Not Yet Released
0025016: [bugtracker] Default projection is ignored (atrol)
0025002: [custom fields] Error when updating content in a custom field of type "Text Area" ("Textbereich"): History cannot be stored (atrol)
0024990: [email] Update PHPMailer to 6.0.6 (dregad)
0024988: [email] Update Disposable Email Checker to 3.1.0 (dregad)
0024976: [ui] Sidebar's collapsed state is not preserved (dregad)
0024987: [api rest] Update Slim Framework to 3.11.0 (dregad)
0024989: [bugtracker] Update ADOdb to 5.20.13 (dregad)
0024986: [api rest] Update Guzzle to 6.3.3 (dregad)
0024931: [signup] PHP warnings and errors when trying to signup existing user (atrol)
0021284: [installation] memory_limit test fails when memory_limit is set to -1 (atrol)
0024932: [preferences] "Manage" menuitem visible even though no access (atrol)
0023712: [authentication] auth_get_current_user_id can return strings while that is not expected (vboctor)
0024925: [administration] Misleading Message in the creation of user (atrol)
0024896: [authentication] Password managers don't work with password login page (cproensa)
0024882: [relationships] relationship_can_resolve_bug function problem (atrol)
0024877: [bugtracker] IssueNoteAddCommand: reassign_on_feedback doesn't work if reporter is not specified (vboctor)
16 issues View Issues
Not Yet Released
0024985: [security] Update PHPMailer to 5.2.27 (dregad)
0024899: [filters] Filter assigned to shows <br /> (atrol)
2 issues View Issues
Released 2018-10-17
Feature release
0024822: [code cleanup] Code Cleanup (atrol)
0024741: [plug-ins] Plugin Columns - Export CSV or Excel - PHP 7.2.7 - crash error 500 - Reason missing 2 argument in call (dregad)
0010411: [bugtracker] Changes to project_view_state and view_state to create only private projects (vboctor)
0024520: [html] Missing fallback for "Open Sans" font (community)
0024774: [tagging] Error Creating Issue with new TAG (vboctor)
0024823: [performance] Performance enhancements of string processing (atrol)
6 issues View Issues
Released 2018-10-16
Maintenance release for 2.17.x series.
0024814: [security] CVE-2018-17783: XSS in manage_filter_edit_page.php (atrol)
0024813: [security] CVE-2018-17782: XSS in manage_filter_page.php (atrol)
2 issues View Issues
Released 2018-09-25
Security fix for 2.17.x release
0024731: [security] CVE-2018-16514: Reflected XSS in view_filters_page.php via core/filter_form_api.php (dregad)
1 issue View Issues
Released 2018-09-04
Feature release
0024616: [relationships] relationship visibility in different project permission (atrol)
0024632: [tagging] Tag cannot be selected if a tag containing the text of that tag has already been selected (atrol)
0024633: [bugtracker] Late error message when trying to resolve issues (atrol)
0024635: [authorization] Wrong box visibility on My View page (atrol)
0012677: [administration] Please change a search option to manage users (atrol)
0020101: [api soap] mc_filter_search_issues can't filter by date (community)
0023336: [html] Inline image attachments should have their own container to prevent scrolling (atrol)
0023915: [administration] Search for a part of (Real Name - Username - Email) (atrol)
0024622: [api rest] Add function for creating a new project via REST (community)
0024624: [api rest] Add function for updating a project via REST (community)
0024636: [api rest] Add function to delete a project via REST API (vboctor)
0024643: [ui] bug_actiongroup and custom bug_actiongroup don't provide the same user experience when displaying error message (dregad)
0024644: [ui] Footer displays behind sidebar on bug_actiongroup.php (dregad)
0024696: [authorization] Custom fields can be changed without having update_bug_threshold access rights (atrol)
0024717: [api soap] Add filter for the “last updated“ date in the soap api (community)
0024719: [administration] Impersonate User is offered for disabled users (atrol)
16 issues View Issues
Released 2018-09-04
Maintenance release for 2.16.x series.
0024647: [security] CVE-2018-14895: XSS in bug_actiongroup.php (atrol)
1 issue View Issues
Released 2018-09-03
Maintenance release for 1.3.x series.
0024648: [security] CVE-2018-14895: XSS in bug_actiongroup.php (atrol)
1 issue View Issues
Released 2018-07-30
Feature release
0022083: [ui] Local copy of Open Sans font does not include Latin-ext characters (atrol)
0023978: [ui] Fonts are not rendered correctly in Windows clients (atrol)
0024416: [upgrade] Improve handling of unserialize errors when upgrading (dregad)
0023992: [ui] Font = Times News Roman after Upgrade from v2.7.0 (atrol)
0024501: [installation] MantisBT on Windows - Check for php_fileinfo.dll enabled on php.ini (atrol)
0024523: [performance] Unneeded information in Change Log and Roadmap (atrol)
0024552: [code cleanup] Code Cleanup (atrol)
0024553: [performance] Performance enhancement of config_get_global function (atrol)
0024564: [timeline] Missing display of events in Timeline if All Projects is selected (atrol)
0024578: [documentation] Documentation: PHP documentation link: "installation.php" -> "install.php" (dregad)
0024579: [documentation] Documentation: Admin Guide: Installation: Broken Link "Microsoft IIS", is now https://docs.microsoft.com/en-us/iis (dregad)
0021376: [upgrade] Error in upgrade process 1.2.17 --> 1.3.0 (dregad)
12 issues View Issues
Released 2018-07-30
Maintenance release for 2.15.x series.
0024580: [security] CVE-2018-13055: Reflected XSS in view filters page (dregad)
0024608: [security] CVE-2018-14504: XSS in edit filters page (atrol)
2 issues View Issues
Released 2018-06-05
0024437: [filters] Cannot save private filter if not allowed to save shared filter (community)
0024496: [wiki] URL encoding precludes reasonable wiki root_namespace values (community)
0024242: [bugtracker] Incorrect issue status setting when changing status (vboctor)
0024388: [api rest] Support create project versions via REST API (vboctor)
0024398: [tagging] Exception Missing Class (atrol)
0024432: [security] Update-Blocker:User-ID instead of Realname 0024139 as due to security policy requirements which prohibit IDs in mails and masks (atrol)
0024435: [filters] show_user_realname_threshold is not considered when sorting by reporter or handler (atrol)
0024436: [ui] Selecting users is not easy if show_realname is set to ON (atrol)
0024470: [other] System warning if $g_log_destination = 'page' when using PHP 7.2 (atrol)
0024462: [api soap] Error while querying for issue header with PHP 7.2 (atrol)
0024476: [performance] Unneeded &lt;meta&gt; tag in &lt;head&gt; section (atrol)
0024139: [ui] $g_show_realname for making usernames private (atrol)
12 issues View Issues
Released 2018-04-30
0024192: [bugtracker] Update ADOdb to 5.20.12 (dregad)
0024236: [code cleanup] IssueAddCommand Prevents API Folder Removal (atrol)
0024174: [code cleanup] E_DEPRECATED error on php7.2: each() function (dregad)
0024196: [api rest] Update Slim Framework from 3.8.1 to 3.9.2 (vboctor)
0024197: [api rest] Update GuzzleHttp from 6.3.0 to 6.3.2 (vboctor)
0024220: [documentation] Wrong documentation of datetime_picker_format in Admin Guide (atrol)
0024325: [code cleanup] Code Cleanup (atrol)
0024326: [documentation] Wrong documentation of my_view_boxes in Admin Guide (atrol)
0024333: [api rest] Support getting a single project via REST API (vboctor)
0024336: [administration] Plugin priority changed without being changed by user interaction (atrol)
10 issues View Issues
Released 2018-04-29
Maintenance release for 2.13.x series.
0024221: [security] CVE-2018-9839: Private issues accessible to unauthorized users using the "Clone" functionality (dregad)
0024233: [markdown] Markdown quoting rendered with broken HTML (atrol)
0024239: [email] Inconsistent realname display (atrol)
0024335: [api rest] Get all filter or specific filter returns incorrect information (vboctor)
0024343: [api rest] REST API returns too much info for default category handler (vboctor)
0024346: [api rest] Don't show category default handler for users that can't manage the project (vboctor)
0024349: [api soap] API method mc_filter_get does not work (vboctor)
0024353: [code cleanup] mb_internal_encoding no longer being set because of removal utf8 library (atrol)
0024355: [bugtracker] SYSTEM WARNING 'count(): Parameter must be an array or an object that implements Countable' in 'IssueNoteAddCommand.php (atrol)
9 issues View Issues
Released 2018-04-29
Security fixes release for 1.3.x series.
0024365: [security] CVE-2018-9839: Private issues accessible to unauthorized users using the "Clone" functionality (dregad)
1 issue View Issues
Released 2018-04-04
Maintenance release for 2.13.x release series.
0024202: [markdown] Broken rendering of @ mentions, # issue and ~ note links (atrol)
1 issue View Issues
Released 2018-04-04
Maintenance release for 2.12.x release series.
0024201: [markdown] Broken rendering of @ mentions, # issue and ~ note links (atrol)
1 issue View Issues
Released 2018-04-01
Feature release
0024056: [custom fields] Custom Fields of type "Textarea" cannot contain more than 255 chars due to bug_history table (atrol)
0024128: [administration] Unable to start system check or installation with wrong PHP version (atrol)
0010853: [filters] In View Issues list, several columns are sorted by Id instead of display value (cproensa)
0021404: [filters] System Error on changing filters (dregad)
0023998: [code cleanup] Implement IssueAddCommand and use it from SOAP, REST and Web UI (vboctor)
0016070: [email] Delay due to Mantis trying sending emails to non existent address (vboctor)
0023498: [filters] Filtering "note by" with "none" does not return any result (cproensa)
0007264: [filters] Not able to filter issues that have no relationship assigned (cproensa)
0008167: [filters] Filter settings saved when using Anonymous account (cproensa)
0008204: [filters] Filters not remembered when clicking through from "My View" (cproensa)
0022785: [api rest] Support adding attachments when reporting issues (vboctor)
0023214: [performance] Remove usage of outdated phputf8 library (atrol)
0023999: [code cleanup] Implement IssueDeleteCommand and use it from SOAP, REST, and Web UI (vboctor)
0024000: [api rest] Add Issue REST API doesn't trigger EVENT_REPORT_BUG_DATA plugin event (vboctor)
0024001: [api soap] Add Issue SOAP API doesn't trigger EVENT_REPORT_BUG_DATA plugin event (vboctor)
0024002: [api rest] Add Issue REST API doesn't trigger issue_create_validate custom function (vboctor)
0024003: [api soap] Add Issue SOAP API doesn't trigger issue_create_validate custom function (vboctor)
0024004: [api rest] Add Issue REST API doesn't trigger issue_create_notify custom function (vboctor)
0024005: [api soap] Add Issue SOAP API doesn't trigger issue_create_notify custom function (vboctor)
0024006: [api rest] Add Issue REST API doesn't trigger EVENT_REPORT_BUG plugin event (vboctor)
0024007: [api soap] Add Issue SOAP API doesn't trigger EVENT_REPORT_BUG plugin event (vboctor)
0024008: [api rest] Add Issue REST API doesn't add the issue to recent list (vboctor)
0024009: [api soap] Add Issue SOAP API doesn't add the issue to recent list (vboctor)
0013177: [filters] On ‘View Issues’ Page the filter does not allow user to select ‘blank’ ('No Category') Category (cproensa)
0021865: [filters] Filter out duplicated issues (cproensa)
0021867: [filters] Filter filed "relationships" resets its value when "duplicate of" is selected (cproensa)
0023476: [bugtracker] Can't login if admin directory has restricted access (atrol)
0023499: [filters] Filtering with "note by" shows results from private notes for unprivileged users (cproensa)
0023500: [filters] Search filter returns matches in private notes for unprivileged users (cproensa)
0023501: [filters] Filter "monitored by" does not have option for "none" (cproensa)
0023502: [filters] Filter "assigned to" does not account for configuration "view_handler_threshold" (cproensa)
0023504: [filters] Filter "monitored by" does not account for configuration "show_monitor_list_threshold" (cproensa)
0023506: [filters] Filter tags inconsitent with OR filter operator (cproensa)
0023538: [filters] Filter field for relationship bug id is set to -1 by default (cproensa)
0023549: [db mysql] Entering Emojis in comments with a user mention crashes with an error (atrol)
0024042: [filters] filter on relationships mistuned by switching sort order (cproensa)
0024089: [authentication] POST request to login_password_page.php return 405 when admin folder is deleted or access restricted (atrol)
0024140: [filters] Application error 401: "ORDER BY clause is not in SELECT list" when sorting by category or project (cproensa)
0022376: [documentation] Wrong documentation of string customization (atrol)
0023161: [timeline] Show File Attachment events in Timeline (dregad)
0024158: [bugtracker] Support providing a default value for issue description (vboctor)
0024159: [documentation] $g_default_bug_steps_to_reproduce not documented (vboctor)
0024160: [documentation] $g_default_bug_additional_info not documented (vboctor)
43 issues View Issues
Released 2018-04-01
Maintenance release for 2.12.x
0024077: [timeline] Hyperlink usernames in timeline to user page (vboctor)
0024090: [ui] Username (Realnames) format not showing on timeline (my_view_page) (vboctor)
0024186: [security] CVE-2018-1000162: XSS vulnerability in Parsedown library (dregad)
       0024297: [security] Update Parsedown library to 1.7.1 (dregad)
0024167: [bugtracker] History entries display realname instead of username (atrol)
0024097: [ui] Account page required change password on any field modification (atrol)
0024161: [timeline] Wrong color of username in timeline (atrol)
7 issues View Issues
Released 2018-03-04
Feature release
0023375: [mentions] It is hard to @ mention users when show realnames is enabled (vboctor)
0010493: [code cleanup] Non-existent duplicate_realname column is updated by various functions in user_api.php (vboctor)
0022509: [mentions] users with dashes in their name will not work when @mentioned (example @r-frank) (community)
0023960: [plug-ins] EVENT_AUTH_USER_FLAGS should always be passed username rather than name (vboctor)
0023961: [timeline] Identify Timeline tags operations with a specific icon (dregad)
0023966: [code cleanup] Option session_handler not implemented (atrol)
0023969: [performance] Minor performance and code enhancements of config functions (atrol)
0024020: [localization] Update supported languages (siebrand)
0024043: [ldap] $g_ldap_realname_field generates WARNING: field 'givenName' does not exist. (community)
9 issues View Issues
Released 2018-02-11
Maintenance release for 2.11.x series.
0023954: [api rest] REST API doesn't work from UI for some users (vboctor)
0023955: [administration] Warning message on login page (atrol)
2 issues View Issues
Released 2018-02-07
Feature release
0023837: [code cleanup] Implement UserCreateCommand to create users (vboctor)
0023925: [security] Site path leakage in error handler (vboctor)
0023706: [administration] trigger_error() with errors must terminate scripts rather than being config based (vboctor)
0023754: [code cleanup] Remove unused function print_bracket_link and code cleanup (atrol)
0023758: [ui] Allow users to select font family that fits them best (syncguru)
0023876: [installation] Running admin/check fails (dregad)
0023900: [administration] Unable to update user access level, due to check on 'Realname' returning KO (APPLICATION ERROR #807) (vboctor)
0023776: [attachments] Support adding attachments that were not uploaded via the browser (vboctor)
0023899: [api rest] Relationship type was localized in GET issue API (vboctor)
0023714: [api rest] Failing REST API requests should include Mantis error code and localized message (vboctor)
0023762: [api rest] Support adding users to monitor an issue via REST API (vboctor)
0023772: [api rest] Support attachments when adding notes via REST API (vboctor)
0023773: [api rest] Support time tracking when adding notes via REST API (vboctor)
0023780: [api rest] Return status code 429 when hitting spam check limits (vboctor)
0023784: [api rest] REST and SOAP API send two email notifications for mentioned users (vboctor)
0023785: [api rest] Adding notes via SOAP and REST API with time tracking uses incorrect access check (vboctor)
0023786: [code cleanup] Implement IssueNoteDeleteCommand for deleting notes (vboctor)
0023787: [administration] Protected admin users can't be unprotected (atrol)
0023830: [security] Update PHPMailer to 5.2.26 (dregad)
0011327: [reports] "Developer By Resolution" is the only box in the Summary page not ordered (at least it doesn't seem to be any logic behind it) (dregad)
0012978: [code cleanup] Summary - Time Stats For Resolved Issues (days) (dregad)
0022792: [api rest] Support downloading issue attachments (vboctor)
0023627: [feature] Summary page enhancement with bugs ratio support (dregad)
0023774: [code cleanup] Implement IssueNoteAddCommand to share code for adding notes (vboctor)
0023796: [reports] Filter links for resolved/closed custom statuses in Summary By Status report are incorrect (dregad)
0023828: [api rest] Support adding attachments to existing issues via REST API (vboctor)
0023838: [api rest] Create user via REST API (vboctor)
0023839: [code cleanup] Implement UserDeleteCommand for deleting users (vboctor)
0023840: [api rest] Delete user via REST API (vboctor)
0023854: [reports] Summary: always show the "By Project" box (dregad)
0023855: [code cleanup] Implement TagAttachCommand for attaching tags (vboctor)
0023856: [code cleanup] Implement TagDetachCommand to detach tags (vboctor)
0023857: [api rest] Add REST API to attach a tag (vboctor)
0023858: [api rest] Add REST API to detach a tag (vboctor)
0023863: [reports] Summary: Reporter and Developer by Resolution miss a Total column (dregad)
0023865: [code cleanup] Implement IssueRelationshipAddCommand to add relationships (vboctor)
0023866: [api rest] Support adding relationships via REST API (vboctor)
0023867: [code cleanup] Implement IssueRelationshipDeleteCommand (vboctor)
0023868: [api rest] Support deleting issue relationships via REST API (vboctor)
0023898: [api rest] Some relationships are not formatted correctly in GET issue rest API (vboctor)
0023775: [attachments] Remove obsolete code that checks if PHP file info API is defined (vboctor)
0023926: [ui] Footer displayed under sidebar on error page when $g_show_detailed_errors = ON (dregad)
0023930: [installation] Make Fileinfo a mandatory PHP extension (atrol)
0023944: [bugtracker] The stack trace on detailed error page should not include the error handler itself (dregad)
0023942: [bugtracker] Remove deprecated "errcontext" parameter from standard error handler (dregad)
0023943: [bugtracker] Improve detailed error page layout (dregad)
46 issues View Issues
Released 2018-02-07
Bug fix and security release for 2.10.x series.
0023746: [api soap] unable to create a bug with customfields via SOAP (vboctor)
0023765: [api rest] Wrong constructor name in class FilterConverter (atrol)
0023924: [relationships] Resolving as duplicate does not add reporter and handler to monitoring list of duplicate issue (atrol)
0023906: [security] CVE-2018-6403: XSS in adm_config_report.php 'value' parameter (dregad)
4 issues View Issues
Released 2018-02-07
Security release for 1.3.x series.
0023918: [security] CVE-2018-6403: XSS in adm_config_report.php 'value' parameter (dregad)
1 issue View Issues
Released 2017-12-30
Feature release
0022789: [api rest] Support retrieving user defined filters (vboctor)
0023710: [code cleanup] Remove usage of deprecated function __autoload (vboctor)
0009007: [time tracking] Billing summary does not include sub-projects (community)
0022790: [api rest] Support standard filters defined by the system when retrieving issues (vboctor)
0023679: [administration] Limit change of impersonation threshold to global config (atrol)
0023690: [api rest] Support deleting filters (vboctor)
0023722: [time tracking] Don't print time tracking buttons and export links (community)
0023723: [time tracking] Support configurable default billing rate (community)
0023724: [time tracking] Removed useless collapse icon with duplicated title in billing report (community)
0023742: [html] Broken url for MantisBT logo in admin section (community)
0023753: [ui] UI of Update Produkt Build page broken (atrol)
11 issues View Issues
Released 2017-12-30
Bug fix release for 2.9.x series
0022093: [administration] Reporter can´t change status of a bug (vboctor)
0021393: [administration] When disable "Update an issue", then "Assign to" become access deined. (vboctor)
0023719: [administration] The reporter can not solve or close the issue (vboctor)
0023721: [bugtracker] PHP error in change status page when user doesn't have access to private notes (vboctor)
4 issues View Issues
Released 2017-12-04
Feature release
0023640: [code cleanup] Usage of deprecated each() function (atrol)
0023639: [code cleanup] Unneeded code for non supported old PHP versions (atrol)
0023654: [api rest] Don't validate handler when updating issues without updating handler (vboctor)
0023658: [plug-ins] UI for protected plugins broken (atrol)
0023577: [api rest] REST APIs don't enforce required custom fields when reporting issues (vboctor)
0023578: [documentation] Document need for consistency between "normal" and "datepicker" date formats (dregad)
0012602: [custom fields] Default value for a date don't work (vboctor)
0019482: [custom fields] Using custom fields (date) with default value and required on resolve displays an error (vboctor)
0023466: [db mysql] database is not supported by PHP. Check that it has been compiled into your server. (atrol)
0023572: [code cleanup] Unneeded code for unsupported database types (atrol)
0023573: [code cleanup] Unneeded code for option meta_include_file (atrol)
0023575: [api rest] Category lookup is case sensitive (vboctor)
0023579: [api rest] Internal Server Error 500 when category doesn't exist (vboctor)
0023594: [custom fields] Reporting an issue with default date {now} that is not visible doesn't work (vboctor)
0023616: [api rest] Support exporting issue history (vboctor)
0023620: [api rest] PHP error on getting issues when user doesn't have access (vboctor)
0023625: [code cleanup] Function require_lib contains code to search in vendor folder (atrol)
0023626: [performance] Unneeded code executed when retrieving global settings (atrol)
0023630: [administration] Some check boxes on Manage Configuration > Workflow Threshold page are not centered (community)
0023645: [other] No preview of ANSI encoded text files that contain German Umlauts (atrol)
0023648: [api rest] Leverage ETag headers when getting issues (vboctor)
0023650: [api rest] Leverage If-Match when deleting issues (vboctor)
0023653: [api rest] Leverage If-Match when updating issues (vboctor)
0023657: [api soap] mc_issue_update returns bug is read only on status update (atrol)
0023576: [api rest] Issues created via REST API with date custom fields fail (vboctor)
0023692: [authentication] Token API does not work with config show show_realname (dregad)
26 issues View Issues
Released 2017-12-04
Bug fix and security release for 2.8.x series.
0023599: [bugtracker] Access denied when updating bugs (atrol)
1 issue View Issues
Released 2017-12-04
Security release for 1.3.x series.
0023561: [api soap] mc_project_get_issues_for_user() is retrieving issues in the authorization context of target user (vboctor)
1 issue View Issues
Released 2017-10-29
Feature release including fixes and new features including REST API issue updates and DKIM support for email signing. This release is the first to have REST API enabled by default.
0023474: [custom fields] Empty numeric fields should be display as empty rather than 0 (community)
0023555: [ui] Bugnote text area not styled correctly when private by default (vboctor)
0023560: [bugtracker] Notes added via change status / edit always market private when private by default (vboctor)
0023396: [api rest] REST API Issue update support (vboctor)
0023446: [performance] Unneeded files delivered if Mantis Graphs plugin is enabled (atrol)
0023451: [performance] Unneeded code delivered to support unsupported IE9 (atrol)
0023460: [ui] Useless UI element on manage_proj_page (atrol)
0023475: [custom fields] Empty float fields should be displayed as empty rather than 0 (community)
0023477: [api soap] Updating issues via APIs should trigger email notifications (vboctor)
0023483: [bugtracker] Auto-refresh shouldn't update last visited (atrol)
0023488: [code cleanup] Usage of deprecated constant (atrol)
0023494: [html] Wrong class name for tags output (atrol)
0023517: [administration] Remove unused config option inline_file_exts (community)
0013126: [plug-ins] Add plugin event EVENT_BUG_ACTIONGROUP_FORM (cproensa)
0016133: [custom fields] Numeric field accepts floats and displays them as numeric (vboctor)
0021225: [bugtracker] resolving parent issues inconsistency (community)
0022441: [bugtracker] Notes are not in the correct order after cloning an issue (cproensa)
0022842: [code cleanup] Remove php_version_at_least() function from PHP API (dregad)
0023493: [email] DomainKeys Identified Mail (DKIM) Signatures (community)
0023503: [bugtracker] Handler user is visible even if view_handler_threshold is configured to not allow (cproensa)
0023516: [api rest] Enable REST API by default (vboctor)
0023518: [bugtracker] "show_assigned_names" configuration is not applied correctly in view_all_bug_page (cproensa)
0023528: [filters] Filter "advanced" mode is reset after sorting through column headers (cproensa)
0023537: [api rest] Facilitate troubleshooting REST API by displaying detailed errors (dregad)
0023543: [email] Update PHPMailer to v5.2.25 (vboctor)
0023542: [code cleanup] Force composer to honor PHP compatibility advertised for MantisBT (vboctor)
26 issues View Issues
Released 2017-10-28
Maintenance release for 2.7 series.
0023507: [authentication] Users can't change their password when it is blank (dregad)
0023512: [html] Custom field type checkbox with required status, force to check all checkboxes to proceed (atrol)
0023544: [installation] Unattended upgrade is broken after moving to Composer (vboctor)
3 issues View Issues
Released 2017-10-08
A feature release that includes both functional and performance improvements.
0009120: [custom fields] Numeric Custom fields on View All don't sort correctly (atrol)
0023324: [performance] Generated css, js code should be cached by browser (cproensa)
0023323: [reports] Wrong filter links on summary page (atrol)
0023378: [installation] Installation fails when using old but still allowed PHP version 5.3 (atrol)
0022310: [html] Use HTML5 "required" attribute for required form fields (community)
0023381: [code cleanup] Unneeded code for unsupported PHP versions (atrol)
0023420: [relationships] Resolving as duplicate adds reporter and handler to monitoring list (atrol)
0023225: [authentication] Token API does not work with config show show_realname (dregad)
0022872: [ui] Make some buttons visible only when hovering on relevant container (cproensa)
0023251: [timeline] Timeline in view user page resets the user id after dates navigation (cproensa)
0021654: [code cleanup] Deprecate access_has_any_project() (cproensa)
0022870: [ui] buttons without separation (cproensa)
0022871: [ui] print_form_button() does not render inline buttons (cproensa)
0023216: [tagging] Make tag view threshold work at project level (cproensa)
0023242: [code cleanup] Function project_get_local_user_access_level() is redundant (cproensa)
0023248: [ui] Project selection dropdown focus on current selection (cproensa)
0023267: [ui] Misplaced "Reset Prefs" button in user prefs with narrow screen (dregad)
0023301: [api rest] Request an issue in the REST API fail without warning if an enumeration is missing. (community)
0023310: [performance] Unused CSS delivered (atrol)
0023331: [code cleanup] New user_get_username() API function (dregad)
0022182: [ui] Burger menu is sometimes visible without functionality (cproensa)
0022492: [ui] Regression: Resolved/Closed issues are not shown with a line-through (strike-through) (community)
0023264: [api rest] Custom fields not been saved when adding issue through the Rest API (community)
0023268: [db oracle] Error filtering custom fields of type date (cproensa)
0023311: [filters] "View issues" on changelog page does not show closed issues (atrol)
0023367: [plug-ins] Add no-op upgrade step in plugin_upgrade() (dregad)
0023382: [customization] Login logo image not configurable by css (cproensa)
0023393: [administration] Provide some basic operating environment information on manage_overview_page (atrol)
0023395: [db oracle] Performance issue reading config table with oracle database (cproensa)
0023411: [performance] Unneeded string copies in general text processing (atrol)
0023425: [reports] PHP errors and warnings when running Issue Trend report (atrol)
0021913: [tagging] Unprivileged user can see related tags from private issues (cproensa)
0022053: [plug-ins] Implement logging functionality for plugins (cproensa)
0022245: [ui] Collapsed menu entry no clickable in complete visible area (atrol)
0023241: [filters] Error when changing sort order in filters, due date field only (cproensa)
0023243: [ui] Narrow space between checkbox/radio button and label (dregad)
0023249: [feature] When logging the caller function, also print the class name if it's a class method (cproensa)
0023377: [other] Textarea custom field entry missing from email (atrol)
0023436: [filters] Editing a stored filter can't update projects property (cproensa)
0023443: [custom fields] Fixes related to custom fields on filters, columns and visibility (cproensa)
       0005713: [custom fields] Custom fields of subprojects are shown in filter for "All projects" but not in parent project. (cproensa)
       0006872: [custom fields] Sort of custom fields does not use data type (cproensa)
       0016358: [filters] Custom field filter does not recusrively read all items from sub-projects (cproensa)
       0016359: [filters] Custom field filters does not take user access rights into account (cproensa)
       0019385: [filters] Filtering custom field show bugs from projects where this custom field has been removed (cproensa)
       0023223: [filters] Custom fields filter does not account for read access at project level (cproensa)
       0023232: [filters] Custom field is showed in filter when the user has not view access (cproensa)
       0023233: [custom fields] Issues returned by filter has linked custom fields that are not available as columns (cproensa)
       0023260: [custom fields] Custom fields of type date are not sorted correctly (cproensa)
       0023265: [custom fields] Filter selection for numeric custom fields aren't sorted correctly on distinct values list (cproensa)
       0023266: [custom fields] Filter selection for numeric custom fields show values not coherent with custom field type (cproensa)
51 issues View Issues
Released 2017-09-03
A feature release that includes both functional and performance improvements.
0023202: [ui] Questionable order and functionality of top buttons on "View Issue" page (atrol)
0022984: [ui] Calendar doesn't show the correct date the first time it opens (dregad)
0022730: [ui] 'Manage Configuration' tab usually does not highlight (dregad)
0022813: [customization] Field is appearing in email notification but not used in UI. (joel)
0022967: [ui] Questionable display of "Access Denied" on view_user_page (atrol)
0022981: [ui] Display of hardcoded string on view_user_page if e-mail address is empty (atrol)
0022987: [code cleanup] Replace hardcoded language strings by translatable ones (dregad)
0023061: [ui] print_manage_menu() does not highlight active plugin pages (dregad)
0023116: [html] Due date field not displayed correctly when editing ticket (community)
0023141: [html] Unused CSS delivered (atrol)
0012313: [attachments] Can't open image attachments in browser windows (dregad)
0022913: [email] Update disposable-email-checker to v3.0.1 using Composer (vboctor)
0022939: [code cleanup] Use Parsedown library v1.6.2 via Composer (vboctor)
0022940: [code cleanup] Update PHPMailer from 5.2.22 to 5.2.24 and use Composer (dregad)
0023087: [filters] Removing "Report an issue" permission removes user from Monitoring filter dropdown (atrol)
0023150: [html] Unused code and unused CSS delivered for obsoleted functionality (atrol)
0023159: [ui] Graph display is too faint and blurred (atrol)
0021807: [ui] The required fields are not explicitly visible when updating, resolving or closing an issue (community)
0023143: [api rest] Support adding notes via REST API (vboctor)
0022158: [time tracking] Time tracking report excludes issues with no category assigned (cproensa)
0022919: [time tracking] Time Tracking "auto count" is giving the wrong elapsed time (dregad)
0023112: [custom fields] Custom fields badly filtered when multi-projects (cproensa)
0023131: [api rest] /api/rest/projects doesn't return child projects (vboctor)
0023139: [api rest] Notes returned by /issues REST API have incorrect timestamps (vboctor)
0023144: [api rest] Support issue id as part of the path for REST API (vboctor)
0023145: [api rest] Support deleting notes via REST API (vboctor)
0023184: [bugtracker] AJAX calls with invalid endpoints fail with syntax error (dregad)
0023187: [email] Update PHPMailer v5.2.23 to v5.2.24 (vboctor)
0023188: [bugtracker] Update GuzzleHttp from 6.2.3 to 6.3.0 (vboctor)
0023189: [markdown] Update Parsedown 1.6.2 to 1.6.3 (vboctor)
0023190: [code cleanup] Update PhpUnit from 4.8.35 to 4.8.36 (vboctor)
0023191: [time tracking] Unable to access time tracking reports (atrol)
0023204: [performance] Unused and inefficient code in function layout_print_sidebar (atrol)
0023227: [ui] When specifiying top_buttons display, the button on update screen has no styling. (atrol)
0023237: [performance] Project cache is not efficient with navbar project selection. (cproensa)
0012444: [bugtracker] bug_actiongroup_page, on copy, & move, poject combo lists projects wich the user has no rights (cproensa)
0021695: [ui] "notify user" check should be moved outside the form (cproensa)
0022291: [time tracking] Issue history box is narrower than other boxes above it on View Issue page (cproensa)
0022469: [time tracking] Enabling Time Tracking distorts View Issue Details page layout. (cproensa)
39 issues View Issues
Released 2017-09-03
Security fixes release for 2.5.x series.
0023146: [security] CVE-2017-12061: XSS in /admin/install.php script (dregad)
0023166: [security] CVE-2017-12062: XSS in manage_user_page.php (atrol)
0023179: [security] Login page no longer warns about 'admin' directory being present (dregad)
0023181: [administration] Checks on login page are never executed if "admin" dir does not exist (dregad)
0023185: [security] Improve doc and notifications when admin dir is present (CVE-2017-12419) (dregad)
5 issues View Issues
Released 2017-09-03
Security fixes release for 1.3.x series.
0023175: [security] CVE-2017-12061: XSS in /admin/install.php script (dregad)
0023186: [security] Improve doc and notifications when admin dir is present (CVE-2017-12419) (dregad)
2 issues View Issues
Released 2017-06-17
Maintenance release that fixes installation failure.
0022985: [installation] Initial installation does not continue after clicking install (dregad)
1 issue View Issues
Released 2017-06-04
Feature release with main focus on REST API improvements, some of the fixes also applies to the SOAP API.
0022850: [ui] Installation page layout and style issues (dregad)
0022765: [api rest] Implement a test framework for REST API (vboctor)
0022766: [api rest] Enum name should reflect non-localized enum name and label for localized name (vboctor)
0022767: [api rest] Include status color in status enum value for issues (vboctor)
0022768: [api rest] Support retrieving issues based on filter or a project (vboctor)
0022769: [api rest] Note type should be note instead of timelog if time tracking is not accessible to user (vboctor)
0022770: [api rest] Change version from string to an object (vboctor)
0022771: [api rest] Due date access check should be based on project access level rather than global one (vboctor)
0022772: [api rest] Don't return eta info if feature is disabled (vboctor)
0022773: [api rest] Don't return projection info if feature is disabled (vboctor)
0022774: [api rest] Some access denied errors don't show user info correctly (vboctor)
0022775: [api rest] Rename date_submitted to created_at and last_updated to updated_at (vboctor)
0022776: [api rest] Sticky flag should be a boolean rather than a string (vboctor)
0022777: [api rest] Don't return sponsorship_total (vboctor)
0022778: [api rest] Don't allow setting version to an undefined version (vboctor)
0022779: [api rest] Don't return profile information if feature disabled (vboctor)
0022780: [api rest] Don't return platform, os, and os_build if disabled (vboctor)
0022782: [api rest] Don't return target_version if user doesn't have access to view roadmap (vboctor)
0022783: [api rest] Return 400 instead of server side error if summary, description or project fields are missing (vboctor)
0022788: [api rest] Support retrieving projects accessible to users (vboctor)
0022808: [api rest] Use GuzzleHttp for http requests (vboctor)
0021871: [performance] Improve db_fetch_array performance (cproensa)
0021994: [attachments] issue with attachments cannot be moved between projects with different upload directories (uploads saved in file system) (dregad)
0022809: [api rest] Upgrade Slim Framework from 3.7.0 to latest (3.8.1) (vboctor)
0022851: [installation] Installer should display sample table names based on table prefix/suffix settings (dregad)
0022852: [localization] [de] Incorrect label in German "Change status" form (atrol)
0022865: [code cleanup] Login page displays a PHP system notice when using BASIC_AUTH (dregad)
0022864: [code cleanup] phpdoc for 'print_link_button' has incorrect order of parameters (cproensa)
0022868: [other] PHP variable misspelt in html_api.php (dregad)
0022904: [db mssql] database_api: db_insert_id returns string not int (mssql) (dregad)
0022905: [code cleanup] The URL of the return button in breadcrumbs div has a trailing '?' (dregad)
0022925: [time tracking] Time Tracking - issue (atrol)
0022928: [administration] $g_anonymous_account is case sensitive, preventing normal users from logging in (vboctor)
0022933: [timeline] Confusing entry in timeline when removing other users from monitoring list (atrol)
34 issues View Issues
Released 2017-06-04
0022923: [authentication] Logout page on authentication plugins never gets called (community)
0022926: [custom fields] Custom Fields - Date: Field does not show date (view.php), shows other text (vboctor)
0022937: [custom fields] Custom fields of type Email are not properly displayed (vboctor)
0022950: [custom fields] Custom Fields of Type Text showing Link (Url) as Text only (vboctor)
4 issues View Issues
Released 2017-05-20
MantisBT maintenance release for 2.4.x.
0022428: [markdown] CSV and Excel exports with markdown on (vboctor)
0022906: [security] CVE-2017-7620: Open redirection vulnerability in /login_page.php (dregad)
0022909: [security] CVE-2017-7620: CSRF - Arbitrary Permalink Injection (dregad)
0022867: [markdown] Markdown formatting is broken for notes column on View Issues page (vboctor)
4 issues View Issues
Released 2017-05-20
MantisBT maintenance release for 2.3.x
0022907: [security] CVE-2017-7620: Open redirection vulnerability in /login_page.php (dregad)
0022908: [security] CVE-2017-7620: CSRF - Arbitrary Permalink Injection (dregad)
2 issues View Issues
Released 2017-05-20
MantisBT maintenance and security release for 1.3.x.
0020168: [db schema] Use of 'mantis' as plugin table prefix prevents plugin's installation (dregad)
0022702: [security] CVE-2017-7620: CSRF - Arbitrary Permalink Injection (dregad)
0022816: [security] CVE-2017-7620: Open redirection vulnerability in /login_page.php (dregad)
3 issues View Issues
Released 2017-04-30
0022452: [ui] Create new project button (community)
0021558: [ui] log destination for page produces messed output (syncguru)
0022665: [documentation] Wrong documentation of option bug_resolution_fixed_threshold (atrol)
0022689: [bugtracker] HTTP_X_FORWARDED_PROTO is not honored when loading Gravatar (vboctor)
0022744: [signup] Signup is not working on mantisbt.org/bugs (vboctor)
0022740: [performance] Allowed memory size of 268435456 bytes exhausted (vboctor)
0004235: [authentication] Support Generic Authentication through Plug-ins (vboctor)
0022140: [administration] Getting error dialog when reporting issues and file upload is disabled (cproensa)
0022635: [time tracking] Empty notes with time tracking show as empty notes for users that can't view time tracking (vboctor)
0022673: [attachments] Dropzone uploads files when submitting other forms (cproensa)
0022762: [api rest] Bug in error handling when user doesn't have access level to handle issue (vboctor)
11 issues View Issues
Released 2017-04-29
0022742: [security] CVE-2017-7897: XSS in timeline_inc.php (affects my_view_page.php and view_user_page.php) (dregad)
0022743: [timeline] Timeline "More Events" button also acts as "Next" button (dregad)
0022746: [authentication] Lost password redirects to login page if email address is empty and anonymous access is disabled (vboctor)
3 issues View Issues
Released 2017-04-16
Security and maintenance release
0022700: [localization] Due Date in bug_change_status_page.php (cproensa)
0022653: [filters] Regression: Filter by date broken (cproensa)
0022739: [security] CVE-2017-7615: Account verification page allows resetting any user's password (dregad)
3 issues View Issues
Released 2017-04-16
Security release
0022738: [security] CVE-2017-7615: Account verification page allows resetting any user's password (dregad)
1 issue View Issues
Released 2017-04-16
Security release
0022690: [security] CVE-2017-7615: Account verification page allows resetting any user's password (dregad)
1 issue View Issues
Released 2017-03-31
Feature release including security fixes and our brand new experimental REST API. The REST API can be extended by plugins and power web UI ajax features. In this release the REST API is disabled by default (expect for calls from within the web UI using cookie authentication) – see #22598 for more details.
0022585: [timeline] Show timeline for specific user (cproensa)
0022507: [ui] On Edit Filter page, 'Filter name' input field is too narrow (dregad)
0022445: [ui] Manage users page does not show filters '0'-'9' as selected (atrol)
0022474: [administration] "Obsolete configuration" warnings when running admin checks (atrol)
0022499: [documentation] Document reuse of language strings (dregad)
0022501: [ui] Enhance layout of "View Issue Details" page (atrol)
0022505: [ui] Enhance layout of "Updating Issue Information" (atrol)
0022506: [attachments] Error updating project document (atrol)
0022423: [html] ID attribute for bugnote_text (community)
0022541: [localization] Enhance wording in manage_config_email_page.php and manage_config_work_threshold_page.php pages (atrol)
0022548: [ui] Remove unnecessary 'center' class from textarea in bugnote edit page (community)
0022571: [html] Add ID attribute for bugnote_text textarea (community)
0022572: [documentation] Wrong default value in documentation of "g_show_version" (atrol)
0021552: [ui] My account preferences: move project list outside the form (cproensa)
0022543: [ui] Open images in the browser rather than download them (vboctor)
0022582: [relationships] Relationships box layout is not right for reporters (vboctor)
0022583: [attachments] Open PDFs in the browser rather than downloading them (vboctor)
0022473: [plug-ins] Avatars should respect image aspect ratio (community)
0022590: [ui] Broken javascript and missing footer in My View Page (cproensa)
0022593: [plug-ins] Broken Snippet plugin (vboctor)
0022598: [api rest] REST API Framework (vboctor)
       0022599: [code cleanup] Use composer to pull in dependencies (vboctor)
       0022600: [api rest] Enable plugins to publish their own REST APIs (vboctor)
       0022601: [api rest] Support using REST API from Web UI Javascript (vboctor)
       0022602: [api rest] Provide a sandbox for interacting with REST API using Swagger UI (vboctor)
0022617: [code cleanup] Unneeded CSS file calendar-blue.css (atrol)
26 issues View Issues
Released 2017-03-31
Security fixes and maintenance release
0022392: [filters] Sorting all bugs list using a column header after applying a filter resets the filter (cproensa)
0022496: [filters] Permalink does not work with "Note By" (cproensa)
0022566: [filters] Filter error due to "view status" having an array value (cproensa)
0022555: [filters] Regression in custom field sorting (cproensa)
0022613: [security] CVE-2017-7309: XSS in adm_config_report.php (dregad)
0022615: [security] CVE-2017-7241: XSS in move_attachments_page.php (dregad)
0022333: [markdown] Markdown starts heading in the middle of a line (joel)
0022545: [markdown] Markdown still converting '& amp;' to & and '& lt;' to < (dregad)
8 issues View Issues
Released 2017-03-31
Security fixes release
0022063: [db mssql] Installation on MSSQL fails at step 209 (dregad)
0022568: [security] CVE-2017-7241: XSS in move_attachments_page.php (dregad)
0022579: [security] CVE-2017-7309: XSS in adm_config_report.php (dregad)
0022208: [db mssql] File upload to MS-SQL not working (dregad)
4 issues View Issues
Released 2017-03-30
Security release
0022612: [security] CVE-2017-7309: XSS in adm_config_report.php (dregad)
0022614: [security] CVE-2017-7241: XSS in move_attachments_page.php (dregad)
2 issues View Issues
Released 2017-03-21
Maintenance and Security release for 2.2 series
0022562: [security] CVE-2017-6973: XSS in adm_config_report.php (dregad)
1 issue View Issues
Released 2017-03-21
Maintenance and Security release for 2.1 series
0022564: [security] CVE-2017-6799: XSS in view_filters_page.php (dregad)
0022565: [security] CVE-2017-6973: XSS in adm_config_report.php (dregad)
0022563: [security] CVE-2017-6797: XSS in bug_change_status_page.php (dregad)
3 issues View Issues
Released 2017-03-21
Maintenance and Security release for 1.3 series
0022537: [security] CVE-2017-6973: XSS in adm_config_report.php (dregad)
0022468: [other] Resolution changes in some cases when closing issues (atrol)
2 issues View Issues
Released 2017-03-11
Maintenance release for 2.2 series including security fixes.
0022497: [security] CVE-2017-6799: XSS in view_filters_page.php (dregad)
0022561: [security] CVE-2017-6797: XSS in bug_change_status_page.php (dregad)
0022246: [markdown] Markdown is converting '&' signs to (ampersand[amp;]) inside code block or backtick as well (joel)
0022442: [printing] System error when opening Print reports (dregad)
0022479: [administration] Can't edit a project's name changing only accents a on MySQL (dregad)
0022510: [installation] Attempting to connect to database as admin BAD despite valid userid and password (dregad)
6 issues View Issues
Released 2017-02-26
A feature release that includes all fixes from 2.1.1 release listed above, some setup fixes, status colors visibility improvements, shed some unnecessary js/css and multiple improvements for relationships feature.
0022256: [javascript] Unbundle JS libraris from Ace theme files (syncguru)
0022401: [installation] Installer displays horizontal blue line under "Checking installation" section header (dregad)
0022361: [relationships] Trigger notifications on related issues when an issue is deleted (vboctor)
0022400: [installation] Installer does not show "GOOD" status for DB connections (dregad)
0021796: [ui] inline attachments should be directly visible (dregad)
0021724: [ui] Improve visibility of status colors (syncguru)
0008313: [relationships] More work needs to move to Relationship APIs (vboctor)
0016933: [relationships] Deleting relationship should set target bug's last updated (vboctor)
0021619: [code cleanup] Use constants instead of hardcoded values for filter view types (dregad)
0021881: [javascript] Remove jquery-ui is not longer used in Modern UI (syncguru)
0021897: [ui] Unaligned color coding of status (syncguru)
0022273: [javascript] Enable CDN support for dropzone.js (syncguru)
0022296: [code cleanup] Options in $g_public_config_names are not sorted (atrol)
0022316: [code cleanup] Duplicate code to display the filter view type toggle menu item (dregad)
0022360: [relationships] relationship_add() doesn't return bug relationship information (vboctor)
0022362: [relationships] Use bin icon instead of 'delete' button to delete relationships (vboctor)
0022363: [relationships] Setting a duplicate id should update relationship with target issue if already exists (vboctor)
17 issues View Issues
Released 2017-02-26
A maintenance release for 2.1.x series
0022302: [filters] Permalink does not work with tags (cproensa)
0022266: [security] CVE-2017-7222: Sanitize window title (vboctor)
0022288: [bugtracker] Due date current value doesn't show in change status form (syncguru)
0022326: [time tracking] g_time_tracking_without_note has no effect (vboctor)
0022347: [filters] Filter allows to sort on non sortable fields (cproensa)
0022359: [ui] Enhance filter box UI (syncguru)
0022369: [filters] Recently Modified box on View Issues page does not display closed issues (cproensa)
7 issues View Issues
Released 2017-02-01
Maintenance release for 2.0.x series.
0022107: [plug-ins] EVENT_MENU_MAIN does not support relative paths (dregad)
0022114: [tools] Travis builds should reflect supported PHP versions (dregad)
0022157: [installation] Incorrect Error Message on MSSQL installation (atrol)
0022168: [webpage] HTTPS for powered by-link (atrol)
0022230: [news] PHP system notice on News page (vboctor)
5 issues View Issues
Released 2017-01-30
MantisBT 2.1.0 feature release
0005731: [feature] search function for projects (vboctor)
0021551: [administration] Manage Users pagination loses filter letter (community)
0021935: [filters] Filter api refactoring, manage stored filters (cproensa)
       0006823: [filters] Date filter should work with "last update", too (community)
       0021618: [code cleanup] Duplicate code to determine the default view type (cproensa)
       0006732: [administration] Sorting issue lists isn't stable (each sort scrambles previous sort) (cproensa)
       0008626: [filters] Filter forgets custom date filtering (cproensa)
       0017852: [filters] Tags is showing on its own row in filter box (cproensa)
       0021031: [filters] Rewrite the filter box form (cproensa)
       0021032: [filters] Setting $g_filter_custom_fields_per_row to other than default can cause empty cells in filter box (cproensa)
       0021592: [filters] Unknown column 'mantis_bug_table.tags' (cproensa)
       0021827: [filters] Displaying date filter values : month always displayed in text (english) (community)
       0003803: [filters] Provide a way to update a saved filter (cproensa)
       0006042: [filters] Switching to "Advanced Filters" hides "Hide Status" and ignores setting (cproensa)
       0006551: [customization] Manage custom filters (cproensa)
       0007708: [feature] Feature: multiple sorting of problem informations (cproensa)
       0011007: [filters] After setting $g_view_filters = ADVANCED_ONLY in config_inc.php can still end up in simple filter mode. (cproensa)
       0020493: [filters] Wrong hide_status value on column sorting (cproensa)
       0020624: [filters] Filter shown inconsistent after changing from advanced to simple (cproensa)
       0020882: [filters] Filter by date inputs are shown disabled (cproensa)
       0021029: [bugtracker] Trigering a DEPRECATED error from the page body fails (cproensa)
       0021044: [performance] my view page, $t_hide_status_default consitency (cproensa)
       0021811: [filters] Advanced filter shows icorrect fields (cproensa)
       0009213: [filters] manage filter (cproensa)
       0009301: [filters] Add support for updating a current filter (cproensa)
       0018045: [ui] Changed ordering of fields on View Issues page (cproensa)
       0019700: [filters] Filters table on the view_all_bug_page.php shows empty lines when $g_enable_profiles is set to OFF (cproensa)
       0021814: [filters] plugin filter fields dont work with dynamic input (cproensa)
0022209: [bugtracker] Adding a custom field to a project makes the filter for this project unusable (atrol)
0011604: [change log] Versions marked as obsolete appear on change log page (vboctor)
0022164: [markdown] Font for quoted string in markdown is too large (joel)
0022172: [markdown] Markdown not displaying single line breaks (joel)
0022113: [localization] translatewiki.net integration updates (dregad)
0022169: [attachments] File upload not working when $g_allowed_files is set (atrol)
0022171: [plug-ins] Redefine plugin version requirements (dregad)
0022175: [markdown] Markdown converting '<' within backticks to & lt; (joel)
0022179: [markdown] Markdown is eating apostrophe / single quote (joel)
0022204: [markdown] News headlines are parsed with markdown, though they should not be (vboctor)
0022205: [plug-ins] Specifying plugin authors as array triggers 'Array to string conversion' (dregad)
0022206: [plug-ins] Improve documentation for plugins (dregad)
0022221: [documentation] Documentation: update 'Database tables' section (dregad)
0022232: [email] Email verbose notifications should be OFF by default (vboctor)
0022237: [code cleanup] Remove references to 'register_globals' (dregad)
0022239: [ui] checkbox for personal setting "E-mail Full Issue Details" still using old style (dregad)
0017920: [markdown] Native markdown support (joel)
0022131: [timeline] Remove yellow background in timeline date range (dregad)
46 issues View Issues
Released 2016-12-30
0022059: [ui] Missing leading zeroes in due date display (dregad)
0021841: [installation] Minimum requirements for 2.x releases (dregad)
0020040: [security] Replace jscalendar by a newer widget (syncguru)
0021927: [administration] System utilities page for moving attachments should support move all attachments (joel)
0021925: [ui] Incorrect text for the remove file button in the file upload dropzone (dregad)
0021965: [documentation] Section 2.2.2.1 Admin Guide: Misaligned row in Table (dregad)
0022064: [javascript] datetime picker does not work if 'cdn_enabled' is ON (community)
0021962: [ui] Due Date calendar icon wraps below the field (syncguru)
8 issues View Issues
Released 2016-11-26
The second release candidate for 2.0.0 release. This release includes all the fixes in 1.3.4 release.
0021758: [administration] System utilities page for moving attachments not styled correctly in modern ui (joel)
0021840: [html] Add missing closing <div> in layout_api.php (syncguru)
0021854: [authentication] Re-authenticating when visiting manage page should re-use login page (vboctor)
0021861: [ui] Remove black bar from login page when it is empty (vboctor)
0021815: [code cleanup] print_button() has changed definition from v1.3 (cproensa)
5 issues View Issues
Released 2016-10-30
We are excited to share with you a milestone for the 2.0.0 release by releasing the first release candidate. We encourage users to try out and give us feedback. Since 2.0.0-rc.1 and 1.3.3 share the same database schema, it should be easy to try them out side by side. Download it now or check it out at https://www.mantishub.com
0021727: [attachments] Show attachments inline with notes (vboctor)
0021651: [security] Dropzone has inline scripts in View Issue page (syncguru)
0021806: [attachments] Attachment dropzone missing from notes when user doesn't have access to set view state (vboctor)
0021829: [email] Fix $g_mail_priority disabling and default to disabled (vboctor)
0021669: [security] Charts have inline scripts (syncguru)
0021715: [mobile] Menu and buttons missing for mid size browser window (syncguru)
0021722: [attachments] Issues with '+' button to view attachments inline (dregad)
0021736: [ui] Display real name in breadcrumb div (atrol)
0021743: [attachments] Attach files dropzone is not working (vboctor)
0021754: [mobile] Main navigation has no action / does not expand when clicked on (syncguru)
0021794: [mobile] Hide 'View Issues' buttons on small screens (syncguru)
0021805: [javascript] Javascript errors on login page (community)
12 issues View Issues
0020102: [ui] Support switching saved filters and free text search when filter box is collapsed (syncguru)
0021697: [ui] Clearer distinction between private and public notes (joel)
0021684: [ui] Account verify page layout broken (joel)
0021121: [ui] Project selection not usable with large number of projects (syncguru)
0021681: [ui] Breadcrumbs bar does not respect $g_show_realname (dregad)
0021603: [code cleanup] Publish full source code of ACE template (syncguru)
0021653: [reports] Graphs broken (vboctor)
0021682: [ui] "Operation successful" confirmation message partially hidden (dregad)
0021683: [ui] Standardize "operation successful" messages (dregad)
0021689: [code cleanup] Obsolete icon_path configuration (atrol)
0021710: [ui] Incorrect display on Bug report confirmation page (dregad)
0021704: [ui] Report Stay checkbox shows broken layout on action page (dregad)
0021721: [ui] Missing tooltips on issue id (dregad)
0021723: [bugtracker] Redirect to report page when creating a new issue with "report stay" checked (dregad)
0021726: [ui] Page bottom displayed behind Sidebar in API Tokens page (community)
0021728: [performance] Unneeded tooltip information on Summary page (dregad)
16 issues View Issues
0021112: [performance] Unneeded tooltip information on "My View" page (syncguru)
0021650: [security] Content-Security-Policy is disabled in 2.0.0-beta.1 (vboctor)
0021111: [localization] Language strings contain double quotes (syncguru)
0021114: [ui] Manage users page action buttons appears on 2 rows when showing 'Unused' (syncguru)
0021117: [ui] Plugin dependencies are no longer color-coded (syncguru)
0021119: [ui] Wrong alignment of field on "Summary" page (syncguru)
0021123: [ui] Waste of vertical space on "My View" page (syncguru)
0021137: [ui] Questionable display of sub-projects in project menu bar (syncguru)
0021139: [ui] Display of file type icon broken on print_bug_page (syncguru)
0021223: [ui] "Report Issue" button on top toolbar should be hidden for VIEWER/anonymous users (vboctor)
0021224: [ui] Login and Signup buttons in top header don't work for anonymous users (vboctor)
0021397: [plug-ins] Plugin menu options don't show in main menu (vboctor)
0021398: [ui] My Account - Manage Columns actions page broken (syncguru)
0021400: [ui] Collapse settings are not saved by modern UI (syncguru)
0021405: [wiki] Wiki integration broken (vboctor)
0021414: [customization] Config menu options don't show in main menu (vboctor)
0021575: [reports] Graphs for enums (e.g. status) can break when an enum has 0 occurences (vboctor)
0021599: [ui] The test results in Admin Check results are no longer colored (dregad)
0021602: [administration] Admin: "Upgrade your installation" shown even when schema is up-to-date (syncguru)
0021609: [news] Page broken after updating news (atrol)
0021622: [administration] Alert messages are not styled correctly (syncguru)
0021638: [ui] Tables in Workflow Transitions page seems deformed (syncguru)
0021642: [ui] Highlight due date when the date has passed (syncguru)
0021644: [ui] Don't offer "My Account" in menu when being logged in as protected user (dregad)
0021647: [filters] New to restyle 'filter deleted' page (vboctor)
25 issues View Issues
MantisBT 2.0.0 release focuses on improvements to the UI compared to 1.3.x release. As of this release, the db schema is the same between 1.3.x and 2.0.0-beta.1, enabling users to easily try 2.0.0-beta.1 and provide feedback.
0020240: [ui] Footer issue: problem + solution (syncguru)
0008503: [feature] Have "send reminder" as a button rather than a not so visible link at the top of the issue (atrol)
0021115: [ui] Manage users page always shows filter '0' as selected (dregad)
0021140: [db schema] Remove DB2 support (atrol)
0020907: [ui] Report stay doesn't work in modern UI (vboctor)
0005851: [reports] X-Labels truncated in by Category Graph (vboctor)
0006663: [reports] I'm seeing three JPGraph-related problems (vboctor)
0007342: [reports] synthesis graphs by category: many "big" categories hide pie by legend (vboctor)
0007343: [reports] synthesis graphs by category: page not long enough for legend with a lot of categories (vboctor)
0007991: [reports] Graphs not centered (vboctor)
0010403: [reports] The legend on JPGraph graphs overlays the graph (vboctor)
0012159: [reports] By Developer, By Reporter and By date graph problems (vboctor)
0012384: [reports] Graph text being truncated (vboctor)
0012483: [reports] Jp graph not dispalying (vboctor)
0012725: [reports] Solution to "font file not readable/does not exist" seems not to work for JPGraph (vboctor)
0012825: [reports] Modern graphs using javascript graphing library (vboctor)
0012967: [reports] Category jpGraph not displayed (vboctor)
0013097: [reports] Graphs not working (vboctor)
0013160: [reports] Labels on x-axis in summary graphs too small and cropped (ezcLibrary) (vboctor)
0013879: [reports] Graph plugin uses hard coded font list; ignores any other (vboctor)
0014232: [reports] Advanced summary bad display (vboctor)
0015246: [reports] JPGraph 3.5.x anti aliasing error in Ubuntu (vboctor)
0017493: [reports] Graphs are not working out of the box (vboctor)
0021134: [relationships] Use of undefined constant when displaying relationship graphics (atrol)
0021177: [reports] Jpgraph doesn't work (vboctor)
0011671: [reports] 3 graphs couldnot display in the page of 'summary_jpgraph_page.php' (vboctor)
0017919: [ui] Modernize Mantis UI (syncguru)
0020286: [javascript] Missing JavaScript libraries (syncguru)
0020118: [ui] pen icon ancient (syncguru)
0020182: [custom fields] wrong field name for custom field parameter (syncguru)
0021130: [tagging] Usage of undefined function html_page_bottom (syncguru)
0021131: [signup] Usage of undefined functions in verify.php (vboctor)
0021214: [bugtracker] Update jQuery to 2.2.4 (community)
0021215: [bugtracker] Update FontAwesome to 4.6.3 (community)
0021216: [bugtracker] Upgrade Bootstrap to 3.3.6 (community)
0021217: [bugtracker] Use cross origin anonymous and check integrity when loading form CDN (community)
0021221: [ui] Fully localize drag and drop to attach (community)
0021220: [ui] Lost password form doesn't have labels or placeholder text (vboctor)
0021222: [ui] Drag and drop should honor 'allowed_files' config option (community)
0019590: [attachments] Attach via drag-and-drop (syncguru)
0021279: [administration] Fix error when going to Manage - Workflow Transitions and clicking update (vboctor)
41 issues View Issues