Release of Bugzilla 4.3.1, 4.2.1, 4.0.6, and 3.6.9

by Bugzilla Team

Today we have several new releases for you!

All of today’s releases contain security fixes. We recommend that all Bugzilla administrators read the Security Advisory that was published along with these releases.

Bugzilla 4.2.1 is our latest stable release. It contains various useful bug fixes and security improvements:

• Download 4.2.1
• Release Notes for 4.2.1

Bugzilla 4.0.6 is a security update for the 4.0 branch:

• Download 4.0.6
• Release Notes for 4.0.6

Bugzilla 3.6.9 is a security update for the 3.6 branch:

• Download 3.6.9
• Release Notes for 3.6.9

Bugzilla 4.3.1 is an unstable development release. This release has not received QA testing from the Bugzilla Project, and should not be used in production environments. Development releases exist as previews of the features that the next major release of Bugzilla will contain. They also exist for testing purposes, to collect bug reports and feedback, so if you find a bug in this development release (or you don’t like how some feature works) please tell us.

• Download 4.3.1

Release of Bugzilla 4.2 and 4.0.5

by Bugzilla Team

Today the Bugzilla Project is extremely proud to announce the release of Bugzilla 4.2!

It has been a year since we released Bugzilla 4.0 in February of 2011, and this new major release comes with several new features and improvements. This release contains major improvements to search, support for SQLite, improved WebServices, and lots of other enhancements.

We hope that you enjoy and appreciate the results of this past year of hard work by our entirely-volunteer community.

• Download 4.2
• Release Notes for 4.2

All of today’s releases contain security fixes. We recommend that all Bugzilla administrators read the Security Advisory that was published along with these releases.

Bugzilla 4.0.5 is a security update for the 4.0 branch:

• Download 4.0.5
• Release Notes for 4.0.5

4.2 only available using bzr / No CVS mirror available

Bugzilla 4.2 is our first stable release to be only available using bzr (Bazaar). This means you cannot use CVS anymore to upgrade to or install 4.2. The 4.0 branch is the last branch available on CVS, meaning you can still upgrade to 4.0.5 using CVS (or bzr). For more information, check the Download page.

EOL for 3.4.x

Please note that the release of Bugzilla 4.2 also marks End Of Life for the Bugzilla 3.4 series, meaning that there will be no further updates for the 3.4.x series, even if there are serious security issues found in that series. We recommend that all installations running the 3.4 series upgrade as soon as possible to 4.2.

Release of Bugzilla 4.2rc2, 4.0.4, 3.6.8, and 3.4.14

by Bugzilla Team

Today we have several new releases for you!

All of today’s releases contain security fixes. We recommend that all Bugzilla administrators read the Security Advisory that was published along with these releases.

Bugzilla 4.2rc2 is our second Release Candidate for Bugzilla 4.2. This release has received QA testing, and should be considerably more stable than the development releases before it. It is still not considered fully stable, and so you should understand that if you use it, you use it at your own risk. This should hopefully be the last candidate before 4.2 final is released.

• Download 4.2rc2
• Release Notes for 4.2rc2

Bugzilla 4.0.4 is our latest stable release. It contains various useful bug fixes and security improvements:

• Download 4.0.4
• Release Notes for 4.0.4

Bugzilla 3.6.8 is a security update for the 3.6 branch:

• Download 3.6.8
• Release Notes for 3.6.8

Bugzilla 3.4.14 is a security update for the 3.4 branch:

• Download 3.4.14
• Release Notes for 3.4.14

Release of Bugzilla 4.2rc1, 4.0.3, 3.6.7, and 3.4.13

by Bugzilla Team

Almost a year after Bugzilla 4.0, the Bugzilla team is proud to announce the first release candidate for Bugzilla 4.2. This release contains major improvements to search, support for SQLite, improved WebServices, and lots of other enhancements. Also, all of today’s releases contain security fixes. We recommend that all Bugzilla administrators read the Security Advisory that was published along with these releases.

Bugzilla 4.2rc1 is our first Release Candidate for Bugzilla 4.2. This release has received QA testing, and should be considerably more stable than the development releases before it. It is still not considered fully stable, and so you should understand that if you use it, you use it at your own risk.

If feedback from this release candidate indicates that it is mostly stable, then Bugzilla 4.2 will be released in a few weeks. If feedback indicates that more extensive fixes are needed, there may be another release candidate after this one.

• Download 4.2rc1
• Release Notes for 4.2rc1

Bugzilla 4.0.3 is our latest stable release. It contains various useful bug fixes and security improvements:

• Download 4.0.3
• Release Notes for 4.0.3

Bugzilla 3.6.7 is a security update for the 3.6 branch:

• Download 3.6.7
• Release Notes for 3.6.7

Bugzilla 3.4.13 is a security update for the 3.4 branch:

• Download 3.4.13
• Release Notes for 3.4.13

Note that once we release the final Bugzilla 4.2, the 3.4.x series will reach End Of Life. This means that it won’t get any new security fixes, leaving these installations vulnerable to these exploits. Installations still running 3.4.x or older are strongly encouraged to upgrade to 4.0.x or 4.2rc1.

Release of Bugzilla 4.1.3, 4.0.2, 3.6.6, and 3.4.12

by Bugzilla Team

Today we have several new releases for you!

All of today’s releases contain security fixes. We recommend that all Bugzilla administrators read the Security Advisory that was published along with these releases.

Bugzilla 4.0.2 is our latest stable release. It contains various useful bug fixes and security improvements:

• Download 4.0.2
• Release Notes for 4.0.2

Bugzilla 3.6.6 is a security update for the 3.6 branch:

• Download 3.6.6
• Release Notes for 3.6.6

Bugzilla 3.4.12 is a security update for the 3.4 branch:

• Download 3.4.12
• Release Notes for 3.4.12

Bugzilla 4.1.3 is an unstable development release. This release has not received QA testing from the Bugzilla Project, and should not be used in production environments. Development releases exist as previews of the features that the next major release of Bugzilla will contain. They also exist for testing purposes, to collect bug reports and feedback, so if you find a bug in this development release (or you don’t like how some feature works) please tell us.

• Download 4.1.3

Release of Bugzilla 4.1.2, 4.0.1, 3.6.5, and 3.4.11

by Bugzilla Team

Many users had difficulty installing Bugzilla 4.0, 3.6.4, and 3.4.10, due to a bug related to the “Math::Random::Secure” library. These releases fix that bug among other issues.

Bugzilla 4.0.1 is our latest stable release. It contains various useful bug fixes:

• Download 4.0.1
• Release Notes for 4.0.1

Bugzilla 3.6.5 is a bug-fix update for the 3.6 branch:

• Download 3.6.5
• Release Notes for 3.6.5

Bugzilla 3.4.11 is an update to fix installation problems on the 3.4 branch:

• Download 3.4.11
• Release Notes for 3.4.11

Bugzilla 4.1.2 is an unstable development release. This release has not received QA testing from the Bugzilla Project, and should not be used in production environments. Development releases exist as previews of the features that the next major release of Bugzilla will contain. They also exist for testing purposes, to collect bug reports and feedback, so if you find a bug in this development release (or you don’t like how some feature works) please tell us.

For details on what’s new in this development release and what’s going on with the Bugzilla Project, see our latest Bugzilla Update.

• Download 4.1.2

Release of Bugzilla 4.1.2, 4.0.1, 3.6.5, and 3.4.11

by Max Kanat-Alexander (mkanat)

Hey Bugzilla users! We just released four new versions of Bugzilla. There were a lot of cool bug fixes in 3.6.5 and 4.0.1, but most importantly, if you had trouble installing Bugzilla 4.0, you should try again now with Bugzilla 4.0.1. There was a problem with the way that our install-module.pl script installed the Math::Random::Secure module–basically, it would install the module even though the module’s prerequisites failed to install. Then when you tried to run checksetup.pl, Math::Random::Secure would throw a cryptic error about “Math::Random::Secure::irand.”

Now, in 4.0.1 and 3.6.5, install-module.pl won’t install the module if installing it would break your system. Basically, following the standard installation instructions should work fine, now. Bugzilla 3.4.11 took this a step further and no longer uses Math::Random::Secure at all for this older branch (although don’t worry, Bugzilla 3.4.x is still secure).

For 4.1.2, we made this protection even more extreme–install-module.pl now completely refuses to operate if you don’t have a compiler installed somewhere on your system (because so many CPAN modules require a compiler, and CPAN throws very confusing error messages when there is no compiler available on your system).

New Features in 4.1.2

All right, with all that out of the way, let’s talk about new features in 4.1.2! Here’s a quick list of important new things:

• Extensions can call a web\_dir method to get the on-disk path to where web-accessible files should go for the extensions.
• Work to improve Bugzilla’s accessibility (per the WAI WCAG) is ongoing.
• There’s a new hook in Bugzilla::Install::Filesystem to allow extensions to create their own files, directories, etc.
• Searching by relative dates (like 1d, 1w, etc.) now don’t round you off to the beginning of the time period (that is, the beginning of the day, the start of the week) unless you put the letter “s” after them (exception: searching for “0d” or “0w” still gives you the start of that the current day, week, etc.).
• New WebService function: Product.create
• New WebService function: Group.create
• If you change the requestee of a flag that is set to “?”, the “requester” will not change.
• install-module.pl now requires a compiler to be installed on the system.
• Update to YUI 2.9.0.
• contrib/bugzilla_ldapsync.rb has been removed (it was non-functional).
• If you are using some authentication method that uses the extern_id field (like LDAP), you can now edit a user’s extern_id from the Users control panel.

The Plan For Pretty

So, as you may have read, the “Make Bugzilla Pretty” contest is over, and Jonathan Wilde has won. The current plan is for his UI to be the new official UI for Bugzilla 5.0, which will come some time after 4.2.

Basically, the way that it will work is this: After we branch for 4.2, we will create a new “pretty” branch. The Bugzilla team will work on implementing the new UI in this branch, while simultaneously doing new feature development on the normal Bugzilla trunk. Once the “pretty” branch is ready, it will be merged back into the trunk. We can do this all fairly efficiently thanks to bzr.

Now, there is a chance that the “pretty” branch won’t be ready by the time we want to do the release that follows 4.2. In this case, that release will be called 4.4 and the release after that will have the new UI. However, we very much want to release the new UI as soon as possible, so our goal is for 5.0 to be the release after 4.2.

Get Involved

As always, we love new contributors in every area. There are a lot of ways to contribute to Bugzilla–you don’t just have to be a programmer. In particular, we’d really love to have somebody to be in charge of our documentation. If you know anybody who’s a great documenter (including yourself!) who wants to help out an open-source project, please send them our way!

Winner of the "Make Bugzilla Pretty" Contest

by Max Kanat-Alexander (mkanat)

All the votes are in for the “Make Bugzilla Pretty” contest, and we have a winner!

First off, let me say that every single entry was amazing. Every single person who entered had innovative ideas, and nearly every entry was prettier than our current UI.

There were four candidates who were mentioned in some positive way by almost every voter:

• Long Duong
• Jonathan Wilde
• Alex Faaborg
• Zeeshan Syed

Any of these designers would be a worthwhile addition to any UX team anywhere. Simply the ability to take Bugzilla’s existing UI and turn it into something that nearly everybody finds attractive is an accomplishment that few designers could achieve. In the 13 years of Bugzilla’s history, I’ve never seen it done before these entries. I would be personally happy to write a recommendation for any of the above designers, and they may contact me for that if they wish.

Let’s just say a few words about each of these designs:

Alex Faaborg

There were a ton of positive comments on the usability aspects and organization of Alex Faaborg’s [Bracket] theme, particularly some of the new fields suggested and the brilliant use of color to improve the scanability of the page. It was impressive that everything on the page is basically text or lines, and yet it creates a very readable, clean, simple layout.

We expect future versions of Bugzilla to draw a lot on the usability concepts present in Faaborg’s design, even though it is not the first-place winner.

Zeeshan Syed

There were a lot of positive comments on the use of space in Zeeshan Syed’s design. The color contrast really makes things readable, the tab navigation is very clear, and the section titles really stand out.

Long Duong

Voters were almost overwhelmingly positive about Long Duong’s design. Many people mentioned that they liked the clean lines and very “Bugzilla” feel of the bug page, and that the collapsible sections were a great touch while still being visually appealing. There was also a lot of positive feedback about the header design–people really loved its organization and style. Finally, the home page design was just really cool.

Based on the number of votes and the general amount of positive feedback, Duong is our first runner-up for the Make Bugzilla Pretty contest, and it is very likely that we will end up incorporating some of his UI concepts into our final design.

Jonathan Wilde

This was a stiff competition, and all of the above designs would have worked great as our new UI. However, the winner of the “Make Bugzilla Pretty” contest, and indeed the recipient of the majority of votes, is Jonathan Wilde:

“Jonathan Wilde’s Winning Design”

Jonathan’s ability to convert our UI into something beautiful and simple that even new users will find approachable is beyond anything that we had ever imagined could be done with Bugzilla. We are thrilled that Jonathan has won, and excited to implement his design as the official UI of Bugzilla 5.0.

Thanks to Everybody

We would like to thank everybody who entered. Your entries made this contest a fascinating and transformative experience for the Bugzilla Project. We were consistently amazed at the creativity, intelligence, and design sense that so many of you displayed, and wish you great fortune in the future of your careers.

Bugzilla 4.1.1 Development Release

by Max Kanat-Alexander (mkanat)

Less than a month after our release of 4.0, we have our first development snapshot, Bugzilla 4.1.1 available for you! This is our first release towards what will eventually be 4.2, and it’s got a bunch of new features. Here’s a really quick overview of what’s new in 4.2:

• Bugzilla now sends bugmail in both text and HTML.
• You can disable component, milestone, and version values.
• You can now create an attachment by pasting it into a text field.
• If you are using a modern web browser, then after you update a bug, the URL in your web browser will be the URL to view the bug. (So, pressing refresh will simply let you see the bug, and not try to update it again. Also, if you have “session restore” in your browser, it will load the bug instead of an error page.)
• Comments are no longer automatically word-wrapped by the server, but are instead word-wrapped in the browser. This means that they are no longer exactly 80 characters wide–they are now wider.
• Tabular reports now look nicer and can be sorted.
• There is a new link, (take) that appears next to the Assignee field and allows you to assign a bug to yourself.
• Bugzilla can now run on SQLite as its database system. This is experimental and should not yet be used for production systems.
• You can now say that a custom field should only appear when any of a set of values are set on another field. (So, for example, you could say that a single field appears in multiple products.)
• You can now choose to optionally (as a user preference) not have Quicksearch search bug comments.
• The default list of columns for search results is now more sensible.
• Bugzilla now audits most changes to most things in the system, and stores this auditing information in a table in the database. There is not yet a UI into this table.
• The system for deciding how and when to store attachments on the disk (instead of in the database) has been simplified.
• long_list.cgi, xml.cgi, and showattachment.cgi are gone. (They were not in use since a very old version of Bugzilla.) We also removed sidebar.cgi (the sidebar) because it wasn’t in use and future versions of Firefox will not support it.
• You can search for bugs based on the number of comments that they have.
• Also, you can add “number of comments” as a column in your search results.
• Boolean charts now work sensibly for almost all fields. For example, searching for “CC is not equal to” now finds bugs where that user is not CC’ed, instead of all bugs that have at least one CC who isn’t that user. However, some of the old “magical” boolean chart functionality (such as searching for only attachment flags if you specify both a flag criterion and an attachment criterion) is temporarily missing while we redesign the search system.
• By default, searches now only return 500 results. (You can click a link to see more.) Searches may also now never return more than 10,000 results.
• The “See Also” field now accepts many more types of URLs. It also accepts simple bug numbers to refer to a bug in your current Bugzilla. Adding a local bug number to the “see also” field will also cause that bug’s “See Also” to point to this bug.
• If you only have the “editcomponents” privilege for one or more products, you can now manage Flags for those products.
• You can now specify “limit” and “offset” as URL parameters for all searches. These work much like their similar SQL equivalents.
• You can now require a certain level of password complexity for your users.
• When you run checksetup.pl to create a new Bugzilla database, it will print out far less information than it used to.
• Almost all of the important information that checksetup.pl prints out can now be localized.
• There is now a specific directory in bz\_locations (in Bugzilla::Constants) for where the pre-compiled templates are stored, that can be customized.
• This release contains an initial implementation of a new tags system. The new UI for this tags system has not yet been implemented.
• There is now a special group for moderating quips, so you don’t have to be an admin.
• Bugzilla can now automatically detect the correct encoding for text attachments that aren’t in UTF-8.

Those are most of the major new changes that are in 4.1.1 over 4.0. We also have many other features planned for 4.2.

We hope that you enjoy testing Bugzilla 4.1.1 and we would love to hear your feedback, both on how the new features work and any bugs that you may find!

Release of Bugzilla 4.1.1

by Bugzilla Team

Bugzilla 4.1.1 is our first unstable development release toward 4.2. Please test it and give us feedback! We are still relatively early in the development cycle for 4.2, so this is the ideal time to tell us if you want some feature to work significantly differently.

This release has not received QA testing from the Bugzilla Project, and should not be used in production environments. Development releases exist as previews of the features that the next major release of Bugzilla will contain. They also exist for testing purposes, to collect bug reports and feedback, so if you find a bug in this development release (or you don’t like how some feature works) please tell us.

For details on what’s new in this development release and what’s going on with the Bugzilla Project, see our latest Bugzilla Update.

• Download 4.1.1