5.2

• Release Notes for Bugzilla 5.2
• Security Advisory for versions before 5.2
• Download Bugzilla 5.2
• Complete changelogs since prior versions

Release Notes

• Introduction
• Updates since 5.0.4
• Minimum Requirements
• New Features and Improvements
• Outstanding Issues
• Code Changes Which May Affect Customizations and Extensions
• Notes On Upgrading From a Previous Version
• Release Notes for Previous Versions

Introduction

Welcome to Bugzilla 5.2! This is kind of a weird release to explain. Back in early 2019, versions 5.0.5 and 5.0.6 were released for the 5.0.x branch, however, these releases contained invasive database schema and code reformatting changes that technically should not have been allowed to land on a stable branch. Some people noticed this, and never upgraded from 5.0.4 since 5.0.5 and 5.0.6 did not contain any security fixes. To fix this situation, 5.2 is picking up where 5.0.6 left off, since 5.0.5 technically should have been 5.2. Those still on 5.0.4 can upgrade to 5.0.4.1 if they're not ready to go a full version release yet.

NOTE: Because of the above situation, version 5.1.x (development release) is actually NEWER code than 5.2, and you cannot "upgrade" to 5.2 from 5.1.x. The 5.1.x series has been retroactively renamed to 5.3.x.

Bugzilla is making an attempt to be 100% accessible. We're not there yet. We have made accessibilty improvements but we're quite sure that we've missed a lot. If you find any accessibility issues such as fields missing labels, poor contrast, or things that don't play well with screen readers, please file a new bug which blocks our Section 508 Compliance bug.

If you're upgrading, make sure to read Notes On Upgrading From a Previous Version. If you are upgrading from a release before 4.4, make sure to read the release notes for all the previous versions in between your version and this one, particularly the Upgrading section of each version's release notes.

Updates in this 5.2.x Release

Future releases on this branch will contain a list of the updates since the last point release in this section.

Because of the weird way versions 5.0.5 and 5.0.6 were released, changes from those releases are included below in case you're upgrading from the 5.0.4.x branch.

Minimum Requirements

Any requirements that are new since 5.0 will look like this.

• Perl
• For MySQL Users
• For MariaDB Users
• For PostgreSQL Users
• For Oracle Users
• For SQLite Users
• Required Perl Modules
• Optional Perl Modules
• Optional Apache Modules

Perl

Perl v5.14

For MariaDB Users

• MariaDB v10.0.5
• perl module: DBD::MariaDB any version

For MySQL Users

• MySQL v5.6.12
• perl module: DBD::mysql v4.032

For PostgreSQL Users

• PostgreSQL v8.03.0000
• perl module: DBD::Pg v2.7.0

For Oracle Users

• Oracle v10.02.0
• perl module: DBD::Oracle v1.19

For SQLite Users

• SQLite v3.6.22
• perl module: DBD::SQLite v1.29

Required Perl Modules

Module	Version
CGI	3.51
Digest::SHA	(Any)
Date::Format	2.23
DateTime	0.75
DateTime::TimeZone	1.64
DBI	1.614
DBIx::Connector	0.56
Moo	2.003004
Template	3.008
Email::Sender	2.600
Email::Address::XS	1.05
Email::MIME	1.904
URI	1.55
List::MoreUtils	0.32
Math::Random::ISAAC	1.0.1
JSON::XS	2.01

Optional Perl Modules

The following perl modules, if installed, enable various features of Bugzilla:

Module	Version	Enables Feature
GD	1.20	Graphical Reports, New Charts, Old Charts
Chart::Lines	2.4.1	New Charts, Old Charts
Template::Plugin::GD::Image	(Any)	Graphical Reports
GD::Text	(Any)	Graphical Reports
GD::Graph	(Any)	Graphical Reports
MIME::Parser	5.406	Move Bugs Between Installations
LWP::UserAgent	(Any)	Automatic Update Notifications
XML::Twig	(Any)	Move Bugs Between Installations, Automatic Update Notifications
PatchReader	0.9.6	Patch Viewer
Net::LDAP	(Any)	LDAP Authentication
Authen::SASL	(Any)	SMTP Authentication
Net::SMTP::SSL	1.01	SSL Support for SMTP
Authen::Radius	(Any)	RADIUS Authentication
SOAP::Lite	0.712	XML-RPC Interface
XMLRPC::Lite	0.712	XML-RPC Interface
JSON::RPC	(Any)	JSON-RPC Interface, REST Interface
Test::Taint	1.06	JSON-RPC Interface, XML-RPC Interface, REST Interface
HTML::Parser	3.67	More HTML in Product/Group Descriptions
HTML::Scrubber	(Any)	More HTML in Product/Group Descriptions
Encode	2.21	Automatic charset detection for text attachments
Encode::Detect	(Any)	Automatic charset detection for text attachments
Email::Reply	(Any)	Inbound Email
HTML::FormatText::WithLinks	0.13	Inbound Email
TheSchwartz	1.07	Mail Queueing
Daemon::Generic	(Any)	Mail Queueing
mod_perl2	1.999022	mod_perl
Apache2::SizeLimit	0.96	mod_perl
File::MimeInfo::Magic	(Any)	Sniff MIME type of attachments
IO::Scalar	(Any)	Sniff MIME type of attachments
Cache::Memcached	(Any)	Memcached Support
File::Copy::Recursive	(Any)	Documentation
File::Which	(Any)	Documentation

Optional Apache Modules

If you are using Apache as your webserver, Bugzilla can take advantage of some Apache features if you have the below Apache modules installed and enabled.

• mod_headers
• mod_expires
• mod_env

On most systems (but not on Windows), checksetup.pl is able to tell whether or not you have these modules installed, and it will tell you.

New Features and Improvements

• Improved Mobile Rendering
• Explicit MariaDB Support
• MySQL 8+ Support
• Demo Docker Configuration
• Other Enhancements and Changes

Improved Mobile Rendering

Metadata to assist browsers in properly rendering Bugzilla on mobile browsers was added. Without this metadata Google Search tools would report Bugzilla pages as not suitable for mobile devices. Bugzilla still needs work to actually look nice on mobile devices but this is a good start. (PR #78)

Explicit MariaDB Support

Newer versions of MariaDB (10.6 and newer) have diverged from MySQL sufficiently that you can't really call it a drop-in replacement for MySQL anymore. We new have a 'mariadb' database driver for all versions of MariaDB. checksetup.pl will prompt you to switch to it if it detects that you are connected to a MariaDB database server. (Bug 1467006)

MySQL 8+ Support

Bugzilla previously did not work on MySQL 8 or newer. Now it does. (Bug 1592129)

Demo Docker Configuration

Bugzilla now ships with a Docker Compose configuration which provides an out-of-the-box Bugzilla with a default configuration to test with. Type docker compose up in the root directory to start it up. You will be prompted on the console with how to connect to it once it comes up. Requires that you have Docker already installed. This configuration is not suitable for production use, and is just for playing around with it and testing it without needing to do a full installation. (Bug 1888068)

Other Enhancements and Changes

Enhancements for Users

• UI: WineHQ Forum links are now accepted in the See Also field on bugs. (Bug 1523814)
• Accessibility: Color contrast in the default theme was adjusted to comply with WCAG AA 2.0 recommendations. (Bug 1798166)
• Email: Emails about bugs now include an X-Bugzilla-ID header which lists the Bug ID, for potential use in filtering. (Bug 1403169)

Enhancements for Administrators and Developers

• Database: UTF8 data encoding is now enforced. Older version of Bugzilla made the conversion of older data to UTF8 optional. Converting your existing data to UTF8 is now mandatory. Your data will be converted when you run checksetup.pl. If you are not already encoding your data in UTF8 you may want to verify that it will correctly convert on a backup copy of your database before upgrading.
• Database:If you are using MySQL, the majority of the database tables will also be converted to the InnoDB storage engine. This makes searching more efficent and allows for real referential integrity.
• Installation: Bugzilla now supports Email::MIME version 1.949 and newer, which previously would crash Bugzilla when it tried to send email. (Bug 1657496)
• Installation: The testserver.pl script will now work with self-signed SSL certificates if you pass the --self-signed option on the command line. (Bug 1851398)
• Installation: An foreign key error when upgrading from versions prior to 3.0 to 5.0.6 or newer was fixed. (Bug 1902375

WebService Changes

• Group.get method is now properly marked as Read Only. (Bug 1584477)

Code Changes Which May Affect Customizations and Extensions

• The Bugzilla::DB object now has a qi attribute which returns a special hashref that can be used inside double-quoted strings to quote database identifiers.
  my $q = Bugzilla->dbh->qi; Bugzilla->dbh->do("SELECT COUNT(*) FROM $q->{groups}");
  (Bug 1592129)
• Bugzilla now uses Email::Address::XS instead of Email::Address for managing email address parsing. If you made use of Email::Address directly you should update to use Email::Address::XS instead. (Bug 1853138)

Changes since Version 5.0.4

Because of the weird way we branched to fix the 5.0.5 numbering problem, the changes from 5.0.5 and 5.0.6 are included here in case you're upgrading from the 5.0.4.x branch.

5.0.6

• Adminstration: It is now possible to create more than 255 flags (up to 65535) (Bug 1526703)

5.0.5

• User Interface: Email addresses with apostrophes (yes, that's legal) no longer break the "Send Mail to Bug Assignees" button on bug lists. (Bug 1226123)
• Installation/Upgrading: If using MySQL, the bugs_fulltext table is now InnoDB instead of MyISAM. This may cause your upgrade to take a while. (Bug 981487)
• Developers: This release reformats the code according to the same conventions as the popular Mojolicious product and includes a .perltidyrc to do the same. You may use whatever coding style you want, but all files commited to the repo must be reformatted according to those rules.
• Developers: A new hook template_after_create was added, which can be used to manipulate the template object before it gets rendered. You can use this to define new Template Toolkit virtual methods or filters in extensions. (PR #60)