diff options
| author | Pierre Schmitz <pierre@archlinux.de> | 2007-05-16 20:58:53 +0000 |
|---|---|---|
| committer | Pierre Schmitz <pierre@archlinux.de> | 2007-05-16 20:58:53 +0000 |
| commit | cecb985bee3bdd252e1b8dc0bd500b37cd52be01 (patch) | |
| tree | 17266aa237742640aabee7856f0202317a45d540 /RELEASE-NOTES | |
| parent | 0bac06c301f2a83edb0236e4c2434da16848d549 (diff) | |
Aktualisierung auf MediaWiki 1.10.0
Plugins angepasst und verbessert
kleine Korrekturen am Design
Diffstat (limited to 'RELEASE-NOTES')
| -rw-r--r-- | RELEASE-NOTES | 1266 |
1 files changed, 453 insertions, 813 deletions
diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 472409da..95172e56 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -3,856 +3,499 @@ Security reminder: MediaWiki does not require PHP's register_globals setting since version 1.2.0. If you have it on, turn it *off* if you can. -== MediaWiki 1.9.3 == +== MediaWiki 1.10.0 == -February 20, 2007 +May 9, 2007 -This is a security and bug-fix update to the Winter 2007 quarterly release. -Minor compatibility fixes for IIS and PostgreSQL are included. +This is the quarterly release snapshot for Spring 2007. See below for a full +list of changes since the 1.9.x series. -An XSS injection vulnerability based on Microsoft Internet Explorer's UTF-7 -charset autodetection was located in the AJAX support module, affecting MSIE -users on MediaWiki 1.6.x and up when the optional setting $wgUseAjax is -enabled. +Changes since 1.10.0rc2: -If you are using an extension based on the optional Ajax module, -either disable it or upgrade to a version containing the fix: +* (bug 9808) Fix regression that ignored user 'rclimit' option for Special:Contributions -* 1.9: fixed in 1.9.3 -* 1.8: fixed in 1.8.4 -* 1.7: fixed in 1.7.3 -* 1.6: fixed in 1.6.10 -There is no known danger in the default configuration, with $wgUseAjax off. +== MediaWiki 1.10.0rc2 == -* (bug 8992) Fix a remaining raw use of REQUEST_URI in history -* (bug 8984) Fix a database error in Special:Recentchangeslinked - when using the PostgreSQL database. -* Add 'charset' to Content-Type headers on various HTTP error responses - to forestall additional UTF-7-autodetect XSS issues. PHP sends only - 'text/html' by default when the script didn't specify more details, - which some inconsiderate browsers consider a license to autodetect - the deadly, hard-to-escape UTF-7. - This fixes an issue with the Ajax interface error message on MSIE when - $wgUseAjax is enabled (not default configuration); this UTF-7 variant - on a previously fixed attack vector was discovered by Moshe BA from BugSec: - http://www.bugsec.com/articles.php?Security=24 -* Trackback responses now specify XML content type - - -== MediaWiki 1.9.2 == +May 4, 2007 -February 4, 2007 +THIS IS A RELEASE CANDIDATE MADE AVAILABLE FOR TESTING! +A FINAL 1.10.0 RELEASE WILL APPEAR WITHIN A FEW DAYS. -This is a bug-fix update that fixes some installation and other minor -issues with the 1.9.1 release as well as a security issue which was -introduced in the 1.9 branch. +Changes since 1.10.0rc1: +* Various l10n fixes and updates +* Fix for upgrade of page_restrictions table +* (bug 9780) Fix normalization of titles with initial colon followed by whitespace +* Fix for regression in upload: wrong size info saved into image table +* Avoid cyclic stub problems when authorization hooks do funny things with + the user and the database at load time -JavaScript code which regenerated the "sortable tables" feature did -not properly sanitize input, leading to an HTML injection vulnerability. - -* (bug 8774) Fix path for GNU FDL rights icon on new installs -* (bug 8819) Fix full path disclosure with skins dependencies -* (bug 4268) Fixed data-loss bug in compressOld batch text compression - affecting pages which had null edits (move, protect, etc) as second - edit in a batch group. Isolated and patched by Travis Derouin. -* Security fix for sortable tables JavaScript - - -== MediaWiki 1.9.1 == - -January 24, 2007 - -This is a bug-fix update that fixes some installation and upgrade issues -with the original 1.9.0 release. - -* (bug 3000) Fall back to SCRIPT_NAME plus QUERY_STRING when REQUEST_URI is - not available, as on IIS with PHP-CGI -* Security fix for DjVu images. (Only affects servers where .djvu file - uploads are enabled and $wgDjvuToXML is set.) -* (bug 8638) Fix update from 1.4 and earlier -* (bug 8641) Fix order of updates to ipblocks table for updates from <=1.7 -* (bug 8673) Minor fix for web service API content-type header -* Fix API revision list on PHP 5.2.1; bad reference assignment -* Fixed up the AjaxSearch -* Exclude settings files when generating documentation. That could - expose the database user and password to remote users. -* ar: fix the 'create a new page' on search page when no exact match found -* Correct tooltip accesskey hint for Opera on the Macintosh - (uses Shift-Esc-, not Ctrl-). -* (bug 8719) Firefox release notes lie! Fix tooltips for Firefox 2 on x11; - accesskeys default settings appear to be same as Windows. +== MediaWiki 1.10.0rc1 == +April 30, 2007 -== MediaWiki 1.9 == - -January 10, 2007 - -This is the quarterly release snapshot for Winter 2007. While the code -has been running on Wikipedia for some time, installation and upgrade -bits may be less well tested. Bug fix releases may follow in the coming -days or weeks. - +THIS IS A RELEASE CANDIDATE MADE AVAILABLE FOR TESTING! +A FINAL 1.10.0 RELEASE WILL APPEAR WITHIN A FEW DAYS. MediaWiki is now using a "continuous integration" development model with quarterly snapshot releases. The latest development code is always kept "ready to run", and in fact runs our own sites on Wikipedia. Release branches will continue to receive security updates for about a year -from first release, but nonessential bugfixes and feature development happen +from first release, but nonessential bugfixes and feature developments will be made on the development trunk and appear in the next quarterly release. Those wishing to use the latest code instead of a branch release can obtain it from source control: http://www.mediawiki.org/wiki/Download_from_SVN - -== Security fixes == - -An XSS injection vulnerability was located in the AJAX support module, -affecting MediaWiki 1.6.x and up when the optional setting $wgUseAjax -is enabled. - -There is no danger in the default configuration, with $wgUseAjax off. - -If you are using an extension based on the optional Ajax module, -either disable it or upgrade to a version containing the fix: - -* 1.9: fixed in 1.9.0rc2 -* 1.8: fixed in 1.8.3 -* 1.7: fixed in 1.7.2 -* 1.6: fixed in 1.6.9 - - -== Compatibility changes == - -=== Zend Optimizer === - -A bug in some versions of PHP 5 and Zend Optimizer which was triggered under -MediaWiki 1.8.x has been worked around by disabling some internal debugging -features when Zend Optimizer is loaded. This should solve some common -"blank page" problems. - -=== PHP 5.0 64-bit === - -MediaWiki now checks for a condition where PHP 5.0.x corrupts array data -on 64-bit systems and warns you to upgrade PHP to solve the problem. This -bug causes Special: pages to fail on affected systems under MediaWiki 1.8 -and higher, and subtler data corruption on earlier versions. - -The only known workaround is to upgrade PHP to 5.1 or later, which you -probably should do anyway for security reasons! - -=== MySQL 5 === - -MediaWiki should now install and run correctly on MySQL 5.0 and higher when -MySQL's "strict mode" is enabled. (This is now the default for many Windows -installations, though it seems to remain off by default on Unix.) - -This fixes errors about "cannot default default value for BLOB/TEXT fields". - -=== ImageMagick === - -Note that ImageMagick older than 6.x may no longer work for image resizing -due to use of the -thumbnail option. - - -== Behavior changes == - -=== Localized special pages === - -The names of Special: pages can now be localized, so links and URLs to them -are more legible in languages that aren't English. - -Not all languages have included localized names yet. - -=== E-mail password === - -Users are now required to set a new password for themselves when they first -log in with a newly generated e-mailed password. - -Requesting passwords frequently is prevented to reduce abusive mailbombing. - -=== Undo revision === - -An "undo" link now appears in diff view for easier reverting of older edits. -When GNU diff3 is available for edit conflict merging, this can make it much -easier to "undo" the changes of an older edit when there are surrounding -changes elsewhere in the page. - -The changes must be manually reviewed and approved, as with conventional -full-revision reverts. - -=== Blocking === - -User blocks can be set to disable the automatic blocking of IP addresses the -account logs in with. - - -== Database changes == - -* new 'redirect' table stores data on page redirects -* new 'querycachetwo' table used for some cached special pages -* 'ipblocks' table adds 'ipb_enable_autoblock' -* 'recentchanges' table adds 'rc_old_len', 'rc_new_len' for size tracking -* 'user' table has added 'user_newpass_time' and 'user_editcount' fields -* some indexes have been updated on 'recentchanges' - - == Configuration changes == -Several configuration options have changed since 1.8: - -=== $wgEnableAPI === - -The experimental machine API interface is now enabled by default, read-only. -You can disable it by setting $wgEnableAPI = false; in LocalSettings.php. - -=== $wgPathInfo === - -The use of PATH_INFO (the text after the script name in 'index.php/Blah') -is controlled by the $wgUsePathInfo setting. This is now explicitly disabled -for CGI, apache2filter, and ISAPI configurations of PHP, for more consistency -with the autodetection from the installer. - -In some rarer configurations you may have to switch $wgUsePathInfo from false -to true or, perhaps, from true to false to make things work properly if bad -PATH_INFO data comes through the server. - -The wiki now tries to detect this condition and should show you an error -message describing what to change instead of sending the browser into an -infinite redirect loop. - -=== $wgScript and other path settings === - -The following configuration variables are now automatically set in Setup.php -if they are not overridden in LocalSettings.php: - -from $wgScriptPath: - + $wgScript - | \- $wgArticlePath - + $wgRedirectScript - + $wgStylePath - + $wgUploadPath - \- $wgLogo - + $wgMathPath - -from $IP: - - $wgStyleDirectory - + $wgUploadDirectory - \- $wgMathDirectory - + $wgTmpDirectory - + $wgReadOnlyFile - + $wgFileCacheDirectory - -Newly generated configuration files will by default include only $wgScriptPath -(hardcoded from the installer) and $IP (detected at runtime). - -Old configuration files which specify all these values explicitly should -continue to work just fine, but if you use the defaults you can remove them -to reduce clutter. - -=== $wgGroupPermissions === - -The sysop group now holds the "autopatrol" and "ipblock-exempt" rights by -default. - -"autopatrol" replaces the preference for marking ones own edits patrolled -by default; users holding this permission will automatically have their -edits patrolled, while others cannot mark their own edits as patrolled -even if they have patrolling rights. - -"ipblock-exempt" excludes the user from IP blocks; accounts which are blocked -explicitly by name will still be blocked, however. This is given to sysops -to minimize annoyance from accidental "collateral damage"; remember that a -sysop will be able to lift the block if they desire. - -The bot group now holds the "nominornewtalk" right. A user with this right -will not trigger new message notifications when making minor edits to user -talk pages. This is meant to minimize annoyance from maintenance bot -processes. - -=== $wgUseWatchlistCache === - -Watchlist caching has been removed. The feature was not maintained, and has -been unnecessary since switching to the 'recentchanges' database table -reduced server pressure for Wikipedia's watchlists. - -=== $wgBreakFrames === - -MediaWiki in the past attempted to detect when it was embedded in a frameset -and "break out" of it, assuming it to be hostile. - -This behavior is now disabled by default, but can be reenabled by setting -$wgBreakFrames to true in LocalSettings.php. - - -== New settings == - -=== $wgVariantArticlePath === - -For languages with script variant support (Chinese, Serbian, and others), -it's possible to use alternate URL paths to select the variant for article -display, setting $wgVariantArticlePath. - -Documentation for this setting would be useful. - -=== $wgMaxMsgCacheEntrySize === - -The message cache can now skip items larger than a given size; this allows -it to better handle the primary caching case when large CSS and JS blobs are -present. - -=== $wgStyleVersion === - -When making significant changes to skin stylesheets and JavaScript files, -you can append a string to this variable to tweak the generated URLs, -forcing newly rendered pages to bring in a fresh version despite server- -or browser-side caching. - -Normally this will be set in the course of MediaWiki development, but -if doing development on a custom skin you may wish to poke it as well. - -=== $wgRCShowChangedSize === - -Special:Recentchanges and Special:Watchlist now show the number of bytes -added or removed to an article to give an idea of the size of the edit. -This information was previously available only in the IRC update feeds. - -To disable this site-wide, set $wgRCShowChangedSize to false. -(Individual users can suppress the data in custom CSS.) - -Adjust $wgRCChangedSizeThreshold to trigger highlighting of particularly -large changes. - -The formatting of the size figure can be adjusted through the -[[MediaWiki:Rc-change-size]] message. - -=== $wgQueryCacheLimit === - -The number of rows stored for "expensive" special pages in miser mode -can now be adjusted up or down from the default 1000. - -=== $wgDisableQueryPageUpdate === - -Individual "expensive" special pages can be skipped in processing by -updateSpecialPages if added to this list. - -=== $wgSorbsUrl === - -The base hostname for the DNS-based proxy blacklist can now be overridden -when $wgEnableSorbs is set, to use a different blacklist instead of SORBS. -The blacklist would need to respond the same was as SORBS; any positive -response will be taken as a proxy. - -=== $wgAjaxWatch === - -Experimental AJAX mode for the watch/unwatch tabs to execute inline. -Does not include the UI messages describing how to reach the watchlist, -so you may not want it on a general-audience site just yet. - -=== $wgParserTestFiles === - -MediaWiki's parser test suite can now be expanded with additional test -files. Custom extensions can add their test files to this array, and -they will be run along with the main tests by maintenance/parserTests.php - - -== Changes since 1.8 == - -* (bug 8200) Make category lists sorted by name when using Postgres. -* (bug 7841) Support 'IGNORE' inserts for Postgres, fixes watchlist - adding problem. -* (bug 6835) Removing the includes/Parser.php::getTemplateArgs() function, - because it seems to be unused. -* (bug 7139) Increasing the visual width of the edit summary field on larger - screen sizes, for the default monobook skin. -* Fix PHP notice and estimates for dumpBackup.php and friends -* Improved register_globals paranoia checks -* (bug 7545) Fix PHP version check on install -* Disable PHP exception backtrace printing unless $wgShowExceptionDetails - is set. Backtraces may contain sensitive information in function call - parameters. -* (bug 6164) Avoid smashing Cite state if message transformation triggers - during bad image list check, by skipping message transformation. - This isn't a good permanent fix. -* (bug 6918) Stopped borders and backgrounds from showing through floated - tables in Monobook -* (bug 6868) Un-hardcode section edit link style -* (bug 3205) Stop right floats from stacking horizontally in non-Monobook skins -* Added global $wgStyleVersion to centralize bumping CSS and JS file versions - for cache-friendly style and script updating -* (bug 7562) Fix non-ASCII namespaces on Windows/XAMPP servers -* Friendlier check for PHP 5 in command-line scripts; it's common for parallel - PHP 4 and 5 installations to interfere on the command-line. -* Fix regression in autoconfirm permission check -* (bug 3015) Add CSS ids to subcategory and page sections on category pages -* (bug 7587) Fix erroneous id for specialpage tab, enabling informative popup -* (bug 7599) Fix thumbnail purging, PHP notices on HTCP image page purge -* (bug 7581) Update language name for cbk-zam -* (bug 7444) Update namespace translations for Telugu (te), kept old values as - alias for compatibility -* (bug 4525) Move section links down visually to same level as headings - (editsection links are now inside the heading elements) -* Workaround for http://bugs.php.net/bug.php?id=31892 , PATH_INFO and hence - URLs of the style /index.php/Main_Page were broken on some CGI installations. -* (bug 7623) Validate custom HTML id's correctly in Monobook interface -* (bug 2241) Fix collision of 'w' and 'd' accesskeys -* (bug 5795) CSS class added to body based on page name for page-specific - styling -* (bug 6276) Stopped search field from getting too large in Cologne Blue -* (bug 7644) User creations that are aborted by hooks shouldn't be counted - against account creations per day limit -* (bug 7636) Show Firefox 2 users correct accesskey prefix -* (bug 6427) Block blocked IPs from using the mail password function - to allow blocking of flooders -* Include common.css from classic-style skins in main HTML with the bump URL -* (bug 7607) Add Karakalpak (kaa) to Names.php and stub message file for linktrail -* (bug 7582) Add 'tog-nolangconversion' to MessagesEn.php. - This key is need for languages with variants (zh, sr, kk) -* (bug 7606) MediaWiki messages for "rss" and "atom" missing -* (bug 7609) Add some more '*-summary' messages to MessagesEn.php with empty - strings to allow better localisation via Special:Allmessages. Mark this new - messages as optional for localisation. -* Fix user_newpass upgrade for prefixed tables (reported by Fyren) -* (bug 7663) Include language variant switcher links on Nostalgia skin -* (bug 6531) Fix PHP fatal error on installation page with bad username input. -* (bug 6977) Remove 404 link for autogenerated database documentation. -* (bug 7369) Allow "Show Changes" without requiring edit token. -* (bug 7687) Fix movetalk box checks itself when confirming a delete and move. -* (bug 7684) Obey watchcreated preference for Special:Upload watch checkbox -* (bug 7686) Include id attribute on delete form confirmation button -* Allow compound interwiki prefixes in $wgImportSources -* (bug 7304) Added redirect table to store redirect targets. -* Added querycachetwo table (similar to querycache but has two titles) -* PageArchive can now return a Revision object for more convenient processing - of deleted revision data -* Added 'UndeleteShowRevision' hook in Special:Undelete -* Error message on attempt to view invalid or missing deleted revisions -* Remove unsightly "_" from namespace in Special:Allpages, Special:Prefixindex -* (bug 3224) Allow minor edits by bots to skip new message notification on - user talk pages. This can be disabled by adjusting the 'nominornewtalk' - permission. Patch by Werdna. -* (bug 7741) MATH: fixed broken syntax of underbrace etc. Fixed arrays -* Fix purging for updated SVG files -* (bug 7745) Add id attribute to search button in Monobook -* (bug 7749) MATH: added some more LaTeX symbols, e.g. parallel, diamond, ast, ... -* (bug 7304) Added code in Article.php to keep redirect table up to date. -* Made special page names case-insensitive and localisable. Care has been taken - to maintain backwards compatibility. -* Used special page subpages in a few more places, instead of query parameters. -* (bug 7758) Added wrapper span to "templates used" explanation to allow CSS - styling (class="mw-templatesUsedExplanation"). -* Added {{#special:}} parser function, to give the local default title for - special pages -* (bug 7766) Remove redundant / from AJAX requests, can break some servers -* Add tab links from extensions to classic-based skins (SkinTemplateTab hook) - Provides better cross-skin compatibility for extensions using the modern - skin hooks, such as Oversight -* Moved variant language links on Cologne Blue and Nostalgia to before the - login/logout link -* Fix for parser tests with MySQL 5 in strict mode -* Added block option "enable autoblocks" -* Amend Special:Ipblocklist to note when a block has autoblock DISABLED. -* (bug 7780) Fix regression in editing redirects -* Add whitespace above "templates included on this page" using CSS, not - hardcoded line break. -* Remove entries from redirect table on article deletion -* (bug 7788) Force section headers in new section links for users who have - 'prompt for blank edit summaries' on. -* (bug 1133) Special:Emailuser: add an option to send yourself a copy of your mail. -* (bug 461) Allow "Categories:" link at bottom of pages to be customized via - pagecategorieslink message. -* Sort the list of skins in "My Preferences" -> Skins by alphabetical order. -* (bug 7785) Postgres compatibility for timestamps in RC feeds -* (bug 7550) Normalize user parameter normally on Special:Log -* (bug 7294) Fix PATH search for diff3 on install -* Various fixes related to the blocking change re: autoblocks. On inserting - an IP block, the ipb_enable_autoblock field is now automagically blanked, - because it doesn't make any sense for an IP. Additionally, IP blocks - without the ipb_enable_autoblock option no longer show up as "autoblock - disabled" on Special:Ipblocklist. -* (bug 7774) MATH: aded more amstex functions -* (bug 1182) MATH: fixed inconsistent rendering of upper case Greek letters in TeX -* Fix regression in streaming page dump generation -* (bug 7801) Add support for parser function hooks in parser tests -* checkUsernames.php now uses wfDebugLog instead of hardcoded path to log -* (bug 7810) Update talk namespaces for Occitan -* Allow case-sensitive URLs to be used for uploading from URLs. -* (bug 1109) Correct fix for compressed 304 responses when additional output - buffers have been installed within the compression handler -* (bug 7819) Move automatic redirect edit summary after pre-save transform - to work properly with subst: fun -* (bug 7826) Fix typos in two English messages. -* (bug 5365) Stop users being prompted to enter an edit summary for null edits, - if they have selected that option in preferences. -* (bug 5936) Show an 'm' to the left of the edit summary on diff pages for minor edits. -* (bug 7820) Improve error reporting for uploads via URL. -* (bug 5149) When autoblocks are enabled, retroactively apply an autoblock to the most - recently used IP of a user when they are blocked. -* Add an index on (rc_user_text,rc_timestamp) on the recentchanges table. This will - make CheckUser.php and the new retroactive autoblock functionality faster. -* Fix regression in Special:Undelete for revisions deleted under MediaWiki 1.4 - with compression or legacy encoding -* (bug 6737) Fixes for MySQL 5 schema in strict mode -* Approximate height for client-side scaling fallback instead of passing -1 - into the HTML output. -* Make the DNSBL to check for proxy blocking configurable via $wgSorbsUrl -* Add experimental recording/reporting mode to parser tests runner, to - compare changes against the previous run. - Additional tables 'testrun' and 'testitem' are in maintenance/testRunner.sql, - source this and pass --record option to parserTests.php -* Make the set of default parser test input files extensible via - $wgParserTestFiles. This can now be appended to by extensions or local - configuration files so that extension or custom tests can be automatically - run along with the main batch. -* Run PHP install version checks on update.php so command-line updaters see - new version requirements -* Do a check for the PHP 5.0.x 64-bit bug, since this is much more disruptive - as of MW 1.8 than it used to be. Install or upgrade now aborts with a - warning and a request to upgrade. -* (bug 6440) Updated indexes to improve backlinking queries (links, templates, images) -* Switched 'anon-only' block mode to default for IP blocks -* (bug 3687, 7892) Add distinct heading for media files in category display, - with count. -* (bug 1578) Add different icons for external links to audio, video, or PDF in - Monobook. -* Made autoblocks block account creation if the user block has that option enabled. -* Add auto-summaries to blankings and large removals without summaries. -* (bug 7811) Allow preview of edit summaries. -* (bug 6839) Wikibits.js minor changes to make JS-lint happier. -* (bug 7932) Make sure that edit toolbar clears floats so it appears correctly. -* (bug 6873) When viewing old revisions, add link to diff to current version. -* (bug 3315) Provide rollback link directly on history page. -* Replace 'old-revision-navigation' message with 'revision-info' and - 'revision-nav' messages, wrapped in divs with appropriate id's. -* (bug 4178) MediaWiki:Common.js will now be included for all users if - $wgUseSiteJs is enabled, in addition to (if applicable) MediaWiki:Monobook.js - and user JS subpages. -* (bug 7918) "Templates used on this page" changes during preview to reflect - any added or removed templates, and works as expected for section edits. -* (bug 7919) "Templates used on this page" is now shown for read-only pages. -* (bug 7688) When viewing diff, section anchors in autosummary jump to section - on current page instead of loading the latest version. -* (bug 7970) Use current connection explicitly on Database::getServerVersion -* (bug 2001) Tables with class="sortable" can now be dynamically sorted via - JavaScript. -* Added autosummary for new pages with 500 or less characters, and refactor - the autosummary code so it's all done in one function. doEdit is getting too - big! -* (bug 7554) The correct MIME type for SVG images is now displayed on the - image page (image/svg+xml, not image/svg). -* (bug 7883) Added autoblock whitelisting feature, using which specific ranges - can be protected from autoblocking. These ranges are specified, in list format, - in the autoblock_whitelist system message. -* Added placeholders for text injection by hooks to EditPage.php -* (bug 8009) Automatic edit summary for redirects is not filled for edits in existing pages -* Installer support for experimental MySQL 4.1/5.0 binary-safe schema -* Use INSERT IGNORE for db-based BagOStuff add/insert, for more memcache-like - behavior when keys already exist on add (instead of dying with an error...) -* Add a hook 'UploadForm:initial' before the upload form is generated, and two - member variable for text injection into the form, which can be filled by the hooks. -* (bug 6295) Add a "revision patching" functionality, where an edit can be undone - (with a functionality similar to diff rev1 rev2 | patch -R rev3 -o rev3). - This is triggered by including &undo=revid in an edit URL. A link to a URL - that will undo a given edit is shown on NEW revision headers on diff pages. - The link leads to a "Show Changes" page showing what will be done to undo the - edit. -* Fix display of link in "already rolled back" message for image/category pages -* (bug 6016) Left-aligned images should stack vertically, like right-aligned - images, not horizontally. -* Patch from LeonWP: added UploadForm:BeforeProcessing hook in SpecialUpload.php -* Add AuthPluginSetup hook to override $wgAuth after configuration -* Fix regression in authentication hook auto-creation on login -* (bug 8110) Allow spaces in ISBNs -* (bug 8024) Introduce "send me copies of emails I send to others" preference -* Added 'EditPage::attemptSave' hook before an article is saved. -* (bug 8083) Applied patch for sk localisation -* Add a backslash character to the edit token, to prevent edits via certain - broken proxies that mangle such characters in form submissions -* (bug 7461) Allow overwriting pages using importTextFile.php -* (bug 7946) importTextFile.php doesn't perform pre-save transform -* (bug 8117) {{REVISIONTIMESTAMP}} showed weird default if $wgLocalTZoffset set; - now uses current time for previews and if timestamp can't be loaded from DB -* {{REVISIONTIMESTAMP}} now uses site local timezone instead of user timezone - to ensure consistent behavior -* {{REVISIONTIMESTAMP}} and friends should now work on non-MySQL backends -* (bug 7671) Observe canonical media namespace prefix in Linker::formatComment -* Added js variable wgCurRevisionId to the output -* (bug 8141) Cleanup of Parser::doTableStuff, patch by AzaTht -* (bug 8042) Make miser mode caching limits settable via $wgQueryCacheLimit - instead of hardcoding to 1000 -* Enable QueryPage classes to override list formatting -* (bug 5485) Show number of intervening revisions in diff view -* (bug 8100) Fix XHTML validity in Taiwanese localization -* Added redirect to section feature. Use it wisely. -* Added a configuration variable allowing the "break out of framesets" feature - to be switched on and off ($wgBreakFrames). Off by default. -* Allow Xml::check() $attribs parameter to override 'value' attribute -* DB schema change: added two columns (rc_old_len and rc_new_len) to the recentchanges table to store - the text lengths before and after the edit -* (bug 1085) Made Special:Recentchanges show the character difference between the changed revisions -* Removed a redundant <strong> tag from diff pages that was causing display issues for some users -* (bug 8203) The keyboard shortcut for "log out" was removed, because users were pressing it - when they intended to press the shortcut for "preview". -* (bug 8148) Handle non-removable output buffers gracefully when cleaning - buffers for HTTP 304 responses, StreamFile, and Special:Export. - Duplicated code merged into wfResetOutputBuffers() and wfClearOutputBuffers() -* Special:AllPages : 'next page' link now point to the first title of the next - chunk instead of pointing to the last title of current chunk. -* (bug 4673) Special:AllPages : add a 'previous' link (new message 'prevpage') -* (bug 8121) wfRandom() was not between 0 and 1 -* Add static method Parser::createAssocArgs($args), so parser functions can - use the same code to parse arguments as the templates do. -* Change behavior of logins using the temporary e-mailed password (as stored - in user_newpassword hash field). Instead of just logging in silently and - leaving the previous user_password field in place indefinitely, the user - is now prompted to set a new password. - - The password-changing form is at Special:Resetpass; currently it's only - usable for changing from the temporary password during login, but it - could perhaps be generalized, replacing the subform in preferences. - - Once the new password is set successfully, the temporary password is wiped - so it cannot be used to login a second time, and the login process - is completed. -* Suppress 'mail new password' button on login form if $wgAuth forbids - changing user passwords; it wouldn't work very well... -* Consolidate password length checks and $wgAuth manipulation into - User::setPassword() to avoid duplicate code in different places - that set passwords. -* User::setPassword() now throws PasswordError exceptions if the password - is illegal or cannot be set via $wgAuth. These can be caught and a human- - readable error message displayed by UI code. -* Added Title::isSubpage() -* (bug 8241) Don't consider user pages of User:Foo.css to be CSS subpages -* Set an explicit class on framed thumbnail inner divs and images, changed some - CSS to use these instead of using descendent selectors. -* Accept null parameter to User::setPassword() as indicating the password - field should be cleared to an unusable state. Login will only be possible - after the password is reset, for instance by e-mail. -* (bug 6394) Invalidate the password set for "by e-mail" account creations - to avoid accidental empty password creations. -* Made the show change size function work on page moves, page creations, and - log entries. Also fixed it in the javascript recentchanges. -* (bug 8239) correctly get 50 new contributions when clicking '(50 next)' -* (bug 2259) Fix old regression where e-mail addresses were no longer - confirmed on login with mailed password. -* Add a notification about the confirmation mail sent during account - creation, so people don't immediately go off to request a second one. -* Add a warning on Special:Confirmemail if a code was already sent and has - not yet expired. -* Add user_editcount field to provide data for heuristics on account use. - Incremented on edit, with lazy initialization from past revision data. - Can batch-initialize with maintenance/initEditCount.php (not yet friendly - to replication environments, this will do all accounts in one query). -* Allow raw SQL subsections in Database::update() SET portion as well as - for WHERE portion. Handy for increments and such. -* User::getOption now accept a default value to override default user values - this makes it consistent with WebRequest::get* methods. Corrected code in - various places accordingly. -* (bug 8264) Fix JavaScript global vars for XHTML mode -* Make $wgSiteNotice value wikitext again, for consistency with editable - MediaWiki:Sitenotice and MediaWiki:Anonnotice. -* (bug 8044) When redirecting from the canonical name of the special page - to the localised one, parameters/subpages are omitted -* (bug 8164) Special:Booksources should use GET for form submission -* Rewrite Special:Booksources to clean up interface and remove redundant code -* (bug 7925) Change Special:Allmessages message name filter javascript to be - a bit more responsive and easier on the CPU -* (bug 4488) Support watching pages on deletion; introduces new user preference -* Minor restructuring of Special:Preferences; "watch pages I edit" and "watch - pages I create" options now accessible under "Watchlist" options -* (bug 8153) <nowiki> doesn't work in site notice -* (bug 6690) wfMsgNoTrans() transforms messages -* (bug 8274) Wrap edit tools in a <div> with a specified class -* Detect PHP 5.0.x 64-bit bug and abort in WebStart.php; too many things break - mysteriously otherwise (detection code copied from install-utils.inc) -* (bug 8295) Change handling of <center> tags in doBlockLevels() to match that - of <div> -* (bug 8110) Make magic ISBN linking stricter: only match ten-digit sequences - (plus optional ISBN-13 prefix) with no immediately following alphanumeric - character, disallow multiple consecutive internal redirects -* (bug 2785) Accept optional colon prefix in links when formatting comments -* Don't show "you can view and copy the source of this page" message for - pages which don't exist -* (bug 8310) Blank line added to top of 'post' when page is blank -* (bug 8109) Template parameters ignored in "recentchangestext" -* Gracefully skip redirect-to-fragment on WebKit versions less than 420; - it messes up on current versions of Safari but is ok in the latest - nightlies. Checking the version number will allow it to automatically - work when new releases of Safari appear. -* Fix regression in thumb styles; size and padding didn't match with - new arrangement. -* (bug 8333) Fix quick user data update on login password change on - replication database setups. User data is now pulled from master - instead of slave in User::loadFromDatabase, ensuring that it is - fresh and accurate when read and then saved back into cache. - This was breaking with the Special:Rename operation which - automatically logs the user in with the new password after changing - it; pulling from slave meant the record was often not the updated - one. -* (bug 8335) Set image width to the first valid parameter found. -* (bug 8350) Fix watchlist viewing bug when using Postgres. -* (bug 6603) When warning about invalid file extensions, output the bit - of the extension we actually checked -* (bug 7669) Drop defaults on BLOB/TEXT columns for better compatibility - with MySQL's strict mode, often enabled by the Windows installer. - The defaults are ignored anyway when strict mode is off... -* (bug 7685) Use explicit values for ar_text and ar_flags when deleting, - for better compatibility with MySQL's strict mode -* Update default interwiki values to reflect changed location of ursine: -* (bug 5411) Remove autopatrol preference -* Users who have the "autopatrol" permission will have their edits marked as - patrolled automatically -* Users who do not have the "autopatrol" permission will no longer be able - to mark their own edits as patrolled -* Introduce 'PingLimiter' hook; see docs/hooks.txt for more information -* (bug 532) Tweaked alt text for some interface messages -* (bug 8231) Gave useful alt text to the main <img> on image pages -* (bug 371) Remove alt text for "Enlarge" icon on thumbnails -* Initialize user_editcount to 0 instead of NULL for newly created accounts -* (bug 3696) Strip LRM and RLM characters from titles to work around the - problem some people have where titles cut-and-pasted from lists include - the bidi override characters appended to the lists. - A more thorough blacklist for forbidden and translatable characters would - be wise, though, as might a cleaner method for the lists in the first place. -* Fix regression in email password resets on read-restricted sites -* Set tabindex on fields in deletion form so you don't have to tab through - the links in the sitenotice -* (bug 8271) Show full time and date on viewer for individual deleted - revisions -* (bug 8214) Output file size limit and actual file size in appropriate units - on Special:Upload -* (bug 8016) Purge objectcache table during upgrade processes - use the --nopurge - option to prevent this when running maintenance/update.php -* (bug 7612) Remove superfluous link to Special:Categories from result items - on Special:Mostcategories -* {{PLURAL:}} now handles formatted numbers correctly -* (bug 8331) Added the change size value to watchlists; therefore made - watchlists use RecentChange::newFromRow() instead of newFromCurRow() -* (bug 8351) Fix undo for simple reverts -* (bug 6856) User::clearNotification() does not respect read-only mode -* (bug 6853) Use a checkbox on the installer form to indicate that a superuser - account should be used; this is clearer than the old check which relied on - the password never being an obscure value -* Remove old unused watchlist cache, which was a leftover from the old schema - where watchlists were more expensive to generate -* Minor cosmetic changes to Special:Userrights -* Added wgCanonicalSpecialPageName to JavaScript variables -* Fix image deleting when using Postgres. -* Output both source and destination titles in maintenance/moveBatch.php -* Added basic parser tests for language variants -* Enable selflinks and categories to be written in some of the language variants -* Prevent conversion of JavaScript code in language variants -* Output software version number in maintenance/parserTests.php -* (bug 7169) Use Ajax to watch/unwatch articles if enabled -* Make variant table caching a little more robust, using main language code - in cache key. Probably this is still a bit wonky, though. Was breaking - parser tests when Chinese tables were getting loaded into Serbian code. -* (bug 8380) Be nicer about blank lines in deleteBatch.php -* (bug 8401) Fix regression in SORBS lookup for some DNS setups -* Use raw file descriptor in posix_isatty() check to avoid warning on - Linux systems with at least some versions of PHP -* (bug 5908) Allow overriding the default category sort key for all items on - a page using {{DEFAULTSORT}} -* (bug 6449) Throw a more definitive error message when installation fails - due to an invalid database name -* (bug 5827) Use full text for option link labels on Special:Watchlist -* (bug 8018) Allow hiding minor edits from the watchlist -* (bug 8427) MonoBook RTL IE 7.0 tweaks failed when sidebar's navigation - section is renamed; no longer relies on first section name -* Stabilize client-side table sorting even if the underlying Javascript sort() - implementation is unstable -* Add hook for extensions to add user information to the panel in preferences, - next to the user name and ID. -* (bug 8392) Display protection status of transcluded pages in the edit page - template list. Patch by Fyren, with i18n naming tweak. -* Fix for interwiki transclusion where target wiki uses query string for title -* Resolve namespaces on interwiki Title objects using canonical namespace names - if possible (should not happen, though, outside interwiki transclusion... and - maybe not even then, but it does) -* (bug 8447) Fix SQL typo breaking non-default $wgHitcounterUpdateFreq -* Do not allow previews of deleted images to be cached -* Add global variable $wgDefaultLanguageVariant used to set the default language - variant of a wiki to something different than the main language code -* Add 'variant' option to parserTests - runs test with the given variant as - preferred, utilize it for more parser tests of language variants code -* (bug 6503) Fix bug that stopped certain irrelevant links from being hidden - for printing -* Avoid PHP warning in Creative Commons metadata when a creative commons - license is not actually set up -* (bug 8463) Don't print external link icons for Monobook -* (bug 8461) Support watching pages on move -* (bug 8041) Work around bug with debug_backtrace when Zend Optimizer is - loaded by skipping the function. Use wfDebugBacktrace() wrapper function. -* Reduce config file clutter by setting various script and upload paths - based on $IP or $wgScriptPath in Setup.php. They can still be explicitly - overridden in LocalSettings.php if desired... -* Attempt to detect redirect loops for the canonical title redirect, and - give some hints to the poor confused administrator. -* Introduce new flag 'R' - raw output for language variant escape tags -* Advise users when updates for a query page have been disabled using - $wgDisableQueryPageUpdate -* (bug 8413) Improve comments for $wgNamespaceRobotPolicies -* (bug 8330) Show "bytes" suffix on recent changes diff counter - optionally... if set in rc-changes-size message (default empty for now) -* (bug 8489) Support basic links in <gallery> caption attribute -* (bug 8485) Correct Lingala number formatting -* The MediaWiki namespace is no longer pre-filled with default messages on - install. All default messages will be removed from the MediaWiki namespace - on upgrade. -* Recentchanges RSS/Atom feeds now use a separate message for the description - to avoid cluttering it with useless wiki formatting -* (bug 8417) Handle EXIF unknown dates -* (bug 8372) Return nothing on empty <math> tags. -* New maintenance script to show the cached statistics : showStats.php. -* Count deleted edits when regenerating total edits in maintenance/initStats.php -* (bug 3706) Allow users to be exempted from IP blocks. The ipblock-exempt permission - key has been added to enable this behaviour, by default assigned to sysops. -* (bug 7948) importDump.php now warn that Recentchanges need to be rebuild. -* (bug 7667) allow XHTML namespaces customization -* (bug 8531) Correct local name of Lingála (patch by Raymond) -* Fix regression with default lock file and cache directories; threw visible - warning with open_basedir +* A new switch $wgCommandLineDarkBg used by maintenance scripts (parserTests.php). + It lets you specify if your terminal use a dark background, the colorized + output will be made lighter making things easier to read. +* The minimum permissions needed to edit a page in each namespace can now be + customized via the $wgNamespaceProtection array. By default, editing pages in + the MediaWiki namespace requires "editinterface" permission, as before. +* Allow restriction of autoconfirmed permission by edit count. New global setting + $wgAutoConfirmCount (defaulting to zero, naturally). +* Added rate limiter for Special:Emailuser +* Private logs can now be created using $wgLogRestrictions +* (Bug 8590) limited HTML is now always enabled ($wgUserHtml = true). +* Deprecated $wgUseImageResize, thumbnailing will be enabled unconditionally. + +== New features since 1.9 == + +* (bug 6937) Introduce "statistics-footer" message, appended to + Special:Statistics +* (bug 6638) List block flags in block log entries +* (bugs 5051, 5376) Tooltips and accesskeys no longer require JavaScript +* Added SkinTemplateOutputPageBeforeExec hook before SkinTemplate::outputPage() + starts page output + (http://lists.wikimedia.org/pipermail/wikitech-l/2007-January/028554.html) +* Introduce "cascading protection" -- implicit protection on pages transcluded + into a page protected with this option enabled +* (bug 8567) Added hook RawPageViewBeforeOutput just before the text is blown + out in action=raw, so extensions might influence the output. +* (bug 3446) Add user preference to hide page content below diffs, can be + overridden by adding diffonly=1 or diffonly=0 to the URL of the diff page +* Add 'purge' privilege to replace the hardcoded check for login state in + determining whether action=purge can be done via GET. Switching the + permission on for anons can be helpful for benchmarking. +* (bug 7842) Link back to deleted revision list from deleted revision preview +* (bug 8619) Add user-aware "unblock" link to Special:Blockip +* (bug 8522) Provide a "delete" link on Special:Brokenredirects for users with + the appropriate permission +* (bug 8628) Add user-aware block list link to Special:Blockip +* (bug 8621) Log revisions marked as patrolled +* Introduce "BookInformation" hook; see docs/hooks.txt for more details +* Add title prefix search for Special:Undelete +* Remove full-archive list from Special:Undelete +* (bug 8136) Introduce 'ArticleUndelete' hook; see docs/hooks.txt for more info +* (bug 8712) Expose user groups as a JavaScript global +* Introduce 'CustomEditor' hook; see docs/hooks.txt for more information +* New special page, Special:Protectedpages, which shows all protected pages + and their protection status (full protection status is not pulled out due + to performance considerations, so it just shows "full protected" or + "semi protected". +* (bug 4133) Allow page protections to be made with an expiry date, in the same + format as block expiry dates. Existing protections are assumed to be infinite, + as are protections made with the new field left blank. +* (bug 8535) Allow certain vertical alignment attributes to be used as image + keywords +* (bug 6987) Allow perrow, widths, and heights attributes for <gallery> +* (bug 3678) Allow disabling MediaWiki:Aboutsite in the same way as + MediaWiki:Disclaimers; Also means that if any of the footer links are + disabled in the wiki's default language (by setting to "-"), they'll also + be disabled in other languages too (e.g. if the user specifies uselang=fr). +* Sort log types in Special:Log +* Added a classname ("mw-toolbar-editbutton") and unique IDs to the edit + toolbar buttons +* Hide irrelevant block options in Special:Blockip based on whether an + IP address/range or username is listed. (Dynamic using JS.) +* (bug 9032) Make quickbarSettings localizable through Special:Allmessages +* (bug 7782) Standardisation of file info at image description pages. +* (bug 1035) View contributions / recentchanges for an IP range. +* (bug 8747) When unwatching pages from Special:Watchlist/edit, put the + confirmation messages in a proper list with a CSS class and id. +* (bug 9118) Show relevant log fragments on deletion confirmatio page +* (bug 9009) Add username entry field to Special:Contributions +* (bug 1723) Article size in history +* (bug 9223) Disallow magic tilde sequences in page titles and usernames +* (bug 6997) Link from Special:log/block to unblock form +* (bug 9117) Link from Special:log/delete to undelete form +* Link from Special:log/protect to change protection form +* (bug 1196) Add IPv6 support added to blocks, more consistancy for IPv6 contribs +* (bug 3984) Searching in logs by title% +* Show thumbnail of existing image if image exists already under this filename +* (bug 5546) Watchlist reflects logged actions like move, protection, undelete +* Support protocols other than HTTP in LinkFilter, use $wgUrlProtocols +* (bug 3069) Warning on upload of scaled down images +* Warning on upload of images with uppercase extension if image with lowercase + extension exists +* (bug 4624) Namespace selection for Special:Whatlinkshere +* Introduce PageHistoryBeforeList and PageHistoryLineEnding hooks; see docs/hooks.txt + for more information +* (bug 9397) Introduce "sp-contributions-footer" and "sp-contributions-footer-anon" + messages, shown at the end of Special:Contributions as appropriate for the target +* (bug 8421) Expose current action in JavaScript globals (as 'wgAction') +* (bug 9069) Use galleries in query pages dedicated to images +* (bug 9177) Installer now warns of various conditions affecting session.save_path + which can lead to broken session storage +* (bug 9046) Special page to list pages without language links +* (bug 9508) Special page to list articles with the fewest revisions +* Introduce 'FileUpload' hook; see docs/hooks.txt for more information +* Introduce 'SearchUpdate' hook; see docs/hooks.txt for more information +* Introduce 'mywatchlist' message; used on personal menu to link to watchlist page +* Introduce magic word {{NUMBEROFEDITS}} +* Introduced media handlers for file-type specific operations. +* Improved error reporting for image thumbnailing +* Added sharpening option for ImageMagick thumbnailing +* (bug 9656) Autosummaries will be generated for deletion of pages longer than + 500 characters +* Predefined block reasons added to Special:Blockip +* (bug 9196) Installer now check that zend.ze1_compatibility_mode is off +* (bug 9697) Introduce 'InternalParseBeforeLinks' hook; see docs/hooks.txt for more information +* 'contribsub' message changed to 'contribsub2' with two parameters to permit + better localization. Change is reverse-compatible and can be ignored for + most wikis. +* Adding a 'reason' field to Special:Userrights + +== Bugfixes since 1.9 == + +* (bug 7292) Fix site statistics when moving pages in/out of content namespaces +* (bug 8531) Correct local name of Lingála +* Made the PLURAL: parser function return singular on -1 per default +* Fixed up the AjaxSearch +* Fix SpecialVersion->formatCredits input. Version and Url parameters should be + null to be treated properly with isset. +* Page restrictions moved into a new, dedicated table +* Correct tooltip accesskey hint for Opera on the Macintosh + (uses Shift-Esc-, not Ctrl-). +* (bug 8002) Math should render left-to-right even in right-to-left wikis +* Pass e-mail and real name fields to AuthPlugin::addUser, as additional + optional fields, which may be considered useful at registration time. +* PostgreSQL upgrade scripts fixed and updated +* (bug 8613) Fix error when viewing "Recent Changes" and using Postgres. +* Initialise site_stats table at upgrade time if data was missing +* (bug 7250) Updated Unicode normalization tables to Unicode 5.0 +* Unmaintained Oracle support files have been removed. +* Use browser default for printing size, don't force to 11pt +* (bug 8632) Fix regression in page protection null edit update +* (bug 8407) Disallow indexing of "printable" versions +* (bug 8643) Correctly escape the page-specific CSS class for non-Monobook skins +* (bug 8629) Document $wgFilterCallback +* (bug 1000) Clarify warning about memory_limit in installer +* Suppress PHP warning about set_time_limit in installer when safe mode is on +* (bug 3000) Fall back to SCRIPT_NAME plus QUERY_STRING when REQUEST_URI is + not available, as on IIS with PHP-CGI +* Missing interwiki row for English Wikipedia restored (as "wikipedia:") +* use configured cache servers for mctest.php +* bucket details in mcc.php +* fix input validation and remove debugging code in compressOld +* full ID range for moveToExternal +* fix resolveStubs.php for compatibility with older serialized data +* maximum line length for bar graphs in getLagTimes.php +* recognize specieswiki in rebuildInterwiki.inc +* profile unicode cleanup in Xml +* log slow parses in Article.php +* profile wfMsgReal +* log mkdir failures +* profile AutoLoader +* rebuild empty DjVu metadata containing '' +* security fix for DjVu metadata retrieval +* Undelete page list can use plural marker +* (bug 8638) Fix update from 1.4 and earlier +* (bug 8641) Fix order of updates to ipblocks table +* (bug 8678) Fix detection of self-links for numeric titles in Parser +* (bug 6171) Magically close tags in tables when not using Tidy. +* Sanitizer now correctly escapes lonely '>' occurring before the first wikitag. +* Ignore self closing on closing tags ( '</div />' now gives '</div>') +* (bug 8673) Minor fix for web service API content-type header +* Fix API revision list on PHP 5.2.1; bad reference assignment +* (bug 8688) Handle underscores/spaces in Special:Blockip and Special:Ipblocklist + in a consistent manner +* (bug 8701) Check database lock status when blocking/unblocking users +* ParserOptions and ParserOutput classes are now in their own files +* (bug 8708) Namespace translations for Zealandic language +* Renamed constructor methods to PHP 5 __construct reserved name +* (bug 8715) Warn users when editing an interface message whether or not the + message page exists +* ar: fix the 'create a new page' on search page when no exact match found +* (bug 8703) Corrected talk and image namespace name for Limburgish (li) +* (bug 8671) Expose "wpDestFile" as a parameter to "uploadtext" +* (bug 8403) Respect bad image list exceptions in galleries on wiki pages +* Allow sending per-user contribution requests to "contributions" query group +* (bug 3717) Update user count for AuthPlugin account autocreation +* (bug 8719) Firefox release notes lie! Fix tooltips for Firefox 2 on x11; + accesskeys default settings appear to be same as Windows. +* Added an option to make Linker::userToolLinks() show the contribs link + red when the user has no edits. Linker::userToolLinksRedContribs() is an + alias to that which should be used to make it more self documentating. +* (bug 8749) Bring MySQL 5 table defs back into sync +* (bug 8751) Set session cookies to HTTPS-only to match other cookies +* (bug 8652) Catch exceptions generated by malformed XML in multipage media +* (bug 8782) Help text in Makefile +* (bug 8777) Suppress 'previous' link on Special:Allpages when at first page +* (bug 8774) Fix path for GNU FDL rights icon on new installs +* Fix multipage selector drop-down for DjVu images to work when title + is passed as a query string parameter; we have to pass the title as + a form parameter or it gets dropped from the form submission URL +* (bug 8819) Fix full path disclosure in with skins dependencies +* Fixed bug affecting HTML formatting in sortable table column titles +* Merged table sorting code into wikibits.js +* (bug 8711) Stop floats in previews from spilling into edit area +* (bug 8858) Safer handling when $wgImageLimits is changed. Added a note + in DefaultSettings to make it clear. +* (bug 4268) Fixed data-loss bug in compressOld batch text compression + affecting pages which had null edits (move, protect, etc) as second + edit in a batch group. Isolated and patched by Travis Derouin. +* Fix for paths in 1.4->1.5 special-case updater script +* (bug 8789) AJAX search: IE users can now use the return key +* (bug 6844) Use <ins> and <del> tags to emphase the differences +* (bug 6684) Fix improper javascript array iteration +* (bug 4347) use MailAddress object for reply-to +* Add AlphabeticPager abstract class +* Use faster AlphabeticPager for Special:Categories +* (bug 8875) Show printable link in MonoBook sidebar for locally nonexistent + pages; perhaps useful for categories and shared images +* Clean up session checks to better handle the case where the session was + opened during the current request. May help with some caching corner + cases. +* (bug 8897) Fix whitespace removal for interlanguage links with link prefix +* Add 'ParserTestTables' hook to expand the list of temporary tables copied + by the parser test harness; use for extensions which require the presence + of other tables while they work. +* Message names changed for AlphabeticPager introduced with r19758 + for better localisations. +* (bug 8944) The deprecated is_a() function is used in StubObjects.php +* (bug 8992) Fix a remaining raw use of REQUEST_URI in history +* (bug 8999) User.php gives "undefined user editcount" PHP notice. +* (bug 8984) Fix a database error in Special:Recentchangeslinked + when using the Postgres database. +* Moved the main ob_start() from the default LocalSettings.php to WebStart.php. + The ob_start() section should preferably be removed from older + LocalSettings.php files. +* Give Content-Length header for HTTP/1.0 clients. +* Partial support for Flash cross-domain-policy filtering. +* Lazy-initialize site_stats row on load when empty. Somewhat kinder to + dump-based installations, avoiding PHP warnings when NUMBEROFARTICLES + and such are used. +* Add 'charset' to Content-Type headers on various HTTP error responses + to forestall additional UTF-7-autodetect XSS issues. PHP sends only + 'text/html' by default when the script didn't specify more details, + which some inconsiderate browsers consider a license to autodetect + the deadly, hard-to-escape UTF-7. + This fixes an issue with the Ajax interface error message on MSIE when + $wgUseAjax is enabled (not default configuration); this UTF-7 variant + on a previously fixed attack vector was discovered by Moshe BA from BugSec: + http://www.bugsec.com/articles.php?Security=24 +* Trackback responses now specify XML content type +* (bug 9044) Send a comment with action=raw pages in CSS/JS output mode + to work around IE/Mac bug where empty pages time out verrrrryyyyy slowly, + particularly with new keepalive-friendly HTTP on Wikipedia +* (bug 8919) Suppress paging links and related messages where there are no + rows to list for query pages +* (bug 9057) Standardize MediaWiki: namespace for oc +* (bug 8132) Suppress "Pages in this category" heading in categories when + there are none +* (bug 8958) Handle search operators better when using tsearch2 (Postgres) +* (bug 8799) Use redirect table for Special:BrokenRedirects and + Special:DoubleRedirects +* (bug 8918) Enable PLURAL option for MediaWiki:showingresults and + MediaWiki:showingresultsnum +* (bug 9122) Fix minor display issue in RTL with section edit link margin +* (bug 5805) Enable PLURAL option for some messages of watchlist and statistic +* (bug 3953) Work around poor display of parenthesis in the in other + languages section of MonoBook skin +* (bug 8539) Enable PLURAL option for another message of recentchanges. +* (bug 8728) MediaWiki:Badfiletype splitted into 3 messages +* (bug 9131) Allow SpecialContributions to work with Postgres +* (bug 9155) Allow footer info to wrap in Monobook +* (bug 8847) Strip spurious #fragments from request URI to fix redirect + loops on some server configurations +* (bug 9097) column "pr_pagetype" does not exist +* (bug 9217) Balance wfProfile calls in Skin::outputPage +* (bug 9222) PostgreSQL updater should not be version-specific +* Fix fallback implementation of mb_strlen so it works and isn't insanely + slow for large strings, since it's used for page edit lengths +* (bug 8815) Setting password in initUser() breaks LdapAuthentication plugin +* (bug 9256) Add a quick note to index.php header comments +* Make Special:Listusers caseinsensitive for first letter +* Default tidy.conf has been moved from extensions module into includes. +* Ignore lonely ''''' +* (bug 9244) When calling edit page for nonexistent section, generate error + inside of just discarding edits, since edit links sometimes go to the wrong + place. +* (bug 9019) No warning during upload if image description page exists, but no + image +* (bug 8582) Allow thumbnailing when imagesize has a space. +* (bug 8716) Change math_inputhash and math_outputhash to byte for Postgres +* (bug 9343) Correct internal name for Wolof language +* (bug 9363) Fix Postgres error on Recentchangeslinked +* (bug 5142) Fixed call of hook ArticleViewHeader +* (bug 4777) Separate prev/next messages for Special:Whatlinkshere +* Merge approx 15 missing Wikipedia language codes into wikipedia-interwiki.sql + based on Jeff Merkey's mediawiki-1.9.3.WG-20070316.tar.gz.bz2 archive. +* (bug 9411) Fix for shared image descriptions using query-string titles +* (bug 4756) Add user tool links for self created accounts at special:log + instead of sometimes broken block links from newuserlog extension +* (bug 5817) Special:Recentchangeslinked now shows red link for nonexistent + target page instead of silently redirecting +* (bug 8914) Don't transform colons in {{anchorencode:}} +* (bug 9241) Handle edit section links and include size links for cached + templates the same as the first transclusion. +* (bug 9466) "Rollback failed" page doesn't format edit comment +* (bug 9472) Invalid XHTML on cached special pages +* (bug 9472) Invalid XHTML on Special:Newpages +* (bug 4764) "My contributions" not bold when viewing own contributions +* (bug 9194) Add {{PLURAL:...}} to navigation bar of Special:Whatlinkshere +* (bug 9033) Use a more specific error message when users are not able/allowed + to edit page protection levels due to a block, database lock or permissions +* Fixed $wgFeedLimit +* (bug 9270) Corrected help namespace name for Dutch Lower Saxon (nds-nl) +* (bug 929, 4215) Expose "rcdays" user preference in Special:Preferences +* (bug 9554) Extension-provided group name messages not used +* (bug 9565) Translate template namespace name for Hindi (hi) +* (bug 8599) Correct localized names of zh-variants +* (bug 3366) Require skins based on SkinTemplate to override the skinname + property. +* (bug 9220) Removed obsoletes functions in install-utils.inc. +* Removed obsoletes Title::getRelatedCache and Title:touchArray +* (bug 7285) Check MySQL username length during install +* (bug 6910) Correct date/time formats in Vietnamese (vi) +* (bug 9608) Correctly use ORDER BY in dumpLinks.php +* (bug 9609) Correctly use ORDER BY in SpecialWhatlinkshere.php +* Special:Random and Special:Randomredirect now try harder to send the user to + a random page, and will give an error message if none really can be found + instead of sending the user to the main page like they used to +* Fix object variable used for displaying "not-patrolled" CSS class on list +* Fixed interaction of page parameter to ImagePage with the HTML file cache +* Fixed MIME type for SVG files, will be silently changed from image/svg + to image/svg+xml after loading from the database. +* Workaround for djvutoxml bug #1704049 (poor performance). Use djvudump + instead. +* Fixed odd behaviour in ImagePage on DjVu thumbnailing errors +* (bug 5439) "Go" title search will now jump to shared/foreign Image: and + MediaWiki: pages that have not been locally edited. +* (bug 9630) Limits links in Whatlinkshere forgot about namespace filter +* Fixed upgrade for the non-standard MySQL schemas +* Disable MySQL's strict mode at session start for MySQL 4.1+, to avoid the + various problems that occur when it is on. +* (bug 9585) Fix regression in tidy usage in Special:Undelete previews +* (bug 3826) Normalize some invalid cookie name characters when setting + up $wgCookiePrefix. Completes application of patch by Anders Kaseorg. +* (bug 9649) Fix RTL form alignment for Special:Movepage +* (bug 9582) Members of bot group now mark edits patrolled by default +* (bug 9669) Fix limit ordering for rebuildrecentchanges; broken since + converted from 1.4 to 1.5 schema +* (bug 9682) Revert PHP 5.1 dependency on warning suppression for SVN info +* (bug 5959) Anchors dropped from stub links +* (bug 3348) Some additional weak password checks: password which is same + as username will now be rejected. +* (bug 8602) Converted Special:Contributions to use an IndexPager. The + interpretation of the offset parameter has changed, and the go parameter + has been removed. +* (bug 7629) Fix $wgBrowserBlackList to avoid false positive on MSIE + when certain plugins are present which alter the user agent + + +== Maintenance == + +* New script maintenance/language/checkExtensioni18n.php used to check i18n + progress in the extension repository. +* Running maintenance/parserTests.php with '--record' option, will now + automatically attempt to create the required tables +* --purge option to do additional parser-cache purging for purgeList.php +* Fix hardcoded background color in parserTests.php +* parserTests.php : removed the 'light' option for --color argument, replacing + it with a new global switch : $wgCommandLineDarkBg +* (bug 8780) Clarify message for command-line scripts if LocalSettings.php + exists but is not readable +* dumpBackup / importDump now work with PostgreSQL +* (bug 8975) Use "Maintenance script" as the default username for importImages.php + and importTextFile.php scripts +* (bug 8933) Fix maintenance/reassignEdits.php script +* (bug 9440) Added "mediawikiwiki" interwiki prefix to MediaWiki.org +* (bug 2979) Import now gracefully skips invalid titles with a warning +* Restore '--norc' option for maintenance/importTextFile.php +* Help information for maintenance/importTextFile.php now easier to read on + consoles +* Doxygen documentation now show the revision number of each file, generate + graphs using dot and include a search engine. == Languages updated == +* Arabic (ar) +* Aramaic (arc) +* Aymara (ay) +* Belarusian normative (be) +* Belarusian alternative (be-x-old) +* Bulgarian (bg) +* Bihara (bh) +* Breton (br) +* Catalan (ca) +* Czech (cs) +* Danish (da) +* German (de) +* Greek (el) +* Esperanto (eo) +* Spanish (es) +* Estonian (et) * Basque (eu) -* Bishnupriya Manipuri (bpy) -* Cantonese (zh-yue) * Finnish (fi) -* Frisian (fy) -* German (de) +* Võro (fiu-vro) +* French (fr) * Hebrew (he) +* Hindi (hi) +* Upper Sorbian (hsb) +* Hungarian (hu) +* Armenian (hy) * Indonesian (id) * Italian (it) * Japanese (ja) +* Javanese (jv) +* Georgian (ka) +* Kabyle (kab) * Kazakh (kk) -* Kongo (kg) +* Korean (ko) +* Kashmiri (ks) +* Ripuarian (ksh) * Latin (la) +* Luganda (lg) * Limburgish (li) -* Lingala (ln) * Lithuanian (lt) -* Maltese (mt) -* Maori (mi) -* Norwegian (no) +* Latvian (lv) +* Marathi (mr) +* Low Saxon (nds) +* Dutch Lower Saxon (nds-nl) +* Nepali (ne) +* Nepal Bhasa (new) +* Dutch (nl) * Occitan (oc) -* Old Church Slavonic (cu) +* Pali (pi) * Polish (pl) -* Portuguese (pt) -* Ripurian (ksh) +* Romanian (ro) * Russian (ru) +* Sanskrit (sa) +* Sicilian (scn) * Slovak (sk) +* Sundanese (su) * Swedish (sv) -* Taiwanese/Holo: (bug 8217) changed language code to nan (from zh-min-nan) - due to http://www.sil.org/iso639-3/codes.asp?order=639_3&letter=n -* Upper Sorbian (hsb) +* Tahitian (ty) +* Ukrainian (uk) +* Urdu (ur) +* Uzbek (uz) * Vietnamese (vi) +* Zealandic (zea) +* Old Chinese / Late Middle Chinese (zh-classical) +* Chinese (PRC) (zh-cn) +* Chinese (Taiwan) (zh-tw) +* Cantonese (zh-yue) == Compatibility == -MediaWiki 1.9 requires PHP 5 (5.1 recommended). PHP 4 is no longer supported. +MediaWiki 1.10 requires PHP 5 (5.1 recommended). PHP 4 is no longer supported. PHP 5.0.x fails on 64-bit systems due to serious bugs with array processing: http://bugs.php.net/bug.php?id=34879 @@ -864,13 +507,11 @@ At this time we still recommend 4.0, but 4.1/5.0 will work fine in most cases. == Upgrading == -Some minor database changes have been made since 1.7: -* new fields and indexes on ipblocks -* index change on recentchanges +1.10 has several database changes since 1.9, and will not work without schema +updates. -Several changes from 1.5 and 1.6 do require updates to be run on upgrade. -To ensure that these tables are filled with data, run refreshLinks.php after -the upgrade. +If upgrading from before 1.7, you may want to run refreshLinks.php to ensure +new database fields are filled with data. If you are upgrading from MediaWiki 1.4.x or earlier, some major database changes are made, and there is a slightly higher chance that things could @@ -878,8 +519,6 @@ break. Don't forget to always back up your database before upgrading! See the file UPGRADE for more detailed upgrade instructions. - - === Caveats === Some output, particularly involving user-supplied inline HTML, may not @@ -889,14 +528,15 @@ cases, but this is not recommended on live sites. (This must be set for MathML to display properly in Mozilla.) -For notes on 1.8.x and older releases, see HISTORY. +For notes on 1.9.x and older releases, see HISTORY. === Online documentation === Documentation for both end-users and site administrators is currently being -built up on Meta-Wikipedia, and is covered under the GNU Free Documentation -License: +built up on MediaWiki.org, and is covered under the GNU Free Documentation +License (except for pages that explicitly state that their contents are in +the public domain) : http://www.mediawiki.org/wiki/Documentation |