User:Iritscen/WikiFuture

From OniGalore
< User:Iritscen
Revision as of 01:55, 10 December 2023 by Iritscen (talk | contribs) (warning about DiscussionTools and interwiki links for the new extensions in 1.40)
Jump to navigation Jump to search

Below are any notable changes that we should look forward to, or watch out for, if upgrading MediaWiki (as well as significant security fixes). (Source)

Oldest maintained LTS version of MediaWiki: 1.35 (supported through September 2023).
Latest LTS version of MediaWiki: 1.39 (supported through November 2025). (Source)

Current version on OniGalore: 1.39.6

You can browse each version of the MW code HERE.

1.33

I have checked the release notes through 1.33.4.

Nothing of interest changed from 1.33.3 to 1.33.4.

1.34

I have checked the release notes through 1.34.4.
  • Requires PHP 7.2.9+.
  • Special:Mute has been added as a quick way for users to block unwanted emails from other users originating from Special:EmailUser.
  • Special:NewSection has been created as a shortcut to creating a new section on a page.
  • $wgServer must now always be set in LocalSettings.php. This is most likely the case already for any wiki installed after 1.18. Older wikis may need to update their LocalSettings.php file.
  • $wgDiffEngine can be used to specify which difference engine to use. MediaWiki continues to default to automatically choosing the first of $wgExternalDiffEngine, wikidiff2, or php that is usable.
  • Added the MW_VERSION constant; global $wgVersion is soft deprecated.
  • Added $wgForceHTTPS, which makes the HTTP to HTTPS redirect be unconditional and suppresses various hacks needed to support mixed HTTP/HTTPS wikis.

1.35

I have checked the release notes through 1.35.13.
  • Support for PHP 7.2 has been dropped. 7.3.19+ required.
  • Totally new content storage schema, with no backward compatibility.
  • The Visual Editor (this thing) is bundled with 1.35. Not clear on whether it's the default editor.
  • Also bundled is SecureLinkFixer, which allows outbound HTTP links to be dynamically rewritten to HTTPS if the linked website requires HTTPS. We won't really need this because ValExtLinks detects links with that issue.
  • The extension TemplateData is also provided, which allows a template to contain markup for presenting its parameters in an easy-to-read table.
  • Special:EditPage, Special:PageHistory, Special:PageInfo, and Special:Purge have been created as shortcuts for each action. Special:EditPage/Foo redirects to title=foo&action=edit, with PageHistory, PageInfo, and Purge corresponding to action= history, info, and purge respectively.
  • $wgWatchlistExpiry — Off by default, but allow users to add pages to their watchlists for a limited period of time.
  • $wgSearchMatchRedirectPreference — This configuration setting controls whether users can set a new preference, search-match-redirect, which decides if search should redirect them to exact matches if available. By default, this is set to false, which maintains the previous behaviour without preference bloat.
  • $wgLegacyJavaScriptGlobals is off by default. This may affect various old JS code.
  • $wgLogos — This new configuration setting combines the now-deprecated $wgLogo and $wgLogoHD settings into a single, associative array. It provides support for a new key, 'wordmark', for setting a horizontal wordmark to show next to the graphical logo.
  • A minor exploit allowing editors to perform XSS via Special:Search has been patched as of 1.35.4.
  • A serious exploit allowing page actions to be performed without edit rights has been patched as of 1.35.5.
  • Another XSS exploit involving the displaying of image dimensions has been patched as of 1.35.6.
  • The "Move subpages" checkbox on Special:MovePage will not be re-checked after a warning.
  • A DoS exploit involving Special:NewFiles was closed as of 1.35.6.

1.36

I have checked the release notes through 1.36.4.
  • Requires PHP 7.3.19+ and now requires the PHP internationalization extension.
  • Accounts with the 'bot' right no longer have pages automatically added to the watchlist when making API edits, regardless of their preferences.
  • The logo of MediaWiki has changed. This means that the "Powered By MediaWiki" button shown in the skin footer will be different.
  • All HTML5 named entities are now accepted in wikitext.
  • The file description page's alternate sizes now include 2048px.
  • Edits will be automatically marked as reverts if they restore the page to an exact previous state.
  • $wgUseTwoButtonsSearchForm, deprecated in 1.35, has been removed.
  • $wgAllowImageMoving — This setting, deprecated in 1.35, has been removed. Use group permission settings instead. For example, to prevent sysops from moving files, set $wgGroupPermissions['sysop']['movefile'] = false;`.

1.37

I have checked the release notes through 1.37.6.
  • Requires PHP 7.3.19+ and the PHP extensions ctype, dom, fileinfo, iconv, intl, json, mbstring, xml.
  • MediaWiki now has limited support for JPEG 2000 files.
  • $wgLegacyJavaScriptGlobals is removed (deprecated in 1.35).

1.38

I have checked the release notes through 1.38.7.
  • Requires PHP 7.3.19+ and the PHP extensions ctype, dom, fileinfo, iconv, intl, json, mbstring, xml.
  • MediaWiki 1.38 is introducing a new system for configuration loading. The new system is fully compatible with the traditional way of configuring, but it offers some new features. Interested parties are encouraged to experiment with the new ways to load configuration and report any issues they come across.
  • AbuseFilter is now bundled. It allows you to block users if their edits match various filters. Example configuration here. Probably not super-useful to us since we hand-approve editors and don't allow IP edits.
  • The Math extension is now bundled as well, for rendering of mathematical formulas.
  • Special:ListFiles and Special:NewFiles no longer allows to search for parts of file names.

1.39

I have checked the release notes through 1.39.5.
  • MediaWiki 1.39 drops PHP 7.3 support, and requires PHP 7.4.3 or above.
  • $wgExtraNamespaces no longer overrides canonical namespace names specified in extension.json files. While this setting can still be used to rename extension-defined namespaces, system administrators may need to run namespaceDupes.php after upgrading.
  • Administrators now have the option to delete/undelete the associated "Talk" page when they are (un)deleting a given page.
  • {{=}} is now a wikitext built-in magic word, expanding to =. This is conventionally used as an escape mechanism to allow the use of = in unnamed template arguments.

1.40

I have checked the release notes through 1.40.1.
  • Requires PHP 7.4.3+ and the PHP extensions ctype, dom, fileinfo, iconv, intl, json, mbstring, xml.
  • Special:Search can now show thumbnails for results for titles outside NS_FILE. This is controlled via the new onSearchResultProvideThumbnail hook.
  • A new preference ('search-thumbnail-extra-namespaces') to allow users to control whether to show more thumbnails (per $wgThumbnailNamespaces)
  • The preferences page now provides a search bar to find preferences, regardless of the tab on which they appear.
  • $wgPasswordPolicies – This setting, which controls what makes for a valid password for wiki accounts, has been adjusted to raise the minimal password length from 1 to 8 characters. The initial limit of 1 has been in place since MediaWiki 1.26. If you wish to allow shorter passwords, you can over-ride it in your LocalSettings following the guidance on MediaWiki.org.
  • You should configure your webserver to return the http header 'X-Content-Type-Options: nosniff' for the /images directory. This will instruct browsers to not apply content sniffing when accessing the files. MediaWiki before 1.40 shipped with a content sniffer which disallowed potentially dangerous files at upload time, but this protection has now been removed in favor of this 'X-Content-Type-Options: nosniff' header and the installer will return a warning when it is not in place.
  • Maintenance scripts should now be executed using maintenance/run.php, e.g. maintenance/run.php update not maintenance/update.php as before.
  • Five extensions have now been bundled with MediaWiki:
    • The DiscussionTools extension, which provides a forum-like editing experience for wikitext-based discussion pages. This is the dreaded new "forum-like" experience for talk pages that I don't think any of us will want. It seems like it will be on by default so we'll have to change $wgDiscussionToolsEnable to false. Hopefully it doesn't do anything to mess with talk pages immediately upon install.
    • The Echo extension, which provides a system of user notifications.
    • The Linter extension, which warns about use of deprecated wikitext.
    • The LoginNotify extension, which warns users about failed attempted logins.
    • The Thanks extension, which lets users thank editors for edits.
  • The Renameuser extension has been moved to MediaWiki core. It is now possible to rename users without installing an extension. The extension had already been bundled with MediaWiki since 1.18.
Retrieved from "https://wiki.oni2.net/w/index.php?title=User:Iritscen/WikiFuture&oldid=41999"