5.0.5

Release Notes

Introduction

Welcome to Bugzilla 5.0! It has been slightly over two years since we released Bugzilla 4.4 in May of 2013. This new major release comes with many new features and improvements to WebServices and performance.

If you're upgrading, make sure to read Notes On Upgrading From a Previous Version. If you are upgrading from a release before 4.4, make sure to read the release notes for all the previous versions in between your version and this one, particularly the Upgrading section of each version's release notes.

Updates in this 5.0.x Release

5.0.5

This release reformats the code according to the same conventions as the popular Mojolicious product and includes a .perltidyrc to do the same. You may use whatever coding style you want, but all files commited to the repo must be reformatted according to those rules.

Additionally, we no longer follow the same release process as before. Releases will be more frequent.

As it is now 2019, the bugs_fulltext table is now InnoDB instead of MyISAM. This may cause upgrade headaches.

5.0.4

This release fixes one security issue. See the Security Advisory for details.

This release also contains the following bug fixes:

5.0.3

This release fixes one security issue. See the Security Advisory for details.

This release also contains the following bug fixes:

5.0.2

This release fixes two security issues. See the Security Advisory for details.

This release also contains the following bug fixes:

5.0.1

This release fixes one security issue. See the Security Advisory for details.

This release also contains the following bug fixes:

Minimum Requirements

Any requirements that are new since 4.4 will look like this.

Perl

Perl v5.10.1

For MySQL Users

For PostgreSQL Users

For Oracle Users

For SQLite Users

Required Perl Modules

Module Version
CGI 3.51
Digest::SHA (Any)
Date::Format 2.23
DateTime 0.75
DateTime::TimeZone 1.64
DBI 1.614
Template 2.24
Email::Sender 1.300011
Email::MIME 1.904
URI 1.55
List::MoreUtils 0.32
Math::Random::ISAAC 1.0.1
JSON::XS 2.01

Optional Perl Modules

The following perl modules, if installed, enable various features of Bugzilla:

Module Version Enables Feature
GD 1.20 Graphical Reports, New Charts, Old Charts
Chart::Lines 2.4.1 New Charts, Old Charts
Template::Plugin::GD::Image (Any) Graphical Reports
GD::Text (Any) Graphical Reports
GD::Graph (Any) Graphical Reports
MIME::Parser 5.406 Move Bugs Between Installations
LWP::UserAgent (Any) Automatic Update Notifications
XML::Twig (Any) Move Bugs Between Installations, Automatic Update Notifications
PatchReader 0.9.6 Patch Viewer
Net::LDAP (Any) LDAP Authentication
Authen::SASL (Any) SMTP Authentication
Net::SMTP::SSL 1.01 SSL Support for SMTP
Authen::Radius (Any) RADIUS Authentication
SOAP::Lite 0.712 XML-RPC Interface
XMLRPC::Lite 0.712 XML-RPC Interface
JSON::RPC (Any) JSON-RPC Interface, REST Interface
Test::Taint 1.06 JSON-RPC Interface, XML-RPC Interface, REST Interface
HTML::Parser 3.67 More HTML in Product/Group Descriptions
HTML::Scrubber (Any) More HTML in Product/Group Descriptions
Encode 2.21 Automatic charset detection for text attachments
Encode::Detect (Any) Automatic charset detection for text attachments
Email::Reply (Any) Inbound Email
HTML::FormatText::WithLinks 0.13 Inbound Email
TheSchwartz 1.07 Mail Queueing
Daemon::Generic (Any) Mail Queueing
mod_perl2 1.999022 mod_perl
Apache2::SizeLimit 0.96 mod_perl
File::MimeInfo::Magic (Any) Sniff MIME type of attachments
IO::Scalar (Any) Sniff MIME type of attachments
Cache::Memcached (Any) Memcached Support
File::Copy::Recursive (Any) Documentation
File::Which (Any) Documentation

Optional Apache Modules

If you are using Apache as your webserver, Bugzilla can take advantage of some Apache features if you have the below Apache modules installed and enabled.

On most systems (but not on Windows), checksetup.pl is able to tell whether or not you have these modules installed, and it will tell you.

New Features and Improvements

Improved WebServices

This release has major improvements in the WebServices interface. One big addition is a new REST-like endpoint alongside the existing XML-RPC and JSON-RPC endpoints. This will allow clients to access Bugzilla data using standard HTTP calls for easy development. Note: XML-RPC and JSON-RPC are deprecated in favor of REST and will likely be removed in the Bugzilla 7.0 release.

Also API key support has been added so that API calls will no longer need to use cookies or a user's login and password. Users can create a different API key for each application and revoke API keys that have been compromised or are no longer needed. The API key will simply be passed to each call as credentials.

Several methods have been added and existing ones improved to allow returning data that was not available before such as Group.get. Bug.search is now as full featured as the Advanced Query UI allowing for the same searches to be executed. Attachment data such as flags and other metadata can now be updated through the API. Other WebService changes are detailed below.

Improved Caching using Memcached

Bugzilla now has the ability to connect to a Memcached server running either locally or on the network to allow fast access to different types of data. This cuts down on the amount of database hits and can improve performance. Other areas have been improved as well to take advantage of caching in memory for objects that are retrieved multiple times during a request such as user data, etc.

Ability to Tag Bug Comments

Users can add tags, visible to other users, to bug comments. This gives the users the ability to thread conversations, mark comments as spam, identify important comments, etc. Users can hide comments that contain specific tags if desired. The tag input field also supports autocompletion so commonly used tags can be selected. Administrators can make specifically tagged comments be automatically hidden from view.

Improved Bug Group Membership Checking

In the past, Bugzilla restricted who can view a bug to everyone who was a member of ALL the groups the bug was in. That is, the groups were ANDed together. This made some access control scenarios rather difficult to achieve. So now, Bugzilla defaults to (and can be switched to, in existing installations) a mode where the bug can be viewed by everyone who is a member of ANY group the bug is in. That is, the groups are ORed together. This give more flexibility in the way bugs are made private to specific groups of users.

Note: Group memberships for bugs and users are not changed at all when this setting is switched. When switching from AND to OR, this means that bugs may be more widely viewable than previously. It is the responsibility of the administrator to make sure that no bugs are accidentally revealed to the wrong people when changing this setting.

Improved Documentation for Users and Administrators

The standard documentation that is shipped along with the Bugzilla code has been rewritten and improved using the reStructuredText format. This allows the documentation to be easily hosted at sites such as ReadTheDocs.org and can also be more easily converted into different formats such as HTML and PDF. A new section dedicated to the new REST WebService API has also been added, significantly improving on the old WebService documentation.

Other Enhancements and Changes

Enhancements for Users

Enhancements for Administrators and Developers

WebService Changes

Code Changes Which May Affect Customizations and Extensions