[%# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
#
# This Source Code Form is "Incompatible With Secondary Licenses", as
# defined by the Mozilla Public License, v. 2.0.
#%]
[% SET title = "Bugzilla 3.6 Release Notes" %]
[% INCLUDE global/header.html.tmpl
title = title
bodyclasses = ['narrow_page']
%]
Release Notes For Newer Versions
Release notes for versions of Bugzilla of the 4.x series are
available here.
[% title FILTER html %]
Introduction
Welcome to Bugzilla 3.6! The focus of the 3.6 release is
on improving usability and "polishing up" all our features (by adding
some pieces that were "missing" or always wanted), although we
also have a few great new features for you, as well!
If you're upgrading, make sure to read Notes
On Upgrading From a Previous Version. If you are upgrading from a release
before 3.4, make sure to read the release notes for all the
previous versions in between your version
and this one, particularly the Upgrading section of each
version's release notes.
We would like to thank Canonical
Ltd., ITA Software,
the IBM Linux Technology Center,
Red Hat, and
Novell for funding the development
of various features and improvements in this release of
Bugzilla.
Updates in this 3.6.x Release
3.6.2
This release fixes various security issues. See the
Security Advisory
for details.
In addition, the following important fixes/changes have been made in
this release:
- Bugzilla installations running on older versions of IIS
will no longer experience the "Undef to trick_taint" errors that would
sometimes occur.
([% terms.Bug %] 521416)
- Email notifications were missing the dates that comments were made.
([% terms.Bug %] 578003)
- Putting a phrase in quotes in the Quicksearch box now works properly,
again.
([% terms.Bug %] 578494
and [% terms.Bug %] 553884)
- Quicksearch was usually (incorrectly) being limited to 200 results.
([% terms.Bug %] 581622)
- On Windows, install-module.pl can now properly install
DateTime and certain other Perl modules that didn't install properly
before.
([% terms.Bug %] 576105)
- Searching "keywords" for "contains none of the words" or "does not
match regular expression" now works properly.
([% terms.Bug %] 562014)
- Doing collectstats.pl --regenerate now works on installations
using PostgreSQL.
([% terms.Bug %] 577058)
- The "Field Values" administrative control panel was sometimes denying
admins the ability to delete field values when there was no reason
to deny the deletion.
([% terms.Bug %] 577054)
- Eliminate the "uninitialized value" warnings that would happen when
editing a product's components.
([% terms.Bug %] 576911)
- The updating of bugs_fulltext that happens during
checksetup.pl for upgrades to 3.6 should now be MUCH faster.
([% terms.Bug %] 577754)
- email_in.pl was not allowing the setting of time-tracking
fields via inbound emails.
([% terms.Bug %] 583622)
3.6.1
This release fixes two security issues. See the
Security Advisory
for details.
In addition, the following important fixes/changes have been made in
this release:
- Using the "Change Columns" page would sometimes result in a
plain-text page instead of HTML.
([% terms.Bug %] 376044)
- Extensions that have only templates and no code are now working.
([% terms.Bug %] 562551)
- install-module.pl has been fixed so that it installs
modules properly on both new and old versions of Perl.
([% terms.Bug %] 560318
and [% terms.Bug %] 560330)
- It is now possible to upgrade from 3.4 to 3.6 when using Oracle.
([% terms.Bug %] 561379)
- Editing a field value's name (using the Field Values admin control
panel) wasn't working if the value was set as the default for that
field.
([% terms.Bug %] 561296)
- If you had the noresolveonopenblockers parameter set,
[%+ terms.bugs %] couldn't be edited at all if they were marked FIXED
and had any open blockers. (The parameter is only supposed to prevent
changing [% terms.bugs %] to FIXED, not modifying already-FIXED
[%+ terms.bugs %].)
([% terms.Bug %] 565314)
- Some minor issues with Perl 5.12 were fixed (mostly warnings that Perl
5.12 was throwing). Bugzilla now supports Perl 5.12.
Minimum Requirements
Any requirements that are new since 3.4.5 will look like
this.
Perl
Perl v5.8.1
For MySQL Users
- MySQL
v4.1.2
- perl module:
DBD::mysql v4.00
For PostgreSQL Users
- PostgreSQL
v8.00.0000
- perl module:
DBD::Pg v1.45
For Oracle Users
- Oracle
v10.02.0
- perl module:
DBD::Oracle v1.19
Required Perl Modules
Module | Version |
CGI |
3.21
|
Digest::SHA |
(Any)
|
Date::Format |
2.21
|
DateTime |
0.28
|
DateTime::TimeZone |
0.71
|
DBI |
1.41
|
Template |
2.22
|
Email::Send |
2.00
|
Email::MIME |
1.861
|
Email::MIME::Encodings |
1.313
|
Email::MIME::Modifier |
1.442
|
URI |
(Any)
|
Optional Perl Modules
The following perl modules, if installed, enable various
features of Bugzilla:
Module | Version |
Enables Feature |
GD |
1.20
|
Graphical Reports, New Charts, Old Charts |
Chart::Lines |
2.1
|
New Charts, Old Charts |
Template::Plugin::GD::Image |
(Any)
|
Graphical Reports |
GD::Text |
(Any)
|
Graphical Reports |
GD::Graph |
(Any)
|
Graphical Reports |
XML::Twig |
(Any)
|
Move [% terms.Bugs %] Between Installations,
Automatic Update Notifications |
MIME::Parser |
5.406
|
Move [% terms.Bugs %] Between Installations |
LWP::UserAgent |
(Any)
|
Automatic Update Notifications |
PatchReader |
0.9.4
|
Patch Viewer |
Net::LDAP |
(Any)
|
LDAP Authentication |
Authen::SASL |
(Any)
|
SMTP Authentication |
Authen::Radius |
(Any)
|
RADIUS Authentication |
SOAP::Lite |
0.710.06
|
XML-RPC Interface |
JSON::RPC |
(Any)
|
JSON-RPC Interface |
Test::Taint |
(Any)
|
JSON-RPC Interface, XML-RPC Interface |
HTML::Parser |
3.40
|
More HTML in Product/Group Descriptions |
HTML::Scrubber |
(Any)
|
More HTML in Product/Group Descriptions |
Email::MIME::Attachment::Stripper |
(Any)
|
Inbound Email |
Email::Reply |
(Any)
|
Inbound Email |
TheSchwartz |
(Any)
|
Mail Queueing |
Daemon::Generic |
(Any)
|
Mail Queueing |
mod_perl2 |
1.999022
|
mod_perl |
New Features and Improvements
General Usability Improvements
A scientific
usability study was done on Bugzilla by researchers
from Carnegie-Mellon University. As a result of this study,
several
usability issues were prioritized to be fixed, based on specific data
from the study.
As a result, you will see many small improvements in Bugzilla's
usability, such as using Javascript to validate certain forms before
they are submitted, standardizing the words that we use in the user interface,
being clearer about what Bugzilla needs from the user,
and other changes, all of which are also listed individually in this New
Features section.
Work continues on improving usability for the next release of
Bugzilla, but the results of the research have already
had an impact on this 3.6 release.
New Extensions System
Bugzilla has a brand-new Extensions system. The system is
consistent, fast, and
fully
documented. It makes it possible to easily extend Bugzilla's
code and user interface to add new features or change existing features.
There's even
a
script that will create the basic layout of an extension for you, to
help you get started. For more information about the new system, see the
Extensions
documentation.
If you had written any extensions using Bugzilla's previous
extensions system, there is
a
script to help convert old extensions into the new format.
Improved Quicksearch
The "quicksearch" box that appears on the front page of
Bugzilla and in the header/footer of every page
is now simplified and made more powerful. There is a
[?] link next to the box that will take you to
the simplified Quicksearch Help,
which describes every single feature of the system in a simple layout,
including new features such as the ability to use partial field names
when searching.
Quicksearch should also be much faster than it was before, particularly
on large installations.
Note that in order to implement the new quicksearch, certain old
and rarely-used features had to be removed:
- + as a prefix to mean "search additional resolutions", and
+ as a prefix to mean "search just the summary". You can
instead use summary: to explicitly search summaries.
- Searching the [% field_descs.bug_severity FILTER html %] field if you
type something that matches the first few characters of a [%
field_descs.bug_severity FILTER html %]. You can explicitly
search the [% field_descs.bug_severity FILTER html %] field if you want to
find [% terms.bugs %] by [% field_descs.bug_severity FILTER html %].
- Searching the Priority field if you typed something that exactly
matched the name of a priority. You can explicitly search the
Priority field if you want to find [% terms.bugs %] by priority.
- Searching the [% field_descs.rep_platform FILTER html %] and OS fields
if you typed in one of a certain hard-coded list of strings (like "pc",
"windows", etc.). You can explicitly search these fields, instead, if you want
to find [% terms.bugs %] with a specific [% field_descs.rep_platform
FILTER html %] or OS set.
Simple "Browse" Interface
There is now a "Browse" link in the header of each Bugzilla
page that presents a very basic interface that allows users to simply
browse through all open [% terms.bugs %] in particular components.
SUExec Support
Bugzilla can now be run in Apache's "SUExec" mode,
which is what control panel software like cPanel and Plesk use
(so Bugzilla should now be much easier to install
on shared hosting). SUExec support shows up as an option
in the localconfig file during installation.
Experimental mod_perl Support on Windows
There is now experimental support for running Bugzilla
under mod_perl on Windows, for a significant performance enhancement
(in exchange for using more memory).
Send Attachments by Email
The email_in
script now supports attaching multiple attachments to [% terms.abug %]
by email, both when filing and when updating [% terms.abug %].
JSON-RPC Interface
Bugzilla now has support for the
JSON-RPC WebServices protocol via
jsonrpc.cgi.
The JSON-RPC interface is experimental in this release--if you want any
fundamental changes in how it works,
let us
know, for the next release of Bugzilla.
Migration From Other [% terms.Bug %]-Trackers
Bugzilla 3.6 comes with a new script,
migrate.pl,
which allows migration from other [% terms.bug %]-tracking systems.
Among the various features of the migration system are:
- It is non-destructive--you can migrate into an existing
Bugzilla installation without destroying any data
in the installation.
- It has a "dry-run" mode so you can test your migration
before actually running it.
- It is relatively easy to write new migrators for new systems,
if you know Perl. The basic migration framework does most of the work
for you, you just have to provide it with the data from your
[%+ terms.bug %]-tracker. See the
Bugzilla::Migrate
documentation and see our current migrator,
Bugzilla/Migrate/GNATS.pm for information on how to make your
own migrator.
The first migrator that has been implemented is for the GNATS
[%+ terms.bug %]-tracking system. We'd love to see migrators for
other systems! If you want to contribute a new migrator, see our
development
process for details on how to get code into Bugzilla.
Thanks to Lambda Research for
funding the initial development of this feature.
Other Enhancements and Changes
Enhancements for Users
- [% terms.Bug %] Filing: When filing [% terms.abug %],
Bugzilla now visually indicates which fields are
mandatory.
- [% terms.Bug %] Filing: "Bookmarkable templates" now
support the "alias" and "estimated hours" fields.
- [% terms.Bug %] Editing: In previous versions of
Bugzilla, if you added a private comment to [% terms.abug %],
then none of the changes that you made at that time were
sent to users who couldn't see the private comment. Now, for users
who can't see private comments, public changes are sent, but the private
comment is excluded from their email notification.
- [% terms.Bug %] Editing: The controls for groups now
appear to the right of the attachment and time-tracking tables,
when editing [% terms.abug %].
- [% terms.Bug %] Editing: The "Collapse All Comments"
and "Expand All Comments" links now appear to the right of the
comment list instead of above it.
- [% terms.Bug %] Editing: The See Also field now supports
URLs for Google Code Issues and the Debian B[% %]ug-Tracking System.
- [% terms.Bug %] Editing: There have been significant performance
improvements in show_bug.cgi (the script that displays the
[% terms.bug %]-editing form), particularly for [% terms.bugs %] that
have lots of comments or attachments.
- Attachments: The "Details" page of an attachment
now displays itself as uneditable if you can't edit the fields
there.
- Attachments: We now make sure that there is
a Description specified for an attachment, using JavaScript, before
the form is submitted.
- Attachments: There is now a link back to the [% terms.bug %]
at the bottom of the "Details" page for an attachment.
- Attachments: When you click on an "attachment 12345" link
in a comment, if the attachment is a patch, you will now see the
formatted "Diff" view instead of the raw patch.
- Attachments: For text attachments, we now let the browser
auto-detect the character encoding, instead of forcing the browser to
always assume the attachment is in UTF-8.
- Search: You can now display [% terms.bug %] flags as a column
in search results.
- Search: When viewing search results, you can see which columns are
being sorted on, and which direction the sort is on, as indicated
by arrows next to the column headers.
- Search: You can now search the Deadline field using relative
dates (like "1d", "2w", etc.).
- Search: The iCalendar format of search results now includes
a PRIORITY field.
- Search: It is no longer an error to enter an invalid search
order in a search URL--Bugzilla will simply warn you that
some of your order options are invalid.
- Search: When there are no search results, some helpful
links are displayed, offering actions you might want to take.
- Search: For those who like to make their own
buglist.cgi URLs (and for people working on customizations),
buglist.cgi now accepts nearly every valid field in
Bugzilla as a direct URL parameter, like
&field=value.
- Requests: When viewing the "My Requests" page, you can now
see the lists as a normal search result by clicking a link at the
bottom of each table.
- Requests: When viewing the "My Requests" page, if you are
using Classifications, the Product drop-down will be grouped by
Classification.
- Inbound Email: When filing [% terms.abug %] by email, if the
product that you are filing the [% terms.bug %] into has some groups
set as Default for you, the [% terms.bug %] will now be placed into those
groups automatically.
- Inbound Email: The field names that can be used when creating
[%+ terms.bugs %] by email now exactly matches the set of valid parameters
to the
B[% %]ug.create
WebService function. You can still use most of the old field names
that 3.4 and earlier used for inbound emails, though, for
backwards-compatibility.
- If there are multiple languages available for your
Bugzilla, you can now select what language you want
Bugzilla displayed in using links at the top of every
page.
- When creating a new account, you will be automatically logged in
after setting your password.
- There is no longer a maximum password length for accounts.
- In the Dusk skin, it's now easier to see links.
- In the Whining system, you can now choose to receive emails even
if there are no [% terms.bugs %] that match your searches.
- The arrows in dependency graphs now point the other way, so that
[%+ terms.bugs %] point at their dependencies.
- New Charts: You can now convert an existing Saved Search
into a data series for New Charts.
- New Charts: There is now an interface that allows you to
delete data series.
- New Charts: When deleting a product, you now have the option
to delete the data series that are associated with that product.
Enhancements for Administrators and Developers
- Depending on how your workflow is set up, it is now possible to
have both UNCONFIRMED and REOPENED show up as status choices for
a closed [% terms.bug %]. If you only want one or the other to
show up, you should edit your status workflow appropriately
(possibly by removing or disabling the REOPENED status).
- You can now "disable" field values so that they don't show
up as choices on [% terms.abug %] unless they are already set as
the value for that [% terms.bug %]. This doesn't work for the
per-product field values (component, target_milestone, and version)
yet, though.
- Users are now locked out of their accounts for 30 minutes after
trying five bad passwords in a row during login. Every time a
user is locked out like this, the user in the "maintainer" parameter
will get an email.
- The minimum length allowed for a password is now 6 characters.
- The UNCONFIRMED status being enabled in a product
is now unrelated to the voting parameters. Instead, there is a checkbox
to enable the UNCONFIRMED status in a product.
- Information about duplicates is now stored in the database instead
of being stored in the data/ directory. On large installations
this could save several hundred megabytes of disk space.
- Installation: When installing Bugzilla, the
"maintainer" parameter will be automatically set to the administrator
that was created by checksetup.pl.
- Installation: checksetup.pl now prints out
certain errors in a special color so that you know that something
needs to be done.
- Installation: checksetup.pl is now much
faster at upgrading installations, particularly older installations.
Also, it's been made faster to run for the case where it's not
doing an upgrade.
- Installation: If you install Bugzilla using the
tarball, the CGI.pm module from CPAN is now included in
the lib/ dir. If you would rather use the CGI.pm from your
global Perl installation, you can delete CGI.pm and the
CGI directory from the lib/ directory.
- When editing a group, you can now specify that members of a group
are allowed to grant others membership in that group itself.
- The ability to compress BMP attachments to PNGs is now an Extension.
To enable the feature, remove the file
extensions/BmpConvert/disabled and then run checksetup.pl.
- The default list of values for the Priority field are now clear English
words instead of P1, P2, etc.
- There is now a system in place so that all field values can be
localized. See the value_descs variable in
template/en/default/global/field-descs.none.tmpl.
- config.cgi now returns an ETag header and understands
the If-None-Match header in HTTP requests.
- The XML format of show_bug.cgi now returns more information:
the numeric id of each comment, whether an attachment is a URL,
the modification time of an attachment, the numeric id of a flag,
and the numeric id of a flag's type.
- Parameters: Parameters that aren't actually required are no longer
in the "Required" section of the Parameters page. Instead, some are in the
new "General" section, and some are in the new "Advanced" section.
- Parameters: The old ssl parameter has been
changed to ssl_redirect, and can only be turned "on" or "off".
If "on", then all users will be forcibly redirected to SSL whenever
they access Bugzilla. When the parameter is off,
no SSL-related redirects will occur (even if the user directly
accesses Bugzilla via SSL, they will not be
redirected to a non-SSL page).
- Parameters: In the Advanced parameters, there is a new parameter,
inbound_proxies. If your Bugzilla is behind a
proxy, you should set this parameter to the IP address of that proxy.
Then, Bugzilla will "believe" any "X-Forwarded-For"
header sent from that proxy, and correctly use the X-Forwarded-For
as the end user's IP, instead of believing that all traffic is coming
from the proxy.
- Removed Parameter: The loginnetmask parameter has
been removed. Since Bugzilla sends secure cookies, it's no
longer necessary to always restrict logins to a specific IP or block
of addresses.
- Removed Parameter: The quicksearch_comment_cutoff
parameter is gone. Quicksearch now always searches comments; however, it
uses a much faster algorithm to do it.
- Removed Parameter: The usermatchmode parameter has
been removed. User-matching is now always done.
- Removed Parameter: The useentrygroupdefault parameter
has been removed. Bugzilla now always behaves as though
that parameter were off.
- The t/001compile.t test should now always pass, no matter
what configuration of optional modules you do or don't have installed.
- New script: contrib/console.pl, which allows you to have
a "command line" into Bugzilla by inputting Perl code
or using a few custom commands.
WebService Changes
- The WebService now returns all dates and times in the UTC timezone.
Bugzilla.time now acts as though the Bugzilla
server were in the UTC timezone, always. If you want to write clients
that are compatible across all Bugzilla versions,
check the timezone from Bugzilla.timezone or
Bugzilla.time, and always input times in that timezone
and expect times to be returned in that format.
- You can now log in by passing Bugzilla_login and
Bugzilla_password as arguments to any WebService function.
See the
Bugzilla::WebService
documentation for details.
- New Method:
B[% %]ug.attachments
which allows getting information about attachments.
- New Method:
B[% %]ug.fields,
which gets information about all the fields that [% terms.abug %] can have
in Bugzilla, include custom fields and legal values for
all fields. The B[% %]ug.legal_values method is now deprecated.
- In the B[% %]ug.add_comment method, the "private" parameter
has been renamed to "is_private" (for consistency with other methods).
You can still use "private", though, for backwards-compatibility.
- The WebService now has Perl's "taint mode" turned on. This means that
it validates all data passed in before sending it to the database.
Also, all parameter names are validated, and if you pass in a parameter
whose name contains anything other than letters, numbers, or underscores,
that parameter will be ignored. Mostly this just affects
customizers--Bugzilla's WebService is not functionally
affected by these changes.
- In previous versions of Bugzilla, error messages were
sent word-wrapped to the client, from the WebService. Error messages
are now sent as one unbroken line.
Outstanding Issues
-
[%- terms.Bug %] 423439: Tabs in comments will be converted
to four spaces, due to a bug in Perl as of Perl 5.8.8.
-
[%- terms.Bug %] 69621: If you rename or remove a keyword that is
in use on [% terms.bugs %], you will need to rebuild the "keyword cache"
by running sanitycheck.cgi and choosing
the option to rebuild the cache when it asks. Otherwise keywords may
not show up properly in search results.
-
[%- terms.Bug %] 89822: When changing multiple [% terms.bugs %] at
the same time, there is no "mid-air collision" protection.
-
[%- terms.Bug %] 276230: The support for restricting access to
particular Categories of New Charts is not complete. You should treat
the 'chartgroup' Param as the only access mechanism available.
However, charts migrated from Old Charts will be restricted to
the groups that are marked MANDATORY for the corresponding Product.
There is currently no way to change this restriction, and the
groupings will not be updated if the group configuration
for the Product changes.
Notes On Upgrading From a Previous Version
When upgrading to 3.6, checksetup.pl will create foreign keys
for many columns in the database. Before doing this, it will check the
database for consistency. If there are an unresolvable consistency
problems, it will tell you what table and column in the database contain
the bad values, and which values are bad. If you don't know what else to do,
you can always delete the database records which contain the bad values by
logging in to your database and running the following command:
DELETE FROM table WHERE column IN
(1, 2, 3, 4)
Just replace "table" and "column" with the name of the table
and column that checksetup.pl mentions, and "1, 2, 3, 4"
with the invalid values that checksetup.pl prints out.
Remember that you should always back up your database before doing
an upgrade.
Code Changes Which May Affect Customizations
- There is no longer a SendBugMail method in the templates, and bugmail
is no longer sent by processing a template. Instead, it is sent
by using Bugzilla::BugMail::Send.
- Comments are now represented as a
Bugzilla::Comment
object instead of just being hashes.
- In previous versions of Bugzilla, the template for displaying
[%+ terms.abug %] required a lot of extra variables that are now global
template variables instead.
- You can now check if optional modules are installed by using
Bugzilla->feature in Perl code or
feature_enabled in template code.
- All of the various template header information required to display
the [% terms.bug %] form is now in one template,
template/en/default/bug/show-header.html.tmpl.
- You should now use display_value instead of
get_status or get_resolution in templates.
display_value should be used anywhere that a
<select>-type field has its values displayed.
Bugzilla 3.4 Release Notes
Introduction
This is Bugzilla 3.4! Bugzilla 3.4 brings a lot
of great enhancements for Bugzilla over previous versions,
with various improvements to the user interface, lots of interesting new
features, and many long-standing requests finally being addressed.
If you're upgrading, make sure to read Notes
On Upgrading From a Previous Version. If you are upgrading from a release
before 3.2, make sure to read the release notes for all the
previous versions in between your version
and this one, particularly the Upgrading section of each
version's release notes.
We would like to thank Canonical
Ltd. for funding development of one new feature, and NASA for funding
development of several new features through the
San Jose State University
Foundation.
Updates In This 3.4.x Release
3.4.6
- When doing a search that involves "not equals" or "does not contain the
string" or similar "negative" search types, the search description that
appears at the top of the resulting [% terms.bug %] list will indicate
that the search was of that type.
([% terms.Bug %] 474738)
- In Internet Explorer, users couldn't easily mark a RESOLVED DUPLICATE
[%+ terms.bug %] as REOPENED, due to a JavaScript error.
([% terms.Bug %] 546719)
- If you use a "bookmarkable template" to pre-fill forms on
the [% terms.bug %]-filing page, and you have custom fields
that are only supposed to appear (or only supposed to have certain
values) based on the values of other fields, those custom fields will
now work properly.
([% terms.Bug %] 538211)
- If you have a custom field that's only supposed to appear when
a [% terms.bug %]'s resolution is FIXED, it will now behave properly
on the [% terms.bug %]-editing form when a user sets the [% terms.bug %]'s
status to RESOLVED.
([% terms.Bug %] 520993)
- If you are logged-out and using request.cgi, the Requester
and Requestee fields no longer respect the usermatching
parameter--they always require full usernames.
([% terms.Bug %] 533018)
- If you tried to do a search with too many terms (resulting in a URL
that was longer than about 7000 characters), Apache would return a
500 error instead of your search results.
([% terms.Bug %] 513989)
- Bugzilla would sometimes lose fields from your sort order
when you added new fields to your sort order.
([% terms.Bug %] 470214)
- The Atom format of search results would sometimes be missing the
Reporter or Assignee field for some [% terms.bugs %].
([% terms.Bug %] 537834)
3.4.5
This release contains fixes for multiple security issues. See the
Security Advisory
for details.
In addition, the following important fixes/changes have been made in
this release:
- Whining was failing if jobqueue.pl was enabled.
([% terms.Bug %] 530270)
- The Assignee field was empty in Whine mails.
([% terms.Bug %] 511216)
- Administrators can now successfully create user accounts using
editusers.cgi when using the "Env" authentication method.
([% terms.Bug %] 483987)
- [% terms.Bug %]mail now uses the timezone of the recipient of the email,
when displaying the time a comment was made, instead of the timezone of the
person who made the change.
([% terms.Bug %] 534587)
- "[% terms.bug %] 1234" in comments sometimes would not become a link if
word-wrapping happened between "[% terms.bug %]" and the number.
([% terms.Bug %] 514703)
- Running checksetup.pl on Windows will no longer pop up an error box
about OCI.dll.
([% terms.Bug %] 480968)
3.4.4
This release contains a fix for a security issue. See the
Security Advisory
for details.
Additionally, this release fixes a few minor [% terms.bugs %].
3.4.3
- Bugzilla installations running under mod_perl were leaking
about 512K of RAM per page load.
([% terms.Bug %] 517793)
- Attachments with Unicode characters in their names were being downloaded
with mangled names.
([% terms.Bug %] 328628)
- Creating custom fields with Unicode in their database column name
is now no longer allowed, as it would break Bugzilla. If you
created such a custom field, you should delete it by first marking it
obsolete and then clicking "Delete" in the custom field list, using
editfields.cgi.
([% terms.Bug %] 525025)
- Clicking "submit only my comment" on the "mid-air collisions" page
was leading to a "Suspicious Action" warning.
([% terms.Bug %] 514378)
- The XML format of [% terms.abug %] accidentally contained the
word-wrapped content of comments instead of the unwrapped content.
([% terms.Bug %] 509152)
- You can now do ./install-module.pl --shell to get a CPAN
shell using the configuration of
install-module.pl,
which allows you to do more advanced Perl module installation tasks.
([% terms.Bug %] 445875)
3.4.2
This release contains fixes for multiple security issues, one of which
is highly critical. See the
Security Advisory
for details.
In addition, the following important fixes/changes have been made in
this release:
- Upgrades from older releases were sometimes failing during UTF-8
conversion with a foreign key error.
([% terms.Bug %] 508181)
- Sorting [% terms.bug %] lists on certain fields would result in an error.
([% terms.Bug %] 510944)
- [% terms.Bug %] update emails had two or three blank lines at the top
and between the various sections of the email. There is now only one
blank line in each of those places, making these emails more compact.
([% terms.Bug %] 73330)
- [% terms.Bug %] email notifications for new [% terms.bugs %] incorrectly
had a line saying that the description was "Comment 0".
([% terms.Bug %] 510798)
- Running ./collectstats.pl --regenerate is now much faster,
on the order of 20x or 100x faster.
([% terms.Bug %] 286625)
- For users of RHEL, CentOS, Fedora, etc. jobqueue.pl can now automatically
be installed as a daemon by running ./jobqueue.pl install
as root.
([% terms.Bug %] 475403)
- XML-RPC interface responses had an incorrect Content-Length header
and would sometimes be truncated, if they contained certain UTF-8
characters.
([% terms.Bug %] 486306)
- Users who didn't have access to the time-tracking fields would get an
empty [% terms.bug %] update email when the time-tracking fields were
changed.
([% terms.Bug %] 509035)
- In the New Charts, non-public series now no longer show up as selectable
if you cannot access them.
([% terms.Bug %] 389396)
3.4.1
This release contains an important security fix. See the
Security Advisory
for details.
Minimum Requirements
Any requirements that are new since 3.2.3 will look like
this.
Perl
Perl v5.8.1
For MySQL Users
- MySQL v4.1.2
- perl module: DBD::mysql v4.00
For PostgreSQL Users
- PostgreSQL v8.00.0000
- perl module: DBD::Pg v1.45
For Oracle Users
- Oracle v10.02.0
- perl module: DBD::Oracle v1.19
Required Perl Modules
Module | Version |
CGI |
3.21 |
Digest::SHA |
(Any) |
Date::Format |
2.21 |
DateTime |
0.28 |
DateTime::TimeZone |
0.71 |
DBI |
1.41 |
Template |
2.22 |
Email::Send |
2.00 |
Email::MIME |
1.861 |
Email::MIME::Encodings |
1.313 |
Email::MIME::Modifier |
1.442 |
URI |
(Any) |
Optional Perl Modules
The following perl modules, if installed, enable various
features of Bugzilla:
Module |
Version |
Enables Feature |
LWP::UserAgent |
(Any) |
Automatic Update Notifications |
Template::Plugin::GD::Image |
(Any) |
Graphical Reports |
GD::Text |
(Any) |
Graphical Reports |
GD::Graph |
(Any) |
Graphical Reports |
GD |
1.20 |
Graphical Reports, New Charts, Old Charts |
Email::MIME::Attachment::Stripper |
(Any) |
Inbound Email |
Email::Reply |
(Any) |
Inbound Email |
Net::LDAP |
(Any) |
LDAP Authentication |
TheSchwartz |
(Any) |
Mail Queueing |
Daemon::Generic |
(Any) |
Mail Queueing |
HTML::Parser |
3.40 |
More HTML in Product/Group Descriptions |
HTML::Scrubber |
(Any) |
More HTML in Product/Group Descriptions |
XML::Twig |
(Any) |
Move [% terms.Bugs %] Between Installations |
MIME::Parser |
5.406 |
Move [% terms.Bugs %] Between Installations |
Chart::Base |
1.0 |
New Charts, Old Charts |
Image::Magick |
(Any) |
Optionally Convert BMP Attachments to PNGs |
PatchReader |
0.9.4 |
Patch Viewer |
Authen::Radius |
(Any) |
RADIUS Authentication |
Authen::SASL |
(Any) |
SMTP Authentication |
SOAP::Lite |
0.710.06 |
XML-RPC Interface |
mod_perl2 |
1.999022 |
mod_perl |
New Features and Improvements
Simple [% terms.Bug %] Filing
When entering a new [% terms.bug %], the vast majority of fields are
now hidden by default, which enormously simplifies the bug-filing form.
You can click "Show Advanced Fields" to show all the fields, if you want
them. Bugzilla remembers whether you last used the "Advanced"
or "Simple" version of the [% terms.bug %]-entry form, and will display the
same version to you again next time you file [% terms.abug %].
New Home Page
Bugzilla's front page has been redesigned to be better at
guiding new users into the activities that they most commonly want to
do. Further enhancements to the home page are coming in future versions
of Bugzilla.
Email Addresses Hidden From Logged-Out Users
To help prevent spam to Bugzilla users, all email addresses
stored in Bugzilla are now displayed only if you are logged in.
If you are logged out, only the part before the "@" of the email address is
displayed. This includes [% terms.bug %] lists, viewing [% terms.bugs %], the
XML format of [% terms.abug %], and any other place in the web interface that
an email address could appear.
Email addresses are not filtered out of [% terms.bug %] comments.
The WebService still returns full email addresses, even if you are logged
out.
Shorter Search URLs
When submitting a search, all the unused fields are now stripped from
the URL, so search URLs are much more meaningful, and much shorter.
Asynchronous Email Sending
The largest performance problem in former versions of Bugzilla
was that when updating [% terms.bugs %], email would be sent immediately
to every user who needed to be notified, and process_bug.cgi
would wait for the emails to be sent before continuing.
Now Bugzilla is capable of queueing emails to be sent
while [% terms.abug %] is being updated, and sending them in the
background. This requires the administrator to run a daemon
that comes with Bugzilla, named
jobqueue.pl,
and to enable the
use_mailer_queue parameter.
Using the background email-sending daemon instead of sending mail directly
should result in a very large speed-up for updating [% terms.bugs %],
particularly on larger installations.
Dates and Times Displayed In User's Time Zone
Users can now select what time zone they are in and Bugzilla
will adjust displayed times to be correct for their time zone. However,
times the user inputs are unfortunately still in Bugzilla's
time zone.
Custom Fields That Only Appear When Another Field
Has a Particular Value
When creating a new custom field (or updating the definition of
an existing custom field), you can now say that "this field only
appears when field X has value Y". (In the future, you will be able
to select multiple values for "Y", so a field will appear when any
one of those values is selected.)
This feature only hides fields--it doesn't make their values go away.
So [% terms.bugs %] will still show up in searches for that field's
value, but the field won't appear in the user interface.
This is a good way of making Product-specific fields.
Custom Fields Whose List of Values Change
Depending on the Value of Another Field
When creating a drop-down or multiple-selection custom field, you can
now specify that another field "controls the values" of this field.
Then, when adding values to this field, you can say that a particular
value only appears when the other field is set to a particular
value.
Here's an example: Let's say that we create a field called "Colors",
and we make the Product field "control the values" for Colors. Then we
add Blue, Red, Black, and Yellow as legal values for the "Colors" field.
Now we can say that "Blue" and "Red" only appear as valid choices in
Product A, "Yellow" only appears in Product B, but "Black" always
appears.
One thing to note is that this feature only controls what values appear in
the user interface. Bugzilla itself will still accept
any combination of values as valid, in the backend.
New Custom Field Type: [% terms.Bug %] ID
You can now create a custom field that holds a reference to a single
valid [% terms.bug %] ID. In the future this will be enhanced to allow
[%+ terms.bugs %] to refer to each other via this field.
"See Also" Field
We have added a new standard field called "See Also" to
Bugzilla. In this field, you can put URLs to multiple
[%+ terms.bugs %] in any Bugzilla installation, to indicate
that those [% terms.bugs %] are related to this one. It also supports
adding URLs to [% terms.bugs %] in
Launchpad.
Right now, the field just validates the URLs and then displays them, but
in the future, it will grab information from the other installation about
the [% terms.bug %] and display it here, and possibly even update the
other installation.
If your installation does not need this field, you can hide it by disabling
the use_see_also
parameter.
Re-order Columns in Search Results
There is a new interface for choosing what columns appear in search
results, which allows you to change the order in which columns appear
from left to right when viewing the [% terms.bug %] list.
Search Descriptions
When displaying search results, Bugzilla will now show
a brief description of what you searched for, at the top of the
[%+ terms.bug %] list.
Other Enhancements and Changes
Enhancements for Users
- You can now log in from every page, using the login form that appears
in the header or footer when you click "Log In".
- When viewing [% terms.abug %], obsolete attachments are now
hidden from the attachment list by default. You can show them
by clicking "Show Obsolete" at the bottom of the attachment list.
- In the Email Preferences, you can now choose to get email when
a new [% terms.bug %] report is filed and you have a particular
role on it.
- When resolving a mid-air collision, you can now choose to submit
only your comment.
- You can now set the Blocks and Depends On field on the "Change
Several [% terms.Bugs %] At Once" page.
- If your installation uses the "insidergroup" feature, you can now add
private comments on the "Change Several [% terms.Bugs %] At Once"
page.
- When viewing a search result, you can now hover over any abbreviated
field to see its full value.
- When logging out, users are now redirected to the main page of
Bugzilla instead of an empty page.
- When editing [% terms.abug %], text fields (except the comment box) now
grow longer when you widen your browser window.
- When viewing [% terms.abug %], the Depends On and Blocks list will
display [% terms.abug %]'s alias if it has one, instead of its id.
Also, closed [% terms.bugs %] will be sorted to the end of the list.
- If you use the time-tracking features of Bugzilla, and
you enable the time-tracking related columns in a search result,
then you will see a summary of the time-tracking data at the
bottom of the search result.
- For users of time-tracking, the summarize_time.cgi page
now contains more data.
- When viewing an attachment's details page while you are logged-out,
flags are no longer shown as editable.
- Cloning [% terms.abug %] will now retain the "Blocks" and "Depends On"
fields from the [% terms.bug %] being cloned.
- [% terms.Bug %]mail for new [% terms.bugs %] will now indicate
what security groups the [% terms.bug %] has been restricted to.
- You can now use any custom drop-down field as an axis for a tabular
or graphical report.
- The X-Bugzilla-Type header in emails sent by
Bugzilla is now "new" for [% terms.bug %]mail sent for
newly-filed [% terms.bugs %], and "changed" for emails having to do
with updated [% terms.bugs %].
- Mails sent by the "Whining" system now contain the header
X-Bugzilla-Type: whine.
- [% terms.bug %]mail now contains a X-Bugzilla-URL header to uniquely
identify which Bugzilla installation the email came from.
- If you input an invalid regular expression anywhere in
Bugzilla, it will now tell you explicitly instead of failing
cryptically.
- The duplicates.xul page (which wasn't used by very many
people) is now gone.
Enhancements for Administrators and Developers
- Bugzilla now uses the SHA-256 algorithm (a variant of
SHA-2) to encrypt passwords in the database, instead of using Unix's
"crypt" function. This allows passwords longer than eight characters
to actually be effective. Each user's password will be converted to
SHA-256 the first time they log in after you upgrade to
Bugzilla 3.4 or later.
- If you are using database replication with Bugzilla,
many more scripts now take advantage of the read-only slave (the
"shadowdb"). It may be safe to open up show_bug.cgi
to search-engine indexing by editing your robots.txt file,
now, if your Bugzilla is on fast-enough hardware.
- The database now uses foreign keys to enforce the validity of
relationships between tables. Not every single table has all its
foreign keys yet, but most do.
- Various parameters have been removed, in an effort to de-clutter
the parameter interface and simplify Bugzilla's code.
The parameters that were removed were: timezone, supportwatchers,
maxpatchsize, commentonclearresolution, commentonreassignbycomponent,
showallproducts. They have all been replaced with sensible default
behaviors. (For example, user watching is now always enabled.)
- When adding
&debug=1
to the end of a
buglist.cgi URL, Bugzilla will now also do an
EXPLAIN on the query, to help debug performance issues.
- When editing flag types in the administrative interface, you can now
see how many flags of each type have been set.
WebService Changes
- Various functions have been added to the WebService:
B[% %]ug.history,
B[% %]ug.search,
B[% %]ug.comments,
B[% %]ug.update_see_also,
User.get,
and Bugzilla.time
(Bugzilla.timezone is now deprecated).
- For network efficiency, you can now limit which fields are returned
from certain WebService functions, like User.get.
- There is now a "permissive" argument for the B[% %]ug.get
WebService function, which causes it not to throw an error when you
ask for [% terms.bugs %] you can't see.
- The B[% %]ug.get method now returns many more fields.
- The B[% %]ug.add_comment method now returns the ID of the comment
that was just added.
- The B[% %]ug.add_comment method will now throw an error if you
try to add a private comment but do not have the correct permissions.
(In previous versions, it would just silently ignore the private
argument if you didn't have the correct permissions.)
- Many WebService function parameters now take individual values in
addition to arrays.
- The WebService now validates input types--it makes sure that dates
are in the right format, that ints are actually ints, etc. It will throw
an error if you send it invalid data. It also accepts empty ints, doubles,
and dateTimes, and translates them to undef.
Outstanding Issues
-
[%- terms.Bug %] 423439: Tabs in comments will be converted
to four spaces, due to a bug in Perl as of Perl 5.8.8.
-
[%- terms.Bug %] 69621: If you rename or remove a keyword that is
in use on [% terms.bugs %], you will need to rebuild the "keyword cache"
by running sanitycheck.cgi and choosing
the option to rebuild the cache when it asks. Otherwise keywords may
not show up properly in search results.
-
[%- terms.Bug %] 89822: When changing multiple [% terms.bugs %] at
the same time, there is no "mid-air collision" protection.
-
[%- terms.Bug %] 276230: The support for restricting access to
particular Categories of New Charts is not complete. You should treat
the 'chartgroup' Param as the only access mechanism available.
However, charts migrated from Old Charts will be restricted to
the groups that are marked MANDATORY for the corresponding Product.
There is currently no way to change this restriction, and the
groupings will not be updated if the group configuration
for the Product changes.
-
[%- terms.Bug %] 370370: mod_perl support is currently not
working on Windows machines.
Notes On Upgrading From a Previous Version
When upgrading to 3.4, checksetup.pl will create foreign keys
for many columns in the database. Before doing this, it will check the
database for consistency. If there are an unresolvable consistency
problems, it will tell you what table and column in the database contain
the bad values, and which values are bad. If you don't know what else to do,
you can always delete the database records which contain the bad values by
logging in to your database and running the following command:
DELETE FROM table WHERE column IN
(1, 2, 3, 4)
Just replace "table" and "column" with the name of the table
and column that checksetup.pl mentions, and "1, 2, 3, 4"
with the invalid values that checksetup.pl prints out.
Remember that you should always back up your database before doing
an upgrade.
Code Changes Which May Affect Customizations
- checksetup.pl now re-writes the localconfig
file every time it runs, keeping the current values set (if there
are any), but moving any unexpected variables into a file called
localconfig.old. If you want to continue having custom
varibles in localconfig, you will have to add them to
the
LOCALCONFIG_VARS
constant in
Bugzilla::Install::Localconfig.
- Bugzilla::Object->update() now returns something different
in list context than it does in scalar context.
- Bugzilla::Object->check() now can take object
ids in addition to names. Just pass in
{ id => $some_value
}
.
- Instead of being defined in buglist.cgi, columns for
search results are now defined in a subroutine called
COLUMNS
in Bugzilla::Search. The data now mostly comes from the
fielddefs table in the database. Search.pm now takes a list
of column names from fielddefs for its fields argument instead
of literal SQL columns.
- Bugzilla::Field->legal_values now returns an array of
Bugzilla::Field::Choice
objects instead of an array of strings. Bugzilla::Field::Choice will be used
in more places, in the future.
- We now use Bugzilla::Bug->check() instead of
ValidateBugId.
- The groups and bless_groups methods in
Bugzilla::User now return an arrayref of
Bugzilla::Group objects instead of a hashref with
group ids and group names.
- Standard Bugzilla drop-down fields now have their type
set to FIELD_TYPE_SINGLE_SELECT in the fielddefs table.
- Bugzilla->usage_mode now defaults to
USAGE_MODE_CMDLINE if we are not running inside a web
server.
- We no longer delete environment variables like $ENV{PATH}
automatically unless we're actually running in taint mode.
- We are now using YUI 2.6.0.
- In the RDF format of config.cgi,
the "resource" attribute for flags now contains "flag.cgi" instead
of "flags.cgi".
Bugzilla 3.2 Release Notes
Table of Contents
Introduction
Welcome to Bugzilla 3.2! This is our first major feature
release since Bugzilla 3.0, and it brings a lot of great
improvements and polish to the Bugzilla experience.
If you're upgrading, make sure to read How to
Upgrade From An Older Version. If you are upgrading from a release
before 3.0, make sure to read the release notes for all the
previous versions in between your version
and this one, particularly the "Notes For Upgraders" section of each
version's release notes.
Updates in this 3.2.x Release
This section describes what's changed in the most recent bug-fix
releases of Bugzilla after 3.2. We only list the
most important fixes in each release. If you want a detailed list of
everything that's changed in each version, you should use our
Change Log
Page.
3.2.3
- Bugzilla is now compatible with MySQL 5.1.x versions 5.1.31
and greater.
([% terms.Bug %] 480001)
- On Windows, Bugzilla sometimes would send mangled emails
(that would often fail to send).
([% terms.Bug %] 467920)
recode.pl
would sometimes crash when trying to convert
databases from older versions of Bugzilla.
([% terms.Bug %] 431201)
- Running a saved search with Unicode characters in its name would
cause Bugzilla to crash.
([% terms.Bug %] 477513)
- Bugzilla clients like Mylyn can now update [% terms.bugs %]
again (the [% terms.bug %] XML format now contains a "token" element that
can be used when updating [% terms.abug %]).
([% terms.Bug %] 476678)
- For installations using the
shadowdb
parameter,
Bugzilla was accidentally writing to the "tokens" table
in the shadow database (instead of the master database) when using the
"Change Several [% terms.Bugs %] at Once" page.
([% terms.Bug %] 476943)
This release also contains a security fix. See the
Security Fixes Section for details.
3.2.2
This release fixes one security issue that is critical for installations
running 3.2.1 under mod_perl. See the
Security Advisory
for details.
3.2.1
- Attachments, charts, and graphs would sometimes be garbled on Windows.
([% terms.Bug %] 464992)
- Saving changes to parameters would sometimes fail silently (particularly
on Windows when the web server didn't have the right permissions to
update the
params
file). Bugzilla will now
throw an error in this case, telling you what is wrong.
([% terms.Bug %] 347707)
- If you were using the
usemenuforusers
parameter,
and [% terms.abug %] was assigned to (or had a QA Contact of) a disabled
user, that field would be reset to the first user in the list when
updating [% terms.abug %].
([% terms.Bug %] 465589)
- If you were using the
PROJECT
environment variable
to have multiple Bugzilla installations using one codebase,
project-specific templates were being ignored.
([% terms.Bug %] 467324)
- Some versions of the SOAP::Lite Perl module had a b[% %]ug that caused
Bugzilla's XML-RPC service to break.
checksetup.pl now checks for these bad versions and
will reject them.
([% terms.Bug %] 468009)
- The font sizes in various places were too small, when using the
Classic skin.
([% terms.Bug %] 469136)
Security Fixes In This 3.2.x Release
3.2.3
This release fixes one security issue related to attachments. See the
Security Advisory
for details.
3.2.2
This release fixes one security issue that is critical for installations
running 3.2.1 under mod_perl. See the
Security Advisory
for details.
3.2.1
This release contains several security fixes. One fix may break any
automated scripts you have that are loading process_bug.cgi
directly. We recommend that you read the entire
Security Advisory
for this release.
Minimum Requirements
Any requirements that are new since 3.0.5 will look like
this.
Perl
Perl v5.8.1
For MySQL Users
- MySQL v4.1.2
- perl module:
DBD::mysql v4.00
For PostgreSQL Users
- PostgreSQL v8.00.0000
- perl module: DBD::Pg v1.45
Email Addresses Hidden From Logged-Out Users
For Oracle Users
- Oracle v10.02.0
- perl module: DBD::Oracle v1.19
Required Perl Modules
Module |
Version |
CGI |
3.21 (on Perl 5.8.x) or 3.33 (on Perl 5.10.x) |
Date::Format |
2.21 |
File::Spec |
0.84 |
DBI |
1.41 |
Template |
2.15 |
Email::Send |
2.00 |
Email::MIME |
1.861 |
Email::MIME::Encodings |
1.313 |
Email::MIME::Modifier |
1.442 |
Optional Perl Modules
The following perl modules, if installed, enable various
features of Bugzilla:
Module |
Version |
Enables Feature |
LWP::UserAgent |
(Any) |
Automatic Update Notifications |
Template::Plugin::GD::Image |
(Any) |
Graphical Reports |
GD::Text |
(Any) |
Graphical Reports |
GD::Graph |
(Any) |
Graphical Reports |
GD |
1.20 |
Graphical Reports, New Charts, Old Charts |
Email::MIME::Attachment::Stripper |
(Any) |
Inbound Email |
Email::Reply |
(Any) |
Inbound Email |
Net::LDAP |
(Any) |
LDAP Authentication |
HTML::Parser |
3.40 |
More HTML in Product/Group Descriptions |
HTML::Scrubber |
(Any) |
More HTML in Product/Group Descriptions |
XML::Twig |
(Any) |
Move [% terms.Bugs %] Between Installations |
MIME::Parser |
5.406 |
Move [% terms.Bugs %] Between Installations |
Chart::Base |
1.0 |
New Charts, Old Charts |
Image::Magick |
(Any) |
Optionally Convert BMP Attachments to PNGs |
PatchReader |
0.9.4 |
Patch Viewer |
Authen::Radius |
(Any) |
RADIUS Authentication |
Authen::SASL |
(Any) |
SMTP Authentication |
SOAP::Lite |
(Any) |
XML-RPC Interface |
mod_perl2 |
1.999022 |
mod_perl |
New Features and Improvements
Major UI Improvements
Bugzilla 3.2 has had some UI assistance from the NASA
Human-Computer Interaction department and the new
Bugzilla
User Interface Team.
In particular, you will notice a massively redesigned [% terms.bug %]
editing form, in addition to our new skin.
New Default Skin: Dusk
Bugzilla 3.2 now ships with a skin called "Dusk" that is
a bit more colorful than old default "Classic" skin.
Upgrading installations will still default to the "Classic"
skin--administrators can change the default in the Default Preferences
control panel. Users can also choose to use the old skin in their
Preferences (or using the View :: Page Style menu in Firefox).
The changes that Bugzilla required for Dusk made
Bugzilla much easier to skin. See the
Addons page
for additional skins, or try making your own!
Custom Status Workflow
You can now customize the list of statuses in Bugzilla,
and transitions between them.
You can also specify that a comment must be made on certain transitions.
New Custom Field Types
Bugzilla 3.2 has support for three new types of
custom fields:
- Large Text: Adds a multi-line textbox to your [% terms.bugs %].
- Multiple Selection Box: Adds a box that allows you to choose
multiple items from a list.
- Date/Time: Displays a date and time, along with a JavaScript
calendar popup to make picking a date easier.
Easier Installation
Bugzilla now comes with a script called
install-module.pl that can automatically download
and install all of the required Perl modules for Bugzilla.
It stores them in a directory inside your Bugzilla
installation, so you can use it even if you don't have administrator-level
access to your machine, and without modifying your main Perl install.
checksetup.pl will print out instructions for using
install-module.pl, or you can read its
documentation.
Experimental Oracle Support
Bugzilla 3.2 contains experimental support for using
Oracle as its database. Some features of Bugzilla are known
to be broken on Oracle, but hopefully will be working by our next major
release.
The Bugzilla Project, as an open-source project, of course
does not recommend the use of proprietary database solutions. However,
if your organization requires that you use Oracle, this will allow
you to use Bugzilla!
The Bugzilla Project thanks Oracle Corp. for their extensive
development contributions to Bugzilla which allowed this to
happen!
Improved UTF-8 Support
Bugzilla 3.2 now has advanced UTF-8 support in its code,
including correct handling for truncating and wrapping multi-byte
languages. Major issues with multi-byte or unusual languages
are now resolved, and Bugzilla should now be usable
by users in every country with little (or at least much less)
customization.
Group Icons
Administrators can now specify that users who are in certain groups
should have an icon appear next to their name whenever they comment.
This is particularly useful for distinguishing developers from
[%+ terms.bug %] reporters.
Other Enhancements and Changes
These are either minor enhancements, or enhancements that have
very short descriptions. Some of these are very useful, though!
Enhancements For Users
- [% terms.Bugs %]: You can now reassign
[%+ terms.abug %] at the same time as you are changing its status.
- [% terms.Bugs %]: When entering [% terms.abug %],
you will now see the description of a component when you select it.
- [% terms.Bugs %]: The [% terms.bug %] view now
contains some Microformats,
most notably for users' names and email addresses.
- [% terms.Bugs %]: You can now remove a QA Contact
from [% terms.abug %] simply by clearing the QA Contact field.
- [% terms.Bugs %]: There is now a user preference
that will allow you to exclude the quoted text when replying
to comments.
- [% terms.Bugs %]: You can now expand or collapse
individual comments in the [% terms.bug %] view.
- Attachments: There is now "mid-air collision"
protection when editing attachments.
- Attachments: Patches in the Diff Viewer now show
line numbers (Example).
- Attachments: After creating or updating an attachment,
you will be immediately shown the [% terms.bug %] that the attachment
is on.
- Search: You can now reverse the sort of
[%+ terms.abug %] list by clicking on a column header again.
- Search: Atom feeds of [% terms.bug %] lists now
contain more fields.
- Search: QuickSearch now supports searching flags
and groups. It also now includes the OS field in the list of fields
it searches by default.
- Search: "Help" text can now appear on query.cgi
for Internet Explorer and other non-Firefox browsers. (It always
could appear for Firefox.)
- Bugzilla now ships with an icon that will show
up next to the URL in most browsers. If you want to replace it,
it's in images/favicon.ico.
- You can now set the Deadline when using "Change Several
[%+ terms.Bugs %] At Once"
- Saved Searches now save their column list, so if
you customize the list of columns and save your search, it will
always contain those columns.
- Saved Searches: When you share a search, you can
now see how many users have subscribed to it, on
userprefs.cgi.
- Saved Searches: You can now see what group a
shared search was shared to, on the list of available shared searches
in userprefs.cgi.
- Flags: If your installation uses drop-down user
lists, the flag requestee box will now contain only users who are
actually allowed to take requests.
- Flags: If somebody makes a request to you, and you
change the requestee to somebody else, the requester is no longer set
to you. In other words, you can "redirect" requests and maintain the
original requester.
- Flags: Emails about flags now will thread properly
in email clients to be a part of [% terms.abug %]'s thread.
- When using email_in.pl, you can now add users to the CC
list by just using @cc as the field name.
- Many pages (particularly administrative pages) now contain links to
the relevant section of the Bugzilla Guide, so you can read
the documentation for that page.
- Dependency Graphs should render more quickly, as they now (by default)
only include the same [% terms.bugs %] that you'd see in the dependency
tree.
Enhancements For Administrators
- Admin UI: Instead of having the Administration
Control Panel links in the footer, there is now just one link called
"Administration" that takes you to a page that links to all the
administrative controls for Bugzilla.
- Admin UI: Administrative pages no longer display
confirmation pages, instead they redirect you to some useful page
and display a message about what changed.
- Admin UI: The interface for editing group
inheritance in editgroups.cgi is much clearer now.
- Admin UI: When editing a user, you can now see
all the components where that user is the Default Assignee or Default
QA Contact.
- Email: For installations that use SMTP to send
mail (as opposed to Sendmail), Bugzilla now supports
SMTP Authentication, so that it can log in to your mail server
before sending messages.
- Email: Using the "Test" mail delivery method now
creates a valid mbox file to make testing easier.
- Authentication: Bugzilla now correctly
handles LDAP records which contain multiple email addresses. (The first
email address in the list that is a valid Bugzilla account
will be used, or if this is a new user, the first email address in
the list will be used.)
- Authentication: Bugzilla can now take
a list of LDAP servers to try in order until it gets a successful
connection.
- Authentication: Bugzilla now supports
RADIUS authentication.
- Security: The login cookie is now created as
"HTTPOnly" so that it can't be read by possibly malicious scripts.
Also, if SSL is enabled on your installation, the login cookie is
now only sent over SSL connections.
- Security: The
ssl
parameter now protects
every page a logged-in user accesses, when set to "authenticated sessions."
Also, SSL is now enforced appropriately in the WebServices interface when
the parameter is set.
- Database: Bugzilla now uses transactions in
the database instead of table locks. This should generally improve
performance with many concurrent users. It also means if there is
an unexpected error in the middle of a page, all database changes made
during that page will be rolled back.
- Database: You no longer have to set
max_packet_size
in MySQL to add large attachments. However,
you may need to set it manually if you restore a mysqldump into your
database.
- New WebService functions:
Bug.add_comment
and Bugzilla.extensions.
- You can now delete custom fields, but only if they have never been
set on any [% terms.bug %].
- There is now a --reset-password argument to
checksetup.pl that allows you to reset a user's password
from the command line.
- There is now a script called sanitycheck.pl that you can
run from the command line. It works just like sanitycheck.cgi.
By default, it only outputs anything if there's an error, so it's
ideal for administrators who want to run it nightly in a cron job.
- The strict_isolation parameter now prevents you from setting
users who cannot see [% terms.abug %] as a CC, Assignee, or QA
Contact. Previously it only prevented you from adding users who
could not edit the [% terms.bug %].
- Extensions can now add their own headers to the HTML <head>
for things like custom CSS and so on.
- sanitycheck.cgi has been templatized, meaning that the
entire Bugzilla UI is now contained in templates.
- When setting the sslbase parameter, you can now specify
a port number in the URL.
- When importing [% terms.bugs %] using importxml.pl,
attachments will have their actual creator set as their creator,
instead of the person who exported the [% terms.bug %] from the other
system.
- The voting system is off by default in new installs. This is to
prepare for the fact that it will be moved into an extension at
some point in the future.
- The
shutdownhtml
parameter now works even when
Bugzilla's database server is down.
Enhancements for Localizers (or Localized Installations)
- The documentation can now be localized--in other words, you can have
documentation installed for multiple languages at once and
Bugzilla will link to the correct language in its internal
documentation links.
- Bugzilla no longer uses the languages parameter.
Instead it reads the template/ directory to see which
languages are available.
- Some of the messages printed by checksetup.pl can now
be localized. See template/en/default/setup/strings.txt.pl.
Outstanding Issues
-
[%- terms.Bug %] 423439: Tabs in comments will be converted
to four spaces, due to a bug in Perl as of Perl 5.8.8.
-
[%- terms.Bug %] 69621: If you rename or remove a keyword that is
in use on [% terms.bugs %], you will need to rebuild the "keyword cache"
by running sanitycheck.cgi and choosing
the option to rebuild the cache when it asks. Otherwise keywords may
not show up properly in search results.
-
[%- terms.Bug %] 89822: When changing multiple [% terms.bugs %] at
the same time, there is no "mid-air collision" protection.
-
[%- terms.Bug %] 276230: The support for restricting access to
particular Categories of New Charts is not complete. You should treat
the 'chartgroup' Param as the only access mechanism available.
However, charts migrated from Old Charts will be restricted to
the groups that are marked MANDATORY for the corresponding Product.
There is currently no way to change this restriction, and the
groupings will not be updated if the group configuration
for the Product changes.
-
[%- terms.Bug %] 370370: mod_perl support is currently not
working on Windows machines.
How to Upgrade From An Older Version
Notes For Upgraders
- If you upgrade by CVS, the extensions and
skins/contrib directories are now in CVS instead of
being created by checksetup.pl If you do a cvs update
from 3.0, you will be told that your directories are "in the way" and
you should delete (or move) them and then do cvs update
again. Also, the docs directory has been restructured
and after you cvs update you can delete the docs/html,
docs/pdf, docs/txt, and docs/xml
directories.
- If you are using MySQL, you should know that Bugzilla
now uses InnoDB for all tables. checksetup.pl will convert
your tables automatically, but if you have InnoDB disabled,
the upgrade will not be able to complete (and checksetup.pl
will tell you so).
- You should also read the
Bugzilla 3.0 Notes For Upgraders
section of the
previous release notes if you are upgrading
from a version before 3.0.
Steps For Upgrading
Once you have read the notes above, see the
Upgrading
documentation for instructions on how to upgrade.
Code Changes Which May Affect Customizations
More Hooks!
There are more code hooks in 3.2 than there were in 3.0. See the
documentation of Bugzilla::Hook
for more details.
Search.pm Rearchitecture
Bugzilla/Search.pm has been heavily modified, to be much
easier to read and use. It contains mostly the same code as it did in
3.0, but it has been moved around and reorganized significantly.
lib Directory
As part of implementing install-module.pl,
Bugzilla was given a local lib directory which
it searches for modules, in addition to the standard system path.
This means that all Bugzilla scripts now start with
use lib qw(. lib);
as one of the first lines.
Other Changes
- You should now be using
get_status('NEW')
instead of
status_descs.NEW
in templates.
- The
[%# version = 1.0 %]
comment at the top of every
template file has been removed.
Bugzilla 3.0.x Release Notes
Table of Contents
Introduction
Welcome to Bugzilla 3.0! It's been over eight years since
we released Bugzilla 2.0, and everything has changed since
then. Even just since our previous release, Bugzilla 2.22,
we've added a lot of new features. So enjoy the release, we're
happy to bring it to you.
If you're upgrading, make sure to read How to
Upgrade From An Older Version. If you are upgrading from a release
before 2.22, make sure to read the release notes for all the
previous versions in between your version
and this one.
Updates in this 3.0.x Release
This section describes what's changed in the most recent bug-fix
releases of Bugzilla after 3.0. We only list the
most important fixes in each release. If you want a detailed list of
everything that's changed in each version, you should use our
Change Log Page.
3.0.6
- Before 3.0.6, unexpected fatal WebService errors would result in
a
faultCode
that was a string instead of a number.
([% terms.Bug %] 446327)
- If you created a product or component with the same name as one you
previously deleted, it would fail with an error about the series table.
([% terms.Bug %] 247936)
See also the Security Advisory section for
information about a security issue fixed in this release.
3.0.5
- If you don't have permission to set a flag, it will now appear
unchangeable in the UI.
([% terms.Bug %] 433851)
- If you were running mod_perl, Bugzilla was not correctly
closing its connections to the database since 3.0.3, and so sometimes
the DB would run out of connections.
([% terms.Bug %] 441592)
- The installation script is now clear about exactly which
Email::
modules are required in Perl, thus avoiding the
problem where emails show up with a body like
SCALAR(0xBF126795).
([% terms.Bug %] 441541)
- email_in.pl
is no longer case-sensitive for values of @product.
([% terms.Bug %] 365697)
See also the Security Advisory section for
information about security issues fixed in this release.
3.0.4
- Bugzilla administrators were not being correctly notified
about new releases.
([% terms.Bug %] 414726)
- There could be extra whitespace in email subject lines.
([% terms.Bug %] 411544)
- The priority, severity, OS, and platform fields were always required by
the Bug.create WebService function, even if they had
defaults specified.
([% terms.Bug %] 384009)
- Better threading of [% terms.bug %]mail in some email clients.
([% terms.Bug %] 376453)
- There were many fixes to the Inbound Email Interface
(email_in.pl).
([% terms.Bug %] 92274,
[% terms.Bug %] 377025,
[% terms.Bug %] 412943,
[% terms.Bug %] 413672, and
[% terms.Bug %] 431721)
- checksetup.pl now handles UTF-8 conversion more reliably during upgrades.
([% terms.Bug %] 374951)
- Comments written in CJK languages are now correctly word-wrapped.
([% terms.Bug %] 388723)
- All emails will now be sent in the correct language, when the user
has chosen a language for emails.
([% terms.Bug %] 405946)
- On Windows, temporary files created when uploading attachments are now
correctly deleted when the upload is complete.
([% terms.Bug %] 414002)
- checksetup.pl now prints correct installation instructions
for Windows users using Perl 5.10.
([% terms.Bug %] 414430)
See also the Security Advisory section for
information about security issues fixed in this release.
3.0.3
- mod_perl no longer compiles Bugzilla's code for each Apache
process individually. It now compiles code only once and shares it among
each Apache process. This greatly improves performance and highly
decreases the memory footprint.
([% terms.Bug %] 398241)
- You can now search for '---' (without quotes) in versions and milestones.
([% terms.Bug %] 362436)
- Bugzilla should no longer break lines unnecessarily in
email subjects. This was causing trouble with some email clients.
([% terms.Bug %] 374424)
- If you had selected "I'm added to or removed from this capacity" option
for the "CC" role in your email preferences, you wouldn't get mail when
more than one person was added to the CC list at once.
([% terms.Bug %] 394796)
- Deleting a user account no longer deletes whines from another user who
has the deleted account as addressee. The schedule is simply removed,
but the whine itself is left intact.
([% terms.Bug %] 395924)
- contrib/merge-users.pl now correctly merges all required
fields when merging two user accounts.
([% terms.Bug %] 400160)
- Bugzilla no longer requires Apache::DBI to run under
mod_perl. It caused troubles such as lost connections with the DB and
didn't give any important performance gain.
([% terms.Bug %] 408766)
3.0.2
See also the Security Advisory section for
information about an important security issue fixed in this release.
3.0.1
- For users of Firefox 2, the
show_bug.cgi
user interface
should no longer "collapse" after you modify [% terms.abug %].
([% terms.Bug %] 370739)
- If you can bless a group, and you share a saved search with that
group, it will no longer automatically appear in all of that group's
footers unless you specifically request that it automatically appear
in their footers.
([% terms.Bug %] 365890)
- There is now a parameter to allow users to perform searches without
any search terms. (In other words, to search for just a Product
and Status on the Simple Search page.) The parameter is called
specific_search_allow_empty_words
.
([% terms.Bug %] 385910)
- If you attach a file that has a MIME-type of
text/x-patch
or text/x-diff
, it will automatically be treated as a
patch by Bugzilla.
([% terms.Bug %] 365756)
- Dependency Graphs now work correctly on all mod_perl installations.
There should now be no remaining signficant problems with running
Bugzilla under mod_perl.
([% terms.Bug %] 370398)
- If moving [% terms.abug %] between products would remove groups
from the [% terms.bug %], you are now warned.
([% terms.Bug %] 303183)
- On IIS, whenever Bugzilla threw a warning, it would
actually appear on the web page. Now warnings are suppressed,
unless you have a file in the
data
directory called
errorlog
, in which case warnings will be printed there.
([% terms.Bug %] 390148)
- If you used email_in.pl to edit [% terms.abug %] that was
protected by groups, all of the groups would be cleared.
([% terms.Bug %] 385453)
- PostgreSQL users: New Charts were failing to collect data over time.
They will now start collecting data correctly.
([% terms.Bug %] 257351)
- Some flag mails didn't specify who the requestee was.
([% terms.Bug %] 379787)
- Instead of throwing real errors, collectstats.pl would
just say that it couldn't find
ThrowUserError
.
([% terms.Bug %] 380709)
- Logging into Bugzilla from the home page works again
with IIS5.
([% terms.Bug %] 364008)
- If you were using SMTP for sending email, sometimes emails would
be missing the
Date
header.
([% terms.Bug %] 304999).
- In the XML-RPC WebService,
Bug.legal_values
now
correctly returns values for custom fields if you request values
for custom fields.
([% terms.Bug %] 381737)
- The "[% terms.Bug %]-Writing Guidelines" page has been shortened
and re-written.
([% terms.Bug %] 378590)
- If your
urlbase
parameter included a port number,
like www.domain.com:8080
, SMTP might have failed.
([% terms.Bug %] 384501)
- For SMTP users, there is a new parameter,
smtp_debug
.
Turning on this parameter will log the full information about
every SMTP session to your web server's error log, to help with
debugging issues with SMTP.
([% terms.Bug %] 384497)
- If you are a "global watcher" (you get all mails from every
[%+ terms.bug %]), you can now see that in your Email Preferences.
([% terms.Bug %] 365302)
- The Status and Resolution of [% terms.bugs %] are now correctly
localized in CSV search results.
([% terms.Bug %] 389517)
- The "Subject" line of an email was being mangled if it contained
non-Latin characters.
([% terms.Bug %] 387860)
- Editing the "languages" parameter using editparams.cgi would
sometimes fail, causing Bugzilla to throw an error.
([% terms.Bug %] 335354)
Minimum Requirements
Any requirements that are new since 2.22 will look like
this.
Perl
- Perl v5.8.0 (non-Windows
platforms)
- Perl v5.8.1 (Windows platforms)
For MySQL Users
- MySQL v4.1.2
- perl module: DBD::mysql v2.9003
For PostgreSQL Users
- PostgreSQL v8.00.0000
- perl module: DBD::Pg v1.45
Required Perl Modules
Module |
Version |
CGI |
2.93 |
Date::Format |
2.21 |
DBI |
1.41 |
File::Spec |
0.84 |
Template |
2.12 |
Email::Send |
2.00 |
Email::MIME |
1.861 |
Email::MIME::Modifier |
1.442 |
Optional Perl Modules
The following perl modules, if installed, enable various
features of Bugzilla:
Module |
Version |
Enables Feature |
LWP::UserAgent |
(Any) |
Automatic Update Notifications |
Template::Plugin::GD::Image |
(Any) |
Graphical Reports |
GD::Graph |
(Any) |
Graphical Reports |
GD::Text |
(Any) |
Graphical Reports |
GD |
1.20 |
Graphical Reports, New Charts, Old Charts |
Email::MIME::Attachment::Stripper |
(Any) |
Inbound Email |
Email::Reply |
(Any) |
Inbound Email |
Net::LDAP |
(Any) |
LDAP Authentication |
HTML::Parser |
3.40 |
More HTML in Product/Group Descriptions |
HTML::Scrubber |
(Any) |
More HTML in Product/Group Descriptions |
XML::Twig |
(Any) |
Move [% terms.Bugs %] Between Installations |
MIME::Parser |
5.406 |
Move [% terms.Bugs %] Between Installations |
Chart::Base |
1.0 |
New Charts, Old Charts |
Image::Magick |
(Any) |
Optionally Convert BMP Attachments to PNGs |
PatchReader |
0.9.4 |
Patch Viewer |
SOAP::Lite |
(Any) |
XML-RPC Interface |
mod_perl2 |
1.999022 |
mod_perl |
CGI |
3.11 |
mod_perl |
New Features and Improvements
Custom Fields
Bugzilla now includes very basic support for custom fields.
Users in the admin group can add plain-text or drop-down
custom fields. You can edit the values available for drop-down fields
using the "Field Values" control panel.
Don't add too many custom fields! It can make Bugzilla
very difficult to use. Try your best to get along with the default
fields, and then if you find that you can't live without custom fields
after a few weeks of using Bugzilla, only then should you
start your custom fields.
mod_perl Support
Bugzilla 3.0 supports mod_perl, which allows for extremely
enhanced page-load performance. mod_perl trades memory usage for performance,
allowing near-instantaneous page loads, but using much more memory.
If you want to enable mod_perl for your Bugzilla, we recommend
a minimum of 1.5GB of RAM, and for a site with heavy traffic, 4GB to 8GB.
If performance isn't that critical on your installation, you don't
have the memory, or you are running some other web server than
Apache, Bugzilla still runs perfectly as a normal CGI
application, as well.
Shared Saved Searches
Users can now choose to "share" their saved searches
with a certain group. That group will then be able to
"subscribe" to those searches, and have them appear
in their footer.
If the sharer can "bless" the group they're sharing to,
(that is, if they can add users to that group), it's considered
that they're a manager of that group, and their queries show up
automatically in that group's footer (although they can
unsubscribe from any particular search, if they want.)
In order to allow a user to share their queries, they also
have to be a member of the group specified in the
querysharegroup
parameter.
Users can control their shared and subscribed queries from
the "Preferences" screen.
Attachments and Flags on New [% terms.Bugs %]
You can now add an attachment while you are filing a new
[%+ terms.bug %].
You can also set flags on the [% terms.bug %] and on attachments, while
filing a new [% terms.bug %].
Custom Resolutions
You can now customize the list of resolutions available
in Bugzilla, including renaming the default resolutions.
The resolutions FIXED
, DUPLICATE
and MOVED
have a special meaning to Bugzilla,
though, and cannot be renamed or deleted.
Per-Product Permissions
You can now grant users editbugs and canconfirm
for only certain products. You can also grant users editcomponents
on a product, which means they will be able to edit that product
including adding/removing components and other product-specific
controls.
User Interface Improvements
There has been some work on the user interface for Bugzilla 3.0,
including:
- There is now navigation and a search box a the top of
each page, in addition to the bar at the bottom of the page.
- A re-designed "Format for Printing" page for
[%+ terms.bugs %].
- The layout of show_bug.cgi (the [% terms.bug %] editing
page) has been changed, and the attachment table has been redesigned.
XML-RPC Interface
Bugzilla now has a Web Services interface using the XML-RPC
protocol. It can be accessed by external applications by going
to the xmlrpc.cgi on your installation.
Documentation can be found in the
Bugzilla
API Docs, in the various Bugzilla::WebService modules.
Skins
Bugzilla can have multiple "skins" installed,
and users can pick between them. To write a skin, you just have to
write several CSS files. See the Custom
Skins Documentation for more details.
We currently don't have any alternate skins shipping with
Bugzilla. If you write an alternate skin, please
let us know!
Unchangeable Fields Appear Unchangeable
As long as you are logged in, when viewing [% terms.abug %], if you
cannot change a field, it will not look like you can change it. That
is, the value will just appear as plain text.
All Emails in Templates
All outbound emails are now controlled by the templating system.
What used to be the passwordmail
, whinemail
,
newchangedmail
and voteremovedmail
parameters are now all templates in the template/ directory.
This means that it's now much easier to customize your outbound
emails, and it's also possible for localizers to have more
localized emails as part of their language packs, if they want.
We also added a mailfrom
parameter to let you set
who shows up in the From
field on all emails that
Bugzilla sends.
No More Double-Filed [% terms.Bugs %]
Users of Bugzilla will sometimes accidentally submit
[%+ terms.abug %] twice, either by going back in their web browser,
or just by refreshing a page. In the past, this could file the same
[%+ terms.bug %] twice (or even three times) in a row, irritating
developers and confusing users.
Now, if you try to submit [% terms.abug %] twice from the same screen
(by going back or by refreshing the page), Bugzilla will warn
you about what you're doing, before it actually submits the duplicate
[%+ terms.bug %].
Default CC List for Components
You can specify a list of users who will always be added to
the CC list of new [% terms.bugs %] in a component.
File/Modify [% terms.Bugs %] By Email
You can now file or modify [% terms.bugs %] via email. Previous versions
of Bugzilla included this feature only as an
unsupported add-on, but it is now an official interface to
Bugzilla.
For more details see the documentation
for email_in.pl.
Users Who Get All [% terms.Bug %] Notifications
There is now a parameter called globalwatchers. This
is a comma-separated list of Bugzilla users who will
get all [% terms.bug %] notifications generated by Bugzilla.
Group controls still apply, though, so users who can't see [% terms.abug %]
still won't get notifications about that [% terms.bug %].
Improved UTF-8 Support
Bugzilla users running MySQL should now have excellent
UTF-8 support if they turn on the utf8 parameter. (New
installs have this parameter on by default.) Bugzilla
now correctly supports searching and sorting in non-English languages,
including multi-bytes languages such as Chinese.
Automatic Update Notification
If you belong to the admin group, you will be notified
when you log in if there is a new release of Bugzilla
available to download.
You can control these notifications by changing the
upgrade_notification parameter.
If your Bugzilla installation is on a machine that needs to go
through a proxy to access the web, you may also have to set the
proxy_url parameter.
Welcome Page for New Installs
When you log in for the first time on a brand-new Bugzilla
installation, you will be presented with a page that describes
where you should go from here, and what parameters you should set.
QuickSearch Plugin for IE7 and Firefox 2
Firefox 2 users and Internet Explorer 7 users will be presented
with the option to add Bugzilla to their search bar.
This uses the
QuickSearch syntax.
Other Enhancements and Changes
These are either minor enhancements, or enhancements that have
very short descriptions. Some of these are very useful, though!
Enhancements That Affect Bugzilla Users
- In comments, quoted text (lines that start with >)
will be a different color from normal text.
- There is now a user preference that will add you to the CC list
of any [% terms.bug %] you modify. Note that it's on
by default.
- [% terms.Bugs %] can now be filed with an initial state of
ASSIGNED, if you are in the editbugs group.
- By default, comment fields will zoom large when you are typing in them,
and become small when you move out of them. You can disable this
in your user preferences.
- You can hide obsolete attachments on [% terms.abug %] by clicking
"Hide Obsolete" at the bottom of the attachment table.
- If [% terms.abug %] has flags set, and you move it to a different
product that has flags with the same name, the flags will be
preserved.
- You now can't request a flag to be set by somebody who can't set it
(Bugzilla will throw an error if you try).
- Many new headers have been added to outbound Bugzilla
[%+ terms.bug %] emails:
X-Bugzilla-Status
,
X-Bugzilla-Priority
, X-Bugzilla-Assigned-To
,
X-Bugzilla-Target-Milestone
, and
X-Bugzilla-Changed-Fields
, X-Bugzilla-Who
.
You can look at an email to get an idea of what they contain.
- In addition to the old
X-Bugzilla-Reason
email header
which tells you why you got an email, if you got an email because
you were watching somebody, there is now an
X-Bugzilla-Watch-Reason
header that tells you who you
were watching and what role they had.
- If you hover your mouse over a full URL (like
http://bugs.mycompany.com/show_bug.cgi?id=1212
) that
links to [% terms.abug %], you will see the title of the
[%+ terms.bug %]. Of course, this only works for [% terms.bugs %] in your
Bugzilla installation.
- If your installation has user watching enabled, you will now see
the users that you can remove from your watch-list as a multi-select
box, much like the current CC list. (Previously it was just a text
box.)
- When a user creates their own account in Bugzilla, the
account is now not actually created until they verify their email
address by clicking on a link that is emailed to them.
- You can change [% terms.abug %]'s resolution without reopening it.
- When you view the dependency tree on [% terms.abug %], resolved
[%+ terms.bugs %] will be hidden by default. (In previous versions,
resolved [% terms.bugs %] were shown by default.)
- When viewing [% terms.bug %] activity, fields that hold [% terms.bug %]
numbers (such as "Blocks") will have the [% terms.bug %] numbers
displayed as links to those [% terms.bugs %].
- When viewing the "Keywords" field in [% terms.abug %] list,
it will be sorted alphabetically, so you can sanely sort a list on
that field.
- In most places, the Version field is now sorted using a version-sort
(so 1.10 is greater than 1.2) instead of an alphabetical sort.
- Options for flags will only appear if you can set them. So, for
example, if you can't grant + on a flag, that option
won't appear for you.
- You can limit the product-related output of config.cgi
by specifying a product= URL argument, containing the name
of a product. You can specify the argument more than once for multiple
products.
- You can now search the boolean charts on whether or not a comment
is private.
Enhancements For Administrators
- Administrators can now delete attachments, making them disappear
entirely from Bugzilla.
- sanitycheck.cgi can now only be accessed by users
in the editcomponents group.
- The "Field Values" control panel can now only be accessed
by users in the admin group. (Previously it was accessible
to anybody in the editcomponents group.)
- There is a new parameter announcehtml, that will allow
you to enter some HTML that will be displayed at the top of every
page, as an announcement.
- The loginnetmask parameter now defaults to 0 for new
installations, meaning that as long as somebody has the right
login cookie, they can log in from any IP address. This makes
life a lot easier for dial-up users or other users whose IP
changes a lot. This could be done because the login cookie is now
very random, and thus secure.
- Classifications now have sortkeys, so they can be sorted in an
order that isn't alphabetical.
- Authentication now supports LDAP over SSL (LDAPS) or TLS (using
the STARTLS command) in addition to plain LDAP.
- LDAP users can have their LDAP username be their email address,
instead of having the LDAP mail attribute be their
email address. You may wish to set the emailsuffix
parameter if you do this.
- Administrators can now see what has changed in a user account,
when using the "Users" control panel.
REMIND
and LATER
are no longer part
of the default list of resolutions. Upgrading installations will
not be affected--they will still have these resolutions.
- editbugs is now the default for the timetrackinggroup
parameter, meaning that time-tracking will be on by default in a new
installation.
Outstanding Issues
-
[%- terms.Bug %] 69621: If you rename or remove a keyword that is
in use on [% terms.bugs %], you will need to rebuild the "keyword cache"
by running sanitycheck.cgi and choosing
the option to rebuild the cache when it asks. Otherwise keywords may
not show up properly in search results.
-
[%- terms.Bug %] 99215: Flags are not protected by "mid-air
collision" detection. Nor are any attachment changes.
-
[%- terms.Bug %] 89822: When changing multiple [% terms.bugs %] at
the same time, there is no "mid-air collision" protection.
-
[%- terms.Bug %] 276230: The support for restricting access to
particular Categories of New Charts is not complete. You should treat
the 'chartgroup' Param as the only access mechanism available.
However, charts migrated from Old Charts will be restricted to
the groups that are marked MANDATORY for the corresponding Product.
There is currently no way to change this restriction, and the
groupings will not be updated if the group configuration
for the Product changes.
-
[%- terms.Bug %] 370370: mod_perl support is currently not
working on Windows machines.
-
[%- terms.Bug %] 361149: If you are using Perl 5.8.0, you may
get a lot of warnings in your Apache error_log about "deprecated
pseudo-hashes." These are harmless--they are a b[%# fool test %]ug in
Perl 5.8.0. Perl 5.8.1 and later do not have this problem.
- Bugzilla 3.0rc1 allowed custom field column names in
the database to be mixed-case. Bugzilla 3.0 only allows
lowercase column names. It will fix any column names that you have
made mixed-case, but if you have custom fields that previously were
mixed-case in any Saved Search, you will have to re-create that Saved
Search yourself.
Security Updates in This Release
3.0.6
Bugzilla contains a minor security fix. For details, see the
Security Advisory.
3.0.5
Bugzilla contains one security fix for
importxml.pl.
For details, see the
Security Advisory.
3.0.4
Bugzilla 3.0.4 contains three security fixes.
For details, see the
Security Advisory.
3.0.3
No security fixes in this release.
3.0.2
Bugzilla 3.0.1 had an important security fix that is
critical for public installations with "requirelogin" turned on.
For details, see the
Security Advisory
3.0.1
Bugzilla 3.0 had three security issues that have been
fixed in this release: one minor information leak, one hole only
exploitable by an admin or using email_in.pl
, and one in an
uncommonly-used template. For details, see the
Security Advisory.
How to Upgrade From An Older Version
Notes For Upgraders
- If you upgrade by CVS, there are several .cvsignore files
that are now in CVS instead of being locally created by
checksetup.pl. This means that you will have to
delete those files when CVS tells you there's a conflict, and
then run cvs update again.
- In this version of Bugzilla, the Summary field
is now limited to 255 characters. When you upgrade, any Summary
longer than that will be truncated, and the old summary will be
preserved in a comment.
- If you have the utf8 parameter turned on, at some
point you will have to convert your database. checksetup.pl
will tell you when this is, and it will give you certain instructions
at that time, that you have to follow before you can complete
the upgrade. Don't do the conversion yourself manually--follow
the instructions of checksetup.pl.
- If you ever ran 2.23.3, 2.23.4, or 3.0rc1, you will have to run
./collectstats.pl --regenerate at the command line, because
the data for your Old Charts is corrupted. This can take several days,
so you may only want to run it if you use Old Charts.
- You should also read the Outstanding Issues sections of
older release notes if you are upgrading
from a version lower than 2.22.
Steps For Upgrading
Once you have read the notes above, see the
Upgrading
documentation for instructions on how to upgrade.
Code Changes Which May Affect Customizations
Packagers: Location Variables
Have Moved
In previous versions of Bugzilla, Bugzilla::Config
held all the paths for different things, such as the path to localconfig
and the path to the data/ directory.
Now, all of this data is stored in a subroutine,
Bugzilla::Constants::bz_locations.
Also, note that for mod_perl, bz_locations must return
absolute (not relative) paths. There is already code in that
subroutine to help you with this.
Hooks!
Bugzilla now supports a code hook mechanism. See the
documentation for
Bugzilla::Hook
for more details.
This gives Bugzilla very advanced plugin support. You can
hook templates, hook code, add new parameters, and use the XML-RPC
interface. So we'd like to see some Bugzilla plugins
written! Let us know on the developers@bugzilla.org
mailing list if you write a plugin.
If you need more hooks, please
File a bug!
API Documentation
Bugzilla now ships with all of its perldoc built
as HTML. Go ahead and read the
API Documentation
for all of the Bugzilla modules now! Even scripts like
checksetup.pl have HTML documentation.
Elimination of globals.pl
The old file globals.pl has been eliminated.
Its code is now in various modules. Each function went to the module
that was appropriate for it.
Usually we filed [% terms.abug %] in
bugzilla.mozilla.org for
each function we moved. You can search there for the old name of
the function, and that should get you the information about what
it's called now and where it lives.
Cleaned Up Variable Scoping Issues
In normal perl, you can have code like this:
my $var = 0;
sub y { $var++ }
However, under mod_perl that doesn't work. So variables are no
longer "shared" with subroutines--instead all variables
that a subroutine needs must be declared inside the subroutine itself.
No More SendSQL
The old SendSQL function and all of its companions are
gone. Instead, we now use DBI for all database
interaction.
For more information about how to use
DBI with
Bugzilla, see the
Developer's
Guide Section About DBI
Auth Re-write
The Bugzilla::Auth family of modules have been completely
re-written. For details on how the new structure of authentication,
read the
Bugzilla::Auth
API docs.
It should be very easy to write new authentication plugins, now.
Bugzilla::Object
There is a new base class for most of our objects,
Bugzilla::Object.
It makes it really easy to create new objects based on things that are
in the database.
Bugzilla->request-cache
Bugzilla.pm used to cache things like the database
connection in package-global variables (like $_dbh).
That doesn't work in mod_perl, so instead now there's a hash
that can be accessed through Bugzilla->request_cache
to store things for the rest of the current page request.
You shouldn't access Bugzilla->request_cache
directly,
but you should use it inside of Bugzilla.pm if you modify
that. The only time you should be accessing it directly is if you need
to reset one of the caches. Hash keys are always named after the function
that they cache, so to reset the template object, you'd do:
delete Bugzilla->request_cache->{template};
.
Other Changes
- checksetup.pl has been completely re-written, and most
of its code moved into modules in the Bugzilla::Install
namespace. See the
checksetup
documentation and Bugzilla
[%+ terms.bug %] 277502 for details.
- Instead of UserInGroup(), all of Bugzilla now
uses Bugzilla->user->in_group
- mod_perl doesn't like dependency loops in modules, so we now have
a test for that detects dependency loops in modules when you run
runtests.pl.
- globals.pl used to modify the environment variables,
like PATH. That now happens in Bugzilla.pm.
- Templates can now link to the documentation more easily.
See the global/code-error.html.tmpl and
global/user-error.html.tmpl templates for examples.
(Search for "docslinks.")
- Parameters are accessed through Bugzilla->params
instead of using the Param() function, now.
- The variables from the localconfig file are accessed
through the
Bugzilla->localconfig
hash instead of through
Bugzilla::Config.
- Bugzilla::BugMail::MessageToMTA() has moved into its
own module, along with other mail-handling code, called
Bugzilla::Mailer
- The CheckCanChangeField() subroutine in
process_bug.cgi has been moved to Bugzilla::Bug,
and is now a method of [% terms.abug %] object.
- The code that used to be in the global/banner.html.tmpl
template is now in global/header.html.tmpl. The banner
still exists, but the file is empty.
Release Notes For Previous Versions
Release notes for versions of Bugzilla for versions
prior to 3.0 are only available in text format:
Release Notes for Bugzilla 2.22
and Earlier.
[% INCLUDE global/footer.html.tmpl %]
[% BLOCK db_req %]
[% SET m = DB_MODULE.$db %]
For [% m.name FILTER html %] Users
- [% m.name FILTER html %]
[%+ '' IF db_new %]v[% m.db_version FILTER html %]
[% '' IF db_new %]
- perl module:
[%+ m.dbd.module FILTER html %]
[% '' IF dbd_new %]v[% m.dbd.version FILTER html %]
[% '' IF dbd_new %]
[% END %]
[% BLOCK req_table %]
Module | Version |
[% IF include_feature %]
Enables Feature |
[% END %]
[% FOREACH req = reqs %]
[%- req.module FILTER html %] |
[%- IF req.version == 0 %]
(Any)
[% ELSE %]
[%- req.version FILTER html %]
[% END %]
|
[% IF include_feature %]
[% req.feature.join(', ') FILTER html %] |
[% END %]
[% END %]
[% END %]