[%# The contents of this file are subject to the Mozilla Public # License Version 1.1 (the "License"); you may not use this file # except in compliance with the License. You may obtain a copy of # the License at http://www.mozilla.org/MPL/ # # Software distributed under the License is distributed on an "AS # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or # implied. See the License for the specific language governing # rights and limitations under the License. # # The Original Code is the Bugzilla Bug Tracking System. # # The Initial Developer of the Original Code is Everything Solved. # Portions created by Everything Solved are Copyright (C) 2006 # Everything Solved. All Rights Reserved. # # Contributor(s): Max Kanat-Alexander #%] [% PROCESS global/variables.none.tmpl %] [% SET title = "$terms.Bugzilla 4.0 Release Notes" %] [% INCLUDE global/header.html.tmpl title = title style_urls = ['skins/standard/page.css'] %]

[% title FILTER html %]

Introduction

This is [% terms.Bugzilla %] 4.0! Since 3.6 (our previous major release) we've come a long way, and we've come even further compared to 3.0 in 2007! Since [% terms.Bugzilla %] 3.0, almost every major user interface in [% terms.Bugzilla %] has been redesigned, the WebServices have evolved enormously, there's a great new Extensions system, and there are hundreds of other new features. With the major redesigns that come particularly in this release compared to 3.6, we felt that it was time to call this release 4.0.

It's not just major WebService and UI enhancements that are new in [%+ terms.Bugzilla %] 4.0—there are many other exciting new features, including automatic duplicate detection, enhanced custom field functionality, autocomplete for users, search improvements, and much more. Overall, 4.0 is far and away the best version of [% terms.Bugzilla %] we've ever released.

If you're upgrading, make sure to read Notes On Upgrading From a Previous Version. If you are upgrading from a release before 3.6, make sure to read the release notes for all the previous versions in between your version and this one, particularly the Upgrading section of each version's release notes.

We would like to thank ITA Software, the IBM Linux Technology Center, and Red Hat for funding the development of certain features and improvements in this release of [%+ terms.Bugzilla %].

Updates in this 4.0.x Release

4.0.1

Minimum Requirements

Any requirements that are new since 3.6.3 will look like this.

Perl

Perl v5.8.1

[% INCLUDE db_req db='mysql' %] [% INCLUDE db_req db='pg' %] [% INCLUDE db_req db='oracle' %]

Required Perl Modules

[% INCLUDE req_table reqs = REQUIRED_MODULES new = ['List-MoreUtils'] updated = ['Email-MIME', 'CGI.pm', 'Apache-SizeLimit'] %]

Optional Perl Modules

The following perl modules, if installed, enable various features of [% terms.Bugzilla %]:

[% INCLUDE req_table reqs = OPTIONAL_MODULES new = ['JSON-XS', 'Win32-API', 'Math-Random-Secure'] updated = ['Apache-SizeLimit', 'SOAP-Lite'] include_feature = 1 %]

Optional Apache Modules

If you are using Apache as your webserver, [% terms.Bugzilla %] can now take advantage of some Apache features if you have the below Apache modules installed and enabled. Currently, certain [% terms.Bugzilla %] features are enabled only if you have all of the following modules installed and enabled:

On most systems (but not on Windows), checksetup.pl is able to tell whether or not you have these modules installed, and it will tell you.

New Features and Improvements

Automatic Duplicate Detection When Filing [%+ terms.Bugs %]

When filing [% terms.abug %], as soon as you start typing in the summary field, [% terms.Bugzilla %] will suggest possible duplicates of the [%+ terms.bug %] you are filing.

In order for this feature to work, all pre-requisites for JSON-RPC support must be installed on your [% terms.Bugzilla %]. It will be much faster on installations that run under mod_perl than it will be on other installations.

New Advanced Search UI

Thanks to the UI work of Guy Pyrzak, the Advanced Search UI has been completely redesigned. It is now much simpler, and far more approachable for new users, while still retaining all of the features that power users are used to.

New Attachment Details UI

The UI used for editing attachment details has been completely redesigned, allowing for a normally-size comment box to be used when commenting on attachments, and allowing nearly the entire screen width to be used when doing code reviews or editing an attachment as a comment.

Thanks to Guy Pyrzak for his excellent work on this UI redesign.

Autocomplete for Users and Keywords

Once you type at least three characters in any field that can contain a user (including the [% field_descs.cc FILTER html %], [%+ field_descs.qa_contact FILTER html %], or [%+ field_descs.assigned_to FILTER html %] fields), a list will appear containing all of the users whose real names or usernames match what you are typing. Your [% terms.Bugzilla %] must have all of the optional Perl modules required for JSON-RPC support installed, though, in order for this feature to work. Also, this feature will be much faster on installations that run under mod_perl than it will be on other installations.

There is also a similar autocomplete for the Keywords field. The Keywords autocomplete does not require JSON-RPC.

General Usability Improvements

In addition to the enhancements listed above, there have been many improvements made across the [% terms.Bugzilla %] user interface. For a list of specific enhancements that were significant, see the Other Enhancements and Changes section.

New Default Status Workflow

For new installations of [% terms.Bugzilla %], the default set of statuses will now be:

And the UNCONFIRMED status will be enabled by default in all products.

On upgrade, existing installations will not be affected--you will retain your existing status workflow. However, we strongly recommend that you update your existing workflow to the new one, using a special tool we've included, contrib/convert-workflow.pl, which you can run after you use checksetup.pl to upgrade. The whineatnews.pl and bugzilla-submit scripts will probably not work properly if you continue to use the old workflow (though most other parts of [% terms.Bugzilla %] will still function normally).

For more information about the workflow and our rationale for changing it, see the blog post about it and the [% terms.bug %] where the change was made.

"Last Search" Now Remembers Multiple Searches

At the top of every [% terms.bug %] in [% terms.Bugzilla %], there are links that look like: "First", "Last", "Prev", "Next", and "Show last search results". In earlier versions of [% terms.Bugzilla %], if you did two separate searches in separate windows, these links would only work for the last search you did. Now, [% terms.Bugzilla %] will "remember" which search result you came from and give you the right "last search results" or "next [% terms.bug %]" from that list, instead of always using your most recent search.

There are still some situations where [% terms.Bugzilla %] will have to "guess" which search you are trying to navigate through, but it does its best to get it right.

Cross-Domain WebServices with JSONP

[% terms.Bugzilla %] now supports making WebService calls from another domain, inside of a web browser, thanks to support for JSONP. This will allow for web "mash-ups" to use [% terms.Bugzilla %] data. When using JSONP, you may only call functions that get data, you may not call functions that change data.

For more details, see the JSONP section of the JSON-RPC WebService documentation.

Major WebService Enhancements

The WebService has been expanded considerably. The WebService should now be able to do everything with [% terms.bugs %] that you can do via the web interface, including updating [% terms.bugs %], adding attachments, and getting attachment data. For specifics, see the WebService Changes section of these release notes.

Mandatory Custom Fields

You can now specify that certain custom fields are "mandatory", meaning that they must have a value when [% terms.abug %] is filed, and they can never be empty after that.

Voting Is Now An Extension

All of the code for voting in [% terms.Bugzilla %] has been moved into an extension, called "Voting", in the extensions/Voting/ directory. To enable it, you must remove the disabled file from that directory, and run checksetup.pl.

In a future version of [% terms.Bugzilla %], the Voting extension will be moved outside of the [% terms.Bugzilla %] core code, so we are looking for somebody who has an interest in the Voting system and would like to maintain it as a separate extension. There are many enhancement requests that have been made against the Voting system, and the best way for those to get addressed is for somebody to step up and offer to maintain the system outside of [% terms.Bugzilla %]'s core code.

Users Get New CSS and Javascript Automatically

In past versions of [% terms.Bugzilla %], if you changed [%+ terms.Bugzilla %]'s CSS or Javascript files, then every user of [%+ terms.Bugzilla %] would have to clear their cache in order to get the updated files. Now, if you are using Apache as your webserver and you have the optional Apache modules installed and enabled, users will automatically get every new version of [%+ terms.Bugzilla %]'s Javascript and CSS without having to clear their caches.

This feature also gives a slight performance speedup to [%+ terms.Bugzilla %] in some cases, and so we recommend that all administrators install and enable the optional Apache modules if possible.

Many New Hooks

Many new code hooks have been added for use by Extensions, in [% terms.Bugzilla %] 4.0. Now Extensions can access and modify nearly every part of [% terms.Bugzilla %].

New Apache Configuration

If you run [% terms.Bugzilla %] under Apache (as most people do), you most likely require a new Apache configuration for this version of [% terms.Bugzilla %]. See the Notes On Upgrading From a Previous Version section for details.

Other Enhancements and Changes

Enhancements for Users

Enhancements for Administrators and Developers

WebService Changes

Outstanding Issues

Notes On Upgrading From a Previous Version

IMPORTANT: Apache Configuration Change

mod_cgi

If you run [% terms.Bugzilla %] under mod_cgi (this is the most common configuration, involving a <Directory> block in your Apache config file), you will need to update the configuration of Apache for [%+ terms.Bugzilla %]. In particular, this line in the [% terms.Bugzilla %] <Directory> block:

AllowOverride Limit

needs to become:

AllowOverride Limit FileInfo Indexes

For full details on how to configure Apache for [% terms.Bugzilla %], see the Configuration section of the [% terms.Bugzilla %] Guide.

mod_perl

If your [% terms.Bugzilla %] runs under mod_perl, the required Apache configuration is now simpler. The line that used to look like:

PerlSwitches -w -T -I/var/www/html/bugzilla -I/var/www/html/bugzilla/lib

Now should be only:

PerlSwitches -w -T

The PerlConfigRequire line should stay the same, however.

New .htaccess file

In previous versions of [% terms.Bugzilla %], there was a file in [% terms.Bugzilla %]'s root directory called ".htaccess" that was generated by checksetup.pl. This file is now shipped with [%+ terms.Bugzilla %] instead of being generated during installation.

If you update via CVS or bzr, you will get a message that your existing .htaccess file conflicts with the new one. You must remove your existing .htaccess file and use the new one instead. Continuing to use your old .htaccess file will cause certain new features of [% terms.Bugzilla %] to not work properly, and may also lead to security issues for your system in the future.

Code Changes Which May Affect Customizations and Extensions

[% terms.Bugzilla %] 3.6 Release Notes

Introduction

Welcome to [% terms.Bugzilla %] 3.6! The focus of the 3.6 release is on improving usability and "polishing up" all our features (by adding some pieces that were "missing" or always wanted), although we also have a few great new features for you, as well!

If you're upgrading, make sure to read Notes On Upgrading From a Previous Version. If you are upgrading from a release before 3.4, make sure to read the release notes for all the previous versions in between your version and this one, particularly the Upgrading section of each version's release notes.

We would like to thank Canonical Ltd., ITA Software, the IBM Linux Technology Center, Red Hat, and Novell for funding the development of various features and improvements in this release of [%+ terms.Bugzilla %].

Updates in this 3.6.x Release

3.6.2

This release fixes various security issues. See the Security Advisory for details.

In addition, the following important fixes/changes have been made in this release:

3.6.1

This release fixes two security issues. See the Security Advisory for details.

In addition, the following important fixes/changes have been made in this release:

Minimum Requirements

Any requirements that are new since 3.4.5 will look like this.

Perl

Perl v5.8.1

For MySQL Users

For PostgreSQL Users

For Oracle Users

Required Perl Modules

Module Version
CGI 3.21
Digest::SHA (Any)
Date::Format 2.21
DateTime 0.28
DateTime::TimeZone 0.71
DBI 1.41
Template 2.22
Email::Send 2.00
Email::MIME 1.861
Email::MIME::Encodings 1.313
Email::MIME::Modifier 1.442
URI (Any)

Optional Perl Modules

The following perl modules, if installed, enable various features of [% terms.Bugzilla %]:

Module Version Enables Feature
GD 1.20 Graphical Reports, New Charts, Old Charts
Chart::Lines 2.1 New Charts, Old Charts
Template::Plugin::GD::Image (Any) Graphical Reports
GD::Text (Any) Graphical Reports
GD::Graph (Any) Graphical Reports
XML::Twig (Any) Move [% terms.Bugs %] Between Installations, Automatic Update Notifications
MIME::Parser 5.406 Move [% terms.Bugs %] Between Installations
LWP::UserAgent (Any) Automatic Update Notifications
PatchReader 0.9.4 Patch Viewer
Net::LDAP (Any) LDAP Authentication
Authen::SASL (Any) SMTP Authentication
Authen::Radius (Any) RADIUS Authentication
SOAP::Lite 0.710.06 XML-RPC Interface
JSON::RPC (Any) JSON-RPC Interface
Test::Taint (Any) JSON-RPC Interface, XML-RPC Interface
HTML::Parser 3.40 More HTML in Product/Group Descriptions
HTML::Scrubber (Any) More HTML in Product/Group Descriptions
Email::MIME::Attachment::Stripper (Any) Inbound Email
Email::Reply (Any) Inbound Email
TheSchwartz (Any) Mail Queueing
Daemon::Generic (Any) Mail Queueing
mod_perl2 1.999022 mod_perl

New Features and Improvements

General Usability Improvements

A scientific usability study was done on [% terms.Bugzilla %] by researchers from Carnegie-Mellon University. As a result of this study, several usability issues were prioritized to be fixed, based on specific data from the study.

As a result, you will see many small improvements in [% terms.Bugzilla %]'s usability, such as using Javascript to validate certain forms before they are submitted, standardizing the words that we use in the user interface, being clearer about what [% terms.Bugzilla %] needs from the user, and other changes, all of which are also listed individually in this New Features section.

Work continues on improving usability for the next release of [%+ terms.Bugzilla %], but the results of the research have already had an impact on this 3.6 release.

New Extensions System

[% terms.Bugzilla %] has a brand-new Extensions system. The system is consistent, fast, and fully documented. It makes it possible to easily extend [% terms.Bugzilla %]'s code and user interface to add new features or change existing features. There's even a script that will create the basic layout of an extension for you, to help you get started. For more information about the new system, see the Extensions documentation.

If you had written any extensions using [% terms.Bugzilla %]'s previous extensions system, there is a script to help convert old extensions into the new format.

Improved Quicksearch

The "quicksearch" box that appears on the front page of [%+ terms.Bugzilla %] and in the header/footer of every page is now simplified and made more powerful. There is a [?] link next to the box that will take you to the simplified Quicksearch Help, which describes every single feature of the system in a simple layout, including new features such as the ability to use partial field names when searching.

Quicksearch should also be much faster than it was before, particularly on large installations.

Note that in order to implement the new quicksearch, certain old and rarely-used features had to be removed:

Simple "Browse" Interface

There is now a "Browse" link in the header of each [% terms.Bugzilla %] page that presents a very basic interface that allows users to simply browse through all open [% terms.bugs %] in particular components.

SUExec Support

[% terms.Bugzilla %] can now be run in Apache's "SUExec" mode, which is what control panel software like cPanel and Plesk use (so [% terms.Bugzilla %] should now be much easier to install on shared hosting). SUExec support shows up as an option in the localconfig file during installation.

Experimental mod_perl Support on Windows

There is now experimental support for running [% terms.Bugzilla %] under mod_perl on Windows, for a significant performance enhancement (in exchange for using more memory).

Send Attachments by Email

The email_in script now supports attaching multiple attachments to [% terms.abug %] by email, both when filing and when updating [% terms.abug %].

JSON-RPC Interface

[% terms.Bugzilla %] now has support for the JSON-RPC WebServices protocol via jsonrpc.cgi. The JSON-RPC interface is experimental in this release--if you want any fundamental changes in how it works, let us know, for the next release of [% terms.Bugzilla %].

Migration From Other [% terms.Bug %]-Trackers

[% terms.Bugzilla %] 3.6 comes with a new script, migrate.pl, which allows migration from other [% terms.bug %]-tracking systems. Among the various features of the migration system are:

The first migrator that has been implemented is for the GNATS [%+ terms.bug %]-tracking system. We'd love to see migrators for other systems! If you want to contribute a new migrator, see our development process for details on how to get code into [% terms.Bugzilla %].

Thanks to Lambda Research for funding the initial development of this feature.

Other Enhancements and Changes

Enhancements for Users

Enhancements for Administrators and Developers

WebService Changes

Outstanding Issues

Notes On Upgrading From a Previous Version

When upgrading to 3.6, checksetup.pl will create foreign keys for many columns in the database. Before doing this, it will check the database for consistency. If there are an unresolvable consistency problems, it will tell you what table and column in the database contain the bad values, and which values are bad. If you don't know what else to do, you can always delete the database records which contain the bad values by logging in to your database and running the following command:

DELETE FROM table WHERE column IN (1, 2, 3, 4)

Just replace "table" and "column" with the name of the table and column that checksetup.pl mentions, and "1, 2, 3, 4" with the invalid values that checksetup.pl prints out.

Remember that you should always back up your database before doing an upgrade.

Code Changes Which May Affect Customizations

[% terms.Bugzilla %] 3.4 Release Notes

Introduction

This is [% terms.Bugzilla %] 3.4! [% terms.Bugzilla %] 3.4 brings a lot of great enhancements for [% terms.Bugzilla %] over previous versions, with various improvements to the user interface, lots of interesting new features, and many long-standing requests finally being addressed.

If you're upgrading, make sure to read Notes On Upgrading From a Previous Version. If you are upgrading from a release before 3.2, make sure to read the release notes for all the previous versions in between your version and this one, particularly the Upgrading section of each version's release notes.

We would like to thank Canonical Ltd. for funding development of one new feature, and NASA for funding development of several new features through the San Jose State University Foundation.

Updates In This 3.4.x Release

3.4.6

3.4.5

This release contains fixes for multiple security issues. See the Security Advisory for details.

In addition, the following important fixes/changes have been made in this release:

3.4.4

This release contains a fix for a security issue. See the Security Advisory for details.

Additionally, this release fixes a few minor [% terms.bugs %].

3.4.3

3.4.2

This release contains fixes for multiple security issues, one of which is highly critical. See the Security Advisory for details.

In addition, the following important fixes/changes have been made in this release:

3.4.1

This release contains an important security fix. See the Security Advisory for details.

Minimum Requirements

Any requirements that are new since 3.2.3 will look like this.

Perl

Perl v5.8.1

For MySQL Users

For PostgreSQL Users

For Oracle Users

Required Perl Modules

Module Version
CGI 3.21
Digest::SHA (Any)
Date::Format 2.21
DateTime 0.28
DateTime::TimeZone 0.71
DBI 1.41
Template 2.22
Email::Send 2.00
Email::MIME 1.861
Email::MIME::Encodings 1.313
Email::MIME::Modifier 1.442
URI (Any)

Optional Perl Modules

The following perl modules, if installed, enable various features of [% terms.Bugzilla %]:

Module Version Enables Feature
LWP::UserAgent (Any) Automatic Update Notifications
Template::Plugin::GD::Image (Any) Graphical Reports
GD::Text (Any) Graphical Reports
GD::Graph (Any) Graphical Reports
GD 1.20 Graphical Reports, New Charts, Old Charts
Email::MIME::Attachment::Stripper (Any) Inbound Email
Email::Reply (Any) Inbound Email
Net::LDAP (Any) LDAP Authentication
TheSchwartz (Any) Mail Queueing
Daemon::Generic (Any) Mail Queueing
HTML::Parser 3.40 More HTML in Product/Group Descriptions
HTML::Scrubber (Any) More HTML in Product/Group Descriptions
XML::Twig (Any) Move [% terms.Bugs %] Between Installations
MIME::Parser 5.406 Move [% terms.Bugs %] Between Installations
Chart::Base 1.0 New Charts, Old Charts
Image::Magick (Any) Optionally Convert BMP Attachments to PNGs
PatchReader 0.9.4 Patch Viewer
Authen::Radius (Any) RADIUS Authentication
Authen::SASL (Any) SMTP Authentication
SOAP::Lite 0.710.06 XML-RPC Interface
mod_perl2 1.999022 mod_perl

New Features and Improvements

Simple [% terms.Bug %] Filing

When entering a new [% terms.bug %], the vast majority of fields are now hidden by default, which enormously simplifies the bug-filing form. You can click "Show Advanced Fields" to show all the fields, if you want them. [%+ terms.Bugzilla %] remembers whether you last used the "Advanced" or "Simple" version of the [% terms.bug %]-entry form, and will display the same version to you again next time you file [% terms.abug %].

New Home Page

[% terms.Bugzilla %]'s front page has been redesigned to be better at guiding new users into the activities that they most commonly want to do. Further enhancements to the home page are coming in future versions of [% terms.Bugzilla %].

Email Addresses Hidden From Logged-Out Users

To help prevent spam to [% terms.Bugzilla %] users, all email addresses stored in [% terms.Bugzilla %] are now displayed only if you are logged in. If you are logged out, only the part before the "@" of the email address is displayed. This includes [% terms.bug %] lists, viewing [% terms.bugs %], the XML format of [% terms.abug %], and any other place in the web interface that an email address could appear.

Email addresses are not filtered out of [% terms.bug %] comments. The WebService still returns full email addresses, even if you are logged out.

Shorter Search URLs

When submitting a search, all the unused fields are now stripped from the URL, so search URLs are much more meaningful, and much shorter.

Asynchronous Email Sending

The largest performance problem in former versions of [% terms.Bugzilla %] was that when updating [% terms.bugs %], email would be sent immediately to every user who needed to be notified, and process_bug.cgi would wait for the emails to be sent before continuing.

Now [% terms.Bugzilla %] is capable of queueing emails to be sent while [% terms.abug %] is being updated, and sending them in the background. This requires the administrator to run a daemon that comes with [% terms.Bugzilla %], named jobqueue.pl, and to enable the use_mailer_queue parameter.

Using the background email-sending daemon instead of sending mail directly should result in a very large speed-up for updating [% terms.bugs %], particularly on larger installations.

Dates and Times Displayed In User's Time Zone

Users can now select what time zone they are in and [% terms.Bugzilla %] will adjust displayed times to be correct for their time zone. However, times the user inputs are unfortunately still in [% terms.Bugzilla %]'s time zone.

Custom Fields That Only Appear When Another Field Has a Particular Value

When creating a new custom field (or updating the definition of an existing custom field), you can now say that "this field only appears when field X has value Y". (In the future, you will be able to select multiple values for "Y", so a field will appear when any one of those values is selected.)

This feature only hides fields--it doesn't make their values go away. So [% terms.bugs %] will still show up in searches for that field's value, but the field won't appear in the user interface.

This is a good way of making Product-specific fields.

Custom Fields Whose List of Values Change Depending on the Value of Another Field

When creating a drop-down or multiple-selection custom field, you can now specify that another field "controls the values" of this field. Then, when adding values to this field, you can say that a particular value only appears when the other field is set to a particular value.

Here's an example: Let's say that we create a field called "Colors", and we make the Product field "control the values" for Colors. Then we add Blue, Red, Black, and Yellow as legal values for the "Colors" field. Now we can say that "Blue" and "Red" only appear as valid choices in Product A, "Yellow" only appears in Product B, but "Black" always appears.

One thing to note is that this feature only controls what values appear in the user interface. [% terms.Bugzilla %] itself will still accept any combination of values as valid, in the backend.

New Custom Field Type: [% terms.Bug %] ID

You can now create a custom field that holds a reference to a single valid [% terms.bug %] ID. In the future this will be enhanced to allow [%+ terms.bugs %] to refer to each other via this field.

"See Also" Field

We have added a new standard field called "See Also" to [%+ terms.Bugzilla %]. In this field, you can put URLs to multiple [%+ terms.bugs %] in any [% terms.Bugzilla %] installation, to indicate that those [% terms.bugs %] are related to this one. It also supports adding URLs to [% terms.bugs %] in Launchpad.

Right now, the field just validates the URLs and then displays them, but in the future, it will grab information from the other installation about the [% terms.bug %] and display it here, and possibly even update the other installation.

If your installation does not need this field, you can hide it by disabling the use_see_also parameter.

Re-order Columns in Search Results

There is a new interface for choosing what columns appear in search results, which allows you to change the order in which columns appear from left to right when viewing the [% terms.bug %] list.

Search Descriptions

When displaying search results, [% terms.Bugzilla %] will now show a brief description of what you searched for, at the top of the [%+ terms.bug %] list.

Other Enhancements and Changes

Enhancements for Users

Enhancements for Administrators and Developers

WebService Changes

Outstanding Issues

Notes On Upgrading From a Previous Version

When upgrading to 3.4, checksetup.pl will create foreign keys for many columns in the database. Before doing this, it will check the database for consistency. If there are an unresolvable consistency problems, it will tell you what table and column in the database contain the bad values, and which values are bad. If you don't know what else to do, you can always delete the database records which contain the bad values by logging in to your database and running the following command:

DELETE FROM table WHERE column IN (1, 2, 3, 4)

Just replace "table" and "column" with the name of the table and column that checksetup.pl mentions, and "1, 2, 3, 4" with the invalid values that checksetup.pl prints out.

Remember that you should always back up your database before doing an upgrade.

Code Changes Which May Affect Customizations

[% terms.Bugzilla %] 3.2 Release Notes

Table of Contents

Introduction

Welcome to [% terms.Bugzilla %] 3.2! This is our first major feature release since [% terms.Bugzilla %] 3.0, and it brings a lot of great improvements and polish to the [% terms.Bugzilla %] experience.

If you're upgrading, make sure to read How to Upgrade From An Older Version. If you are upgrading from a release before 3.0, make sure to read the release notes for all the previous versions in between your version and this one, particularly the "Notes For Upgraders" section of each version's release notes.

Updates in this 3.2.x Release

This section describes what's changed in the most recent bug-fix releases of [% terms.Bugzilla %] after 3.2. We only list the most important fixes in each release. If you want a detailed list of everything that's changed in each version, you should use our Change Log Page.

3.2.3

This release also contains a security fix. See the Security Fixes Section for details.

3.2.2

This release fixes one security issue that is critical for installations running 3.2.1 under mod_perl. See the Security Advisory for details.

3.2.1

Security Fixes In This 3.2.x Release

3.2.3

This release fixes one security issue related to attachments. See the Security Advisory for details.

3.2.2

This release fixes one security issue that is critical for installations running 3.2.1 under mod_perl. See the Security Advisory for details.

3.2.1

This release contains several security fixes. One fix may break any automated scripts you have that are loading process_bug.cgi directly. We recommend that you read the entire Security Advisory for this release.

Minimum Requirements

Any requirements that are new since 3.0.5 will look like this.

Perl

Perl v5.8.1

For MySQL Users

For PostgreSQL Users

Email Addresses Hidden From Logged-Out Users For Oracle Users

Required Perl Modules

Module Version
CGI 3.21 (on Perl 5.8.x) or 3.33 (on Perl 5.10.x)
Date::Format 2.21
File::Spec 0.84
DBI 1.41
Template 2.15
Email::Send 2.00
Email::MIME 1.861
Email::MIME::Encodings 1.313
Email::MIME::Modifier 1.442

Optional Perl Modules

The following perl modules, if installed, enable various features of [% terms.Bugzilla %]:

Module Version Enables Feature
LWP::UserAgent (Any) Automatic Update Notifications
Template::Plugin::GD::Image (Any) Graphical Reports
GD::Text (Any) Graphical Reports
GD::Graph (Any) Graphical Reports
GD 1.20 Graphical Reports, New Charts, Old Charts
Email::MIME::Attachment::Stripper (Any) Inbound Email
Email::Reply (Any) Inbound Email
Net::LDAP (Any) LDAP Authentication
HTML::Parser 3.40 More HTML in Product/Group Descriptions
HTML::Scrubber (Any) More HTML in Product/Group Descriptions
XML::Twig (Any) Move [% terms.Bugs %] Between Installations
MIME::Parser 5.406 Move [% terms.Bugs %] Between Installations
Chart::Base 1.0 New Charts, Old Charts
Image::Magick (Any) Optionally Convert BMP Attachments to PNGs
PatchReader 0.9.4 Patch Viewer
Authen::Radius (Any) RADIUS Authentication
Authen::SASL (Any) SMTP Authentication
SOAP::Lite (Any) XML-RPC Interface
mod_perl2 1.999022 mod_perl

New Features and Improvements

Major UI Improvements

[% terms.Bugzilla %] 3.2 has had some UI assistance from the NASA Human-Computer Interaction department and the new [% terms.Bugzilla %] User Interface Team.

In particular, you will notice a massively redesigned [% terms.bug %] editing form, in addition to our new skin.

New Default Skin: Dusk

[% terms.Bugzilla %] 3.2 now ships with a skin called "Dusk" that is a bit more colorful than old default "Classic" skin.

Upgrading installations will still default to the "Classic" skin--administrators can change the default in the Default Preferences control panel. Users can also choose to use the old skin in their Preferences (or using the View :: Page Style menu in Firefox).

The changes that [% terms.Bugzilla %] required for Dusk made [%+ terms.Bugzilla %] much easier to skin. See the Addons page for additional skins, or try making your own!

Custom Status Workflow

You can now customize the list of statuses in [% terms.Bugzilla %], and transitions between them.

You can also specify that a comment must be made on certain transitions.

New Custom Field Types

[% terms.Bugzilla %] 3.2 has support for three new types of custom fields:

Easier Installation

[% terms.Bugzilla %] now comes with a script called install-module.pl that can automatically download and install all of the required Perl modules for [% terms.Bugzilla %]. It stores them in a directory inside your [% terms.Bugzilla %] installation, so you can use it even if you don't have administrator-level access to your machine, and without modifying your main Perl install.

checksetup.pl will print out instructions for using install-module.pl, or you can read its documentation.

Experimental Oracle Support

[% terms.Bugzilla %] 3.2 contains experimental support for using Oracle as its database. Some features of [% terms.Bugzilla %] are known to be broken on Oracle, but hopefully will be working by our next major release.

The [% terms.Bugzilla %] Project, as an open-source project, of course does not recommend the use of proprietary database solutions. However, if your organization requires that you use Oracle, this will allow you to use [% terms.Bugzilla %]!

The [% terms.Bugzilla %] Project thanks Oracle Corp. for their extensive development contributions to [% terms.Bugzilla %] which allowed this to happen!

Improved UTF-8 Support

[% terms.Bugzilla %] 3.2 now has advanced UTF-8 support in its code, including correct handling for truncating and wrapping multi-byte languages. Major issues with multi-byte or unusual languages are now resolved, and [% terms.Bugzilla %] should now be usable by users in every country with little (or at least much less) customization.

Group Icons

Administrators can now specify that users who are in certain groups should have an icon appear next to their name whenever they comment. This is particularly useful for distinguishing developers from [%+ terms.bug %] reporters.

Other Enhancements and Changes

These are either minor enhancements, or enhancements that have very short descriptions. Some of these are very useful, though!

Enhancements For Users

Enhancements For Administrators

Enhancements for Localizers (or Localized Installations)

Outstanding Issues

How to Upgrade From An Older Version

Notes For Upgraders

Steps For Upgrading

Once you have read the notes above, see the Upgrading documentation for instructions on how to upgrade.

Code Changes Which May Affect Customizations

More Hooks!

There are more code hooks in 3.2 than there were in 3.0. See the documentation of Bugzilla::Hook for more details.

Bugzilla/Search.pm has been heavily modified, to be much easier to read and use. It contains mostly the same code as it did in 3.0, but it has been moved around and reorganized significantly.

lib Directory

As part of implementing install-module.pl, [%+ terms.Bugzilla %] was given a local lib directory which it searches for modules, in addition to the standard system path.

This means that all [% terms.Bugzilla %] scripts now start with use lib qw(. lib); as one of the first lines.

Other Changes

[% terms.Bugzilla %] 3.0.x Release Notes

Table of Contents

Introduction

Welcome to [% terms.Bugzilla %] 3.0! It's been over eight years since we released [% terms.Bugzilla %] 2.0, and everything has changed since then. Even just since our previous release, [% terms.Bugzilla %] 2.22, we've added a lot of new features. So enjoy the release, we're happy to bring it to you.

If you're upgrading, make sure to read How to Upgrade From An Older Version. If you are upgrading from a release before 2.22, make sure to read the release notes for all the previous versions in between your version and this one.

Updates in this 3.0.x Release

This section describes what's changed in the most recent bug-fix releases of [% terms.Bugzilla %] after 3.0. We only list the most important fixes in each release. If you want a detailed list of everything that's changed in each version, you should use our Change Log Page.

3.0.6

See also the Security Advisory section for information about a security issue fixed in this release.

3.0.5

See also the Security Advisory section for information about security issues fixed in this release.

3.0.4

See also the Security Advisory section for information about security issues fixed in this release.

3.0.3

3.0.2

See also the Security Advisory section for information about an important security issue fixed in this release.

3.0.1

Minimum Requirements

Any requirements that are new since 2.22 will look like this.

Perl

For MySQL Users

For PostgreSQL Users

Required Perl Modules

Module Version
CGI 2.93
Date::Format 2.21
DBI 1.41
File::Spec 0.84
Template 2.12
Email::Send 2.00
Email::MIME 1.861
Email::MIME::Modifier 1.442

Optional Perl Modules

The following perl modules, if installed, enable various features of [% terms.Bugzilla %]:

Module Version Enables Feature
LWP::UserAgent (Any) Automatic Update Notifications
Template::Plugin::GD::Image (Any) Graphical Reports
GD::Graph (Any) Graphical Reports
GD::Text (Any) Graphical Reports
GD 1.20 Graphical Reports, New Charts, Old Charts
Email::MIME::Attachment::Stripper (Any) Inbound Email
Email::Reply (Any) Inbound Email
Net::LDAP (Any) LDAP Authentication
HTML::Parser 3.40 More HTML in Product/Group Descriptions
HTML::Scrubber (Any) More HTML in Product/Group Descriptions
XML::Twig (Any) Move [% terms.Bugs %] Between Installations
MIME::Parser 5.406 Move [% terms.Bugs %] Between Installations
Chart::Base 1.0 New Charts, Old Charts
Image::Magick (Any) Optionally Convert BMP Attachments to PNGs
PatchReader 0.9.4 Patch Viewer
SOAP::Lite (Any) XML-RPC Interface
mod_perl2 1.999022 mod_perl
CGI 3.11 mod_perl

New Features and Improvements

Custom Fields

[% terms.Bugzilla %] now includes very basic support for custom fields.

Users in the admin group can add plain-text or drop-down custom fields. You can edit the values available for drop-down fields using the "Field Values" control panel.

Don't add too many custom fields! It can make [% terms.Bugzilla %] very difficult to use. Try your best to get along with the default fields, and then if you find that you can't live without custom fields after a few weeks of using [% terms.Bugzilla %], only then should you start your custom fields.

mod_perl Support

[% terms.Bugzilla %] 3.0 supports mod_perl, which allows for extremely enhanced page-load performance. mod_perl trades memory usage for performance, allowing near-instantaneous page loads, but using much more memory.

If you want to enable mod_perl for your [% terms.Bugzilla %], we recommend a minimum of 1.5GB of RAM, and for a site with heavy traffic, 4GB to 8GB.

If performance isn't that critical on your installation, you don't have the memory, or you are running some other web server than Apache, [% terms.Bugzilla %] still runs perfectly as a normal CGI application, as well.

Shared Saved Searches

Users can now choose to "share" their saved searches with a certain group. That group will then be able to "subscribe" to those searches, and have them appear in their footer.

If the sharer can "bless" the group he's sharing to, (that is, if he can add users to that group), it's considered that he's a manager of that group, and his queries show up automatically in that group's footer (although they can unsubscribe from any particular search, if they want.)

In order to allow a user to share their queries, they also have to be a member of the group specified in the querysharegroup parameter.

Users can control their shared and subscribed queries from the "Preferences" screen.

Attachments and Flags on New [% terms.Bugs %]

You can now add an attachment while you are filing a new [%+ terms.bug %].

You can also set flags on the [% terms.bug %] and on attachments, while filing a new [% terms.bug %].

Custom Resolutions

You can now customize the list of resolutions available in [% terms.Bugzilla %], including renaming the default resolutions.

The resolutions FIXED, DUPLICATE and MOVED have a special meaning to [% terms.Bugzilla %], though, and cannot be renamed or deleted.

Per-Product Permissions

You can now grant users editbugs and canconfirm for only certain products. You can also grant users editcomponents on a product, which means they will be able to edit that product including adding/removing components and other product-specific controls.

User Interface Improvements

There has been some work on the user interface for [% terms.Bugzilla %] 3.0, including:

XML-RPC Interface

[% terms.Bugzilla %] now has a Web Services interface using the XML-RPC protocol. It can be accessed by external applications by going to the xmlrpc.cgi on your installation.

Documentation can be found in the [% terms.Bugzilla %] API Docs, in the various Bugzilla::WebService modules.

Skins

[% terms.Bugzilla %] can have multiple "skins" installed, and users can pick between them. To write a skin, you just have to write several CSS files. See the Custom Skins Documentation for more details.

We currently don't have any alternate skins shipping with [%+ terms.Bugzilla %]. If you write an alternate skin, please let us know!

Unchangeable Fields Appear Unchangeable

As long as you are logged in, when viewing [% terms.abug %], if you cannot change a field, it will not look like you can change it. That is, the value will just appear as plain text.

All Emails in Templates

All outbound emails are now controlled by the templating system. What used to be the passwordmail, whinemail, newchangedmail and voteremovedmail parameters are now all templates in the template/ directory.

This means that it's now much easier to customize your outbound emails, and it's also possible for localizers to have more localized emails as part of their language packs, if they want.

We also added a mailfrom parameter to let you set who shows up in the From field on all emails that [%+ terms.Bugzilla %] sends.

No More Double-Filed [% terms.Bugs %]

Users of [% terms.Bugzilla %] will sometimes accidentally submit [%+ terms.abug %] twice, either by going back in their web browser, or just by refreshing a page. In the past, this could file the same [%+ terms.bug %] twice (or even three times) in a row, irritating developers and confusing users.

Now, if you try to submit [% terms.abug %] twice from the same screen (by going back or by refreshing the page), [% terms.Bugzilla %] will warn you about what you're doing, before it actually submits the duplicate [%+ terms.bug %].

Default CC List for Components

You can specify a list of users who will always be added to the CC list of new [% terms.bugs %] in a component.

File/Modify [% terms.Bugs %] By Email

You can now file or modify [% terms.bugs %] via email. Previous versions of [% terms.Bugzilla %] included this feature only as an unsupported add-on, but it is now an official interface to [%+ terms.Bugzilla %].

For more details see the documentation for email_in.pl.

Users Who Get All [% terms.Bug %] Notifications

There is now a parameter called globalwatchers. This is a comma-separated list of [% terms.Bugzilla %] users who will get all [% terms.bug %] notifications generated by [% terms.Bugzilla %].

Group controls still apply, though, so users who can't see [% terms.abug %] still won't get notifications about that [% terms.bug %].

Improved UTF-8 Support

[% terms.Bugzilla %] users running MySQL should now have excellent UTF-8 support if they turn on the utf8 parameter. (New installs have this parameter on by default.) [% terms.Bugzilla %] now correctly supports searching and sorting in non-English languages, including multi-bytes languages such as Chinese.

Automatic Update Notification

If you belong to the admin group, you will be notified when you log in if there is a new release of [% terms.Bugzilla %] available to download.

You can control these notifications by changing the upgrade_notification parameter.

If your [% terms.Bugzilla %] installation is on a machine that needs to go through a proxy to access the web, you may also have to set the proxy_url parameter.

Welcome Page for New Installs

When you log in for the first time on a brand-new [% terms.Bugzilla %] installation, you will be presented with a page that describes where you should go from here, and what parameters you should set.

QuickSearch Plugin for IE7 and Firefox 2

Firefox 2 users and Internet Explorer 7 users will be presented with the option to add [% terms.Bugzilla %] to their search bar. This uses the QuickSearch syntax.

Other Enhancements and Changes

These are either minor enhancements, or enhancements that have very short descriptions. Some of these are very useful, though!

Enhancements That Affect [% terms.Bugzilla %] Users

Enhancements For Administrators

Outstanding Issues

Security Updates in This Release

3.0.6

[% terms.Bugzilla %] contains a minor security fix. For details, see the Security Advisory.

3.0.5

[% terms.Bugzilla %] contains one security fix for importxml.pl. For details, see the Security Advisory.

3.0.4

[% terms.Bugzilla %] 3.0.4 contains three security fixes. For details, see the Security Advisory.

3.0.3

No security fixes in this release.

3.0.2

[% terms.Bugzilla %] 3.0.1 had an important security fix that is critical for public installations with "requirelogin" turned on. For details, see the Security Advisory

3.0.1

[% terms.Bugzilla %] 3.0 had three security issues that have been fixed in this release: one minor information leak, one hole only exploitable by an admin or using email_in.pl, and one in an uncommonly-used template. For details, see the Security Advisory.

How to Upgrade From An Older Version

Notes For Upgraders

Steps For Upgrading

Once you have read the notes above, see the Upgrading documentation for instructions on how to upgrade.

Code Changes Which May Affect Customizations

Packagers: Location Variables Have Moved

In previous versions of [% terms.Bugzilla %], Bugzilla::Config held all the paths for different things, such as the path to localconfig and the path to the data/ directory.

Now, all of this data is stored in a subroutine, Bugzilla::Constants::bz_locations.

Also, note that for mod_perl, bz_locations must return absolute (not relative) paths. There is already code in that subroutine to help you with this.

Hooks!

[% terms.Bugzilla %] now supports a code hook mechanism. See the documentation for Bugzilla::Hook for more details.

This gives [% terms.Bugzilla %] very advanced plugin support. You can hook templates, hook code, add new parameters, and use the XML-RPC interface. So we'd like to see some [% terms.Bugzilla %] plugins written! Let us know on the developers@bugzilla.org mailing list if you write a plugin.

If you need more hooks, please File a bug!

API Documentation

[% terms.Bugzilla %] now ships with all of its perldoc built as HTML. Go ahead and read the API Documentation for all of the [% terms.Bugzilla %] modules now! Even scripts like checksetup.pl have HTML documentation.

Elimination of globals.pl

The old file globals.pl has been eliminated. Its code is now in various modules. Each function went to the module that was appropriate for it.

Usually we filed [% terms.abug %] in bugzilla.mozilla.org for each function we moved. You can search there for the old name of the function, and that should get you the information about what it's called now and where it lives.

Cleaned Up Variable Scoping Issues

In normal perl, you can have code like this:

my $var = 0;
sub y { $var++ }

However, under mod_perl that doesn't work. So variables are no longer "shared" with subroutines--instead all variables that a subroutine needs must be declared inside the subroutine itself.

No More SendSQL

The old SendSQL function and all of its companions are gone. Instead, we now use DBI for all database interaction.

For more information about how to use DBI with [%+ terms.Bugzilla %], see the Developer's Guide Section About DBI

Auth Re-write

The Bugzilla::Auth family of modules have been completely re-written. For details on how the new structure of authentication, read the Bugzilla::Auth API docs.

It should be very easy to write new authentication plugins, now.

Bugzilla::Object

There is a new base class for most of our objects, Bugzilla::Object. It makes it really easy to create new objects based on things that are in the database.

Bugzilla->request-cache

Bugzilla.pm used to cache things like the database connection in package-global variables (like $_dbh). That doesn't work in mod_perl, so instead now there's a hash that can be accessed through Bugzilla->request_cache to store things for the rest of the current page request.

You shouldn't access Bugzilla->request_cache directly, but you should use it inside of Bugzilla.pm if you modify that. The only time you should be accessing it directly is if you need to reset one of the caches. Hash keys are always named after the function that they cache, so to reset the template object, you'd do: delete Bugzilla->request_cache->{template};.

Other Changes

Release Notes For Previous Versions

Release notes for versions of [% terms.Bugzilla %] for versions prior to 3.0 are only available in text format: Release Notes for [% terms.Bugzilla %] 2.22 and Earlier.

[% INCLUDE global/footer.html.tmpl %] [% BLOCK db_req %] [% SET m = DB_MODULE.$db %]

For [% m.name FILTER html %] Users

[% END %] [% BLOCK req_table %] [% IF include_feature %] [% END %] [% FOREACH req = reqs %] [% IF include_feature %] [% END %] [% END %]
Module VersionEnables Feature
[%- req.module FILTER html %] [%- IF req.version == 0 %] (Any) [% ELSE %] [%- req.version FILTER html %] [% END %] [% req.feature.join(', ') FILTER html %]
[% END %]