diff options
author | Pierre Schmitz <pierre@archlinux.de> | 2008-03-21 11:49:34 +0100 |
---|---|---|
committer | Pierre Schmitz <pierre@archlinux.de> | 2008-03-21 11:49:34 +0100 |
commit | 086ae52d12011746a75f5588e877347bc0457352 (patch) | |
tree | e73263c7a29d0f94fafb874562610e16eb292ba8 /RELEASE-NOTES | |
parent | 749e7fb2bae7bbda855de3c9e319435b9f698ff7 (diff) |
Update auf MediaWiki 1.12.0
Diffstat (limited to 'RELEASE-NOTES')
-rw-r--r-- | RELEASE-NOTES | 1351 |
1 files changed, 739 insertions, 612 deletions
diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 4876d79b..f38b41a5 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -3,68 +3,34 @@ Security reminder: MediaWiki does not require PHP's register_globals setting since version 1.2.0. If you have it on, turn it *off* if you can. -== MediaWiki 1.11.2 == +== MediaWiki 1.12.0 == -March 2, 2008 +This is the quarterly branch release of MediaWiki for Winter 2008. -This is a security release of the Fall 2007 snapshot release of MediaWiki. -Possible cross-site information leaks using the callback parameter for -JSON-formatted results in the API are prevented by dropping user credentials. - -MediaWiki release versions prior to 1.11 are not vulnerable, as they do -not include the callback feature which allows client-side JavaScript on -other sites to reach API data. - -Changes in this release: - -* User credentials are dropped for API JSON requests using a callback -* Edit tokens are not reported for API JSON requests using a callback - - -== MediaWiki 1.11.1 == - -January 23, 2008 - -This is a security and bugfix release of the Fall 2007 snapshot release of -MediaWiki. A potential XSS injection vector affecting api.php only for -Microsoft Internet Explorer users has been closed. - -Changes in this release: - -* (bug 11450) Fix creation of objectcache table on upgrade -* (bug 11462) Fix typo in LanguageGetSpecialPageAliases hook name -* Fix regression in LinkBatch.php breaking PHP 5.0 -* Security fix for API on MSIE +MediaWiki is now using a "continuous integration" development model with +quarterly snapshot releases. The latest development code is always kept +"ready to run", and in fact runs our own sites on Wikipedia. -To work around the vulnerability without upgrading, you may disable the -API if you don't need it: +Release branches will continue to receive security updates for about a year +from first release, but nonessential bugfixes and feature developments +will be made on the development trunk and appear in the next quarterly release. - $wgEnableAPI = false; +Those wishing to use the latest code instead of a branch release can obtain +it from source control: http://www.mediawiki.org/wiki/Download_from_SVN -Not vulnerable versions: -* 1.12 or later -* 1.11 >= 1.11.1 -* 1.10 >= 1.10.3 -* 1.9 >= 1.9.5 -* 1.8 any version (if $wgEnableAPI has been left off) -Vulnerable versions: -* 1.11 <= 1.11.0rc1 -* 1.10 <= 1.10.2 -* 1.9 <= 1.9.4 -* 1.8 any version (if $wgEnableAPI has been switched on) +Changes since 1.12.0rc1: -MediaWiki 1.7 and below are not affected as they do not include -the API functionality, however the BotQuery extension is similarly -vulnerable unless updated to the latest SVN version. +* (bug 13359) Double-escaping in Special:Allpages +* Localization updates. -== MediaWiki 1.11.0 == +== MediaWiki 1.12.0rc1 == -September 10, 2007 +This is a release candidate of the Winter 2008 quarterly snapshot release +of MediaWiki. -This is the Fall 2007 snapshot release of MediaWiki. MediaWiki is now using a "continuous integration" development model with quarterly snapshot releases. The latest development code is always kept @@ -77,613 +43,774 @@ will be made on the development trunk and appear in the next quarterly release. Those wishing to use the latest code instead of a branch release can obtain it from source control: http://www.mediawiki.org/wiki/Download_from_SVN -== Changes since 1.11.0rc1 == - -A possible HTML/XSS injection vector in the API pretty-printing mode has -been found and fixed. - -The vulnerability may be worked around in an unfixed version by simply -disabling the API interface if it is not in use, by adding this to -LocalSettings.php: - - $wgEnableAPI = false; - -(This is the default setting in 1.8.x.) - -Not vulnerable versions: -* 1.11 >= 1.11.0 -* 1.10 >= 1.10.2 -* 1.9 >= 1.9.4 -* 1.8 >= 1.8.5 - -Vulnerable versions: -* 1.11 <= 1.11.0rc1 -* 1.10 <= 1.10.1 -* 1.9 <= 1.9.3 -* 1.8 <= 1.8.4 (if $wgEnableAPI has been switched on) - -MediaWiki 1.7 and below are not affected as they do not include -the faulty function, however the BotQuery extension is similarly -vulnerable unless updated to the latest SVN version. - - -== Configuration changes since 1.10 == - -* $wgThumbUpright - Adjust width of upright images when parameter 'upright' is - used -* $wgAddGroups, $wgRemoveGroups - Finer control over who can assign which - usergroups -* $wgEnotifImpersonal, $wgEnotifUseJobQ - Bulk mail options for large sites -* $wgShowHostnames - Expose server host names through the API and HTML comments -* $wgSaveDeletedFiles has been removed, the feature is now enabled unconditionally - -== New features since 1.10 == - -* (bug 8868) Separate "blocked" message for autoblocks -* Adding expiry of block to block messages -* Links to redirect pages in categories are wrapped in - <span class="redirect-in-category"></span> -* Introduced 'ImageOpenShowImageInlineBefore' hook; see docs/hooks.txt for - more information -* (bug 9628) Show warnings about slave lag on Special:Contributions, - Special:Watchlist -* (bug 8818) Expose "wpDestFile" as parameter $1 to "uploaddisabledtext" -* Introducing new image keyword 'upright' and corresponding variable - $wgThumbUpright. This allows better proportional view of upright images - related to landscape images on a page without nailing the width of upright - images to a fix value which makes views for anon unproportional and user - preferences useless -* (bug 6072) Introducing 'border' keyword to the [[Image:]] syntax -* Introducing 'frameless' keyword to [[Image:]] syntax which respects the - user preferences for image width like 'thumb' but without a frame. -* (bug 7960) Link to "what links here" for each "what links here" entry -* Added support for configuration of an arbitrary number of commons-style - file repositories. -* Added a Content-Disposition header to thumb.php output -* Improved thumb.php error handling -* Display file history on local image description pages of shared images -* Added $wgArticleRobotPolicies -* (bug 10076) Additional parameter $7 added to MediaWiki:Blockedtext - containing, the ip, ip range, or username whose block is affecting the -* (bug 7691) Show relevant lines from the deletion log when re-creating a - previously deleted article -* Added variables 'wgRestrictionEdit' and 'wgRestrictionMove' for JS to header -* (bug 9898) Allow viewing all namespaces in Special:Newpages -* (bug 10139) Introduce 'EditSectionLink' and 'EditSectionLinkForOther' hooks; - see docs/hooks.txt for details -* (bug 9769) Provide "watch this page" toggle on protection form -* (bug 9886) Provide clear example "stub link" in Special:Preferences -* (bug 10055) Populate email address and real name properties of User objects - passed to the 'AbortNewAccount' hook -* Show result of Special:Booksources in wiki content language always, it's - normally better maintained than the generic list from the standard message - files -* (bug 7997) Allow users to be blocked from using Special:Emailuser -* (bug 8989) Blacklist 'mhtml' and 'mht' files from upload -* (bug 8760) Allow wiki links in "protectexpiry" message -* (bug 5908) Add "DEFAULTSORTKEY" and "DEFAULTCATEGORYSORT" aliases for - "DEFAULTSORT" magic word -* (bug 10181) Support the XCache object caching mechanism -* (bug 9058) Introduce '--aconf' option for all maintenance scripts, to provide - a path to the AdminSettings.php file -* (bug 8781) Remind users to check file permissions for LocalSettings.php - post-installation -* Use shared.css for all skins and oldshared.css in place of common.css for - pre-Monobook skins. As always, modifications should go in-wiki to MediaWiki: - Common.css and MediaWiki:Monobook.css. -* (bug 8869) Introduce Special:Uncategorizedtemplates -* (bug 8734) Different log message when article protection level is changed -* (bug 8458, 10338) Limit custom signature length to $wgMaxSigChars Unicode - characters -* (bug 10096) Added an ability to query interwiki map table -* On reupload, add a null revision to the image description page -* Group log output by date -* Kurdish interface latin/arabic writing system with transliteration -* Support wiki text in all query page headers -* Add 'Orphanedpages' as an alias to Special:Lonelypages -* (bug 9328) Use "revision-info-current" message in place of "revision-info" - when viewing the current revision of a page, if available -* (bug 8890) Enable wiki text for "license" message -* Throw a showstopper exception when a hook function fails to return a value. - Forgetting to give a 'true' return value is a very common error which tends - to cause hard-to-track-down interactions between extensions. -* Use $wgJobClasses to determine the correct Job to instantiate for a particular - queued task; allows extensions to introduce custom jobs -* (bug 10326) AJAX-based page watching and unwatching has been cleaned up and - enabled by default. -* Added option to install to MyISAM -* (bug 9250) Remove hardcoded minimum image name length of three characters -* Fixed DISPLAYTITLE behaviour to reject titles which don't normalise to the - same title as the current page, and enabled per default -* Wrap site CSS and JavaScript in a <pre> tag, like user JS/CSS -* (bug 10196) Add classes and dir="ltr" to the <pre>s on CSS and JS pages (new - classes: mw-code, mw-css, mw-js) -* (bug 6711) Add $wgAddGroups and $wgRemoveGroups to allow finer control over - usergroup assignment. -* Introduce 'UserEffectiveGroups' hook; see docs/hooks.txt for more information -* (bug 10387) Detect and handle '.php5' extension environments at install time -* Introduce 'ShowRawCssJs' hook; see docs/hooks.txt for more information -* (bug 10404) Show rights log for the selected user in Special:Userrights -* New javascript for upload page that will show a warning if a file with the - "destination filename" already exists. -* Add 'editsection-brackets' message to allow localization (or removal) of the - brackets in the "[edit]" link for sections -* (bug 10437) Move texvc styling to shared.css -* Introduce "raw editing" mode for the watchlist, to allow bulk additions, - removals, and convenient exporting of watchlist contents -* Show "undo" links in page histories -* Option to jump to specified time period in user contributions -* Improved feedback on "rollback success" page -* Show distinct 'namespaceprotected' message to users when namespace protection - prevents page editing -* (bug 9936) Per-edit suppression of preview-on-first edit with "preview=no" -* Allow showing a one-off preview on first edit with "preview=yes" -* (bug 9151) Remove timed redirects on "Return to X" pages for accessibility. -* Link to user logs in toolbox when viewing a user page -* (bug 10508) Allow HTML attributes on <gallery> -* (bug 1962) Allow HTML attributes on <math> -* (bug 10530) Introduce optional "sp-contributions-explain" message for - additional explanation in Special:Contributions -* (bug 10520) Preview licences during upload via AJAX (toggle with - $wgAjaxLicensePreview) -* New Parser::setTransparentTagHook for parser extension and template - compatibility -* Introduced 'ContributionsToolLinks' hook; see docs/hooks.txt for more - information -* Add a message if category is empty -* Add CSS compatibility for Opera 9.5 -* Remove largely untested handheld stylesheet, which was causing more trouble - than good. Proper handheld support will be added at a future date. For now, - display should be acceptable either with CSS turned off or when using a so- - phisticated handheld browser. -* (bug 3173) Option to offer exported pages as a download, rather than displaying - inline, as in most browsers -* Pass the user as an argument to 'isValidPassword' hook callbacks; see - docs/hooks.txt for more information -* Introduce 'UserGetRights' hook; see docs/hooks.txt for more information -* (bug 9595) Pass new Revision to the 'ArticleInsertComplete' and - 'ArticleSaveComplete' hooks; see docs/hooks.txt for more information -* (bug 9575) Accept upload description from GET parameters -* Skip the difference engine cache when 'action=purge' is used while requesting - a difference page, to allow refreshing the cache in case of errors -* (bug 10701) Link to Special:Listusers in default Special:Statistics messages -* Improved file history presentation -* (bug 10739) Users can now enter comments when reverting files -* Improved handling of permissions errors -* (bug 10793) "Mark patrolled" links will now be shown for users with - patrol permissions on all eligible diff pages -* (bug 10655) Show standard tool links for blocked users in block log messages -* Show standard tool links for blocked users in Special:Ipblocklist -* Miscellaneous aesthetic improvements to Special:Ipblocklist -* (bug 10826) Added link trail with Cyrillic characters for Mongolian language -* (bug 10859) Introduce 'UserGetImplicitGroups' hook; see docs/hooks.txt for - more information -* (bug 10832) Include user information when viewing a deleted revision -* (bug 10872) Fall back to sane defaults when generating protection selector - labels for custom restriction levels -* Show edit count in user preferences -* Improved support for audio/video extensions -* (bug 10937) Distinguish overwritten files in upload log -* Introduce 'ArticleUpdateBeforeRedirect' hook; see docs/hooks.txt for more - information -* Confirmation is now required when deleting old versions of files -* (bug 7535) Users can now enter comments when deleting old versions of files -* (bug 11001) Submit Special:Newpages as a GET, rather than a POST request -* The <strong></strong> around links to watched pages in change lists now - has a class - "mw-watched" -* (bug 9002) Provide a "view/restore deleted edits" link on Special:Upload - when a destination filename is provided that corresponds with previous - deleted files -* Make the "invalid special page" message clearer -* Add accesskey 's' and tooltip to 'upload file' button at Special:Upload -* Introduced 'SkinAfterBottomScripts' hook; see docs/hooks.txt for - more information -* (bug 11095) Honour "preview on first edit" preference when preloading - text for a non-existent page -* (bug 11022) Use a more accurate page title for Special:Whatlinkshere and - Special:Recentchangeslinked -* Add link to user contributions in normal watchlist edit mode -* (bug 9426) Add 'newsectionheaderdefaultlevel' message to allow - modification of the heading formatting for new sections when section=new - argument is supplied -* (bug 10836) Add 'newsectionsummary' message to allow modification of the - text that prefixes a new section link in Recent Changes - -== Bugfixes since 1.10 == - -* (bug 9712) Use Arabic comma in date/time formats for Arabic and Farsi -* (bug 9670) Follow redirects when render edit section links to transcluded - templates. -* (bug 6204) Fix incorrect unindentation with $wgMaxTocLevel -* (bug 3431) Suppress "next page" link in Special:Search at end of results -* Don't show unblock form if the user doesn't have permission to use it - (cosmetic change, no vulnerabilities existed) -* Subtitle success message when unblocking a block ID instead of a pseudo link - like [[User:#123|#123]] -* Use the standard HTTP fetch functions when retrieving remote wiki pages - through transwiki, so we can take advantage of cURL goodies if available -* Disable user JavaScript on Special:Userlogin, Special:Resetpass and - Special:Preferences, to avoid a compromised script sniffing passwords, etc. -* (bug 9854, 3770) Clip overflow text in gallery boxes for visual cleanliness - instead of letting it flow outside the box or trigger ugly scroll bars. -* Tooltips for print version and permalink -* Links to the MediaWiki namespace for system messages having their default - values are no longer shown as nonexistent (e.g., in red) -* Special:Ipblocklist differentiates between empty list and no search results. -* (bug 5375) profiling does not respect read-only mode. -* (bug 7070) monobook/user.gif has antialias artifacts -* (bug 9123) Safer way when applying $wgLocalTZoffset -* (bug 9896) Documentation for $wgSquidServers and X-FORWARDED-FOR -* (bug 9417) Uploading new versions of images when using Postgres no longer - throws warnings. -* (bug 9908) Using tsearch2 with Postgres 8.1 no longer gives an error. -* (bug 1438) Fix for diff table layout on very wide lines. - Diff style rules have been broken out to common/diff.css, - and the dupes removed from the default skin files. - Skins can still override the default rules. -* (bug 1229) Balance columns in diff display evenly -* Right-align diff line numbers in RTL language display -* (bug 9332) Fix instructions in tests/README -* (bug 9813) Reject usernames containing '#' to avoid silent truncation - of fragments during the normalisation process -* (bug 7989) RSS feeds content now use black text when using white background. -* (bug 9971) Typo in a french language message. -* (bug 9973) Changed size was shown in advanced recentchanges collapsible items - with $wgRCShowChangedSized = false. -* Fix PHP strict standards warning in enhanced recent changes. -* (bug 5850) Added hexadecimal html entities comments for $digitTransformTable - entries. -* (bug 7432) Change language name for Aromanian (roa-rup) -* (bug 908) Unexistent special pages now generate a red link. -* (bug 7899) Added \hline and \vline to the list of allowed TeX commands -* (bug 7993) support mathematical symbol classes -* (bug 10007) Allow Block IP to work with Postgrs again. -* Add Google Wireless Transcoder to the Unicode editing blacklist -* (bug 10083) Fix for Special:Version breakage on PHP 5.2 with some hooks -* (bug 3624) TeX: \ker, \hom, \arg, \dim treated like \sin & \cos -* (bug 10132, 10134) Restore back-compatibility Image::imageUrl() function -* (bug 10113) Fix double-click for view source on protected pages -* (bug 10117) Special:Wantedpages doesn't handle invalid titles in result - set [now prints out a warning] -* (bug 10118) Introduced Special:Mostlinkedtemplates, report which lists - templates with a high number of inclusion links -* (bug 10104) Fixed Database::getLag() for PostgreSQL and Oracle -* (bug 9820) session.save_path check no longer halts installation, but - warns of possible bad values -* (bug 9978) Fixed session.save_path validation when using extended - configuration format, e.g. "5;/tmp" -* Don't generate a diff link in the patrol log if the page doesn't exist -* (bug 10067) Translations for former skins removed from message files -* (bug 9993) Force $wgShowExceptionDetails on during installation -* (bug 9980) Validate administrator username and password during - installation -* (bug 9383) Don't set a default value for BLOB column in rc-deleted - database patch -* (bug 10149) Don't show full template list on section-0 edit -* (bug 9909) Ensure access to binary fields in the math table use encodeBlob() - and decodeBlob() -* (bug 6743) Don't link broken image links to the upload form when uploads - are disabled -* (bug 9679) Improve documentation for $wgSiteNotice -* (bug 10215) Show custom editing introduction when editing existing pages -* (bug 10223) Fix edit link in noarticletext localizations for fr, oc -* (bug 10247) Fix IP address regex to avoid false positive IPv6 matches -* (bug 9948) Workaround for diff regression with old Mozilla versions -* (bug 10265) Fix regression in category image gallery paging -* (bug 8577) Fix some weird misapplications of time zones. - {{CURRENT*}} functions now consistently use UTC as intended, while - {{LOCAL*}} functions return local time per server config or $wgLocaltimezone. - Signature dates for Japanese and other languages including weekday now show - the correct day to match the rest of the time in local time. -* Escape the output of magic variables that return page name or part of it -* (bug 10309) Initialise parser state properly in extractSections(), fixes - some cases where section edits broke because tags were improperly stripped -* Avoid PHP notice errors when doing HTTP proxy purges for an empty list -* As intended, *skip* the HTTP proxy purges when doing HTCP purges -* (bug 9696) Fix handling of brace transformations in "pagemovedtext" -* (bug 10325) Fix regression in form action on Special:Listusers -* Fixed installation on MyISAM or old InnoDB with charset=utf8, was giving - overlong key errors. -* Fixed zero-padding issues with MySQL 5 binary schema -* (bug 10344) Don't follow a redirect after changing its protection level -* (bug 10333) Correct date format in Slovenian -* (bug 10160) Show error message for unknown namespace on Special:Allpages and - Special:Prefixindex; making forms prettier for RTL wikis. -* (bug 10334) Replace normal spaces before percent (%) signs with non-breaking - spaces -* (bug 10372) namespaceDupes.php no longer ignores namespace aliases -* (bug 10198) namespaceDupes.php no longer ignores interwiki prefixes -* namespaceDupes.php should work better for initial-lowercase wikis -* (bug 10377) "Permanent links" to revisions still work if the page is moved - and the redirect deleted -* (bug 7071) Properly handle an 'oldid' passed to view or edit that doesn't - match the given title. Fixes inconsistencies with talk, history, edit links. -* (bug 10397) Fix AJAX watch error fallback when we receive a bogus result -* (bug 10396) Fix AJAX error when $wgScriptPath/index.php is not valid; - using $wgScript now included in JS info -* Use native XMLHttpRequest class in preference to ActiveX on IE 7; this - avoids the "ActiveX "Do you want to allow ActiveX?" prompt when something - security settings are cranked this way and AJAX-y gets used. -* Delay AJAX watch initialization until click so IE 6 with ugly security - settings doesn't prompt you until you use the link. -* (bug 10401) Provide non-redirecting link to original title in Special:Movepage -* Fix broken handling of log views for page titles consisting of one - or more zeros, e.g. "0", "00" etc. -* Fix read permission check for special pages with subpage parameters, e.g. - Special:Confirmemail -* Fix read permission check for unreadable page titles which are numerically - equivalent to a whitelisted title -* '?>' closing tag removed from all files to help avoid problems with extraneous - whitespace (broken XML feeds, etc.) -* Don't use garbled parser cache output when viewing custom CSS or JavaScript - pages -* (bug 10406) Fix Special:Listusers filter form for non-ASCII localizations -* Fix empty message checks for message names containing & - This corrects some odd behavior with sidebar items and custom namespaces - containing ampersands. -* (bug 10375) Change thousands separator character to for Latin (la) -* (bug 10477) Fix AJAX watch for Farsi on Firefox: JavaScript encoding tweak -* (bug 10496) Fix broken DISTINCT option logic in database backend -* Fix CSS media declaration for "screen, projection"; was causing some - validation issues -* (bug 10495) $wgMemcachedDebug set twice in includes/DefaultSettings.php -* (bug 10316) Prevent inconsistent cached skin settings in gen=js by setting - the intended skin directly in the URL. -* (bug 9903) Don't mark redirects in categories as stubs -* (bug 6965) Cannot include "Template:R" with {{R}} (magic word conflict) -* Padding parser functions now work with strings like '0' that evaluate to false -* (bug 10332) Title->userCan( 'edit' ) may return false positive -* Fix bug with <nowiki> in front of links for wikis where linkPrefixExtension is true -* (bug 10552) Suppress rollback link in history for single-revision pages -* (bug 10538) Gracefully handle invalid input on move success page -* Fix for Esperanto double-x-encoding in move success page -* (bug 10526) Fix toolbar/insertTags behavior for IE 6/7 and Opera (8+) - Now matches the selection behavior on Mozilla / Safari. - Patch by Alex Smotrov. -* Don't show non-functional toolbar buttons on Opera 7 anymore -* (bug 9151) Fix relative subpage links with section fragments -* (bug 10560) Adding a space between category letter heading and "continues" -* (bug 4650) Keep impossibly large/small counts off Special:Statistics -* (bug 10608) PHP notice when installing with PostgreSQL -* (bug 10615) Fix for transwiki import when CURL not available -* (bug 8054) Return search page for empty search requests with ugly URLs -* (bug 10572) Force refresh after clearing visitation timestamps on watchlist -* (bug 10631) Warn when illegal characters are removed from filename at upload -* Fix several JavaScript bugs under MSIE 5/Macintosh -* (bug 10591) Use Arabic numerals (0,1,2...) for the Malayam language -* (bug 10642) Fix shift-click checkbox behavior for Opera 9.0+ and 6.0 -* Work around Safari bug with pages ending in ".gz" or ".tgz" -* Removed obsolete maintenance/changeuser.sql script; use RenameUser extension -* (bug 2735) "Preview" shown in title bar for action=submit on special pages -* Removed "restore" links from the deletion log embedded in Special:Undelete -* Improved error reporting and robustness for file delete/undelete. -* Improved speed of file delete by storing the SHA-1 hash in image/oldimage -* Fixed leading zero in base 36 SHA-1 hash -* Protection form no longer produces JavaScript errors -* (bug 10741) File histories show "delete" links for non-sysops -* (bug 10744) Treat "noarticletext" and "noarticletextanon" as wiki text when - used on a non-existent page with "action=info" -* Fix escaping of raw message text when used on a non-existent page with - "action=info" -* (bug 10683) Fix inconsistent handling of URL-encoded titles in links - used in redirects (i.e. they now work) -* (bug 8878) Changes to $dateFormats in German localization (removing unused, - nonexistent formats, putting time after date) -* (bug 10769) Database::update() should return boolean result -* Fix preference checkbox display for right-to-left languages which caused - them to be hidden in IE in some cases -* Fix upload form display in right-to-left languages -* Fixed regression in blocking of username '0' -* (bug 9437) Don't overwrite edit form submission handler when setting up - edit box scroll position preserve/restore behaviour -* (bug 10805) Fix "undo" link when viewing the diff of the most recent - change to a page using "diff=0" -* (bug 10765) img_auth.php will now refuse logged-out requests where - $wgWhitelistRead is undefined, instead of (incorrectly) honouring them -* Fixed img_auth.php file name extraction for whitelist checking -* Tweak spacing of email preference display -* Table sorting JavaScript prefers textContent over innerText to allow hidden - sort keys to work on Safari -* (bug 4530) Fix local name of Kurdish language -* (bug 10830) Fix local name of Haitian Creole language -* Fix invalid XHTML in Special:Protectedpages -* Fix comments in contributions and log pages for right-to-left languages -* Make installer include_path-independent, so it should work on hosts which - disable user setting of PHP include_path setting -* glob() is horribly unreliable and doesn't work on some systems, including - free.fr shared hosting. No longer using it in Language::getLanguageNames() -* (bug 10763) Fix multi-insert logic for PostgreSQL -* Fix invalid XHTML when viewing a deleted revision -* Fix syntax error in translations of magic words in Romanian language -* (bug 8737) Fix warnings caused by incorrect use of `/dev/null` when piping - process error output under Windows -* (bug 7890) Don't list redirects to special pages in Special:BrokenRedirects -* (bug 10783) Resizing PNG-24 images with GD no longer causes all alpha - channel transparency to be lost and transparent pixels to be turned black -* (bug 9339) General error pages were transforming messages and their parameters - in the wrong order -* (bug 9026) Incorrect heading numbering when viewing Special:Statistics with - "auto-numbered headings" enabled -* Fixed invalid XHTML in Special:Upload -* (bug 11013) Make sure dl() is available before attempting to use it to check - available databases in installer -* Resizing transparent GIF images with GD now retains transparency by skipping - resampling -* (bug 11065) Fix regression in handling of wiki-formatted EXIF metadata -* Double encoding broke Special:Newpages for some languages -* Adding a newline before the statistics footer, to prevent parsing problems -* Preventing the TOC from appearing in Special:Statistics -* (bug 11082) Fix check for fully-specced table names in Database::tableName -* (bug 11067) Fix regression in upload conflict thumbnail display -* (bug 10985) Resolved cached entries on Special:DoubleRedirects were being - supressed, breaking paging - now strikes out "fixed" results -* (bug 8393) <sup> and <sub> need to be preserved (without attributes) for - entries in the table of contents -* (bug 11114) Fix regression in read-only mode error display during editing -* Force non-MySQL databases to use an ORDER BY in SpecialAllpages to ensure - that the first page_title is truly the first page title. -* (bug 10836) Change the summary on creating of new section -* Inclusion of Special:Wantedpages now works again - -== API changes since 1.10 == +=== Configuration changes in 1.12 === +* Marking edits as bot edits with Special:Contributions?bot=1 now requires the + markbotedit permission, rather than the rollback permission previously used. + This permission is assigned by default to the sysop group. +* MediaWiki now checks if serialized files are out of date. New configuration + variable $wgCheckSerialized can be set to false to enable old behavior (i.e. + to not check and assume they are always up to date) +* The rollback permission can now be rate-limited using the normal mechanism. +* New configuration variable $wgExtraLanguageNames +* Behaviour of $wgAddGroups and $wgRemoveGroups changed. New behaviour: +* * Granting the userrights privilege allows arbitrary changing of rights. +* * Without the userrights privilege, a user will be able to add and/or + remove the groups specified in $wgAddGroups and $wgRemoveGroups for + any groups they are in. +* New permission userrights-interwiki for changing user rights on foreign wikis. +* $wgImplictGroups for groups that are hidden from Special:Listusers, etc. +* $wgAutopromote: automatically promote users who match specified criteria +* $wgGroupsAddToSelf, $wgGroupsRemoveFromSelf: allow users to add or remove + themselves from specified groups via Special:Userrights. +* When $wgUseTidy has been enabled, PHP's Tidy module is now used if it is + present, in preference to an external Tidy executable which may or may not + be present. To force use of external Tidy even when the PHP module is + available, set $wgTidyInternal to false. + + +=== New features in 1.12 === +* (bug 10735) Add a warning for non-descriptive filenames at Special:Upload +* Add {{filepath:}} parser function to get full path to an uploaded file, + complementing {{fullurl:}} for pages. +* (bug 11136) If using Postgres, search path is explicitly set if wgDBmwschema + is not set to 'mediawiki', allowing multiple mediawiki instances per user. +* (bug 11151) Add descriptive <title> to revision history page +* (bug 5412) Add feed links for the site to all pages +* (bug 11353) Add ability to retrieve raw section content via action=raw +* (bug 6909) Show relevant deletion log lines when uploading a previously + deleted file +* On SkinTemplate based skins (like MonoBook), omit confusing "edit"/"view + source" tab entirely if the page doesn't exist and the user isn't allowed to + create it +* Clarify instructions given when an exception is thrown +* AuthPlugin added strictUserAuth() method to allow per-user override + of the strict() authentication behavior. +* (bug 7872) Deleted revisions can now be viewed as diffs showing changes + against the previous revision, whether currently deleted or live. +* Added tooltips for the "Go" and "Search" buttons +* (bug 11649) Show input form when Special:Whatlinkshere has no parameters +* isValidEmailAddr hook added to User method of that name, to allow, e.g., re- + stricting e-mail addresses to a specific domain +* Removed "Clear" link in watchlist editor tools, as people were afraid to + click it. Existing clear links will fall back to the raw editor, which is + very easy to clear your watchlist with. +* (bug 1405) Add wgUseNPPatrol option to control patroling for new articles + on Special:Newpages +* LogLine hook added to allow formatting custom entries in Special:Log. +* Support for Iranian calendar +* (bug 1401) Allow hiding logged-in users, bots and patrolled pages on + Special:Newpages +* ChangesListInsertArticleLink hook added for adding extra article info to RC. +* MediaWikiPerformAction hook added for diverting control after the main + globals have been set up but before any actions have been taken. +* BeforeWatchlist hook added for filtering or replacing watchlist. +* SkinTemplateTabAction hook added for altering the properties of tab links. +* OutputPage::getRedirect public method added. +* (bug 11848, 12506) Allow URL parameters 'section', 'editintro' and 'preload' + in Special:Mypage and Special:Mytalk +* Add ot=raw to Special:Allmessages +* Support for Hebrew calendar +* Support for Hebrew numerals in dates and times +* (bug 11315) Signatures can be configured in [[MediaWiki:Signature]] and + [[MediaWiki:Signature-anon]] +* Signatures for anonymous users link to Special:Contributions page rather than + user page +* Added --override switch for disabled pages in updateSpecialPages.php +* Provide a unique message (ipb_blocked_as_range) if unblock of a single IP + fails + because it is part of a blocked range. +* (bug 3973) Use a separate message for the email content when an account is + created by another user +* dumpTextPass.php can spawn fetchText.php as a subprocess, which should restart + cleanly if database connections fail unpleasantly. +* (bug 12028) Add Special:Listbots as shortcut for Special:Listusers/bot +* (bug 9633) Add a predefined list of delete reasons to the deletion form +* Show a warning message when creating/editing a user (talk) page but the user + does not exists +* (bug 8396) Ignore out-of-date serialised message caches +* (bug 12195) Undeleting pages now requires 'undelete' permission +* (bug 11810) Localize displayed semicolons +* (bug 11657) Support for Thai solar calendar +* (bug 943) RSS feed for Recentchangeslinked +* Introduced AbortMove hook +* (bug 2919) Protection of nonexistent pages with regular protection interface. +* Special:Upload now lists permitted/prohibited file extensions. +* Split ambiguous filetype-badtype message into two new messages, + filetype-unwanted-type and filetype-banned-type. +* Added link to the old title in Special:Movepage +* On Special:Movepage, errors are now more noticeable. +* It is now possible to change rights on other local wikis without the MakeSysop + extension +* Add HTML ID's mw-read-only-warning and mw-anon-edit-warning to warnings when + editing to allow CSS styling. +* Parser now returns list of sections +* When a user is prohibited from creating a page, a title of "View source" + makes no sense, and there should be no "Return to [[Page]]" link. +* (bug 12486) Protected titles now give a warning for privileged editors. +* (bug 9939) Special:Search now sets focus to search input box when no existing + search is active +* For Special:Userrights, use GET instead of POST to search for users. +* Allow subpage syntax for Special:Userrights, i.e., Special:Userrights/Name. +* When submitting changes on Special:Userrights, show the full form again, not + just the search box. +* Added exception hooks +* (bug 12574) Allow bots to specify whether an edit should be marked as a bot + edit, via the parameter 'bot'. (Default: '1') +* (bug 12536) User should be able to get MediaWiki version from any page +* (bug 12622) A JavaScript constant to declare whether api.php is available +* Add caching to the AJAX search +* Add APCOND_INGROUPS +* Add DBA caching to installer +* (bug 18585) Added a bunch of parameters to the revertpage message +* Support redirects in image namespace +* (bug 10049) Prefix index search and namespaces in Special:Withoutinterwiki +* (bug 12668) Support for custom iPhone bookmark icon via $wgAppleTouchIcon +* Add option to include templates in Special:Export. +* (bug 12655) Added $wgUserEmailUseReplyTo config option to put sender + address in Reply-To instead of From for user-to-user emails. + This protects against SPF problems and privacy-leaking bounce messages + when using mailers that set the envelope sender to the From header value. +* (bug 11897) Add alias [[Special:CreateAccount]] & [[Special:Userlogin/signup]] + for Special:Userlogin?type=signup +* (bug 12214) Add a predefined list of delete reasons to the file deletion form +* Merged backends for OpenSearch suggestions and AJAX search. + Both now accept namespace prefixes, handle 'Media:' and 'Special:' pages, + and reject interwiki prefixes. PrefixSearch class centralizes this code, + and the backend part can be overridden by the PrefixSearchBackend hook. +* (bug 10365) Localization of Special:Version +* When installing using Postgres, the Pl/Pgsql language is now checked for + and installed when at the superuser level. +* The default robot policy for the entire wiki is now configurable via the + $wgDefaultRobotPolicy setting. +* (bug 12239) Use different separators for autocomments +* (bug 12857) Patrol link on new pages should clear floats +* (bug 12968) Render redirect wikilinks in a redirect class for customization + via user/site CSS. +* EditPageBeforeEditButtons hook added for altering the edit buttons below the edit box + +=== Bug fixes in 1.12 === + +* Subpages are now indexed for searching properly when using PostgreSQL +* (bug 3846) Suppress warnings from, e.g. open_basedir when scanning for + ImageMagick, diff3 et al. during installation [patch by Jan Reininghaus] +* (bug 7027) Shift handling of deletion permissions-checking to + getUserPermissionsErrors. +* Login and signup forms are now more correct for right-to-left languages. +* (bug 5387) Block log items on RecentChanges don't make use of possible + translations +* (bug 11211) Pass, as a parameter to the protectedpagetext interface + message, the level of protection. +* (bug 9611) Supply the blocker and reason for the cantcreateaccounttext + message. +* (bug 8759) Fixed bug where rollback was allowed on protected pages for wikis + where rollback is given to non-sysops. +* (bug 8834) Split off permission for editing user JavaScript and CSS from + editinterface to a new permission key editusercssjs. +* (bug 11266) Set fallback language for Fulfulde (ff) to French +* (bug 11179) Include image version deletion comment in public log +* Fixed notice when accessing special page without read permission and whitelist + is not defined +* (bug 9252) Fix for tidy funkiness when using editintro mode +* (bug 4021) Fix for MySQL wildcard search +* (bug 10699) Fix for MySQL phrase search +* (bug 11321) Fix width of gallerybox when option "width=xxx" is used +* (bug 7890) Special:BrokenRedirects links deleted redirects to a non-existent + page +* Fix initial statistics when installing: add correct values +* (bug 11342) Fix several 'returnto' links in permissions/error pages which + linked to the main page instead of targetted page +* Strike the link to the redirect rather than using an asterisk in + Special:Listredirects +* (bug 11355) Fix false positives in Safe Mode and other config detection + when boolean settings are disabled with 'Off' via php_admin_value/php_value +* (bug 11292) Fixed unserialize errors with Postgres by creating special Blob + object. +* (bug 11363) Make all metadata fields bytea when using Postgres. +* (bug 11331) Add buildConcat() and use CASE not IF for DB compatibility. Make + oldimage cascade delete via image table for Postgres, change fa_storage_key + TEXT. +* (bug 11438) Live Preview chops returned text +* Show the right message on account creation when the user is blocked +* (bug 11450) Fix creation of objectcache table on upgrade +* Fix namespace selection after submit of Special:Newpages +* Make input form of Special:Newpages nicer for RTL wikis +* (bug 11462) Fix typo in LanguageGetSpecialPageAliases hook name +* (bug 11474) Fix unintentional fall-through in math error handling +* (bug 11478) Fix undefined method call in file deletion interface +* (bug 278) Search results no longer highlight incorrect partial word matches +* Compatibility with incorrectly detected old-style DJVU mime types +* (bug 11560) Fix broken HTML output from weird link nesting in edit comments. + Nested links (as in image caption text) still don't work _right_ but they're + less wrong +* (bug 9718) Remove unnecessary css from main.css causing spacing issues on + some browsers. +* (bug 11574) Add an interface message loginstart, which, similarly to loginend, + appears just before the login form. Patch by MinuteElectron. +* Do not cache category pages if using 'from' or 'until' +* Created new hook getUserPermissionsErrors, to go with userCan changes. +* Diff pages did not properly display css/js pages. +* (bug 11620) Add call to User::isValidEmailAddr during accout creation. +* (bug 11629) If $wgEmailConfirmToEdit is true, require people to supply an + email address when registering. +* (bug 11612) Days to show in recent changes cannot be larger than 7 +* (bug 11131) Change filearchive width/height columns to int for Postgres +* Support plural in undeleted{revisions,revisions-files,files} +* (bug 11343) If the database is read-only, ensure that undelete fails. +* (bug 11690) Show revert link for page moves in Special:Log to allowed users + only +* Initial-lowercase prefix checks in namespaceDupes.php now actually work. +* Fix regression in LinkBatch.php breaking PHP 5.0 +* (bug 11452) wfMsgExt uses sometimes wrong language object for parsing magic + words when called with options ''parsemag'' or ''content''. +* (bug 11727) Support plural in 'historysize' message +* (bug 11744) Incorrect return value from Title::getParentCategories() +* (bug 11762) Fix native language name of Akan (ak) +* (bug 11722) Fix inconsistent case in unprotect tabs +* (bug 11795) Be more paranoid about confirming accept-encoding header is + present +* (bug 11809) Use formatNum() for more numbers +* (bug 11818) Fix native language name of Inuktitut (iu) +* Remove all commas when parsing float numbers in sorted tables +* Limit text field of deletion, protection and user rights changes reasons to + 255 characters (already restricted in the database) +* In the deletion default reasons, calculate how much text to get from the + article text, rather than getting 150 characters (which may be too much) +* Add two messages for Special:Blockme which were used but undefined +* (bug 11921) Support plural in message number_of_watching_users_pageview +* If an IP address is blocked as part of a rangeblock, attempting to unblock + the single IP should not unblock the entire range. +* (bug 6695) Fix native language name of Southern Sotho (Sesotho) (st) +* Make action=render follow redirects by default +* If restricted read access was enabled, whitelist didn't work with special + pages which had spaces in theirs names +* If restricted read access was enabled, requests for non-existing special pages + threw an exception +* Feeds for recent changes now provide correct URLs for the change, not just + the page +* Check for if IP is blocked as part of a range when unblocking (see above bug- + fix) was faulty. Now fixed. +* Fixed wpReason URL parameter to action=delete. +* Do not force a password for account creation by email +* Ensure that rate-limiting is applied to rollbacks. +* Make a better rate-limiting error message (i.e. a normal MW error, + rather than an "Internal Server Error"). +* Do not present an image bigger than the source when 'frameless' option is used + (to be consistent with the 'thumb' option now) +* Support {{PLURAL}} for import log +* Make sure that the correct log entries are shown on Special:Userrights even + for users with special characters in their names +* The number of watching users in watchlists was always reported as 1 +* namespaceDupes.php no longer dies when coming across an illegal title +* (bug 12143) Do not show a link to patrol new pages for non existent pages +* (bug 12166) Fix XHTML validity for Special:Emailuser +* (bug 11346) Users who cannot edit a page can now no longer unprotect it. +* (bug 451) Add a generic Traditional / Simplified Chinese conversion table, + instead of a Traditional conversion with Taiwan variant, and a Simplified + conversion with China variant. +* (bug 12178) Fix wpReason parameter to action=delete, again. +* Graceful behavior for updateRestrictions.php if a page already has records + in the page_restrictions matching its old page_restrictions field. + May help with odd upgrade issues or race condition. +* (bug 11993) Remove contentsub "revision history" +* (bug 11952) Ensure we quote_ident() all schema names as needed + inside of the DatabasePostgres.php file. +* (bug 12184) Exceptions now sent to stderr instead of stdout for command-line + scripts, making for cleaner reporting during batch jobs. PHP errors will also + be redirected in most cases on PHP 5.2.4 and later, switching 'display_errors' + to 'stderr' at runtime. +* (bug 12148) Text highlight wasn't applied to cleanly deleted and added + lines in diff output +* (bug 10166) Fix a PHP warning in Language::getMagic +* Only mark rollback edits as minor if the user can normally mark edits minor +* Escape page names in the move successful page (e.g. for pages with two + apostrophes). +* (bug 12145) Add localized names of kk-variants +* (bug 12259) Localize the numbers in deleted pages on the sysop view +* Set proper page title for successful file deletion +* (bug 11221) Do not show 'Compare selected versions' button for a history page + with one revision only +* (bug 12267) Set the default date format to Thai solar calender for the Thai + language +* (bug 10184) Extensions' stylesheets and scripts should be loaded before + user-customized ones (like Common.css, Common.js) +* (bug 12283) Special:Newpages forgets parameters +* (bug 12031) All namespaces doesn't work in Special:Newpages +* (bug 585) Only create searchindex replica table for parser tests if db is + MySQL +* Allow --record option if parserTests.php to work when using Postgres +* (bug 12296) Simplify cache epoch in default LocalSettings.php +* (bug 12346) XML fix when body double-click and click handlers are present +* Fix regression -- missing feed links in sidebar on Special:Recentchanges +* (bug 12371) Handle more namespace case variants in namespaceDupes.php +* (bug 12380) Bot-friendly EditPage::spamPage +* (bug 8066) Spaces can't be entered in special page aliases +* Hide undo link if user can't edit article +* (bug 12416) Fix password setting for createAndPromote.php +* (bug 3097) Inconsistently usable titles containing HTML character entities + are now forbidden. A run of cleanupTitles.php will fix up existing pages. +* (bug 12446) Permissions check fix for undelete link +* (bug 12451) AJAX title normalization tweaks +* When a user creating a page is not allowed to either create the page nor edit + it, all applicable reasons are now shown. +* (bug 11428) Allow $wgScript inside $wgArticlePath when emulating PATH_INFO + Fixes 'root'-style rewrite configurations +* (bug 12493) Removed hardcoded MAX_FILE_SIZE from Special:Import upload form +* (bug 12489) Special:Userrights listed in restricted section again +* (bug 12553) Fixed invalid XHTML in edit conflict screen +* (bug 12505) Fixed section=0 with action=raw +* (bug 12614) Do not log user rights change that didn't change anything +* (bug 12584) Don't reset cl_timestamp when auto-updating sort key on move +* (bug 12588) Fix selection in namespace selector on Special:Newpages +* Use only default options when generating RSS and Atom syndication links. + This should help prevent infinite link loops that some software may follow, + and will generally keep feed behavior cleaner. +* (bug 12608) Unifying the spelling of getDBkey() in the code. +* (bug 12611) Bot flag ignored in recent changes +* (bug 12617) Decimal and thousands separators for Romanian +* (bug 12567) Fix for misformatted read-only messages on edit, protect. + Also added proper read-only checks to several special pages. + Have removed read-only checks from the general user permission framework. +* Creating a site with a name containing '#' is no longer permitted, since the + name will not work (but $wgSiteName is not checked if manually set). +* (bug 12695) Suppress dvips verbiage from web server error log +* (bug 12716) Unprotecting a non-protected page leaves a log entry +* Log username blocks with canonical form of name instead of input form +* (bug 11593, 12719) Fixes for overzealous invocation of thumb.php. + Non-image handlers and full-size images may now decline it, fixing + mystery failures when using $wgThumbnailScriptPath. +* (bug 12327) Comma in username no longer disrupts mail headers +* (bug 6436) Localization of Special:Import XML parser Error message(s). +* Security fix for API on MSIE +* (bug 12768) Database query syntax error in maintenance/storage/compressOld.inc +* (bug 12753) Empty captions in MediaWiki:Sidebar result in PHP errors +* (bug 12790) Page protection is not logged when edit-protection is used + and move-protection is not +* (bug 12793) Fix for restricted namespaces/pages in Special:Export +* Fix for Special:Export so it doesn't ignore the page named '0' +* Don't display rollback link if the user doesn't have all required permissions +* The comment of a time-limited protection now contains the date in the default + format +* (bug 12880) wfLoadExtensionMessages does not use $fallback from MessagesXx.php +* (bug 12885) Correction for Russian convertPlural function +* (bug 12768) Make DatabasePostgres->hasContraint() schema aware. +* (bug 12735) Truncate usernames in comments using mb_ functions. +* (bug 12892) Poor tab indexing on "delete file" form +* (bug 12660) When creating an account by e-mail, do not send the creator's IP + address +* (bug 12931) Fix wrong global variable in SpecialVersion +* (bug 12919) Use 'deletedrevision' message as content when deleting an old file + version +* (bug 12952) Using Nosuchusershort instead of Nosuchuser when account creation + is disabled +* (bug 12869) Magnify icon alignment should be adjusted using linked CSS +* Fixing message cache updates for MediaWiki messages moves +* (bug 12815) Signature timestamps were always in UTC, even if the timezone code + in parentheses after them claimed otherwise +* (bug 12732) Fix installer and searching to handle built-in tsearch2 for Postgres. +* (bug 12784) Change "bool" types to smallint to handle Postgres 8.3 strictness. +* (bug 12301) Allow maintenance/findhooks.php to search hooks in multiple directories. +* (bug 7681, 11559) Cookie values no longer override GET and POST variables. +* (bug 5262) Fully-qualified $wgStylePath no longer corrupted on XML feeds +* (bug 3269) Inaccessible titles ending in '/.' or '/..' now forbidden. +* (bug 12935, 12981) Fully-qualify archive URLs in delete, revert messages +* (bug 12938) Fix template expansion and 404 returns for action=raw with section +* (bug 11567) Fix error checking for PEAR::Mail. UserMailer::send() now returns + true-or-WikiError, which seems to be the calling convention expected by half + its callers already +* (bug 12846) IE rtl.css issue in RTL wikis special:Preferences when selecting an + LTR user language +* (bug 13005) DISPLAYTITLE does not work on preview +* (bug 13004) Fix error on Postgres searches that return too many results. +* (bug 13022) Fix upload from URL on PHP 5.0.x +* (bug 13139, 13074) Fix request data for parameters with numeric names +* (bug 13086) Trackbacks were returning invalid XML (extra whitespace) +* (bug 12430) Fix call to private method LinkFilter::makeRegex fatal error in + maintenance/cleanupSpam.php +* (bug 13211) Don't break edit buttons when Image namespace includes apostrophe +* Fix regression with upgrades from 1.4 or below. +* Fix regression: make dumpUploads.php work again +* dumpUploads.php options now actually supported +* wfRelativePath() no longer includes spurious ".." when base path is "/" +* wfRelativePath() now returns full path for differing Windows drives +* (bug 13274) Change link for message to ucfirst + +== Parser changes in 1.12 == + +For help with migration to the MediaWiki 1.12 parser, please visit: + +http://meta.wikimedia.org/wiki/Migration_to_the_new_preprocessor + +The parser pass order has changed from + + * Extension tag strip and render + * HTML normalisation and security + * Template expansion + * Main section... + +to + + * Template and extension tag parse to intermediate representation + * Template expansion and extension rendering + * HTML normalisation and security + * Main section... + +The main effect of this for the user is that the rules for uncovered syntax +have changed. + +Uncovered main-pass syntax, such as HTML tags, are now generally valid, whereas +previously in some cases they were escaped. For example, you could have "<ta" in +one template, and "ble>" in another template, and put them together to make a +valid <table> tag. Previously the result would have been "<table>". + +Uncovered preprocessor syntax is generally not recognised. For example, if you +have "{{a" in Template:A and "b}}" in Template:B, then "{{a}}{{b}}" will be +converted to a literal "{{ab}}" rather than the contents of Template:Ab. This +was the case previously in HTML output mode, and is now uniformly the case in +the other modes as well. HTML-style comments uncovered by template expansion +will not be recognised by the preprocessor and hence will not prevent template +expansion within them, but they will be stripped by the following HTML security +pass. + +Bug 5678 has been fixed. This has a number of user-visible effects related to +the removal of this double-parse. Please see the wiki page for examples. + +Message transformation mode has been removed, and replaced with "preprocess" +mode. This means that some MediaWiki namespace messages may need to be updated, +especially ones which took advantage of the terribly counterintuitive behaviour +of the former message mode. + +The header identification routines for section edit and for numbering section +edit links have been merged. This removes a significant failure mode and fixes a +whole category of bugs (tracked by bug #4899). Wikitext headings uncovered by +template expansion will still be rendered into a heading tag, and will get an +entry in the TOC, but will not have a section edit link. HTML-style headings +will also not have a section edit link. Valid wikitext headings present in the +template source text will get a template section edit link. This is a major +break from previous behaviour, but I believe the effects are almost entirely +beneficial. + +The main motivation for making these changes was performance. The new two-pass +preprocessor can skip "dead branches" in template expansion, such as unfollowed +#switch cases and unused defaults for template arguments. This provides a +significant performance improvement in template-heavy test cases taken from +Wikipedia. Parser function hooks can participate in this performance improvement +by using the new SFH_OBJECT_ARGS flag during registration. + +The pre-expand include size limit has been removed, since there's no efficient +way to calculate such a figure, and it would now be meaningless for performance +anyway. The "preprocessor node count" takes its place, with a generous default +limit. + +The context in which XML-style extension tags are called has changed, so +extensions which make use of the parser state may need compatibility changes. + +The new preprocessor syntax has been documented in Backus-Naur Form at: + +http://www.mediawiki.org/wiki/Preprocessor_ABNF + +The ExpandTemplates extension now has the ability to generate an XML parse +tree from wikitext source. This parse tree corresponds closely to the grammar +documented on that page. + +=== API changes in 1.12 === Full API documentation is available at http://www.mediawiki.org/wiki/API -* New properties: links, templates, images, langlinks, categories, external - links -* Breaking Change: imagelinks renamed into imageusage (il->iu) -* Bug fix: incorrect generator behavior in some cases -* JSON format allows an optional callback function to wrap the result. -* Login module disabled until a more secure solution can be implemented -* (bug 9938) Querying by revision identifier returns the most recent revision - for the corresponding page, rather than the requested revision -* (bug 8772) Filter page revision queries by user -* (bug 9927) User contributions queries do not accept IP addresses -* Watchlist feed now reports a proper feed item when the user is not logged in -* Watchlist feed date bug fixed - automatically shows one last day -* Watchlist feed now allows to specify number of hours to monitor -* list=allpages now returns a list instead of a map in JSON format -* Breaking Change: in json, revisions are now returned as a list, not as a map. -* Add: prop=info can show page is new flag, current page length, and visit - counter. -* Change: Query watchlist now shows flags only when explicitly requested with - wlparam=flags -* rc_this_oldid (textid) is no longer accessible from query watchlist -* action=usercontribs: additional filtering by ucshow=; selection of needed - fields with ucprop=; the textid (rev_text_id) is no longer being exposed -* (bug 9970) Breaking Change: backlinks, embeddedin and imageusage now return - lists in JSON instead of a map, and do not return anything when titles do - not exist -* (bug 9121) Introduced indexpageids query parameter to list the page_id - values of all returned page items -* (bug 10147) Now interwiki titles are not processed but added to a separate - "interwiki" section of the output. -* Added categorymembers list to query for pages in a category. -* (bug 10260) Show page protection status -* (bug 10392) Include MediaWiki version details in version output -* (bug 10411) Site language in meta=siteinfo -* (bug 10391) action=help doesn't return help if format is fancy markup -* backlinks, embeddedin and imageusage lists should use (bl|ei|iu)title parameter - instead of titles. Titles for these lists is obsolete and might stop working soon. -* Added prop=imageinfo - gets image properties and upload history -* (bug 10211) Added db server replication lag information in meta=siteinfo -* Added external url search within wiki pages (list=exturlusage) -* Added link enumeration (list=alllinks) -* Added registered users enumeration (list=allusers) -* Added full text search in titles and content (list=search) -* (bug 10684) Expanded list=allusers functionality -* Possible breaking change: prop=revisions no longer includes pageid for rvprop=ids -* Added rvprop=size to prop=revisions (The size will not be shown if it is NULL in the database) -* list=allpages now allows to filter by article min/max size and protection status -* Added site statistics (siprop=statistics for meta=siteinfo) -* (bug 10902) Unable to fetch user contributions from IP addresses -* `list=usercontribs` no longer requires that the user exist -* (bug 10971) `aufrom` parameter doesn't work with spaces -* Fix username handling issue with `auprefix` parameter -* Treat underscores as spaces for `aufrom` and `auprefix` parameters -* Added edit/delete/... token retrieval to prop=info -* Added meta=userinfo - logged-in user information, group membership, rights -* (bug 11072) Fix regression in API image history query -* (bug 11115) Adding SHA1 hash to imageinfo query -* (bug 10898) API does not return an edit token for non-existent pages -* (bug 10890) Timestamp support for categorymembers query -* (bug 10980) Add exclude redirects on backlinks -* IPv6 titles in User namespace are normalized (run cleanupTitles.php to fix any old stray pages) -* Sysops now have the same limits on the number of items they can request in a query as bots. - -== Maintenance script changes since 1.10 == - -* Add support for wgMaxTocLevel option in parserTests -* (bug 6823) Disable article view counter in maintenance/dumpHTML.php -* Fix maintenance/importImages.php so it doesn't barf PHP errors when no - suitable files are found, and make the list of extensions an option (defaults - to $wgFileExtensions) -* Add option to maintenance/createAndPromote.php to give the user bureaucrat - permissions (--bureaucrat) -* Allow overwriting existing files with a conflicting name using - maintenance/importImages.php -* (bug 10266) Use native newlines when rebuilding a messages file. - -== Languages updated since 1.10 == +* (bug 11275) Enable descending sort in categorymembers +* (bug 11308) Allow the API to output the image metadata +* (bug 11296) Temporary fix for escaping of ampersands inside links in + pretty-printed + help document. +* (bug 11405) Expand templates implementation in the API +* (bug 11218) Add option to feedwatchlist to display multiple revisions for each + page. +* (bug 11404) Provide name of exception caught in error code field of internal + api error messages. +* (bug 11534) rvendid doesn't work +* Fixed rvlimit of the revisions query to only enforce the lower query limit if + revision content is requested. +* Include svn revision number (if install is checked-out from svn) in siteinfo + query. +* (bug 11173) Allow limited wikicode rendering via api.php +* (bug 11572) API should provide interface for expanding templates +* (bug 11569) Login should return the cookie prefix +* (bug 11632) Breaking change: Specify the type of a change in the recentchanges + list as 'edit', 'new', 'log' instead of 0, 1, 2, respectively. +* Compatibility fix for PHP 5.0.x. +* Add rctype parameter to list=recentchanges that filters by type +* Add apprtype and apprlevel parameters to filter list=allpages by protection + types and levels +* Add apdir parameter to enable listing all pages from Z to A +* (bug 11721) Use a different title for results than for the help page. +* (bug 11562) Added a user_registration parameter/field to the list=allusers + query. +* (bug 11588) Preserve document structure for empty dataset in backlinks query. +* Outputting list of all user preferences rather than having to request them by + name +* (bug 11206) api.php should honor maxlag +* Make prop=info check for restrictions in the old format too. +* Add apihighlimits permission, default for sysops and bots +* Add limit=max to use maximal limit +* Add action=parse to render parser output. Use it instead of action=render + which has been removed +* Add rvtoken=rollback to prop=revisions +* Add meta=allmessages to get messages from site's messages cache. +* Use bold and italics highlighting only in API help +* Added action={block,delete,move,protect,rollback,unblock,undelete} and + list={blocks,deletedrevs} +* Fixed sessionid attribute in action=login +* Standardized limits. Revisions and Deletedrevisions formerly using + 200 / 10000, now 500 / 5000, in line with other modules. +* Added list=allcategories module +* (bug 12321) API list=blocks reveals private data +* Fix output of wfSajaxSearch +* (bug 12413) meta=userinfo missing <query> tag +* Add list of sections to action=parse output +* Added action=logout +* Added cascade flag to prop=info&inprop=protections +* Added wlshow parameter to list=watchlist, similar to rcshow + (list=recentchanges) +* Added support for image thumbnailing to prop=imageinfo +* action={login,block,delete,move,protect,rollback,unblock,undelete} now must be + POSTed +* prop=imageinfo interface changed: iihistory replaced by iilimit, iistart and + iiend parameters +* Added amlang parameter to meta=allmessages +* Added apfilterlanglinks parameter to list=allpages, replacing + query.php?what=nolanglinks +* (bug 12718) Added action=paraminfo module that provides information about API + modules and their parameters +* Added iiurlwidth and iiurlheight parameters to prop=imageinfo +* Added format=txt and format=dbg, imported from query.php +* Added uiprop=editcount to meta=userinfo +* Added list=users which fetches user information +* Added list=random which fetches a list of random pages +* Added page parameter to action=parse to facilitate parsing of existing pages +* Added uiprop=ratelimits to meta=userinfo +* Added siprop=namespacealiases to meta=siteinfo +* Made multiple values for ucuser possible in list=usercontribs +* (bug 12944) Added cmstart and cmend parameters to list=categorymembers +* Allow queries to have a where range that does not match the range field + +=== Languages updated in 1.12 === * Afrikaans (af) +* Akan (ak) (new) +* Amharic (am) (new) +* Aragonese (an) +* Old English (ang) (new) * Arabic (ar) -* Bikol (bcl) +* Aramaic (arc) +* Mapudungun (arn) (new) +* Assamese (as) +* Asturian (ast) +* Avaric (av) +* Kotava (avk) (new) +* Aymara (ay) +* Samogitian (bat-smg) +* Boarisch (bar) +* Bikol Central (bcl) +* Belarusian (be) +* Belarusian Taraskievica orthography (be-tarask) * Bulgarian (bg) +* Bislama (bi) (new) +* Bamanankan (bm) +* Bengali (bn) +* Bishnupriya Manipuri (bpy) +* Breton (br) +* Buginese (bug) (new) * Catalan (ca) +* Zamboangueño (cbk-zam) (new) +* Min Dong (cdo) (new) +* Chechen (ce) +* Cebuano (ceb) (new) +* Cherokee (chr) (new) +* Corsican (co) (new) +* Crimean Tatar (Cyrillic) (crh-cyrl) (new) +* Crimean Tatar (Latin) (crh-latn) (new) +* Czech (cs) +* Cassubian (csb) +* Old Church Slavonic (cu) +* Welsh (cy) * Danish (da) * German (de) +* German (de-formal) (new) +* Zazaki (diq) (new) +* Lower Sorbian (dsb) (new) +* Middle Dutch (dum) (new) +* Divehi (dv) +* Ewe (ee) (new) * Greek (el) -* Esperanto (eo) +* Emiliano-Romagnolo (eml) +* English (en) * Spanish (es) * Estonian (et) +* Euskara (eu) * Extremaduran (ext) -* Farsi (fa) * Finnish (fi) -* Vöro (fiu-vro) +* Persian (fa) +* Fulah (ff) +* Võro (fiu-vro) +* Fijian (fj) (new) +* Faroese (fo) * French (fr) -* Français Cadien (frc) (new) -* Franco-Provençal/Arpetan (frp) +* Cajun French (frc) +* Franco-Provençal (frp) +* Frisian (fy) +* Irish (ga) +* Gagauz (gag) (new) +* Gön-gnŷ (gan) (new) +* Scottish Gaelic (gd) (new) * Galician (gl) +* Gilaki (glk) (new) +* Gothic (got) (new) +* Ancient Greek (grc) (new) +* Swiss German (gsw) * Hakka (hak) +* Hawaiian (haw) (new) * Hebrew (he) +* Croatian (hr) * Upper Sorbian (hsb) -* Haitian (ht) +* Haitian Creole French (ht) +* Hungarian (hu) +* Armenian (hy) +* Interlingua (ia) * Indonesian (id) +* Interlingue (ie) (new) +* Igbo (ig) (new) +* Eastern Canadian (Unified Canadian Aboriginal Syllabics) (ike-cans) (new) +* Eastern Canadian (Latin) (ike-latn) (new) +* Ingush (inh) (new) +* Ido (io) (new) * Icelandic (is) * Italian (it) * Japanese (ja) +* Jutish (jut) (new) * Georgian (ka) +* Kara-Kalpak (kaa) * Kabyle (kab) * Kazakh (kk) +* Kazakh Arabic (kk-arab) (new) +* Kazakh (China) (kk-cn) +* Kazakh Cyrillic (kk-cyrl) (new) +* Kazakh (Kazakhstan) (kk-kz) +* Kazakh Latin (kk-latn) (new) +* Kazakh (Turkey) (kk-tr) +* Kalaallisut (kl) (new) +* Kannada (kn) * Korean (ko) -* Kinaray-a (krj) (new) -* Kurdish (ku) +* Kölsch (ksh) +* Kurdish (Arabic) (ku-arab) +* Kurdish (Latin) (ku-latn) +* Cornish (kw) (new) +* Kirghiz (ky) (new) * Latin (la) +* Ladino (lad) (new) +* Luxembourgish (lb) (new) +* Lingua Franca Nova (lfn) (new) +* Lak (lbe) (new) +* Ganda (lg) +* Limbugian (li) +* Líguru (lij) (new) +* Lozi (loz) (new) +* Lingala (ln) * Lao (lo) * Lithuanian (lt) -* Latviešu (lv) +* Maithili (mai) (new) +* Moksha (mdf) (new) +* Malagasy (mg) (new) * Malayalam (ml) -* Bahasa Melayu (ms) -* Burmese (my) -* Low German (nds) +* Macedonian (mk) +* Marathi (mr) +* Malay (ms) +* Erzya (myv) (new) +* Nauru (na) (new) +* Nahuatl (nah) +* Min-nan (nan) +* Napolitan (nap) +* Low Saxon (nds) +* Dutch Low Saxon (nds-nl) +* Nepali (ne) +* Newari (new) (new) * Dutch (nl) -* Norwegian (no) +* Norwegian (nynorsk) (nn) +* Norwegian (bokmål) (no) +* Novial (nov) (new) +* Northern Sotho (nso) (new) * Occitan (oc) -* Punjabi (Gurmukhi) (pa) +* Pangasinan (pag) (new) +* Pampanga (pam) (new) +* Papiamento (pap) (new) +* Deitsch (pdc) (new) +* Pfälzisch (pfl) (new) * Polish (pl) -* Piedmontese (pms) -* Portuguese (pt) -* Romani (rmy) +* Piemontèis (pms) +* Pontic (pnt) (new) +* Pashto (ps) +* Portugese (pt) +* Quechua (qu) +* Rhaeto-Romance (rm) (new) * Romanian (ro) -* Aromanian (roa-rup) * Russian (ru) +* Megleno-Romanian (ruq) (new) +* Megleno-Romanian (Cyrillic script) (ruq-cyrl) (new) +* Megleno-Romanian (Greek script) (ruq-grek) (new) +* Megleno-Romanian (Latin script) (ruq-latn) (new) * Sakha (sah) -* Sango (se) (new) +* Sardinian (sc) +* Sicilian (scn) +* Scots (sco) (new) +* Sindhi (sd) +* Sassarese (sdc) (new) +* Seri (sei) (new) +* Sango (sg) (new) +* Tachelhit (shi) +* Sinhalese (si) (new) * Slovak (sk) -* Slovenian (sl) -* Shona (sn) -* Somali (so) -* Albanian (sq) +* Samoan (sm) (new) +* Southern Sami (sma) (new) +* Serbian (Cyrillic) (sr-ec) +* Swati (ss) (new) +* Southern Sotho (st) (new) +* Saterland Frisian (stq) (new) * Sundanese (su) * Swedish (sv) +* Swahili (sw) (new) * Tamil (ta) +* Teluga (te) +* Tetun (tet) (new) +* Tajik (tg) * Thai (th) -* Tigrinya (ti) -* Setswana (tn) -* Tok Pisin (tpi) +* Tagalog (tl) (new) +* Tonga (to) (new) +* Turkish (tr) +* Tuvinian (tyv) * Uyghur (ug) +* Uzbek (uz) +* Venitian (vec) +* Vietnamese (vi) +* West Flemish (vls) * Volapük (vo) -* Winaray (war) (new) +* Walloon (wa) +* Wolof (wo) +* Wu (wuu) (new) +* Xhosa (xh) (new) +* Mingrelian (xmf) (new) * Yiddish (yi) -* Old Chinese / Late Middle Chinese (zh-classical) -* Chinese (PRC) (zh-cn) +* Yoruba (yo) (new) +* Cantonese (yue) +* Zhuang (za) +* Zealandic (zea) +* Chinese (zh) +* Old Chinese/Late Time Chinese (zh-classical) +* Chinese (Simplified) (zh-hans) +* Chinese (Traditional) (zh-hant) * Chinese (Taiwan) (zh-tw) -* Cantonese (zh-yue) +* Zulu (zu) (new) == Compatibility == -MediaWiki 1.11 requires PHP 5 (5.1 recommended). PHP 4 is no longer supported. +MediaWiki 1.12 requires PHP 5 (5.1 recommended). PHP 4 is no longer supported. PHP 5.0.x fails on 64-bit systems due to serious bugs with array processing: http://bugs.php.net/bug.php?id=34879 @@ -695,14 +822,14 @@ At this time we still recommend 4.0, but 4.1/5.0 will work fine in most cases. == Upgrading == -1.11 has several database changes since 1.10, and will not work without schema +1.12 has several database changes since 1.11, and will not work without schema updates. If upgrading from before 1.7, you may want to run refreshLinks.php to ensure new database fields are filled with data. -If upgrading from before 1.11, and you are using a wiki as a commons repository, -make sure that it is updated as well. Otherwise, errors may arise due to +If upgrading from before 1.11, and you are using a wiki as a commons repository, +make sure that it is updated as well. Otherwise, errors may arise due to database schema changes. If you are upgrading from MediaWiki 1.4.x or earlier, some major database @@ -711,6 +838,7 @@ break. Don't forget to always back up your database before upgrading! See the file UPGRADE for more detailed upgrade instructions. + === Caveats === Some output, particularly involving user-supplied inline HTML, may not @@ -719,8 +847,7 @@ set $wgMimeType = "application/xhtml+xml"; to test for remaining problem cases, but this is not recommended on live sites. (This must be set for MathML to display properly in Mozilla.) - -For notes on 1.10.x and older releases, see HISTORY. +For notes on 1.11.x and older releases, see HISTORY. === Online documentation === |