The work started this summer on git continues and accelerates, pull requests are now completely "upgraded" to Burning Parrot. We also heard your feedback about the new git repository listing introduced in 10.3: browsing preferences are kept and more repositories are displayed by default.

Pull requests

Pull Requests goes Burning Parrot and get more than just a refresh:

  • the whole navigation and page structure got changed
  • diff can be displayed either unidiff (as before) or side by side
  • common part of the diff are now collapsed by default (one click to expand)
  • code syntax is highlighted when file type is recognized
  • better integration with git service (new header)

See below the new overview page of pull requests with comments on the right so we better use page width on large screens.

New Pull Request home page

Brand new "side by side" diff, with support of switching back and forth between the 2 modes. This mode is brand new and there might be some glitches and limitations (like not being able to comment on non modified lines on the left hand side). We would love to hear your kind words about what you would like to see improved.

Diff side by side

Uni-diff is of course still there and was also improved to collapse by default the common parts of the files.

Diff uni-diff

Bugs and requests:


  • story #10413 manage breadcrumb in burning parrot instead of gitphp
  • story #11419 have more insights about git repositories via REST API

Git UI overhaul is still on going and we are getting closer to the "core" of the rework: the repository browsing itself. During this release we mainly worked on repository header (title, breadcrumb, URL selector, etc).

Burning Parrot header for git repository view

There are also a bunch of new REST APIs around git repositories: getting the list of branches, tags, the content of a file. We designed those APIs to be as close as possible to their github/gitlab equivalent so integrations with other tools will be easier to do:

  • GET /git/:id/branches
  • GET /git/:id/files?path=path/to/file&ref=string

Bugs and requests:

  • request #12242 Remember view preference in git service homepage
  • request #12241 Have smaller cards for git repositories in git service homepage

Test Management (Tuleap Enterprise)

Whenever you initialize a new project with TTM (either from template or by clicking "Start TTM" in project’s UI) you will have steps enabled by default.



When you’ve got trackers with select boxes with a large amount of values (think list users for instance) and you want a cardwall view of it, it becomes quickly unmanageable. Now, when you select only some of the values, those values will be used as columns instead of displaying tenth of columns that would be empty (because no selected values).

Cardwall columns aligned with selectbox filter

Bugs and requests:

  • request #12250 Tracker webhook payload can be incorrect if email notifications are disabled
  • request #12233 OpenList are not usable while filtering artifacts through REST API
  • request #12223 Openlist bound on users should not load all the users when no default value is defined


  • story #12175 Package remaining plugins for RHEL7
  • story #12157 have a complete development environment running CentOS 7

RHEL and CentOS 7 targets are now considered stable and should be used by default on all new installations.


Mostly minor addition. The SOAP one will help admins to identify in advance people that are still using the deprected tracker v5 SOAP api before the complete removal in 10.6.


Tests and Continuous Integration

Front end

PHPWiki clean-up

  • request #12197 Remove code related to "DbSession" from the deprecated PHPWiki service
  • request #12196 Remove not usable users and groups features from the deprecated PHPWiki service

On the road to PHP 7.2

Almost everything is ready for PHP 7.2 upgrade. There are only a few things missing:

  • WebDAV (requires a version bump of the lib)
  • Mediawiki (requires a hell of work to get done properly)
  • Graphs (requires a version bump of the lib)

PHP 7.2 conversion stats:

  • 193 PHPCompatibility warnings (58 high, 135 normal)
  • 38926 Simpletest tests
  • 669 phpunit tests

Vault Plugin

  • request #12246 Use Go 1.11 and replace dep with Go modules for building Tuleap Vault plugin
  • request #12212 Ensure the Tuleap Vault plugin build and is tested against Vault 0.11.1

Releases stats

  • 1985 files changed, 62502 insertions(+), 47915 deletions(-)
  • They made the release (number of commits, author, company)
    • 134 Marie Ange Garnier, Enalean
    • 130 Nicolas Terray, Enalean
    • 130 Thomas Gerbet, Enalean
    • 106 Yannis ROSSETTO, Enalean
    • 84 Joris Masson, Enalean
    • 46 Thomas Gorka, Enalean
    • 7 Manuel VACELET, Enalean
    • 6 Benjamin Dauton, Enalean
    • 6 Romain Lorentz, Enalean
    • 4 Benjamin Bouillot, Enalean
    • 2 Clarck Robinson, Enalean
    • 2 Sandra Echinard, Enalean

Validation scores

Tuleap 10.5 results

Bug fix


  • request #12219 Reset password links are not invalidated on password change
  • request #12214 Downloading an attachment of an archived mail can lead to XSS
  • request #12148 A XSS can be triggered via a user’s realname in the user groups format export
  • request #12131 Description of a field can be used to trigger a XSS in the tracker administration
  • request #10626 Remove direct database access

OpenID Connect

  • request #9715 OpenID Connect plugin should log why a authentication has failed
  • request #9527 OpenID Connect plugin does not work with Keycloak

Project admin

Agile dashboard: Scrum and Kanban

  • request #12239 500 Internal Server Error when moving artefact on Agile Dahsboard
  • request #12220 Modal to edit an artifact should retrieve data in parallel
  • request #11881 Add a feedback component to show errors for Kanban
  • request #11665 Import Graphs and edit modals dynamically in Kanban

Cross tracker search (Tuleap Enterprise)

  • request #11386 Cross tracker search fails when query run over deleted trackers


  • request #12253 French spelling mistake in the placeholder of the permission request form
  • request #12257 Forum mail notifications can throw a fatal error in some cases
  • request #12151 The license of the sources should be easily found
  • request #11834 Accessing the homepage with query parameters ends up with a fatal error
  • request #12082 Usage of old themes can lead to issues