Charts, Old Charts</td> + </tr> + <tr> + <td>Image::Magick</td> + <td>(Any)</td> + <td>Optionally Convert BMP Attachments to PNGs</td> + </tr> + <tr> + <td>PatchReader</td> + <td>0.9.4</td> + <td>Patch Viewer</td> + </tr> + <tr> + <td class="req_new">SOAP::Lite</td> + <td class="req_new">(Any)</td> + <td>XML-RPC Interface</td> + </tr> + <tr> + <td class="req_new">mod_perl2</td> + <td class="req_new">1.999022</td> + <td>mod_perl</td> + </tr> + <tr> + <td> CGI</td> + <td>3.11</td> + <td>mod_perl</td> + </tr> +</table> + +<h2 id="v30_feat">New Features and Improvements</h2> + +<ul> + <li><a href="#v30_feat_cf">Custom Fields</a></li> + <li><a href="#v30_feat_mp">mod_perl Support</a></li> + <li><a href="#v30_feat_sq">Shared Saved Searches</a></li> + <li> + <a href="#v30_feat_afn">Attachments and Flags on New [% terms.Bugs %]</a> + </li> + <li><a href="#v30_feat_cr">Custom Resolutions</a></li> + <li><a href="#v30_feat_ppp">Per-Product Permissions</a></li> + <li><a href="#v30_feat_ui">User Interface Improvements</a></li> + <li><a href="#v30_feat_xml">XML-RPC Interface</a></li> + <li><a href="#v30_feat_skin">Skins</a></li> + <li><a href="#v30_feat_sbu">Unchangeable Fields Appear + Unchangeable</a></li> + <li><a href="#v30_feat_et">All Emails in Templates</a></li> + <li><a href="#v30_feat_df">No More Double-Filed [% terms.Bugs %]</a></li> + <li><a href="#v30_feat_cc">Default CC List for Components</a></li> + <li><a href="#v30_feat_emi">File/Modify [% terms.Bugs %] By Email</a></li> + <li><a href="#v30_feat_gw">Users Who Get All [% terms.Bug %] + Notifications</a></li> + <li><a href="#v30_feat_utf8">Improved UTF-8 Support</a></li> + <li><a href="#v30_feat_upda">Automatic Update Notification</a></li> + <li><a href="#v30_feat_welc">Welcome Page for New Installs</a></li> + <li><a href="#v30_feat_other">Other Enhancements and Changes</a></li> +</ul> + +<h3 id="v30_feat_cf">Custom Fields</h3> + +<p>[% terms.Bugzilla %] now includes very basic support for custom fields.</p> + +<p>Users in the <kbd>admin</kbd> group can add plain-text or drop-down + custom fields. You can edit the values available for drop-down fields + using the "Field Values" control panel.</p> + +<p>Don't add too many custom fields! It can make [% terms.Bugzilla %] + very difficult to use. Try your best to get along with the default + fields, and then if you find that you can't live without custom fields + after a few weeks of using [% terms.Bugzilla %], only then should you + start your custom fields.</p> + +<h3 id="v30_feat_mp">mod_perl Support</h3> + +<p>[% terms.Bugzilla %] 3.0 supports mod_perl, which allows for extremely + enhanced page-load performance. mod_perl trades memory usage for performance, + allowing near-instantaneous page loads, but using much more memory.</p> + +<p>If you want to enable mod_perl for your [% terms.Bugzilla %], we recommend + a minimum of 1.5GB of RAM, and for a site with heavy traffic, 4GB to 8GB.</p> + +<p>If performance isn't that critical on your installation, you don't + have the memory, or you are running some other web server than + Apache, [% terms.Bugzilla %] still runs perfectly as a normal CGI + application, as well.</p> + +<h3 id="v30_feat_sq">Shared Saved Searches</h3> + +<p>Users can now choose to "share" their saved searches + with a certain group. That group will then be able to + "subscribe" to those searches, and have them appear + in their footer.</p> + +<p>If the sharer can "bless" the group he's sharing to, + (that is, if he can add users to that group), it's considered + that he's a manager of that group, and his queries show up + automatically in that group's footer (although they can + unsubscribe from any particular search, if they want.)</p> + +<p>In order to allow a user to share their queries, they also + have to be a member of the group specified in the + <code>querysharegroup</code> parameter.</p> + +<p>Users can control their shared and subscribed queries from + the "Preferences" screen.</p> + +<h3 id="v30_feat_afn">Attachments and Flags on New [% terms.Bugs %]</h3> + +<p>You can now add an attachment while you are filing a new + [%+ terms.bug %].</p> + +<p>You can also set flags on the [% terms.bug %] and on attachments, while + filing a new [% terms.bug %].</p> + +<h3 id="v30_feat_cr">Custom Resolutions</h3> + +<p>You can now customize the list of resolutions available + in [% terms.Bugzilla %], including renaming the default resolutions.</p> + +<p>The resolutions <code>FIXED</code>, <code>DUPLICATE</code> + and <code>MOVED</code> have a special meaning to [% terms.Bugzilla %], + though, and cannot be renamed or deleted.</p> + +<h3 id="v30_feat_ppp">Per-Product Permissions</h3> + +<p>You can now grant users <kbd>editbugs</kbd> and <kbd>canconfirm</kbd> + for only certain products. You can also grant users <kbd>editcomponents</kbd> + on a product, which means they will be able to edit that product + including adding/removing components and other product-specific + controls.</p> + +<h3 id="v30_feat_ui">User Interface Improvements</h3> + +<p>There has been some work on the user interface for [% terms.Bugzilla %] 3.0, + including:</p> + +<ul> + <li>There is now navigation and a search box a the <em>top</em> of + each page, in addition to the bar at the bottom of the page.</li> + <li>A re-designed "Format for Printing" page for + [%+ terms.bugs %].</li> + <li>The layout of <kbd>show_bug.cgi</kbd> (the [% terms.bug %] editing + page) has been changed, and the attachment table has been redesigned.</li> +</ul> + +<h3 id="v30_feat_xml">XML-RPC Interface</h3> + +<p>[% terms.Bugzilla %] now has a Web Services interface using the XML-RPC + protocol. It can be accessed by external applications by going + to the <kbd>xmlrpc.cgi</kbd> on your installation.</p> + +<p>Documentation can be found in the + <a href="[% docs_urlbase FILTER html %]api/">[% terms.Bugzilla %] + API Docs</a>, in the various <kbd>Bugzilla::WebService</kbd> modules.</p> + +<h3 id="v30_feat_skin">Skins</h3> + +<p>[% terms.Bugzilla %] can have multiple "skins" installed, + and users can pick between them. To write a skin, you just have to + write several CSS files. See the <a href="[% docs_urlbase FILTER html %]cust-skins.html">Custom + Skins Documentation</a> for more details.</p> + +<p>We currently don't have any alternate skins shipping with + [%+ terms.Bugzilla %]. If you write an alternate skin, please + let us know!</p> + +<h3 id="v30_feat_sbu">Unchangeable Fields Appear Unchangeable</h3> + +<p>As long as you are logged in, when viewing [% terms.abug %], if you + cannot change a field, it will not look like you can change it. That + is, the value will just appear as plain text.</p> + +<h3 id="v30_feat_et">All Emails in Templates</h3> + +<p>All outbound emails are now controlled by the templating system. + What used to be the <code>passwordmail</code>, <code>whinemail</code>, + <code>newchangedmail</code> and <code>voteremovedmail</code> + parameters are now all templates in the <kbd>template/</kbd> directory.</p> + +<p>This means that it's now much easier to customize your outbound + emails, and it's also possible for localizers to have more + localized emails as part of their language packs, if they want.</p> + +<p>We also added a <code>mailfrom</code> parameter to let you set + who shows up in the <code>From</code> field on all emails that + [%+ terms.Bugzilla %] sends.</p> + +<h3 id="v30_feat_df">No More Double-Filed [% terms.Bugs %]</h3> + +<p>Users of [% terms.Bugzilla %] will sometimes accidentally submit + [%+ terms.abug %] twice, either by going back in their web browser, + or just by refreshing a page. In the past, this could file the same + [%+ terms.bug %] twice (or even three times) in a row, irritating + developers and confusing users.</p> + +<p>Now, if you try to submit [% terms.abug %] twice from the same screen + (by going back or by refreshing the page), [% terms.Bugzilla %] will warn + you about what you're doing, before it actually submits the duplicate + [%+ terms.bug %].</p> + +<h3 id="v30_feat_cc">Default CC List for Components</h3> + +<p>You can specify a list of users who will <em>always</em> be added to + the CC list of new [% terms.bugs %] in a component.</p> + +<h3 id="v30_feat_emi">File/Modify [% terms.Bugs %] By Email</h3> + +<p>You can now file or modify [% terms.bugs %] via email. Previous versions + of [% terms.Bugzilla %] included this feature only as an + unsupported add-on, but it is now an official interface to + [%+ terms.Bugzilla %].</p> + +<p>For more details see the <a href="[% docs_urlbase FILTER html %]api/email_in.html">documentation + for email_in.pl</a>.</p> + +<h3 id="v30_feat_gw">Users Who Get All [% terms.Bug %] Notifications</h3> + +<p>There is now a parameter called <kbd>globalwatchers</kbd>. This + is a comma-separated list of [% terms.Bugzilla %] users who will + get all [% terms.bug %] notifications generated by [% terms.Bugzilla %].</p> + +<p>Group controls still apply, though, so users who can't see [% terms.abug %] + still won't get notifications about that [% terms.bug %].</p> + +<h3 id="v30_feat_utf8">Improved UTF-8 Support</h3> + +<p>[% terms.Bugzilla %] users running MySQL should now have excellent + UTF-8 support if they turn on the <kbd>utf8</kbd> parameter. (New + installs have this parameter on by default.) [% terms.Bugzilla %] + now correctly supports searching and sorting in non-English languages, + including multi-bytes languages such as Chinese.</p> + +<h3 id="v30_feat_upda">Automatic Update Notification</h3> + +<p>If you belong to the <kbd>admin</kbd> group, you will be notified + when you log in if there is a new release of [% terms.Bugzilla %] + available to download.</p> + +<p>You can control these notifications by changing the + <kbd>upgrade_notification</kbd> parameter.</p> + +<p>If your [% terms.Bugzilla %] installation is on a machine that needs to go + through a proxy to access the web, you may also have to set the + <kbd>proxy_url</kbd> parameter.</p> + +<h3 id="v30_feat_welc">Welcome Page for New Installs</h3> + +<p>When you log in for the first time on a brand-new [% terms.Bugzilla %] + installation, you will be presented with a page that describes + where you should go from here, and what parameters you should set.</p> + +<h3 id="v30_feat_qs">QuickSearch Plugin for IE7 and Firefox 2</h3> + +<p>Firefox 2 users and Internet Explorer 7 users will be presented + with the option to add [% terms.Bugzilla %] to their search bar. + This uses the + <a href="page.cgi?id=quicksearch.html">QuickSearch syntax</a>.</p> + +<h3 id="v30_feat_other">Other Enhancements and Changes</h3> + +<p>These are either minor enhancements, or enhancements that have + very short descriptions. Some of these are very useful, though!</p> + +<h4>Enhancements That Affect [% terms.Bugzilla %] Users</h4> + +<ul> + <li>In comments, quoted text (lines that start with <kbd>></kbd>) + will be a different color from normal text.</li> + <li>There is now a user preference that will add you to the CC list + of any [% terms.bug %] you modify. Note that it's <strong>on</strong> + by default.</li> + <li>[% terms.Bugs %] can now be filed with an initial state of + <kbd>ASSIGNED</kbd>, if you are in the <kbd>editbugs</kbd> group.</li> + <li>By default, comment fields will zoom large when you are typing in them, + and become small when you move out of them. You can disable this + in your user preferences.</li> + <li>You can hide obsolete attachments on [% terms.abug %] by clicking + "Hide Obsolete" at the bottom of the attachment table.</li> + <li>If [% terms.abug %] has flags set, and you move it to a different + product that has flags with the same name, the flags will be + preserved.</li> + <li>You now can't request a flag to be set by somebody who can't set it + ([% terms.Bugzilla %] will throw an error if you try).</li> + <li>Many new headers have been added to outbound [% terms.Bugzilla %] + [%+ terms.bug %] emails: <code>X-Bugzilla-Status</code>, + <code>X-Bugzilla-Priority</code>, <code>X-Bugzilla-Assigned-To</code>, + <code>X-Bugzilla-Target-Milestone</code>, and + <code>X-Bugzilla-Changed-Fields</code>, <code>X-Bugzilla-Who</code>. + You can look at an email to get an idea of what they contain.</li> + <li>In addition to the old <code>X-Bugzilla-Reason</code> email header + which tells you why you got an email, if you got an email because + you were watching somebody, there is now an + <code>X-Bugzilla-Watch-Reason</code> header that tells you who you + were watching and what role they had.</li> + <li>If you hover your mouse over a full URL (like + <code>http://bugs.mycompany.com/show_bug.cgi?id=1212</code>) that + links to [% terms.abug %], you will see the title of the + [%+ terms.bug %]. Of course, this only works for [% terms.bugs %] in your + [%+ terms.Bugzilla %] installation.</li> + <li>If your installation has user watching enabled, you will now see + the users that you can remove from your watch-list as a multi-select + box, much like the current CC list. (Previously it was just a text + box.)</li> + <li>When a user creates their own account in [% terms.Bugzilla %], the + account is now not actually created until they verify their email + address by clicking on a link that is emailed to them.</li> + <li>You can change [% terms.abug %]'s resolution without reopening it.</li> + <li>When you view the dependency tree on [% terms.abug %], resolved + [%+ terms.bugs %] will be hidden by default. (In previous versions, + resolved [% terms.bugs %] were shown by default.)</li> + <li>When viewing [% terms.bug %] activity, fields that hold [% terms.bug %] + numbers (such as "Blocks") will have the [% terms.bug %] numbers + displayed as links to those [% terms.bugs %].</li> + <li>When viewing the "Keywords" field in [% terms.abug %] list, + it will be sorted alphabetically, so you can sanely sort a list on + that field.</li> + <li>In most places, the Version field is now sorted using a version-sort + (so 1.10 is greater than 1.2) instead of an alphabetical sort.</li> + <li>Options for flags will only appear if you can set them. So, for + example, if you can't grant <kbd>+</kbd> on a flag, that option + won't appear for you.</li> + <li>You can limit the product-related output of <kbd>config.cgi</kbd> + by specifying a <kbd>product=</kbd> URL argument, containing the name + of a product. You can specify the argument more than once for multiple + products.</li> + <li>You can now search the boolean charts on whether or not a comment + is private.</li> +</ul> + +<h4>Enhancements For Administrators</h4> + +<ul> + <li>Administrators can now delete attachments, making them disappear + entirely from [% terms.Bugzilla %].</li> + <li><kbd>sanitycheck.cgi</kbd> can now only be accessed by users + in the <kbd>editcomponents</kbd> group.</li> + <li>The "Field Values" control panel can now only be accessed + by users in the <kbd>admin</kbd> group. (Previously it was accessible + to anybody in the <kbd>editcomponents</kbd> group.)</li> + <li>There is a new parameter <kbd>announcehtml</kbd>, that will allow + you to enter some HTML that will be displayed at the top of every + page, as an announcement.</li> + <li>The <kbd>loginnetmask</kbd> parameter now defaults to 0 for new + installations, meaning that as long as somebody has the right + login cookie, they can log in from any IP address. This makes + life a lot easier for dial-up users or other users whose IP + changes a lot. This could be done because the login cookie is now + very random, and thus secure.</li> + <li>Classifications now have sortkeys, so they can be sorted in an + order that isn't alphabetical.</li> + <li>Authentication now supports LDAP over SSL (LDAPS) or TLS (using + the STARTLS command) in addition to plain LDAP.</li> + <li>LDAP users can have their LDAP username be their email address, + instead of having the LDAP <kbd>mail</kbd> attribute be their + email address. You may wish to set the <kbd>emailsuffix</kbd> + parameter if you do this.</li> + <li>Administrators can now see what has changed in a user account, + when using the "Users" control panel.</li> + <li><code>REMIND</code> and <code>LATER</code> are no longer part + of the default list of resolutions. Upgrading installations will + not be affected--they will still have these resolutions.</li> + <li><kbd>editbugs</kbd> is now the default for the <kbd>timetrackinggroup</kbd> + parameter, meaning that time-tracking will be on by default in a new + installation.</li> +</ul> + +<h2 id="v30_issues">Outstanding Issues</h2> + +<ul> + <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=69621"> + [%- terms.Bug %] 69621</a>: If you rename or remove a keyword that is + in use on [% terms.bugs %], you will need to rebuild the "keyword cache" + by running <a href="sanitycheck.cgi">sanitycheck.cgi</a> and choosing + the option to rebuild the cache when it asks. Otherwise keywords may + not show up properly in search results.</li> + <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=99215"> + [%- terms.Bug %] 99215</a>: Flags are not protected by "mid-air + collision" detection. Nor are any attachment changes.</li> + <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=89822"> + [%- terms.Bug %] 89822</a>: When changing multiple [% terms.bugs %] at + the same time, there is no "mid-air collision" protection.</li> + <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=276230"> + [%- terms.Bug %] 276230</a>: The support for restricting access to + particular Categories of New Charts is not complete. You should treat + the 'chartgroup' Param as the only access mechanism available.<br> + However, charts migrated from Old Charts will be restricted to + the groups that are marked MANDATORY for the corresponding Product. + There is currently no way to change this restriction, and the + groupings will not be updated if the group configuration + for the Product changes.</li> + <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=370370"> + [%- terms.Bug %] 370370</a>: mod_perl support is currently not + working on Windows machines.</li> + <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=361149"> + [%- terms.Bug %] 361149</a>: If you are using Perl 5.8.0, you may + get a lot of warnings in your Apache error_log about "deprecated + pseudo-hashes." These are harmless--they are a b[%# fool test %]ug in + Perl 5.8.0. Perl 5.8.1 and later do not have this problem.</li> + <li>[% terms.Bugzilla %] 3.0rc1 allowed custom field column names in + the database to be mixed-case. [% terms.Bugzilla %] 3.0 only allows + lowercase column names. It will fix any column names that you have + made mixed-case, but if you have custom fields that previously were + mixed-case in any Saved Search, you will have to re-create that Saved + Search yourself.</li> +</ul> + +<h2 id="v30_security">Security Updates in This Release</h2> + +<h3>3.0.6</h3> + +<p>[% terms.Bugzilla %] contains a minor security fix. For details, see the + <a href="http://www.bugzilla.org/security/2.20.6/">Security Advisory</a>.</p> + +<h3>3.0.5</h3> + +<p>[% terms.Bugzilla %] contains one security fix for + <a href="[% docs_urlbase FILTER html %]api/importxml.html">importxml.pl</a>. + For details, see the + <a href="http://www.bugzilla.org/security/2.22.4/">Security Advisory</a>.</p> + +<h3>3.0.4</h3> + +<p>[% terms.Bugzilla %] 3.0.4 contains three security fixes. + For details, see the + <a href="http://www.bugzilla.org/security/2.20.5/">Security Advisory</a>.</p> + +<h3>3.0.3</h3> + +<p>No security fixes in this release.</p> + +<h3>3.0.2</h3> + +<p>[% terms.Bugzilla %] 3.0.1 had an important security fix that is + critical for public installations with "requirelogin" turned on. + For details, see the + <a href="http://www.bugzilla.org/security/3.0.1/">Security Advisory</a></p> + +<h3>3.0.1</h3> + +<p>[% terms.Bugzilla %] 3.0 had three security issues that have been + fixed in this release: one minor information leak, one hole only + exploitable by an admin or using <code>email_in.pl</code>, and one in an + uncommonly-used template. For details, see the + <a href="http://www.bugzilla.org/security/2.20.4/">Security Advisory</a>.</p> + +<h2 id="v30_upgrading">How to Upgrade From An Older Version</h2> + +<h3 id="v30_upgrading_notes">Notes For Upgraders</h3> + +<ul> + <li>If you upgrade by CVS, there are several .cvsignore files + that are now in CVS instead of being locally created by + <kbd>checksetup.pl</kbd>. This means that you will have to + delete those files when CVS tells you there's a conflict, and + then run <kbd>cvs update</kbd> again.</li> + <li>In this version of [% terms.Bugzilla %], the Summary field + is now limited to 255 characters. When you upgrade, any Summary + longer than that will be truncated, and the old summary will be + preserved in a comment.</li> + <li>If you have the <kbd>utf8</kbd> parameter turned on, at some + point you will have to convert your database. <kbd>checksetup.pl</kbd> + will tell you when this is, and it will give you certain instructions + at that time, that you have to follow before you can complete + the upgrade. Don't do the conversion yourself manually--follow + the instructions of <kbd>checksetup.pl</kbd>.</li> + <li>If you ever ran 2.23.3, 2.23.4, or 3.0rc1, you will have to run + <kbd>./collectstats.pl --regenerate</kbd> at the command line, because + the data for your Old Charts is corrupted. This can take several days, + so you may only want to run it if you use Old Charts.</li> + <li>You should also read the Outstanding Issues sections of + <a href="#v30_previous">older release notes</a> if you are upgrading + from a version lower than 2.22.</li> +</ul> + +<h3>Steps For Upgrading</h3> + +<p>Once you have read the notes above, see the + <a href="[% docs_urlbase FILTER html %]upgrade.html">Upgrading + documentation</a> for instructions on how to upgrade.</p> + +<h2 id="v30_code_changes">Code Changes Which May Affect Customizations</h2> + +<ul> + <li><a href="#v30_code_loc"><strong>Packagers:</strong> Location + Variables Have Moved</a></li> + <li><a href="#v30_code_hooks">Hooks!</a></li> + <li><a href="#v30_code_api">API Documentation</a></li> + <li><a href="#v30_code_globals">Elimination of globals.pl</a></li> + <li><a href="#v30_code_scope">Cleaned Up Variable Scoping Issues</a></li> + <li><a href="#v30_code_sql">No More SendSQL</a></li> + <li><a href="#v30_code_auth">Auth Re-write</a></li> + <li><a href="#v30_code_obj">Bugzilla::Object</a></li> + <li><a href="#v30_code_req">Bugzilla->request_cache</a></li> + <li><a href="#v30_code_other">Other Changes</a></li> +</ul> + +<h3 id="v30_code_loc"><strong>Packagers:</strong> Location Variables + Have Moved</h3> + +<p>In previous versions of [% terms.Bugzilla %], <kbd>Bugzilla::Config</kbd> + held all the paths for different things, such as the path to localconfig + and the path to the <kbd>data/</kbd> directory.</p> + +<p>Now, all of this data is stored in a subroutine, + <kbd>Bugzilla::Constants::bz_locations</kbd>.</p> + +<p>Also, note that for mod_perl, <kbd>bz_locations</kbd> must return + <em>absolute</em> (not relative) paths. There is already code in that + subroutine to help you with this.</p> + +<h3 id="v30_code_hooks">Hooks!</h3> + +<p>[% terms.Bugzilla %] now supports a code hook mechanism. See the + documentation for + <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Hook.html">Bugzilla::Hook</a> + for more details.</p> + +<p>This gives [% terms.Bugzilla %] very advanced plugin support. You can + hook templates, hook code, add new parameters, and use the XML-RPC + interface. So we'd like to see some [% terms.Bugzilla %] plugins + written! Let us know on the <a href="http://bugzilla.org/cgi-bin/mj_wwwusr?func=lists-long-full&extra=developers">developers@bugzilla.org</a> + mailing list if you write a plugin.</p> + +<p>If you need more hooks, please + <a href="http://www.bugzilla.org/developers/reporting_bugs.html">File a b<!-- -->ug</a>!</p> + +<h3 id="v30_code_api">API Documentation</h3> + +<p>[% terms.Bugzilla %] now ships with all of its perldoc built + as HTML. Go ahead and read the + <a href="[% docs_urlbase FILTER html %]api/">API Documentation</a> + for all of the [% terms.Bugzilla %] modules now! Even scripts like + <kbd>checksetup.pl</kbd> have HTML documentation.</p> + +<h3 id="v30_code_globals">Elimination of globals.pl</h3> + +<p>The old file <kbd>globals.pl</kbd> has been eliminated. + Its code is now in various modules. Each function went to the module + that was appropriate for it.</p> + +<p>Usually we filed [% terms.abug %] in + <a href="https://bugzilla.mozilla.org">bugzilla.mozilla.org</a> for + each function we moved. You can search there for the old name of + the function, and that should get you the information about what + it's called now and where it lives.</p> + +<h3 id="v30_code_scope">Cleaned Up Variable Scoping Issues</h3> + +<p>In normal perl, you can have code like this:</p> +<pre>my $var = 0; +sub y { $var++ }</pre> + +<p>However, under mod_perl that doesn't work. So variables are no + longer "shared" with subroutines--instead all variables + that a subroutine needs must be declared inside the subroutine itself.</p> + +<h3 id="v30_code_sql">No More SendSQL</h3> + +<p>The old <kbd>SendSQL</kbd> function and all of its companions are + <strong>gone</strong>. Instead, we now use DBI for all database + interaction.</p> + +<p>For more information about how to use + <a href="http://search.cpan.org/perldoc?DBI">DBI</a> with + [%+ terms.Bugzilla %], see the + <a href="http://www.bugzilla.org/docs/developer.html#sql-sendreceive">Developer's + Guide Section About DBI</a></p> + +<h3 id="v30_code_auth">Auth Re-write</h3> + +<p>The <kbd>Bugzilla::Auth</kbd> family of modules have been completely + re-written. For details on how the new structure of authentication, + read the + <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Auth.html">Bugzilla::Auth + API docs</a>.</p> + +<p>It should be very easy to write new authentication plugins, now.</p> + +<h3 id="v30_code_obj">Bugzilla::Object</h3> + +<p>There is a new base class for most of our objects, + <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Object.html">Bugzilla::Object</a>. + It makes it really easy to create new objects based on things that are + in the database.</p> + +<h3 id="v30_code_req">Bugzilla->request-cache</h3> + +<p><kbd>Bugzilla.pm</kbd> used to cache things like the database + connection in package-global variables (like <kbd>$_dbh</kbd>). + That doesn't work in mod_perl, so instead now there's a hash + that can be accessed through <code>Bugzilla->request_cache</code> + to store things for the rest of the current page request.</p> + +<p>You shouldn't access <code>Bugzilla->request_cache</code> directly, + but you should use it inside of <kbd>Bugzilla.pm</kbd> if you modify + that. The only time you should be accessing it directly is if you need + to reset one of the caches. Hash keys are always named after the function + that they cache, so to reset the template object, you'd do: + <code>delete Bugzilla->request_cache->{template};</code>.</p> + +<h3 id="v30_code_other">Other Changes</h3> + +<ul> + <li><kbd>checksetup.pl</kbd> has been completely re-written, and most + of its code moved into modules in the <kbd>Bugzilla::Install</kbd> + namespace. See the + <a href="[% docs_urlbase FILTER html %]api/checksetup.html">checksetup + documentation</a> and <a href="https://bugzilla.mozilla.org/showdependencytree.cgi?id=277502&hide_resolved=0">[% terms.Bugzilla %] + [%+ terms.bug %] 277502</a> for details.</li> + <li>Instead of <kbd>UserInGroup()</kbd>, all of [% terms.Bugzilla %] now + uses <kbd>Bugzilla->user->in_group</kbd></li> + <li>mod_perl doesn't like dependency loops in modules, so we now have + a test for that detects dependency loops in modules when you run + <kbd>runtests.pl</kbd>.</li> + <li><kbd>globals.pl</kbd> used to modify the environment variables, + like <kbd>PATH</kbd>. That now happens in <kbd>Bugzilla.pm</kbd>.</li> + <li>Templates can now link to the documentation more easily. + See the <kbd>global/code-error.html.tmpl</kbd> and + <kbd>global/user-error.html.tmpl</kbd> templates for examples. + (Search for "docslinks.")</li> + <li>Parameters are accessed through <kbd>Bugzilla->params</kbd> + instead of using the <kbd>Param()</kbd> function, now.</li> + <li>The variables from the <kbd>localconfig</kbd> file are accessed + through the <code>Bugzilla->localconfig</code> hash instead of through + <kbd>Bugzilla::Config</kbd>.</li> + <li><kbd>Bugzilla::BugMail::MessageToMTA()</kbd> has moved into its + own module, along with other mail-handling code, called + <kbd>Bugzilla::Mailer</kbd></li> + <li>The <kbd>CheckCanChangeField()</kbd> subroutine in + <kbd>process_bug.cgi</kbd> has been moved to <kbd>Bugzilla::Bug</kbd>, + and is now a method of [% terms.abug %] object.</li> + <li>The code that used to be in the <kbd>global/banner.html.tmpl</kbd> + template is now in <kbd>global/header.html.tmpl</kbd>. The banner + still exists, but the file is empty.</li> +</ul> + +<h2 id="v30_previous">Release Notes For Previous Versions</h2> + +<p>Release notes for versions of [% terms.Bugzilla %] for versions + prior to 3.0 are only available in text format: + <a href="[% docs_urlbase FILTER remove('html/$') FILTER html %]rel_notes.txt">Release Notes for [% terms.Bugzilla %] 2.22 + and Earlier</a>.</p> + +[% INCLUDE global/footer.html.tmpl %] + +[% BLOCK db_req %] + [% SET m = DB_MODULE.$db %] + <h3 id="v40_req_[% db FILTER html %]">For [% m.name FILTER html %] Users</h3> + + <ul> + <li>[% m.name FILTER html %] + [%+ '<span class="req_new">' IF db_new %]v[% m.db_version FILTER html %] + [% '</span>' IF db_new %] + </li> + <li><strong>perl module:</strong> + [%+ m.dbd.module FILTER html %] + [% '<span class="req_new">' IF dbd_new %]v[% m.dbd.version FILTER html %] + [% '</span>' IF dbd_new %]</li> + </ul> +[% END %] + + +[% BLOCK req_table %] + <table class="req_table" border="0" cellspacing="0" cellpadding="0"> + <tr> + <th>Module</th> <th>Version</th> + [% IF include_feature %] + <th>Enables Feature</th> + [% END %] + </tr> + [% FOREACH req = reqs %] + <tr> + <td [% ' class="req_new"' IF new.contains(req.package) %]> + [%- req.module FILTER html %]</td> + <td [% ' class="req_new"' IF updated.contains(req.package) + OR new.contains(req.package) %]> + [%- IF req.version == 0 %] + (Any) + [% ELSE %] + [%- req.version FILTER html %] + [% END %] + </td> + [% IF include_feature %] + <td>[% req.feature.join(', ') FILTER html %]</td> + [% END %] + </tr> + [% END %] +</table> +[% END %] diff --git a/template/en/default/setup/strings.txt.pl b/template/en/default/setup/strings.txt.pl index 0bf3bdd7c..6faf7844c 100644 --- a/template/en/default/setup/strings.txt.pl +++ b/template/en/default/setup/strings.txt.pl @@ -432,7 +432,7 @@ the database, and that file has been renamed to ##data##/comments.bak You may delete the renamed file once you have confirmed that all your quips were moved successfully. END - update_queries_to_tags => "Populating the new tags table:", + update_queries_to_tags => "Populating the new 'tag' table:", webdot_bad_htaccess => <<END, WARNING: Dependency graph images are not accessible. Delete ##dir##/.htaccess and re-run checksetup.pl. @@ -352,6 +352,7 @@ sub cancelChangeEmail { sub request_create_account { my $token = shift; + Bugzilla->user->check_account_creation_enabled; my (undef, $date, $login_name) = Bugzilla::Token::GetTokenData($token); $vars->{'token'} = $token; $vars->{'email'} = $login_name . Bugzilla->params->{'emailsuffix'}; @@ -365,6 +366,7 @@ sub request_create_account { sub confirm_create_account { my $token = shift; + Bugzilla->user->check_account_creation_enabled; my (undef, undef, $login_name) = Bugzilla::Token::GetTokenData($token); my $password = $cgi->param('passwd1') || ''; |