Difference between revisions of "Filing bugs and issues"

From Joomla! Documentation

(Corrected some URLs. Other markup changes.)
 
Line 1: Line 1:
 
<noinclude><languages /></noinclude>
 
<noinclude><languages /></noinclude>
 
<translate><!--T:1-->
 
<translate><!--T:1-->
To '''report a bug''' in the Joomla! bug trackers, you need to create a tracker item. Once the tracker item is created, the developers will check the validity of it and act accordingly. If you would like to '''help test''' Joomla patches, please follow these [[S:MyLanguage/Testing Joomla! patches|detail instructions on how]].</translate>
+
To '''report a bug''' in the Joomla! bug trackers, you need to create a tracker item. Once the tracker item is created, the developers will check the validity of it and act accordingly. If you would like to '''help test''' Joomla patches, please follow these [[S:MyLanguage/Testing Joomla! patches|detailed instructions on how]].</translate>
  
<translate>== Reporting bugs == <!--T:2-->
+
<translate>== Reporting Bugs == <!--T:2-->
 
=== Register an Account at GitHub ===
 
=== Register an Account at GitHub ===
 
You will need to [https://github.com register for an account] at GitHub; the Joomla! Issue Tracker uses GitHub accounts for authentication.</translate>
 
You will need to [https://github.com register for an account] at GitHub; the Joomla! Issue Tracker uses GitHub accounts for authentication.</translate>
  
<translate>=== Access the Joomla! issue tracker. === <!--T:3--></translate>
+
<translate>=== Access The Joomla! Issue Tracker === <!--T:3--></translate>
  
*[http://issues.joomla.org Joomla! Issue Tracker]- <translate><!--T:4-->
+
*[https://issues.joomla.org/ Joomla! Issue Tracker]- <translate><!--T:4-->
 
Open</translate>
 
Open</translate>
  
<translate>=== Check to see if the bug you want to report is already reported. === <!--T:9--></translate>
+
<translate>=== Check to See If the Bug You Want to Report Is Already Known === <!--T:9--></translate>
  
 
<translate><!--T:10-->
 
<translate><!--T:10-->
A series of filters display the tracker items and can be accessed by clicking the "Search Tools" button at the top of the list. If the issue you are experiencing is not already reported, click on the "New Item" button in the main navigation area.</translate>
+
A series of filters display the tracker items and can be accessed by clicking the ''Search Tools'' button at the top of the list. If the issue you are experiencing is not already reported, click on the ''New Item'' button in the main navigation area.</translate>
  
 
<translate><!--T:11-->
 
<translate><!--T:11-->
Line 21: Line 21:
  
 
<translate><!--T:12-->
 
<translate><!--T:12-->
Fill in as much data as you can. You can enable tips for each field by switching the "View Mode" toggle on the right side of the screen from Pro to Help.</translate>
+
Fill in as much data as you can. You can enable tips for each field by switching the ''View Mode'' toggle on the right side of the screen from Pro to Help.</translate>
  
 
* <translate><!--T:13-->
 
* <translate><!--T:13-->
[[S:MyLanguage/Bug and Issue Tracker Priority|Priority]] : Use the default "Medium" except if you know the code enough to make another choice.</translate>
+
[[S:MyLanguage/Bug and Issue Tracker Priority|Priority]]: Use the default ''Medium'' except if you know the code enough to make another choice.</translate>
 
* <translate><!--T:14-->
 
* <translate><!--T:14-->
Build : Type here the version(s) affected by the issue.</translate>
+
Build: Type here the version(s) affected by the issue.</translate>
 
* <translate><!--T:15-->
 
* <translate><!--T:15-->
Categories : This one is more tricky. Use "Administration" if you do not know better.</translate>
+
Categories: This one is more tricky. Use ''Administration'' if you do not know better.</translate>
 
* <translate><!--T:16-->
 
* <translate><!--T:16-->
Title : A short summary of the issue.</translate>
+
Title: A short summary of the issue.</translate>
 
* <translate><!--T:17-->
 
* <translate><!--T:17-->
Description : Details of the issue. Please see the section below for more info.</translate>
+
Description: Details of the issue. Please see the section below for more info.</translate>
 
* <translate><!--T:18-->
 
* <translate><!--T:18-->
Uploads : Users are permitted to upload images to issue reports. Information about upload requirements is listed on the report form.</translate>
+
Uploads: Users are permitted to upload images to issue reports. Information about upload requirements is listed on the report form.</translate>
  
<translate>=== Provide a summary === <!--T:19--></translate>
+
<translate>=== Provide a Summary === <!--T:19--></translate>
  
 
<translate><!--T:20-->
 
<translate><!--T:20-->
Line 47: Line 47:
 
Front-end: Warning such and such.</translate>
 
Front-end: Warning such and such.</translate>
 
* <translate><!--T:23-->
 
* <translate><!--T:23-->
Back-end: Unable to save article when "nameofplugin" is published.</translate>
+
Back-end: Unable to save article when ''nameofplugin'' is published.</translate>
  
 
<translate><!--T:24-->
 
<translate><!--T:24-->
 
Note: Take care to be descriptive in your summary as this is the first thing the developers will see when they are perusing the tracker for something to fix.</translate>
 
Note: Take care to be descriptive in your summary as this is the first thing the developers will see when they are perusing the tracker for something to fix.</translate>
+
 
<translate>=== Provide details about the bug === <!--T:25--></translate>
+
<translate>=== Provide Details About the Bug === <!--T:25--></translate>
  
 
<translate><!--T:26-->
 
<translate><!--T:26-->
Line 58: Line 58:
  
 
* <translate><!--T:27-->
 
* <translate><!--T:27-->
Steps to reproduce the issue : Detailed steps on how another person can reproduce the issue.</translate>
+
Steps to reproduce the issue: Detailed steps on how another person can reproduce the issue.</translate>
 
* <translate><!--T:28-->
 
* <translate><!--T:28-->
Expected result : What you believe should happen when you perform the steps above.</translate>
+
Expected result: What you believe should happen when you perform the steps above.</translate>
 
* <translate><!--T:29-->
 
* <translate><!--T:29-->
Actual result : What actually happened when performing the above steps</translate>
+
Actual result: What actually happened when performing the above steps</translate>
 
* <translate><!--T:30-->
 
* <translate><!--T:30-->
System information : Information about the environment your system is configured in. This could include the browser you are using, the PHP version from your server, or the database type your site is using. For optimal results, you can copy this data from your site's System Information view when logged into the administrator section.</translate>
+
System information: Information about the environment your system is configured in. This could include the browser you are using, the PHP version from your server, or the database type your site is using. For optimal results, you can copy this data from your site's System Information view when logged into the administrator section.</translate>
 
* <translate><!--T:31-->
 
* <translate><!--T:31-->
Additional comments : Any additional information not provided above that would be beneficial to troubleshooting and resolving the issue.</translate>
+
Additional comments: Any additional information not provided above that would be beneficial to troubleshooting and resolving the issue.</translate>
  
 
<translate><!--T:32-->
 
<translate><!--T:32-->
Line 75: Line 75:
 
"This is what happened."</translate>
 
"This is what happened."</translate>
 
# <translate><!--T:35-->
 
# <translate><!--T:35-->
"This is what I think should have happened."</translate>  
+
"This is what I think should have happened."</translate>
 
# <translate><!--T:36-->
 
# <translate><!--T:36-->
 
"Other information, possible solution, proposed code patch."</translate>
 
"Other information, possible solution, proposed code patch."</translate>
Line 85: Line 85:
  
 
; <translate><!--T:39-->
 
; <translate><!--T:39-->
What I did : Started with sample website. Everything was ok. I enabled "nameofplugin". Try to save any article from back end.</translate>
+
What I did: Started with sample website. Everything was okay. I enabled ''nameofplugin''. Try to save any article from back end.</translate>
 
; <translate><!--T:40-->
 
; <translate><!--T:40-->
What happened : I get a blank screen and article is not saved.</translate>  
+
What happened: I get a blank screen and article is not saved.</translate>
 
; <translate><!--T:41-->
 
; <translate><!--T:41-->
What should have happened : Articles should save correctly.</translate>
+
What should have happened: Articles should save correctly.</translate>
 
; <translate><!--T:42-->
 
; <translate><!--T:42-->
Other information : These are the plugins enabled at the same time. SEF is on (or Off). My site is in a sub-folder. I also remark that... etc. Files such and such are the issues IMHO (if you know what you are talking about).</translate>
+
Other information: These are the plugins enabled at the same time. SEF is on (or Off). My site is in a sub-folder. I also remark that... etc. Files such and such are the issues IMHO (if you know what you are talking about).</translate>
  
<translate>==== Example B ==== <!--T:43--></translate>  
+
<translate>==== Example B ==== <!--T:43--></translate>
  
 
; <translate><!--T:44-->
 
; <translate><!--T:44-->
What I did : Navigate to Back-end. Click on "menu_name" Menu.</translate>  
+
What I did: Navigate to Back-end. Click on ''menu_name'' Menu.</translate>
 
; <translate><!--T:45-->
 
; <translate><!--T:45-->
What happened: Page opened is blank.</translate>  
+
What happened: Page opened is blank.</translate>
 
; <translate><!--T:46-->
 
; <translate><!--T:46-->
What should have happened : Menu should have opened correctly.</translate>
+
What should have happened: Menu should have opened correctly.</translate>
 
; <translate><!--T:47-->
 
; <translate><!--T:47-->
Other information : Any other menu works OK. etc.</translate>
+
Other information: Any other menu works OK. etc.</translate>
  
 
<translate>==== Real-Life Example ==== <!--T:48--></translate>
 
<translate>==== Real-Life Example ==== <!--T:48--></translate>
Line 108: Line 108:
 
What I did</translate>
 
What I did</translate>
 
:# <translate><!--T:50-->
 
:# <translate><!--T:50-->
Started with the sample website.</translate>  
+
Started with the sample website.</translate>
 
:# <translate><!--T:51-->
 
:# <translate><!--T:51-->
Added an unpublished article from the back end, with Section=FAQ, Category=General.</translate>  
+
Added an unpublished article from the back end, with Section=FAQ, Category=General.</translate>
 
:# <translate><!--T:52-->
 
:# <translate><!--T:52-->
In the advanced parameters for the article, set Show Title to "No" and Print, PDF, and Email Icons to "Hide".</translate>  
+
In the advanced parameters for the article, set Show Title to ''No'' and Print, PDF, and Email Icons to ''Hide''.</translate>
 
:# <translate><!--T:53-->
 
:# <translate><!--T:53-->
Save the article and navigate to front end. Login to the front end as admin and navigate to the Example Pages -> Category Blog menu item.</translate>  
+
Save the article and navigate to front end. Login to the front end as admin and navigate to the Example Pages -> Category Blog menu item.</translate>
 
*<translate><!--T:54-->
 
*<translate><!--T:54-->
What happened : The newly added article shows but there is no edit icon for the front-end user to click on.</translate>
+
What happened: The newly added article shows but there is no edit icon for the front-end user to click on.</translate>
 
*<translate><!--T:55-->
 
*<translate><!--T:55-->
What should have happened : The edit icon should show, allowing a front end user to edit this article.</translate>
+
What should have happened: The edit icon should show, allowing a front end user to edit this article.</translate>
 
*<translate><!--T:56-->
 
*<translate><!--T:56-->
Other information : This only happens with the rhuk_milkyway template. By changing this code [code proposed] in file [name and hierarchy of file], line(s) #, the issue looks solved on my settings.</translate>
+
Other information: This only happens with the ''rhuk_milkyway'' template. By changing this code [code proposed] in file [name and hierarchy of file], line(s) #, the issue looks solved on my settings.</translate>
  
<translate>=== Issue a pull request directly on Joomla!'s GitHub repository === <!--T:57--></translate>
+
<translate>=== Issue a Pull Request Directly on Joomla!'s GitHub Repository === <!--T:57--></translate>
  
 
<translate><!--T:58-->
 
<translate><!--T:58-->
If you wish to propose a fix by directly providing the code within Joomla! itself, you may do so by issuing a "pull request" in Joomla!'s code repository on GitHub.com, located here</translate>: https://github.com/joomla/joomla-cms
+
If you wish to propose a fix by directly providing the code within Joomla! itself, you may do so by issuing a ''pull request'' in Joomla!'s code repository on GitHub.com, located at </translate>[https://github.com/joomla/joomla-cms the Joomla CMS at github.com]
  
 
<translate><!--T:59-->
 
<translate><!--T:59-->
Line 133: Line 133:
 
Sign up for a free GitHub.com account</translate>
 
Sign up for a free GitHub.com account</translate>
 
* <translate><!--T:61-->
 
* <translate><!--T:61-->
Fork the Joomla! repo</translate>
+
Fork the Joomla! repository</translate>
 
* <translate><!--T:62-->
 
* <translate><!--T:62-->
Switch to the "staging" branch if you wish to propose a fix for the current Joomla! 3.x release or to another branch if you want to propose a fix for the next Joomla! Version.</translate>
+
Switch to the ''staging'' branch if you wish to propose a fix for the current Joomla! 3.x release or to another branch if you want to propose a fix for the next Joomla! Version.</translate>
 
* <translate><!--T:63-->
 
* <translate><!--T:63-->
Add/update the related files in Joomla! in the right branch and the click on the "review & compare" button - more info on this here https://help.github.com/articles/using-pull-requests - to start the "pull request" issuing process.</translate>
+
Add/update the related files in Joomla! in the right branch and the click on the ''review & compare'' button to start the ''pull request'' issuing process. More info on this is at [https://help.github.com/articles/using-pull-requests About Pull Requests]</translate>
  
<translate>=== Extra tips and tricks === <!--T:64--></translate>
+
<translate>=== Extra Tips and Tricks === <!--T:64--></translate>
  
 
<translate><!--T:65-->
 
<translate><!--T:65-->
Line 145: Line 145:
  
 
* <translate><!--T:66-->
 
* <translate><!--T:66-->
Do read the [http://docs.joomla.org/FAQs FAQ] to see if your issue might be a well-known question.</translate>
+
Do read the [https://docs.joomla.org/FAQs FAQ] to see if your issue might be a well-known question.</translate>
 
* <translate><!--T:67-->
 
* <translate><!--T:67-->
Do search [http://issues.joomla.org the tracker] to see if your issue has already been filed.</translate>
+
Do search [https://issues.joomla.org/ the tracker] to see if your issue has already been filed.</translate>
 
* <translate><!--T:68-->
 
* <translate><!--T:68-->
Do ask on bug reporting forums for [http://forum.joomla.org/viewforum.php?f=728 Joomla 3.x] first if you're not sure if what you're seeing is a bug.</translate>
+
Do ask on bug reporting forums for [https://forum.joomla.org/viewforum.php?f=728 Joomla 3.x] first if you're not sure if what you're seeing is a bug.</translate>
 
* <translate><!--T:69-->
 
* <translate><!--T:69-->
 
Do write complete, reproducible, specific bug reports. Include as much information as you possibly can, complete with code snippets, test cases, etc. A minimal example that illustrates the bug in a nice small test case is the best possible bug report.</translate>
 
Do write complete, reproducible, specific bug reports. Include as much information as you possibly can, complete with code snippets, test cases, etc. A minimal example that illustrates the bug in a nice small test case is the best possible bug report.</translate>
 
* <translate><!--T:70-->
 
* <translate><!--T:70-->
Don't use the tracker system to ask support questions. Use the [http://forum.joomla.org/ Joomla! forums] for that.</translate>
+
Don't use the tracker system to ask support questions. Use the [https://forum.joomla.org/ Joomla! forums] for that.</translate>
 
* <translate><!--T:71-->
 
* <translate><!--T:71-->
Don't use the trackers to make large-scale feature requests. We like to discuss any big changes to Joomla!'s core on the [[jforum:509|developers forums]] before actually working on them.</translate>
+
Don't use the trackers to make large-scale feature requests. We like to discuss any big changes to Joomla!'s core on the [[jforum:509|developers forums]] before actually working on them.</translate>
 
* <translate><!--T:72-->
 
* <translate><!--T:72-->
Don't reopen issues that have been marked "expected behaviour". This mark means that the decision has been made that we can't or won't fix this particular issue. If you're not sure why, please ask on im [[jforum:509|developer forums]].</translate>
+
Don't reopen issues that have been marked ''expected behaviour''. This mark means that the decision has been made that we can't or won't fix this particular issue. If you're not sure why, please ask on the [[jforum:509|developer forums]].</translate>
 
* <translate><!--T:73-->
 
* <translate><!--T:73-->
 
Don't use the tracker for lengthy discussions, because they're likely to get lost. If a particular tracker item is controversial, please move discussion to [[jforum:509|developers forums]].</translate>
 
Don't use the tracker for lengthy discussions, because they're likely to get lost. If a particular tracker item is controversial, please move discussion to [[jforum:509|developers forums]].</translate>
  
<translate>== Reporting security issues == <!--T:74--></translate>
+
<translate>== Reporting Security Issues == <!--T:74--></translate>
  
 
<translate><!--T:75-->
 
<translate><!--T:75-->
Report security issues to security [at] joomla [dot] org. This is a private list only open to long-time, highly trusted Joomla! developers, and its archives are not publicly readable.</translate>
+
Report security issues to security [at] joomla [dot] org. This is a private email account only open to long-time, highly trusted Joomla! developers, and its archives are not publicly readable.</translate>
  
 
<translate><!--T:76-->
 
<translate><!--T:76-->
In the event of a confirmed vulnerability in Joomla! itself, we will take the following actions</translate>:
+
In the event of a confirmed vulnerability in Joomla! itself, we will take the following actions:</translate>:
  
 
* <translate><!--T:77-->
 
* <translate><!--T:77-->
Line 174: Line 174:
 
Halt all other development as long as is needed to develop a fix, including patches against the current and two previous releases.</translate>
 
Halt all other development as long as is needed to develop a fix, including patches against the current and two previous releases.</translate>
 
* <translate><!--T:79-->
 
* <translate><!--T:79-->
Determine a go-public date for announcing the vulnerability and the fix. To try to mitigate a possible "arms race" between those applying the patch and those trying to exploit the hole, we will not announce security problems immediately.</translate>
+
Determine a go-public date for announcing the vulnerability and the fix. To try to mitigate a possible ''arms race'' between those applying the patch and those trying to exploit the hole, we will not announce security problems immediately.</translate>
 
* <translate><!--T:80-->
 
* <translate><!--T:80-->
Publicly announce the vulnerability and the fix on the pre-determined go-public date. This will probably mean a new release of Joomla! but in some cases it may simply be patches against current releases.</translate>
+
Publicly announce the vulnerability and the fix on the go-public date. This will probably mean a new release of Joomla! but in some cases it may simply be patches against current releases.</translate>
  
 
<translate><!--T:81-->
 
<translate><!--T:81-->
 
[[Category:Development]] [[Category:Bug_Squad]]
 
[[Category:Development]] [[Category:Bug_Squad]]
 
[[Category:Bug Tracker]]</translate>
 
[[Category:Bug Tracker]]</translate>

Latest revision as of 23:58, 21 September 2022

Other languages:
Bahasa Indonesia • ‎Deutsch • ‎English • ‎Nederlands • ‎Türkçe • ‎català • ‎eesti • ‎español • ‎français • ‎italiano • ‎português • ‎svenska • ‎Ελληνικά • ‎русский • ‎অসমীয়া • ‎中文(台灣)‎ • ‎日本語

To report a bug in the Joomla! bug trackers, you need to create a tracker item. Once the tracker item is created, the developers will check the validity of it and act accordingly. If you would like to help test Joomla patches, please follow these detailed instructions on how.

Reporting Bugs[edit]

Register an Account at GitHub[edit]

You will need to register for an account at GitHub; the Joomla! Issue Tracker uses GitHub accounts for authentication.

Access The Joomla! Issue Tracker[edit]

Check to See If the Bug You Want to Report Is Already Known[edit]

A series of filters display the tracker items and can be accessed by clicking the Search Tools button at the top of the list. If the issue you are experiencing is not already reported, click on the New Item button in the main navigation area.

A new screen will display and there, the more information you give, the easier it is for the developers.

Fill in as much data as you can. You can enable tips for each field by switching the View Mode toggle on the right side of the screen from Pro to Help.

  • Priority: Use the default Medium except if you know the code enough to make another choice.
  • Build: Type here the version(s) affected by the issue.
  • Categories: This one is more tricky. Use Administration if you do not know better.
  • Title: A short summary of the issue.
  • Description: Details of the issue. Please see the section below for more info.
  • Uploads: Users are permitted to upload images to issue reports. Information about upload requirements is listed on the report form.

Provide a Summary[edit]

Describe in a few words the issues you are having. It is generally a good idea to use existing tracker items as examples if this is your first time reporting a bug.

Examples:

  • Front-end: Warning such and such.
  • Back-end: Unable to save article when nameofplugin is published.

Note: Take care to be descriptive in your summary as this is the first thing the developers will see when they are perusing the tracker for something to fix.

Provide Details About the Bug[edit]

To provide the most information possible, the tracker populates the description field with a template with five sub-sections:

  • Steps to reproduce the issue: Detailed steps on how another person can reproduce the issue.
  • Expected result: What you believe should happen when you perform the steps above.
  • Actual result: What actually happened when performing the above steps
  • System information: Information about the environment your system is configured in. This could include the browser you are using, the PHP version from your server, or the database type your site is using. For optimal results, you can copy this data from your site's System Information view when logged into the administrator section.
  • Additional comments: Any additional information not provided above that would be beneficial to troubleshooting and resolving the issue.

The general format should be something like:

  1. "Here is exactly what I did."
  2. "This is what happened."
  3. "This is what I think should have happened."
  4. "Other information, possible solution, proposed code patch."

The more details, the better. Also, it is important to reproduce the bug using the sample Joomla! website or with easy, clear instructions for how to set it up. Remember that others will not have access to your site's database, so you will need to be able to tell someone how to see the bug with data that is readily available -- the sample site.

Example A[edit]

What I did
Started with sample website. Everything was okay. I enabled nameofplugin. Try to save any article from back end.
What happened
I get a blank screen and article is not saved.
What should have happened
Articles should save correctly.
Other information
These are the plugins enabled at the same time. SEF is on (or Off). My site is in a sub-folder. I also remark that... etc. Files such and such are the issues IMHO (if you know what you are talking about).

Example B[edit]

What I did
Navigate to Back-end. Click on menu_name Menu.
What happened
Page opened is blank.
What should have happened
Menu should have opened correctly.
Other information
Any other menu works OK. etc.

Real-Life Example[edit]

  • What I did
  1. Started with the sample website.
  2. Added an unpublished article from the back end, with Section=FAQ, Category=General.
  3. In the advanced parameters for the article, set Show Title to No and Print, PDF, and Email Icons to Hide.
  4. Save the article and navigate to front end. Login to the front end as admin and navigate to the Example Pages -> Category Blog menu item.
  • What happened: The newly added article shows but there is no edit icon for the front-end user to click on.
  • What should have happened: The edit icon should show, allowing a front end user to edit this article.
  • Other information: This only happens with the rhuk_milkyway template. By changing this code [code proposed] in file [name and hierarchy of file], line(s) #, the issue looks solved on my settings.

Issue a Pull Request Directly on Joomla!'s GitHub Repository[edit]

If you wish to propose a fix by directly providing the code within Joomla! itself, you may do so by issuing a pull request in Joomla!'s code repository on GitHub.com, located at the Joomla CMS at github.com

This process requires some knowledge regarding Source Control Management systems and Git in particular. If you do know what the Git SCM is and how it works, the process is simple:

  • Sign up for a free GitHub.com account
  • Fork the Joomla! repository
  • Switch to the staging branch if you wish to propose a fix for the current Joomla! 3.x release or to another branch if you want to propose a fix for the next Joomla! Version.
  • Add/update the related files in Joomla! in the right branch and the click on the review & compare button to start the pull request issuing process. More info on this is at About Pull Requests

Extra Tips and Tricks[edit]

Well-written bug reports are incredibly helpful. However, there's a certain amount of overhead involved in working with any bug tracking system, so your help in keeping our ticket tracker as useful as possible is appreciated. In particular:

  • Do read the FAQ to see if your issue might be a well-known question.
  • Do search the tracker to see if your issue has already been filed.
  • Do ask on bug reporting forums for Joomla 3.x first if you're not sure if what you're seeing is a bug.
  • Do write complete, reproducible, specific bug reports. Include as much information as you possibly can, complete with code snippets, test cases, etc. A minimal example that illustrates the bug in a nice small test case is the best possible bug report.
  • Don't use the tracker system to ask support questions. Use the Joomla! forums for that.
  • Don't use the trackers to make large-scale feature requests. We like to discuss any big changes to Joomla!'s core on the developers forums before actually working on them.
  • Don't reopen issues that have been marked expected behaviour. This mark means that the decision has been made that we can't or won't fix this particular issue. If you're not sure why, please ask on the developer forums.
  • Don't use the tracker for lengthy discussions, because they're likely to get lost. If a particular tracker item is controversial, please move discussion to developers forums.

Reporting Security Issues[edit]

Report security issues to security [at] joomla [dot] org. This is a private email account only open to long-time, highly trusted Joomla! developers, and its archives are not publicly readable.

In the event of a confirmed vulnerability in Joomla! itself, we will take the following actions::

  • Acknowledge to the reporter that we've received the report and that a fix is forthcoming. We'll give a rough timeline and ask the reporter to keep the issue confidential until we announce it.
  • Halt all other development as long as is needed to develop a fix, including patches against the current and two previous releases.
  • Determine a go-public date for announcing the vulnerability and the fix. To try to mitigate a possible arms race between those applying the patch and those trying to exploit the hole, we will not announce security problems immediately.
  • Publicly announce the vulnerability and the fix on the go-public date. This will probably mean a new release of Joomla! but in some cases it may simply be patches against current releases.