MantisBT - Issues

0002075: implement meta-data extraction from video files using libvlc

Wed, 20 May 2026 00:55:03 +0200

libvlc (from the VideoLAN/vlc project) and in particular the libvlc_media.h header of that library, provides a way to extract interesting meta-data from various video formats:

/** Meta data types */
typedef enum libvlc_meta_t {
libvlc_meta_Title,
libvlc_meta_Artist,
libvlc_meta_Genre,
libvlc_meta_Copyright,
libvlc_meta_Album,
libvlc_meta_TrackNumber,
libvlc_meta_Description,
libvlc_meta_Rating,
libvlc_meta_Date,
libvlc_meta_Setting,
libvlc_meta_URL,
libvlc_meta_Language,
libvlc_meta_NowPlaying,
libvlc_meta_Publisher,
libvlc_meta_EncodedBy,
libvlc_meta_ArtworkURL,
libvlc_meta_TrackID,
/* Add new meta types HERE */
} libvlc_meta_t;

We should create an LE plugin that uses libvlc to extract this meta data.

0002078: implement meta data extraction for MPEG-4 (especially itunes atoms)

Tue, 19 May 2026 23:27:30 +0200

Some atoms are listed here:

http://atomicparsley.sourceforge.net/mpeg-4files.html

0002072: PDF plugin needs to be implemented; should handle XMP data in PDF files

Tue, 19 May 2026 22:04:19 +0200

Specifications are here:

http://www.adobe.com/devnet/xmp/pdfs/xmp specification.pdf

http://www.adobe.com/devnet/pdf/pdf reference.html

Naturally, we want as much of the real work to be done by either GNU PDF or some other GPLv3-compatible library.

0002517: applefile plugin should be ported to new API

Tue, 19 May 2026 14:53:16 +0200

a plugin for the old API exists in plugins/old/

0002231: RIFF extractor is simply incorrect

Tue, 19 May 2026 14:45:46 +0200

RIFF extractor does the following checks early on:

  if ((memcmp (&xdata[0],
               "RIFF", 4) != 0) || (memcmp (&xdata[8], "AVI ", 4) != 0))
    return 0;
  if (memcmp (&xdata[12], "LIST", 4) != 0)
    return 0;
  if (memcmp (&xdata[20], "hdrlavih", 8) != 0)
    return 0;

This is wrong. RIFF, like Matroska, consists of separate elements and sub-elements (called "chunks" and "subchunks"). One of the elements is LIST INFO, which contains various generic data (similar to tags), and is globally standardized (meaning that it's the same in all RIFF-based formats, including AVI, WAVE, ANI and others). The order in which chunks appear in a file is usually not standardized, and a robust RIFF parser should handle LIST INFO being both at the beginning and at the end of the file at the least.
Current RIFF extractor not only knows nothing about LIST INFO, but looks only for a LIST hdrl that starts with an avih chunk, discarding all other RIFF-based files.

0008514: ELF plugin fails on big endian architectures

Tue, 19 May 2026 13:39:42 +0200

The revived ELF plugin (0002516) does not seem to work properly on big endian architectures (such as s390x, ppc64, hppa, etc); this can be seen by its test (i.e. "test_elf") that fails:

FAIL: test_elf
==============

Did not get expected meta data of type 1 and format 1 with value `application/x-executable' from plugin `elf'
Did not get expected meta data of type 83 and format 1 with value `i386' from plugin `elf'
Did not get expected meta data of type 92 and format 1 with value `Executable file' from plugin `elf'
Did not get expected meta data of type 94 and format 1 with value `libc.so.6' from plugin `elf'
FAIL test_elf (exit status: 1)

0011410: first purchase on blog experience [QC]

Tue, 19 May 2026 09:41:22 +0200

consider the following scenario, very simple from the first demo experience

1) to to demo.taler.net using your desktop, from the you see you can install the wallet (android or ios, same)
2) install the mobile version & withdraw demo money from the stating button / onboarding
3) go to the shop __ in your desktop __
4) pay the article with your mobile wallet

now you can read the article in your desktop and the wallet shows you the fulfillment url, all fine BUT

After clicking on the fulfillment URL on the recipe you experience the following

1) the wallet shows "you need to pay" for a second time (bad UX since you come from the wallet, the same you used to pay)
2) click the pay link, you go back to the wallet, completes without interaction (good!) BUT you are not redirected to the blog (bad UX, I'm coming from the blog then repurchase was triggered so the wallet should be fast and redirect back)
3) void
4) you still see the the article on desktop for on refresh it ask to pay, weird (bad UX it should poll and change automatically)

Nothing is broken but I think we have a big gap for improvement:

for (1) clicking the fulfillment URL from the wallet should always "steal" the session. Maybe the wallet can include the sessionID of the last purchase or something similar?

for (2) I think is an UI problem (maybe present in all wallets): when the wallet is triggered by a taler:// from external source then the UI should redirect automatically to the fulfillmentURL when done. Not when it was QR or triggering behavior.
I think that the repurchase detection could be faster.

for (3) well, the blog should poll the backend. This is more are details but seeing fast and responsive it work is very nice first experience. Maybe also tell the user that the session lost access to the order if this is intended. I'm not entirely sure that the mutual exclusive access is needed in the example, but if it is it can be better.

0011415: outofstock response makes no sense [2h]

Tue, 19 May 2026 09:36:39 +0200

create product with stock 10
create an order with 1 item, i didnt pay it
create a new order with 10 items

expected: outofstock with available_quantity 9
got available_quantity 10

the response 410 is ok but the content is not right

curl 'https://merchant.taler/private/orders' \
-H 'Authorization: Bearer secret-token:K7CA85NRKN38NKT2DNSGG0SVEQVKP29H4B3D29G81EQY54QTMPW0' \
--data-raw '{"order":{"version":0,"amount":"CHF:10","summary":"sd","products":[],"pay_deadline":{"t_s":1779104124},"refund_deadline":{"t_s":1779104184},"wire_transfer_deadline":{"t_s":1779104244}},"inventory_products":[{"product_id":"we","quantity":10}],"create_token":true}'

{
"product_id": "we",
"requested_quantity": 10,
"unit_requested_quantity": "10",
"available_quantity": 10,
"unit_available_quantity": "10"
}

0008989: Better pagination in merchant SPA

Tue, 19 May 2026 09:24:19 +0200

In the backoffice, there's a small pagination annoyance. In the inventory listing, you always can advance to the next page, but you can only return to the very first page (using the button placed at the top of the list). I suspect that this pagination model is not ideal for large inventories.

0011413: DISABLE_DIRECT_DEPOSIT option should be set to YES by default for regional currency setups

Tue, 19 May 2026 09:23:50 +0200

Otherwise, without KYC, the nivana problem is just too easy to run into for normal users.

0011416: kyc ready but payment denied

Tue, 19 May 2026 09:22:35 +0200

I created a a new server config from .deb
taler-merchant 1.5.16
taler-exchange 1.5.9

kyc enabled, I wont need KYC so my workaround is turn it off and go on but strangely the default config fail with bad logs. Not sane error explaining. Looks like a bug.

After all set, I withdraw some coins to the wallet and I was ready to spend it.
I created a merchant server, configured to the same exchange and created an order (libeufin bank). All good.

When tried to pay the order the wallet when from paying to aborted with no explanation.
Digging into wallet-core logs I found

05-18 21:44:25.482 15522 15547 D taler-wallet-embedded: 2026-05-18T21:44:25.482Z pay-merchant.ts TRACE got resp {"requestMethod":"POST","headers":{"access-control-allow-origin":"*","access-control-expose-headers":"*","cache-control":"no-store","connection":"keep-alive","content-length":"334","content-type":"application/json","date":"Mon, 18 May 2026 21:44:24 GMT","server":"nginx"},"requestUrl":"https://merchant.taler.ar/orders/2026.138-02WASC87BQBDG/pay","status":451}

Strange because the merchant portal doesnt say anything about KYC requirements.

(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Processing order in phase 1
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Assigning order ID `2026.138-02WASC87BQBDG' server-side
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Pay deadline is Tue May 19 21:44:06 2026
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Processing order in phase 2
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Processing order in phase 3
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Found 0 unique money pots in order
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Processing order in phase 4
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Processing order in phase 5
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Trying to find exchanges
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Trying to find chosen exchange `https://exchange.taler.ar/'
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO The exchange `https://exchange.taler.ar/' is ready
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Still trying to (re)load https://exchange.taler.ar/keys
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Returning key data for https://exchange.taler.ar/ instantly
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Processing find operations for `https://exchange.taler.ar/'
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Got response for https://exchange.taler.ar/keys
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO get_kyc_limits for payto://x-taler-bank/bank.taler.ar/sebasjm?receiver-name=sebasjm at https://exchange.taler.ar/ returned KYC OK/custom limits
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Exchange https://exchange.taler.ar/ evaluated at 16 with max SOCIAL:2
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Exchange https://exchange.taler.ar/ deposit limit is SOCIAL:2, adding it!
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Updated STEFAN-based fee to SOCIAL:0
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Resuming order processing after /keys downloads
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Processing order in phase 5
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Trying to find exchanges
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Processing order in phase 6
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Processing order in phase 7
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Processing order in phase 8
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Processing order in phase 9
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Processing order in phase 10
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Contract hash is H7SC8FJ1
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Processing order in phase 11
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Starting merchant DB transaction `insert_order'
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Notifying clients of new order 6 at M3519Z54
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Committing merchant DB transaction insert_order
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Order creation succeeded
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Processing order in phase 12
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Finished processing order (1)
(A1AKDMJF95Y8W4DM2EM1YMV9M4) INFO Request for `/private/orders' completed with HTTP status 200 (0)
(95A8MYRBPTFZYJ034NXAHWBKVC) INFO Handling request (GET) for URL '/private/orders/2026.138-02WASC87BQBDG'
(95A8MYRBPTFZYJ034NXAHWBKVC) INFO Processing order 2026.138-02WASC87BQBDG in phase 0
(95A8MYRBPTFZYJ034NXAHWBKVC) INFO Processing order 2026.138-02WASC87BQBDG in phase 1
(95A8MYRBPTFZYJ034NXAHWBKVC) INFO lookup_contract_terms (2026.138-02WASC87BQBDG) returned 0
(95A8MYRBPTFZYJ034NXAHWBKVC) INFO Processing order 2026.138-02WASC87BQBDG in phase 2
(95A8MYRBPTFZYJ034NXAHWBKVC) INFO Processing order 2026.138-02WASC87BQBDG in phase 3
(95A8MYRBPTFZYJ034NXAHWBKVC) INFO Order 2026.138-02WASC87BQBDG unclaimed, no need to lookup payment status
(95A8MYRBPTFZYJ034NXAHWBKVC) INFO Processing order 2026.138-02WASC87BQBDG in phase 4
(95A8MYRBPTFZYJ034NXAHWBKVC) INFO Processing order 2026.138-02WASC87BQBDG in phase 5
(95A8MYRBPTFZYJ034NXAHWBKVC) INFO Processing order 2026.138-02WASC87BQBDG in phase 12
(95A8MYRBPTFZYJ034NXAHWBKVC) INFO Request for `/private/orders/2026.138-02WASC87BQBDG' completed with HTTP status 200 (0)

From the exchange logs I see

S0KZ86FHS51MCJ8SCQ20) INFO Request for `/kyc-check/DTEVKGPDQ418T9QCYRECK1T7AMGWKWN6J5FCRQGPFD2YPP9XY110' completed with HTTP status 200 (0)
T4SZ5M1D2A99H3XXS4EW) INFO Request for `/kyc-check/DTEVKGPDQ418T9QCYRECK1T7AMGWKWN6J5FCRQGPFD2YPP9XY110' completed with HTTP status 0 (5)
MYQ1G6NJ9VEZ55MYRTPC) INFO Request for `/kyc-check/DTEVKGPDQ418T9QCYRECK1T7AMGWKWN6J5FCRQGPFD2YPP9XY110' completed with HTTP status 200 (0)
1P98Z4XH8KF8BAE1CWT0) INFO Request for `/kyc-check/DTEVKGPDQ418T9QCYRECK1T7AMGWKWN6J5FCRQGPFD2YPP9XY110' completed with HTTP status 0 (5)
25MB91Y4AW53DXWKYBVC) INFO Request for `/kyc-check/DTEVKGPDQ418T9QCYRECK1T7AMGWKWN6J5FCRQGPFD2YPP9XY110' completed with HTTP status 200 (0)
T20D8FPZZTMTHDT2RER8) INFO Request for `/kyc-check/DTEVKGPDQ418T9QCYRECK1T7AMGWKWN6J5FCRQGPFD2YPP9XY110' completed with HTTP status 200 (0)
R4P0GCX1ZTXRGF1J8F9R) INFO Request for `/kyc-check/DTEVKGPDQ418T9QCYRECK1T7AMGWKWN6J5FCRQGPFD2YPP9XY110' completed with HTTP status 200 (0)

0011376: Website: Smartphone screenshots from Android / iOS wallet app needed for taler-ops.ch

Mon, 18 May 2026 15:58:06 +0200

This ticket just reminds on what we dicussed upon in our chats. The taler-ops.ch landing page needs to be fitted with screenshots of both Taler wallet apps. Please be so kind and collect the Switzerland-geared screens for normal users for which Oliver and me generate(d) the according instructions.

0009954: The order which has status claimed can't be deleted using Backoffice

Mon, 18 May 2026 14:01:24 +0200

0011407: when using limited stock, PoS does not handle product locking well

Sun, 17 May 2026 23:20:34 +0200

Basically, users ran out of stock because the remaining stock was locked. What we need:

1) proper locking: when product is selected and cannot be locked, grey out the button and do not add it to the list
2) proper unlocking: when products are removed from the order, unlock them
3) when orders are unpaid and removed from the PoS rotation, force-delete them instead of keeping the logs

0011409: screenshots of point-of-sale app in F-droid store are ancient

Sun, 17 May 2026 22:50:22 +0200

We really should update them to show the current app.

0011406: product order in POS app keeps changing

Sun, 17 May 2026 22:48:41 +0200

The order in which products are listed in the POS app keeps changing. The order should probably be made constant, and ideally the user should be able to arrange them on the screen and the POS should persist the preferred order locally (as it is device-specific, given screen size differences -- plus backend doesn't offer storing the order).

0011092: setup BFH instances (!) on my.taler-ops.ch

Sun, 17 May 2026 22:41:58 +0200

We need one for mensa and for cafeteria, *without* 2-FA --- and make sure the KYC-auth works.
Hernani already has the bank account details.

0011404: cannot delete unpaid order in SPA

Sun, 17 May 2026 22:31:28 +0200

We had a reason (product locked) to (force) delete an unpaid order in the SPA, but there is no delete button.

0011405: cannot delete locked products

Sun, 17 May 2026 22:23:31 +0200

While a product is locked (used in an order), it cannot be deleted in the SPA.
(1) the error message shown is just about a generic 'conflict', while the backend gives a better EC-based hint. Returning an error message that the product is locked / part of an unpaid order would be helpful.
(2) if the backend gets the 409, it should offer the user the option to force delete (?force=yes) the product anyway.

0011412: Android offers wire transfer via QR code even if deposits via QR code are not supported

Sun, 17 May 2026 22:22:10 +0200

When the button is selected, the user gets an empty dialog.

0011411: p2p receive for 1st time, reject ToS -> flow broken

Sat, 16 May 2026 13:20:35 +0200

If you p2p receive with an exchange where you did not accept the ToS and then do NOT accept the ToS but go *back*, the wallet is in a confused state and suggests you can now accept the payment, but that then fails with Tos not accepted.

0011408: get rid of linaria dependency in taler-typescript-core.git

Fri, 15 May 2026 19:21:24 +0200

Linaria is quite complex and has a large dependency tree (including babel).

We should get rid of it in favor of CSS modules, which allow a reasonably easy transition from linaria and are already natively supported by the bundler we use (esbuild).

0011403: investigate crash on Android / 32-bit arm

Fri, 15 May 2026 15:09:02 +0200

See logs.

0011387: There is no wording how to start nfc in the Android version of the Taler Wallet

Fri, 15 May 2026 11:35:09 +0200

Compared with the iOS version there is a little text saying you have to touch the QR code to use NFC. Next time you want so send Kudos, you have the choice to use NFC or the QR code. In the Android version there is none of it. As I experienced you have to touch two times on the QR code to start NFC, but it's happens more or less by accident.

0010038: Sending money NFC option hidden from user

Fri, 15 May 2026 11:34:25 +0200

As a user I was surprised that holding the phones close together is an option when "Sending money" (Android).
The screen tells me to scan a QR code or alternatively use a URI.
But, NFC would personally be my first choice, followed by the QR as an alterantive, the URI is pretty much only a hard fallback for technically versed users IMO.