diff options
-rw-r--r-- | template/en/default/pages/release-notes.html.tmpl | 1635 | ||||
-rw-r--r-- | template/en/default/pages/release-notes3.html.tmpl | 3504 |
2 files changed, 1 insertions, 5138 deletions
diff --git a/template/en/default/pages/release-notes.html.tmpl b/template/en/default/pages/release-notes.html.tmpl index e778b5019..f4c6f4416 100644 --- a/template/en/default/pages/release-notes.html.tmpl +++ b/template/en/default/pages/release-notes.html.tmpl @@ -23,7 +23,7 @@ <li><a href="#v44_upgrading">Notes On Upgrading From a Previous Version</a></li> <li><a href="#v44_code_changes">Code Changes Which May Affect Customizations and Extensions</a></li> - <li><a href="#v44_previous">Release Notes for Previous Versions</a></li> + <li><a href="http://www.bugzilla.org/releases/">Release Notes for Previous Versions</a></li> </ul> <h2 id="v44_introduction">Introduction</h2> @@ -668,1639 +668,6 @@ Linux distros.</li> </ul> - -<h1 id="v44_previous">Bugzilla 4.2 Release Notes</h1> - -<ul class="bz_toc"> - <li><a href="#v42_introduction">Introduction</a></li> - <li><a href="#v42_point">Updates in this 4.2.x Release</a></li> - <li><a href="#v42_req">Minimum Requirements</a></li> - <li><a href="#v42_feat">New Features and Improvements</a></li> - <li><a href="#v42_issues">Outstanding Issues</a></li> - <li><a href="#v42_code_changes">Code Changes Which May Affect - Customizations and Extensions</a></li> - <li><a href="#v42_previous">Release Notes for Previous Versions</a></li> -</ul> - -<h2 id="v42_introduction">Introduction</h2> - -<p>Welcome to Bugzilla 4.2! It has been almost a year since we - released Bugzilla 4.0 on February 2011, and this new major - release comes with several new features and improvements. This release - contains major improvements to search, support for SQLite, improved - WebServices, and lots of other enhancements.</p> - -<p>If you are upgrading from a release before 4.0, make sure to read the - release notes for all the <a href="#v42_previous">previous versions</a> - in between your version and this one, <strong>particularly the Upgrading - section of each version's release notes</strong>.</p> - -<h2 id="v42_point">Updates in this 4.2.x Release</h2> - -<h3>4.2.3</h3> - -<p>This release fixes two security issues. See the - <a href="http://www.bugzilla.org/security/3.6.10/">Security Advisory</a> - for details.</p> - -<p>In addition, the following important fixes/changes have been made in this - release:</p> - -<ul> - <li>Attaching a file to [% terms.abug %] was broken due to a change in - Perl 5.16. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=771100">[% terms.Bug %] 771100</a>)</li> - <li>A regression in Bugzilla 4.2.2 made Oracle crash when - displaying a buglist. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=780028">[% terms.Bug %] 780028</a>)</li> - <li>It was possible to search on history for comments and attachments you - cannot see (though these private comments and attachments are never disclosed). - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=779709">[% terms.Bug %] 779709</a>)</li> - <li>PostgreSQL databases could be created with the wrong encoding despite - the utf8 parameter being enabled. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=783786">[% terms.Bug %] 783786</a>)</li> - <li>Scheduled whines could be sent at the wrong time on Oracle. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=559539">[% terms.Bug %] 559539</a>)</li> - <li>Tokens are no longer included in saved queries. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=772953">[% terms.Bug %] 772953</a>)</li> - <li>An admin could unintentionally break the display of buglists if a custom - field description contains a < or > character, because these characters - were not filtered. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=785917">[% terms.Bug %] 785917</a>)</li> - <li>Adding or removing a DB column in Oracle didn't handle SERIAL columns - correctly. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=731156">[% terms.Bug %] 731156</a>)</li> - <li>A minor CSRF vulnerability in token.cgi allowed possible unauthorized - password reset e-mail requests. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=706271">[% terms.Bug %] 706271</a>)</li> -</ul> - -<h3>4.2.2</h3> - -<p>This release fixes two security issues. See the - <a href="http://www.bugzilla.org/security/3.6.9/">Security Advisory</a> - for details.</p> - -<p>In addition, the following important fixes/changes have been made in this - release:</p> - -<ul> - <li>A regression introduced in Bugzilla 4.0 caused some login - names to be ignored when entered in the CC list of [% terms.bugs %]. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=756314">[% terms.Bug %] 756314</a>)</li> - <li>Some queries could trigger an invalid SQL query if strings entered by - the user contained leading or trailing whitespaces. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=760075">[% terms.Bug %] 760075</a>)</li> - <li>The auto-completion form for keywords no longer automatically selects - the first keyword in the list when the field is empty. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=764517">[% terms.Bug %] 764517</a>)</li> - <li>A regression in Bugzilla 4.2 prevented classifications - from being used in graphical and tabular reports in the "Multiple Tables" - field. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=753688">[% terms.Bug %] 753688</a>)</li> - <li>Attachments created by the <kbd>email_in.pl</kbd> script were associated - to the wrong comment. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=762785">[% terms.Bug %] 762785</a>)</li> - <li>Very long dependency lists can now be viewed correctly. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=762783">[% terms.Bug %] 762783</a>)</li> - <li>Keywords are now correctly escaped in the auto-completion form to prevent - any XSS abuse. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=754561">[% terms.Bug %] 754561</a>)</li> - <li>A regression introduced in Bugzilla 4.0rc2 when fixing - CVE-2011-0046 caused the "Un-forget the search" link to not work correctly - anymore when restoring a deleted saved search, because this link was - lacking a valid token. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=768870">[% terms.Bug %] 768870</a>)</li> - <li>Two minor CSRF vulnerabilities have been fixed which could let an attacker - alter your default search criteria in the Advanced Search page. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=754672">[% terms.Bugs %] 754672</a> - and <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=754673">754673</a>)</li> -</ul> - -<h3>4.2.1</h3> - -<p>This release fixes one security issue. See the - <a href="http://www.bugzilla.org/security/3.6.8/">Security Advisory</a> - for details.</p> - -<p>In addition, the following important fixes/changes have been made in this - release:</p> - -<ul> - <li>Due to a regression introduced when fixing CVE-2012-0453, if an XML-RPC - client sets the charset as part of its Content-Type header, we were - incorrectly rejecting the request. The header is now correctly parsed. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=731219">[% terms.Bug %] 731219</a>)</li> - <li>Email notifications about status changes in blockers were incorrectly - formatted. Several pieces of text were missing in the emails. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=731586">[% terms.Bug %] 731586</a>)</li> - <li>Many [% terms.bugs %] related to the searching system have been fixed. - (<a href="https://bugzilla.mozilla.org/buglist.cgi?bug_id=58179,715270,730984,731163,737436"> - [% terms.Bugs %] 58179, 715270, 730984, 731163 and 737436</a>)</li> - <li>When using the QuickSearch box, complex queries are now parsed correctly. - It also behaves correctly with non-ASCII characters (such as é, ä, ü, etc.). - (<a href="https://bugzilla.mozilla.org/buglist.cgi?bug_id=554819,663377,730207"> - [% terms.Bugs %] 554819, 663377 and 730207</a>)</li> - <li>The 'take' link besides the assignee field now works correctly when - the <kbd>usemenuforusers</kbd> parameter is turned on. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=734997">[% terms.Bug %] 734997</a>)</li> - <li>URLs in the 'Total' row at the bottom of tabular reports were broken - when JavaScript was enabled and a user field was used for the vertical - axis. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=731323">[% terms.Bug %] 731323</a>)</li> - <li>Some performance problems have been fixed for installations with many - products, components or versions. - (<a href="https://bugzilla.mozilla.org/buglist.cgi?bug_id=695514,731055"> - [% terms.Bugs %] 695514 and 731055</a>)</li> - <li>A new hook named <kbd>buglist_column_joins</kbd> has been added to let - extensions alter the <kbd>Bugzilla::Search::COLUMN_JOINS</kbd> hash. - Now more fields can be displayed as columns in buglists, in combination - with the already existing <kbd>buglist_columns</kbd> hook. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=743991">[% terms.Bug %] 743991</a>)</li> - <li>A new hook named <kbd>admin_editusers_action</kbd> has been added to let - extensions alter the behavior of <kbd>editusers.cgi</kbd>. This lets you add - new features to this script very easily. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=730794">[% terms.Bug %] 730794</a>)</li> -</ul> - -<h2 id="v42_req">Minimum Requirements</h2> - -<p>Any requirements that are new since 4.0.2 will look like - <span class="req_new">this</span>.</p> - -<ul> - <li><a href="#v42_req_perl">Perl</a></li> - <li><a href="#v42_req_mysql">For MySQL Users</a></li> - <li><a href="#v42_req_pg">For PostgreSQL Users</a></li> - <li><a href="#v42_req_oracle">For Oracle Users</a></li> - <li><a href="#v42_req_sqlite">For SQLite Users</a></li> - <li><a href="#v42_req_modules">Required Perl Modules</a></li> - <li><a href="#v42_req_optional_mod">Optional Perl Modules</a></li> - <li><a href="#v42_req_apache">Optional Apache Modules</a></li> -</ul> - -<h3 id="v42_req_perl">Perl</h3> - -<p>Perl v5.8.1</p> - -<h3 id="v42_req_mysql">For MySQL Users</h3> - -<ul> - <li>MySQL <span class="req_new">v5.0.15</span></li> - <li><strong>perl module:</strong> DBD::mysql <span class="req_new">v4.001</span></li> -</ul> - -<h3 id="v42_req_pg">For PostgreSQL Users</h3> - -<ul> - <li>PostgreSQL <span class="req_new">v8.03.0000</span></li> - <li><strong>perl module:</strong> DBD::Pg v1.45</li> -</ul> - -<h3 id="v42_req_oracle">For Oracle Users</h3> - -<ul> - <li>Oracle v10.02.0</li> - <li><strong>perl module:</strong> DBD::Oracle v1.19</li> -</ul> - -<h3 id="v42_req_sqlite">For SQLite Users</h3> - -<ul> - <li>SQLite v3.6.22</li> - <li><strong>perl module:</strong> DBD::SQLite v1.29</li> -</ul> - -<h3 id="v42_req_modules">Required Perl Modules</h3> - - -<table class="req_table"> - <tbody> - <tr> - <th>Module</th> - <th>Version</th> - </tr> - <tr> - <td>CGI</td> - <td>3.51</td> - </tr> - <tr> - <td>Digest::SHA</td> - <td>(Any)</td> - </tr> - <tr> - <td>Date::Format</td> - <td>2.21</td> - </tr> - <tr> - <td>DateTime</td> - <td>0.28</td> - </tr> - <tr> - <td>DateTime::TimeZone</td> - <td>0.71</td> - </tr> - <tr> - <td>DBI</td> - <td>1.614</td> - </tr> - <tr> - <td>Template</td> - <td>2.22</td> - </tr> - <tr> - <td>Email::Send</td> - <td>2.00</td> - </tr> - <tr> - <td>Email::MIME</td> - <td>1.904</td> - </tr> - <tr> - <td>URI</td> - <td class="req_new">1.37</td> - </tr> - <tr> - <td>List::MoreUtils</td> - <td>0.22</td> - </tr> - <tr> - <td class="req_new">Math::Random::ISAAC</td> - <td class="req_new">1.0.1</td> - </tr> - </tbody> -</table> - -<h3 id="v42_req_optional_mod">Optional Perl Modules</h3> - -<p>The following perl modules, if installed, enable various - features of Bugzilla:</p> - - -<table class="req_table"> - <tbody> - <tr> - <th>Module</th> - <th>Version</th> - <th>Enables Feature</th> - </tr> - <tr> - <td>GD</td> - <td>1.20</td> - <td>Graphical Reports, New Charts, Old Charts</td> - </tr> - <tr> - <td>Chart::Lines</td> - <td>2.1</td> - <td>New Charts, Old Charts</td> - </tr> - <tr> - <td>Template::Plugin::GD::Image</td> - <td>(Any)</td> - <td>Graphical Reports</td> - </tr> - <tr> - <td>GD::Text</td> - <td>(Any)</td> - <td>Graphical Reports</td> - </tr> - <tr> - <td>GD::Graph</td> - <td>(Any)</td> - <td>Graphical Reports</td> - </tr> - <tr> - <td>MIME::Parser</td> - <td>5.406</td> - <td>Move [% terms.Bugs %] Between Installations</td> - </tr> - <tr> - <td>LWP::UserAgent</td> - <td>(Any)</td> - <td>Automatic Update Notifications</td> - </tr> - <tr> - <td>XML::Twig</td> - <td>(Any)</td> - <td>Move [% terms.Bugs %] Between Installations, Automatic Update Notifications</td> - </tr> - <tr> - <td>PatchReader</td> - <td class="req_new">0.9.6</td> - <td>Patch Viewer</td> - </tr> - <tr> - <td>Net::LDAP</td> - <td>(Any)</td> - <td>LDAP Authentication</td> - </tr> - <tr> - <td>Authen::SASL</td> - <td>(Any)</td> - <td>SMTP Authentication</td> - </tr> - <tr> - <td>Authen::Radius</td> - <td>(Any)</td> - <td>RADIUS Authentication</td> - </tr> - <tr> - <td>SOAP::Lite</td> - <td>0.712</td> - <td>XML-RPC Interface</td> - </tr> - <tr> - <td>JSON::RPC</td> - <td>(Any)</td> - <td>JSON-RPC Interface</td> - </tr> - <tr> - <td>JSON::XS</td> - <td>2.0</td> - <td>Make JSON-RPC Faster</td> - </tr> - <tr> - <td>Test::Taint</td> - <td>(Any)</td> - <td>JSON-RPC Interface, XML-RPC Interface</td> - </tr> - <tr> - <td>HTML::Parser</td> - <td>3.67</td> - <td>More HTML in Product/Group Descriptions</td> - </tr> - <tr> - <td>HTML::Scrubber</td> - <td>(Any)</td> - <td>More HTML in Product/Group Descriptions</td> - </tr> - <tr> - <td class="req_new">Encode</td> - <td class="req_new">2.21</td> - <td>Automatic charset detection for text attachments</td> - </tr> - <tr> - <td class="req_new">Encode::Detect</td> - <td class="req_new">(Any)</td> - <td>Automatic charset detection for text attachments</td> - </tr> - <tr> - <td>Email::MIME::Attachment::Stripper</td> - <td>(Any)</td> - <td>Inbound Email</td> - </tr> - <tr> - <td>Email::Reply</td> - <td>(Any)</td> - <td>Inbound Email</td> - </tr> - <tr> - <td>TheSchwartz</td> - <td>(Any)</td> - <td>Mail Queueing</td> - </tr> - <tr> - <td>Daemon::Generic</td> - <td>(Any)</td> - <td>Mail Queueing</td> - </tr> - <tr> - <td>mod_perl2</td> - <td>1.999022</td> - <td>mod_perl</td> - </tr> - <tr> - <td>Apache2::SizeLimit</td> - <td class="req_new">0.96</td> - <td>mod_perl</td> - </tr> - </tbody> -</table> - -<h3 id="v42_req_apache">Optional Apache Modules</h3> - -<p>If you are using Apache as your webserver, Bugzilla can - take advantage of some Apache features if you have the below Apache - modules installed and enabled. Currently, - <a href="#v40_feat_js_css_update">certain Bugzilla features</a> - are enabled only if you have all of the following modules installed - and enabled:</p> - -<ul> - <li>mod_headers</li> - <li>mod_expires</li> - <li>mod_env</li> -</ul> - -<p>On most systems (but not on Windows), <kbd>checksetup.pl</kbd> is able to - tell whether or not you have these modules installed, and it will tell - you.</p> - - -<h2 id="v42_feat">New Features and Improvements</h2> - -<ul> - <li><a href="#v42_feat_sqlite">Experimental SQLite Support</a></li> - <li><a href="#v42_feat_attach">Creating an Attachment by Pasting Text Into - a Text Field</a></li> - <li><a href="#v42_feat_email">HTML [% terms.Bug %]mail</a></li> - <li><a href="#v42_feat_search">Improved Searching System</a></li> - <li><a href="#v42_feat_product">Disabling Old Components, Versions and Milestones</a></li> - <li><a href="#v42_feat_custom">Displaying a Custom Field Value Based on Multiple - Values of Another Field</a></li> - <li><a href="#v42_feat_audit">Auditing of All Changes Within Bugzilla</a></li> - <li><a href="#v42_feat_wai">Accessibility Improvements</a></li> - <li><a href="#v42_feat_other">Other Enhancements and Changes</a></li> -</ul> - -<h3 id="v42_feat_sqlite">Experimental SQLite Support</h3> - -<p>SQLite is now supported by Bugzilla and becomes the 4th supported - database besides MySQL, PostgreSQL and Oracle. SQLite support must be considered - as experimental, at least till the next major release.</p> - -<p>Note that use of SQLite is only recommended for small installations. Larger - installations should use MySQL, PostgreSQL, or Oracle.</p> - -<h3 id="v42_feat_attach">Creating an Attachment by Pasting Text Into a Text Field</h3> - -<p>You can now create a new attachment simply by pasting some text into a text - field, in addition to the normal upload process for attachments.</p> - -<h3 id="v42_feat_email">HTML [% terms.Bug %]mail</h3> - -<p>By default, [% terms.bug %]mails (email notifications about changes to - [%+ terms.bugs %]) are now sent in an HTML format that is more readable than - the old text format. Those who prefer the old text format can still choose it - in their Preferences, however.</p> - -<h3 id="v42_feat_search">Improved Searching System</h3> - -<p>The Custom Search section in the Advanced Search page has been redesigned - to work in a more sensible way. Complex queries are easier to build and have - more sensible results, as they are built using a more intuitive logic. - Some very complicated queries are still impossible to generate, though. - Things should improve in future releases.</p> - -<h3 id="v42_feat_product">Disabling Old Components, Versions and Milestones</h3> - -<p>Older components, versions and milestones can now be disabled. [% terms.Bugs %] - already using them are not affected, but these values will no longer be - available for new [% terms.bugs %].</p> - -<h3 id="v42_feat_custom">Displaying a Custom Field Value Based on Multiple Values - of Another Field</h3> - -<p>A custom field can now be displayed based on multiple values of another field. - (For example, one custom field could now appear in multiple products.) - Previously, you could only display a custom field based on a single value of - another field.</p> - -<h3 id="v42_feat_audit">Auditing of All Changes Within Bugzilla</h3> - -<p>Most changes made through the admin interface are now logged to the database, - in the <kbd>audit_log</kbd> table. There is no UI to access this table yet, - but developers are free to create their own tools to track changes made into - their installation. This is only a first step, and improvements are expected - in future releases.</p> - -<h3 id="v42_feat_wai">Accessibility Improvements</h3> - -<p>A project has started thanks to Francisco Donalisio from IBM to make - Bugzilla compliant with the W3C Web Accessibility Initiative - standards. A lot more work still needs to be done, but we expect a much - better compatibility for the next major release.</p> - -<h3 id="v42_feat_other">Other Enhancements and Changes</h3> - -<h4>Enhancements for Users</h4> - -<ul> - <li><strong>[% terms.Bugs %]:</strong> Users without editbugs privileges can - no longer remove other users from the CC list of [% terms.bugs %].</li> - <li><strong>[% terms.Bugs %]:</strong> Local [% terms.bug %] IDs are now valid - in the See Also field. Adding such an ID will also add a reciprocal link in - the other [% terms.bug %].</li> - <li><strong>[% terms.Bugs %]:</strong> After editing [% terms.abug %] or an - attachment, the URL is automatically changed to <kbd>show_bug.cgi</kbd> - instead of <kbd>post_bug.cgi</kbd>, <kbd>process_bug.cgi</kbd> or - <kbd>attachment.cgi</kbd> so that reloading the page (for instance when - restarting the web browser) displays the right page. This feature is supported - by Firefox, Chrome and Safari, but not by Internet Explorer 9.</li> - <li><strong>[% terms.Bugs %]:</strong> Inactive accounts are no longer - displayed in user fields when user-autocompletion is enabled.</li> - <li><strong>[% terms.Bugs %]:</strong> User-autocompletion is now much faster - on installations with many user accounts.</li> - <li><strong>[% terms.Bugs %]:</strong> The See Also field now accepts URLs - pointing to MantisBT, Trac, JIRA and the sourceforge.net b[%%]ug trackers.</li> - <li><strong>[% terms.Bugs %]:</strong> Displaying [% terms.abug %] with many - dependencies is now much faster.</li> - <li><strong>Attachments:</strong> The encoding of text files can be automatically - detected when uploading them as attachments.</li> - <li><strong>Attachments:</strong> Clickjacking could possibly occur in an attachment - Details page if a user attached a specially formatted HTML file. To fix this - potential problem, the Details page always displays the HTML source instead and - users can see rendered page by clicking on View.</li> - <li><strong>Flags:</strong> Changing the requestee of a flag no longer changes - the requester.</li> - <li><strong>Reports:</strong> If JavaScript is enabled in your web browser, - tabular reports are now sortable based on any displayed column.</li> - <li><strong>Dependency graphs:</strong> The <em>Show every [% terms.bug %] in - the system with dependencies</em> option has been removed.</li> - <li><strong>Searches:</strong> The columns displayed by default in - [%+ terms.bug %]lists have changed. These columns are now displayed by default - unless otherwise specified:<br> - <kbd>product | component | assignee | [% terms.bug %] status | resolution | - [%+ terms.bug %] summary | last change date</kbd><br> - This means that the priority, severity and operating system columns are no - longer displayed by default.</li> - <li><strong>Searches:</strong> [% terms.Bug %]lists will now only display the - first 500 [% terms.bugs %] by default. It is still possible to display the - whole list, though.</li> - <li><strong>Searches:</strong> When using relative dates and times, <kbd>-1w</kbd> - is now a synonym for <kbd>-7d</kbd> and means exactly 7 days. Previously, - <kbd>-1w</kbd> meant the beginning of the week, which was confusing some users. - The same confusion existed for <kbd>-1d</kbd> which was different from - <kbd>-24h</kbd>, and for <kbd>-1m</kbd> which was different from <kbd>-30d</kbd>. - Now if you really want the beginning of the day, week or month, you must use - <kbd>-1ds</kbd>, <kbd>-1ws</kbd>, and <kbd>-1ms</kbd> respectively, where - "s" means "start of". This change will affect existing saved searches using - relative dates.</li> - <li><strong>Searches:</strong> A new <em>Include fulltext when performing quick - searches</em> user preference has been added which permits users to include - or exclude comments when using quicksearches.</li> - <li><strong>Searches:</strong> It is now possible to query for [% terms.bugs %] - based on personal tags in the Custom Search section in the Advanced Search - page.</li> - <li><strong>Email notifications: </strong> The date and time of comments are no - longer displayed in the comment header in [% terms.bug%]mails. This information - is already available in the email header itself.</li> -</ul> - -<h4>Enhancements for Administrators and Developers</h4> - -<ul> - <li><strong>Installation:</strong> <kbd>checksetup.pl</kbd> is now much quieter - when creating a new database.</li> - <li><strong>Security:</strong> Bugzilla 4.0 is using - <kbd>Math::Random::Secure</kbd> to generate cryptographically secure - pseudorandom numbers, but it appeared that installing this Perl module from - CPAN caused a lot of trouble for some people due to its numerous dependencies. - So the RNG code has been rewritten to only depend on <kbd>Math::Random::ISAAC</kbd>, - which was already in use in previous versions of Bugzilla.</li> - <li><strong>Security:</strong> <kbd>X-Frame-Options = SAMEORIGIN</kbd> is now - passed to all page headers (except when viewing attachments, as they can be - on a different host) to protect users from framing and subsequent possible - clickjacking problems.</li> - <li><strong>Configuration:</strong> A new parameter <em>password_complexity</em> - has been added (default: no_constraints) which allows admins to force users - to use passwords with a higher complexity, such as a combination of uppercase - and lowercase letters, numbers and special characters, or a subset of them.</li> - <li><strong>Configuration:</strong> A new parameter <em>search_allow_no_criteria</em> - has been added (default: on) which allows admins to forbid queries with no - criteria. This is particularly useful for large installations with several - tens of thousands [% terms.bugs %] where returning all [% terms.bugs %] - doesn't make sense and would have a performance impact on the database.</li> - <li><strong>Configuration:</strong> A new parameter <em>default_search_limit</em> - has been added (default: 500) which limits the number of [% terms.bugs %] - displayed by default in a [% terms.bug%]list. The user can ask to see a larger - list, though.</li> - <li><strong>Configuration:</strong> A new parameter <em>max_search_results</em> - has been added (default: 10000) which limits the number of [% terms.bugs %] - a user can request at once in a [% terms.bug%]list. This is a hard limit and - a user cannot bypass this value.</li> - <li><strong>Configuration:</strong> A new parameter <em>ajax_user_autocompletion</em> - has been added (default: on) to allow administrators to disable auto-completion - when typing characters in user fields. This parameter should only be disabled - if your installation is unable to support the load generated by this feature.</li> - <li><strong>Configuration:</strong> The <em>config_modify_panels</em> hook now - lets you add additional parameters to existing parameters panels.</li> - <li><strong>Flags:</strong> Users with local editcomponents privileges can now - edit flag types for products they can administer.</li> - <li><strong>Quips:</strong> A new system group <em>bz_quip_moderators</em> has - been created to moderate quips. Till now, you had to be in the <em>admin</em> - group to do that.</li> - <li><kbd>importxml.pl</kbd> now inserts each comment separately into the imported - [%+ terms.bug %] instead of concatenating them all into a single comment.</li> - <li><kbd>email_in.pl</kbd> now ignores auto-submitted incoming emails (for - instance, all these "out of office" emails).</li> - <li>New code hooks: email_in_before_parse, email_in_after_parse, - install_filesystem, install_update_db_fielddefs, job_map, object_end_of_create, - quicksearch_map, user_preferences.</li> -</ul> - -<h4>WebService Changes</h4> - -<ul> - <li>Two new methods have been added: <kbd>Product.create</kbd> and - <kbd>Group.create</kbd>.</li> - <li><kbd>B[%%]ug.update</kbd> no longer throws an error when passing an empty - string to <kbd>see_also</kbd>. It now simply ignores this empty value.</li> - <li><kbd>Product.get</kbd> now also returns data about the classification it - belongs to as well as its components, milestones and versions. It also - returns the <kbd>default_milestone</kbd> and <kbd>has_unconfirmed</kbd> - attributes.</li> - <li>In <kbd>B[%%]ug.fields</kbd>, the <kbd>sortkey</kbd> attribute used in - <kbd>values</kbd> has been renamed to <kbd>sort_key</kbd>.</li> - <li>In <kbd>B[%%]ug.attachments</kbd> and <kbd>B[%%]ug.add_attachment</kbd>, - the <kbd>is_url</kbd> attribute no longer exists.</li> -</ul> - - -<h2 id="v42_issues">Outstanding Issues</h2> - -<ul> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=89822"> - [%- terms.Bug %] 89822</a>: When changing multiple [% terms.bugs %] at - the same time, there is no "mid-air collision" protection.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=276230"> - [%- terms.Bug %] 276230</a>: The support for restricting access to - particular Categories of New Charts is not complete. You should treat the - <em>chartgroup</em> parameter as the only access mechanism available.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=584742"> - [%- terms.Bug %] 584742</a>: When viewing [% terms.abug %], WebKit-based - browsers can automatically reset a field's selected value when the field - has disabled values.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=780053"> - [%- terms.Bug %] 780053</a>: Oracle crashes when listing keywords, tags - or flags in buglists.</li> -</ul> - - -<h2 id="v42_code_changes">Code Changes Which May Affect Customizations and Extensions</h2> - -<ul> - <li>The <kbd>email/newchangedmail.txt.tmpl</kbd> template is now fully templatized, - meaning that the diff table displaying changes in [% terms.bug %] fields is - now generated in the template itself. This means [% terms.bug %]mails are now - fully localizable.</li> - <li>The bugmail_recipients hook has been modified to pass <kbd>diffs</kbd> with - changes made to the [% terms.bug %] as well as <kbd>users</kbd> including - recipients of the email notification.</li> - <li>YUI has been upgraded to 2.9.0.</li> - <li>Due to the major code refactor of <kbd>B[%%]ugzilla/Search.pm</kbd>, any - customization made against this file will probably need to be rewritten.</li> - <li>The Bugzilla-specific <kbd>url_quote</kbd> filter used in templates - has been removed and replaced by the <kbd>uri</kbd> filter from Template::Toolkit - as they are now similar.</li> - <li><kbd>long_list.cgi</kbd>, <kbd>showattachment.cgi</kbd> and <kbd>xml.cgi</kbd> - have been removed from the codebase. As <a href="#v40_code_changes">announced</a> - in the release notes of Bugzilla 4.0, these scripts were deprecated - since Bugzilla 2.19.</li> - <li><kbd>sidebar.cgi</kbd> has been removed, because Gecko-based browsers no - longer support remote XUL, and its popularity is very low.</li> - <li><kbd>contrib/yp_nomail.sh</kbd> has been removed. This script is no longer - useful since Bugzilla 3.0.</li> - <li><kbd>contrib/bugzilla_ldapsync.rb</kbd> has been removed. This script didn't - work for a long time.</li> -</ul> - - -<h1 id="v42_previous">Bugzilla 4.0 Release Notes</h1> - -<ul class="bz_toc"> - <li><a href="#v40_introduction">Introduction</a></li> - <li><a href="#v40_point">Updates in this 4.0.x Release</a></li> - <li><a href="#v40_req">Minimum Requirements</a></li> - <li><a href="#v40_feat">New Features and Improvements</a></li> - <li><a href="#v40_issues">Outstanding Issues</a></li> - <li><a href="#v40_upgrading">Notes On Upgrading From a Previous Version</a></li> - <li><a href="#v40_code_changes">Code Changes Which May Affect - Customizations and Extensions</a></li> - <li><a href="#v40_previous">Release Notes for Previous Versions</a></li> -</ul> - -<h2 id="v40_introduction">Introduction</h2> - -<p>This is Bugzilla 4.0! Since 3.6 (our previous major - release) we've come a long way, and we've come even further compared to - 3.0 in 2007! Since Bugzilla 3.0, almost every major user - interface in Bugzilla has been redesigned, the WebServices have - evolved enormously, there's a great new Extensions system, and there - are hundreds of other new features. With the major redesigns that come - particularly in this release compared to 3.6, we felt that it was time to - call this release 4.0.</p> - -<p>It's not just major WebService and UI enhancements that are new in - Bugzilla 4.0—there are many other exciting new features, - including automatic duplicate detection, enhanced custom field - functionality, autocomplete for users, search improvements, and much - more. Overall, 4.0 is far and away the best version of Bugzilla - we've ever released.</p> - -<p>If you're upgrading, make sure to read <a href="#v40_upgrading">Notes - On Upgrading From a Previous Version</a>. If you are upgrading from a release - before 3.6, make sure to read the release notes for all the - <a href="#v40_previous">previous versions</a> in between your version - and this one, <strong>particularly the Upgrading section of each - version's release notes</strong>.</p> - -<p>We would like to thank - <a href="http://www.itasoftware.com/">ITA Software</a>, - the <a href="http://www.ibm.com/linux/ltc/">IBM Linux Technology Center</a>, - and <a href="http://www.redhat.com/">Red Hat</a> for funding the development - of certain features and improvements in this release of - Bugzilla.</p> - -<h2 id="v40_point">Updates in this 4.0.x Release</h2> - -<h3>4.0.2</h3> - -<p>This release fixes several security issues. See the - <a href="http://www.bugzilla.org/security/3.4.11/">Security Advisory</a> - for details.</p> - -<p>In addition, the following important fixes/changes have been made in this - release:</p> - -<ul> - <li>The <kbd>B[% %]ug.create</kbd> WebService method now throws an error if you - pass a group name which doesn't exist. In Bugzilla 4.0 and 4.0.1, - this group name was silently ignored, leaving your [% terms.bug %] unsecure - if no other group applied. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=653341">[% terms.Bug %] 653341</a>)</li> - <li>Moving several [% terms.bugs %] at once into another product displayed the - same confirmation page again and again, and changes were never committed - (regressed in 4.0). - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=663208">[% terms.Bug %] 663208</a>)</li> - <li>Marking [% terms.abug %] as a duplicate now works in Internet Explorer 9. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=656769">[% terms.Bug %] 656769</a>)</li> - <li><kbd>importxml.pl</kbd> no longer crashes when importing keywords (regressed - in 4.0). - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=657707">[% terms.Bug %] 657707</a>)</li> - <li>Data entered while reporting a new [% terms.bug %] could be lost if you had - to click the "Back" button of your web browser. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=652427">[% terms.Bug %] 652427</a>)</li> - <li>WebServices methods will return undefined [% terms.bug %] fields as undefined - instead of as an empty string. This change is consistent with how - Bugzilla 4.2 behaves. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=657561">[% terms.Bug %] 657561</a>)</li> - <li>The XML-RPC interface now works with SOAP::Lite 0.711 and 0.712 under mod_perl. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=600810">[% terms.Bug %] 600810</a>)</li> - <li>LWP 6.00 and newer require Perl 5.8.8 and above. When installing this module - using <kbd>install-module.pl</kbd> on a Perl installation older than 5.8.8, - LWP 5.837 will be installed instead. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=655912">[% terms.Bug %] 655912</a>)</li> - <li>Viewing [% terms.abug %] report should be significantly faster when your - installation has many custom fields. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=634812">[% terms.Bug %] 634812</a>)</li> -</ul> - -<h3>4.0.1</h3> - -<ul> - <li>During installation, the CPAN module Math::Random::Secure would - sometimes fail to install properly and give an error about - <kbd>Math::Random::Secure::irand</kbd>. Now, when using - <kbd>install-module.pl</kbd> to install Math::Random::Secure, this - will no longer happen. If you are currently experiencing this b[% %]ug - and it prevented you from installing 4.0, remove Math::Random::Secure - from your <kbd>lib/</kbd> directory, like: - <p><kbd>rm -rf lib/Math/Random/Secure*</kbd></p> - <p>(<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=646578">[% terms.Bug %] 646578</a>)</p></li> - <li>The "Remember values as bookmarkable template" button on the - [%+ terms.bug %] entry page will now work even when some required fields - are empty. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=640719">[% terms.Bug %] 640719</a>)</li> - <li>Email notifications about dependencies and flags had the wrong - timestamp. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=643910">[% terms.Bug %] 643910</a> - and (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=652165">[% terms.Bug %] 652165</a>)</li> - <li>You can now select "UTC" as a valid timezone in General Preferences. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=646209">[% terms.Bug %] 646209</a>)</li> - <li>Automatic duplicate detection now works on PostgreSQL (although - it is not as high-quality as on other DB platforms). - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=634144">[% terms.Bug %] 634144</a>)</li> - <li>Autcomplete for users now works even if you are using the - "emailsuffix" option. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=641519">[% terms.Bug %] 641519</a>)</li> - <li>Javascript errors during series creation in New Charts have been - fixed. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=644285">[% terms.Bug %] 644285</a>)</li> - <li>The "Show Votes" page now works, for installations using the Voting - extension. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=652381">[% terms.Bug %] 652381</a>)</li> -</ul> - -<h2 id="v40_req">Minimum Requirements</h2> - -<p>Any requirements that are new since 3.6.3 will look like - <span class="req_new">this</span>.</p> - -<ul> - <li><a href="#v40_req_perl">Perl</a></li> - <li><a href="#v40_req_mysql">For MySQL Users</a></li> - <li><a href="#v40_req_pg">For PostgreSQL Users</a></li> - <li><a href="#v40_req_oracle">For Oracle Users</a></li> - <li><a href="#v40_req_modules">Required Perl Modules</a></li> - <li><a href="#v40_req_optional_mod">Optional Perl Modules</a></li> - <li><a href="#v40_req_apache">Optional Apache Modules</a></li> -</ul> - -<h3 id="v40_req_perl">Perl</h3> - -<p>Perl v5.8.1</p> -<h3 id="v40_req_mysql">For MySQL Users</h3> - - <ul> - <li>MySQL v4.1.2</li> - <li><strong>perl module:</strong> DBD::mysql v4.00</li> - </ul> - -<h3 id="v40_req_pg">For PostgreSQL Users</h3> - - <ul> - <li>PostgreSQL v8.00.0000</li> - <li><strong>perl module:</strong> DBD::Pg v1.45</li> - </ul> - -<h3 id="v40_req_oracle">For Oracle Users</h3> - - <ul> - <li>Oracle v10.02.0</li> - <li><strong>perl module:</strong> DBD::Oracle v1.19</li> - </ul> - -<h3 id="v40_req_modules">Required Perl Modules</h3> - - <table class="req_table"> - <tbody> - <tr> - <th>Module</th><th>Version</th> - </tr> - <tr> - <td>CGI</td> - <td class="req_new">3.51</td> - </tr> - <tr> - <td>Digest::SHA</td> - <td>(Any)</td> - </tr> - <tr> - <td>Date::Format</td> - <td>2.21</td> - </tr> - <tr> - <td>DateTime</td> - <td>0.28</td> - </tr> - <tr> - <td>DateTime::TimeZone</td> - <td>0.71</td> - </tr> - <tr> - <td>DBI</td> - <td>1.41</td> - </tr> - <tr> - <td>Template</td> - <td>2.22</td> - </tr> - <tr> - <td>Email::Send</td> - <td>2.00</td> - </tr> - - <tr> - <td>Email::MIME</td> - <td class="req_new">1.904</td> - </tr> - <tr> - <td>URI</td> - <td>(Any)</td> - </tr> - <tr> - <td class="req_new">List::MoreUtils</td> - <td class="req_new">0.22</td> - </tr> - </tbody> - </table> - -<h3 id="v40_req_optional_mod">Optional Perl Modules</h3> - -<p>The following perl modules, if installed, enable various - features of Bugzilla:</p> - - <table class="req_table"> - <tbody> - <tr> - <th>Module</th><th>Version</th><th>Enables Feature</th> - </tr> - <tr> - <td>GD</td> - <td>1.20</td> - <td>Graphical Reports, New Charts, Old Charts</td> - </tr> - <tr> - <td>Chart::Lines</td> - <td>2.1</td> - <td>New Charts, Old Charts</td> - </tr> - <tr> - <td>Template::Plugin::GD::Image</td> - <td>(Any)</td> - <td>Graphical Reports</td> - </tr> - <tr> - <td>GD::Text</td> - <td>(Any)</td> - <td>Graphical Reports</td> - </tr> - <tr> - <td>GD::Graph</td> - <td>(Any)</td> - <td>Graphical Reports</td> - </tr> - <tr> - <td>MIME::Parser</td> - <td>5.406</td> - <td>Move [% terms.Bugs %] Between Installations</td> - </tr> - <tr> - <td>LWP::UserAgent</td> - <td>(Any)</td> - <td>Automatic Update Notifications</td> - </tr> - <tr> - <td>XML::Twig</td> - <td>(Any)</td> - <td>Move [% terms.Bugs %] Between Installations, Automatic Update - Notifications</td> - </tr> - <tr> - <td>PatchReader</td> - <td>0.9.4</td> - <td>Patch Viewer</td> - </tr> - <tr> - <td>Net::LDAP</td> - <td>(Any)</td> - <td>LDAP Authentication</td> - </tr> - <tr> - <td>Authen::SASL</td> - <td>(Any)</td> - <td>SMTP Authentication</td> - </tr> - <tr> - <td>Authen::Radius</td> - <td>(Any)</td> - <td>RADIUS Authentication</td> - </tr> - <tr> - <td>SOAP::Lite</td> - <td class="req_new">0.712</td> - <td>XML-RPC Interface</td> - </tr> - <tr> - <td>JSON::RPC</td> - <td>(Any)</td> - <td>JSON-RPC Interface</td> - </tr> - <tr> - <td class="req_new">JSON::XS</td> - <td class="req_new">2.0</td> - <td>Make JSON-RPC Faster</td> - </tr> - <tr> - <td>Test::Taint</td> - <td>(Any)</td> - <td>JSON-RPC Interface, XML-RPC Interface</td> - </tr> - <tr> - <td>HTML::Parser</td> - <td>3.40</td> - <td>More HTML in Product/Group Descriptions</td> - </tr> - <tr> - <td>HTML::Scrubber</td> - <td>(Any)</td> - <td>More HTML in Product/Group Descriptions</td> - </tr> - <tr> - <td>Email::MIME::Attachment::Stripper</td> - <td>(Any)</td> - <td>Inbound Email</td> - </tr> - <tr> - <td>Email::Reply</td> - <td>(Any)</td> - <td>Inbound Email</td> - </tr> - <tr> - <td>TheSchwartz</td> - <td>(Any)</td> - <td>Mail Queueing</td> - </tr> - <tr> - <td>Daemon::Generic</td> - <td>(Any)</td> - <td>Mail Queueing</td> - </tr> - <tr> - <td>mod_perl2</td> - <td>1.999022</td> - <td>mod_perl</td> - </tr> - <tr> - <td>Apache2::SizeLimit</td> - <td class="req_new">0.93</td> - <td>mod_perl</td> - </tr> - <tr> - <td class="req_new">Math::Random::Secure</td> - <td class="req_new">0.05</td> - <td>Improve cookie and token security</td> - </tr> - </tbody> - </table> - -<h3 id="v40_req_apache">Optional Apache Modules</h3> - -<p>If you are using Apache as your webserver, Bugzilla can - now take advantage of some Apache features if you have the below Apache - modules installed and enabled. Currently, - <a href="#v40_feat_js_css_update">certain Bugzilla features</a> - are enabled only if you have all of the following modules installed - and enabled:</p> - -<ul> - <li>mod_headers</li> - <li>mod_expires</li> - <li>mod_env</li> -</ul> - -<p>On most systems (but not on Windows), <kbd>checksetup.pl</kbd> is able to - tell whether or not you have these modules installed, and it will tell - you.</p> - -<h2 id="v40_feat">New Features and Improvements</h2> - -<ul> - <li><a href="#v40_feat_dup">Automatic Duplicate Detection When Filing - [%+ terms.Bugs %]</a></li> - <li><a href="#v40_feat_search_ui">New Advanced Search UI</a></li> - <li><a href="#v40_feat_attach_ui">New Attachment Details UI</a></li> - <li><a href="#v40_feat_autocomplete">Autocomplete for Users and - Keywords</a></li> - <li><a href="#v40_feat_ui">General Usability Improvements</a></li> - <li><a href="#v40_feat_workflow">New Default Status Workflow</a></li> - <li><a href="#v40_feat_lists">"Last Search" Now Remembers Multiple - Searches</a></li> - <li><a href="#v40_feat_jsonp">Cross-Domain WebServices with JSONP</a></li> - <li><a href="#v40_feat_ws">Major WebService Enhancements</a></li> - <li><a href="#v40_feat_mandatory">Mandatory Custom Fields</a></li> - <li><a href="#v40_feat_vot_ext">Voting Is Now An Extension</a></li> - <li><a href="#v40_feat_js_css_update">Users Get New CSS and Javascript - Automatically</a></li> - <li><a href="#v40_feat_hooks">Many New Hooks</a></li> - <li><a href="#v40_feat_apache_config">New Apache Configuration</a></li> - <li><a href="#v40_feat_other">Other Enhancements and Changes</a></li> -</ul> - -<h3 id="v40_feat_dup">Automatic Duplicate Detection When Filing - [%+ terms.Bugs %]</h3> - -<p>When filing [% terms.abug %], as soon as you start typing in the summary - field, Bugzilla will suggest possible duplicates of the - [%+ terms.bug %] you are filing.</p> - -<p>In order for this feature to work, all pre-requisites for JSON-RPC - support must be installed on your Bugzilla. It will be - much faster on installations that run under mod_perl than it will - be on other installations.</p> - -<h3 id="v40_feat_search_ui">New Advanced Search UI</h3> - -<p>Thanks to the UI work of <a href="http://guy-pyrzak.blogspot.com/">Guy - Pyrzak</a>, the Advanced Search UI has been completely redesigned. - It is now much simpler, and far more approachable for new users, while - still retaining all of the features that power users are used to.</p> - -<h3 id="v40_feat_attach_ui">New Attachment Details UI</h3> - -<p>The UI used for editing attachment details has been completely - redesigned, allowing for a normally-size comment box to be used - when commenting on attachments, and allowing nearly the entire screen - width to be used when doing code reviews or editing an attachment as - a comment.</p> - -<p>Thanks to <a href="http://guy-pyrzak.blogspot.com/">Guy Pyrzak</a> for - his excellent work on this UI redesign.</p> - -<h3 id="v40_feat_autocomplete">Autocomplete for Users and Keywords</h3> - -<p>Once you type at least three characters in any field that can contain a user - (including the [% field_descs.cc FILTER html %], - [%+ field_descs.qa_contact FILTER html %], or - [%+ field_descs.assigned_to FILTER html %] fields), a list will appear - containing all of the users whose real names or usernames match what you are - typing. Your Bugzilla must have all of the optional Perl - modules required for JSON-RPC support installed, though, in order for - this feature to work. Also, this feature will be <strong>much</strong> - faster on installations that run under mod_perl than it will be on - other installations.</p> - -<p>There is also a similar autocomplete for the Keywords field. The - Keywords autocomplete does not require JSON-RPC.</p> - -<h3 id="v40_feat_ui">General Usability Improvements</h3> - -<p>In addition to the enhancements listed above, there have been - <strong>many</strong> improvements made across the Bugzilla - user interface. For a list of specific enhancements that were significant, - see the <a href="#v40_feat_other">Other Enhancements and Changes</a> - section.</p> - -<h3 id="v40_feat_workflow">New Default Status Workflow</h3> - -<p>For new installations of Bugzilla, the default set of - statuses will now be:</p> - -<ul> - <li>UNCONFIRMED</li> - <li>CONFIRMED</li> - <li>IN_PROGRESS</li> - <li>RESOLVED</li> - <li>VERIFIED</li> -</ul> - -<p>And the UNCONFIRMED status will be enabled by default in all products.</p> - -<p>On upgrade, existing installations will not be affected--you will retain - your existing status workflow. However, we strongly recommend that you - update your existing workflow to the new one, using a special tool - we've included, <kbd>contrib/convert-workflow.pl</kbd>, which you - can run after you use <kbd>checksetup.pl</kbd> to upgrade. The - <kbd>whineatnews.pl</kbd> and <kbd>bugzilla-submit</kbd> scripts - will probably not work properly if you continue to use the old workflow - (though most other parts of Bugzilla will still function - normally).</p> - -<p>For more information about the workflow and our rationale for changing - it, see the - <a href="http://bugzillaupdate.wordpress.com/2010/07/06/bugzilla-4-0-has-a-new-default-status-workflow/">blog - post about it</a> and the - <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=486292">[% terms.bug %] - where the change was made</a>.</p> - -<h3 id="v40_feat_lists">"Last Search" Now Remembers Multiple Searches</h3> - -<p>At the top of every [% terms.bug %] in Bugzilla, there are - links that look like: "First", "Last", "Prev", "Next", and - "Show last search results". In earlier versions of Bugzilla, - if you did two separate searches in separate windows, these links would - only work for the <em>last</em> search you did. Now, Bugzilla - will "remember" which search result you came from and give you the right - "last search results" or "next [% terms.bug %]" from <em>that</em> list, - instead of always using your most recent search.</p> - -<p>There are still some situations where Bugzilla will have to - "guess" which search you are trying to navigate through, but it does its - best to get it right.</p> - -<h3 id="v40_feat_jsonp">Cross-Domain WebServices with JSONP</h3> - -<p>Bugzilla now supports making WebService calls from - another domain, inside of a web browser, thanks to support for - <a href="http://bob.pythonmac.org/archives/2005/12/05/remote-json-jsonp/">JSONP</a>. - This will allow for web "mash-ups" to use Bugzilla data. - When using JSONP, you may only call functions that <em>get</em> data, - you may not call functions that <em>change</em> data.</p> - -<p>For more details, see the - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Server/JSONRPC.html#JSONP">JSONP - section</a> of the JSON-RPC WebService documentation.</p> - -<h3 id="v40_feat_ws">Major WebService Enhancements</h3> - -<p>The WebService has been expanded considerably. The WebService should now be - able to do everything with [% terms.bugs %] that you can do via the - web interface, including updating [% terms.bugs %], adding attachments, - and getting attachment data. For specifics, see the - <a href="#v40_feat_ws_changes">WebService Changes</a> section of these - release notes.</p> - -<h3 id="v40_feat_mandatory">Mandatory Custom Fields</h3> - -<p>You can now specify that certain custom fields are "mandatory", - meaning that they must have a value when [% terms.abug %] is filed, - and they can never be empty after that.</p> - -<h3 id="v40_feat_vot_ext">Voting Is Now An Extension</h3> - -<p>All of the code for voting in Bugzilla has been moved - into an extension, called "Voting", in the <kbd>extensions/Voting/</kbd> - directory. To enable it, you must remove the <kbd>disabled</kbd> file - from that directory, and run <kbd>checksetup.pl</kbd>.</p> - -<p>In a future version of Bugzilla, the Voting extension will - be moved outside of the Bugzilla core code, so we are looking - for somebody who has an interest in the Voting system and would like to - maintain it as a separate extension. There are many enhancement requests - that have been made against the Voting system, and the best way for those - to get addressed is for somebody to step up and offer to maintain the - system outside of Bugzilla's core code.</p> - -<h3 id="v40_feat_js_css_update">Users Get New CSS and Javascript - Automatically</h3> - -<p>In past versions of Bugzilla, if you changed - Bugzilla's CSS or Javascript files, then every user of - Bugzilla would have to clear their cache in order to get - the updated files. Now, if you are using Apache as your webserver and - you have the <a href="#v40_req_apache">optional Apache modules</a> - installed and enabled, users will automatically get every new version of - Bugzilla's Javascript and CSS without having to clear - their caches.</p> - -<p>This feature also gives a slight performance speedup to - Bugzilla in some cases, and so we recommend that all - administrators install and enable the optional Apache modules if possible.</p> - -<h3 id="v40_feat_hooks">Many New Hooks</h3> - -<p>Many new code hooks have been added for use by Extensions, - in Bugzilla 4.0. Now Extensions can access and modify - nearly every part of Bugzilla.</p> - -<h3 id="v40_feat_apache_config">New Apache Configuration</h3> - -<p>If you run Bugzilla under Apache (as most people do), - you most likely require a <strong>new Apache configuration</strong> - for this version of Bugzilla. See the - <a href="#v40_upgrading">Notes On Upgrading From a Previous Version</a> - section for details.</p> - -<h3 id="v40_feat_other">Other Enhancements and Changes</h3> - -<h4>Enhancements for Users</h4> - -<ul> - <li>Now, everywhere in Bugzilla where you can enter a date, - there is a Calendar widget where you can select the date on a - calendar.</li> - <li>The big icons on the front page have been replaced with much nicer - icons, thanks to Jon Pink of <a href="http://www.jpink.co.uk/">J. Pink Design</a>!</li> - <li><strong>[% terms.Bugs %]:</strong> When filing [% terms.bugs %], - you will now be warned if you forgot to fill in any mandatory fields, - <em>before</em> the page is submitted.</li> - <li><strong>[% terms.Bugs %]:</strong> When filing [% terms.abug %], - you can hover your mouse over any of the field labels on the page - to get a brief description of what that field is and what its purpose - is.</li> - <li><strong>[% terms.Bugs %]:</strong> When adding Hours Worked to [% terms.abug %], - you are no longer required to comment.</li> - <li><strong>[% terms.Bugs %]:</strong> There is now a user preference - for whether the comment box appears above or below the existing - comments.</li> - <li><strong>[% terms.Bugs %]:</strong> Bugzilla will now - send an email for every comment that you mark or un-mark as being - private. (Previous versions of Bugzilla did not send emails - to users about this change.) The state of comments being made private - is also now stored in [% terms.abug %]'s history.</li> - <li><strong>[% terms.Bugs %]:</strong> The box to "Add [% terms.Bug %] URLs" - in the See Also field is now hidden behind an "(add)" link that you - have to click to see the box.</li> - - <li><strong>Searches:</strong> You can now properly search for field values - that have commas in their name, when using the Advanced Search form.</li> - <li><strong>Searches:</strong> The "URL" field can now be shown as a column - in search results.</li> - <li><strong>Searches:</strong> When viewing a search result, you can now - click on the Summary of the [% terms.bug %] in order to go to the - [%+ terms.bug %]-view page, in addition to being able to click on the - [%+ terms.bug %] ID.</li> - <li><strong>Searches:</strong> When doing a search using the "quicksearch" - box in the header or footer, the box will still contain what you searched - for when viewing the search results page.</li> - <li><strong>Searches:</strong> Multi-select custom fields can now be - shown as columns in the search results.</li> - <li><strong>Searches:</strong> When using the Boolean Charts (now called - "Custom Search"), if you specify both a criterion for an attachment - and a criteron for a flag, then only [% terms.bugs %] that have - attachments with that flag will be found.</li> - <li><strong>Searches:</strong> If you hover your mouse over the field labels - on the Advanced Search page, you will get a description of what that - field is.</li> - <li><strong>Searches:</strong> When searching via a saved search, if you - accidentally click on "Forget Search", there is a link to undo it.</li> - <li><strong>Searches:</strong> When using the Boolean Charts (now called - "Custom Search"), you can search for values "greater than or equal to" - or "less than or equal to" some value.</li> - - <li><strong>Flags:</strong> If you hover your mouse over the name of - a flag setter when viewing [% terms.abug %], you can see that - flag setter's full name and complete username.</li> - <li><strong>Flags:</strong> When setting a flag on [% terms.abug %], - the box for entering a requestee does not appear until you set the flag - to "?", now.</li> - <li><strong>Flags:</strong> On the "My Requests" page, [% terms.bugs %] - that are restricted to certain groups now properly have the "padlock" - icon shown next to them to indicate that they may contain confidential - information.</li> - - <li>When using the Reports interface, you can now choose many more fields - as the X, Y, or Z axis of a report, including custom fields.</li> - <li>Bugzilla now prevents - Internet Explorer 8 and later from attempting to render - <kbd>text/plain</kbd> attachments as HTML.</li> - <li>If you receive a Whine mail that is empty, there will now be a brief - message explaining that your search found no results.</li> - <li>The <a href="page.cgi?id=fields.html">Field Help Page</a> now - contains a description of every single field that can be on - [%+ terms.abug %] in Bugzilla.</li> -</ul> - -<h4>Enhancements for Administrators and Developers</h4> - -<ul> - <li>The system for moving [% terms.bugs %] between installations has been - moved into an extension called <kbd>OldBugMove</kbd>. This system was used - by very few Bugzilla installations--if you aren't certain - whether or not you are using it, you're not using it. To enable the system, - you have to remove the file <kbd>extensions/OldBugMove/disabled</kbd> - and then run <kbd>checksetup.pl</kbd>. In a future version of Bugzilla, - this extension may be moved outside of the core Bugzilla code, - so if you are interested in maintaining it, please let us know.</li> - <li><strong>Custom Fields: </strong> "[% terms.Bug %] ID" custom fields can - now represent relationships between [% terms.bugs %], similarly to how the - [%+ field_descs.blocked FILTER html %] and - [%+ field_descs.dependson FILTER html %] fields work now.</li> - <li><strong>Custom Fields:</strong> You can now restrict the visibility - of custom fields and their values to a specific Component or - Classification.</li> - <li>The "keyword cache" has been removed. When you edit keywords, you no - longer will have to "rebuild the keyword cache" after you are done.</li> - <li>Running <kbd>./collectstats.pl --regenerate</kbd> will now take - minutes or hours, instead of days.</li> - <li>When using <kbd>email_in.pl</kbd>, there are two new switches, - <kbd>--default</kbd> and <kbd>--override</kbd>, which allow you to - specify certain default values or override specified values for - <kbd>@field</kbd> values sent in emails. (This also allows you to specify - defaults for everything so that people do not have to specify any field - values when filing [% terms.abug %] via email.)</li> - <li><strong>Installation:</strong> If you are using a localized version of - Bugzilla and your terminal does not understand Unicode, - <kbd>checksetup.pl</kbd> will now attempt to output its messages in your - terminal's character set.</li> - <li><strong>Installation:</strong> Bugzilla no longer needs empty - "placeholder" CSS in the <kbd>skins/custom</kbd> directory and other - directories. When you update, <kbd>checksetup.pl</kbd> will remove these. - This also significantly reduces the number of HTTP requests required to - load a page for the first time in Bugzilla.</li> - <li><strong>Installation:</strong> For Windows users, Bugzilla - now supports Strawberry Perl fully.</li> - <li><strong>Installation:</strong> Now, whenever <kbd>checksetup.pl</kbd> - throws an error, it will be printed in the color red, to make it - obvious that something is wrong.</li> - <li><strong>Installation:</strong> Some actions of <kbd>checksetup.pl</kbd> were - silent, in the past. Now, <kbd>checksetup.pl</kbd> will print a message for - almost anything it does.</li> - <li><strong>Installation:</strong> The process of adding foreign keys - to a table is now much faster. This will particularly improve the speed - of upgrading from Bugzilla 3.4 or earlier.</li> - <li>If you are using <kbd>jobqueue.pl</kbd> and email gets heavily delayed - for some reason, those emails will now have a Date header reflecting the - time they were <em>supposed</em> to be sent, instead of when they actually - <em>were</em> sent.</li> - <li><kbd>./jobqueue.pl install</kbd> now works on SuSE Linux.</li> - <li>Bugzilla now runs much better in Apache's suexec mode - than it used to. As part of this, <kbd>checksetup.pl</kbd> sets - much stricter permissions on all the files in Bugzilla - than it used to. In particular, any files that Bugzilla - does not know about will not be readable by the webserver.</li> - <li>The <kbd>sendmailnow</kbd> parameter has been removed, as it was - not necessary for any modern version of Sendmail or other Mail Transfer - Agent.</li> - <li>When editing a user via the Users administration panel, you can now - see if they are a Default CC on any component.</li> - <li>For new installations of Bugzilla, all users will be - able to see and use the Whining system by default.</li> - <li>When you are using SSL with Bugzilla, you can now - turn on the <kbd>strict_transport_security</kbd> parameter to - send the - <a href="https://developer.mozilla.org/en/Security/HTTP_Strict_Transport_Security">Strict-Transport-Security</a> - header with every HTTPS connection, for additional security.</li> - <li>New code hooks (see their documentation in - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Hook.html">Bugzilla::Hook</a>): - bug_check_can_change_field, search_operator_field_override, - bugmail_relationships, object_columns, object_update_columns, - and object_validators. The colchange_columns hook has been removed, - as it is no longer necessary (buglist_columns will be used for data - about which columns can be on the [% terms.bug %] list).</li> - <li>When Bugzilla throws certain types of errors, it will - now include a "traceback" of where exactly the error occurred in the - code, to help administrators and developers debug problems.</li> - <li>There is now a test, <kbd>xt/search.t</kbd>, that assures that all - of the functionality of <kbd>Bugzilla::Search</kbd> is working properly. - If you customize the search functionality of Bugzilla, - you may wish to run this test to assure that your changes are correct. - You can see more information about running this test by doing - <kbd>perldoc xt/search.t</kbd> at the command line.</li> - <li>Bugzilla now sends the - <a href="https://developer.mozilla.org/en/the_x-frame-options_response_header"><code>X-Frame-Options: SAMEORIGIN</code></a> header - with every page request in order to prevent "clickjacking" attacks. Note - that this prevents other domains from displaying Bugzilla - in an HTML frame.</li> -</ul> - -<h4 id="v40_feat_ws_changes">WebService Changes</h4> - -<ul> - <li>You can now call some JSON-RPC methods using HTTP GET, in addition to - using HTTP POST. See the - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Server/JSONRPC.html#Connecting_via_GET">JSON-RPC - documentation</a> for details.</li> - <li>You can now update existing [% terms.bugs %] using the - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bug.html#update">B[% %]ug.update</a> - function.</li> - <li>You can now add attachments to [% terms.bugs %] using the - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bug.html#add_attachment">B[% %]ug.add_attachment</a> - function.</li> - <li>The <kbd>B[% %]ug.get</kbd> function now returns all of [% terms.abug %]'s - information other than comments and attachments.</li> - <li><kbd>B[% %]ug.get</kbd> no longer returns the <kbd>internals</kbd> hash.</li> - <li>The <kbd>B[% %]ug.attachments</kbd> function now also returns attachment - data.</li> - <li>The following functions now support the <kbd>include_fields</kbd> - and <kbd>exclude_fields</kbd> arguments: <kbd>B[% %]ug.get</kbd>, - <kbd>B[% %]ug.search</kbd>, and <kbd>B[% %]ug.attachments</kbd>. Also, - server-side performance of the WebService is actually increased when - using these arguments, now, as Bugzilla will no longer - get data from the database for fields you haven't asked for.</li> - <li>You can now mark the initial description of [% terms.abug %] as - private when filing [% terms.abug %] via the <kbd>B[% %]ug.create</kbd> - function.</li> - <li>You can now specify groups to put [% terms.abug %] in, in the - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bug.html#create">B[% %]ug.create</a> - function. (This also means that you can specify groups when filing - [%+ terms.abug %] via email_in.pl.)</li> - <li>The <kbd>User.get</kbd> function now accepts <kbd>groups</kbd> - and <kbd>group_ids</kbd> arguments, to limit the returned values to - only users in the specified groups.</li> - <li>There is a new, undocumented B[% %]ug.possible_duplicates - function that helps implement the automatic duplicate detection - system. Because this function is not documented, its API may change - between releases of Bugzilla.</li> - <li>You can no longer search using the <kbd>votes</kbd> argument in - <kbd>B[% %]ug.search</kbd>.</li> - <li><kbd>B[% %]ug.attachments</kbd> now returns the attachment's description - using the name "summary" instead of the name "description", to be - consistent with the fact that [% terms.bug %] summaries are called - "summary". The value is still <em>also</em> returned as "description", - for backwards compatibility, but this backwards compatibility will go - away in Bugzilla 5.0.</li> - <li>In the return values of various <kbd>B[% %]ug</kbd> functions, the author - of comments, [% terms.bugs %], and attachments is now called "creator", - instead of sometimes being called "reporter", "author", or "attacher". - The old names are retained for backwards-compatibility, and will stay - around until Bugzilla 5.0.</li> -</ul> - -<h2 id="v40_issues">Outstanding Issues</h2> - -<ul> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=423439"> - [%- terms.Bug %] 423439</a>: Tabs in comments will be converted - to four spaces, due to a b<!-- -->ug in Perl as of Perl 5.8.8.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=89822"> - [%- terms.Bug %] 89822</a>: When changing multiple [% terms.bugs %] at - the same time, there is no "mid-air collision" protection.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=276230"> - [%- terms.Bug %] 276230</a>: The support for restricting access to - particular Categories of New Charts is not complete. You should treat - the 'chartgroup' Param as the only access mechanism available.<br> - However, charts migrated from Old Charts will be restricted to - the groups that are marked MANDATORY for the corresponding Product. - There is currently no way to change this restriction, and the - groupings will not be updated if the group configuration - for the Product changes.</li> -</ul> - -<h2 id="v40_upgrading">Notes On Upgrading From a Previous Version</h2> - -<h3>IMPORTANT: Apache Configuration Change</h3> - -<h4>mod_cgi</h4> - -<p>If you run Bugzilla under mod_cgi (this is the most common - configuration, involving a <Directory> block in your Apache config - file), you will need to update the configuration of Apache for - Bugzilla. In particular, this line in the Bugzilla - <kbd><Directory></kbd> block:</p> - -<blockquote><code>AllowOverride Limit</code></blockquote> - -<p>needs to become:</p> - -<blockquote><code>AllowOverride Limit FileInfo Indexes</code></blockquote> - -<p>For full details on how to configure Apache for Bugzilla, - see the - <a href="[% docs_urlbase FILTER html %]configuration.html#http-apache">Configuration</a> - section of the Bugzilla Guide.</p> - -<h4>mod_perl</h4> - -<p>If your Bugzilla runs under mod_perl, the required Apache - configuration is now simpler. The line that used to look like:</p> - -<blockquote><code>PerlSwitches -w -T -I/var/www/html/bugzilla - -I/var/www/html/bugzilla/lib</code></blockquote> - -<p>Now should be only:</p> - -<blockquote><code>PerlSwitches -w -T</code></blockquote> - -<p>The <code>PerlConfigRequire</code> line should stay the same, however.</p> - -<h3>New .htaccess file</h3> - -<p>In previous versions of Bugzilla, there was a file - in Bugzilla's root directory called ".htaccess" that was - generated by <kbd>checksetup.pl</kbd>. This file is now shipped with - Bugzilla instead of being generated during installation.</p> - -<p>If you update via CVS or bzr, you will get a message that your existing - .htaccess file conflicts with the new one. You must - <strong>remove your existing .htaccess file</strong> and use the new one - instead. Continuing to use your old .htaccess file will cause certain new - features of Bugzilla to not work properly, and may also lead - to security issues for your system in the future.</p> - -<h2 id="v40_code_changes">Code Changes Which May Affect Customizations and - Extensions</h2> - -<ul> - <li>In Extensions, if you want to serve files to the user via the web, - they must now be in a <kbd>web/</kbd> subdirectory of your Extension. - (For example, <kbd>extensions/Foo/web/</kbd>). <kbd>checksetup.pl</kbd> - sets permissions on extensions much more strictly now, and files in - other locations (such as your base <kbd>extensions/Foo/</kbd> directory) - will no longer be available to Bugzilla users via the web - under certain configurations.</li> - <li>Previous versions of Bugzilla used to allow putting a - single file into the "skins" directory and having that be an entire - skin. That is no longer allowed, and on upgrade, <kbd>checksetup.pl</kbd> - will convert any such skins into a directory with a single - <kbd>global.css</kbd> file in them.</li> - <li>When updating [% terms.bugs %], you should now use - <code>$bug->set_all</code> instead of using the individual - <kbd>set_</kbd> methods. In particular, <kbd>set_all</kbd> is now the - <em>only</em> way to set the product of [% terms.abug %]. See - <kbd>process_bug.cgi</kbd> for an example of how <kbd>set_all</kbd> - should be used.</li> - <li>You should not insert <script> tags and <link> CSS tags - into HTML anymore, in Extensions or in your customizations. Instead, - you should push new values into the <kbd>style_urls</kbd> or - <kbd>javascript_urls</kbd> parameters. If you have to insert manual - tags for some reason, be sure to call "FILTER mtime" on the URL. (Search - for other uses of "FILTER mtime" in the templates to see how it is - used.)</li> - <li>When calling <kbd>Bugzilla::BugMail::Send</kbd>, the "changer" - argument must now be a <kbd>Bugzilla::User</kbd> object, not just - a login name. The "owner" and "qacontact" arguments are still - just login names.</li> - <li>When creating a new subclass of Bugzilla::Object, you should no - longer use <kbd>UPDATE_VALIDATORS</kbd>. Also, in most cases you will - no longer need to override <kbd>run_create_validators</kbd>. Instead, - there is a new constant called - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Object.html#VALIDATOR_DEPENDENCIES">VALIDATOR_DEPENDENCIES</a>, - that specifies that certain fields have to be validated before other fields. - Then, all validators receive each already-validated value in a hash - as their fourth argument, so each validator can know the other values - that were passed in, while an object is being created. For an example of - how to use <kbd>VALIDATOR_DEPENDENCIES</kbd>, see - <kbd>Bugzilla/Field.pm</kbd>.</li> - <li>In previous versions of Bugzilla, you had to call - <code>Bugzilla->template_inner("")</code> after any time - that you called <kbd>template_inner</kbd> for a specific language. - It is no longer necessary to do this second <kbd>template_inner</kbd> - call.</li> - <li><kbd>post_bug.cgi</kbd> and <kbd>Bugzilla::Bug->create</kbd> now take - the <em>names</em> of groups instead of group ids.</li> - <li>Bugzilla::Bugmail now uses Bugzilla::Bug objects internally instead of - a lot of direct SQL.</li> - <li>For sending changes about [% terms.bugs %], there is now a method - called <kbd>send_changes</kbd> that you can call on Bugzilla::Bug - objects. For an example of its use, see <kbd>process_bug.cgi</kbd>.</li> - <li>The <kbd>Bugzilla::Search</kbd> class has been refactored, and should - now be easier to customize.</li> - <li>The <kbd>Bugzilla::Util::lsearch</kbd> function is gone. Use - <kbd>firstidx</kbd> from <kbd>List::MoreUtils</kbd>, instead.</li> - <li>Bugzilla now includes YUI 2.8.2.</li> - <li><kbd>long_list.cgi</kbd>, <kbd>showattachment.cgi</kbd> and - <kbd>xml.cgi</kbd> are deprecated scripts which are no longer actively - used since Bugzilla 2.19. These scripts will be removed in - Bugzilla 4.2.</li> -</ul> - -<h2 id="v40_previous">Release Notes For Previous Versions</h2> - -<p><a href="page.cgi?id=release-notes3.html">Release Notes for - Bugzilla 3.x and Earlier</a></p> - [% INCLUDE global/footer.html.tmpl %] [% BLOCK db_req %] diff --git a/template/en/default/pages/release-notes3.html.tmpl b/template/en/default/pages/release-notes3.html.tmpl deleted file mode 100644 index 1dbbde8cb..000000000 --- a/template/en/default/pages/release-notes3.html.tmpl +++ /dev/null @@ -1,3504 +0,0 @@ -[%# This Source Code Form is subject to the terms of the Mozilla Public - # License, v. 2.0. If a copy of the MPL was not distributed with this - # file, You can obtain one at http://mozilla.org/MPL/2.0/. - # - # This Source Code Form is "Incompatible With Secondary Licenses", as - # defined by the Mozilla Public License, v. 2.0. - #%] - -[% SET title = "Bugzilla 3.6 Release Notes" %] -[% INCLUDE global/header.html.tmpl - title = title - bodyclasses = ['narrow_page'] -%] - -<h3>Release Notes For Newer Versions</h3> - -<p>Release notes for versions of Bugzilla of the 4.x series are - available <a href="page.cgi?id=release-notes.html">here</a>.</p> - -<h1>[% title FILTER html %]</h1> - -<ul class="bz_toc"> - <li><a href="#v36_introduction">Introduction</a></li> - <li><a href="#v36_point">Updates in this 3.6.x Release</a></li> - <li><a href="#v36_req">Minimum Requirements</a></li> - <li><a href="#v36_feat">New Features and Improvements</a></li> - <li><a href="#v36_issues">Outstanding Issues</a></li> - <li><a href="#v36_upgrading">Notes On Upgrading From a Previous Version</a></li> - <li><a href="#v36_code_changes">Code Changes Which May Affect - Customizations</a></li> - <li><a href="#v36_previous">Release Notes for Previous Versions</a></li> -</ul> - -<h2 id="v36_introduction">Introduction</h2> - -<p>Welcome to Bugzilla 3.6! The focus of the 3.6 release is - on improving usability and "polishing up" all our features (by adding - some pieces that were "missing" or always wanted), although we - also have a few great new features for you, as well!</p> - -<p>If you're upgrading, make sure to read <a href="#v36_upgrading">Notes - On Upgrading From a Previous Version</a>. If you are upgrading from a release - before 3.4, make sure to read the release notes for all the - <a href="#v36_previous">previous versions</a> in between your version - and this one, <strong>particularly the Upgrading section of each - version's release notes</strong>.</p> - -<p>We would like to thank <a href="http://www.canonical.com/">Canonical - Ltd.</a>, <a href="http://www.itasoftware.com/">ITA Software</a>, - the <a href="http://www.ibm.com/linux/ltc/">IBM Linux Technology Center</a>, - <a href="http://www.redhat.com/">Red Hat</a>, and - <a href="http://www.novell.com/">Novell</a> for funding the development - of various features and improvements in this release of - Bugzilla.</p> - -<h2 id="v36_point">Updates in this 3.6.x Release</h2> - -<h3>3.6.2</h3> - -<p>This release fixes various security issues. See the - <a href="http://www.bugzilla.org/security/3.2.7/">Security Advisory</a> - for details.</p> - -<p>In addition, the following important fixes/changes have been made in - this release:</p> - -<ul> - <li>Bugzilla installations running on older versions of IIS - will no longer experience the "Undef to trick_taint" errors that would - sometimes occur. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=521416">[% terms.Bug %] 521416</a>) - </li> - <li>Email notifications were missing the dates that comments were made. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=578003">[% terms.Bug %] 578003</a>) - </li> - <li>Putting a phrase in quotes in the Quicksearch box now works properly, - again. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=578494">[% terms.Bug %] 578494</a> - and <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=553884">[% terms.Bug %] 553884</a>) - </li> - <li>Quicksearch was usually (incorrectly) being limited to 200 results. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=581622">[% terms.Bug %] 581622</a>) - </li> - <li>On Windows, <kbd>install-module.pl</kbd> can now properly install - DateTime and certain other Perl modules that didn't install properly - before. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=576105">[% terms.Bug %] 576105</a>) - </li> - <li>Searching "keywords" for "contains none of the words" or "does not - match regular expression" now works properly. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=562014">[% terms.Bug %] 562014</a>) - </li> - <li>Doing <kbd>collectstats.pl --regenerate</kbd> now works on installations - using PostgreSQL. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=577058">[% terms.Bug %] 577058</a>) - </li> - <li>The "Field Values" administrative control panel was sometimes denying - admins the ability to delete field values when there was no reason - to deny the deletion. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=577054">[% terms.Bug %] 577054</a>) - </li> - <li>Eliminate the "uninitialized value" warnings that would happen when - editing a product's components. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=576911">[% terms.Bug %] 576911</a>) - </li> - <li>The updating of bugs_fulltext that happens during - <kbd>checksetup.pl</kbd> for upgrades to 3.6 should now be MUCH faster. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=577754">[% terms.Bug %] 577754</a>) - </li> - <li><kbd>email_in.pl</kbd> was not allowing the setting of time-tracking - fields via inbound emails. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=583622">[% terms.Bug %] 583622</a>) - </li> -</ul> - -<h3>3.6.1</h3> - -<p>This release fixes two security issues. See the - <a href="http://www.bugzilla.org/security/3.2.6/">Security Advisory</a> - for details.</p> - -<p>In addition, the following important fixes/changes have been made in - this release:</p> - -<ul> - <li>Using the "Change Columns" page would sometimes result in a - plain-text page instead of HTML. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=376044">[% terms.Bug %] 376044</a>) - </li> - <li>Extensions that have only templates and no code are now working. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=562551">[% terms.Bug %] 562551</a>) - </li> - <li><kbd>install-module.pl</kbd> has been fixed so that it installs - modules properly on both new and old versions of Perl. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=560318">[% terms.Bug %] 560318</a> - and <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=560330">[% terms.Bug %] 560330</a>) - </li> - <li>It is now possible to upgrade from 3.4 to 3.6 when using Oracle. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=561379">[% terms.Bug %] 561379</a>) - </li> - <li>Editing a field value's name (using the Field Values admin control - panel) wasn't working if the value was set as the default for that - field. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=561296">[% terms.Bug %] 561296</a>) - </li> - <li>If you had the <kbd>noresolveonopenblockers</kbd> parameter set, - [%+ terms.bugs %] couldn't be edited at all if they were marked FIXED - and had any open blockers. (The parameter is only supposed to prevent - <em>changing</em> [% terms.bugs %] to FIXED, not modifying already-FIXED - [%+ terms.bugs %].) - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=565314">[% terms.Bug %] 565314</a>) - </li> - <li>Some minor issues with Perl 5.12 were fixed (mostly warnings that Perl - 5.12 was throwing). Bugzilla now supports Perl 5.12.</li> -</ul> - -<h2 id="v36_req">Minimum Requirements</h2> - -<p>Any requirements that are new since 3.4.5 will look like - <span class="req_new">this</span>.</p> - -<ul> - <li><a href="#v36_req_perl">Perl</a></li> - <li><a href="#v36_req_mysql">For MySQL Users</a></li> - <li><a href="#v36_req_pg">For PostgreSQL Users</a></li> - <li><a href="#v36_req_oracle">For Oracle Users</a></li> - <li><a href="#v36_req_modules">Required Perl Modules</a></li> - <li><a href="#v36_req_optional_mod">Optional Perl Modules</a></li> -</ul> - -<h3 id="v36_req_perl">Perl</h3> - -<p>Perl v5.8.1</p> - -<h3 id="v36_req_mysql">For MySQL Users</h3> - - <ul> - <li>MySQL - v4.1.2 - </li> - <li><strong>perl module:</strong> - DBD::mysql v4.00</li> - </ul> - -<h3 id="v36_req_pg">For PostgreSQL Users</h3> - - <ul> - <li>PostgreSQL - v8.00.0000 - </li> - <li><strong>perl module:</strong> - DBD::Pg v1.45</li> - </ul> -<h3 id="v36_req_oracle">For Oracle Users</h3> - - <ul> - <li>Oracle - v10.02.0 - </li> - <li><strong>perl module:</strong> - DBD::Oracle v1.19</li> - </ul> - -<h3 id="v36_req_modules">Required Perl Modules</h3> - -<table class="req_table"> - <tr> - <th>Module</th> <th>Version</th> - </tr> - <tr> - <td >CGI</td> - <td >3.21 - </td> - </tr> - <tr> - <td >Digest::SHA</td> - <td > - (Any) - </td> - </tr> - <tr> - <td >Date::Format</td> - <td >2.21 - </td> - </tr> - <tr> - <td >DateTime</td> - <td >0.28 - </td> - </tr> - <tr> - <td >DateTime::TimeZone</td> - <td >0.71 - </td> - </tr> - <tr> - <td >DBI</td> - <td >1.41 - </td> - </tr> - <tr> - <td >Template</td> - <td >2.22 - </td> - </tr> - <tr> - <td >Email::Send</td> - <td >2.00 - </td> - </tr> - <tr> - <td >Email::MIME</td> - <td >1.861 - </td> - </tr> - <tr> - <td >Email::MIME::Encodings</td> - <td >1.313 - </td> - </tr> - <tr> - <td >Email::MIME::Modifier</td> - <td >1.442 - </td> - </tr> - <tr> - <td >URI</td> - <td > - (Any) - </td> - </tr> -</table> - -<h3 id="v36_req_optional_mod">Optional Perl Modules</h3> - -<p>The following perl modules, if installed, enable various - features of Bugzilla:</p> - -<table class="req_table"> - <tr> - <th>Module</th> <th>Version</th> - <th>Enables Feature</th> - </tr> - <tr> - <td >GD</td> - <td >1.20 - </td> - <td>Graphical Reports, New Charts, Old Charts</td> - </tr> - <tr> - <td >Chart::Lines</td> - <td class="req_new">2.1 - </td> - <td>New Charts, Old Charts</td> - </tr> - <tr> - <td >Template::Plugin::GD::Image</td> - <td > - (Any) - </td> - <td>Graphical Reports</td> - </tr> - <tr> - <td >GD::Text</td> - <td > - (Any) - </td> - <td>Graphical Reports</td> - </tr> - <tr> - <td >GD::Graph</td> - <td > - (Any) - </td> - <td>Graphical Reports</td> - </tr> - <tr> - <td >XML::Twig</td> - <td > - (Any) - </td> - <td>Move [% terms.Bugs %] Between Installations, - Automatic Update Notifications</td> - </tr> - <tr> - <td >MIME::Parser</td> - <td >5.406 - </td> - <td>Move [% terms.Bugs %] Between Installations</td> - </tr> - <tr> - <td >LWP::UserAgent</td> - <td > - (Any) - </td> - <td>Automatic Update Notifications</td> - </tr> - <tr> - <td >PatchReader</td> - <td >0.9.4 - </td> - <td>Patch Viewer</td> - </tr> - <tr> - <td >Net::LDAP</td> - <td > - (Any) - </td> - <td>LDAP Authentication</td> - </tr> - <tr> - <td >Authen::SASL</td> - <td > - (Any) - </td> - <td>SMTP Authentication</td> - </tr> - <tr> - <td >Authen::Radius</td> - <td > - (Any) - </td> - <td>RADIUS Authentication</td> - </tr> - <tr> - <td >SOAP::Lite</td> - <td >0.710.06 - </td> - <td>XML-RPC Interface</td> - </tr> - <tr> - <td class="req_new">JSON::RPC</td> - <td class="req_new"> - (Any) - </td> - <td>JSON-RPC Interface</td> - </tr> - <tr> - <td class="req_new">Test::Taint</td> - <td class="req_new"> - (Any) - </td> - <td>JSON-RPC Interface, XML-RPC Interface</td> - </tr> - <tr> - <td >HTML::Parser</td> - <td >3.40 - </td> - <td>More HTML in Product/Group Descriptions</td> - </tr> - <tr> - <td >HTML::Scrubber</td> - <td > - (Any) - </td> - <td>More HTML in Product/Group Descriptions</td> - </tr> - <tr> - <td >Email::MIME::Attachment::Stripper</td> - <td > - (Any) - </td> - <td>Inbound Email</td> - </tr> - <tr> - <td >Email::Reply</td> - <td > - (Any) - </td> - <td>Inbound Email</td> - </tr> - <tr> - <td >TheSchwartz</td> - <td > - (Any) - </td> - <td>Mail Queueing</td> - </tr> - <tr> - <td >Daemon::Generic</td> - <td > - (Any) - </td> - <td>Mail Queueing</td> - </tr> - <tr> - <td >mod_perl2</td> - <td >1.999022 - </td> - <td>mod_perl</td> - </tr> -</table> - -<h2 id="v36_feat">New Features and Improvements</h2> - -<ul> - <li><a href="#v36_feat_usability">General Usability Improvements</a></li> - <li><a href="#v36_feat_extensions">New Extensions System</a></li> - <li><a href="#v36_feat_qs">Improved Quicksearch</a></li> - <li><a href="#v36_feat_browse">Simple "Browse" Interface</a></li> - <li><a href="#v36_feat_suexec">SUExec Support</a></li> - <li><a href="#v36_feat_mpwindows">Experimental mod_perl Support on Windows</a></li> - <li><a href="#v36_email_attachments">Send Attachments by Email</a></li> - <li><a href="#v36_feat_jsonrpc">JSON-RPC Interface</a></li> - <li><a href="#v36_feat_migrate">Migration From Other [% terms.Bug %]-Trackers</a></li> - <li><a href="#v36_feat_other">Other Enhancements and Changes</a></li> -</ul> - -<h3 id="v36_feat_usability">General Usability Improvements</h3> - -<p>A <a href="https://wiki.mozilla.org/Bugzilla:CMU_HCI_Research_2008">scientific - usability study</a> was done on Bugzilla by researchers - from Carnegie-Mellon University. As a result of this study, - <a href="https://bugzilla.mozilla.org/showdependencytree.cgi?id=490786&hide_resolved=0">several - usability issues</a> were prioritized to be fixed, based on specific data - from the study.</p> - -<p>As a result, you will see many small improvements in Bugzilla's - usability, such as using Javascript to validate certain forms before - they are submitted, standardizing the words that we use in the user interface, - being clearer about what Bugzilla needs from the user, - and other changes, all of which are also listed individually in this New - Features section.</p> - -<p>Work continues on improving usability for the next release of - Bugzilla, but the results of the research have already - had an impact on this 3.6 release.</p> - -<h3 id="v36_feat_extensions">New Extensions System</h3> - -<p>Bugzilla has a brand-new Extensions system. The system is - consistent, fast, and - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Extension.html">fully - documented</a>. It makes it possible to easily extend Bugzilla's - code and user interface to add new features or change existing features. - There's even - <a href="[% docs_urlbase FILTER html %]api/extensions/create.html">a - script</a> that will create the basic layout of an extension for you, to - help you get started. For more information about the new system, see the - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Extension.html">Extensions - documentation</a>.</p> - -<p>If you had written any extensions using Bugzilla's previous - extensions system, there is - <a href="[% docs_urlbase FILTER html %]api/contrib/extension-convert.html">a - script to help convert old extensions into the new format</a>.</p> - -<h3 id="v36_feat_qs">Improved Quicksearch</h3> - -<p>The "quicksearch" box that appears on the front page of - Bugzilla and in the header/footer of every page - is now simplified and made more powerful. There is a - <kbd>[?]</kbd> link next to the box that will take you to - the simplified <a href="page.cgi?id=quicksearch.html">Quicksearch Help</a>, - which describes every single feature of the system in a simple layout, - including new features such as the ability to use partial field names - when searching.</p> - -<p>Quicksearch should also be much faster than it was before, particularly - on large installations.</p> - -<p>Note that in order to implement the new quicksearch, certain old - and rarely-used features had to be removed: - -<ul> - <li><b>+</b> as a prefix to mean "search additional resolutions", and - <b>+</b> as a prefix to mean "search just the summary". You can - instead use <kbd>summary:</kbd> to explicitly search summaries.</li> - <li>Searching the [% field_descs.bug_severity FILTER html %] field if you - type something that matches the first few characters of a [% - field_descs.bug_severity FILTER html %]. You can explicitly - search the [% field_descs.bug_severity FILTER html %] field if you want to - find [% terms.bugs %] by [% field_descs.bug_severity FILTER html %].</li> - <li>Searching the Priority field if you typed something that exactly - matched the name of a priority. You can explicitly search the - Priority field if you want to find [% terms.bugs %] by priority.</li> - <li>Searching the [% field_descs.rep_platform FILTER html %] and OS fields - if you typed in one of a certain hard-coded list of strings (like "pc", - "windows", etc.). You can explicitly search these fields, instead, if you want - to find [% terms.bugs %] with a specific [% field_descs.rep_platform - FILTER html %] or OS set.</li> -</ul> - -<h3 id="v36_feat_browse">Simple "Browse" Interface</h3> - -<p>There is now a "Browse" link in the header of each Bugzilla - page that presents a very basic interface that allows users to simply - browse through all open [% terms.bugs %] in particular components.</p> - -<h3 id="v36_feat_suexec">SUExec Support</h3> - -<p>Bugzilla can now be run in Apache's "SUExec" mode, - which is what control panel software like cPanel and Plesk use - (so Bugzilla should now be much easier to install - on shared hosting). SUExec support shows up as an option - in the <kbd>localconfig</kbd> file during installation.</p> - -<h3 id="v36_feat_mpwindows">Experimental mod_perl Support on Windows</h3> - -<p>There is now experimental support for running Bugzilla - under mod_perl on Windows, for a significant performance enhancement - (in exchange for using more memory).</p> - -<h3 id="v36_email_attachments">Send Attachments by Email</h3> - -<p>The <a href="[% docs_urlbase FILTER html %]api/email_in.html">email_in</a> - script now supports attaching multiple attachments to [% terms.abug %] - by email, both when filing and when updating [% terms.abug %].</p> - -<h3 id="v36_feat_jsonrpc">JSON-RPC Interface</h3> - -<p>Bugzilla now has support for the - <a href="http://json-rpc.org/">JSON-RPC</a> WebServices protocol via - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Server/JSONRPC.html">jsonrpc.cgi</a>. - The JSON-RPC interface is experimental in this release--if you want any - fundamental changes in how it works, - <a href="http://www.bugzilla.org/developers/reporting_bugs.html">let us - know</a>, for the next release of Bugzilla.</p> - -<h3 id="v36_feat_migrate">Migration From Other [% terms.Bug %]-Trackers</h3> - -<p>Bugzilla 3.6 comes with a new script, - <a href="[% docs_urlbase FILTER html %]api/migrate.html">migrate.pl</a>, - which allows migration from other [% terms.bug %]-tracking systems. - Among the various features of the migration system are:</p> - -<ul> - <li>It is non-destructive--you can migrate into an existing - Bugzilla installation without destroying any data - in the installation.</li> - <li>It has a "dry-run" mode so you can test your migration - before actually running it.</li> - <li>It is relatively easy to write new migrators for new systems, - if you know Perl. The basic migration framework does most of the work - for you, you just have to provide it with the data from your - [%+ terms.bug %]-tracker. See the - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Migrate.html">Bugzilla::Migrate</a> - documentation and see our current migrator, - <kbd>Bugzilla/Migrate/GNATS.pm</kbd> for information on how to make your - own migrator.</li> -</ul> - -<p>The first migrator that has been implemented is for the GNATS - [%+ terms.bug %]-tracking system. We'd love to see migrators for - other systems! If you want to contribute a new migrator, see our - <a href="http://wiki.mozilla.org/Bugzilla:Developers">development - process</a> for details on how to get code into Bugzilla.</p> - -<p>Thanks to <a href="http://lambdares.com/">Lambda Research</a> for - funding the initial development of this feature.</p> - -<h3 id="v36_feat_other">Other Enhancements and Changes</h3> - -<h4>Enhancements for Users</h4> - -<ul> - <li><b>[% terms.Bug %] Filing:</b> When filing [% terms.abug %], - Bugzilla now visually indicates which fields are - mandatory.</li> - <li><b>[% terms.Bug %] Filing:</b> "Bookmarkable templates" now - support the "alias" and "estimated hours" fields.</li> - - <li><b>[% terms.Bug %] Editing:</b> In previous versions of - Bugzilla, if you added a private comment to [% terms.abug %], - then <em>none</em> of the changes that you made at that time were - sent to users who couldn't see the private comment. Now, for users - who can't see private comments, public changes are sent, but the private - comment is excluded from their email notification.</li> - <li><b>[% terms.Bug %] Editing:</b> The controls for groups now - appear to the right of the attachment and time-tracking tables, - when editing [% terms.abug %].</li> - <li><b>[% terms.Bug %] Editing:</b> The "Collapse All Comments" - and "Expand All Comments" links now appear to the right of the - comment list instead of above it.</li> - <li><b>[% terms.Bug %] Editing:</b> The See Also field now supports - URLs for Google Code Issues and the Debian B[% %]ug-Tracking System.</li> - <li><b>[% terms.Bug %] Editing:</b> There have been significant performance - improvements in <kbd>show_bug.cgi</kbd> (the script that displays the - [% terms.bug %]-editing form), particularly for [% terms.bugs %] that - have lots of comments or attachments.</li> - - <li><b>Attachments:</b> The "Details" page of an attachment - now displays itself as uneditable if you can't edit the fields - there.</li> - <li><b>Attachments:</b> We now make sure that there is - a Description specified for an attachment, using JavaScript, before - the form is submitted.</li> - <li><b>Attachments:</b> There is now a link back to the [% terms.bug %] - at the bottom of the "Details" page for an attachment.</li> - <li><b>Attachments:</b> When you click on an "attachment 12345" link - in a comment, if the attachment is a patch, you will now see the - formatted "Diff" view instead of the raw patch.</li> - <li><b>Attachments</b>: For text attachments, we now let the browser - auto-detect the character encoding, instead of forcing the browser to - always assume the attachment is in UTF-8.</li> - - <li><b>Search:</b> You can now display [% terms.bug %] flags as a column - in search results.</li> - <li><b>Search:</b> When viewing search results, you can see which columns are - being sorted on, and which direction the sort is on, as indicated - by arrows next to the column headers.</li> - <li><b>Search:</b> You can now search the Deadline field using relative - dates (like "1d", "2w", etc.).</li> - <li><b>Search:</b> The iCalendar format of search results now includes - a PRIORITY field.</li> - <li><b>Search:</b> It is no longer an error to enter an invalid search - order in a search URL--Bugzilla will simply warn you that - some of your order options are invalid.</li> - <li><b>Search:</b> When there are no search results, some helpful - links are displayed, offering actions you might want to take.</li> - <li><b>Search:</b> For those who like to make their own - <kbd>buglist.cgi</kbd> URLs (and for people working on customizations), - <kbd>buglist.cgi</kbd> now accepts nearly every valid field in - Bugzilla as a direct URL parameter, like - <kbd>&field=value</kbd>.</li> - - <li><b>Requests:</b> When viewing the "My Requests" page, you can now - see the lists as a normal search result by clicking a link at the - bottom of each table.</li> - <li><b>Requests:</b> When viewing the "My Requests" page, if you are - using Classifications, the Product drop-down will be grouped by - Classification.</li> - - <li><b>Inbound Email:</b> When filing [% terms.abug %] by email, if the - product that you are filing the [% terms.bug %] into has some groups - set as Default for you, the [% terms.bug %] will now be placed into those - groups automatically.</li> - <li><b>Inbound Email:</b> The field names that can be used when creating - [%+ terms.bugs %] by email now exactly matches the set of valid parameters - to the - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bug.html#create">B[% %]ug.create - WebService function</a>. You can still use most of the old field names - that 3.4 and earlier used for inbound emails, though, for - backwards-compatibility.</li> - - <li>If there are multiple languages available for your - Bugzilla, you can now select what language you want - Bugzilla displayed in using links at the top of every - page.</li> - <li>When creating a new account, you will be automatically logged in - after setting your password.</li> - <li>There is no longer a maximum password length for accounts.</li> - <li>In the Dusk skin, it's now easier to see links.</li> - <li>In the Whining system, you can now choose to receive emails even - if there are no [% terms.bugs %] that match your searches.</li> - <li>The arrows in dependency graphs now point the other way, so that - [%+ terms.bugs %] point at their dependencies.</li> - - <li><b>New Charts:</b> You can now convert an existing Saved Search - into a data series for New Charts.</li> - <li><b>New Charts:</b> There is now an interface that allows you to - delete data series.</li> - <li><b>New Charts:</b> When deleting a product, you now have the option - to delete the data series that are associated with that product.</li> -</ul> - -<h4>Enhancements for Administrators and Developers</h4> - -<ul> - <li>Depending on how your workflow is set up, it is now possible to - have both UNCONFIRMED and REOPENED show up as status choices for - a closed [% terms.bug %]. If you only want one or the other to - show up, you should edit your status workflow appropriately - (possibly by removing or disabling the REOPENED status).</li> - <li>You can now "disable" field values so that they don't show - up as choices on [% terms.abug %] unless they are already set as - the value for that [% terms.bug %]. This doesn't work for the - per-product field values (component, target_milestone, and version) - yet, though.</li> - <li>Users are now locked out of their accounts for 30 minutes after - trying five bad passwords in a row during login. Every time a - user is locked out like this, the user in the "maintainer" parameter - will get an email.</li> - <li>The minimum length allowed for a password is now 6 characters.</li> - <li>The <kbd>UNCONFIRMED</kbd> status being enabled in a product - is now unrelated to the voting parameters. Instead, there is a checkbox - to enable the <kbd>UNCONFIRMED</kbd> status in a product.</li> - <li>Information about duplicates is now stored in the database instead - of being stored in the <kbd>data/</kbd> directory. On large installations - this could save several hundred megabytes of disk space.</li> - - <li><b>Installation:</b> When installing Bugzilla, the - "maintainer" parameter will be automatically set to the administrator - that was created by <kbd>checksetup.pl</kbd>.</li> - <li><b>Installation:</b> <kbd>checksetup.pl</kbd> now prints out - certain errors in a special color so that you know that something - needs to be done.</li> - <li><b>Installation:</b> <kbd>checksetup.pl</kbd> is now <em>much</em> - faster at upgrading installations, particularly older installations. - Also, it's been made faster to run for the case where it's not - doing an upgrade.</li> - <li><b>Installation:</b> If you install Bugzilla using the - tarball, the <kbd>CGI.pm</kbd> module from CPAN is now included in - the <kbd>lib/</kbd> dir. If you would rather use the CGI.pm from your - global Perl installation, you can delete <kbd>CGI.pm</kbd> and the - <kbd>CGI</kbd> directory from the <kbd>lib/</kbd> directory.</li> - - <li>When editing a group, you can now specify that members of a group - are allowed to grant others membership in that group itself.</li> - <li>The ability to compress BMP attachments to PNGs is now an Extension. - To enable the feature, remove the file - <kbd>extensions/BmpConvert/disabled</kbd> and then run <kbd>checksetup.pl</kbd>.</li> - <li>The default list of values for the Priority field are now clear English - words instead of P1, P2, etc.</li> - <li>There is now a system in place so that all field values can be - localized. See the <kbd>value_descs</kbd> variable in - <kbd>template/en/default/global/field-descs.none.tmpl</kbd>.</li> - <li><kbd>config.cgi</kbd> now returns an ETag header and understands - the If-None-Match header in HTTP requests.</li> - <li>The XML format of <kbd>show_bug.cgi</kbd> now returns more information: - the numeric id of each comment, whether an attachment is a URL, - the modification time of an attachment, the numeric id of a flag, - and the numeric id of a flag's type.</li> - - <li><b>Parameters:</b> Parameters that aren't actually required are no longer - in the "Required" section of the Parameters page. Instead, some are in the - new "General" section, and some are in the new "Advanced" section.</li> - <li><b>Parameters:</b> The old <kbd>ssl</kbd> parameter has been - changed to <kbd>ssl_redirect</kbd>, and can only be turned "on" or "off". - If "on", then all users will be forcibly redirected to SSL whenever - they access Bugzilla. When the parameter is off, - no SSL-related redirects will occur (even if the user directly - accesses Bugzilla via SSL, they will <em>not</em> be - redirected to a non-SSL page).</li> - <li><b>Parameters:</b> In the Advanced parameters, there is a new parameter, - <kbd>inbound_proxies</kbd>. If your Bugzilla is behind a - proxy, you should set this parameter to the IP address of that proxy. - Then, Bugzilla will "believe" any "X-Forwarded-For" - header sent from that proxy, and correctly use the X-Forwarded-For - as the end user's IP, instead of believing that all traffic is coming - from the proxy.</li> - - <li><b>Removed Parameter:</b> The <kbd>loginnetmask</kbd> parameter has - been removed. Since Bugzilla sends secure cookies, it's no - longer necessary to always restrict logins to a specific IP or block - of addresses.</li> - <li><b>Removed Parameter:</b> The <kbd>quicksearch_comment_cutoff</kbd> - parameter is gone. Quicksearch now always searches comments; however, it - uses a much faster algorithm to do it.</li> - <li><b>Removed Parameter:</b> The <kbd>usermatchmode</kbd> parameter has - been removed. User-matching is now <em>always</em> done.</li> - <li><b>Removed Parameter:</b> The <kbd>useentrygroupdefault</kbd> parameter - has been removed. Bugzilla now always behaves as though - that parameter were off.</li> - <li>The <kbd>t/001compile.t</kbd> test should now always pass, no matter - what configuration of optional modules you do or don't have installed.</li> - <li>New script: <kbd>contrib/console.pl</kbd>, which allows you to have - a "command line" into Bugzilla by inputting Perl code - or using a few custom commands.</li> -</ul> - -<h4>WebService Changes</h4> - -<ul> - <li>The WebService now returns all dates and times in the UTC timezone. - <kbd>Bugzilla.time</kbd> now acts as though the Bugzilla - server were in the UTC timezone, always. If you want to write clients - that are compatible across all Bugzilla versions, - check the timezone from <kbd>Bugzilla.timezone</kbd> or - <kbd>Bugzilla.time</kbd>, and always input times in that timezone - and expect times to be returned in that format.</li> - <li>You can now log in by passing <kbd>Bugzilla_login</kbd> and - <kbd>Bugzilla_password</kbd> as arguments to any WebService function. - See the - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService.html#LOGGING_IN">Bugzilla::WebService</a> - documentation for details.</li> - <li>New Method: - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bug.html#attachments">B[% %]ug.attachments</a> - which allows getting information about attachments.</li> - <li>New Method: - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bug.html#fields">B[% %]ug.fields</a>, - which gets information about all the fields that [% terms.abug %] can have - in Bugzilla, include custom fields and legal values for - all fields. The <kbd>B[% %]ug.legal_values</kbd> method is now deprecated.</li> - <li>In the <kbd>B[% %]ug.add_comment</kbd> method, the "private" parameter - has been renamed to "is_private" (for consistency with other methods). - You can still use "private", though, for backwards-compatibility.</li> - <li>The WebService now has Perl's "taint mode" turned on. This means that - it validates all data passed in before sending it to the database. - Also, all parameter names are validated, and if you pass in a parameter - whose name contains anything other than letters, numbers, or underscores, - that parameter will be ignored. Mostly this just affects - customizers--Bugzilla's WebService is not functionally - affected by these changes.</li> - <li>In previous versions of Bugzilla, error messages were - sent word-wrapped to the client, from the WebService. Error messages - are now sent as one unbroken line.</li> -</ul> - -<h2 id="v36_issues">Outstanding Issues</h2> - -<ul> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=423439"> - [%- terms.Bug %] 423439</a>: Tabs in comments will be converted - to four spaces, due to a b<!-- -->ug in Perl as of Perl 5.8.8.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=69621"> - [%- terms.Bug %] 69621</a>: If you rename or remove a keyword that is - in use on [% terms.bugs %], you will need to rebuild the "keyword cache" - by running <a href="sanitycheck.cgi">sanitycheck.cgi</a> and choosing - the option to rebuild the cache when it asks. Otherwise keywords may - not show up properly in search results.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=89822"> - [%- terms.Bug %] 89822</a>: When changing multiple [% terms.bugs %] at - the same time, there is no "mid-air collision" protection.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=276230"> - [%- terms.Bug %] 276230</a>: The support for restricting access to - particular Categories of New Charts is not complete. You should treat - the 'chartgroup' Param as the only access mechanism available.<br> - However, charts migrated from Old Charts will be restricted to - the groups that are marked MANDATORY for the corresponding Product. - There is currently no way to change this restriction, and the - groupings will not be updated if the group configuration - for the Product changes.</li> -</ul> - -<h2 id="v36_upgrading">Notes On Upgrading From a Previous Version</h2> - -<p>When upgrading to 3.6, <kbd>checksetup.pl</kbd> will create foreign keys - for many columns in the database. Before doing this, it will check the - database for consistency. If there are an unresolvable consistency - problems, it will tell you what table and column in the database contain - the bad values, and which values are bad. If you don't know what else to do, - you can always delete the database records which contain the bad values by - logging in to your database and running the following command:</p> - -<p><code>DELETE FROM <var>table</var> WHERE <var>column</var> IN - (<var>1, 2, 3, 4</var>)</code></p> - -<p>Just replace "table" and "column" with the name of the table - and column that <kbd>checksetup.pl</kbd> mentions, and "1, 2, 3, 4" - with the invalid values that <kbd>checksetup.pl</kbd> prints out.</p> - -<p>Remember that you should always back up your database before doing - an upgrade.</p> - -<h2 id="v36_code_changes">Code Changes Which May Affect Customizations</h2> - -<ul> - <li>There is no longer a SendBugMail method in the templates, and bugmail - is no longer sent by processing a template. Instead, it is sent - by using <kbd>Bugzilla::BugMail::Send</kbd>.</li> - <li>Comments are now represented as a - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Comment.html">Bugzilla::Comment</a> - object instead of just being hashes.</li> - <li>In previous versions of Bugzilla, the template for displaying - [%+ terms.abug %] required a lot of extra variables that are now global - template variables instead.</li> - <li>You can now check if optional modules are installed by using - <kbd>Bugzilla->feature</kbd> in Perl code or - <kbd>feature_enabled</kbd> in template code.</li> - <li>All of the various template header information required to display - the [% terms.bug %] form is now in one template, - <kbd>template/en/default/bug/show-header.html.tmpl</kbd>.</li> - <li>You should now use <kbd>display_value</kbd> instead of - <kbd>get_status</kbd> or <kbd>get_resolution</kbd> in templates. - <kbd>display_value</kbd> should be used anywhere that a - <select>-type field has its values displayed.</li> -</ul> - - -<h1 id="v36_previous">Bugzilla 3.4 Release Notes</h1> - -<ul class="bz_toc"> - <li><a href="#v34_introduction">Introduction</a></li> - <li><a href="#v34_point">Updates in this 3.4.x Release</a></li> - <li><a href="#v34_req">Minimum Requirements</a></li> - <li><a href="#v34_feat">New Features and Improvements</a></li> - <li><a href="#v34_issues">Outstanding Issues</a></li> - <li><a href="#v34_upgrading">Notes On Upgrading From a Previous Version</a></li> - <li><a href="#v34_code_changes">Code Changes Which May Affect - Customizations</a></li> - <li><a href="#v34_previous">Release Notes for Previous Versions</a></li> -</ul> - -<h2 id="v34_introduction">Introduction</h2> - -<p>This is Bugzilla 3.4! Bugzilla 3.4 brings a lot - of great enhancements for Bugzilla over previous versions, - with various improvements to the user interface, lots of interesting new - features, and many long-standing requests finally being addressed.</p> - -<p>If you're upgrading, make sure to read <a href="#v34_upgrading">Notes - On Upgrading From a Previous Version</a>. If you are upgrading from a release - before 3.2, make sure to read the release notes for all the - <a href="#v34_previous">previous versions</a> in between your version - and this one, <strong>particularly the Upgrading section of each - version's release notes</strong>.</p> - -<p>We would like to thank <a href="http://www.canonical.com/">Canonical - Ltd.</a> for funding development of one new feature, and NASA for funding - development of several new features through the - <a href="http://www.sjsufoundation.org/">San Jose State University - Foundation</a>.</p> - -<h2 id="v34_point">Updates In This 3.4.x Release</h2> - -<h3>3.4.6</h3> - -<ul> - <li>When doing a search that involves "not equals" or "does not contain the - string" or similar "negative" search types, the search description that - appears at the top of the resulting [% terms.bug %] list will indicate - that the search was of that type. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=474738">[% terms.Bug %] 474738</a>) - </li> - <li>In Internet Explorer, users couldn't easily mark a RESOLVED DUPLICATE - [%+ terms.bug %] as REOPENED, due to a JavaScript error. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=546719">[% terms.Bug %] 546719</a>) - </li> - <li>If you use a "bookmarkable template" to pre-fill forms on - the [% terms.bug %]-filing page, and you have custom fields - that are only supposed to appear (or only supposed to have certain - values) based on the values of other fields, those custom fields will - now work properly. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=538211">[% terms.Bug %] 538211</a>) - </li> - <li>If you have a custom field that's only supposed to appear when - a [% terms.bug %]'s resolution is FIXED, it will now behave properly - on the [% terms.bug %]-editing form when a user sets the [% terms.bug %]'s - status to RESOLVED. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=520993">[% terms.Bug %] 520993</a>) - </li> - <li>If you are logged-out and using <kbd>request.cgi</kbd>, the Requester - and Requestee fields no longer respect the <kbd>usermatching</kbd> - parameter--they always require full usernames. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=533018">[% terms.Bug %] 533018</a>) - </li> - <li>If you tried to do a search with too many terms (resulting in a URL - that was longer than about 7000 characters), Apache would return a - 500 error instead of your search results. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=513989">[% terms.Bug %] 513989</a>) - </li> - <li>Bugzilla would sometimes lose fields from your sort order - when you added new fields to your sort order. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=470214">[% terms.Bug %] 470214</a>) - </li> - <li>The Atom format of search results would sometimes be missing the - Reporter or Assignee field for some [% terms.bugs %]. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=537834">[% terms.Bug %] 537834</a>) - </li> -</ul> - -<h3>3.4.5</h3> - -<p>This release contains fixes for multiple security issues. See the - <a href="http://www.bugzilla.org/security/3.0.10/">Security Advisory</a> - for details.</p> - -<p>In addition, the following important fixes/changes have been made in - this release:</p> - -<ul> - <li>Whining was failing if jobqueue.pl was enabled. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=530270">[% terms.Bug %] 530270</a>) - </li> - <li>The Assignee field was empty in Whine mails. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=511216">[% terms.Bug %] 511216</a>) - </li> - <li>Administrators can now successfully create user accounts using - editusers.cgi when using the "Env" authentication method. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=483987">[% terms.Bug %] 483987</a>) - </li> - <li>[% terms.Bug %]mail now uses the timezone of the recipient of the email, - when displaying the time a comment was made, instead of the timezone of the - person who made the change. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=534587">[% terms.Bug %] 534587</a>) - </li> - <li>"[% terms.bug %] 1234" in comments sometimes would not become a link if - word-wrapping happened between "[% terms.bug %]" and the number. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=514703">[% terms.Bug %] 514703</a>) - </li> - <li>Running <kbd>checksetup.pl</kbd> on Windows will no longer pop up an error box - about OCI.dll. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=480968">[% terms.Bug %] 480968</a>) - </li> -</ul> - -<h3>3.4.4</h3> - -<p>This release contains a fix for a security issue. See the - <a href="http://www.bugzilla.org/security/3.4.3/">Security Advisory</a> - for details.</p> - -<p>Additionally, this release fixes a few minor [% terms.bugs %].</p> - -<h3>3.4.3</h3> - -<ul> - <li>Bugzilla installations running under mod_perl were leaking - about 512K of RAM per page load. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=517793">[% terms.Bug %] 517793</a>) - </li> - <li>Attachments with Unicode characters in their names were being downloaded - with mangled names. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=328628">[% terms.Bug %] 328628</a>) - </li> - <li>Creating custom fields with Unicode in their database column name - is now no longer allowed, as it would break Bugzilla. If you - created such a custom field, you should delete it by first marking it - obsolete and then clicking "Delete" in the custom field list, using - <a href="editfields.cgi">editfields.cgi</a>. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=525025">[% terms.Bug %] 525025</a>) - </li> - <li>Clicking "submit only my comment" on the "mid-air collisions" page - was leading to a "Suspicious Action" warning. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=514378">[% terms.Bug %] 514378</a>) - </li> - <li>The XML format of [% terms.abug %] accidentally contained the - word-wrapped content of comments instead of the unwrapped content. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=509152">[% terms.Bug %] 509152</a>) - </li> - <li>You can now do <kbd>./install-module.pl --shell</kbd> to get a CPAN - shell using the configuration of - <a href="[% docs_urlbase FILTER html %]api/install-module.html">install-module.pl</a>, - which allows you to do more advanced Perl module installation tasks. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=445875">[% terms.Bug %] 445875</a>) - </li> -</ul> - -<h3>3.4.2</h3> - -<p>This release contains fixes for multiple security issues, one of which - is highly critical. See the - <a href="http://www.bugzilla.org/security/3.0.8/">Security Advisory</a> - for details.</p> - -<p>In addition, the following important fixes/changes have been made in - this release:</p> - -<ul> - <li>Upgrades from older releases were sometimes failing during UTF-8 - conversion with a foreign key error. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=508181">[% terms.Bug %] 508181</a>) - </li> - <li>Sorting [% terms.bug %] lists on certain fields would result in an error. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=510944">[% terms.Bug %] 510944</a>) - </li> - <li>[% terms.Bug %] update emails had two or three blank lines at the top - and between the various sections of the email. There is now only one - blank line in each of those places, making these emails more compact. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=73330">[% terms.Bug %] 73330</a>) - </li> - <li>[% terms.Bug %] email notifications for new [% terms.bugs %] incorrectly - had a line saying that the description was "Comment 0". - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=510798">[% terms.Bug %] 510798</a>) - </li> - <li>Running <kbd>./collectstats.pl --regenerate</kbd> is now much faster, - on the order of 20x or 100x faster. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=286625">[% terms.Bug %] 286625</a>) - </li> - <li>For users of RHEL, CentOS, Fedora, etc. jobqueue.pl can now automatically - be installed as a daemon by running <kbd>./jobqueue.pl install</kbd> - as root. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=475403">[% terms.Bug %] 475403</a>) - </li> - <li>XML-RPC interface responses had an incorrect Content-Length header - and would sometimes be truncated, if they contained certain UTF-8 - characters. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=486306">[% terms.Bug %] 486306</a>) - </li> - <li>Users who didn't have access to the time-tracking fields would get an - empty [% terms.bug %] update email when the time-tracking fields were - changed. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=509035">[% terms.Bug %] 509035</a>) - </li> - <li>In the New Charts, non-public series now no longer show up as selectable - if you cannot access them. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=389396">[% terms.Bug %] 389396</a>) - </li> -</ul> - -<h3>3.4.1</h3> - -<p>This release contains an important security fix. See the - <a href="http://www.bugzilla.org/security/3.4/">Security Advisory</a> - for details.</p> - -<h2 id="v34_req">Minimum Requirements</h2> - -<p>Any requirements that are new since 3.2.3 will look like - <span class="req_new">this</span>.</p> - -<ul> - <li><a href="#v34_req_perl">Perl</a></li> - <li><a href="#v34_req_mysql">For MySQL Users</a></li> - <li><a href="#v34_req_pg">For PostgreSQL Users</a></li> - <li><a href="#v34_req_oracle">For Oracle Users</a></li> - <li><a href="#v34_req_modules">Required Perl Modules</a></li> - <li><a href="#v34_req_optional_mod">Optional Perl Modules</a></li> -</ul> - -<h3 id="v34_req_perl">Perl</h3> - -<p>Perl v5.8.1</p> - -<h3 id="v34_req_mysql">For MySQL Users</h3> - -<ul> - <li>MySQL v4.1.2</li> - <li><strong>perl module:</strong> DBD::mysql v4.00</li> -</ul> - -<h3 id="v34_req_pg">For PostgreSQL Users</h3> - -<ul> - <li>PostgreSQL v8.00.0000</li> - <li><strong>perl module:</strong> DBD::Pg v1.45</li> -</ul> - -<h3 id="v34_req_oracle">For Oracle Users</h3> - -<ul> - <li>Oracle v10.02.0</li> - <li><strong>perl module:</strong> DBD::Oracle v1.19</li> -</ul> - -<h3 id="v34_req_modules">Required Perl Modules</h3> - -<table class="req_table"> - <tr> - <th>Module</th> <th>Version</th> - </tr> - <tr> - <td>CGI</td> - <td>3.21</td> - </tr> - <tr> - <td class="req_new">Digest::SHA</td> - <td class="req_new"> (Any)</td> - </tr> - <tr> - <td>Date::Format</td> - <td>2.21</td> - </tr> - <tr> - <td class="req_new">DateTime</td> - <td class="req_new">0.28</td> - </tr> - <tr> - <td class="req_new">DateTime::TimeZone</td> - <td class="req_new">0.71</td> - </tr> - <tr> - <td>DBI</td> - <td>1.41</td> - </tr> - <tr> - <td>Template</td> - <td class="req_new">2.22</td> - </tr> - <tr> - <td>Email::Send</td> - <td>2.00</td> - </tr> - <tr> - <td>Email::MIME</td> - <td>1.861</td> - </tr> - <tr> - <td>Email::MIME::Encodings</td> - <td>1.313</td> - </tr> - <tr> - <td>Email::MIME::Modifier</td> - <td>1.442</td> - </tr> - <tr> - <td class="req_new">URI</td> - <td class="req_new">(Any)</td> - </tr> -</table> - -<h3 id="v34_req_optional_mod">Optional Perl Modules</h3> - -<p>The following perl modules, if installed, enable various - features of Bugzilla:</p> - -<table class="req_table"> - <tr> - <th>Module</th> - <th>Version</th> - <th>Enables Feature</th> - </tr> - <tr> - <td>LWP::UserAgent</td> - <td>(Any)</td> - <td>Automatic Update Notifications</td> - </tr> - <tr> - <td>Template::Plugin::GD::Image</td> - <td>(Any)</td> - <td>Graphical Reports</td> - </tr> - <tr> - <td>GD::Text</td> - <td>(Any)</td> - <td>Graphical Reports</td> - </tr> - <tr> - <td>GD::Graph</td> - <td>(Any)</td> - <td>Graphical Reports</td> - </tr> - <tr> - <td>GD</td> - <td>1.20</td> - <td>Graphical Reports, New Charts, Old Charts</td> - </tr> - <tr> - <td>Email::MIME::Attachment::Stripper</td> - <td>(Any)</td> - <td>Inbound Email</td> - </tr> - <tr> - <td>Email::Reply</td> - <td>(Any)</td> - <td>Inbound Email</td> - </tr> - <tr> - <td>Net::LDAP</td> - <td>(Any)</td> - <td>LDAP Authentication</td> - </tr> - <tr> - <td class="req_new">TheSchwartz</td> - <td class="req_new">(Any)</td> - <td>Mail Queueing</td> - </tr> - <tr> - <td class="req_new">Daemon::Generic</td> - <td class="req_new">(Any)</td> - <td>Mail Queueing</td> - </tr> - <tr> - <td>HTML::Parser</td> - <td>3.40</td> - <td>More HTML in Product/Group Descriptions</td> - </tr> - <tr> - <td>HTML::Scrubber</td> - <td>(Any)</td> - <td>More HTML in Product/Group Descriptions</td> - </tr> - <tr> - <td>XML::Twig</td> - <td>(Any)</td> - <td>Move [% terms.Bugs %] Between Installations</td> - </tr> - <tr> - <td>MIME::Parser</td> - <td>5.406</td> - <td>Move [% terms.Bugs %] Between Installations</td> - </tr> - <tr> - <td>Chart::Base</td> - <td>1.0</td> - <td>New Charts, Old Charts</td> - </tr> - <tr> - <td>Image::Magick</td> - <td>(Any)</td> - <td>Optionally Convert BMP Attachments to PNGs</td> - </tr> - <tr> - <td>PatchReader</td> - <td>0.9.4</td> - <td>Patch Viewer</td> - </tr> - <tr> - <td>Authen::Radius</td> - <td>(Any)</td> - <td>RADIUS Authentication</td> - </tr> - <tr> - <td>Authen::SASL</td> - <td>(Any)</td> - <td>SMTP Authentication</td> - </tr> - <tr> - <td>SOAP::Lite</td> - <td>0.710.06</td> - <td>XML-RPC Interface</td> - </tr> - <tr> - <td>mod_perl2</td> - <td>1.999022</td> - <td>mod_perl</td> - </tr> -</table> - -<h2 id="v34_feat">New Features and Improvements</h2> - -<ul> - <li><a href="#v34_feat_enter">Simple [% terms.Bug %] Filing</a></li> - <li><a href="#v34_feat_index">New Home Page</a></li> - <li><a href="#v34_feat_spam">Email Addresses Hidden From Logged-Out - Users</a></li> - <li><a href="#v34_feat_urls">Shorter Search URLs</a></li> - <li><a href="#v34_feat_async">Asynchronous Email Sending</a></li> - <li><a href="#v34_feat_tz">Dates and Times Displayed In User's Time - Zone</a></li> - <li><a href="#v34_feat_vis">Custom Fields That Only Appear When - Another Field Has a Particular Value</a></li> - <li><a href="#v34_feat_vals">Custom Fields Whose List of Values - Change Depending on the Value of Another Field</a></li> - <li><a href="#v34_feat_bugid">New Custom Field Type: - [%+ terms.Bug %] ID</a></li> - <li><a href="#v34_feat_see">"See Also" Field</a></li> - <li><a href="#v34_feat_cols">Re-order Columns in Search Results</a></li> - <li><a href="#v34_feat_desc">Search Descriptions</a></li> - <li><a href="#v34_feat_other">Other Enhancements and Changes</a></li> -</ul> - -<h3 id="v34_feat_enter">Simple [% terms.Bug %] Filing</h3> - -<p>When entering a new [% terms.bug %], the vast majority of fields are - now hidden by default, which enormously simplifies the bug-filing form. - You can click "Show Advanced Fields" to show all the fields, if you want - them. Bugzilla remembers whether you last used the "Advanced" - or "Simple" version of the [% terms.bug %]-entry form, and will display the - same version to you again next time you file [% terms.abug %].</p> - -<h3 id="v34_feat_index">New Home Page</h3> - -<p>Bugzilla's front page has been redesigned to be better at - guiding new users into the activities that they most commonly want to - do. Further enhancements to the home page are coming in future versions - of Bugzilla.</p> - -<h3 id="v34_feat_spam">Email Addresses Hidden From Logged-Out Users</h3> - -<p>To help prevent spam to Bugzilla users, all email addresses - stored in Bugzilla are now displayed only if you are logged in. - If you are logged out, only the part before the "@" of the email address is - displayed. This includes [% terms.bug %] lists, viewing [% terms.bugs %], the - XML format of [% terms.abug %], and any other place in the web interface that - an email address could appear.</p> - -<p>Email addresses are not filtered out of [% terms.bug %] comments. - The WebService still returns full email addresses, even if you are logged - out.</p> - -<h3 id="v34_feat_urls">Shorter Search URLs</h3> - -<p>When submitting a search, all the unused fields are now stripped from - the URL, so search URLs are much more meaningful, and much shorter.</p> - -<h3 id="v34_feat_async">Asynchronous Email Sending</h3> - -<p>The largest performance problem in former versions of Bugzilla - was that when updating [% terms.bugs %], email would be sent immediately - to every user who needed to be notified, and <kbd>process_bug.cgi</kbd> - would wait for the emails to be sent before continuing.</p> - -<p>Now Bugzilla is capable of queueing emails to be sent - while [% terms.abug %] is being updated, and sending them in the - background. This requires the administrator to run a daemon - that comes with Bugzilla, named - <a href="[% docs_urlbase FILTER html %]api/jobqueue.html">jobqueue.pl</a>, - and to enable the <a href="editparams.cgi?section=mta#use_mailer_queue"> - use_mailer_queue</a> parameter.</p> - -<p>Using the background email-sending daemon instead of sending mail directly - should result in a very large speed-up for updating [% terms.bugs %], - particularly on larger installations.</p> - -<h3 id="v34_feat_tz">Dates and Times Displayed In User's Time Zone</h3> - -<p>Users can now select what time zone they are in and Bugzilla - will adjust displayed times to be correct for their time zone. However, - times the user inputs are unfortunately still in Bugzilla's - time zone.</p> - -<h3 id="v34_feat_vis">Custom Fields That Only Appear When Another Field - Has a Particular Value</h3> - -<p>When creating a new custom field (or updating the definition of - an existing custom field), you can now say that "this field only - appears when field X has value Y". (In the future, you will be able - to select multiple values for "Y", so a field will appear when any - one of those values is selected.)</p> - -<p>This feature only hides fields--it doesn't make their values go away. - So [% terms.bugs %] will still show up in searches for that field's - value, but the field won't appear in the user interface.</p> - -<p>This is a good way of making Product-specific fields.</p> - -<h3 id="v34_feat_vals">Custom Fields Whose List of Values Change - Depending on the Value of Another Field</h3> - -<p>When creating a drop-down or multiple-selection custom field, you can - now specify that another field "controls the values" of this field. - Then, when adding values to this field, you can say that a particular - value only appears when the other field is set to a particular - value.</p> - -<p>Here's an example: Let's say that we create a field called "Colors", - and we make the Product field "control the values" for Colors. Then we - add Blue, Red, Black, and Yellow as legal values for the "Colors" field. - Now we can say that "Blue" and "Red" only appear as valid choices in - Product A, "Yellow" only appears in Product B, but "Black" <em>always</em> - appears.</p> - -<p>One thing to note is that this feature only controls what values appear in - the <em>user interface</em>. Bugzilla itself will still accept - any combination of values as valid, in the backend.</p> - -<h3 id="v34_feat_bugid">New Custom Field Type: [% terms.Bug %] ID</h3> - -<p>You can now create a custom field that holds a reference to a single - valid [% terms.bug %] ID. In the future this will be enhanced to allow - [%+ terms.bugs %] to refer to each other via this field.</p> - -<h3 id="v34_feat_see">"See Also" Field</h3> - -<p>We have added a new standard field called "See Also" to - Bugzilla. In this field, you can put URLs to multiple - [%+ terms.bugs %] in any Bugzilla installation, to indicate - that those [% terms.bugs %] are related to this one. It also supports - adding URLs to [% terms.bugs %] in - <a href="http://launchpad.net/">Launchpad</a>.</p> - -<p>Right now, the field just validates the URLs and then displays them, but - in the future, it will grab information from the other installation about - the [% terms.bug %] and display it here, and possibly even update the - other installation.</p> - -<p>If your installation does not need this field, you can hide it by disabling - the <a href="editparams.cgi?section=bugfields#use_see_also">use_see_also - parameter</a>.</p> - -<h3 id="v34_feat_cols">Re-order Columns in Search Results</h3> - -<p>There is a new interface for choosing what columns appear in search - results, which allows you to change the order in which columns appear - from left to right when viewing the [% terms.bug %] list.</p> - -<h3 id="v34_feat_desc">Search Descriptions</h3> - -<p>When displaying search results, Bugzilla will now show - a brief description of what you searched for, at the top of the - [%+ terms.bug %] list.</p> - -<h3 id="v34_feat_other">Other Enhancements and Changes</h3> - -<h4>Enhancements for Users</h4> - -<ul> - <li>You can now log in from every page, using the login form that appears - in the header or footer when you click "Log In".</li> - <li>When viewing [% terms.abug %], obsolete attachments are now - hidden from the attachment list by default. You can show them - by clicking "Show Obsolete" at the bottom of the attachment list.</li> - <li>In the Email Preferences, you can now choose to get email when - a new [% terms.bug %] report is filed and you have a particular - role on it.</li> - <li>When resolving a mid-air collision, you can now choose to submit - only your comment.</li> - <li>You can now set the Blocks and Depends On field on the "Change - Several [% terms.Bugs %] At Once" page.</li> - <li>If your installation uses the "insidergroup" feature, you can now add - private comments on the "Change Several [% terms.Bugs %] At Once" - page.</li> - <li>When viewing a search result, you can now hover over any abbreviated - field to see its full value.</li> - <li>When logging out, users are now redirected to the main page of - Bugzilla instead of an empty page.</li> - <li>When editing [% terms.abug %], text fields (except the comment box) now - grow longer when you widen your browser window.</li> - <li>When viewing [% terms.abug %], the Depends On and Blocks list will - display [% terms.abug %]'s alias if it has one, instead of its id. - Also, closed [% terms.bugs %] will be sorted to the end of the list.</li> - - <li>If you use the time-tracking features of Bugzilla, and - you enable the time-tracking related columns in a search result, - then you will see a summary of the time-tracking data at the - bottom of the search result.</li> - <li>For users of time-tracking, the <kbd>summarize_time.cgi</kbd> page - now contains more data.</li> - - <li>When viewing an attachment's details page while you are logged-out, - flags are no longer shown as editable.</li> - <li>Cloning [% terms.abug %] will now retain the "Blocks" and "Depends On" - fields from the [% terms.bug %] being cloned.</li> - <li>[% terms.Bug %]mail for new [% terms.bugs %] will now indicate - what security groups the [% terms.bug %] has been restricted to.</li> - <li>You can now use any custom drop-down field as an axis for a tabular - or graphical report.</li> - <li>The <kbd>X-Bugzilla-Type</kbd> header in emails sent by - Bugzilla is now "new" for [% terms.bug %]mail sent for - newly-filed [% terms.bugs %], and "changed" for emails having to do - with updated [% terms.bugs %].</li> - <li>Mails sent by the "Whining" system now contain the header - <kbd>X-Bugzilla-Type: whine</kbd>.</li> - <li>[% terms.bug %]mail now contains a X-Bugzilla-URL header to uniquely - identify which Bugzilla installation the email came from.</li> - <li>If you input an invalid regular expression anywhere in - Bugzilla, it will now tell you explicitly instead of failing - cryptically.</li> - <li>The <kbd>duplicates.xul</kbd> page (which wasn't used by very many - people) is now gone.</li> -</ul> - -<h4>Enhancements for Administrators and Developers</h4> - -<ul> - <li>Bugzilla now uses the SHA-256 algorithm (a variant of - SHA-2) to encrypt passwords in the database, instead of using Unix's - "crypt" function. This allows passwords longer than eight characters - to actually be effective. Each user's password will be converted to - SHA-256 the first time they log in after you upgrade to - Bugzilla 3.4 or later.</li> - <li>If you are using database replication with Bugzilla, - many more scripts now take advantage of the read-only slave (the - "shadowdb"). It may be safe to open up <kbd>show_bug.cgi</kbd> - to search-engine indexing by editing your <kbd>robots.txt</kbd> file, - now, if your Bugzilla is on fast-enough hardware.</li> - <li>The database now uses foreign keys to enforce the validity of - relationships between tables. Not every single table has all its - foreign keys yet, but most do.</li> - <li>Various parameters have been removed, in an effort to de-clutter - the parameter interface and simplify Bugzilla's code. - The parameters that were removed were: timezone, supportwatchers, - maxpatchsize, commentonclearresolution, commentonreassignbycomponent, - showallproducts. They have all been replaced with sensible default - behaviors. (For example, user watching is now always enabled.)</li> - <li>When adding <code>&debug=1</code> to the end of a - <kbd>buglist.cgi</kbd> URL, Bugzilla will now also do an - EXPLAIN on the query, to help debug performance issues.</li> - <li>When editing flag types in the administrative interface, you can now - see how many flags of each type have been set.</li> -</ul> - -<h4>WebService Changes</h4> - -<ul> - <li>Various functions have been added to the WebService: - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bug.html#history">B[% %]ug.history</a>, - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bug.html#search">B[% %]ug.search</a>, - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bug.html#comments">B[% %]ug.comments</a>, - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bug.html#update_see_also">B[% %]ug.update_see_also</a>, - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/User.html#get">User.get</a>, - and <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bugzilla.html#time">Bugzilla.time</a> - (<kbd>Bugzilla.timezone</kbd> is now deprecated). - </li> - <li>For network efficiency, you can now limit which fields are returned - from certain WebService functions, like <kbd>User.get</kbd>.</li> - <li>There is now a "permissive" argument for the <kbd>B[% %]ug.get</kbd> - WebService function, which causes it not to throw an error when you - ask for [% terms.bugs %] you can't see.</li> - - <li>The <kbd>B[% %]ug.get</kbd> method now returns many more fields.</li> - <li>The <kbd>B[% %]ug.add_comment</kbd> method now returns the ID of the comment - that was just added.</li> - <li>The <kbd>B[% %]ug.add_comment</kbd> method will now throw an error if you - try to add a private comment but do not have the correct permissions. - (In previous versions, it would just silently ignore the <kbd>private</kbd> - argument if you didn't have the correct permissions.)</li> - <li>Many WebService function parameters now take individual values in - addition to arrays.</li> - <li>The WebService now validates input types--it makes sure that dates - are in the right format, that ints are actually ints, etc. It will throw - an error if you send it invalid data. It also accepts empty ints, doubles, - and dateTimes, and translates them to <kbd>undef</kbd>.</li> -</ul> - -<h2 id="v34_issues">Outstanding Issues</h2> - -<ul> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=423439"> - [%- terms.Bug %] 423439</a>: Tabs in comments will be converted - to four spaces, due to a b<!-- -->ug in Perl as of Perl 5.8.8.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=69621"> - [%- terms.Bug %] 69621</a>: If you rename or remove a keyword that is - in use on [% terms.bugs %], you will need to rebuild the "keyword cache" - by running <a href="sanitycheck.cgi">sanitycheck.cgi</a> and choosing - the option to rebuild the cache when it asks. Otherwise keywords may - not show up properly in search results.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=89822"> - [%- terms.Bug %] 89822</a>: When changing multiple [% terms.bugs %] at - the same time, there is no "mid-air collision" protection.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=276230"> - [%- terms.Bug %] 276230</a>: The support for restricting access to - particular Categories of New Charts is not complete. You should treat - the 'chartgroup' Param as the only access mechanism available.<br> - However, charts migrated from Old Charts will be restricted to - the groups that are marked MANDATORY for the corresponding Product. - There is currently no way to change this restriction, and the - groupings will not be updated if the group configuration - for the Product changes.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=370370"> - [%- terms.Bug %] 370370</a>: mod_perl support is currently not - working on Windows machines.</li> -</ul> - -<h2 id="v34_upgrading">Notes On Upgrading From a Previous Version</h2> - -<p>When upgrading to 3.4, <kbd>checksetup.pl</kbd> will create foreign keys - for many columns in the database. Before doing this, it will check the - database for consistency. If there are an unresolvable consistency - problems, it will tell you what table and column in the database contain - the bad values, and which values are bad. If you don't know what else to do, - you can always delete the database records which contain the bad values by - logging in to your database and running the following command:</p> - -<p><code>DELETE FROM <var>table</var> WHERE <var>column</var> IN - (<var>1, 2, 3, 4</var>)</code></p> - -<p>Just replace "table" and "column" with the name of the table - and column that <kbd>checksetup.pl</kbd> mentions, and "1, 2, 3, 4" - with the invalid values that <kbd>checksetup.pl</kbd> prints out.</p> - -<p>Remember that you should always back up your database before doing - an upgrade.</p> - -<h2 id="v34_code_changes">Code Changes Which May Affect Customizations</h2> - -<ul> - <li><kbd>checksetup.pl</kbd> now re-writes the <kbd>localconfig</kbd> - file every time it runs, keeping the current values set (if there - are any), but moving any unexpected variables into a file called - <kbd>localconfig.old</kbd>. If you want to continue having custom - varibles in <kbd>localconfig</kbd>, you will have to add them to - the <code>LOCALCONFIG_VARS</code> constant in - <kbd>Bugzilla::Install::Localconfig</kbd>.</li> - <li><kbd>Bugzilla::Object->update()</kbd> now returns something different - in list context than it does in scalar context.</li> - <li><kbd>Bugzilla::Object->check()</kbd> now can take object - ids in addition to names. Just pass in <code>{ id => $some_value - }</code>.</li> - <li>Instead of being defined in <kbd>buglist.cgi</kbd>, columns for - search results are now defined in a subroutine called <code>COLUMNS</code> - in <kbd>Bugzilla::Search</kbd>. The data now mostly comes from the - <kbd>fielddefs</kbd> table in the database. Search.pm now takes a list - of column names from fielddefs for its <kbd>fields</kbd> argument instead - of literal SQL columns.</li> - <li><kbd>Bugzilla::Field->legal_values</kbd> now returns an array of - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Field/Choice.html">Bugzilla::Field::Choice</a> - objects instead of an array of strings. Bugzilla::Field::Choice will be used - in more places, in the future.</li> - <li>We now use <kbd>Bugzilla::Bug->check()</kbd> instead of - <kbd>ValidateBugId</kbd>.</li> - <li>The <kbd>groups</kbd> and <kbd>bless_groups</kbd> methods in - <kbd>Bugzilla::User</kbd> now return an arrayref of - <kbd>Bugzilla::Group</kbd> objects instead of a hashref with - group ids and group names.</li> - <li>Standard Bugzilla drop-down fields now have their type - set to <kbd>FIELD_TYPE_SINGLE_SELECT</kbd> in the fielddefs table.</li> - <li><kbd>Bugzilla->usage_mode</kbd> now defaults to - <kbd>USAGE_MODE_CMDLINE</kbd> if we are not running inside a web - server.</li> - <li>We no longer delete environment variables like <kbd>$ENV{PATH}</kbd> - automatically unless we're actually running in taint mode.</li> - <li>We are now using YUI 2.6.0.</li> - <li>In <a href="config.cgi?ctype=rdf">the RDF format of config.cgi</a>, - the "resource" attribute for flags now contains "flag.cgi" instead - of "flags.cgi".</li> -</ul> - - - - - - - -<h1 id="v34_previous">Bugzilla 3.2 Release Notes</h1> - -<h2>Table of Contents</h2> - -<ul class="bz_toc"> - <li><a href="#v32_introduction">Introduction</a></li> - <li><a href="#v32_point">Updates In This 3.2.x Release</a></li> - <li><a href="#v32_security">Security Fixes In This 3.2.x Release</a></li> - <li><a href="#v32_req">Minimum Requirements</a></li> - <li><a href="#v32_feat">New Features and Improvements</a></li> - <li><a href="#v32_issues">Outstanding Issues</a></li> - <li><a href="#v32_upgrading">How to Upgrade From An Older Version</a></li> - <li><a href="#v32_code_changes">Code Changes Which May Affect - Customizations</a></li> - <li><a href="#v32_previous">Release Notes for Previous Versions</a></li> -</ul> - -<h2 id="v32_introduction">Introduction</h2> - -<p>Welcome to Bugzilla 3.2! This is our first major feature - release since Bugzilla 3.0, and it brings a lot of great - improvements and polish to the Bugzilla experience.</p> - -<p>If you're upgrading, make sure to read <a href="#v32_upgrading">How to - Upgrade From An Older Version</a>. If you are upgrading from a release - before 3.0, make sure to read the release notes for all the - <a href="#v32_previous">previous versions</a> in between your version - and this one, <strong>particularly the "Notes For Upgraders" section of each - version's release notes</strong>.</p> - -<h2 id="v32_point">Updates in this 3.2.x Release</h2> - -<p>This section describes what's changed in the most recent b<!-- -->ug-fix - releases of Bugzilla after 3.2. We only list the - most important fixes in each release. If you want a detailed list of - <em>everything</em> that's changed in each version, you should use our - <a href="http://www.bugzilla.org/status/changes.html">Change Log - Page</a>.</p> - -<h3>3.2.3</h3> - -<ul> - <li>Bugzilla is now compatible with MySQL 5.1.x versions 5.1.31 - and greater. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=480001">[% terms.Bug %] 480001</a>)</li> - <li>On Windows, Bugzilla sometimes would send mangled emails - (that would often fail to send). - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=467920">[% terms.Bug %] 467920</a>)</li> - <li><code>recode.pl</code> would sometimes crash when trying to convert - databases from older versions of Bugzilla. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=431201">[% terms.Bug %] 431201</a>)</li> - <li>Running a saved search with Unicode characters in its name would - cause Bugzilla to crash. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=477513">[% terms.Bug %] 477513</a>)</li> - <li>Bugzilla clients like Mylyn can now update [% terms.bugs %] - again (the [% terms.bug %] XML format now contains a "token" element that - can be used when updating [% terms.abug %]). - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=476678">[% terms.Bug %] 476678</a>)</li> - <li>For installations using the <code>shadowdb</code> parameter, - Bugzilla was accidentally writing to the "tokens" table - in the shadow database (instead of the master database) when using the - "Change Several [% terms.Bugs %] at Once" page. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=476943">[% terms.Bug %] 476943</a>)</li> -</ul> - -<p>This release also contains a security fix. See the - <a href="#v32_security">Security Fixes Section</a> for details.</p> - -<h3>3.2.2</h3> - -<p>This release fixes one security issue that is critical for installations - running 3.2.1 under mod_perl. See the - <a href="http://www.bugzilla.org/security/3.0.7/">Security Advisory</a> - for details.</p> - -<h3>3.2.1</h3> - -<ul> - <li>Attachments, charts, and graphs would sometimes be garbled on Windows. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=464992">[% terms.Bug %] 464992</a>)</li> - - <li>Saving changes to parameters would sometimes fail silently (particularly - on Windows when the web server didn't have the right permissions to - update the <code>params</code> file). Bugzilla will now - throw an error in this case, telling you what is wrong. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=347707">[% terms.Bug %] 347707</a>)</li> - - <li>If you were using the <code>usemenuforusers</code> parameter, - and [% terms.abug %] was assigned to (or had a QA Contact of) a disabled - user, that field would be reset to the first user in the list when - updating [% terms.abug %]. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=465589">[% terms.Bug %] 465589</a>)</li> - - <li>If you were using the <code>PROJECT</code> environment variable - to have multiple Bugzilla installations using one codebase, - project-specific templates were being ignored. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=467324">[% terms.Bug %] 467324</a>)</li> - - <li>Some versions of the SOAP::Lite Perl module had a b[% %]ug that caused - Bugzilla's XML-RPC service to break. - <kbd>checksetup.pl</kbd> now checks for these bad versions and - will reject them. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=468009">[% terms.Bug %] 468009</a>)</li> - - <li>The font sizes in various places were too small, when using the - Classic skin. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=469136">[% terms.Bug %] 469136</a>)</li> -</ul> - -<h2 id="v32_security">Security Fixes In This 3.2.x Release</h2> - -<h3>3.2.3</h3> - -<p>This release fixes one security issue related to attachments. See the - <a href="http://www.bugzilla.org/security/3.2.2/">Security Advisory</a> - for details.</p> - -<h3>3.2.2</h3> - -<p>This release fixes one security issue that is critical for installations - running 3.2.1 under mod_perl. See the - <a href="http://www.bugzilla.org/security/3.0.7/">Security Advisory</a> - for details.</p> - -<h3>3.2.1</h3> - -<p>This release contains several security fixes. One fix may break any - automated scripts you have that are loading <kbd>process_bug.cgi</kbd> - directly. We recommend that you read the entire - <a href="http://www.bugzilla.org/security/2.22.6/">Security Advisory</a> - for this release.</p> - -<h2 id="v32_req">Minimum Requirements</h2> - -<p>Any requirements that are new since 3.0.5 will look like - <span class="req_new">this</span>.</p> - -<ul> - <li><a href="#v32_req_perl">Perl</a></li> - <li><a href="#v32_req_mysql">For MySQL Users</a></li> - <li><a href="#v32_req_pg">For PostgreSQL Users</a></li> - <li><a href="#v32_req_oracle">For Oracle Users</a></li> - <li><a href="#v32_req_modules">Required Perl Modules</a></li> - <li><a href="#v32_req_optional_mod">Optional Perl - Modules</a></li> -</ul> - -<h3 id="v32_req_perl">Perl</h3> - -<p>Perl <span class="req_new">v<strong>5.8.1</strong></span></p> - -<h3 id="v32_req_mysql">For MySQL Users</h3> - -<ul> - <li>MySQL v4.1.2</li> - <li><strong>perl module:</strong> - DBD::mysql <span class="req_new">v4.00</span></li> -</ul> - -<h3 id="v32_req_pg">For PostgreSQL Users</h3> - -<ul> - <li>PostgreSQL v8.00.0000</li> - <li><strong>perl module:</strong> DBD::Pg v1.45</li> -</ul> - -<h3 id="v32_req_oracle">Email Addresses Hidden From Logged-Out Users - For Oracle Users</h3> - -<ul> - <li>Oracle v10.02.0</li> - <li><strong>perl module:</strong> DBD::Oracle v1.19</li> -</ul> - -<h3 id="v32_req_modules">Required Perl Modules</h3> - -<table class="req_table"> - <tr> - <th>Module</th> - <th>Version</th> - </tr> - <tr> - <td>CGI</td> - <td class="req_new">3.21 (on Perl 5.8.x) or 3.33 (on Perl 5.10.x)</td> - </tr> - <tr> - <td>Date::Format</td> - <td>2.21</td> - </tr> - <tr> - <td>File::Spec</td> - <td>0.84</td> - </tr> - <tr> - <td>DBI</td> - <td>1.41</td> - </tr> - <tr> - <td>Template</td> - <td class="req_new">2.15</td> - </tr> - <tr> - <td>Email::Send</td> - <td>2.00</td> - </tr> - <tr> - <td>Email::MIME</td> - <td class="req_new">1.861</td> - </tr> - <tr> - <td class="req_new">Email::MIME::Encodings</td> - <td class="req_new">1.313</td> - </tr> - <tr> - <td>Email::MIME::Modifier</td> - <td class="req_new">1.442</td> - </tr> -</table> - -<h3 id="v32_req_optional_mod">Optional Perl Modules</h3> - -<p>The following perl modules, if installed, enable various - features of Bugzilla:</p> - -<table class="req_table"> -<tr> - <th>Module</th> - <th>Version</th> - <th>Enables Feature</th> -</tr> -<tr> - <td>LWP::UserAgent</td> - <td>(Any)</td> - <td>Automatic Update Notifications</td> -</tr> -<tr> - <td>Template::Plugin::GD::Image</td> - <td>(Any)</td> - <td>Graphical Reports</td> -</tr> -<tr> - <td>GD::Text</td> - <td>(Any)</td> - <td>Graphical Reports</td> -</tr> -<tr> - <td>GD::Graph</td> - <td>(Any)</td> - <td>Graphical Reports</td> -</tr> -<tr> - <td>GD</td> - <td>1.20</td> - <td>Graphical Reports, New Charts, Old Charts</td> -</tr> -<tr> - <td>Email::MIME::Attachment::Stripper</td> - <td>(Any)</td> - <td>Inbound Email</td> -</tr> -<tr> - <td>Email::Reply</td> - <td>(Any)</td> - <td>Inbound Email</td> -</tr> -<tr> - <td>Net::LDAP</td> - <td>(Any)</td> - <td>LDAP Authentication</td> -</tr> -<tr> - <td>HTML::Parser</td> - <td>3.40</td> - <td>More HTML in Product/Group Descriptions</td> -</tr> -<tr> - <td>HTML::Scrubber</td> - <td>(Any)</td> - <td>More HTML in Product/Group Descriptions</td> -</tr> -<tr> - <td>XML::Twig</td> - <td>(Any)</td> - <td>Move [% terms.Bugs %] Between Installations</td> -</tr> -<tr> - <td>MIME::Parser</td> - <td>5.406</td> - <td>Move [% terms.Bugs %] Between Installations</td> -</tr> -<tr> - <td>Chart::Base</td> - <td>1.0</td> - <td>New Charts, Old Charts</td> -</tr> -<tr> - <td>Image::Magick</td> - <td>(Any)</td> - <td>Optionally Convert BMP Attachments to PNGs</td> -</tr> -<tr> - <td>PatchReader</td> - <td>0.9.4</td> - <td>Patch Viewer</td> -</tr> -<tr> - <td class="req_new">Authen::Radius</td> - <td class="req_new">(Any)</td> - <td>RADIUS Authentication</td> -</tr> -<tr> - <td class="req_new">Authen::SASL</td> - <td class="req_new">(Any)</td> - <td>SMTP Authentication</td> -</tr> -<tr> - <td>SOAP::Lite</td> - <td>(Any)</td> - <td>XML-RPC Interface</td> -</tr> -<tr> - <td>mod_perl2</td> - <td>1.999022</td> - <td>mod_perl</td> -</tr> -</table> - -<h2 id="v32_feat">New Features and Improvements</h2> - -<ul> - <li><a href="#v32_feat_ui">Major UI Improvements</a></li> - <li><a href="#v32_feat_skin">New Default Skin: Dusk</a></li> - <li><a href="#v32_feat_status">Custom Status Workflow</a></li> - <li><a href="#v32_feat_fields">New Custom Field Types</a></li> - <li><a href="#v32_feat_install">Easier Installation</a></li> - <li><a href="#v32_feat_oracle">Experimental Oracle Support</a></li> - <li><a href="#v32_feat_utf8">Improved UTF-8 Support</a></li> - <li><a href="#v32_feat_grcons">Group Icons</a></li> - <li><a href="#v32_feat_other">Other Enhancements and Changes</a></li> -</ul> - -<h3 id="v32_feat_ui">Major UI Improvements</h3> - -<p>Bugzilla 3.2 has had some UI assistance from the NASA - Human-Computer Interaction department and the new - <a href="http://wiki.mozilla.org/Bugzilla:UE">Bugzilla - User Interface Team</a>.</p> - -<p>In particular, you will notice a massively redesigned [% terms.bug %] - editing form, in addition to our <a href="#v32_feat_skin">new skin</a>.</p> - -<h3 id="v32_feat_skin">New Default Skin: Dusk</h3> - -<p>Bugzilla 3.2 now ships with a skin called "Dusk" that is - a bit more colorful than old default "Classic" skin.</p> - -<p>Upgrading installations will still default to the "Classic" - skin--administrators can change the default in the Default Preferences - control panel. Users can also choose to use the old skin in their - Preferences (or using the View :: Page Style menu in Firefox).</p> - -<p>The changes that Bugzilla required for Dusk made - Bugzilla much easier to skin. See the - <a href="http://wiki.mozilla.org/Bugzilla:Addons#Skins">Addons page</a> - for additional skins, or try making your own!</p> - -<h3 id="v32_feat_status">Custom Status Workflow</h3> - -<p>You can now customize the list of statuses in Bugzilla, - and transitions between them.</p> - -<p>You can also specify that a comment must be made on certain transitions.</p> - -<h3 id="v32_feat_fields">New Custom Field Types</h3> - -<p>Bugzilla 3.2 has support for three new types of - custom fields:</p> - -<ul> - <li>Large Text: Adds a multi-line textbox to your [% terms.bugs %].</li> - <li>Multiple Selection Box: Adds a box that allows you to choose - multiple items from a list.</li> - <li>Date/Time: Displays a date and time, along with a JavaScript - calendar popup to make picking a date easier.</li> -</ul> - -<h3 id="v32_feat_install">Easier Installation</h3> - -<p>Bugzilla now comes with a script called - <kbd>install-module.pl</kbd> that can automatically download - and install all of the required Perl modules for Bugzilla. - It stores them in a directory inside your Bugzilla - installation, so you can use it even if you don't have administrator-level - access to your machine, and without modifying your main Perl install.</p> - -<p><kbd>checksetup.pl</kbd> will print out instructions for using - <kbd>install-module.pl</kbd>, or you can read its - <a href="[% docs_urlbase FILTER html %]api/install-module.html">documentation</a>.</p> - -<h3 id="v32_feat_oracle">Experimental Oracle Support</h3> - -<p>Bugzilla 3.2 contains experimental support for using - Oracle as its database. Some features of Bugzilla are known - to be broken on Oracle, but hopefully will be working by our next major - release.</p> - -<p>The Bugzilla Project, as an open-source project, of course - does not recommend the use of proprietary database solutions. However, - if your organization requires that you use Oracle, this will allow - you to use Bugzilla!</p> - -<p>The Bugzilla Project thanks Oracle Corp. for their extensive - development contributions to Bugzilla which allowed this to - happen!</p> - -<h3 id="v32_feat_utf8">Improved UTF-8 Support</h3> - -<p>Bugzilla 3.2 now has advanced UTF-8 support in its code, - including correct handling for truncating and wrapping multi-byte - languages. Major issues with multi-byte or unusual languages - are now resolved, and Bugzilla should now be usable - by users in every country with little (or at least much less) - customization.</p> - -<h3 id="v32_feat_grcons">Group Icons</h3> - -<p>Administrators can now specify that users who are in certain groups - should have an icon appear next to their name whenever they comment. - This is particularly useful for distinguishing developers from - [%+ terms.bug %] reporters.</p> - -<h3 id="v32_feat_other">Other Enhancements and Changes</h3> - -<p>These are either minor enhancements, or enhancements that have - very short descriptions. Some of these are very useful, though!</p> - -<h4>Enhancements For Users</h4> - -<ul> - <li><strong>[% terms.Bugs %]</strong>: You can now reassign - [%+ terms.abug %] at the same time as you are changing its status.</li> - <li><strong>[% terms.Bugs %]</strong>: When entering [% terms.abug %], - you will now see the description of a component when you select it.</li> - <li><strong>[% terms.Bugs %]</strong>: The [% terms.bug %] view now - contains some <a href="http://microformats.org/about/">Microformats</a>, - most notably for users' names and email addresses.</li> - <li><strong>[% terms.Bugs %]</strong>: You can now remove a QA Contact - from [% terms.abug %] simply by clearing the QA Contact field.</li> - <li><strong>[% terms.Bugs %]</strong>: There is now a user preference - that will allow you to exclude the quoted text when replying - to comments.</li> - <li><strong>[% terms.Bugs %]</strong>: You can now expand or collapse - individual comments in the [% terms.bug %] view.</li> - - <li><strong>Attachments</strong>: There is now "mid-air collision" - protection when editing attachments.</li> - <li><strong>Attachments</strong>: Patches in the Diff Viewer now show - line numbers (<a href="https://bugzilla.mozilla.org/attachment.cgi?id=327546">Example</a>).</li> - <li><strong>Attachments</strong>: After creating or updating an attachment, - you will be immediately shown the [% terms.bug %] that the attachment - is on.</li> - - <li><strong>Search</strong>: You can now reverse the sort of - [%+ terms.abug %] list by clicking on a column header again.</li> - <li><strong>Search</strong>: Atom feeds of [% terms.bug %] lists now - contain more fields.</li> - <li><strong>Search</strong>: QuickSearch now supports searching flags - and groups. It also now includes the OS field in the list of fields - it searches by default.</li> - <li><strong>Search</strong>: "Help" text can now appear on query.cgi - for Internet Explorer and other non-Firefox browsers. (It always - could appear for Firefox.)</li> - - <li>Bugzilla now ships with an icon that will show - up next to the URL in most browsers. If you want to replace it, - it's in <kbd>images/favicon.ico</kbd>.</li> - - <li>You can now set the Deadline when using "Change Several - [%+ terms.Bugs %] At Once"</li> - <li><strong>Saved Searches</strong> now save their column list, so if - you customize the list of columns and save your search, it will - always contain those columns.</li> - <li><strong>Saved Searches</strong>: When you share a search, you can - now see how many users have subscribed to it, on - <kbd>userprefs.cgi</kbd>.</li> - <li><strong>Saved Searches</strong>: You can now see what group a - shared search was shared to, on the list of available shared searches - in <kbd>userprefs.cgi</kbd>.</li> - <li><strong>Flags</strong>: If your installation uses drop-down user - lists, the flag requestee box will now contain only users who are - actually allowed to take requests.</li> - <li><strong>Flags</strong>: If somebody makes a request to you, and you - change the requestee to somebody else, the requester is no longer set - to you. In other words, you can "redirect" requests and maintain the - original requester.</li> - <li><strong>Flags</strong>: Emails about flags now will thread properly - in email clients to be a part of [% terms.abug %]'s thread.</li> - <li>When using <kbd>email_in.pl</kbd>, you can now add users to the CC - list by just using <kbd>@cc</kbd> as the field name.</li> - <li>Many pages (particularly administrative pages) now contain links to - the relevant section of the Bugzilla Guide, so you can read - the documentation for that page.</li> - <li>Dependency Graphs should render more quickly, as they now (by default) - only include the same [% terms.bugs %] that you'd see in the dependency - tree.</li> -</ul> - -<h4>Enhancements For Administrators</h4> - -<ul> - <li><strong>Admin UI</strong>: Instead of having the Administration - Control Panel links in the footer, there is now just one link called - "Administration" that takes you to a page that links to all the - administrative controls for Bugzilla.</li> - <li><strong>Admin UI</strong>: Administrative pages no longer display - confirmation pages, instead they redirect you to some useful page - and display a message about what changed.</li> - <li><strong>Admin UI</strong>: The interface for editing group - inheritance in <kbd>editgroups.cgi</kbd> is much clearer now.</li> - <li><strong>Admin UI</strong>: When editing a user, you can now see - all the components where that user is the Default Assignee or Default - QA Contact.</li> - - <li><strong>Email</strong>: For installations that use SMTP to send - mail (as opposed to Sendmail), Bugzilla now supports - SMTP Authentication, so that it can log in to your mail server - before sending messages.</li> - <li><strong>Email</strong>: Using the "Test" mail delivery method now - creates a valid mbox file to make testing easier.</li> - - <li><strong>Authentication</strong>: Bugzilla now correctly - handles LDAP records which contain multiple email addresses. (The first - email address in the list that is a valid Bugzilla account - will be used, or if this is a new user, the first email address in - the list will be used.)</li> - <li><strong>Authentication</strong>: Bugzilla can now take - a list of LDAP servers to try in order until it gets a successful - connection.</li> - <li><strong>Authentication</strong>: Bugzilla now supports - RADIUS authentication.</li> - - <li><strong>Security</strong>: The login cookie is now created as - "HTTPOnly" so that it can't be read by possibly malicious scripts. - Also, if SSL is enabled on your installation, the login cookie is - now only sent over SSL connections.</li> - <li><strong>Security</strong>: The <code>ssl</code> parameter now protects - every page a logged-in user accesses, when set to "authenticated sessions." - Also, SSL is now enforced appropriately in the WebServices interface when - the parameter is set.</li> - - <li><strong>Database</strong>: Bugzilla now uses transactions in - the database instead of table locks. This should generally improve - performance with many concurrent users. It also means if there is - an unexpected error in the middle of a page, all database changes made - during that page will be rolled back.</li> - <li><strong>Database</strong>: You no longer have to set - <code>max_packet_size</code> in MySQL to add large attachments. However, - you may need to set it manually if you restore a mysqldump into your - database.</li> - - <li>New WebService functions: - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bug.html">B<!-- -->ug.add_comment</a> - and <a href="[% docs_urlbase FILTER html %]api/Bugzilla/WebService/Bugzilla.html">Bugzilla.extensions</a>.</li> - - <li>You can now delete custom fields, but only if they have never been - set on any [% terms.bug %].</li> - <li>There is now a <kbd>--reset-password</kbd> argument to - <kbd>checksetup.pl</kbd> that allows you to reset a user's password - from the command line.</li> - <li>There is now a script called <kbd>sanitycheck.pl</kbd> that you can - run from the command line. It works just like <kbd>sanitycheck.cgi</kbd>. - By default, it only outputs anything if there's an error, so it's - ideal for administrators who want to run it nightly in a cron job.</li> - <li>The <kbd>strict_isolation</kbd> parameter now prevents you from setting - users who cannot see [% terms.abug %] as a CC, Assignee, or QA - Contact. Previously it only prevented you from adding users who - could not <em>edit</em> the [% terms.bug %].</li> - <li>Extensions can now add their own headers to the HTML <head> - for things like custom CSS and so on.</li> - <li><kbd>sanitycheck.cgi</kbd> has been templatized, meaning that the - entire Bugzilla UI is now contained in templates.</li> - <li>When setting the <kbd>sslbase</kbd> parameter, you can now specify - a port number in the URL.</li> - <li>When importing [% terms.bugs %] using <kbd>importxml.pl</kbd>, - attachments will have their actual creator set as their creator, - instead of the person who exported the [% terms.bug %] from the other - system.</li> - <li>The voting system is off by default in new installs. This is to - prepare for the fact that it will be moved into an extension at - some point in the future.</li> - <li>The <code>shutdownhtml</code> parameter now works even when - Bugzilla's database server is down.</li> -</ul> - -<h3>Enhancements for Localizers (or Localized Installations)</h3> - -<ul> - <li>The documentation can now be localized--in other words, you can have - documentation installed for multiple languages at once and - Bugzilla will link to the correct language in its internal - documentation links.</li> - <li>Bugzilla no longer uses the <kbd>languages</kbd> parameter. - Instead it reads the <kbd>template/</kbd> directory to see which - languages are available.</li> - <li>Some of the messages printed by <kbd>checksetup.pl</kbd> can now - be localized. See <kbd>template/en/default/setup/strings.txt.pl</kbd>. -</ul> - -<h2 id="v32_issues">Outstanding Issues</h2> - -<ul> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=423439"> - [%- terms.Bug %] 423439</a>: Tabs in comments will be converted - to four spaces, due to a b<!-- -->ug in Perl as of Perl 5.8.8.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=69621"> - [%- terms.Bug %] 69621</a>: If you rename or remove a keyword that is - in use on [% terms.bugs %], you will need to rebuild the "keyword cache" - by running <a href="sanitycheck.cgi">sanitycheck.cgi</a> and choosing - the option to rebuild the cache when it asks. Otherwise keywords may - not show up properly in search results.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=89822"> - [%- terms.Bug %] 89822</a>: When changing multiple [% terms.bugs %] at - the same time, there is no "mid-air collision" protection.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=276230"> - [%- terms.Bug %] 276230</a>: The support for restricting access to - particular Categories of New Charts is not complete. You should treat - the 'chartgroup' Param as the only access mechanism available.<br> - However, charts migrated from Old Charts will be restricted to - the groups that are marked MANDATORY for the corresponding Product. - There is currently no way to change this restriction, and the - groupings will not be updated if the group configuration - for the Product changes.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=370370"> - [%- terms.Bug %] 370370</a>: mod_perl support is currently not - working on Windows machines.</li> -</ul> - -<h2 id="v32_upgrading">How to Upgrade From An Older Version</h2> - -<h3 id="v32_upgrading_notes">Notes For Upgraders</h3> - -<ul> - <li>If you upgrade by CVS, the <kbd>extensions</kbd> and - <kbd>skins/contrib</kbd> directories are now in CVS instead of - being created by <kbd>checksetup.pl</kbd> If you do a <kbd>cvs update</kbd> - from 3.0, you will be told that your directories are "in the way" and - you should delete (or move) them and then do <kbd>cvs update</kbd> - again. Also, the <kbd>docs</kbd> directory has been restructured - and after you <kbd>cvs update</kbd> you can delete the <kbd>docs/html</kbd>, - <kbd>docs/pdf</kbd>, <kbd>docs/txt</kbd>, and <kbd>docs/xml</kbd> - directories.</li> - <li>If you are using MySQL, you should know that Bugzilla - now uses InnoDB for all tables. <kbd>checksetup.pl</kbd> will convert - your tables automatically, but if you have InnoDB disabled, - the upgrade will not be able to complete (and <kbd>checksetup.pl</kbd> - will tell you so).</li> - - <li><strong>You should also read the - <a href="#v30_upgrading_notes">Bugzilla 3.0 Notes For Upgraders - section</a> of the - <a href="#v32_previous">previous release notes</a> if you are upgrading - from a version before 3.0.</strong></li> -</ul> - -<h3>Steps For Upgrading</h3> - -<p>Once you have read the notes above, see the - <a href="[% docs_urlbase FILTER html %]upgrade.html">Upgrading - documentation</a> for instructions on how to upgrade.</p> - -<h2 id="v32_code_changes">Code Changes Which May Affect Customizations</h2> - -<ul> - <li><a href="#v32_code_hooks">More Hooks!</a></li> - <li><a href="#v32_code_search">Search.pm Rearchitecture</a></li> - <li><a href="#v32_code_lib">lib Directory</a></li> - <li><a href="#v32_code_other">Other Changes</a></li> -</ul> - -<h3 id="v32_code_hooks">More Hooks!</h3> - -<p>There are more code hooks in 3.2 than there were in 3.0. See the - documentation of <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Hook.html">Bugzilla::Hook</a> - for more details.</p> - -<h3 id="v32_code_search">Search.pm Rearchitecture</h3> - -<p><kbd>Bugzilla/Search.pm</kbd> has been heavily modified, to be much - easier to read and use. It contains mostly the same code as it did in - 3.0, but it has been moved around and reorganized significantly.</p> - -<h3 id="v32_code_lib">lib Directory</h3> - -<p>As part of implementing <a href="#v32_feat_install">install-module.pl</a>, - Bugzilla was given a local <kbd>lib</kbd> directory which - it searches for modules, in addition to the standard system path.</p> - -<p>This means that all Bugzilla scripts now start with - <code>use lib qw(. lib);</code> as one of the first lines.</p> - -<h3 id="v32_code_other">Other Changes</h3> - -<ul> - <li>You should now be using <code>get_status('NEW')</code> instead of - <code>status_descs.NEW</code> in templates.</li> - <li>The <code>[%# version = 1.0 %]</code> comment at the top of every - template file has been removed.</li> -</ul> - -<h1 id="v32_previous">Bugzilla 3.0.x Release Notes</h1> - -<h2>Table of Contents</h2> - -<ul class="bz_toc"> - <li><a href="#v30_introduction">Introduction</a></li> - <li><a href="#v30_point">Updates In This 3.0.x Release</a></li> - <li><a href="#v30_req">Minimum Requirements</a></li> - <li><a href="#v30_feat">New Features and Improvements</a></li> - <li><a href="#v30_issues">Outstanding Issues</a></li> - <li><a href="#v30_security">Security Fixes In This Release</a></li> - <li><a href="#v30_upgrading">How to Upgrade From An Older Version</a></li> - <li><a href="#v30_code_changes">Code Changes Which May Affect - Customizations</a></li> - <li><a href="#v30_previous">Release Notes for Previous Versions</a></li> -</ul> - -<h2 id="v30_introduction">Introduction</h2> - -<p>Welcome to Bugzilla 3.0! It's been over eight years since - we released Bugzilla 2.0, and everything has changed since - then. Even just since our previous release, Bugzilla 2.22, - we've added a <em>lot</em> of new features. So enjoy the release, we're - happy to bring it to you.</p> - -<p>If you're upgrading, make sure to read <a href="#v30_upgrading">How to - Upgrade From An Older Version</a>. If you are upgrading from a release - before 2.22, make sure to read the release notes for all the - <a href="#v30_previous">previous versions</a> in between your version - and this one.</p> - -<h2 id="v30_point">Updates in this 3.0.x Release</h2> - -<p>This section describes what's changed in the most recent b<!-- -->ug-fix - releases of Bugzilla after 3.0. We only list the - most important fixes in each release. If you want a detailed list of - <em>everything</em> that's changed in each version, you should use our - <a href="http://www.bugzilla.org/status/changes.html">Change Log Page</a>.</p> - -<h3>3.0.6</h3> - -<ul> - <li>Before 3.0.6, unexpected fatal WebService errors would result in - a <code>faultCode</code> that was a string instead of a number. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=446327">[% terms.Bug %] 446327</a>)</li> - <li>If you created a product or component with the same name as one you - previously deleted, it would fail with an error about the series table. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=247936">[% terms.Bug %] 247936</a>)</li> -</ul> - -<p>See also the <a href="#v30_security">Security Advisory</a> section for - information about a security issue fixed in this release.</p> - -<h3>3.0.5</h3> - -<ul> - <li>If you don't have permission to set a flag, it will now appear - unchangeable in the UI. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=433851">[% terms.Bug %] 433851</a>)</li> - <li>If you were running mod_perl, Bugzilla was not correctly - closing its connections to the database since 3.0.3, and so sometimes - the DB would run out of connections. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=441592">[% terms.Bug %] 441592</a>)</li> - <li>The installation script is now clear about exactly which - <code>Email::</code> modules are required in Perl, thus avoiding the - problem where emails show up with a body like - <samp>SCALAR(0xBF126795)</samp>. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=441541">[% terms.Bug %] 441541</a>)</li> - <li><a href="[% docs_urlbase FILTER html %]api/email_in.html">email_in.pl</a> - is no longer case-sensitive for values of <kbd>@product</kbd>. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=365697">[% terms.Bug %] 365697</a>)</li> -</ul> - -<p>See also the <a href="#v30_security">Security Advisory</a> section for - information about security issues fixed in this release.</p> - -<h3>3.0.4</h3> - -<ul> - <li>Bugzilla administrators were not being correctly notified - about new releases. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=414726">[% terms.Bug %] 414726</a>)</li> - - <li>There could be extra whitespace in email subject lines. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=411544">[% terms.Bug %] 411544</a>)</li> - - <li>The priority, severity, OS, and platform fields were always required by - the <kbd>B<!-- -->ug.create</kbd> WebService function, even if they had - defaults specified. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=384009">[% terms.Bug %] 384009</a>)</li> - - <li>Better threading of [% terms.bug %]mail in some email clients. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=376453">[% terms.Bug %] 376453</a>)</li> - - <li>There were many fixes to the Inbound Email Interface - (<kbd>email_in.pl</kbd>). - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=92274">[% terms.Bug %] 92274</a>, - <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=377025">[% terms.Bug %] 377025</a>, - <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=412943">[% terms.Bug %] 412943</a>, - <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=413672">[% terms.Bug %] 413672</a>, and - <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=431721">[% terms.Bug %] 431721</a>)</li> - - <li><kbd>checksetup.pl</kbd> now handles UTF-8 conversion more reliably during upgrades. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=374951">[% terms.Bug %] 374951</a>)</li> - - <li>Comments written in CJK languages are now correctly word-wrapped. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=388723">[% terms.Bug %] 388723</a>)</li> - - <li>All emails will now be sent in the correct language, when the user - has chosen a language for emails. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=405946">[% terms.Bug %] 405946</a>) - - <li>On Windows, temporary files created when uploading attachments are now - correctly deleted when the upload is complete. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=414002">[% terms.Bug %] 414002</a>)</li> - - <li><kbd>checksetup.pl</kbd> now prints correct installation instructions - for Windows users using Perl 5.10. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=414430">[% terms.Bug %] 414430</a>) -</ul> - -<p>See also the <a href="#v30_security">Security Advisory</a> section for - information about security issues fixed in this release.</p> - -<h3>3.0.3</h3> - -<ul> - <li>mod_perl no longer compiles Bugzilla's code for each Apache - process individually. It now compiles code only once and shares it among - each Apache process. This greatly improves performance and highly - decreases the memory footprint. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=398241">[% terms.Bug %] 398241</a>)</li> - - <li>You can now search for '---' (without quotes) in versions and milestones. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=362436">[% terms.Bug %] 362436</a>)</li> - - <li>Bugzilla should no longer break lines unnecessarily in - email subjects. This was causing trouble with some email clients. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=374424">[% terms.Bug %] 374424</a>)</li> - - <li>If you had selected "I'm added to or removed from this capacity" option - for the "CC" role in your email preferences, you wouldn't get mail when - more than one person was added to the CC list at once. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=394796">[% terms.Bug %] 394796</a>)</li> - - <li>Deleting a user account no longer deletes whines from another user who - has the deleted account as addressee. The schedule is simply removed, - but the whine itself is left intact. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=395924">[% terms.Bug %] 395924</a>)</li> - - <li><kbd>contrib/merge-users.pl</kbd> now correctly merges all required - fields when merging two user accounts. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=400160">[% terms.Bug %] 400160</a>)</li> - - <li>Bugzilla no longer requires Apache::DBI to run under - mod_perl. It caused troubles such as lost connections with the DB and - didn't give any important performance gain. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=408766">[% terms.Bug %] 408766</a>)</li> -</ul> - -<h3>3.0.2</h3> - -<ul> - <li>Bugzilla should now work on Perl 5.9.5 (and thus the - upcoming Perl 5.10.0). - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=390442">[% terms.Bug %] 390442</a>)</li> -</ul> - -<p>See also the <a href="#v30_security">Security Advisory</a> section for - information about an important security issue fixed in this release.</p> - -<h3>3.0.1</h3> - -<ul> - <li>For users of Firefox 2, the <code>show_bug.cgi</code> user interface - should no longer "collapse" after you modify [% terms.abug %]. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=370739">[% terms.Bug %] 370739</a>)</li> - <li>If you can bless a group, and you share a saved search with that - group, it will no longer automatically appear in all of that group's - footers unless you specifically request that it automatically appear - in their footers. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=365890">[% terms.Bug %] 365890</a>)</li> - <li>There is now a parameter to allow users to perform searches without - any search terms. (In other words, to search for just a Product - and Status on the Simple Search page.) The parameter is called - <code>specific_search_allow_empty_words</code>. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=385910">[% terms.Bug %] 385910</a>)</li> - <li>If you attach a file that has a MIME-type of <code>text/x-patch</code> - or <code>text/x-diff</code>, it will automatically be treated as a - patch by Bugzilla. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=365756">[% terms.Bug %] 365756</a>)</li> - <li>Dependency Graphs now work correctly on all mod_perl installations. - There should now be no remaining signficant problems with running - Bugzilla under mod_perl. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=370398">[% terms.Bug %] 370398</a>)</li> - <li>If moving [% terms.abug %] between products would remove groups - from the [% terms.bug %], you are now warned. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=303183">[% terms.Bug %] 303183</a>)</li> - <li>On IIS, whenever Bugzilla threw a warning, it would - actually appear on the web page. Now warnings are suppressed, - unless you have a file in the <code>data</code> directory called - <code>errorlog</code>, in which case warnings will be printed there. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=390148">[% terms.Bug %] 390148</a>)</li> - <li>If you used <kbd>email_in.pl</kbd> to edit [% terms.abug %] that was - protected by groups, all of the groups would be cleared. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=385453">[% terms.Bug %] 385453</a>)</li> - <li>PostgreSQL users: New Charts were failing to collect data over time. - They will now start collecting data correctly. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=257351">[% terms.Bug %] 257351</a>)</li> - <li>Some flag mails didn't specify who the requestee was. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=379787">[% terms.Bug %] 379787</a>)</li> - <li>Instead of throwing real errors, <kbd>collectstats.pl</kbd> would - just say that it couldn't find <code>ThrowUserError</code>. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=380709">[% terms.Bug %] 380709</a>)</li> - <li>Logging into Bugzilla from the home page works again - with IIS5. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=364008">[% terms.Bug %] 364008</a>)</li> - <li>If you were using SMTP for sending email, sometimes emails would - be missing the <code>Date</code> header. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=304999">[% terms.Bug %] 304999</a>).</li> - <li>In the XML-RPC WebService, <code>B<!-- -->ug.legal_values</code> now - correctly returns values for custom fields if you request values - for custom fields. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=381737">[% terms.Bug %] 381737</a>)</li> - <li>The "[% terms.Bug %]-Writing Guidelines" page has been shortened - and re-written. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=378590">[% terms.Bug %] 378590</a>)</li> - <li>If your <code>urlbase</code> parameter included a port number, - like <code>www.domain.com:8080</code>, SMTP might have failed. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=384501">[% terms.Bug %] 384501</a>)</li> - <li>For SMTP users, there is a new parameter, <code>smtp_debug</code>. - Turning on this parameter will log the full information about - every SMTP session to your web server's error log, to help with - debugging issues with SMTP. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=384497">[% terms.Bug %] 384497</a>)</li> - <li>If you are a "global watcher" (you get all mails from every - [%+ terms.bug %]), you can now see that in your Email Preferences. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=365302">[% terms.Bug %] 365302</a>)</li> - <li>The Status and Resolution of [% terms.bugs %] are now correctly - localized in CSV search results. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=389517">[% terms.Bug %] 389517</a>)</li> - <li>The "Subject" line of an email was being mangled if it contained - non-Latin characters. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=387860">[% terms.Bug %] 387860</a>)</li> - <li>Editing the "languages" parameter using <kbd>editparams.cgi</kbd> would - sometimes fail, causing Bugzilla to throw an error. - (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=335354">[% terms.Bug %] 335354</a>)</li> -</ul> - -<h2 id="v30_req">Minimum Requirements</h2> - -<p>Any requirements that are new since 2.22 will look like - <span class="req_new">this</span>.</p> - -<ul> - <li><a href="#v30_req_perl">Perl</a></li> - <li><a href="#v30_req_mysql">For MySQL Users</a></li> - <li><a href="#v30_req_pg">For PostgreSQL Users</a></li> - <li><a href="#v30_req_modules">Required Perl Modules</a></li> - <li><a href="#v30_req_optional_mod">Optional Perl - Modules</a></li> -</ul> - - -<h3 id="v30_req_perl">Perl</h3> - -<ul> - <li>Perl <span class="req_new">v<strong>5.8.0</strong></span> (non-Windows - platforms)</li> - <li>Perl v<strong>5.8.1</strong> (Windows platforms)</li> -</ul> - -<h3 id="v30_req_mysql">For MySQL Users</h3> - -<ul> - <li>MySQL <span class="req_new">v4.1.2</span></li> - <li><strong>perl module:</strong> DBD::mysql v2.9003</li> -</ul> - -<h3 id="v30_req_pg">For PostgreSQL Users</h3> - -<ul> - <li>PostgreSQL v8.00.0000</li> - <li><strong>perl module:</strong> DBD::Pg v1.45</li> -</ul> - -<h3 id="v30_req_modules">Required Perl Modules</h3> - -<table class="req_table"> - <tr> - <th>Module</th> - <th>Version</th> - </tr> - <tr> - <td>CGI</td> - <td>2.93</td> - </tr> - <tr> - <td>Date::Format</td> - <td>2.21</td> - </tr> - <tr> - <td>DBI</td> - <td class="req_new">1.41</td> - </tr> - <tr> - <td>File::Spec</td> - <td>0.84</td> - </tr> - <tr> - <td>Template</td> - <td>2.12</td> - </tr> - <tr> - <td class="req_new">Email::Send</td> - <td class="req_new">2.00</td> - </tr> - <tr> - <td>Email::MIME</td> - <td>1.861</td> - </tr> - <tr> - <td class="req_new">Email::MIME::Modifier</td> - <td class="req_new">1.442</td> - </tr> -</table> - -<h3 id="v30_req_optional_mod">Optional Perl Modules</h3> - -<p>The following perl modules, if installed, enable various - features of Bugzilla:</p> - -<table class="req_table"> - <tr> - <th>Module</th> - <th>Version</th> - <th>Enables Feature</th> - </tr> - <tr> - <td class="req_new">LWP::UserAgent</td> - <td class="req_new">(Any)</td> - <td>Automatic Update Notifications</td> - </tr> - <tr> - <td>Template::Plugin::GD::Image</td> - <td>(Any)</td> - <td>Graphical Reports</td> - </tr> - <tr> - <td>GD::Graph</td> - <td>(Any)</td> - <td>Graphical Reports</td> - </tr> - <tr> - <td>GD::Text</td> - <td>(Any)</td> - <td>Graphical Reports</td> - </tr> - <tr> - <td>GD</td> - <td>1.20</td> - <td>Graphical Reports, New Charts, Old Charts</td> - </tr> - <tr> - <td class="req_new">Email::MIME::Attachment::Stripper</td> - <td class="req_new">(Any)</td> - <td>Inbound Email</td> - </tr> - <tr> - <td class="req_new">Email::Reply</td> - <td class="req_new">(Any)</td> - <td>Inbound Email</td> - </tr> - <tr> - <td>Net::LDAP</td> - <td>(Any)</td> - <td>LDAP Authentication</td> - </tr> - <tr> - <td>HTML::Parser</td> - <td>3.40</td> - <td>More HTML in Product/Group Descriptions</td> - </tr> - <tr> - <td>HTML::Scrubber</td> - <td>(Any)</td> - <td>More HTML in Product/Group Descriptions</td> - </tr> - <tr> - <td>XML::Twig</td> - <td>(Any)</td> - <td>Move [% terms.Bugs %] Between Installations</td> - </tr> - <tr> - <td>MIME::Parser</td> - <td>5.406</td> - <td>Move [% terms.Bugs %] Between Installations</td> - </tr> - <tr> - <td>Chart::Base</td> - <td>1.0</td> - <td>New Charts, Old Charts</td> - </tr> - <tr> - <td>Image::Magick</td> - <td>(Any)</td> - <td>Optionally Convert BMP Attachments to PNGs</td> - </tr> - <tr> - <td>PatchReader</td> - <td>0.9.4</td> - <td>Patch Viewer</td> - </tr> - <tr> - <td class="req_new">SOAP::Lite</td> - <td class="req_new">(Any)</td> - <td>XML-RPC Interface</td> - </tr> - <tr> - <td class="req_new">mod_perl2</td> - <td class="req_new">1.999022</td> - <td>mod_perl</td> - </tr> - <tr> - <td> CGI</td> - <td>3.11</td> - <td>mod_perl</td> - </tr> -</table> - -<h2 id="v30_feat">New Features and Improvements</h2> - -<ul> - <li><a href="#v30_feat_cf">Custom Fields</a></li> - <li><a href="#v30_feat_mp">mod_perl Support</a></li> - <li><a href="#v30_feat_sq">Shared Saved Searches</a></li> - <li> - <a href="#v30_feat_afn">Attachments and Flags on New [% terms.Bugs %]</a> - </li> - <li><a href="#v30_feat_cr">Custom Resolutions</a></li> - <li><a href="#v30_feat_ppp">Per-Product Permissions</a></li> - <li><a href="#v30_feat_ui">User Interface Improvements</a></li> - <li><a href="#v30_feat_xml">XML-RPC Interface</a></li> - <li><a href="#v30_feat_skin">Skins</a></li> - <li><a href="#v30_feat_sbu">Unchangeable Fields Appear - Unchangeable</a></li> - <li><a href="#v30_feat_et">All Emails in Templates</a></li> - <li><a href="#v30_feat_df">No More Double-Filed [% terms.Bugs %]</a></li> - <li><a href="#v30_feat_cc">Default CC List for Components</a></li> - <li><a href="#v30_feat_emi">File/Modify [% terms.Bugs %] By Email</a></li> - <li><a href="#v30_feat_gw">Users Who Get All [% terms.Bug %] - Notifications</a></li> - <li><a href="#v30_feat_utf8">Improved UTF-8 Support</a></li> - <li><a href="#v30_feat_upda">Automatic Update Notification</a></li> - <li><a href="#v30_feat_welc">Welcome Page for New Installs</a></li> - <li><a href="#v30_feat_other">Other Enhancements and Changes</a></li> -</ul> - -<h3 id="v30_feat_cf">Custom Fields</h3> - -<p>Bugzilla now includes very basic support for custom fields.</p> - -<p>Users in the <kbd>admin</kbd> group can add plain-text or drop-down - custom fields. You can edit the values available for drop-down fields - using the "Field Values" control panel.</p> - -<p>Don't add too many custom fields! It can make Bugzilla - very difficult to use. Try your best to get along with the default - fields, and then if you find that you can't live without custom fields - after a few weeks of using Bugzilla, only then should you - start your custom fields.</p> - -<h3 id="v30_feat_mp">mod_perl Support</h3> - -<p>Bugzilla 3.0 supports mod_perl, which allows for extremely - enhanced page-load performance. mod_perl trades memory usage for performance, - allowing near-instantaneous page loads, but using much more memory.</p> - -<p>If you want to enable mod_perl for your Bugzilla, we recommend - a minimum of 1.5GB of RAM, and for a site with heavy traffic, 4GB to 8GB.</p> - -<p>If performance isn't that critical on your installation, you don't - have the memory, or you are running some other web server than - Apache, Bugzilla still runs perfectly as a normal CGI - application, as well.</p> - -<h3 id="v30_feat_sq">Shared Saved Searches</h3> - -<p>Users can now choose to "share" their saved searches - with a certain group. That group will then be able to - "subscribe" to those searches, and have them appear - in their footer.</p> - -<p>If the sharer can "bless" the group they're sharing to, - (that is, if they can add users to that group), it's considered - that they're a manager of that group, and their queries show up - automatically in that group's footer (although they can - unsubscribe from any particular search, if they want.)</p> - -<p>In order to allow a user to share their queries, they also - have to be a member of the group specified in the - <code>querysharegroup</code> parameter.</p> - -<p>Users can control their shared and subscribed queries from - the "Preferences" screen.</p> - -<h3 id="v30_feat_afn">Attachments and Flags on New [% terms.Bugs %]</h3> - -<p>You can now add an attachment while you are filing a new - [%+ terms.bug %].</p> - -<p>You can also set flags on the [% terms.bug %] and on attachments, while - filing a new [% terms.bug %].</p> - -<h3 id="v30_feat_cr">Custom Resolutions</h3> - -<p>You can now customize the list of resolutions available - in Bugzilla, including renaming the default resolutions.</p> - -<p>The resolutions <code>FIXED</code>, <code>DUPLICATE</code> - and <code>MOVED</code> have a special meaning to Bugzilla, - though, and cannot be renamed or deleted.</p> - -<h3 id="v30_feat_ppp">Per-Product Permissions</h3> - -<p>You can now grant users <kbd>editbugs</kbd> and <kbd>canconfirm</kbd> - for only certain products. You can also grant users <kbd>editcomponents</kbd> - on a product, which means they will be able to edit that product - including adding/removing components and other product-specific - controls.</p> - -<h3 id="v30_feat_ui">User Interface Improvements</h3> - -<p>There has been some work on the user interface for Bugzilla 3.0, - including:</p> - -<ul> - <li>There is now navigation and a search box a the <em>top</em> of - each page, in addition to the bar at the bottom of the page.</li> - <li>A re-designed "Format for Printing" page for - [%+ terms.bugs %].</li> - <li>The layout of <kbd>show_bug.cgi</kbd> (the [% terms.bug %] editing - page) has been changed, and the attachment table has been redesigned.</li> -</ul> - -<h3 id="v30_feat_xml">XML-RPC Interface</h3> - -<p>Bugzilla now has a Web Services interface using the XML-RPC - protocol. It can be accessed by external applications by going - to the <kbd>xmlrpc.cgi</kbd> on your installation.</p> - -<p>Documentation can be found in the - <a href="[% docs_urlbase FILTER html %]api/">Bugzilla - API Docs</a>, in the various <kbd>Bugzilla::WebService</kbd> modules.</p> - -<h3 id="v30_feat_skin">Skins</h3> - -<p>Bugzilla can have multiple "skins" installed, - and users can pick between them. To write a skin, you just have to - write several CSS files. See the <a href="[% docs_urlbase FILTER html %]cust-skins.html">Custom - Skins Documentation</a> for more details.</p> - -<p>We currently don't have any alternate skins shipping with - Bugzilla. If you write an alternate skin, please - let us know!</p> - -<h3 id="v30_feat_sbu">Unchangeable Fields Appear Unchangeable</h3> - -<p>As long as you are logged in, when viewing [% terms.abug %], if you - cannot change a field, it will not look like you can change it. That - is, the value will just appear as plain text.</p> - -<h3 id="v30_feat_et">All Emails in Templates</h3> - -<p>All outbound emails are now controlled by the templating system. - What used to be the <code>passwordmail</code>, <code>whinemail</code>, - <code>newchangedmail</code> and <code>voteremovedmail</code> - parameters are now all templates in the <kbd>template/</kbd> directory.</p> - -<p>This means that it's now much easier to customize your outbound - emails, and it's also possible for localizers to have more - localized emails as part of their language packs, if they want.</p> - -<p>We also added a <code>mailfrom</code> parameter to let you set - who shows up in the <code>From</code> field on all emails that - Bugzilla sends.</p> - -<h3 id="v30_feat_df">No More Double-Filed [% terms.Bugs %]</h3> - -<p>Users of Bugzilla will sometimes accidentally submit - [%+ terms.abug %] twice, either by going back in their web browser, - or just by refreshing a page. In the past, this could file the same - [%+ terms.bug %] twice (or even three times) in a row, irritating - developers and confusing users.</p> - -<p>Now, if you try to submit [% terms.abug %] twice from the same screen - (by going back or by refreshing the page), Bugzilla will warn - you about what you're doing, before it actually submits the duplicate - [%+ terms.bug %].</p> - -<h3 id="v30_feat_cc">Default CC List for Components</h3> - -<p>You can specify a list of users who will <em>always</em> be added to - the CC list of new [% terms.bugs %] in a component.</p> - -<h3 id="v30_feat_emi">File/Modify [% terms.Bugs %] By Email</h3> - -<p>You can now file or modify [% terms.bugs %] via email. Previous versions - of Bugzilla included this feature only as an - unsupported add-on, but it is now an official interface to - Bugzilla.</p> - -<p>For more details see the <a href="[% docs_urlbase FILTER html %]api/email_in.html">documentation - for email_in.pl</a>.</p> - -<h3 id="v30_feat_gw">Users Who Get All [% terms.Bug %] Notifications</h3> - -<p>There is now a parameter called <kbd>globalwatchers</kbd>. This - is a comma-separated list of Bugzilla users who will - get all [% terms.bug %] notifications generated by Bugzilla.</p> - -<p>Group controls still apply, though, so users who can't see [% terms.abug %] - still won't get notifications about that [% terms.bug %].</p> - -<h3 id="v30_feat_utf8">Improved UTF-8 Support</h3> - -<p>Bugzilla users running MySQL should now have excellent - UTF-8 support if they turn on the <kbd>utf8</kbd> parameter. (New - installs have this parameter on by default.) Bugzilla - now correctly supports searching and sorting in non-English languages, - including multi-bytes languages such as Chinese.</p> - -<h3 id="v30_feat_upda">Automatic Update Notification</h3> - -<p>If you belong to the <kbd>admin</kbd> group, you will be notified - when you log in if there is a new release of Bugzilla - available to download.</p> - -<p>You can control these notifications by changing the - <kbd>upgrade_notification</kbd> parameter.</p> - -<p>If your Bugzilla installation is on a machine that needs to go - through a proxy to access the web, you may also have to set the - <kbd>proxy_url</kbd> parameter.</p> - -<h3 id="v30_feat_welc">Welcome Page for New Installs</h3> - -<p>When you log in for the first time on a brand-new Bugzilla - installation, you will be presented with a page that describes - where you should go from here, and what parameters you should set.</p> - -<h3 id="v30_feat_qs">QuickSearch Plugin for IE7 and Firefox 2</h3> - -<p>Firefox 2 users and Internet Explorer 7 users will be presented - with the option to add Bugzilla to their search bar. - This uses the - <a href="page.cgi?id=quicksearch.html">QuickSearch syntax</a>.</p> - -<h3 id="v30_feat_other">Other Enhancements and Changes</h3> - -<p>These are either minor enhancements, or enhancements that have - very short descriptions. Some of these are very useful, though!</p> - -<h4>Enhancements That Affect Bugzilla Users</h4> - -<ul> - <li>In comments, quoted text (lines that start with <kbd>></kbd>) - will be a different color from normal text.</li> - <li>There is now a user preference that will add you to the CC list - of any [% terms.bug %] you modify. Note that it's <strong>on</strong> - by default.</li> - <li>[% terms.Bugs %] can now be filed with an initial state of - <kbd>ASSIGNED</kbd>, if you are in the <kbd>editbugs</kbd> group.</li> - <li>By default, comment fields will zoom large when you are typing in them, - and become small when you move out of them. You can disable this - in your user preferences.</li> - <li>You can hide obsolete attachments on [% terms.abug %] by clicking - "Hide Obsolete" at the bottom of the attachment table.</li> - <li>If [% terms.abug %] has flags set, and you move it to a different - product that has flags with the same name, the flags will be - preserved.</li> - <li>You now can't request a flag to be set by somebody who can't set it - (Bugzilla will throw an error if you try).</li> - <li>Many new headers have been added to outbound Bugzilla - [%+ terms.bug %] emails: <code>X-Bugzilla-Status</code>, - <code>X-Bugzilla-Priority</code>, <code>X-Bugzilla-Assigned-To</code>, - <code>X-Bugzilla-Target-Milestone</code>, and - <code>X-Bugzilla-Changed-Fields</code>, <code>X-Bugzilla-Who</code>. - You can look at an email to get an idea of what they contain.</li> - <li>In addition to the old <code>X-Bugzilla-Reason</code> email header - which tells you why you got an email, if you got an email because - you were watching somebody, there is now an - <code>X-Bugzilla-Watch-Reason</code> header that tells you who you - were watching and what role they had.</li> - <li>If you hover your mouse over a full URL (like - <code>http://bugs.mycompany.com/show_bug.cgi?id=1212</code>) that - links to [% terms.abug %], you will see the title of the - [%+ terms.bug %]. Of course, this only works for [% terms.bugs %] in your - Bugzilla installation.</li> - <li>If your installation has user watching enabled, you will now see - the users that you can remove from your watch-list as a multi-select - box, much like the current CC list. (Previously it was just a text - box.)</li> - <li>When a user creates their own account in Bugzilla, the - account is now not actually created until they verify their email - address by clicking on a link that is emailed to them.</li> - <li>You can change [% terms.abug %]'s resolution without reopening it.</li> - <li>When you view the dependency tree on [% terms.abug %], resolved - [%+ terms.bugs %] will be hidden by default. (In previous versions, - resolved [% terms.bugs %] were shown by default.)</li> - <li>When viewing [% terms.bug %] activity, fields that hold [% terms.bug %] - numbers (such as "Blocks") will have the [% terms.bug %] numbers - displayed as links to those [% terms.bugs %].</li> - <li>When viewing the "Keywords" field in [% terms.abug %] list, - it will be sorted alphabetically, so you can sanely sort a list on - that field.</li> - <li>In most places, the Version field is now sorted using a version-sort - (so 1.10 is greater than 1.2) instead of an alphabetical sort.</li> - <li>Options for flags will only appear if you can set them. So, for - example, if you can't grant <kbd>+</kbd> on a flag, that option - won't appear for you.</li> - <li>You can limit the product-related output of <kbd>config.cgi</kbd> - by specifying a <kbd>product=</kbd> URL argument, containing the name - of a product. You can specify the argument more than once for multiple - products.</li> - <li>You can now search the boolean charts on whether or not a comment - is private.</li> -</ul> - -<h4>Enhancements For Administrators</h4> - -<ul> - <li>Administrators can now delete attachments, making them disappear - entirely from Bugzilla.</li> - <li><kbd>sanitycheck.cgi</kbd> can now only be accessed by users - in the <kbd>editcomponents</kbd> group.</li> - <li>The "Field Values" control panel can now only be accessed - by users in the <kbd>admin</kbd> group. (Previously it was accessible - to anybody in the <kbd>editcomponents</kbd> group.)</li> - <li>There is a new parameter <kbd>announcehtml</kbd>, that will allow - you to enter some HTML that will be displayed at the top of every - page, as an announcement.</li> - <li>The <kbd>loginnetmask</kbd> parameter now defaults to 0 for new - installations, meaning that as long as somebody has the right - login cookie, they can log in from any IP address. This makes - life a lot easier for dial-up users or other users whose IP - changes a lot. This could be done because the login cookie is now - very random, and thus secure.</li> - <li>Classifications now have sortkeys, so they can be sorted in an - order that isn't alphabetical.</li> - <li>Authentication now supports LDAP over SSL (LDAPS) or TLS (using - the STARTLS command) in addition to plain LDAP.</li> - <li>LDAP users can have their LDAP username be their email address, - instead of having the LDAP <kbd>mail</kbd> attribute be their - email address. You may wish to set the <kbd>emailsuffix</kbd> - parameter if you do this.</li> - <li>Administrators can now see what has changed in a user account, - when using the "Users" control panel.</li> - <li><code>REMIND</code> and <code>LATER</code> are no longer part - of the default list of resolutions. Upgrading installations will - not be affected--they will still have these resolutions.</li> - <li><kbd>editbugs</kbd> is now the default for the <kbd>timetrackinggroup</kbd> - parameter, meaning that time-tracking will be on by default in a new - installation.</li> -</ul> - -<h2 id="v30_issues">Outstanding Issues</h2> - -<ul> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=69621"> - [%- terms.Bug %] 69621</a>: If you rename or remove a keyword that is - in use on [% terms.bugs %], you will need to rebuild the "keyword cache" - by running <a href="sanitycheck.cgi">sanitycheck.cgi</a> and choosing - the option to rebuild the cache when it asks. Otherwise keywords may - not show up properly in search results.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=99215"> - [%- terms.Bug %] 99215</a>: Flags are not protected by "mid-air - collision" detection. Nor are any attachment changes.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=89822"> - [%- terms.Bug %] 89822</a>: When changing multiple [% terms.bugs %] at - the same time, there is no "mid-air collision" protection.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=276230"> - [%- terms.Bug %] 276230</a>: The support for restricting access to - particular Categories of New Charts is not complete. You should treat - the 'chartgroup' Param as the only access mechanism available.<br> - However, charts migrated from Old Charts will be restricted to - the groups that are marked MANDATORY for the corresponding Product. - There is currently no way to change this restriction, and the - groupings will not be updated if the group configuration - for the Product changes.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=370370"> - [%- terms.Bug %] 370370</a>: mod_perl support is currently not - working on Windows machines.</li> - <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=361149"> - [%- terms.Bug %] 361149</a>: If you are using Perl 5.8.0, you may - get a lot of warnings in your Apache error_log about "deprecated - pseudo-hashes." These are harmless--they are a b[%# fool test %]ug in - Perl 5.8.0. Perl 5.8.1 and later do not have this problem.</li> - <li>Bugzilla 3.0rc1 allowed custom field column names in - the database to be mixed-case. Bugzilla 3.0 only allows - lowercase column names. It will fix any column names that you have - made mixed-case, but if you have custom fields that previously were - mixed-case in any Saved Search, you will have to re-create that Saved - Search yourself.</li> -</ul> - -<h2 id="v30_security">Security Updates in This Release</h2> - -<h3>3.0.6</h3> - -<p>Bugzilla contains a minor security fix. For details, see the - <a href="http://www.bugzilla.org/security/2.20.6/">Security Advisory</a>.</p> - -<h3>3.0.5</h3> - -<p>Bugzilla contains one security fix for - <a href="[% docs_urlbase FILTER html %]api/importxml.html">importxml.pl</a>. - For details, see the - <a href="http://www.bugzilla.org/security/2.22.4/">Security Advisory</a>.</p> - -<h3>3.0.4</h3> - -<p>Bugzilla 3.0.4 contains three security fixes. - For details, see the - <a href="http://www.bugzilla.org/security/2.20.5/">Security Advisory</a>.</p> - -<h3>3.0.3</h3> - -<p>No security fixes in this release.</p> - -<h3>3.0.2</h3> - -<p>Bugzilla 3.0.1 had an important security fix that is - critical for public installations with "requirelogin" turned on. - For details, see the - <a href="http://www.bugzilla.org/security/3.0.1/">Security Advisory</a></p> - -<h3>3.0.1</h3> - -<p>Bugzilla 3.0 had three security issues that have been - fixed in this release: one minor information leak, one hole only - exploitable by an admin or using <code>email_in.pl</code>, and one in an - uncommonly-used template. For details, see the - <a href="http://www.bugzilla.org/security/2.20.4/">Security Advisory</a>.</p> - -<h2 id="v30_upgrading">How to Upgrade From An Older Version</h2> - -<h3 id="v30_upgrading_notes">Notes For Upgraders</h3> - -<ul> - <li>If you upgrade by CVS, there are several .cvsignore files - that are now in CVS instead of being locally created by - <kbd>checksetup.pl</kbd>. This means that you will have to - delete those files when CVS tells you there's a conflict, and - then run <kbd>cvs update</kbd> again.</li> - <li>In this version of Bugzilla, the Summary field - is now limited to 255 characters. When you upgrade, any Summary - longer than that will be truncated, and the old summary will be - preserved in a comment.</li> - <li>If you have the <kbd>utf8</kbd> parameter turned on, at some - point you will have to convert your database. <kbd>checksetup.pl</kbd> - will tell you when this is, and it will give you certain instructions - at that time, that you have to follow before you can complete - the upgrade. Don't do the conversion yourself manually--follow - the instructions of <kbd>checksetup.pl</kbd>.</li> - <li>If you ever ran 2.23.3, 2.23.4, or 3.0rc1, you will have to run - <kbd>./collectstats.pl --regenerate</kbd> at the command line, because - the data for your Old Charts is corrupted. This can take several days, - so you may only want to run it if you use Old Charts.</li> - <li>You should also read the Outstanding Issues sections of - <a href="#v30_previous">older release notes</a> if you are upgrading - from a version lower than 2.22.</li> -</ul> - -<h3>Steps For Upgrading</h3> - -<p>Once you have read the notes above, see the - <a href="[% docs_urlbase FILTER html %]upgrade.html">Upgrading - documentation</a> for instructions on how to upgrade.</p> - -<h2 id="v30_code_changes">Code Changes Which May Affect Customizations</h2> - -<ul> - <li><a href="#v30_code_loc"><strong>Packagers:</strong> Location - Variables Have Moved</a></li> - <li><a href="#v30_code_hooks">Hooks!</a></li> - <li><a href="#v30_code_api">API Documentation</a></li> - <li><a href="#v30_code_globals">Elimination of globals.pl</a></li> - <li><a href="#v30_code_scope">Cleaned Up Variable Scoping Issues</a></li> - <li><a href="#v30_code_sql">No More SendSQL</a></li> - <li><a href="#v30_code_auth">Auth Re-write</a></li> - <li><a href="#v30_code_obj">Bugzilla::Object</a></li> - <li><a href="#v30_code_req">Bugzilla->request_cache</a></li> - <li><a href="#v30_code_other">Other Changes</a></li> -</ul> - -<h3 id="v30_code_loc"><strong>Packagers:</strong> Location Variables - Have Moved</h3> - -<p>In previous versions of Bugzilla, <kbd>Bugzilla::Config</kbd> - held all the paths for different things, such as the path to localconfig - and the path to the <kbd>data/</kbd> directory.</p> - -<p>Now, all of this data is stored in a subroutine, - <kbd>Bugzilla::Constants::bz_locations</kbd>.</p> - -<p>Also, note that for mod_perl, <kbd>bz_locations</kbd> must return - <em>absolute</em> (not relative) paths. There is already code in that - subroutine to help you with this.</p> - -<h3 id="v30_code_hooks">Hooks!</h3> - -<p>Bugzilla now supports a code hook mechanism. See the - documentation for - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Hook.html">Bugzilla::Hook</a> - for more details.</p> - -<p>This gives Bugzilla very advanced plugin support. You can - hook templates, hook code, add new parameters, and use the XML-RPC - interface. So we'd like to see some Bugzilla plugins - written! Let us know on the <a href="http://bugzilla.org/cgi-bin/mj_wwwusr?func=lists-long-full&extra=developers">developers@bugzilla.org</a> - mailing list if you write a plugin.</p> - -<p>If you need more hooks, please - <a href="http://www.bugzilla.org/developers/reporting_bugs.html">File a b<!-- -->ug</a>!</p> - -<h3 id="v30_code_api">API Documentation</h3> - -<p>Bugzilla now ships with all of its perldoc built - as HTML. Go ahead and read the - <a href="[% docs_urlbase FILTER html %]api/">API Documentation</a> - for all of the Bugzilla modules now! Even scripts like - <kbd>checksetup.pl</kbd> have HTML documentation.</p> - -<h3 id="v30_code_globals">Elimination of globals.pl</h3> - -<p>The old file <kbd>globals.pl</kbd> has been eliminated. - Its code is now in various modules. Each function went to the module - that was appropriate for it.</p> - -<p>Usually we filed [% terms.abug %] in - <a href="https://bugzilla.mozilla.org">bugzilla.mozilla.org</a> for - each function we moved. You can search there for the old name of - the function, and that should get you the information about what - it's called now and where it lives.</p> - -<h3 id="v30_code_scope">Cleaned Up Variable Scoping Issues</h3> - -<p>In normal perl, you can have code like this:</p> -<pre>my $var = 0; -sub y { $var++ }</pre> - -<p>However, under mod_perl that doesn't work. So variables are no - longer "shared" with subroutines--instead all variables - that a subroutine needs must be declared inside the subroutine itself.</p> - -<h3 id="v30_code_sql">No More SendSQL</h3> - -<p>The old <kbd>SendSQL</kbd> function and all of its companions are - <strong>gone</strong>. Instead, we now use DBI for all database - interaction.</p> - -<p>For more information about how to use - <a href="http://search.cpan.org/perldoc?DBI">DBI</a> with - Bugzilla, see the - <a href="http://www.bugzilla.org/docs/developer.html#sql-sendreceive">Developer's - Guide Section About DBI</a></p> - -<h3 id="v30_code_auth">Auth Re-write</h3> - -<p>The <kbd>Bugzilla::Auth</kbd> family of modules have been completely - re-written. For details on how the new structure of authentication, - read the - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Auth.html">Bugzilla::Auth - API docs</a>.</p> - -<p>It should be very easy to write new authentication plugins, now.</p> - -<h3 id="v30_code_obj">Bugzilla::Object</h3> - -<p>There is a new base class for most of our objects, - <a href="[% docs_urlbase FILTER html %]api/Bugzilla/Object.html">Bugzilla::Object</a>. - It makes it really easy to create new objects based on things that are - in the database.</p> - -<h3 id="v30_code_req">Bugzilla->request-cache</h3> - -<p><kbd>Bugzilla.pm</kbd> used to cache things like the database - connection in package-global variables (like <kbd>$_dbh</kbd>). - That doesn't work in mod_perl, so instead now there's a hash - that can be accessed through <code>Bugzilla->request_cache</code> - to store things for the rest of the current page request.</p> - -<p>You shouldn't access <code>Bugzilla->request_cache</code> directly, - but you should use it inside of <kbd>Bugzilla.pm</kbd> if you modify - that. The only time you should be accessing it directly is if you need - to reset one of the caches. Hash keys are always named after the function - that they cache, so to reset the template object, you'd do: - <code>delete Bugzilla->request_cache->{template};</code>.</p> - -<h3 id="v30_code_other">Other Changes</h3> - -<ul> - <li><kbd>checksetup.pl</kbd> has been completely re-written, and most - of its code moved into modules in the <kbd>Bugzilla::Install</kbd> - namespace. See the - <a href="[% docs_urlbase FILTER html %]api/checksetup.html">checksetup - documentation</a> and <a href="https://bugzilla.mozilla.org/showdependencytree.cgi?id=277502&hide_resolved=0">Bugzilla - [%+ terms.bug %] 277502</a> for details.</li> - <li>Instead of <kbd>UserInGroup()</kbd>, all of Bugzilla now - uses <kbd>Bugzilla->user->in_group</kbd></li> - <li>mod_perl doesn't like dependency loops in modules, so we now have - a test for that detects dependency loops in modules when you run - <kbd>runtests.pl</kbd>.</li> - <li><kbd>globals.pl</kbd> used to modify the environment variables, - like <kbd>PATH</kbd>. That now happens in <kbd>Bugzilla.pm</kbd>.</li> - <li>Templates can now link to the documentation more easily. - See the <kbd>global/code-error.html.tmpl</kbd> and - <kbd>global/user-error.html.tmpl</kbd> templates for examples. - (Search for "docslinks.")</li> - <li>Parameters are accessed through <kbd>Bugzilla->params</kbd> - instead of using the <kbd>Param()</kbd> function, now.</li> - <li>The variables from the <kbd>localconfig</kbd> file are accessed - through the <code>Bugzilla->localconfig</code> hash instead of through - <kbd>Bugzilla::Config</kbd>.</li> - <li><kbd>Bugzilla::BugMail::MessageToMTA()</kbd> has moved into its - own module, along with other mail-handling code, called - <kbd>Bugzilla::Mailer</kbd></li> - <li>The <kbd>CheckCanChangeField()</kbd> subroutine in - <kbd>process_bug.cgi</kbd> has been moved to <kbd>Bugzilla::Bug</kbd>, - and is now a method of [% terms.abug %] object.</li> - <li>The code that used to be in the <kbd>global/banner.html.tmpl</kbd> - template is now in <kbd>global/header.html.tmpl</kbd>. The banner - still exists, but the file is empty.</li> -</ul> - -<h2 id="v30_previous">Release Notes For Previous Versions</h2> - -<p>Release notes for versions of Bugzilla for versions - prior to 3.0 are only available in text format: - <a href="[% docs_urlbase FILTER remove('html/$') FILTER html %]rel_notes.txt">Release Notes for Bugzilla 2.22 - and Earlier</a>.</p> - -[% INCLUDE global/footer.html.tmpl %] - -[% BLOCK db_req %] - [% SET m = DB_MODULE.$db %] - <h3 id="v40_req_[% db FILTER html %]">For [% m.name FILTER html %] Users</h3> - - <ul> - <li>[% m.name FILTER html %] - [%+ '<span class="req_new">' IF db_new %]v[% m.db_version FILTER html %] - [% '</span>' IF db_new %] - </li> - <li><strong>perl module:</strong> - [%+ m.dbd.module FILTER html %] - [% '<span class="req_new">' IF dbd_new %]v[% m.dbd.version FILTER html %] - [% '</span>' IF dbd_new %]</li> - </ul> -[% END %] - - -[% BLOCK req_table %] - <table class="req_table"> - <tr> - <th>Module</th> <th>Version</th> - [% IF include_feature %] - <th>Enables Feature</th> - [% END %] - </tr> - [% FOREACH req = reqs %] - <tr> - <td [% ' class="req_new"' IF new.contains(req.package) %]> - [%- req.module FILTER html %]</td> - <td [% ' class="req_new"' IF updated.contains(req.package) - OR new.contains(req.package) %]> - [%- IF req.version == 0 %] - (Any) - [% ELSE %] - [%- req.version FILTER html %] - [% END %] - </td> - [% IF include_feature %] - <td>[% req.feature.join(', ') FILTER html %]</td> - [% END %] - </tr> - [% END %] -</table> -[% END %] |