Flyspray 1.0-rc11

Summary of Changes

• works with the PHP versions I tested (between 7.2 and current 8.3.2). Older may still work but not tested.

Regressions

From 1.0-rc10 to 1.0-rc11 following regressions are known:

• Changes to a category tree are not saved. The sent form has no effect.
• Moving a user from one group to another group is not saved. The sent form has no effect.
• Deleting a task reminders was not possible. The sent form has no effect. Now fixed and available in next release.

What's Changed

• Newtask addtags by @peterdd in #773
• Updated language file by @FrancescoGd in #774
• Remove dokuwiki safemodehack by @peterdd in #776
• No required parameter after optional parameter by @peterdd in #777
• Update class.gpc.php by @peterdd in #778
• remove unused pass_phrase variable by @blu-base in #780
• Update cz.php by @MiroHofo in #782
• debug option during install for devs by @peterdd in #783
• list update checks by @peterdd in #784
• Update cz.php by @peterdd in #786
• Update sk.php by @peterdd in #787
• Allows sorting tasks by effort / estimated effort by @HalibutGitWiz in #792
• Refactor bulkupdate by @peterdd in #794
• Dokuwiki fixes for PHP8 by @peterdd in #795
• Update secureimage to 3.6.8 for php8.2 compat by @peterdd in #816
• load dokuwiki config earlier before writing a cache entry to db, fixes warning GH#817 by @peterdd in #818
• autodetect next taskid for createTestData by @peterdd in #821
• Adapt .htaccess for Apache2.4 by @peterdd in #822
• Shorter searchurls by @peterdd in #830
• setup css fix by @peterdd in #831
• Original logo by @peterdd in #832
• better error message when db connection failed by @peterdd in #838
• use correct URI protocol to make Jabber ID clickable by @haansn08 in #833
• fix GH#811 setup translation fallbacks not shown for some languages by @peterdd in #839
• optional autofallback language settings by @peterdd in #846
• keep protocol visible in emails by @peterdd in #847
• Xmpp info by @peterdd in #851
• xmpp unsent messages cleanup by @peterdd in #852

New Contributors

• @blu-base made their first contribution in #780
• @MiroHofo made their first contribution in #782
• @HalibutGitWiz made their first contribution in #792
• @haansn08 made their first contribution in #833

Full Changelog: v1.0-rc10...v1.0-rc11

Flyspray 1.0-rc10

Summary of Changes

• PHP 7.4 and PHP 8.0 compatible. Minimum is PHP 5.6 (older PHP versions are not tested)
• There is now the username used as displayed text for linking to a user instead of realname.
  The username is unique visible for users and makes the mention plugin possible.
  The realname can be set to whatever string by the user and is not unique within a Flyspray installation.
  The realname or more info about a user is still visible to user with mouse over (using title attribute or tooltip)
• Tags are now searched also by the search string.
• Easy adding and removing of tags when editing a task.
• Tags attached to a task now have an added timestamp stored and the userid who added it.
• The userlist in the admin area can now be sorted by columns similiar to tasklist.
• The userlist in the admin area now has a search form.
• The feature Tags can be turned on and off.
• Experimental feature Kanbanview and Ganttview can be turned on and off in admin area. These are really just stubs for future.
• Extended Checks admin area
• The tab Spam Prevention in the admin area Preferences now contains a rel nofollow setting.
• Updated the database layer to ADOdb to 5.21.
• Many little CSS changes to make it more usable on small devices.

Updated Editors

The Icons of the editor toolbars are now better suited for switching between normal and darkmode theme.
The H1 and H2 title level buttons are removed from toolbars but their usage is not forbidden.
The H1 and H2 are currently used for Flyspray page heading and H2 for the task title. Instead beside H3 also H4 an dH5 buttons are added to the toolbars.

CKEditor

• Updated CKEditor for installations using 'html' syntax_plugin setting.
• Has now Highlight.js plugin included for syntax highlighting.

Dokuwiki

• Improved toolbar for installations using 'dokuwiki' syntax_plugin setting. Some icons removed and some added to fit better for task editing and compatible with bright/dark CSS theming.
• Wrote a @username mention dokuwiki plugin to link to an existing user on comments, task details and other dokuwiki text area fields. Note: There is no notification
  sent to the mentioned users, it is currently just the detection of a @username within task description or a comment.
• The search result list and also when viewing a task from there now highlights the search words.

Flyspray 1.0-rc9

Changes:

fix french language file which was broken in Flyspray 1.0-rc8

Flyspray 1.0-rc8

Main Changes:

• privacy: Recipients of same language of a notification email are now put into Bcc: field, not To: field.
  See 2135612
  (For small internal intimate teams/friends maybe cool to see who else receives a notification, but not public projects. Do a feature request for a config option if there is demand.)
• security fix: It was possible for a user with view history permission in one project to view history of other projects or global event history. (all previous versions affected)
• move task to other project now handles all cases (1.0-rc7 was quite strict to reveal possibe inconsistencies to the user, but incomplete to provide solutions)
• mass operation can now be enabled in admin area. But no check for possible inconsistencies and no notifications will be sent for that operations!
• several php warnings are fixed (csv export, rss/atom)
• minimum PHP5.4 (older PHP5.3 may work, but not tested anymore) - PHP7.3

Flyspray 1.0-rc7

Main Changes:

• PHP 7.2 compatible
• better password hashes using password_hash()
• also Google reCaptcha configurable
• a new basic checks tab in admin area
• more fields chooseable in admin editallusers view
• last_login field in user table

flyspray-1.0-rc7.tgz has all 3rd party libraries included.

Flyspray 1.0-rc6

Security release

Several security issues were reported and fixed with this release.

Flyspray 1.0-rc4

security release

• security fix: XSS was possible on task link attachments and comment link attachments
• security fix: XSS was possible on task details and task comment when syntax_plugin='none'

Flyspray 1.0-rc3 (hotfix)

Main changes since Flyspray 1.0 RC1

• security hotfix: deactivated fetch.php of dokuwiki syntax plugin due 2 reported security problems (probably all previous Flyspray versions)
• bugfix: user with only modify_own_tasks wasn't able to update tasks due too strict form checks (v1.0-rc1 was affected)
• security improvement: use crypt() instead md5 as default config setting at installation
• security fix: added missing permission checks for RSS/Atom feeds
• security fix (3rd library): The .zip contains now ADOdb 5.20.7 .
• security fix (3rd library): The .zip for php5.6 with 3rd libraries included now contains guzzle in a fixed version after httpoxy . (The others below php5.6 were not affected, because only guzzle since 4.0 was affected by httpoxy vulnerability.)
• bugfix: better settings possible combined with anonymous task creation feature
• bugfix: dokuwiki: geshi syntax highlighting working (task description, comments, project and flyspray info boxes)
• feature: language chinese traditional:taiwan/HongKong added

Flyspray 1.0 RC1

Changes since Flyspray 1.0 RC:

• bugfix: It was possible that quickedit checked user permissions against the default project, not the project of the task.
• bugfix: accept priority with id 6 again
• bugfix: 0 effort entries in effort tracking are now ignored and not shown as "in progress"
• feature: mysqli db connect to a local socket, workaround a missing adodb driver functionality.
• bugfix: preinstall check for exif extension
• enhancement: updated finnish translation

Flyspray 1.0 RC

Changes since Flyspray 1.0 Beta2:

• bugfix: notifications were sent to all users under some circumstances
• bugfix: search filters couldn't be deleted
• https://bugs.flyspray.org/index.php?do=tasklist&status[]=closed&closedfrom=2015-10-12&closedto=2016-03-23
• https://github.com/Flyspray/flyspray/commits/master