Bugzilla 4.4rc2 and 4.2.5 released (and also 4.0.10 and 3.6.13)
So, Bugzilla 4.4rc2 is finally here! It took us more time than expected, but the performance bugs are all fixed and we also fixed two security bugs which are described in the security advisory. Bugzilla 4.2.5, 4.0.10 and 3.6.13 also contain these two security fixes, so you should definitely upgrade.
Compared to 4.4rc1, the new release candidate contains the last feature which we wanted for 4.4: the ability to add several criteria in a query against the same field. In Bugzilla 4.2,
"Flags changed to approval+" AND "Flags changed by foo@bar.com"
were disconnected, which means that these criteria would match all bugs which had the approval+ flag set and which had a flag changed by foo@bar.com. In Bugzilla 4.4, you can now force these two criteria to match the same field, i.e. that you only want bugs where the approval+ flag has been set by foo@bar.com. Thanks to Byron Jones (glob) for this great feature. 
Of course, this feature is not limited to flags, but works with all fields. See the release notes for more details. Also, 4.4rc2 should in most cases be much faster than 4.2 to run some complex queries. In my testing, some queries which took several minutes to complete now run in a few (tens of) seconds only. This is especially noticable with many columns displayed in the buglist. Another good reason to test it! 
The next release should be 4.4 final as I don’t think a 4.4rc3 is needed.
There will be a 2nd release candidate for Bugzilla 4.4
You may wonder what’s going on since we released Bugzilla 4.4rc1 on November 13. Well, very few bugs have been reported which seems to indicate that 4.4rc1 is pretty stable. But we also found that running some queries were very slow since Bugzilla 4.2. Bugzilla 4.2 got a major rewrite of its search code (Bugzilla::Search), where the focus was readability, maintainability and the removal of some hacks, but this new code had some severe performance impact for some queries, especially those involving subselects in MySQL. That’s why several bugs related to performance have been filed since we released 4.4rc1 and we decided that they were critical enough to fix them in the 4.4 branch rather than waiting another year to include them in Bugzilla 5.0 only. As it’s unclear if these recent changes can have negative impact on some queries, or break some other ones, we decided that a 2nd release candidate was necessary to give admins and developers some time to test the new code and give us feedback before 4.4 final. There is no ETA for 4.4rc2 yet, but it will probably be somewhere in January 2013.
If you have some queries which you consider as being very slow, I would be interested in hearing you about them: which criteria did you use, which columns are displayed in buglists, which Bugzilla installation did you use for your testing, are you logged in or logged out, etc…? Please don’t run your queries on Bugzilla 3.x or older. I’m really not interested in such old installations (and the code changed too much anyway with what we have in 4.4). In my own testing, I found that some queries which were previously timing out now run in a few seconds only. Of course, the time taken to execute these queries highly depends on the data you have in your DB and so only relative timing matters.
Bugzilla 4.4rc1, 4.2.4, 4.0.9 and 3.6.12 released
Last night, we released Bugzilla 4.2.4, 4.0.9 and 3.6.12 to fix several security issues. Bugzilla 4.2.4 also notably fixes some crashes with Oracle when viewing buglists. Oracle support in 4.2.4 is definitely much better than in previous 4.x or 3.x releases.
We also released the first release candidate of Bugzilla 4.4, which we expect to release near the end of the year, though it will depend on the feedback we get. If a second release candidate is needed, we will delay 4.4 final. Now is a good time to test its new features, including the new tagging system (which replaces the previous tagging system which you could see in the footer of pages), the ability to save tabular and graphical reports in the same way you can save your searches (no need to bookmark them in your browser anymore), customizable columns displayed in emails sent by the whining system, many new and updated WebService methods, real auto-detection of the MIME type of attachments uploaded to Bugzilla (currently only if the browser is unable to determine the MIME type itself, else we still trust what the browser says), etc… Do not forget to fix your Apache configuration file (httpd.conf) when upgrading as explained in the release notes, else Bugzilla 4.4 won’t work. Have fun!
Using GMail as SMTP server from Bugzilla to send email notifications is supported natively
I saw several requests about how to use GMail as server to send bugmails from Bugzilla. I also saw too many (bad) articles about how to hack Bugzilla to make it work. Most were suggesting to install 3rd-party applications and to badly hack the source code, especially when installed on Windows. Forget all that! What you must know is that Bugzilla supports GMail as SMTP server for more than a year (!), and Bugzilla 4.4rc1, which is going to be released next Tuesday, supports it natively!
When running checksetup.pl, make sure that Net::SMTP::SSL is installed:
Checking for Net-SMTP-SSL (v1.01) ok: found v1.01
Then edit the following parameters (under Administration > Parameters > Email):
mail_delivery_method = SMTP mailfrom = your_email_address@gmail.com smtpserver = smtp.gmail.com:465 smtp_username = your_email_address@gmail.com smtp_password = your_gmail_password smtp_ssl = on
Do not forget to save your changes, and that’s all, Bugzilla is now able to use GMail to send bugmails.
If you are running Bugzilla 4.2 or older, then you should apply this patch. That’s the patch which is now part of Bugzilla 4.4, but it also applies cleanly to all supported branches. And the good news is that the upgrade to 4.4 will run smoothly as that’s the exact same code as for 4.4. Once applied, you can follow the steps above.
For bmo specific requests, please file bugs in the bugzilla.mozilla.org product
I see many bugs filed in the Bugzilla product related to bmo such as "please add flag tracking-firefox89", "please merge my account foo@gmail.com with my new foo@mozilla.com", "please delete bug XX", "please add component X to product Y", "I need to be added to the core-security group", etc… etc…. All these requests specific to bmo must be filed in the bugzilla.mozilla.org product. I think the name of this product is explicit enough to be understood by everybody. It would be great if all users getting a @mozilla.com email address would be informed about this distinction as they represent 95% of wrongly filed bugs (the Bugzilla product is only for bugs/requests related to the Bugzilla project itself, not the Mozilla instance). Fortunately, it’s very easy to move a bug into its correct product, but some developers are spammed uselessly.
Anyone familiar with Oracle (the DB)? I need your help!
Bugzilla installations running Oracle as their database server fail to display flags, tags and keywords in buglists. Oracle crashes with:
DBD::Oracle::db prepare failed: ORA-30482: DISTINCT option not allowed for this function (DBD ERROR: error possibly near <*> indicator at char 313 ..., group_concat(<*>T_CLOB_DELIM(DISTINCT map_tag.name, ', ')) tag
All the details are in bug 780053. The group_contact() function is defined in Bugzilla/DB/Oracle.pm. The maintainer of the Oracle DB module, who was an Oracle employee, disappeared, leaving us in the dust. The code in Oracle.pm is totally obscure to us and I have no idea how to fix it. I would like to have this bug fixed on time for Bugzilla 4.4, which should be released before the end of the year, and so I need your help as soon as possible to fix this problem. Someone already made a suggestion in the bug, but I need a second review or another sugggestion as I don’t understand anything about the cryptic internals of Oracle.
So if you are familiar with Oracle or use Oracle as your DB server, please give it a look. Many thanks!
New UI to manage products in Bugzilla
All those of you who are administrators of a Bugzilla installation already had to configure products in the past. Most of you probably found it was pretty hard to configure security correctly on these products: Entry, MemberControl, OtherControl, Canedit, editbugs, canconfirm, editcomponents. What’s all this and how do they interact with each other?
I made a proposal to rewrite this page entirely, and you can see the result here (it’s a html page). If you are a Bugzilla administrator or have privileges to edit product settings on your Bugzilla installation, please give me your feedback, ideally as a comment in the bug itself, in the worse case here as a comment. If this new UI is accepted, it will be part of Bugzilla 5.0.
