forked from dogtagpki/pki-wiki
-
Notifications
You must be signed in to change notification settings - Fork 0
/
HISTORY
11888 lines (11070 loc) · 642 KB
/
HISTORY
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
Change notes from older releases. For current info see RELEASE-NOTES-1.23.
== MediaWiki 1.22 ==
== MediaWiki 1.22.13 ==
This is a maintenance release of the MediaWiki 1.22 branch.
=== Changes since 1.22.12 ===
* (bug 67440) Allow classes to be registered properly from installer
== MediaWiki 1.22.12 ==
This is a security release of the MediaWiki 1.22 branch.
=== Changes since 1.22.11 ===
* (bug 70672) SECURITY: OutputPage: Remove separation of css and js module allowance.
== MediaWiki 1.22.11 ==
This is a security release of the MediaWiki 1.22 branch.
=== Changes since 1.22.10 ===
* (bug 69008) SECURITY: Enhance CSS filtering in SVG files. Filter <style> elements; normalize style elements and attributes before filtering; add checks for attributes that contain css; add unit tests for html5sec and reported bugs.
== MediaWiki 1.22.10 ==
This is a maintenance release of the MediaWiki 1.22 branch.
=== Changes since 1.22.9 ===
* (bug 64970) Fix support for blobs on DatabaseOracle::update
* (bug 60719) In MediaWiki 1.22, the job queue execution on each page request was changed (Gerrit change 59797) so, instead of executing the job inside the same PHP process that's rendering the page, a new PHP cli command is spawned to execute runJobs.php in the background. It will only work if $wgPhpCli is set to an actual path or safe mode is off, otherwise, the old method will be used. https://www.mediawiki.org/wiki/Manual:Job_queue#Changes_introduced_in_MediaWiki_1.22 for more infomation. This change was in earlier releases of 1.22 but was not noted here until now.
== MediaWiki 1.22.9 ==
This is a security and maintenance release of the MediaWiki 1.22 branch.
=== Changes since 1.22.8 ===
* (bug 68187) SECURITY: Prepend jsonp callback with comment.
* (bug 66608) SECURITY: Fix for XSS issue in bug 66608: Generate the URL used for loading a new page in Javascript,instead of relying on the URL in the link that has been clicked.
* (bug 65778) SECURITY: Copy prevent-clickjacking between OutputPage and ParserOutput.
* (bug 59147) The img_metadata field was not being decoded from bytea into text.
== MediaWiki 1.22.8 ==
This is a security and maintenance release of the MediaWiki 1.22 branch.
=== Changes since 1.22.7 ===
* (bug 65839) SECURITY: Prevent external resources in SVG files.
* (bug 66428) MimeMagic: Don't seek before BOF. This has weird side effects like only extracting the tail of the file partially or not at all.
== MediaWiki 1.22.7 ==
This is a security and maintenance release of the MediaWiki 1.22 branch.
=== Changes since 1.22.6 ===
* (bug 65501) SECURITY: Don't parse usernames as wikitext on Special:PasswordReset.
* (bug 36356) Add space between two feed links.
* (bug 63269) Email notifications were not correctly handling the MediaWiki:Helppage message being set to a full URL. This is a regression from the 1.22.5 point release, which made the default value for it a URL. If you customized MediaWiki:Enotif body (the text of email notifications), you'll need to edit it locally to include the URL via the new variable $HELPPAGE instead of the parser functions fullurl and canonicalurl; otherwise you don't have to do anything.
Add missing uploadstash.us_props for PostgreSQL.
* (bug 56047) Fixed stream wrapper in PhpHttpRequest.
== MediaWiki 1.22.6 ==
This is a security release of the MediaWiki 1.22 branch.
=== Changes since 1.22.5 ===
* (bug 63251) SECURITY: Escape sortKey in pageInfo.
== MediaWiki 1.22.5 ==
This is a security and maintenance release of the MediaWiki 1.22 branch.
=== Changes since 1.22.4 ===
* (bug 62497) SECURITY: Add CSRF token on Special:ChangePassword.
* (bug 62467) Set a title for the context during import on the cli.
* Fix custom local MediaWiki:Helppage values.
* mediawiki.js: Fix documentation breakage.
* (bug 58153) Make MySQLi work with non standard port.
* (bug 53887) Reintroduced a link to help pages in the default sidebar, that any sysop can customize by editing MediaWiki:Sidebar locally. The link now points to a mediawiki.org page which is guaranteed to exist. Nothing needs to be done on your end, but remember to adjust MediaWiki:Sidebar for the needs of your wikis. Everyone can help with the shared documentation by translating: https://www.mediawiki.org/wiki/Special:Translate/agg-Help_pages .
* (bug 53888) Corrected a regression in 1.22 which introduced red links on the login page. If you previously installed 1.22.x and have created a local page to make the red link blue, write its title as in MediaWiki:helplogin-url if you didn't already. Otherwise, you don't need to do anything, but you can translate the help page at https://www.mediawiki.org/wiki/Help:Logging_in .
== MediaWiki 1.22.4 ==
This is a maintenance release of the MediaWiki 1.22 branch.
=== Changes since 1.22.3 ===
* Use the correct branch of the extensions' git repositories.
== MediaWiki 1.22.3 ==
This is a security and bugfix release of the MediaWiki 1.22 branch.
=== Changes since 1.22.2 ===
* (bug 60771) SECURITY: Disallow uploading SVG files using non-whitelisted namespaces. Also disallow iframe elements. * User will get an error including the namespace name if they use a non- whitelisted namespace.
* (bug 61346) SECURITY: Make token comparison use constant time. It seems like our token comparison would be vulnerable to timing attacks. This will take constant time.
* (bug 61362) SECURITY: API: Don't find links in the middle of api.php links.
* (bug 53710) Add sequence support for upsert in DatabaseOracle in the same way as in selectInsert
* (bug 60231, bug 58719) Various fixes to job running code in Wiki.php: Make it async on Windows. Fixed possible "invalid filename" errors on Windows. Redirect output to dev/null to avoid hanging PHP.
* (bug 60083) Correct sequence name for fresh Postgres installation. Spotted by gebhkla
* (bug 60531) Avoid variable naming conflicts in DatabasePostgres::selectSQLText. Spotted by gebhkla
* (bug 60094) Fix rebuildall.php fatal error with PostgreSQL.
* (bug 43817) Add error handling if descriptionmsg isn't defined for extension.
* (bug 60543) Special:PrefixIndex omits stripprefix=1 for "Next page" link.
== MediaWiki 1.22.2 ==
This is a security and bugfix release of the MediaWiki 1.22 branch.
=== Changes since 1.22.1 ===
* (bug 60339) SECURITY: Sanitize shell arguments to DjVu files, and other media formats
* (bug 58253) Check for very old PCRE versions in installer and updater
* (bug 60054) Make WikiPage::$mPreparedEdit public
== MediaWiki 1.22.1 ==
This is a security and maintenance release of the MediaWiki 1.22 branch.
=== Changes since 1.22.0 ===
* (bug 57550) SECURITY: Disallow stylesheets in SVG Uploads
* (bug 58088) SECURITY: Don't normalize U+FF3C to \ in CSS Checks
* (bug 58472) SECURITY: Disallow -o-link in styles
* (bug 58553) SECURITY: Return error on invalid XML for SVG Uploads
* (bug 58699) SECURITY: Fix RevDel log entry information leaks
* (bug 58178) Restore compatibility with curl < 7.16.2.
* (bug 56931) Updated the plural rules to CLDR 24. They are in new format which is detailed in UTS 35 Rev 33. The PHP parser and evaluator as well as the JavaScript evaluator were updated to support the new format. Plural rules for some languages have changed, most notably Russian. Affected software messages have been updated and marked for review at translatewiki.net. This change is backported from the development branch of MediaWiki 1.23.
* (bug 58434) The broken installer for database backend Oracle was fixed.
* (bug 58167) The web installer no longer throws an exception when PHP is compiled without support for MySQL yet with support for another DBMS.
* (bug 58640) Fixed a compatibility issue with PCRE 8.34 that caused pages to appear blank or with missing text.
* (bug 47055) Changed FOR UPDATE handling in Postgresql
* (bug 57026) Avoid extra parsing in prepareContentForEdit()
=== Configuration changes in 1.22 ===
* $wgRedirectScript was removed. It was unused.
* Removed $wgLocalMessageCacheSerialized, it is now always true.
* $wgVectorUseIconWatch is now enabled by default.
* $wgCascadingRestrictionLevels was added.
* ftps, ssh, sftp, xmpp, sip, sips, tel, sms, bitcoin, magnet, urn, and geo
have been whitelisted inside of $wgUrlProtocols.
* $wgDocType and $wgDTD have been removed and are no longer used for the DOCTYPE.
* $wgHtml5 is no longer used by core. Setting it to false will no longer disable HTML5.
It is still set to true for extension compatibility but doing so in extensions is deprecated.
* $wgXhtmlDefaultNamespace is no longer used by core. Setting it will no longer change the
xmlns used by MediaWiki. Reliance on this variable by extensions is deprecated.
* $wgHandheldStyle was removed.
* $wgHandheldForIPhone was removed.
* $wgJsMimeType is no longer used by core. Most usage has been removed since
HTML output is now exclusively HTML5.
* $wgDBOracleDRCP added. True enables persistent connection with DRCP on Oracle.
* $wgLogAutopatrol added to allow disabling logging of autopatrol edits in the logging table.
default for $wgLogAutopatrol is true.
* The 'edit' right no longer allows for editing a user's own CSS and JS.
* New rights 'editmyusercss', 'editmyuserjs', 'viewmywatchlist',
'editmywatchlist', 'viewmyprivateinfo', 'editmyprivateinfo', and
'editmyoptions' restrict actions that were formerly allowed by default. They
have been added to the default for $wgGroupPermissions['*'].
* The 'editprotected' right no longer allows bypassing of all page protection
restrictions. Any group using it for this purpose will now need to have all
the individual rights listed in $wgRestrictionTypes for the same effect.
* The 'protect' and 'autoconfirmed' rights are no longer used for the default
page protection levels. The rights 'editprotected' and 'editsemiprotected'
are now used for this purpose instead.
* (bug 40866) wgOldChangeTagsIndex removed.
* $wgNoFollowDomainExceptions now only matches entire domains. For example,
an entry for 'bar.com' will still match 'foo.bar.com' but not 'foobar.com'.
* $wgCopyUploadTimeout and $wgCopyUploadAsyncTimeout added to change the timeout times for
fetching the file during upload by url.
* New key added to $wgGalleryOptions - $wgGalleryOptions['mode'] to set
default gallery mode.
* New hook 'GalleryGetModes' to allow extensions to make new gallery modes.
* The checkbox for staying in HTTPS displayed on the login form when $wgSecureLogin is
enabled has been removed. Instead, whether the user stays in HTTPS will be determined
based on the user's preferences, and whether they came from HTTPS or not.
* $wgRC2UDPAddress, $wgRC2UDPInterwikiPrefix, $wgRC2UDPOmitBots, $wgRC2UDPPort,
and $wgRC2UDPPrefix configuration options have been deprecated in favor of a
$wgRCFeeds configuration array. $wgRCFeeds makes both the format and
destination of recent change notifications customizable, and allows for
multiple destinations to be specified.
* (bug 53862) portal-url, currentevents-url and helppage have been removed from the
default Sidebar.
* The 'vector-simplesearch' preference is now enabled by default. Previously
it was only enabled if the Vector extension was installed.
* The precise format of metric datagrams produced by the UDP profiler and stats counter
may now be specified as $wgUDPProfilerFormatString and $wgStatsFormatString,
respectively.
* (bug 54597) $wgBlockOpenProxies, $wgProxyPorts, $wgProxyScriptPath, and
$wgProxyMemcExpiry have been removed, along with the open proxy scanner
script they were added for.
* Default value of $wgMaxShellMemory has been tripled (it's now 300 MB).
=== New features in 1.22 ===
* You can now install extensions using Composer.
See https://www.mediawiki.org/wiki/Composer
* (bug 44525) mediawiki.jqueryMsg can now parse (whitelisted) HTML elements and attributes.
* (bug 33454) Language::sprintfDate now has a timezone parameter, and supports
the "eIOPTZ" formatting characters.
* EditWarning: A warning is shown when an editor leaves the edit form without
saving (enabled by default, users can opt-out via the 'useeditwarning'
preference). This feature was moved from the Vector extension, and is now part
of core for all skins. Take care when upgrading that you don't use an older
version of the Vector extension as this feature may conflict.
* New 'mediawiki.ui' CSS module providing mw-ui-* styles for buttons and a
compact vertical form layout.
* HTMLForm supports a new display format 'vform' which applies this compact vertical
layout and button styling. Special:PasswordReset uses this format.
* New versions of login (Special:UserLogin) and create account
(Special:UserLogin/signup) forms using the "vform" compact vertical form layout.
These forms use new messages that assume a "Help logging in" link, see
https://www.mediawiki.org/wiki/Manual:Page_customizations;
https://www.mediawiki.org/wiki/Account_creation_user_experience/Strings lists the
message key changes.
* (bug 23343) Implemented ability to apply IP blocks to the contents of X-Forwarded-For headers
by adding a new configuration variable $wgApplyIpBlocksToXff (disabled by default).
* The new hook 'APIGetPossibleErrors' to modify the list of possible errors was
added.
* (bug 25592) LogEventsList::showLogExtract() will now ignore various
Pager-related WebRequest parameters by default, as this is overwhelmingly
likely to be what was intended by users of the method. If any caller wishes
to use these parameters, the new param 'useRequestParams' may be set to true.
* mw.util.addPortletLink: Tooltip is no longer required to be plain (without
an accesskey in it already). As such it now rountrips. Creating a link with a
message as tooltip, grabbing the title attribute and using it to create
another portlet will work as expected.
* (bug 6747) {{ROOTPAGENAME}} introduced, contains the name of the topmost
page without namespace.
* BREAKING CHANGE: (bug 41729) Display editsection links next to headings. Also
change their class name from .editsection to .mw-editsection and place them at
the end of the heading element instead of the beginning. Client-side code and
screen-scrapers will have to be adjusted to handle both cases (old HTML will
still be visible on cached page renders until they are purged); extensions
using the DoEditSectionLink or EditSectionLink hooks might need adjustments as
well.
* (bug 45535) introduced the new 'LanguageLinks' hook for manipulating the
language links associated with a page before display.
* Chosen (http://harvesthq.github.io/chosen/) was added as module 'jquery.chosen'
* HTMLForm will turn multiselect checkboxes into a Chosen interface when setting cssclass 'mw-chosen'
* rebuildLocalisationCache learned --lang option. Let you rebuild l10n caches
of the specified languages instead of all of them.
* New GetNewMessagesAlert hook allowing extensions to disable or modify the new
messages alert
* New wgUserNewMsgRevisionId JS global for logged in users. This will be null
if the user has no new talk page messages. Otherwise it will be set to the
revision ID of the oldest new talk page message. This will allow gadgets and
extensions to create their own new message alerts on the client side.
* mediawiki.log: Added log.warn wrapper (uses console.warn and console.trace).
* mediawiki.log: Implemented log.deprecate. This method defines a property and
uses ES5 getter/setter to emit a warning when they are used.
* $wgCascadingRestrictionLevels was added, allowing one to specify restriction levels
which can be cascading (previously 'sysop' was hard-coded as the only one).
* XHTML5 support has been improved. If you set $wgMimeType = 'application/xhtml+xml'
MediaWiki will try outputting markup acording to XHTML5 rules.
* Altered hook 'ProtectionForm::save', adding the reason page protection is
changed as third parameter.
* New hook 'TitleSquidURLs' for manipulating the list of URLs to be purged from
HTTP caches when a page is changed.
* Changed the patrolling system to always show the link for patrolling in case the
current revision is patrollable. This also removed the usage of the rcid URI parameters.
* Oracle DB backend now supports Database Resident Connection Pooling (DRCP).
Can be enabled by setting $wgDBOracleDRCP=true.
Requires Oracle DB 11gR1 or above, enabled DRCP inside the DB itself and a
propper connect string.
More about DRCP can be found at:
http://www.oracle-base.com/articles/11g/database-resident-connection-pool-11gr1.php
* Add a new parameter $patrolFooterShown to hook ArticleViewFooter so the hook
handlers can take further action based on the status of the patrol footer
* A new hook TitleQuickPermissions was added to allow overriding of quick
permissions in the Title class.
* LinkCache singleton can now be altered or cleared, letting one to specify
another instance that does not rely on a database backend.
* MediaWiki's PHPUnit tests can now use PHPUnit installed using composer --dev.
* (bug 43689) The lists of templates used on the page and hidden categories it
is a member of, shown below the edit form, are now collapsible (and collapsed
by default).
* Parser profiling data, formerly only available in the "NewPP limit report"
HTML comment, is now also displayed at the bottom of page previews.
* Added ParserLimitReportPrepare and ParserLimitReportFormat hooks, deprecated
ParserLimitReport hook.
* New user rights have been added to increase granularity in rights management
for extensions such as OAuth:
** editmyusercss controls whether a user may edit their own CSS subpages.
** editmyuserjs controls whether a user may edit their own JS subpages.
** viewmywatchlist controls whether a user may view their watchlist.
** editmywatchlist controls whether a user may edit their watchlist.
** viewmyprivateinfo controls whether a user may access their private
information (e.g. registered email address, real name).
** editmyprivateinfo controls whether a user may change their private
information.
** editmyoptions controls whether a user may change their preferences.
* Add new hook AbortTalkPageEmailNotification, this will be used to determine
whether to send the regular talk page email notification
* Action classes registered in $wgActions are now also supported in the form of
a callback (which returns an instance of Action) instead of providing the name
of a subclass of Action.
* (bug 46513) Vector: Add the collapsibleTabs script from the Vector extension.
* Added $wgRecentChangesFlags for defining new flags for RecentChanges and
watchlists.
* (bug 40518) mw.toolbar: Implemented mw.toolbar.addButtons for adding multiple
button objects in one call.
* Rights used for the default protection levels ('sysop' and 'autoconfirmed')
are now used just for that purpose, instead of overloading other rights. This
allows easy granting of the ability to edit sysop-protected pages without
also granting the ability to protect and unprotect.
* (bug 48256) Make brackets in section edit links accessible to CSS.
They are now wrapped in <span class="mw-editsection-bracket" />.
* (bug 8480) Allow handler specific parameters in galleries (like page number)
* jquery.client: Add detection for Opera 15 and Internet Explorer 11.
* Change tags (used by the AbuseFilter extension) are now shown on diff pages.
* Change tag lists (shown on recent changes, watchlist, user contributions,
history pages, diff pages) now include a link to Special:Tags to distinguish
them from edit summaries.
* Added a new method and hook, User::isEveryoneAllowed() and
UserIsEveryoneAllowed, for use in situations where a "does everyone have this
right?" check is used to avoid more expensive checks.
* (bug 14431) Display "(No difference)" instead of an empty diff (when comparing
revisions in the history or when previewing changes while editing).
* New hook 'IsUploadAllowedFromUrl' is added which can be used to intercept uploads by
URL, useful for blacklisting specific URLs
* (bug 21912) Watchlist token implementation has been refactored and
Special:ResetTokens was added to allow users to reset their tokens
instead of presenting them in Preferences.
* Special:PrefixIndex now lets you strip the searched prefix from the displayed
titles. Given a list of articles named Bug1, Bug2, you can now transclude the
list of bug numbers using: {{Special:PrefixIndex/Bug|stripprefix=1}}.
The special page form received a new checkbox matching that option.
* (bug 23580) Implement javascript callback interface "mw.hook".
* (bug 30713) New mw.hook "wikipage.content".
* (bug 40430) jquery.placeholder gets a new parameter to set the attribute value
to be used.
* $wgHTCPMulticastRouting renamed $wgHTCPRouting since it accepts unicast.
* $wgHTCPRouting rules can now be passed an array of hosts/ports to send purge
too. Can be used whenever several multicast group could be interested by a
specific purge.
* (bug 25931) Add Special:RandomInCategory.
* mediawiki.util: addPortletLink now supports passing a jQuery object as nextnode.
* <wbr> can now be used inside WikiText.
* WebResponse::setcookie is much more featureful. Callers using PHP's
setcookie() or setrawcookie() should begin using this instead.
* New hook WebResponseSetCookie, called from WebResponse::setcookie().
* New hook ResetSessionID, called when the session id is reset.
* Add a mode parameter to <gallery> tag with potential options of "traditional",
"nolines", "packed", "packed-overlay", or "packed-hover".
* (bug 47399) A success message is now displayed after changing the password.
* Make thumb.php give HTTP redirects for file redirects
* (bug 30607) Special:ListFiles can now show old versions of files. Additionally
Special:AllMyUploads was introduced so the user can get a list of all things
they have ever uploaded, even if it was subsequently overriden.
* Introduced Special:MyFiles and Special:AllMyFiles as an alias for Special:MyUploads
and Special:AllMyUploads respectively.
* IPv6 addresses in X-Forwarded-For headers are now normalised before checking
against allowed proxy lists.
* Add deferrable update support for callback/closure.
* Add TitleMove hook before page renames.
* Revision deletion backend code is moved out of SpecialRevisiondelete
* Added {{REVISIONSIZE}} variable to get the current size of a revision.
* Add support for the LESS stylesheet language to ResourceLoader. LESS is a
stylesheet language that compiles into CSS. ResourceLoader file modules may
include LESS style files; ResourceLoader will compile these files into CSS
before sending them to the client.
** The $wgResourceLoaderLESSVars configuration variable is an associative array
mapping variable names to string CSS values. These variables are considered
declared for all LESS files. Additional variables may be registered by
adding keys to the array.
** $wgResourceLoaderLESSFunctions is an associative array of custom LESS
function names to PHP callables. See <http://leafo.net/lessphp/docs/#custom_functions>
for more details regarding custom functions.
** $wgResourceLoaderLESSImportPaths is an array of file system paths. Files
referenced in LESS '@import' statements are looked up here first.
* ResourceLoader supports hashes as module cache invalidation trigger (instead
of or in addition to timestamps).
* Added $wgExtensionEntryPointListFiles for use in mergeMessageFileList.php.
* Added a hook, APIQuerySiteInfoStatisticsInfo, to allow extensions to modify
the output of the API query meta=siteinfo&siprop=statistics
* Primary keys have been added to both the archive table and the externallinks
tables.
* Added $wgEnableParserLimitReporting to control whether the NewPP limit report is
output in a HTML comment.
* The 'UnwatchArticle' and 'WatchArticle' hooks now support a Status object
instead of just a boolean return value to abort the hook.
* Added a hook, SpecialWatchlistGetNonRevisionTypes, to allow extensions
with custom recentchanges entries to hook into the Watchlist without
clobbering each other.
* A hidden, empty input field was added to the edit form, and any edit that fills
it in will be rejected. This prevents against the simplest form of spambots.
Previously in the "SimpleAntiSpam" extension by Ryan Schmidt.
* populateRevisionLength.php maintenance script updated to also populate
archive.ar_len field.
* (bug 43571) DatabaseMySQLBase learned to list views, optionally filtered by a
prefix. Also fixed PHPUnit test suite when using a MySQL backend containing
views.
=== Bug fixes in 1.22 ===
* (bug 47271) $wgContentHandlerUseDB should be set to false during the upgrade
* Disable Special:PasswordReset when $wgEnableEmail is false. Previously one
could still navigate to the page by entering the URL directly.
* (bug 47138) Fixed a fatal error when a blocked user tries to automatically
create an account on login due external authentication in some circumstances.
* (bug 23393) HTML <hN> headings containing line breaks are now handled
correctly.
* (bug 45803) Whitespace within == Headline == syntax and within <hN> headings
is now non-significant and not preserved in the HTML output.
* (bug 47218) Special:BlockList now handles correctly user names with spaces
when passed as subpage.
* Pager's properly validate which fields are allowed to be sorted on.
* mw.util.tooltipAccessKeyRegexp: The regex now matches "option-" as well.
Support for Mac "option" was added in 1.16, but the regex was never updated.
* (bug 46768) Usernames of blocking users now display correctly, even if numeric.
* (bug 39590) Self-transclusions now show the most up to date result always
after save instead of being a revision behind.
* A bias in wfRandomString() toward digits 1-7 has been corrected. Generated
strings will now start with digits 0 and 8-f as often as they should.
* (bug 45371) Removed Parser_LinkHooks and CoreLinkFunctions classes.
* (bug 41545) Allow <kbd>, <samp>, and <var> to be nested like allowed in html.
* PLURAL magic word no longer causes a PHP notice when no matching form exists.
* (bug 36641) Patrol page links no longer show on non-existent revisions.
* (bug 35810) Pages not linked from Special:RecentChanges or Special:NewPages
are patrollable now.
* (bug 30213) JavaScript for search suggestions is now disabled when the API
is disabled, and AJAX patrolling and watching are now disabled when use of
the write API is not allowed.
* (bug 48294) API: Fix chunk upload async mode.
* (bug 46749) Broken files tracking category removed from pages if an image
with that name is uploaded.
* (bug 14176) System messages that are empty were previously incorrectly treated
as non-existent, causing a fallback to the default. This stopped users from
overriding system messages to make them blank.
* (bug 48319) action=parse no longer returns an error if passed none of 'oldid',
'pageid', 'page', 'title', and 'text' (e.g. if only passed 'summary'). A
warning will instead be issued if 'title' is non-default, unless no props are
requested.
* Special:Recentchangeslinked will now include upload log entries
* (bug 41281) Fixed ugly output if file size could not be extracted for multi-page media.
* (bug 50315) list=logevents API module will now output log entries by anonymous users.
* (bug 38911) Handle headers with rowspan in jquery.tablesorter
* (bug 658) Converted the table of contents on wiki pages from <table> to <div>
and adjusted skin CSS accordingly. The CSS was carefully crafted to be
backwards-compatible in all reasonable cases (uses of the __TOC__ magic word,
the #toc CSS id and the .toc CSS class). However, particularly bad abuse of
the id or the class can possibly break.
* CSSJanus now supports rgb, hsl, rgba, and hsla color syntaxes.
* Special:Listfiles can no longer be sorted by image name when filtering
by user in miser mode.
* (bug 49074) CSSJanus: Handle values of border-radius correctly.
* Handle relative inclusions ({{../name}}) in main namespace with subpages
enabled correctly (previously MediaWiki tried to include Template:Parent/name
instead of just Parent/name).
* Added $wgAPIUselessQueryPages to allow extensions to flag their query pages
for non-inclusion in ApiQueryQueryPages.
* (bug 50870) mediawiki.notification: Notification area should remain visible
when scrolled down.
* (bug 13438) Special:MIMESearch no longer an expensive special page.
* (bug 48342) Fixed a fatal error when $wgValidateAllHtml is set to true and
the function apache_request_headers() function is not available.
* (bug 33399) LivePreview: Re-run wikipage content handlers
(jquery.makeCollapsible, jquery.tablesorter) after preview content is loaded.
* (bug 51891) Fixed PHP notice on Special:PagesWithProp when no properties
are defined.
* (bug 52006) Corrected documentation of $wgTranscludeCacheExpiry.
* (bug 52077) The APIEditBeforeSave hook is giving the content of the whole
revision as second argument now, rather than just the current section.
* (bug 49694) $wgSpamRegex is now also applied on the new section headline text
adding a new topic on a page
* (bug 41756) Improve treatment of multiple comments on a blank line.
* (bug 51064) Purge upstream caches when deleting file assets.
* (bug 39012) File types with a mime that we do not know the extension for
can no longer be uploaded as an extension that we do know the mime type
for.
* (bug 51742) Add data-sort-value for better sorting of hitcounts Special:Tags
* (bug 26811) On DB error pages, server hostnames are now hidden when both
$wgShowHostnames and $wgShowSQLErrors are false.
* (bug 6200) line breaks in <blockquote> are handled like they are in <div>
* (bug 14931) Default character set now set to 'utf8' when a new MySQL
database is created.
* (bug 47191) Fixed "Column 'si_title' cannot be part of FULLTEXT index"
MySQL error when installing using the binary character set option.
* (bug 45288) Support mysqli PHP extension
* (bug 55818) BREAKING CHANGE: Removed undocumented 'Debug' hook in wfDebug.
This resolves an infinite loop when using $wgDebugFunctionEntry = true.
* (bug 56707) Correct tooltip of "Next n results" on query special pages.
* (bug 56770) mw.util.addPortletLink: Check length before access array index.
=== API changes in 1.22 ===
* (bug 25553) The JSON output formatter now leaves forward slashes unescaped
to improve human readability of URLs and similar strings. Also, a "utf8"
option is now provided to use UTF-8 encoding instead of hex escape codes
for most non-ASCII characters.
* (bug 46626) xmldoublequote parameter was removed. Because of a bug, the
parameter has had no effect since MediaWiki 1.16, and so its removal is
unlikely to impact existing clients.
* (bug 47216) action=query&meta=siteinfo&siprop=skins will now indicate which
skin is the default and which are unusable (e.g. listed in $wgSkipSkins).
* (bug 25325) Added support for wlshow filtering (bots/anon/minor/patrolled)
to action=feedwatchlist.
* WDDX formatted output will actually be formatted (and normal output will no
longer be), and will no longer choke on booleans.
* action=opensearch no longer silently ignores the format parameter.
* action=opensearch now supports format=jsonfm.
* list=usercontribs&ucprop=ids will now include the parent revision id.
* BREAKING CHANGE: action=parse no longer returns all langlinks for the page
with prop=langlinks by default. The new effectivelanglinks parameter will
request that the LanguageLinks hook be called to determine the effective
language links.
* BREAKING CHANGE: list=allpages, list=langbacklinks, and prop=langlinks do not
apply the new LanguageLinks hook, and thus only consider language links
stored in the database.
* (bug 47219) Allow specifying change type of Wikipedia feed items
* prop=imageinfo now allows setting iiurlheight without setting iiurlwidth
* prop=info now adds the content model and page language of the title.
* New upload log entries will now contain information on the relevant
image (sha1 and timestamp).
* (bug 49239) action=parse now can parse in preview and section preview modes.
* (bug 49259) action=patrol now accepts revision ids.
* (bug 48129) list=blocks&bkip= now correctly handles IPv6 CIDR ranges and
honors $wgBlockCIDRLimit. Note any clients passing invalid values to bkip
will now receive an error, rather than the previous behavior listing all
user blocks.
* (bug 48201) action=parse&text=foo now assumes wikitext if no title is given,
rather than using the content model of the page "API".
* action=watch no longer silently ignores hook abort.
* (bug 50785) action=purge with forcelinkupdate=1 no longer queues refreshLinks
jobs in the job queue for link table updates of pages that use the given page
as a template. Instead, forcerecursivelinkupdate=1 is introduced and should
be used if that behaviour is desirable.
* The 'debugLog' property (enabled by $wgDebugToolbar) no longer sets the log
entry values through ApiResult::content but directly. This changes the JSON
output from an array of objects with content in '*' to an array of strings
with the content.
* (bug 51342) prop=imageinfo iicontinue now contains the dbkey, not the text
version of the title.
* (bug 52538) action=edit will now use empty text instead of the contents
of section 0 when passed prependtext or appendtext with section=new.
* Support for the 'gettoken' parameter to action=block and action=unblock,
deprecated since 1.20, has been removed.
* (bug 49090) Token-getting functions will fail when using jsonp callbacks.
* (bug 52699) action=upload returns normalized file name on warning
"exists-normalized" instead of filename to be uploaded to.
* (bug 53884) action=edit will now return an error when the specified section
does not exist in the page.
* Added meta=filerepoinfo API module for getting information about foreign
file repositories, and related ForeignAPIRepo methods getInfo and getApiUrl.
* The new query module list=allfileusages to enumerate file usages was added.
=== Languages updated in 1.22===
MediaWiki supports over 350 languages. Many localisations are updated
regularly. Below only new and removed languages are listed, as well as
changes to languages because of Bugzilla reports.
* Batak Toba (bbc-latn) added.
* (bug 46751) Made Buryat (Russia) (буряад) (bxr) fallback to Russian.
=== Other changes in 1.22 ===
* BREAKING CHANGE: Implementation of MediaWiki's JS and JSON value encoding
has changed:
** MediaWiki no longer supports PHP installations in which the native JSON
extension is missing or disabled.
** XmlJsCode objects can no longer be nested inside objects or arrays.
(For Xml::encodeJsCall(), this individually applies to each argument.)
** The sets of characters escaped by default, along with the precise escape
sequences used, have changed (except for the Xml::escapeJsString()
function, which is now deprecated).
* BREAKING CHANGE: The Services_JSON class has been removed. If necessary,
be sure to upgrade affected extensions at the same time (e.g. Collection).
* redirect.php was removed. It was unused.
* ClickTracking integration was dropped from the mediaWiki.user.bucket
JavaScript function. The 'tracked' option is now ignored.
* BREAKING CHANGE: Legacy skins Simple, MySkin, Chick, Standard and Nostalgia
were all removed. (Nostalgia was moved to an extension.) The SkinLegacy and
LegacyTemplate classes that supported them were removed as well and are now a
part of the Nostalgia extension.
* Event namespace used by jquery.makeCollapsible has been changed from
'mw-collapse' to 'mw-collapsible' for consistency with the module name.
* BREAKING CHANGE: The "ExternalAuth" authentication subsystem was removed, along
with its associated globals of $wgExternalAuthType, $wgExternalAuthConf,
$wgAutocreatePolicy and $wgAllowPrefChange. Affected users are encouraged to
use AuthPlugin for external authentication/authorization needs.
* The Quickbar feature of the legacy skin model and the last remnants of it
throughout the code base have been removed.
* Externaledit/externaldiff preference was removed. Very few users used this
feature, and improper configuration can actually prevent a user from editing
* Calling Linker methods using a skin will now output deprecation warnings.
* (bug 46680) "Return to" links are no longer tagged with rel="next".
* BREAKING CHANGE: mw.util.tooltipAccessKeyRegexp: The match group for the
accesskey character is now $6 instead of $5.
* HipHop compiler (hphpc) support was removed. HipHop VM support (hhvm) was
added.
* A new Special:Redirect page was added, providing lookup by revision ID,
user ID, or file name. The old Special:Filepath page was reimplemented
to redirect through Special:Redirect.
* Monobook: Removed the old conditional stylesheets for Opera 6, 7 and 9.
* Support for XHTML 1.0 has been removed. MediaWiki now only outputs (X)HTML5.
* wikibits: User-agent related globals have been deprecated. The following
properties now default to false and emit mw.log.warn: is_gecko, is_chrome_mac,
is_chrome, webkit_version, is_safari_win, is_safari, webkit_match, is_ff2,
ff2_bugs, is_ff2_win, is_ff2_x11, opera95_bugs, opera7_bugs, opera6_bugs,
is_opera_95, is_opera_preseven, is_opera, and ie6_bugs.
* (bug 48276) MediaWiki will now flash a confirmation message upon successfully
editing a page.
* (bug 40785) mediawiki.legacy.ajax has been marked as deprecated. The following
properties now emit mw.log.warn when accessed: sajax_debug, sajax_init_object,
sajax_do_call and wfSupportsAjax.
* BREAKING CHANGE: meta keywords are no longer supported. A <meta name="keywords"
will no longer be output and OutputPage::addKeyword no longer exists.
* Methods Title::userCanEditCssSubpage and Title::userCanEditJsSubpage,
deprecated since 1.19, have been removed.
* (bug 50134) Hook functions are no longer required to return a value. When a
hook function does not return a value (or when it returns an explicit null),
processing continues. To abort the hook, a hook function must return an
explicit, boolean false or a string error message. Other falsey values are
tantamount to a 'return true' in earlier versions of MediaWiki.
* BREAKING CHANGE: The EditSectionLink hook was removed after being
deprecated since MediaWiki 1.14. Use DoEditSectionLink instead.
* (bug 48256) The 'editsection-brackets' optional message was removed.
Section edit links' brackets can now be customized using CSS by
styling span.mw-editsection-bracket.
* The usePatrol function in ChangesList has been marked as deprecated.
* (bug 50785) A "null edit", that is, a save action in which no changes to the
page text are made and no revision recorded, will no longer send refreshLinks
jobs to the job table to update pages which use the edited page as a template.
* The LivePreviewPrepare and LivePreviewDone events triggered on "jQuery( mw )"
have been deprecated in favour of using mw.hook.
* The 'showjumplinks' user preference has been removed, jump links are now
always included.
* Methods RecentChange::notifyRC2UDP, RecentChange::sendToUDP, and
RecentChange::cleanupForIRC have been deprecated, as it is now the
responsibility of classes implementing the RCFeedFormatter and RCFeedEngine
interfaces to implement the formatting and delivery for recent change
notifications.
* SpecialPrefixindex methods namespacePrefixForm() and showPrefixChunk() have
been made protected. They were accepting form variance arguments, this is now
using properties in the SpecialPrefixindex class.
* (bug 50310) BREAKING CHANGE: wikibits: Drop support for mwCustomEditButtons.
It defaults to an empty array and emits mw.log.warn when accessed.
* BREAKING CHANGE: Special:Disambiguations has been removed from MediaWiki core.
Functions related to disambiguation pages are now handled by the Disambiguator
extension (https://www.mediawiki.org/wiki/Extension:Disambiguator) (bug
35981).
* BREAKING CHANGE: The 'mediawiki.legacy.wikiprintable' module has been removed.
The skins/common/wikiprintable.css file no longer exists. Return value of
Skin#commonPrintStylesheet is ignored. Please use the 'mediawiki.legacy.commonPrint'
module instead or base your skin on SkinTemplate.
* (bug 49629) The hook ExtractThumbParamaters has been deprecated in favour
of media handler overriding MediaHandler::parseParamString.
* (bug 46512) The collapsibleNav feature from the Vector extension has been moved
to the Vector skin in core.
* SpecialRecentChanges::addRecentChangesJS() function has been renamed
to addModules() and made protected.
* Methods WatchAction::doWatch and WatchAction::doUnwatch now return a Status
object instead of a boolean.
* Information boxes (CSS classes errorbox, warningbox, successbox) have been
made more subtle.
* BREAKING CHANGE: The module 'mediawiki.legacy.IEFixes' has been removed as it was
unused. The file skins/common/IEFixes.js remains but is only used by wikibits.
The file never contained any re-usable components. To use it in a skin, load
'mediawiki.legacy.wikibits' (which IEFixes depends on) and that will import
IEFixes automatically if user agent conditions are met.
* Code specific to the Math extension was marked as deprecated.
* mediawiki.util: mw.util.wikiGetlink has been renamed to getUrl. (The old name
still works, but is deprecated.)
== MediaWiki 1.21 ==
== MediaWiki 1.21.11 ==
This is a security and maintenance release of the MediaWiki 1.21 branch.
=== Changes since 1.21.10 ===
* (bug 65839) SECURITY: Prevent external resources in SVG files.
* (bug 66428) MimeMagic: Don't seek before BOF. This has weird side effects like only extracting the tail of the file partially or not at all.
== MediaWiki 1.21.10 ==
This is a security and maintenance release of the MediaWiki 1.21 branch.
=== Changes since 1.21.9 ===
* (bug 65501) SECURITY: Don't parse usernames as wikitext on Special:PasswordReset.
* (bug 36356) Add space between two feed links.
== MediaWiki 1.21.9 ==
This is a security and maintenance release of the MediaWiki 1.21 branch.
=== Changes since 1.21.8 ===
* (bug 63251) SECURITY: Escape sortKey in pageInfo.
* (bug 58640) Fixed a compatibility issue with PCRE 8.34 that caused pages to appear blank or with missing text.
== MediaWiki 1.21.8 ==
This is a security and maintenance release of the MediaWiki 1.21 branch.
=== Changes since 1.21.7 ===
* (bug 62497) SECURITY: Add CSRF token on Special:ChangePassword.
* (bug 62467) Set a title for the context during import on the cli.
== MediaWiki 1.21.7 ==
This is a maintenance release of the MediaWiki 1.21 branch.
=== Changes since 1.21.6 ===
* Use the correct branch of the extensions' git repositories.
== MediaWiki 1.21.6 ==
This is a security release of the MediaWiki 1.21 branch.
=== Changes since 1.21.5 ===
* (bug 60771) SECURITY: Disallow uploading SVG files using non-whitelisted namespaces. Also disallow iframe elements. * User will get an error including the namespace name if they use a non- whitelisted namespace.
* (bug 61346) SECURITY: Make token comparison use constant time. It seems like our token comparison would be vulnerable to timing attacks. This will take constant time.
* (bug 61362) SECURITY: API: Don't find links in the middle of api.php links.
== MediaWiki 1.21.5 ==
This is a security release of the MediaWiki 1.21 branch.
=== Changes since 1.21.4 ===
* (bug 60339) SECURITY: Sanitize shell arguments to DjVu files, and other media formats
== MediaWiki 1.21.4 ==
This is a security release of the MediaWiki 1.21 branch.
=== Changes since 1.21.3 ===
* (bug 57550) SECURITY: Disallow stylesheets in SVG Uploads
* (bug 58088) SECURITY: Don't normalize U+FF3C to \ in CSS Checks
* (bug 58472) SECURITY: Disallow -o-link in styles
* (bug 58553) SECURITY: Return error on invalid XML for SVG Uploads
* (bug 58699) SECURITY: Fix RevDel log entry information leaks
== MediaWiki 1.21.3 ==
This is a security and maintenance release of the MediaWiki 1.21 branch.
=== Changes since 1.21.2 ===
* (bug 53032) SECURITY: Don't cache when a call could autocreate
* (bug 55332) SECURITY: Improve css javascript detection
* (bug 49717) Fix behaviour $wgVerifyMimeType = false; in Upload
* Fix comma errors in various js files
* Translations
== MediaWiki 1.21.2 ==
This is a security and maintenance release of the MediaWiki 1.21 branch.
=== Changes since 1.21.1 ===
* SECURITY: Fix extension detection with 2 .'s
* SECURITY: Support for the 'gettoken' parameter to action=block and action=unblock, deprecated since 1.20, has been removed.
* SECURITY: Sanitize ResourceLoader exception messages
* Purge upstream caches when deleting file assets.
* Unit test suite now runs the AutoLoader tests. Also fixed the autoloading entry for the PageORMTableForTesting class though it had no impact.
== MediaWiki 1.21.1 ==
This is a maintenance release of the MediaWiki 1.21 branch.
=== Changes since 1.21.0 ===
* An incorrect version number was used for 1.21.0. 1.21.1 has the correct number.
* A problem with the Oracle SQL table creation was fixed.
* (PdfHandler extension) Fix warning if pdfinfo fails but pdftext succeeds.
=== Configuration changes in 1.21 ===
* (bug 29374) $wgVectorUseSimpleSearch is now enabled by default.
* Deprecated $wgAllowRealName is removed. Use $wgHiddenPrefs[] = 'realname'
instead.
* (bug 39957) Added $wgUnwatchedPageThreshold, specifying minimum count
of page watchers required for the number to be accessible to users
without the unwatchedpages permission.
* $wgBug34832TransitionalRollback has been removed.
* (bug 29472) $wgUseDynamicDates has been removed and its functionality
disabled.
=== New features in 1.21 ===
* (bug 38110) Schema changes (adding or dropping tables, indices and
fields) can be now be done separately from from other changes that
update.php makes. This is useful in environments that use database
permissions to restrict schema changes but allow the DB user that
MediaWiki normally runs as to perform other changes that update.php
makes. Schema changes can be run separately. See the file UPGRADE
for more information.
* (bug 34876) jquery.makeCollapsible has been improved in performance.
* Added ContentHandler facility to allow extensions to support other content
than wikitext. See docs/contenthandler.txt for details.
* New feature was developed for showing high-DPI thumbnails for high-DPI mobile
and desktop displays (configurable with $wgResponsiveImages).
* Added new backend to represent and store information about sites and site
specific configuration.
* jQuery upgraded from 1.8.2 to 1.8.3.
* jQuery UI upgraded from 1.8.23 to 1.8.24.
* Added separate fa_sha1 field to filearchive table. This allows sha1
searches with the api in miser mode for deleted files.
* Add initial and programmatic sorting for tablesorter.
* Add the event "sortEnd.tablesorter", triggered after sorting has completed.
* The Job system was refactored to allow for different backing stores for
queues as well as cross-wiki access to queues, among other things. The schema
for the DB queue was changed to support better concurrency and reduce
deadlock errors.
* Added ApiQueryORM class to facilitate creation of query API modules based on
tables that have a corresponding ORMTable class.
* (bug 40876) Icon for PSD (Adobe Photoshop) file types.
* (bug 40641) Implemented Special:Version/Credits with a list of contributors.
* (bug 7851) Implemented one-click AJAX patrolling.
* The <data>, <time>, <meta>, and <link> elements are allowed within WikiText
for use with Microdata.
* The HTML5 <mark> tag has been whitelisted.
* Added ParserCloned hook for when the Parser object is cloned.
* Added AlternateEditPreview hook to allow extensions to replace the page
preview from the edit page.
* Added EditPage::showStandardInputs:options hook to allow extensions to add
new fields to the "editOptions" area of the edit form.
* Upload stash DB schema altered to improve upload performance.
* The following global functions are now reporting deprecated warnings in
debug mode: wfMsg, wfMsgNoTrans, wfMsgForContent, wfMsgForContentNoTrans,
wfMsgReal, wfMsgGetKey, wfMsgHtml, wfMsgWikiHtml, wfMsgExt, wfEmptyMsg. Use
the Message class, or the global method wfMessage.
* Added $wgEnableCanonicalServerLink, off by default. If enabled, a
<link rel=canonical> tag is added to every page indicating the correct server
to use.
* Debug message emitted by wfDebugLog() will now be prefixed with the group
name when its logged to the default log file. That is the case whenever the
group has no key in wgDebugLogGroups, that will help triage the default log.
* (bug 24620) Add types to LogFormatter.
* jQuery JSON upgraded from 2.3 to 2.4.0.
* Added GetDoubleUnderscoreIDs hook, for modifying the list of magic words.
* DatabaseUpdater class has two new methods to ease extensions schema changes:
dropExtensionIndex and renameExtensionIndex.
* New preference type - 'api'. Preferences of this type are not shown on
Special:Preferences, but are still available via the action=options API.
* (bug 39397) Hide rollback link if a user is the only contributor of the page.
* $wgPageInfoTransclusionLimit limits the list size of transcluded articles
on the info action. Default is 50.
* Added action=createaccount to allow user account creation.
* (bug 40124) action=options API also allows for setting of arbitrary
preferences, provided that their names are prefixed with 'userjs-'. This
officially reenables the feature that was undocumented and defective
in MW 1.20 (saving preferences using Special:Preferences cleared any
additional fields) and which has been disabled in 1.20.1 as a part of
a security fix (bug 42202).
* Added option to specify "others" as author in extension credits using
"..." as author name.
* Added the ability to limit the wall clock time used by shell processes,
as well as the CPU time. Configurable with $wgMaxShellWallClockTime.
* Allow memory of shell subprocesses to be limited using Linux cgroups
instead of ulimit -v, which tends to cause deadlocks in recent versions
of ImageMagick. Configurable with $wgShellCgroup.
* Added $wgWhitelistReadRegexp for regex whitelisting.
* (bug 5346) Categories that are redirects will be displayed italic in
the category links section at the bottom of a page.
* (bug 43915) New maintenance script deleteEqualMessages.php.
* You can now create checkbox option matrices through the HTMLCheckMatrix
subclass in HTMLForm.
* WikiText now permits the use of WAI-ARIA's role="presentation" inside of
html elements and tables. This allows presentational markup, especially
tables. To be marked up as such.
* maintenance/sql.php learned the --cluster option. Let you run the script
on some external cluster instead of the primary cluster for a given wiki.
* (bug 20281) test the parsing of inline URLs.
* Added Special:PagesWithProp, which lists pages using a particular page property.
* Implemented language-specific collations for category sorting for 67 languages
based in latin, greek and cyrillic alphabets. This allows one to *finally* get
articles to be correctly sorted on category pages. They are named
'uca-<langcode>', where <langcode> is one of: af, ast, az, be, bg, br, bs, ca,
co, cs, cy, da, de, dsb, el, en, eo, es, et, eu, fi, fo, fr, fur, fy, ga, gd,
gl, hr, hsb, hu, is, it, kk, kl, ku, ky, la, lb, lt, lv, mk, mo, mt, nl, no,
oc, pl, pt, rm, ro, ru, rup, sco, sk, sl, smn, sq, sr, sv, tk, tl, tr, tt, uk,
uz, vi.
* Added 'CategoryAfterPageAdded' and 'CategoryAfterPageRemoved' hooks.
* Added 'HistoryRevisionTools' and 'DiffRevisionTools' hooks.
* Added 'SpecialSearchResultsPrepend' and 'SpecialSearchResultsAppend' hooks.
* (bug 33186) Add image rotation api "imagerotate"
* (bug 34040) Add "User rights management" link on user page toolbox.
* (bug 45526) Add QUnit assertion helper "QUnit.assert.htmlEqual" for asserting
structual equality of HTML (ignoring insignificant differences like
quotmarks, order and whitespace in the attribute list).
* (bug 23393) HTML <hN> headings containing line breaks are now handled
correctly.
* (bug 45803) Whitespace within == Headline == syntax and within <hN> headings
is now non-significant and not preserved in the HTML output.
=== Bug fixes in 1.21 ===
* (bug 40353) SpecialDoubleRedirect should support interwiki redirects.
* (bug 40352) fixDoubleRedirects.php should support interwiki redirects.
* (bug 9237) SpecialBrokenRedirect should not list interwiki redirects.
* (bug 34960) Drop unused fields rc_moved_to_ns and rc_moved_to_title from
recentchanges table.
* (bug 32951) Do not register internal externals with absolute protocol,
when server has relative protocol.
* (bug 39005) When purging proxies listed in $wgSquidServers using HTTP PURGE
method requests, we now send a Host header by default, for Varnish
compatibility. This also works with Squid in reverse-proxy mode. If you wish
to support Squid configured in forward-proxy mode, set
$wgSquidPurgeUseHostHeader to false.
* (bug 37020) sql.php with readline eats semicolon.
* (bug 11748) Properly handle optionally-closed HTML tags when Tidy is
disabled, and don't wrap HTML-syntax definition lists in paragraphs.
* (bug 41409) Diffs while editing an old revision should again diff against the
current revision.
* (bug 41494) Honor $wgLogExceptionBacktrace when logging non-API exceptions
caught during API execution.
* (bug 37963) Fixed loading process for user options.
* (bug 26995) Update filename field on Upload page after having sanitized it.
* (bug 41793) Contribution links to users with 0 edits on Special:ListUsers
didn't show up red.
* (bug 41899) A PHP notice no longer occurs when using the "rvcontinue" API
parameter.
* (bug 42036) Account creation emails now contain canonical (not
protocol-relative) URLs.
* (bug 41990) Fix regression: API edit with redirect=true and lacking
starttimestamp and basetimestamp should not cause an edit conflict.
* (bug 41706) EditPage: Preloaded page should be converted if possible and
needed.
* (bug 41886) Rowspans are no longer exploded by tablesorter until the table is
actually sorted.
* (bug 2865) User interface HTML elements don't use lang attribute.
(completed the fix by adding the lang attribute to firstHeading).
* (bug 42173) Removed namespace prefixes on Special:UncategorizedCategories.
* (bug 36053) Log in "returnto" feature forgets query parameters if no
title parameter was specified.
* (bug 42410) API action=edit now returns correct timestamp for the new edit.
* (bug 14901) Email notification mistakes log action for new page creation.
Enotif no longer sends "page has been created" notifications for some log
actions. The following events now have a correct message: page creation,
deletion, move, restore (undeletion), change (edit). Parameter
$CHANGEDORCREATED is deprecated in 'enotif_body' and scheduled for removal in
MediaWiki 1.23.
* (bug 457) In the sidebar of Vector, CologneBlue, Monobook, and Monobook-based
skins, the heading levels have been changed from (variously per skin)
<h4>, <h5> or <h6> to only <h3>s, with a <h2> hidden heading above them.
If you are styling or scripting the headings in a custom way, this change
will require updates to your site's CSS or JS.
* (bug 41342) jquery.suggestions should cancel any active (async) fetches
before it triggers another fetch.
* (bug 42184) $wgUploadSizeWarning missing second variable.
* (bug 34581) removeUnusedAccounts.php maintenance script now ignores newuser
log when determining whether an account is used.
* (bug 43379) Gracefully fail if rev_len is unavailable for a revision on the
History page.
* (bug 42949) API no longer assumes all exceptions are MWException.
* (bug 41733) Hide "New user message" (.usermessage) element from printable view.
* (bug 39062) Special:Contributions will display changes that don't have
a parent id instead of just an empty bullet item.
* (bug 37209) "LinkCache doesn't currently know about this title" error fixed.
* wfMerge() now works if $wgDiff3 contains spaces
* (bug 43052) mediawiki.action.view.dblClickEdit.dblClickEdit should trigger
ca-edit click instead opening URL directly.
* (bug 43964) Invalid value of "link" parameter in <gallery> no longer produces
a fatal error.
* (bug 44775) The username field is not pre-filled when creating an account.
* (bug 45069) wfParseUrl() no longer produces a PHP notice if passed a "mailto:"
URL without address
* (bug 45012) Creating an account by e-mail can no longer show a
"password mismatch" error.
* (bug 44599) On Special:Version, HEADs for submodule checkouts (e.g. for
extensions) performed using Git 1.7.8+ should now appear.
* (bug 42184) $wgUploadSizeWarning missing second variable
* (bug 40326) Check if files exist with a different extension during uploading
* (bug 34798) Updated CSS for Atom/RSS recent changes feeds to match on-wiki diffs.
* (bug 42430) Calling numRows on MySQL no longer propagates unrelated errors.
* (bug 44719) Removed mention of non-existing maintenance/migrateCurStubs.php
script in includes/DefaultSettings.php
* (bug 45143) jquery.badge: Treat non-Latin variants of zero as zero as well.
* (bug 46151) mwdocgen.php should not ignore exit code of doxygen command.
* (bug 41889) Fix $.tablesorter rowspan exploding for complex cases.
=== API changes in 1.21 ===
* prop=revisions can now report the contentmodel and contentformat.
See docs/contenthandler.txt.
* action=edit and action=parse now support contentmodel and contentformat
parameters to control the interpretation of page content.
See docs/contenthandler.txt for details.
* (bug 35693) ApiQueryImageInfo now suppresses errors when unserializing metadata.
* (bug 40111) Disable minor edit for page/section creation by API.
* (bug 41042) Revert change to action=parse&page=... behavior when the page
does not exist.
* (bug 27202) Add timestamp sort to list=allimages.
* (bug 43137) Don't return the sha1 of revisions through the API if the content is
revision-deleted.
* ApiQueryImageInfo now also returns imageinfo for redirects.
* list=alltransclusions added to enumerate every instance of page embedding
* list=alllinks & alltransclusions now allow both 'from' and 'continue' in
the same query. When both are present, 'from' is simply ignored.
* list=alllinks & alltransclusions now allow 'unique' in generators, to yield
a list of all link/template target pages instead of source pages.
* BREAKING CHANGE: list=logevents output format changed for details of some log
types. Specifically, details that were formerly reported under a key like
"4::foo" will now be reported under a key of simply "foo".
* BREAKING CHANGE: '??_badcontinue' error code was changed to '??badcontinue'
for all query modules.
* ApiQueryBase adds 'badcontinue' error code if module has 'continue' parameter.
* (bug 35885) Removed version parameter and all getVersion() methods.
* action=options now takes a "resetkinds" option, which allows only resetting
certain types of preferences when the "reset" option is set.
* (bug 36751) ApiQueryImageInfo now returns imageinfo for the redirect target
when queried with &redirects=.
* (bug 31849) ApiQueryImageInfo no longer gets confused when asked for info on
a redirect and its target.
* (bug 43849) ApiQueryImageInfo no longer throws exceptions with ForeignDBRepo
redirects.
* On error, any warnings generated before that error will be shown in the result.
* action=help supports generalized submodules (modules=query+value), querymodules obsolete
* ApiQueryImageInfo continuation is more reliable. The only major change is
that the imagerepository property will no longer be set on page objects not
processed in the current query (i.e. non-images or those skipped due to
iicontinue).
* Add supports for all pageset capabilities - generators, redirects, converttitles to
action=purge and action=setnotificationtimestamp.
* (bug 43251) prop=pageprops&ppprop= now accepts multiple props to query.
* ApiQueryImageInfo will now limit the number of calls to File::transform made
in any one query. If there are too many, iicontinue will be returned.
* action=query&meta=siteinfo&siprop=general will now return the regexes used for
link trails and link prefixes. Added for Parsoid support.
* Added an API query module list=pageswithprop, which lists pages using a
particular page property.
* Added an API query module list=pagepropnames, which lists all page prop names
currently in use on the wiki.
* (bug 44921) ApiMain::execute() will now return after the CORS check for an
HTTP OPTIONS request.
* (bug 44923) action=upload works correctly if the entire file is uploaded in
the first chunk.
* Added 'continue=' parameter to streamline client iteration over complex query results
* (bug 44909) API parameters may now be marked as type "upload", which is now
used for action=upload's 'file' and 'chunk' parameters. This type will raise
an error during parameter validation if the parameter is given but not
recognized as an uploaded file.
* (bug 44244) prop=info may now return the number of people watching each page.
* (bug 33304) list=allpages will no longer return duplicate entries when