[%# The contents of this file are subject to the Mozilla Public # License Version 1.1 (the "License"); you may not use this file # except in compliance with the License. You may obtain a copy of # the License at http://www.mozilla.org/MPL/ # # Software distributed under the License is distributed on an "AS # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or # implied. See the License for the specific language governing # rights and limitations under the License. # # The Original Code is the Bugzilla Bug Tracking System. # # The Initial Developer of the Original Code is Everything Solved. # Portions created by Everything Solved are Copyright (C) 2006 # Everything Solved. All Rights Reserved. # # Contributor(s): Max Kanat-Alexander #%] [% PROCESS global/variables.none.tmpl %] [% INCLUDE global/header.html.tmpl title = "$terms.Bugzilla 3.0.4 Release Notes" style_urls = ['skins/standard/release-notes.css'] %]

Table of Contents

Introduction

Welcome to [% terms.Bugzilla %] 3.0! It's been over eight years since we released [% terms.Bugzilla %] 2.0, and everything has changed since then. Even just since our previous release, [% terms.Bugzilla %] 2.22, we've added a lot of new features. So enjoy the release, we're happy to bring it to you.

If you're upgrading, make sure to read How to Upgrade From An Older Version. If you are upgrading from a release before 2.22, make sure to read the release notes for all the previous versions in between your version and this one.

Updates in this 3.0.x Release

This section describes what's changed in the most recent bug-fix releases of [% terms.Bugzilla %] after 3.0. We only list the most important fixes in each release. If you want a detailed list of everything that's changed in each version, you should use our Change Log Page.

3.0.4

See also the Security Advisory section for information about security issues fixed in this release.

3.0.3

3.0.2

See also the Security Advisory section for information about an important security issue fixed in this release.

3.0.1

Minimum Requirements

Any requirements that are new since 2.22 will look like this.

Perl

[% PROCESS db_req db='mysql' %] [% PROCESS db_req db='pg' %]

Required Perl Modules

[% INCLUDE req_table reqs = REQUIRED_MODULES new = ['Email-MIME-Modifier', 'Email-Send'] updated = ['DBI'] %]

Optional Perl Modules

The following perl modules, if installed, enable various features of [% terms.Bugzilla %]:

[% INCLUDE req_table reqs = OPTIONAL_MODULES new = ['libwww-perl', 'SOAP-Lite', 'mod_perl', 'Apache-DBI', 'Email-MIME-Attachment-Stripper', 'Email-Reply'] updated = ['CGI'] include_feature = 1 %]

New Features and Improvements

Custom Fields

[% terms.Bugzilla %] now includes very basic support for custom fields.

Users in the admin group can add plain-text or drop-down custom fields. You can edit the values available for drop-down fields using the "Field Values" control panel.

Don't add too many custom fields! It can make [% terms.Bugzilla %] very difficult to use. Try your best to get along with the default fields, and then if you find that you can't live without custom fields after a few weeks of using [% terms.Bugzilla %], only then should you start your custom fields.

mod_perl Support

[% terms.Bugzilla %] 3.0 supports mod_perl, which allows for extremely enhanced page-load performance. mod_perl trades memory usage for performance, allowing near-instantaneous page loads, but using much more memory.

If you want to enable mod_perl for your [% terms.Bugzilla %], we recommend a minimum of 1.5GB of RAM, and for a site with heavy traffic, 4GB to 8GB.

If performance isn't that critical on your installation, you don't have the memory, or you are running some other web server than Apache, [% terms.Bugzilla %] still runs perfectly as a normal CGI application, as well.

Shared Saved Searches

Users can now choose to "share" their saved searches with a certain group. That group will then be able to "subscribe" to those searches, and have them appear in their footer.

If the sharer can "bless" the group he's sharing to, (that is, if he can add users to that group), it's considered that he's a manager of that group, and his queries show up automatically in that group's footer (although they can unsubscribe from any particular search, if they want.)

In order to allow a user to share their queries, they also have to be a member of the group specified in the querysharegroup parameter.

Users can control their shared and subscribed queries from the "Preferences" screen.

Attachments and Flags on New [% terms.Bugs %]

You can now add an attachment while you are filing a new [% terms.bug %].

You can also set flags on the [% terms.bug %] and on attachments, while filing a new [% terms.bug %].

Custom Resolutions

You can now customize the list of resolutions available in [% terms.Bugzilla %], including renaming the default resolutions.

The resolutions FIXED, DUPLICATE and MOVED have a special meaning to [% terms.Bugzilla %], though, and cannot be renamed or deleted.

Per-Product Permissions

You can now grant users editbugs and canconfirm for only certain products. You can also grant users editcomponents on a product, which means they will be able to edit that product including adding/removing components and other product-specific controls.

User Interface Improvements

There has been some work on the user interface for [% terms.Bugzilla %] 3.0, including:

XML-RPC Interface

[% terms.Bugzilla %] now has a Web Services interface using the XML-RPC protocol. It can be accessed by external applications by going to the xmlrpc.cgi on your installation.

Documentation can be found in the [% terms.Bugzilla %] API Docs, in the various Bugzilla::WebService modules.

Skins

[% terms.Bugzilla %] can have multiple "skins" installed, and users can pick between them. To write a skin, you just have to write several CSS files. See the Custom Skins Documentation for more details.

We currently don't have any alternate skins shipping with [% terms.Bugzilla %]. If you write an alternate skin, please let us know!

Unchangeable Fields Appear Unchangeable

As long as you are logged in, when viewing [% terms.abug %], if you cannot change a field, it will not look like you can change it. That is, the value will just appear as plain text.

All Emails in Templates

All outbound emails are now controlled by the templating system. What used to be the passwordmail, whinemail, newchangedmail and voteremovedmail parameters are now all templates in the template/ directory.

This means that it's now much easier to customize your outbound emails, and it's also possible for localizers to have more localized emails as part of their language packs, if they want.

We also added a mailfrom parameter to let you set who shows up in the From field on all emails that [%+ terms.Bugzilla %] sends.

No More Double-Filed [% terms.Bugs %]

Users of [% terms.Bugzilla %] will sometimes accidentally submit [% terms.abug %] twice, either by going back in their web browser, or just by refreshing a page. In the past, this could file the same [% terms.bug %] twice (or even three times) in a row, irritating developers and confusing users.

Now, if you try to submit [% terms.abug %] twice from the same screen (by going back or by refreshing the page), [% terms.Bugzilla %] will warn you about what you're doing, before it actually submits the duplicate [%+ terms.bug %].

Default CC List for Components

You can specify a list of users who will always be added to the CC list of new [% terms.bugs %] in a component.

File/Modify [% terms.Bugs %] By Email

You can now file or modify [% terms.bugs %] via email. Previous versions of [% terms.Bugzilla %] included this feature only as an unsupported add-on, but it is now an official interface to [%+ terms.Bugzilla %].

For more details see the documentation for email_in.pl.

Users Who Get All [% terms.Bug %] Notifications

There is now a parameter called globalwatchers. This is a comma-separated list of [% terms.Bugzilla %] users who will get all [% terms.bug %] notifications generated by [% terms.Bugzilla %].

Group controls still apply, though, so users who can't see a [% terms.bug %] still won't get notifications about that [% terms.bug %].

Improved UTF-8 Support

[% terms.Bugzilla %] users running MySQL should now have excellent UTF-8 support if they turn on the utf8 parameter. (New installs have this parameter on by default.) [% terms.Bugzilla %] now correctly supports searching and sorting in non-English languages, including multi-bytes languages such as Chinese.

Automatic Update Notification

If you belong to the admin group, you will be notified when you log in if there is a new release of [% terms.Bugzilla %] available to download.

You can control these notifications by changing the upgrade_notification parameter.

If your [% terms.Bugzilla %] installation is on a machine that needs to go through a proxy to access the web, you may also have to set the proxy_url parameter.

Welcome Page for New Installs

When you log in for the first time on a brand-new [% terms.Bugzilla %] installation, you will be presented with a page that describes where you should go from here, and what parameters you should set.

QuickSearch Plugin for IE7 and Firefox 2

Firefox 2 users and Internet Explorer 7 users will be presented with the option to add [% terms.Bugzilla %] to their search bar. This uses the QuickSearch syntax.

Other Enhancements and Changes

These are either minor enhancements, or enhancements that have very short descriptions. Some of these are very useful, though!

Enhancements That Affect [% terms.Bugzilla %] Users

Enhancements For Administrators

Outstanding Issues

Security Updates in This Release

3.0.4

[% terms.Bugzilla %] 3.0.4 contains three security fixes. For details, see the Security Advisory.

3.0.3

No security fixes in this release.

3.0.2

[% terms.Bugzilla %] 3.0.1 had an important security fix that is critical for public installations with "requirelogin" turned on. For details, see the Security Advisory

3.0.1

[% terms.Bugzilla %] 3.0 had three security issues that have been fixed in this release: one minor information leak, one hole only exploitable by an admin or using email_in.pl, and one in an uncommonly-used template. For details, see the Security Advisory.

How to Upgrade From An Older Version

Notes For Upgraders

Steps For Upgrading

  1. Read these entire Release Notes, particularly the "Notes for Upgraders" section above.
  2. View the Sanity Check page on your installation before upgrading. Attempt to fix all warnings that the page produces before you go any further, or you may experience problems during your upgrade.
  3. Make a backup of the [% terms.Bugzilla %] database before you upgrade, perhaps by using mysqldump. THIS IS VERY IMPORTANT. If anything goes wrong during the upgrade, your installation can be corrupted beyond recovery. Having a backup keeps you safe.

    Example: mysqldump -u root -p bu[%# trick filter %]gs > bu[%# trick filter %]gs-db.sql

  4. Replace the files in your installation with the new version of [% terms.Bugzilla %], or you can try to use CVS to upgrade.

    You can also use a brand-new [% terms.Bugzilla %] directory, as long as you copy over the old data/ directory and the localconfig file to the new installation.

  5. Now follow the standard [%- terms.Bugzilla %] installation process.
  6. Run checksetup.pl after you install the new version.
  7. View the Sanity Check page again after you run checksetup.pl.
  8. It is recommended that, if possible, you fix any problems you find immediately. Failure to do this may mean that [% terms.Bugzilla %] will not work correctly. Be aware that if the sanity check page contains more errors after an upgrade, it doesn't necessarily mean there are more errors in your database than there were before, as additional tests are added to the sanity check over time, and it is possible that those errors weren't being checked for in the old version.

Code Changes Which May Affect Customizations

Packagers: Location Variables Have Moved

In previous versions of [% terms.Bugzilla %], Bugzilla::Config held all the paths for different things, such as the path to localconfig and the path to the data/ directory.

Now, all of this data is stored in a subroutine, Bugzilla::Constants::bz_locations.

Also, note that for mod_perl, bz_locations must return absolute (not relative) paths. There is already code in that subroutine to help you with this.

Hooks!

[% terms.Bugzilla %] now supports a code hook mechanism. See the documentation for Bugzilla::Hook for more details.

This gives [% terms.Bugzilla %] very advanced plugin support. You can hook templates, hook code, add new parameters, and use the XML-RPC interface. So we'd like to see some [% terms.Bugzilla %] plugins written! Let us know on the developers@bugzilla.org mailing list if you write a plugin.

If you need more hooks, please File a bug!

API Documentation

[% terms.Bugzilla %] now ships with all of its perldoc built as HTML. Go ahead and read the API Documentation for all of the [% terms.Bugzilla %] modules now! Even scripts like checksetup.pl have HTML documentation.

Elimination of globals.pl

The old file globals.pl has been eliminated. Its code is now in various modules. Each function went to the module that was appropriate for it.

Usually we filed [% terms.abug %] in bugzilla.mozilla.org for each function we moved. You can search there for the old name of the function, and that should get you the information about what it's called now and where it lives.

Cleaned Up Variable Scoping Issues

In normal perl, you can have code like this:

my $var = 0;
sub y { $var++ }

However, under mod_perl that doesn't work. So variables are no longer "shared" with subroutines--instead all variables that a subroutine needs must be declared inside the subroutine itself.

No More SendSQL

The old SendSQL function and all of its companions are gone. Instead, we now use DBI for all database interaction.

For more information about how to use DBI with [% terms.Bugzilla %], see the Developer's Guide Section About DBI

Auth Re-write

The Bugzilla::Auth family of modules have been completely re-written. For details on how the new structure of authentication, read the Bugzilla::Auth API docs.

It should be very easy to write new authentication plugins, now.

Bugzilla::Object

There is a new base class for most of our objects, Bugzilla::Object. It makes it really easy to create new objects based on things that are in the database.

Bugzilla->request-cache

Bugzilla.pm used to cache things like the database connection in package-global variables (like $_dbh). That doesn't work in mod_perl, so instead now there's a hash that can be accessed through Bugzilla->request_cache to store things for the rest of the current page request.

You shouldn't access Bugzilla->request_cache directly, but you should use it inside of Bugzilla.pm if you modify that. The only time you should be accessing it directly is if you need to reset one of the caches. Hash keys are always named after the function that they cache, so to reset the template object, you'd do: delete Bugzilla->request_cache->{template};.

Other Changes

Release Notes For Previous Versions

Release notes for versions of [% terms.Bugzilla %] for versions prior to 3.0 are only available in text format: Release Notes for [% terms.Bugzilla %] 2.22 and Earlier.

[% INCLUDE global/footer.html.tmpl %] [% BLOCK db_req %] [% SET m = DB_MODULE.$db %]

For [% m.name FILTER html %] Users

[% END %] [% BLOCK req_table %] [% IF include_feature %] [% END %] [% FOREACH req = reqs %] [% IF include_feature %] [% END %] [% END %]
Module VersionEnables Feature
[%- req.module FILTER html %] [%- IF req.version == 0 %] (Any) [% ELSE %] [%- req.version FILTER html %] [% END %] [% req.feature FILTER html %]
[% END %]