Mantis Bug Tracker - Forums

No problems with the new jquery

I wish it were as easy as just choosing a new collation in MySQL. I didn't read all of the code history but looking at it through 2025 eyes it's weird that a collation was specifically hard-coded into an application. I'm sure there were valid reasons at the time but it looks off in 2025.

Should anyone else want to take a peek or work on this here are the ALTERS needed to migrate to utf8mb4_unicode_ci



ALTER DATABASE bugtracker CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;

ALTER TABLE `mantis_api_token_table` CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
ALTER ...

Converting the database itself to utf8mb4_unicode_ci was easy.

It looks like the Mantis codebase is hardcoded in a ton of places to only use utf8, I'm guessing this is a relic of the past.. because utf8mb4_unicode_ci is pretty much the standard for today.

I'd hoped this would be easy... but I'd ...

My users want to use emoticons which requires utf8mb4_unicode_ci.. Is it generally safe to migrate to this new collation?

Just needed to complete Database Update from the 2.27.0 upgrade.

Putting jquery 3.7.1 back into play.

Please delete - I just noticed the Update Database tab under Administration/settings.

All good, I have my categories now

After performing an update from 2.26.1 to 2.27.0, I'm finding that I am not able to select a Category. Viewing source, it appears that I have no category items for any project - although, I do.

<select id="category_id" name="category_id" class="autofocus input-sm" tabindex="1" required ...

Note that I just backed out that change to 3.7.1 due to a new issue I found in 2.27.0

# inactive:
#define( 'JQUERY_VERSION', '3.7.1' );
#define( 'JQUERY_HASH', 'sha256-9/aliU8dGd2tb6OSsuzixeV4y/faTqgFtohetphbbj0=' );

# active:
define( 'JQUERY_VERSION', '2.2.4' );
define( 'JQUERY_HASH', 'sha256 ...

No just a general error that there are multiple XSS vulnerabilities with sites that use out of date jquery

1) Downloaded the latest jquery 3.7.1 and placed in the mantisbt-2.27.0/js directory

2) Updated mantisbt-2.27.0/core/constant_inc.php

# JQuery
# hashes acquired with command 'cat file.js | openssl dgst -sha256 -binary | openssl enc -base64 -A'
define( 'JQUERY_VERSION', '3.7.1' );
define( 'JQUERY ...

Tenable found that the installed jquery with Mantis 2.27.0 is out of date and thus subject to multiple XSS vulnerabilities.

URL : https://mantis.genetics.emory.edu/js/jquery-2.2.4.min.js
Installed version : 2.2.4
Fixed version : 3.5.0

Could we look at getting this updated with a current jquery ...

After upgrading to 2.27.0 from 2.26.1, I copied my plugins from the 2.26.1 branch to 2.27, all "aftermarket" plugins are there and working except this one error:

plugins

Missing Plugin Base Class

A directory for this Plugin was found, but there was no corresponding Plugin code inside of it. Make ...

If there were changes, I'm not seeing it - I just copied over my 2.26.1 config into 2.27.0 and it works perfectly.

Did anything change with the default config file for mantisbt in 2.27.0 (compared to teh 2.26 branch)?