User:Iritscen/WikiFuture: Difference between revisions

From OniGalore
Jump to navigation Jump to search
m (lede wording)
(updated notes for 1.39, 1.40 and added 1.41)
 
(3 intermediate revisions by the same user not shown)
Line 1: Line 1:
Below are any notable changes that we should look forward to, or watch out for, if upgrading MediaWiki (as well as significant security fixes). [[mw:Release notes|(Source)]]
Below are any notable changes that we should look forward to, or watch out for, if upgrading MediaWiki (as well as significant security fixes). [[mw:Release notes|(Source)]]


Oldest maintained LTS version of MediaWiki: 1.35 (supported through September 2023).<br>
Oldest maintained LTS version of MediaWiki: 1.39 (supported through November 2025).<br>
Latest LTS version of MediaWiki: 1.39 (supported through November 2025). [[mw:Version lifecycle|(Source)]]
Latest LTS version of MediaWiki: 1.39 (supported through November 2025). [[mw:Version lifecycle|(Source)]]


Line 10: Line 10:
{{TOCnonum}}
{{TOCnonum}}


==1.33==
==1.39==
:''I have checked the release notes through 1.33.4.''
:''I have checked the release notes through 1.39.6.''
Nothing of interest changed from 1.33.3 to 1.33.4.
*We are currently on the latest version of 1.39.
 
==1.34==
:''I have checked the release notes through 1.34.4.''
*'''Requires PHP 7.2.9+.'''
*Special:Mute has been added as a quick way for users to block unwanted emails from other users originating from Special:EmailUser.
*Special:NewSection has been created as a shortcut to creating a new section on a page.
*$wgServer must now always be set in LocalSettings.php. This is most likely the case already for any wiki installed after 1.18. Older wikis may need to update their LocalSettings.php file.
*$wgDiffEngine can be used to specify which difference engine to use. MediaWiki continues to default to automatically choosing the first of $wgExternalDiffEngine, wikidiff2, or php that is usable.
*Added the MW_VERSION constant; global $wgVersion is soft deprecated.
*Added $wgForceHTTPS, which makes the HTTP to HTTPS redirect be unconditional and suppresses various hacks needed to support mixed HTTP/HTTPS wikis.
 
==1.35==
:''I have checked the release notes through 1.35.10.''
*'''Support for PHP 7.2 has been dropped. 7.3.19+ required.'''
*Totally new content storage schema, with no backward compatibility.
*The Visual Editor ([https://upload.wikimedia.org/wikipedia/commons/0/08/VisualEditor_toolbar-en.png this thing]) is bundled with 1.35. Not clear on whether it's the default editor.
*Also bundled is [[mw:Extension:SecureLinkFixer|SecureLinkFixer]], which allows outbound HTTP links to be dynamically rewritten to HTTPS if the linked website requires HTTPS. We won't really need this because [[ValExtLinks]] detects links with that issue.
*The extension [[mw:Extension:TemplateData|TemplateData]] is also provided, which allows a template to contain markup for presenting its parameters in an easy-to-read table.
*Special:EditPage, Special:PageHistory, Special:PageInfo, and Special:Purge have been created as shortcuts for each action. Special:EditPage/Foo redirects to title=foo&action=edit, with PageHistory, PageInfo, and Purge corresponding to action= history, info, and purge respectively.
*$wgWatchlistExpiry — Off by default, but allow users to add pages to their watchlists for a limited period of time.
*$wgSearchMatchRedirectPreference — This configuration setting controls whether users can set a new preference, search-match-redirect, which decides if search should redirect them to exact matches if available. By default, this is set to false, which maintains the previous behaviour without preference bloat.
*$wgLegacyJavaScriptGlobals is off by default. This may affect various old JS code.
*$wgLogos — This new configuration setting combines the now-deprecated $wgLogo and $wgLogoHD settings into a single, associative array. It provides support for a new key, 'wordmark', for setting a horizontal wordmark to show next to the graphical logo.
*A minor exploit allowing editors to perform XSS via Special:Search has been patched as of 1.35.4.
*A serious exploit allowing page actions to be performed without edit rights has been patched as of 1.35.5.
*Another XSS exploit involving the displaying of image dimensions has been patched as of 1.35.6.
*The "Move subpages" checkbox on Special:MovePage will not be re-checked after a warning.
*A DoS exploit involving Special:NewFiles was closed as of 1.35.6.
 
==1.36==
:''I have checked the release notes through 1.36.4.''
*'''Requires PHP 7.3.19+ and now requires the PHP internationalization extension.'''
*Accounts with the 'bot' right no longer have pages automatically added to the watchlist when making API edits, regardless of their preferences.
*The logo of MediaWiki has changed. This means that the "Powered By MediaWiki" button shown in the skin footer will be different.
*All HTML5 named entities are now accepted in wikitext.
*The file description page's alternate sizes now include 2048px.
*Edits will be automatically marked as reverts if they restore the page to an exact previous state.
*$wgUseTwoButtonsSearchForm, deprecated in 1.35, has been removed.
*$wgAllowImageMoving — This setting, deprecated in 1.35, has been removed. Use group permission settings instead. For example, to prevent sysops from moving files, set $wgGroupPermissions['sysop']['movefile'] = false;`.


==1.37==
==1.40==
:''I have checked the release notes through 1.37.6.''
:''I have checked the release notes through 1.40.2.''
*'''Requires PHP 7.3.19+ and the PHP extensions ctype, dom, fileinfo, iconv, intl, json, mbstring, xml.'''
*'''Requires PHP 7.4.3+ and the PHP extensions ctype, dom, fileinfo, iconv, intl, json, mbstring, xml.'''
*MediaWiki now has limited support for JPEG 2000 files.
*Special:Search can now show thumbnails for results for titles outside NS_FILE. This is controlled via the new onSearchResultProvideThumbnail hook.
*$wgLegacyJavaScriptGlobals is removed (deprecated in 1.35).
*A new preference ('search-thumbnail-extra-namespaces') to allow users to control whether to show more thumbnails (per $wgThumbnailNamespaces)
*The preferences page now provides a search bar to find preferences, regardless of the tab on which they appear.
*$wgPasswordPolicies – This setting, which controls what makes for a valid password for wiki accounts, has been adjusted to raise the minimal password length from 1 to 8 characters. The initial limit of 1 has been in place since MediaWiki 1.26. If you wish to allow shorter passwords, you can over-ride it in your LocalSettings following the guidance on MediaWiki.org.
*You should configure your webserver to return the http header 'X-Content-Type-Options: nosniff' for the /images directory. This will instruct browsers to not apply content sniffing when accessing the files. MediaWiki before 1.40 shipped with a content sniffer which disallowed potentially dangerous files at upload time, but this protection has now been removed in favor of this 'X-Content-Type-Options: nosniff' header and the installer will return a warning when it is not in place.
*Maintenance scripts should now be executed using maintenance/run.php, e.g. maintenance/run.php update not maintenance/update.php as before.
*Five extensions have now been bundled with MediaWiki:
**The [[mw:Extension:DiscussionTools|DiscussionTools]] extension, which provides a forum-like editing experience for wikitext-based discussion pages. This is the dreaded new "forum-like" experience for talk pages that I don't think any of us will want. It seems like it will be on by default so we'll have to change $wgDiscussionToolsEnable to false. Hopefully it doesn't do anything to mess with talk pages immediately upon install.
**The [[mw:Extension:Echo|Echo]] extension, which provides a system of user notifications.
**The [[mw:Extension:Linter|Linter]] extension, which warns about use of deprecated wikitext.
**The [[mw:Extension:LoginNotify|LoginNotify]] extension, which warns users about failed attempted logins.
**The [[mw:Extension:Thanks|Thanks]] extension, which lets users thank editors for edits.
*The Renameuser extension has been moved to MediaWiki core. It is now possible to rename users without installing an extension. The extension had already been bundled with MediaWiki since 1.18.


==1.38==
==1.41==
:''I have checked the release notes through 1.38.6.''
*'''Requires PHP 7.4.3+ and the PHP extensions ctype, dom, fileinfo, iconv, intl, json, mbstring, xml.'''
*'''Requires PHP 7.3.19+ and the PHP extensions ctype, dom, fileinfo, iconv, intl, json, mbstring, xml.'''
*MediaWiki now requires browsers to support ES6 for them to receive JavaScript, up from ES5. In practice, this primarily means that users of Internet Explorer 11 (EOL in 2022) will no longer get JavaScript tools.
*MediaWiki 1.38 is introducing a new system for configuration loading. The new system is fully compatible with the traditional way of configuring, but it offers some new features. Interested parties are encouraged to experiment with the new ways to load configuration and report any issues they come across.
*Some interesting new configuration variables:
*[[mw:Extension:AbuseFilter|AbuseFilter]] is now bundled. It allows you to block users if their edits match various filters. Example configuration [[mw:Special:AbuseFilter|here]]. Probably not super-useful to us since we hand-approve editors and don't allow IP edits.
**$wgImplicitRights - A list of implicit rights, in addition to the ones defined by the core. Rights in this list are granted implicitly to all users, but rate limits may apply to them.
*The [[mw:Extension:Math|Math]] extension is now bundled as well, for rendering of mathematical formulas.
**$wgInterwikiLogoOverride - List of interwiki logos overrides.
*Special:ListFiles and Special:NewFiles no longer allows to search for parts of file names.
**$wgSVGNativeRendering - Whether native SVG rendering by the browser agent is allowed
 
**$wgSVGNativeRenderingSizeLimit - If $wgSVGNativeRendering is set to 'partial', this sets the size limit for an SVG file to be rendered as a PNG instead of directly by the browser.
==1.39==
:''I have checked the release notes through 1.39.0.''
*'''MediaWiki 1.39 drops PHP 7.3 support, and requires PHP 7.4.3 or above.'''
*$wgExtraNamespaces no longer overrides canonical namespace names specified in extension.json files. While this setting can still be used to rename extension-defined namespaces, system administrators may need to run namespaceDupes.php after upgrading.
*Administrators now have the option to delete/undelete the associated "Talk" page when they are (un)deleting a given page.
*<nowiki>{{=}}</nowiki> is now a wikitext built-in magic word, expanding to =. This is conventionally used as an escape mechanism to allow the use of = in unnamed template arguments.


[[Category:Userspace]]
[[Category:Userspace]]

Latest revision as of 02:43, 7 January 2024

Below are any notable changes that we should look forward to, or watch out for, if upgrading MediaWiki (as well as significant security fixes). (Source)

Oldest maintained LTS version of MediaWiki: 1.39 (supported through November 2025).
Latest LTS version of MediaWiki: 1.39 (supported through November 2025). (Source)

Current version on OniGalore: 1.39.6

You can browse each version of the MW code HERE.

1.39

I have checked the release notes through 1.39.6.
  • We are currently on the latest version of 1.39.

1.40

I have checked the release notes through 1.40.2.
  • Requires PHP 7.4.3+ and the PHP extensions ctype, dom, fileinfo, iconv, intl, json, mbstring, xml.
  • Special:Search can now show thumbnails for results for titles outside NS_FILE. This is controlled via the new onSearchResultProvideThumbnail hook.
  • A new preference ('search-thumbnail-extra-namespaces') to allow users to control whether to show more thumbnails (per $wgThumbnailNamespaces)
  • The preferences page now provides a search bar to find preferences, regardless of the tab on which they appear.
  • $wgPasswordPolicies – This setting, which controls what makes for a valid password for wiki accounts, has been adjusted to raise the minimal password length from 1 to 8 characters. The initial limit of 1 has been in place since MediaWiki 1.26. If you wish to allow shorter passwords, you can over-ride it in your LocalSettings following the guidance on MediaWiki.org.
  • You should configure your webserver to return the http header 'X-Content-Type-Options: nosniff' for the /images directory. This will instruct browsers to not apply content sniffing when accessing the files. MediaWiki before 1.40 shipped with a content sniffer which disallowed potentially dangerous files at upload time, but this protection has now been removed in favor of this 'X-Content-Type-Options: nosniff' header and the installer will return a warning when it is not in place.
  • Maintenance scripts should now be executed using maintenance/run.php, e.g. maintenance/run.php update not maintenance/update.php as before.
  • Five extensions have now been bundled with MediaWiki:
    • The DiscussionTools extension, which provides a forum-like editing experience for wikitext-based discussion pages. This is the dreaded new "forum-like" experience for talk pages that I don't think any of us will want. It seems like it will be on by default so we'll have to change $wgDiscussionToolsEnable to false. Hopefully it doesn't do anything to mess with talk pages immediately upon install.
    • The Echo extension, which provides a system of user notifications.
    • The Linter extension, which warns about use of deprecated wikitext.
    • The LoginNotify extension, which warns users about failed attempted logins.
    • The Thanks extension, which lets users thank editors for edits.
  • The Renameuser extension has been moved to MediaWiki core. It is now possible to rename users without installing an extension. The extension had already been bundled with MediaWiki since 1.18.

1.41

  • Requires PHP 7.4.3+ and the PHP extensions ctype, dom, fileinfo, iconv, intl, json, mbstring, xml.
  • MediaWiki now requires browsers to support ES6 for them to receive JavaScript, up from ES5. In practice, this primarily means that users of Internet Explorer 11 (EOL in 2022) will no longer get JavaScript tools.
  • Some interesting new configuration variables:
    • $wgImplicitRights - A list of implicit rights, in addition to the ones defined by the core. Rights in this list are granted implicitly to all users, but rate limits may apply to them.
    • $wgInterwikiLogoOverride - List of interwiki logos overrides.
    • $wgSVGNativeRendering - Whether native SVG rendering by the browser agent is allowed
    • $wgSVGNativeRenderingSizeLimit - If $wgSVGNativeRendering is set to 'partial', this sets the size limit for an SVG file to be rendered as a PNG instead of directly by the browser.