Tuleap 12.x

Tuleap 12.12

End of support of PHP 7.4

Tuleap now comes with PHP 8.0.

PHP FPM configuration will be deployed automatically by tuleap-cfg site-deploy.

If you have made some tweaks to the configuration file /etc/opt/remi/php74/php-fpm.d/tuleap.conf you will also needs to adapt them for the new configuration at /etc/opt/remi/php80/php-fpm.d/tuleap.conf.

Tuleap 12.11


Change in update procedure, read carefully the ForgeUpgrade section below.

Removal of project creation using deprecated SOAP API

The ability to create a project using the SOAP API has been removed. You have to use the REST API instead.

ForgeUpgrade part of site-deploy

ForgeUpgrade, the tool for database migrations management used by Tuleap is now part of Tuleap itself. The app /usr/lib/forgeupgrade/bin/forgeupgrade is still shipped under the control of Tuleap for backward compatibility but should no longer be used.

The database migrations are now managed with the central tool tuleap-cfg site-deploy. Running both tools will not hurt your platform (they do the same thing and are idempotent). But at some point in the future we are going to remove forgeupgrade tool. So update your scripts/procedures and ensure they match the official upgrade guide.

Tuleap 12.10

Nothing to mention.

Tuleap 12.9

End of support of PHP 7.3

Tuleap now comes with PHP 7.4.

PHP FPM configuration will be deployed automatically by tuleap-cfg site-deploy.

If you have made some tweaks to the configuration file /etc/opt/remi/php73/php-fpm.d/tuleap.conf you will also needs to adapt them for the new configuration at /etc/opt/remi/php74/php-fpm.d/tuleap.conf.

Tuleap 12.8

The rules regarding browser compatibility have been upgraded. Please take the time to review and check with the IT responsible for the browsers deployments.

Site Deploy is all you need

The command /usr/share/tuleap/tools/utils/php73/run.php that was part of the upgrade process is no longer needed and was removed. tuleap-cfg site-deploy now covers all the configuration after a platform update.

You might need to adjust update scripts if you have any to remove usage of /usr/share/tuleap/tools/utils/php73/run.php.

Tuleap 12.7


Tuleap 12.7 is not compatible with old, vulnerable browsers.

People won’t be able to browse Tuleap with Firefox below version 85 (except 78 ESR), Chrome or Edge below version 88.

Explanation: the build system to generate the javascript was entirely upgraded after the end of IE11/Edge Legacy support. The generated javascript code is using features that are only available in recent version of browsers for better performances and asset size.

This change will be smoothed in 12.8 for backward compatibility reasons.

Permissions Overrider removal

As previously announced, this feature has been removed. If you had deployed a /etc/tuleap/local_glue/PermissionsOverrider.php file, it can be removed as it is no more used.

Subversion max file size

A new parameter can be configured at site level to limit the max file size in svn plugin repositories. By default no limit is set for existing platforms.

Mediawiki MLEB extensions desactivated

In order to prepare the upgrade to Mediawiki 1.35, some extensions are phased out. This is the case of the “MLEB” group. Most if not all platform should see no difference has this was never documented so it’s unlikely anyone is still using it.

A feature flag allow to reactivate it, please reach out the dev team if you need it so we can see how to move forward on that.

Tuleap 12.6

User lab mode has been removed

The user lab mode was only used to enable the “Scrum v2”/”scrum mono-milestone” feature. This feature can now be made visible on the whole platform by executing on the instance:

tuleap config-set feature_flag_allow_scrum_mono_milestone_usage 1

Tuleap 12.5

Setting sys_async_emails is no more used

Tracker notifications are now always sent asynchronously as soon as Tuleap detects backend workers. You can safely remove this setting from your /etc/tuleap/conf/local.inc file.

Tuleap 12.4

End of support of Internet Explorer

Tuleap does not support Internet Explorer anymore. Users of Internet Explorer must migrate to a supported modern alternative.


Regardless of the configuration you’ve done on webdav plugin (dedicated host & path), as soon as webdav plugin is active the webdav service will be accessible on the /plugins/webdav path on the $sys_https_host configured in local.inc. That is to say, if you access Tuleap with https://tuleap.example.com, then webdav will be accessible on https://tuleap.example.com/plugins/webdav.

The access via a dedicated host (like https://webdav.tuleap.example.com/) that was once necessary for windows 7 and before support, is deprecated and should no longer be used. It still works but might be removed as it simplifies the nginx & DNS configurations so less trouble for administrators.

Permissions Overrider deprecated

If you previously deployed a /etc/tuleap/local_glue/PermissionsOverrider.php this feature is now deprecated and will be removed end of March 2021. There is no replacement for the feature as it brings more security risk and maintenance burden than functional advantage.

Tuleap 12.3

End of support of CentOS/RHEL 6

CentOS/RHEL 6 is no more supported (security fix included). Tuleap packages for this version are not available anymore. Instances must be migrated to CentOS/RHEL 7.

server_tokens nginx setting is now set by default

Tuleap now sets the setting server_tokens to off by default. If you have customized your nginx configuration to explicitly set server_tokens, you will need to remove this customization.

Tuleap 12.2

MOTD becomes Platform banner

When you had to display a message to all users, you were used to edit file /etc/tuleap/site-content/en_US/others/motd.txt. Now you have to use the Web interface instead (former files are not taken into account anymore, you can delete them). This will bring a more integrated experience than the old way. See story #14670 for more details.

Subversion Core active deprecation

The migration from Subversion Core (legacy Subversion service) to SVN plugin intensify with banner display to encourage the switch to plugin. Subversion administrator can initiate the migration on there own with the web UI. System administrator still have access to the CLI tool /usr/share/tuleap/src/utils/php-launcher.sh /usr/share/tuleap/plugins/svn/bin/migrate_to_plugin.php

The migration is done “In Place” that is to say that data won’t be touched and URLs remains the same. Settings are migrated (iso-functional) but the new hooks are deployed. Theoretically nothing should change for end user (except email format).

The documentation of Subversion Core has been removed. The Subversion Core features that have no equivalent in plugin are disabled (SVN Widgets, SVN Query & My SVN Commits). Data remains, in case of big trouble there is a (temporary) way back (contact the dev team).

In case of trouble the migration can be reverted with administrative actions:

First, on database side:

DELETE FROM plugin_svn_repositories WHERE project_id = PROJECT_ID and is_core = 1;

Then, in the repository on file system (/var/lib/tuleap/svnroot/PROJECT_NAME/hooks) as root:

/bin/rm -f post-commit post-revprop-change pre-commit pre-revprop-change
tuleap queue-system-check
tuleap process-system-events default

If you have to revert, please contact the dev team to explain the issue

Tuleap 12.1

Nothing to mention.

Tuleap 12.0

LDAP and Active directory configuration

We have added a new optional configuration variable in /etc/tuleap/plugins/ldap/etc/ldap.inc:

$sys_ldap_server_common_name: This value is used in Tuleap screens to refer to the server like Enter your $sys_ldap_server_common_name credentials. It defines how people refer to the Active Directory server, most of the time it’s “Active Directory” but it can be “LDAP” or “Enterprise Directory”. When it is not defined, its default value will be “LDAP”.

CVS modifications

We made a lot of changes for CVS in the packaging and in the backend of this service. If you are still using it, after upgrading to 12.0, you have to run the following commands:

find /cvsroot/*/CVSROOT -name "loginfo" -exec sed -i "s#ALL /usr/lib/tuleap/bin/log_accum#ALL sudo -u codendiadm -E /usr/lib/tuleap/bin/log_accum#" {} \;
find /cvsroot/*/CVSROOT -name "loginfo" -exec sed -r -i "s#ALL \(/usr/lib/tuleap/bin/log_accum (.*)\)#ALL sudo -u codendiadm -E /usr/lib/tuleap/bin/log_accum \1#" {} \;
tuleap queue-system-check

The queue system check command will recreate the CVS locks. These CVS repositories will be usable once the system check is done.

OpenID Connect


Existing accounts that already connected to an OpenID Connect provider will no longer be allowed to authenticate with their local Tuleap credentials.

This impacts users for:

  • Web login (they should use OpenID Connect instead)

  • REST API access (they should use Access Keys.)

  • Git over https access (they should use Access Keys.)

  • Subversion access (they should use Access Keys.)

Access to SOAP API is no longer possible for users that switch to OpenID Connect.