Mantis is a free security web application (bug tracking system) written in PHP. It stores all found bugs in a database.
No software can be bug free. There is a phase in SDLC (Software Development Life Cycle) of Testing. Testing is very important phase of any software. It is important to formally maintain bugs. Normally in most of the companies, Bugs are recorded with a bug tracking system and on release of each version, all old bugs are rechecked.
Mantis, BugZilla, Jira are some of the bug tracking system commonly used by the companies.
Mantis is free and open source under GPL license. It can use MySQL, MS SQL Server and PostgreSQL as a database for storing the bugs. It can be installed on Windows, Linux, Mac OS and OS/2. Last but not least, as it is web based application – it is obvious that it needs web server. It can be either IIS or Apache.
If I write how to install Mantis, this paper will go on and on… and it is not necessary as it is already well written at mantis official site. I don’t see any point in reinventing wheel. Installation in easy steps is -
- Install prerequisites
- Web Server
- Get Latest version of Mantis
- Configure Mantis
- Login to admin application
- Create project and users
- Assign permissions to users
Features of Mantis
Mantis is very rich in the features and that is what makes it popular amongst companies. There are many features, though I am pointing out some of the key features here.
Features for Developer/Testing Professional
- Very simple Interface and easy to use
- Supports RSS feeds
- Ability to send mail to users
- Ability to integrate chatting
- Ability of integration with famous source code repository (SVN & CVS)
- Ability to upload files with bugs (This is very useful as reporter can upload screen shot of the bug)
- Ability to define role based on project. (This is very useful in the case of small companies, where one person have multiple roles in different projects).
Features for Top Management
- Reporting ability for managers and high management
- Ability to export report in CSV, Microsoft Excel and Microsoft Word
Features for Administrator
- Very easy to administration. Creating new project or user is only some clicks.
- Give flexibility of choosing OS, Web Server and Database Server
- Ability to integrate authentication with LDAP and Active directory
- No installation at client end (it is web based so only browser is necessary at client side)
- Easy to customize as per the companies requirement
Comparison with Bugzilla
Though there are many bug tracker available, best of them is Mantis and Bugzilla. Here are the few points why Mantis is better than Bugzilla.
- To implement Bugzilla, administrator must have some prior knowledge of CGI which is not always true for all administrators; Mantis can be implemented without any knowledge of PHP. This means customization in mantis is very easy compare to bugzilla.
- Mantis can generate change log where Bugzilla can not. This is most important feature for management as they want to make sure that what changes are made for each bug. and bugs are not repeated.
- Mantis shows different color of the bug depending on the priority and its status. This helps project manager in looking at the current state of the application. Bugzilla shows white spaces and does not use multiple colors.
Role of Mantis Administrator
As always, role of administrator in Mantis is very important. Though it is not as tough as administrating any operating systems. There is an administrative application comes with Mantis installation. Following are some of the tasks which administrator has to perform
- Create users
- Create projects
- Assign role to users on different projects (Role can be either developer, Reporter, Viewer)
- Developer – All the developer and Project managers falls in this category
- Reporter – Entire test team and test lead falls in this category
- Viewer – Top management falls in this category
- Periodically backup all the bugs
- config_defaults_inc.php or config_inc.php are the two important files of mantis where Mantis stores all the configuration.
How Mantis is used in developing companies
As mentioned earlier, Mantis is web application. This is how normally developing companies uses Mantis.
- Testing professional report the bug and set bug status to new
- Once the project leader reviews the bug and understands it, he adds his comment, decide the time frame and assign it to his developer and change the status to “assigned”. If project leader does not understand bug, he adds his comment and assign back to reporter.
- Once developer solves the bug, he adds his comment and assigns it back to his project leader.
- Once project leader checks the bug, he changes the status to “Fixed” and assign back to reporter.
- Reporter rechecks the bug with latest build and change the bug status to “Close”.
How to test Mantis
After reading this much, you might feel to test it and see whether it fits your requirement or not. Obviously, you don’t want to waste your time in setting it up in your test lab. Don’t worry: you don’t have to waste your time to set it up. You can watch Mantis’s demo online.
This is how your Mantis will look like:
Bug tracking system performs major role in successful development of any software. As it is said – it is always good to get bugs from internal people than outsider. Mantis is very popular because of its robustness, open source and easy to customize.
Some Useful Links
- Mantis Official Site – http://www.mantisbt.org
- Mantis Manual – http://www.mantisbt.org/manual/
- Mantis Demo Application – http://www.futureware.biz/mantisdemo/my_view_page.php
Hemil Shah has more than 5 years working experience in system administration, vulnerability assessment, Web Application assessment and penetration testing exercises along with writing security policies. He currently lives in Camden, North Carolina USA.