summaryrefslogtreecommitdiff
path: root/www/wiki/HISTORY
diff options
context:
space:
mode:
Diffstat (limited to 'www/wiki/HISTORY')
-rw-r--r--www/wiki/HISTORY16109
1 files changed, 16109 insertions, 0 deletions
diff --git a/www/wiki/HISTORY b/www/wiki/HISTORY
new file mode 100644
index 00000000..0693b21c
--- /dev/null
+++ b/www/wiki/HISTORY
@@ -0,0 +1,16109 @@
+Change notes from older releases. For current info see RELEASE-NOTES-1.31.
+
+= MediaWiki 1.30 =
+
+== MediaWiki 1.30.0 ==
+
+=== Changes since MediaWiki 1.30.0-rc.0 ===
+* Upgraded Moment.js from v2.15.0 to v2.19.3.
+* Add ip_changes to postgres/tables.sql.
+* Skip null shell parameters.
+* Add wfWaitForSlaves() to maintenance/migrateComments.php.
+* (T182245) Fix join conditions in ImageListPager.
+* (T178626) Revert #contentSub and #jump-to-nav margin changes.
+
+=== MySQL version requirement in 1.30 ===
+As of 1.30, MediaWiki now requires MySQL 5.5.8 or higher (see Compatibility
+section).
+
+=== Configuration changes in 1.30 ===
+* The "C.UTF-8" locale should be used for $wgShellLocale, if available, to avoid
+ unexpected behavior when code uses locale-sensitive string comparisons. For
+ example, the Scribunto extension considers "bar" < "Foo" in most locales
+ since it ignores case.
+* $wgShellLocale now affects LC_ALL rather than only LC_CTYPE. See
+ documentation of $wgShellLocale for details.
+* $wgShellLocale is now applied for all requests. wfInitShellLocale() is
+ deprecated and a no-op, as it is no longer needed.
+* $wgJobClasses may now specify callback functions as an alternative to plain
+ class names. This is intended for extensions that want control over the
+ instantiation of their jobs, to allow for proper dependency injection.
+* $wgResourceModules may now specify callback functions as an alternative
+ to plain class names, using the 'factory' key in the module description
+ array. This allows dependency injection to be used for ResourceLoader modules.
+* $wgExceptionHooks has been removed.
+* (T163562) $wgRangeContributionsCIDRLimit was introduced to control the size
+ of IP ranges that can be queried at Special:Contributions.
+* (T45547) $wgUsePigLatinVariant added (off by default).
+* (T152540) MediaWiki now supports a section ID escaping style that allows to display
+ non-Latin characters verbatim on many modern browsers. This is controlled by the
+ new configuration setting, $wgFragmentMode.
+* $wgExperimentalHtmlIds is now deprecated and will be removed in a future version,
+ use $wgFragmentMode to migrate off it to a modern alternative.
+* $wgExternalInterwikiFragmentMode was introduced to control how fragments in
+ sinterwikis going outside of current wiki farm are encoded.
+* (T120333) Soft-deprecated the use of PHP extension 'mysql' in favor of 'mysqli'.
+ This PHP extension was deprecated in PHP 5.5 and removed in PHP 7.0. MediaWiki
+ auto-selects the 'mysqli' driver since MediaWiki 1.22, except if explicitly
+ requested through the configuration parameter $wgDBservers.
+* $wgOOUIEditPage was removed, as it is now the default. This was documented as a
+ temporary variable during the migration period.
+
+=== New features in 1.30 ===
+* (T37247) Output from Parser::parse() will now be wrapped in a div with
+ class="mw-parser-output" by default. This may be changed or disabled using
+ ParserOptions::setWrapOutputClass().
+* (T163562) Added ability to search for contributions within an IP ranges
+ at Special:Contributions.
+* Added 'ChangeTagsAllowedAdd' hook, enabling extensions to allow software-
+ specific tags to be added by users.
+* Added a 'ParserOptionsRegister' hook to allow extensions to register
+ additional parser options.
+* (T45547) Included Pig Latin, a language game in English, as a
+ LanguageConverter variant. This allows English-speaking developers
+ to develop and test LanguageConverter more easily. Pig Latin can be
+ enabled by setting $wgUsePigLatinVariant to true.
+* Added RecentChangesPurgeRows hook to allow extensions to purge data that
+ depends on the recentchanges table.
+* Added JS config values wgDiffOldId/wgDiffNewId to the output of diff pages.
+* (T2424) Added direct unwatch links to entries in Special:Watchlist (if the
+ 'watchlistunwatchlinks' preference option is enabled). With JavaScript
+ enabled, these links toggle so the user can also re-watch pages that have
+ just been unwatched.
+* Added $wgParserTestMediaHandlers, where mock media handlers can be passed to
+ MediaHandlerFactory for parser tests.
+* Edit summaries, block reasons, and other "comments" are now stored in a
+ separate database table. Use the CommentFormatter class to access them.
+** This is currently gated by $wgCommentTableSchemaMigrationStage. Most wikis
+ can set this to MIGRATION_NEW and run maintenance/migrateComments.php as
+ soon as any necessary extensions are updated.
+* (T138166) Added ability for users to prohibit other users from sending them
+ emails with Special:Emailuser. Can be enabled by setting
+ $wgEnableUserEmailBlacklist to true.
+* (T67297) $wgBrowserBlacklist is deprecated, and changing it will have no effect.
+ Instead, users using browsers that do not support Unicode will be unable to edit
+ and should upgrade to a modern browser instead.
+
+=== External library changes in 1.30 ===
+
+==== Upgraded external libraries ====
+* Updated justinrainbow/json-schema from v3.0 to v5.2.
+* Updated mediawiki/mediawiki-codesniffer from v0.7.2 to v0.12.0.
+* Updated wikimedia/composer-merge-plugin from v1.4.0 to v1.4.1.
+* Updated wikimedia/relpath from v1.0.3 to v2.0.0.
+* Updated OOjs from v2.0.0 to v2.1.0.
+* Updated OOUI from v0.21.1 to v0.23.0.
+* Updated QUnit from v1.23.1 to v2.4.0.
+* Updated phpunit/phpunit from v4.8.35 to v4.8.36.
+* Upgraded Moment.js from v2.15.0 to v2.19.3.
+
+==== New external libraries ====
+* The class \TestingAccessWrapper has been moved to the external library
+ wikimedia/testing-access-wrapper and renamed \Wikimedia\TestingAccessWrapper.
+* Purtle, a fast, lightweight RDF generator.
+
+==== Removed and replaced external libraries ====
+* …
+
+=== Bug fixes in 1.30 ===
+* (T151633) Ordered list items use now Devanagari digits in Nepalese
+ (thanks to Sfic)
+
+=== Action API changes in 1.30 ===
+* (T37247) action=parse output will be wrapped in a div with
+ class="mw-parser-output" by default. This may be changed or disabled using
+ the new 'wrapoutputclass' parameter.
+* When errorformat is not 'bc', abort reasons from action=login will be
+ formatted as specified by the error formatter parameters.
+* action=compare can now handle arbitrary text, deleted revisions, and
+ returning users and edit comments.
+* (T164106) The 'rvdifftotext', 'rvdifftotextpst', 'rvdiffto',
+ 'rvexpandtemplates', 'rvgeneratexml', 'rvparse', and 'rvprop=parsetree'
+ parameters to prop=revisions are deprecated, as are the similarly named
+ parameters to prop=deletedrevisions, list=allrevisions, and
+ list=alldeletedrevisions. Use action=compare, action=parse, or
+ action=expandtemplates instead.
+
+=== Action API internal changes in 1.30 ===
+* ApiBase::getDescriptionMessage() and the "apihelp-*-description" messages are
+ deprecated. The existing message should be split between "apihelp-*-summary"
+ and "apihelp-*-extended-description".
+* (T123931) Individual values of multi-valued parameters can now be marked as
+ deprecated.
+
+=== Languages updated in 1.30 ===
+MediaWiki supports over 350 languages. Many localisations are updated
+regularly. Below only new and removed languages are listed, as well as
+changes to languages because of Phabricator reports.
+
+* Added: kbp (Kabɩyɛ / Kabiyè)
+* Added: skr (Saraiki, سرائیکی)
+* Added: tay (Tayal / Atayal)
+* Removed: tokipona (Toki Pona)
+
+==== Pig Latin added ====
+* (T45547) Added Pig Latin, a made-up English variant (en-x-piglatin),
+ for easier variant development and testing. Disabled by default. It can be
+ enabled by setting $wgUsePigLatinVariant to true.
+
+=== Other changes in 1.30 ===
+* The use of an associative array for $wgProxyList, where the IP address is in
+ the key instead of the value, is deprecated (e.g. [ '127.0.0.1' => 'value' ]).
+ Please convert these arrays to indexed/sequential ones (e.g. [ '127.0.0.1' ]).
+* mw.user.bucket (deprecated in 1.23) was removed.
+* LoadBalancer::getServerInfo() and LoadBalancer::setServerInfo() are
+ deprecated. There are no known callers.
+* File::getStreamHeaders() was deprecated.
+* MediaHandler::getStreamHeaders() was deprecated.
+* Title::canTalk() was deprecated. The new Title::canHaveTalkPage() should be
+ used instead.
+* MWNamespace::canTalk() was deprecated. The new MWNamespace::hasTalkNamespace()
+ should be used instead.
+* The ExtractThumbParameters hook (deprecated in 1.21) was removed.
+* The OutputPage::addParserOutputNoText and ::getHeadLinks methods (both
+ deprecated in 1.24) were removed.
+* wfMemcKey() and wfGlobalCacheKey() were deprecated. BagOStuff::makeKey() and
+ BagOStuff::makeGlobalKey() should be used instead.
+* (T146304) Preprocessor handling of LanguageConverter markup has been improved.
+ As a result of the new uniform handling, '-{' may need to be escaped
+ (for example, as '-<nowiki/>{') where it occurs inside template arguments
+ or wikilinks.
+* (T163966) Page moves are now counted as edits for the purposes of
+ autopromotion, i.e., they increment the user_editcount field in the database.
+* Two new hooks, LogEventsListLineEnding and NewPagesLineEnding, were added for
+ manipulating Special:Log and Special:NewPages lines.
+* The OldChangesListRecentChangesLine, EnhancedChangesListModifyLineData,
+ PageHistoryLineEnding, ContributionsLineEnding and DeletedContributionsLineEnding
+ hooks have an additional parameter, for manipulating HTML data attributes of
+ RC/history lines. EnhancedChangesListModifyBlockLineData can do that via the
+ $data['attribs'] subarray.
+* (T130632) The OutputPage::enableTOC() method was removed.
+* WikiPage::getParserOutput() will now throw an exception if passed
+ ParserOptions that would pollute the parser cache. Callers should use
+ WikiPage::makeParserOptions() to create the ParserOptions object and only
+ change options that affect the parser cache key.
+* Article::viewRedirect() is deprecated.
+* IP::isValidBlock() was deprecated. Use the equivalent IP::isValidRange().
+* DeprecatedGlobal no longer supports passing in a direct value, it requires a
+ callable factory function or a class name.
+* The $parserMemc global, wfGetParserCacheStorage(), and ParserCache::singleton()
+ are all deprecated. The main ParserCache instance should be obtained from
+ MediaWikiServices instead. Access to the underlying BagOStuff is possible
+ through the new ParserCache::getCacheStorage() method.
+* .mw-ui-constructive CSS class (deprecated in 1.27) was removed.
+* Sanitizer::escapeId() was deprecated, use escapeIdForAttribute(),
+ escapeIdForLink() or escapeIdForExternalInterwiki() instead.
+* Title::escapeFragmentForURL() was deprecated, use one of the aforementioned
+ Sanitizer functions or, if possible, Title::getFragmentForURL().
+* Second parameter to Sanitizer::escapeIdReferenceList() ($options) now does
+ nothing and is deprecated.
+* mw.util.escapeId() was deprecated, use escapeIdForAttribute() or
+ escapeIdForLink().
+* MagicWord::replaceMultiple() (deprecated in 1.25) was removed.
+* WikiImporter now requires the second parameter to be an instance of the Config,
+ class. Prior to that, the Config parameter was optional (a behavior deprecated in
+ 1.25).
+* Removed 'jquery.mwExtension' module. (deprecated since 1.26)
+* mediawiki.ui: Deprecate greys, which are not part of WikimediaUI color palette
+ any more.
+* CdbReader, CdbWriter, CdbException classes (deprecated in 1.25) were removed.
+ The namespaced classes in the Cdb namespace should be used instead.
+* IPSet class (deprecated in 1.26) was removed. The namespaced IPSet\IPSet
+ should be used instead.
+* RunningStat class (deprecated in 1.27) was removed. The namespaced
+ RunningStat\RunningStat should be used instead.
+* MWMemcached and MemCachedClientforWiki classes (deprecated in 1.27) were removed.
+ The MemcachedClient class should be used instead.
+* EditPage underwent some refactoring and deprecations:
+ * EditPage::isOouiEnabled() is deprecated and will always return true.
+ * EditPage::getSummaryInput() and ::getSummaryInputOOUI() are deprecated. Please
+ use ::getSummaryInputWidget() instead.
+ * EditPage::getCheckboxes() and ::getCheckboxesOOUI() are deprecated. Please
+ use ::getCheckboxesWidget() instead.
+ * Creating an EditPage instance without calling EditPage::setContextTitle() should
+ be avoided and will be deprecated in a future release.
+ * EditPage::safeUnicodeInput() and ::safeUnicodeOutput() are deprecated and no-ops.
+ * EditPage::$isCssJsSubpage, ::$isCssSubpage, and ::$isJsSubpage are deprecated. The
+ corresponding methods from Title should be used instead.
+ * EditPage::$isWrongCaseCssJsPage is deprecated. There is no replacement.
+ * EditPage::$mArticle and ::$mTitle are deprecated for public usage. The getters
+ ::getArticle() and ::getTitle() should be used instead.
+ * Trying to control or fake EditPage context by overriding $wgUser, $wgRequest, $wgOut,
+ and $wgLang is no longer supported and won't work. The IContextSource returned from
+ EditPage::getContext() must be modified instead.
+* Parser::getRandomString() (deprecated in 1.26) was removed.
+* Parser::uniqPrefix() (deprecated in 1.26) was removed.
+* Parser::extractTagsAndParams() now only accepts three arguments. The fourth,
+ $uniq_prefix was deprecated in 1.26 and has now been removed.
+* (T172514) The following tables have had their UNIQUE indexes turned into proper
+ PRIMARY KEYs for increased maintainability: categorylinks, imagelinks, iwlinks,
+ langlinks, log_search, module_deps, objectcache, pagelinks, query_cache, site_stats,
+ templatelinks, text, transcache, user_former_groups, user_properties.
+* IDatabase::nextSequenceValue() is no longer needed by any database backends
+ (formerly it was needed by PostgreSQL and Oracle), and is now deprecated.
+* (T146591) The lc_lang_key index on the l10n_cache table has been changed into a
+ PRIMARY KEY.
+* (T157227) bot_password.bp_user, change_tag.ct_log_id, change_tag.ct_rev_id,
+ page_restrictions.pr_user, tag_summary.ts_log_id, tag_summary.ts_rev_id and
+ user_properties.up_user have all been made unsigned on MySQL.
+* DB_SLAVE is deprecated. DB_REPLICA should be used instead.
+* wfUsePHP() is deprecated.
+* wfFixSessionID() was removed.
+* wfShellExec() and related functions are deprecated, use Shell::command(). This also
+ slightly changes the behavior of how execution time limits are calculated when only
+ some of defaults are overridden per-call. When in doubt, always override both wall
+ clock and CPU time.
+* (T138166) SpecialEmailUser::getTarget() now requires a second argument, the sending
+ user object. Using the method without the second argument is deprecated.
+* (T67297) Browsers that don't support Unicode will have their edits rejected.
+* (T178450) The module 'jquery.badge' is deprecated and will be removed in a future
+ release. For notifying the user of an event, the Notifications ("Echo") system
+ should be used instead.
+* (T178451) SECURITY: Potential XSS when $wgShowExceptionDetails = false and browser
+ sends non-standard url escaping.
+* (T165846) SECURITY: BotPassword login attempts weren't throttled.
+
+= MediaWiki 1.29 =
+
+== MediaWiki 1.29.2 ==
+
+This is a security and maintenance release of the MediaWiki 1.29 branch.
+
+=== Changes since 1.29.1 ===
+* (T166757) Avoid scoped lock errors in Category::refreshCounts() due to nesting.
+* (T175439) Unbreak Postgres Updater when setting defaults for a column.
+* (T160298) Remove use of implicitGroupBy() in ActiveUsersPager.
+* Fixed login button label to accept RawMessage.
+* Fixed case of SpecialRecentChanges class usage.
+* (T174255) Declare uploadCount property in importDump.php.
+* (T163646) Pass a string not an int to mysql_real_escape_string().
+* (T180143) Bump justinrainbow/json-schema development dependency to ~5.2.
+* Updated dev dependancy phpunit/phpunit from v4.8.35 to v4.8.36.
+* (T178451) SECURITY: Potential XSS when $wgShowExceptionDetails = false and browser
+ sends non-standard url escaping.
+* (T165846) SECURITY: BotPassword login attempts weren't throttled.
+* (T128209) SECURITY: Reflected File Download from api.php.
+* (T134100) SECURITY: Do not reveal if user exists during login failure.
+* (T176247) SECURITY: Ensure Message::rawParams can't lead to XSS.
+* (T125163) SECURITY: Make anchor for headlines escape > and <.
+* (T180237) SECURITY: Protect vendor folder with .htaccess.
+* (T180231) SECURITY: Remove PHPUnit file with known RCE if exists in update.php.
+* (T124404) SECURITY: XSS in langconverter when regex hits pcre.backtrack_limit.
+* (T119158) SECURITY: Handle -{}- syntax in attributes safely.
+* (T180488) (T125177) "api.log contains passwords in plaintext" wasn't correctly fixed in all
+ branches in the previous security release.
+
+== MediaWiki 1.29.1 ==
+
+This is a maintenance release of the MediaWiki 1.29 branch.
+
+The SpamBlacklist and PdfHandler extensions were missing from the generated
+packages.
+
+=== Changes since 1.29.1 ===
+* (T164999) Define mw.Upload.Dialog.static.name in mediawiki.Upload.Dialog.js.
+* (T172061) Fix fatal when passing a category to refreshLinks.php.
+
+== MediaWiki 1.29.0 ==
+
+=== Configuration changes in 1.29 ===
+* Default cookie expiration time has been reduced to 30 days. Login cookie
+ expiration time is kept at 180 days.
+* A new configuration variable has been added: $wgCookieSetOnAutoblock. This
+ determines whether to set a cookie when a user is autoblocked. Doing so means
+ that a blocked user, even after logging out and moving to a new IP address,
+ will still be blocked.
+* The resetpassword right and associated password reset capture feature has
+ been removed.
+* The $error parameter to the EmailUser hook should be set to a Status object
+ or boolean false. This should be compatible with at least MediaWiki 1.23 if
+ not earlier. Returning a raw HTML string is now deprecated.
+* The $message parameter to the ApiCheckCanExecute hook should be set to an
+ ApiMessage. This is compatible with MediaWiki 1.27 and later. Returning a
+ code for ApiBase::parseMsg() will no longer work.
+* ApiBase::$messageMap is no longer public. Code attempting to access it will
+ result in a PHP fatal error.
+* $wgUserEmailUseReplyTo is now true by default to work around restrictive DMARC
+ policies.
+* Subpages are now enabled by default in the Template namespace. Set
+ $wgNamespacesWithSubpages[NS_TEMPLATE] to false to keep the old behavior.
+* $wgRunJobsAsync is now false by default (T142751). This change only affects
+ wikis with $wgJobRunRate > 0.
+* (T158474) "Unknown user" has been added to $wgReservedUsernames.
+* (T156983) $wgRateLimitsExcludedIPs now accepts CIDR ranges as well as single IPs.
+* $wgDummyLanguageCodes is deprecated. Additional language code mappings may be
+ added to $wgExtraLanguageCodes instead.
+* (T161453) LocalisationCache will no longer use the temporary directory in it's
+ fallback chain when trying to work out where to write the cache.
+* The user right 'editusercssjs' (deprecated in 1.16) was removed. Use
+ 'editusercss' and 'edituserjs' in $wgGroupPermissions and elsewhere instead.
+
+=== New features in 1.29 ===
+* (T5233) A cookie can now be set when a user is autoblocked, to track that user
+ if they move to a new IP address. This is disabled by default.
+* Added ILocalizedException interface to standardize the use of localized
+ exceptions, largely so the API can handle them more sensibly.
+* Blocks created automatically by MediaWiki, such as for configured proxies or
+ dnsbls, are now indicated as such and use a new i18n message when displayed.
+* Added new $wgHTTPImportTimeout setting. Sets timeout for
+ downloading the XML dump during a transwiki import in seconds.
+* Parser limit report is now available in machine-readable format to JavaScript
+ via mw.config.get('wgPageParseReport').
+* Added $wgSoftBlockRanges, to allow for automatically blocking anonymous edits
+ from certain IP ranges (e.g. private IPs).
+* (T59603) Added new magic word {{PAGELANGUAGE}} which returns the language code
+ of the page being parsed.
+* HTML5 form validation attributes will no longer be suppressed. Originally
+ browsers had poor support for them, but modern browsers handle them fine.
+ This might affect some forms that used them and only worked because the
+ attributes were not actually being set.
+* Expiry times can now be specified when users are added to user groups.
+* Completely new user interface for the RecentChanges page, which
+ structures filters into user-friendly groups. This has corresponding
+ changes to how filters are registered by core and extensions.
+* The edit form now uses pretty OOjs UI buttons, checkboxes and summary input.
+ Because this change can cause problems for extensions and on-wiki
+ scripts depending on the exact HTML, the old version is still available
+ and can be used by setting $wgOOUIEditPage = false; in LocalSettings.php.
+ This will be removed later and OOjs UI will become the only option.
+ To make testing easier, users can also force either mode by adding
+ &ooui=true or &ooui=false to the action=edit URL.
+
+=== External library changes in 1.29 ===
+
+==== Upgraded external libraries ====
+* Updated QUnit from v1.22.0 to v1.23.1.
+* Updated cssjanus from v1.1.2 to v1.2.0.
+* Updated psr/log from v1.0.0 to v1.0.2.
+* Update Moment.js from v2.8.4 to v2.15.0.
+* Updated oyejorge/less.php from v1.7.0.10 to v1.7.0.14.
+* Updated monolog from v1.18.2 to 1.22.1.
+* Updated wikimedia/composer-merge-plugin from v1.3.1 to v1.4.0.
+* Updated OOjs from v1.1.10 to v2.0.0.
+* Updated jQuery from v1.11.3 to v3.2.1 (including jQuery Migrate v3.0.0).
+
+==== New external libraries ====
+* Added wikimedia/timestamp v1.0.0.
+* Added wikimedia/remex-html v1.0.1.
+
+==== Removed and replaced external libraries ====
+
+=== Bug fixes in 1.29 ===
+* (T62604) Core parser functions returning a number now format the number according
+ to the page content language, not wiki content language.
+* (T27187) Search suggestions based on jquery.suggestions will now correctly only
+ highlight prefix matches in the results.
+* (T157035) "new mw.Uri()" was ignoring options when using default URI.
+* Special:Allpages can no longer be filtered by redirect in miser mode.
+* (T160519) CACHE_ANYTHING will not be CACHE_ACCEL if no accelerator is installed.
+* (T109140) (T122209) SECURITY: Special:UserLogin and Special:Search allow redirect
+ to interwiki links.
+* (T144845) SECURITY: XSS in SearchHighlighter::highlightText() when
+ $wgAdvancedSearchHighlighting is true.
+* (T125177) SECURITY: API parameters may now be marked as "sensitive" to keep
+ their values out of the logs.
+* (T150044) SECURITY: "Mark all pages visited" on the watchlist now requires a CSRF
+ token.
+* (T156184) SECURITY: Escape content model/format url parameter in message.
+* (T151735) SECURITY: SVG filter evasion using default attribute values in DTD
+ declaration.
+* (T161453) SECURITY: LocalisationCache will no longer use the temporary directory
+ in it's fallback chain when trying to work out where to write the cache.
+* (T48143) SECURITY: Spam blacklist ineffective on encoded URLs inside file inclusion
+ syntax's link parameter.
+* (T108138) SECURITY: Sysops can undelete pages, although the page is protected against
+ it.
+
+=== Action API changes in 1.29 ===
+* Submitting sensitive authentication request parameters to action=login,
+ action=clientlogin, action=createaccount, action=linkaccount, and
+ action=changeauthenticationdata in the query string is now an error. They
+ should be submitted in the POST body instead.
+* The capture option for action=resetpassword has been removed
+* action=clearhasmsg now requires a POST.
+* (T47843) API errors and warnings may be requested in non-English languages
+ using the new 'errorformat', 'errorlang', and 'errorsuselocal' parameters.
+* API error codes may have changed. Most notably, errors from modules using
+ parameter prefixes (e.g. all query submodules) will no longer be prefixed.
+* ApiPageSet-using modules will report the 'invalidreason' using the specified
+ 'errorformat'.
+* action=emailuser may return a "Warnings" status, and now returns 'warnings' and
+ 'errors' subelements (as applicable) instead of 'message'.
+* action=imagerotate returns an 'errors' subelement rather than 'errormessage'.
+* action=move now reports errors when moving the talk page as an array under
+ key 'talkmove-errors', rather than using 'talkmove-error-code' and
+ 'talkmove-error-info'. The format for subpage move errors has also changed.
+* action=revisiondelete no longer includes a "rendered" property on warnings
+ and errors for each item. Use errorformat=wikitext if you're wanting parsed
+ output.
+* action=rollback no longer returns a "messageHtml" property. Use
+ errorformat=html if you're wanting HTML formatting of error messages.
+* action=upload now reports optional stash failures as an array under key
+ 'stasherrors' rather than a 'stashfailed' text string.
+* action=watch reports 'errors' and 'warnings' instead of a single 'error', and
+ no longer returns a 'message' on success.
+* Added action=validatepassword to validate passwords for the account creation
+ and password change forms.
+* action=purge now requires a POST.
+* There is a new `languagevariants` siprop for action=query&meta=siteinfo,
+ which returns a list of languages with active LanguageConverter instances.
+* action=query&query=allpages will no longer filter redirects using a database
+ query in miser mode. This may result in less results being returned than were
+ requested.
+
+=== Action API internal changes in 1.29 ===
+* New methods were added to ApiBase to handle errors and warnings using i18n
+ keys. Methods for using hard-coded English messages were deprecated:
+ * ApiBase::dieUsage() was deprecated
+ * ApiBase::dieUsageMsg() was deprecated
+ * ApiBase::dieUsageMsgOrDebug() was deprecated
+ * ApiBase::getErrorFromStatus() was deprecated
+ * ApiBase::parseMsg() was deprecated
+ * ApiBase::setWarning() was deprecated
+* ApiBase::$messageMap is no longer public. Code attempting to access it will
+ result in a PHP fatal error.
+* The $message parameter to the ApiCheckCanExecute hook should be set to an
+ ApiMessage. This is compatible with MediaWiki 1.27 and later. Returning a
+ code for ApiBase::parseMsg() will no longer work.
+* UsageException is deprecated in favor of ApiUsageException. For the time
+ being ApiUsageException is a subclass of UsageException to allow things that
+ catch only UsageException to still function properly.
+* If, for some strange reason, code was using an ApiErrorFormatter instead of
+ ApiErrorFormatter_BackCompat, note that the result format has changed and
+ various methods now take a module path rather than a module name.
+* ApiMessageTrait::getApiCode() now strips 'apierror-' and 'apiwarn-' prefixes
+ from the message key, and maps some message keys for backwards compatibility.
+* API parameters may now be marked as "sensitive" to keep their values out of
+ the logs.
+
+=== Languages updated in 1.29 ===
+
+MediaWiki supports over 350 languages. Many localisations are updated
+regularly. Below only new and removed languages are listed, as well as
+changes to languages because of Phabricator reports.
+
+* Based as always on linguistic studies on intelligibility and language
+ knowledge by geography, language fallbacks have been expanded. When a
+ translation is missing in the user's preferred interface language, the
+ corresponding translation for the fallback language will be used instead.
+ English will only be used as last resort when there are no translations.
+ Some configurations (such as date formats and gender namespaces) have also
+ been updated when using the fallback language's configuration was inadequate.
+ The new or reinstated language fallbacks are (after cs ↔ sk in 1.28):
+ ca ↔ oc; hsb ↔ dsb; io → eo; mdf → ru; pnt → el; roa-tara → it; rup → ro;
+ sh → bs, sr-el, hr.
+* (T137376) New language support: Atikamekw (atj).
+* (T163600) New language support: Dinka (din).
+* (T155957) Talk Namespaces for Javanese language (jv) have been updated.
+
+==== No fallback for Ukrainian ====
+* (T39314) The fallback from Ukrainian to Russian was removed. The Ukrainian
+ language will now use the default fallback language: English. When a translation
+ to Ukrainian is not available, an English string will be shown.
+
+=== Other changes in 1.29 ===
+* Database::getSearchEngine() (deprecated in 1.28) was removed. Use
+ SearchEngineFactory::getSearchEngineClass() instead.
+* $wgSessionsInMemcached (deprecated in 1.20) was removed. No replacement is
+ required as all sessions are stored in Object Cache now.
+* MWHttpRequest::execute() should be considered to return a StatusValue; the
+ Status return type is deprecated.
+* User::edits() (deprecated in 1.21) was removed.
+* Xml::escapeJsString() (deprecated in 1.21) was removed.
+* Article::getText() and Article::prepareTextForEdit() (deprecated in 1.21)
+ were removed.
+* Article::getAutosummary() and WikiPage::getAutosummary() (deprecated in 1.21)
+ were removed.
+* Hook ArticleViewCustom (deprecated in 1.21) was removed. Use ArticleContentViewCustom
+ instead.
+* Hooks EditPageGetDiffText and ShowRawCssJs (deprecated in 1.21) were removed.
+* Class RevisiondeleteAction (deprecated in 1.25) was removed.
+* WikiPage::prepareTextForEdit() (deprecated in 1.21) was removed.
+* WikiPage::getText() (deprecated in 1.21) was removed.
+* Article::fetchContent() (deprecated in 1.21) was removed.
+* User::getPassword() (deprecated in 1.27) was removed.
+* User::getTemporaryPassword() (deprecated in 1.27) was removed.
+* User::isPasswordReminderThrottled() (deprecated in 1.27) was removed.
+* Class FSRepo (deprecated in 1.19) was removed.
+* WebRequest::checkSessionCookie() (deprecated in 1.27) was removed. Use
+ \MediaWiki\Session\SessionManager::singleton()->getPersistedSessionId() instead.
+* Class ImageGallery (deprecated in 1.22) was removed.
+ Use ImageGalleryBase::factory instead.
+* Title::moveNoAuth() (deprecated in 1.25) was removed. Use MovePage class instead.
+* Hook UnknownAction (deprecated in 1.19) was actually deprecated (it will now
+ emit warnings). Create a subclass of Action and add it to $wgActions instead.
+* WikiRevision::getText() (deprecated since 1.21) is no longer marked deprecated.
+* Linker::getInterwikiLinkAttributes() (deprecated since 1.25) was removed.
+* Linker::getInternalLinkAttributes() (deprecated since 1.25) was removed.
+* Linker::getInternalLinkAttributesObj() (deprecated since 1.25) was removed.
+* Linker::getLinkAttributesInternal() (deprecated since 1.25) was removed.
+* RedisConnectionPool::handleException (deprecated since 1.23) was removed.
+* The static properties mw.Api.errors and mw.Api.warnings, containing incomplete
+ and outdated lists of errors/warnings returned by the API, are now deprecated.
+* wiki.phtml entry point was removed. Refer to index.php instead. If you want "wiki.phtml"
+ URLs to continue to work, set up redirects. In Apache, this can be done by enabling
+ mod_rewrite and adding the following rules to your configuration:
+
+ RewriteEngine On
+ RewriteBase /
+ RewriteRule ^/w/wiki\.phtml$ /w/index.php [R=301,L]
+* Hook ArticleAfterFetchContent (deprecated in 1.21) was removed.
+ Use ArticleAfterFetchContentObject instead.
+* Hook ArticleInsertComplete (deprecated in 1.21) was removed.
+ Use PageContentInsertComplete instead.
+* Hook ArticleSave (deprecated in 1.21) was removed.
+ Use PageContentSave instead.
+* Hook ArticleSaveComplete (deprecated in 1.21) was removed.
+ Use PageContentSaveComplete instead.
+* Hook EditFilterMerged (deprecated in 1.21) was removed.
+ Use EditFilterMergedContent instead.
+* Hook EditPageGetPreviewText (deprecated in 1.21) was removed.
+ Use EditPageGetPreviewContent instead.
+* Hook TitleIsCssOrJsPage (deprecated in 1.21) was removed.
+ Use ContentHandlerDefaultModelFor instead.
+* Hook TitleIsWikitextPage (deprecated in 1.21) was removed.
+ Use ContentHandlerDefaultModelFor instead.
+* Article::getContent() (deprecated in 1.21) was removed.
+* Revision::getText() (deprecated in 1.21) was removed.
+* Article::doEdit() and WikiPage::doEdit() (deprecated in 1.21) were removed.
+* Parser::replaceUnusualEscapes() (deprecated in 1.24) was removed.
+* Article::doEditContent() was marked as deprecated, to be removed in 1.30
+ or later.
+* ContentHandler::runLegacyHooks() was removed.
+* refreshLinks.php now can be limited to a particular category with --category=...
+ or a tracking category with --tracking-category=...
+* User-like objects that are passed to SpecialUserRights and its subclasses are
+ now required to have a getGroupMemberships() method. See UserRightsProxy for
+ an example.
+* User::$mGroups (instance variable) was marked private. Use User::getGroups()
+ instead.
+* User::getGroupName(), User::getGroupMember(), User:getGroupPage(),
+ User::makeGroupLinkHTML(), and User::makeGroupLinkWiki() were deprecated.
+ Use equivalent methods on the UserGroupMembership class.
+* Maintenance scripts and tests that call User::addGroup() must now ensure that
+ User objects have been added to the database prior to calling addGroup().
+* Protected function UsersPager::getGroups() was removed, and protected function
+ UsersPager::buildGroupLink() was changed from a static to an instance method.
+* The third parameter ($cache) to the UsersPagerDoBatchLookups hook was changed;
+ see docs/hooks.txt.
+* User::crypt() (deprecated in 1.24) was removed.
+* User::comparePasswords() (deprecated in 1.24) was removed.
+* ArchivedFile::getUserText() (deprecated in 1.23) was removed.
+* HTMLFileCache::newFromTitle() (deprecated in 1.24) was removed.
+* BREAKING CHANGE: Internal signature changes to ChangesListSpecialPage
+ and subclasses. It should only break if you call buildMainQueryConds
+ (changed to buildQuery with new signature) or doMainQuery (new
+ signature). Subclasses are likely to call at least doMainQuery
+ (possibly both), but other classes might too, because they were
+ public.
+ Also, some related hooks were deprecated, but this is not yet a
+ breaking change.
+* Removed 'jquery.arrowSteps' module. (deprecated since 1.28)
+* The 'jquery.autoEllipsis' ResourceLoader module is now deprecated.
+* WikiRevision::$fileIsTemp was deprecated.
+* WikiRevision::$importer was deprecated.
+* WikiRevision::$user was deprecated.
+* Article::getLastPurgeTimestamp(), WikiPage::getLastPurgeTimestamp(), and the
+ WikiPage::PURGE_* constants are deprecated, and the functions will always
+ return false. They were a hack for an issue that has since been fixed.
+* Hook 'EditPageBeforeEditChecks' is now deprecated. Instead use the new hook
+ 'EditPageGetCheckboxesDefinition', or 'EditPage::showStandardInputs:options'
+ if you don't actually care about checkboxes and just want to add some HTML
+ to the page.
+* Selflinks are now rendered as href-less <a> tags with the class mw-selflink
+ rather than <strong> tags. The old class name, "selflink", was deprecated
+ and will be removed in a future release. (T160480)
+* (T156184) $wgRawHtml will no longer apply to internationalization messages.
+* Browser support for non-ES5 JavaScript browsers, including Android 2,
+ Opera <12.10, and Internet Explorer 9, was lowered from Grade A to Grade C.
+* Removed wikibits global methods deprecated since MediaWiki 1.17 (T122755):
+ is_gecko, is_chrome_mac, is_chrome, webkit_version, is_safari_win, is_safari,
+ webkit_match, is_ff2, ff2_bugs, is_ff2_win, is_ff2_x11, opera95_bugs,
+ opera7_bugs, opera6_bugs, is_opera_95, is_opera_preseven, is_opera,
+ ie6_bugs, clientPC, changeText, killEvt, addHandler, hookEvent,
+ addClickHandler, removeHandler, getElementsByClassName, getInnerText,
+ setupCheckboxShiftClick, addCheckboxClickHandlers, mwEditButtons,
+ mwCustomEditButtons, injectSpinner, removeSpinner, escapeQuotes,
+ escapeQuotesHTML, jsMsg, addPortletLink, appendCSS, tooltipAccessKeyPrefix,
+ tooltipAccessKeyRegexp, updateTooltipAccessKeys.
+* The ID of the <li> element containing the login link has changed from
+ 'pt-login' to 'pt-login-private' in private wikis.
+* The old, neglected "bulletin board style toolbar" in the edit form is now
+ deprecated (T30856). This old code dates from 2006, and was replaced in the
+ MediaWiki release tarball and in Wikimedia production by the WikiEditor
+ extension in 2010. It is only shown to users if no other editor was
+ installed, and leads to confusion.
+* (T92459) Loading ResourceLoader modules containing JavaScript through
+ addModuleStyles() is deprecated and will log a warning server-side.
+
+= MediaWiki 1.28 =
+
+== MediaWiki 1.28.3 ==
+
+This is a security and maintenance release of the MediaWiki 1.28 branch.
+
+=== Changes since 1.28.2 ==
+* (T168856) Allow SVGs created by Dia to be uploaded.
+* (T157545) Add missing doUpdates() call to refreshLinks.php.
+* (T165714) (T100085) Better handling of jobs execution in post-connection shutdown.
+* (T154425) (T154438) (T157679) Use AutoCommitUpdate instead of Database->onTransactionIdle.
+* (T154425) Make DeferredUpdates detect LBFactory transaction rounds.
+* (T149454) Restore erroneously removed realTableName call from DatabasePostgres.
+* (T167798) Fix phrase search and highlighting for phrase queries.
+* (T151136) Provide credits information to callbacks in extension registration.
+* (T160462) Allow namespaces defined in extension.json to be overwritten locally.
+* (T168337) Fix ErrorPageError to work from non-UI contexts.
+* (T143788) Backports for PHP 7.0 and 7.1 support.
+* (T175439) Unbreak Postgres Updater when setting defaults for a column.
+* (T160298) Remove use of implicitGroupBy() in ActiveUsersPager.
+* (T174255) Declare uploadCount property in importDump.php.
+* (T180231) SECURITY: Updated dev dependancy phpunit/phpunit from v4.8.24 to v4.8.36.
+* (T178451) SECURITY: Potential XSS when $wgShowExceptionDetails = false and browser
+ sends non-standard url escaping.
+* (T165846) SECURITY: BotPassword login attempts weren't throttled.
+* (T128209) SECURITY: Reflected File Download from api.php.
+* (T134100) SECURITY: Do not reveal if user exists during login failure.
+* (T176247) SECURITY: Ensure Message::rawParams can't lead to XSS.
+* (T125163) SECURITY: Make anchor for headlines escape > and <.
+* (T180237) SECURITY: Protect vendor folder with .htaccess.
+* (T180231) SECURITY: Remove PHPUnit file with known RCE if exists in update.php.
+* (T124404) SECURITY: XSS in langconverter when regex hits pcre.backtrack_limit.
+* (T119158) SECURITY: Handle -{}- syntax in attributes safely.
+
+== MediaWiki 1.28.2 ==
+
+Due to a packaging error, the wrong version of the SyntaxHighlight extension was
+included in the tarball version of MediaWiki 1.28.1. The version included had a
+serious security issue in it (T158689). There was also some minor code fixes in
+MediaWiki itself since 1.28.1, but none of them were security relevant.
+
+== MediaWiki 1.28.1 ==
+
+This is a security and maintenance release of the MediaWiki 1.28 branch.
+
+=== Changes since 1.28.0 ===
+
+* $wgRunJobsAsync is now false by default (T142751). This change only affects
+ wikis with $wgJobRunRate > 0.
+* Fix fatal from "WaitConditionLoop" not being found, experienced when a wiki has
+ more than one database server setup.
+* (T152717) Better escaping for PHP mail() command,
+* (T154670) A missing method causing the MySQL installer to fatal in rare
+ circumstances was restored.
+* (T154672) Un-deprecate ArticleAfterFetchContentObject hook.
+* (T158766) Avoid SQL error on MSSQL when using selectRowCount().
+* (T145635) Fix too long index error when installing with MSSQL.
+* (T156184) $wgRawHtml will no longer apply to internationalization messages.
+* (T160519) CACHE_ANYTHING will not be CACHE_ACCEL if no accelerator is installed.
+* (T154872) Fix incorrect ar_usertext_timestamp index names in new 1.28 installs.
+* (T109140) (T122209) SECURITY: Special:UserLogin and Special:Search allow redirect
+ to interwiki links.
+* (T144845) SECURITY: XSS in SearchHighlighter::highlightText() when
+ $wgAdvancedSearchHighlighting is true.
+* (T125177) SECURITY: API parameters may now be marked as "sensitive" to keep
+ their values out of the logs.
+* (T150044) SECURITY: "Mark all pages visited" on the watchlist now requires a CSRF
+ token.
+* (T156184) SECURITY: Escape content model/format url parameter in message.
+* (T151735) SECURITY: SVG filter evasion using default attribute values in DTD
+ declaration.
+* (T161453) SECURITY: LocalisationCache will no longer use the temporary directory
+ in it's fallback chain when trying to work out where to write the cache.
+* (T48143) SECURITY: Spam blacklist ineffective on encoded URLs inside file inclusion
+ syntax's link parameter.
+* (T108138) SECURITY: Sysops can undelete pages, although the page is protected against
+ it.
+
+== MediaWiki 1.28 ==
+
+=== Changes since 1.28.0-rc1 ===
+* (T148957) Replace wgShowExceptionDetails with wgShowDBErrorBacktrace on db
+ errors.
+* (T148956) Only apply wgDBschema to postgres/mssql.
+* (T145991) Introduce separate log action for deleting pages on move.
+* (T141474) (T110464) Bypass login page if no user input is required.
+
+=== Changes since 1.28.0-rc0 ===
+* (T142210) The changes to move the parser "NewPP limit report" from a HTML
+ comment to a machine-readable JavaScript config option 'wgPageParseReport'
+ have been undone. They caused the human-readable limit report to be shown
+ incompletely or not at all. ParserOutput::setLimitReportData() and
+ getLimitReportData() behave as they did in MediaWiki 1.27 again.
+* (T149510) Value of {{DISPLAYTITLE:}} parser function will not be used for
+ the text of subheadings on a category page when creating it. This wasn't
+ working correctly.
+* (T106793) MediaWiki will no longer try to perform a HTTP redirect to the
+ canonical pretty URL when a non-pretty URL is used. It resulted in redirect
+ loops in some clients and in some server configurations. This undoes a change
+ made in MediaWiki 1.26.
+* (T149759) manifest_version: 2 was removed.
+
+=== Configuration changes in 1.28 ===
+* $wgSend404Code now affects status code of action=history if the page is not there.
+* BREAKING CHANGE: $wgHTTPProxy is now *required* for all external requests
+ made by MediaWiki via a proxy. Relying on the http_proxy environment
+ variable is no longer supported.
+* The load.php entry point now enforces the existing policy of not allowing
+ access to session data, which includes the session user and the session
+ user's language. If such access is attempted, an exception will be thrown.
+* The number of internal PBKDF2 iterations used to derive the session secret
+ is configurable via $wgSessionPbkdf2Iterations.
+* Upload dialog's file upload log comment can now be configured separately for
+ local and foreign uploads.
+* $wgForeignUploadTargets now defaults to `[ 'local' ]`, where `'local'`
+ signifies local uploads. A value of `[]` (empty array) now means that
+ no upload targets are allowed, effectively disabling the upload dialog.
+* The deprecated $wgEditEncoding variable has been removed; it was only used
+ for Esperanto language character conversion. You are now recommended to use
+ input methods provided by the UniversalLanguageSelector extension.
+* When $wgPingback is true, MediaWiki will periodically ping
+ https://www.mediawiki.org/beacon with basic information about the local
+ MediaWiki installation. This data includes, for example, the type of system,
+ PHP version, and chosen database backend. This behavior is off by default.
+* When $wgEditSubmitButtonLabelPublish is true, MediaWiki will label the button
+ to store-to-database-and-show-to-others as "Publish page"/"Publish changes";
+ if false, the default, they will be "Save page"/"Save changes".
+* The 'editcontentmodel' permission is now granted to all logged-in users ('user').
+ instead of just administrators ('sysop'). Documentation for this feature is
+ available at <https://www.mediawiki.org/wiki/Help:ChangeContentModel>.
+* $wgRevisionCacheExpiry is now set to one week by default instead of being disabled.
+* Magic links are now disabled by default, and can be re-enabled by modifying the value
+ of $wgEnableMagicLinks. Their usage is discouraged, but if they are manually enabled,
+ a tracking category will be added to help identify usage and make it easier to migrate
+ away from. If you depend upon magic link functionality, it is requested that you comment
+ on <https://www.mediawiki.org/wiki/Requests_for_comment/Future_of_magic_links> and
+ explain your use case(s).
+* New config variable $wgCSPFalsePositiveUrls to control what URLs to ignore
+ in upcoming Content-Security-Policy feature's reporting.
+
+=== New features in 1.28 ===
+* User::isBot() method for checking if an account is a bot role account.
+* Added a new 'slideshow' mode for galleries.
+* Added a new hook, 'UserIsBot', to aid in determining if a user is a bot.
+* Added a new hook, 'ApiMakeParserOptions', to allow extensions to better
+ interact with API parsing.
+* Added a new hook, 'UploadVerifyUpload', which can be used to reject a file
+ upload. Unlike 'UploadVerifyFile' it provides information about upload comment
+ and the file description page, but does not run for uploads to stash.
+* (T141604) Extensions can now provide a better error message when their
+ maintenance scripts are run without the extension being installed.
+* (T8948) Numeric sorting in categories is now supported by setting $wgCategoryCollation
+ to 'uca-default-u-kn' or 'uca-<langcode>-u-kn'. If you can't use UCA collations,
+ a 'numeric' collation is also available. If migrating from another
+ collation, you will need to run the updateCollation.php maintenance script.
+* Two new codes have been added to #time parser function: "xit" for days in current
+ month, and "xiz" for days passed in the year, both in Iranian calendar.
+* mw.Api has a new option, useUS, to use U+001F (Unit Separator) when
+ appropriate for sending multi-valued parameters. This defaults to true when
+ the mw.Api instance seems to be for the local wiki.
+* After a client performs an action which alters a database that has replica databases,
+ MediaWiki will wait for the replica databases to synchronize with the master database
+ while it renders the HTML output. However, if the output is a redirect to another wiki
+ on the wiki farm with a different domain, MediaWiki will instead alter the redirect
+ URL to include a ?cpPosTime parameter that triggers the database synchronization when
+ the URL is followed by the client. The same-domain case uses a new cpPosTime cookie.
+* Added new hooks, 'ApiQueryBaseBeforeQuery', 'ApiQueryBaseAfterQuery', and
+ 'ApiQueryBaseProcessRow', to make it easier for extensions to add 'prop' and
+ 'show' parameters to existing API query modules.
+
+=== External library changes in 1.28 ===
+
+==== Upgraded external libraries ====
+* Updated es5-shim from v4.1.5 to v4.5.8
+* Updated composer/semver from v1.4.1 to v1.4.2
+* Updated wikimedia/php-session-serializer from v1.0.3 to v1.0.4
+
+==== New external libraries ====
+* Added wikimedia/scoped-callback v1.0.0
+* Added wikimedia/wait-condition-loop v1.0.1
+
+=== Bug fixes in 1.28 ===
+* (T146496) action=history pages should return 404 HTTP error code if the page does not exist
+* (T137264) SECURITY: XSS in unclosed internal links
+* (T133147) SECURITY: Escape '<' and ']]>' in inline <style> blocks
+* (T133147) SECURITY: Require login to preview user CSS pages
+* (T132926) SECURITY: Do not allow undeleting a revision deleted file if it is
+ the top file
+* (T129738) SECURITY: Make $wgBlockDisablesLogin also restrict logged in
+ permissions
+* (T129738) SECURITY: Make blocks log users out if $wgBlockDisablesLogin is true
+* (T139670) Move 'UserGetRights' call before application of
+ Session::getAllowedUserRights()
+
+=== Action API changes in 1.28 ===
+* Added 'maxarticlesize' property to action=query&meta=siteinfo which contains
+ the value of $wgMaxArticleSize.
+* Property 'modulemessages' from action=parse&prop=modules was removed
+ (deprecated since 1.26).
+* The following response properties from action=login, deprecated in 1.27, are
+ now removed: lgtoken, cookieprefix, sessionid. Clients should handle cookies
+ to properly manage session state.
+* Submitting the lgtoken and lgpassword parameters in the query string to
+ action=login is now deprecated and outputs a warning. They should be submitted
+ in the POST body instead.
+* Submitting sensitive authentication request parameters to action=clientlogin,
+ action=createaccount, action=linkaccount, and action=changeauthenticationdata
+ in the query string is now deprecated and outputs a warning. They should be
+ submitted in the POST body instead.
+* (T141960) Multi-valued parameters may now be separated using U+001F (Unit Separator)
+ instead of the pipe character. This will be useful if some of the multiple
+ values need to contain pipes, e.g. for action=options.
+* The API will now warn if input is not NFC-normalized Unicode or if it
+ contains invalid characters.
+* The 'normalized' list output by action=query and other modules that use
+ ApiPageSet may contain entries where the 'from' value is percent-encoded as
+ the raw value cannot be represented in a valid API response. These are
+ indicated by a 'fromencoded' boolean alongside the existing 'from' parameter.
+* (T28680) action=paraminfo can now return info about all submodules of a
+ module without listing them all explicitly.
+* (T146770) It is now possible to assert that the current user is a specific
+ named user, using the 'assertuser' parameter.
+* (T141963) Added a 'known' property when missing-but-known titles (e.g. from
+ the 'TitleIsAlwaysKnown' hook) are output in various modules.
+
+=== Action API internal changes in 1.28 ===
+* Added a new hook, 'ApiMakeParserOptions', to allow extensions to better
+ interact with ApiParse and ApiExpandTemplates.
+* (T139565) SECURITY: API: Generate head items in the context of the given title
+* (T115333) SECURITY: Check read permission when loading page content in ApiParse
+* ApiBase::getResultData() was removed (deprecated since 1.25)
+* ApiBase::makeHelpArrayToString() was removed (deprecated since 1.25)
+* ApiBase::makeHelpMsgParameters() was removed (deprecated since 1.25)
+* ApiBase::makeHelpMsg() was removed (deprecated since 1.25)
+* ApiFormatBase::formatHTML() was removed (deprecated since 1.25)
+* ApiFormatBase::getNeedsRawData() was removed (deprecated since 1.25)
+* ApiFormatBase::getWantsHelp() was removed (deprecated since 1.25)
+* ApiFormatBase::setBufferResult() was removed (deprecated since 1.25)
+* ApiFormatBase::setHelp() was removed (deprecated since 1.25)
+* ApiFormatBase::setUnescapeAmps() was removed (deprecated since 1.25)
+* ApiMain::makeHelpMsgHeader() was removed (deprecated since 1.25)
+* ApiMain::reallyMakeHelpMsg() was removed (deprecated since 1.25)
+* ApiMain::setHelp() was removed (deprecated since 1.25)
+* ApiResult::beginContinuation() was removed (deprecated since 1.25)
+* ApiResult::cleanUpUTF8() was removed (deprecated since 1.25)
+* ApiResult::convertStatusToArray() was removed (deprecated since 1.25)
+* ApiResult::disableSizeCheck() was removed (deprecated since 1.24)
+* ApiResult::enableSizeCheck() was removed (deprecated since 1.24)
+* ApiResult::endContinuation() was removed (deprecated since 1.25)
+* ApiResult::getData() was removed (deprecated since 1.25)
+* ApiResult::getIsRawMode() was removed (deprecated since 1.25)
+* ApiResult::setContent() was removed (deprecated since 1.25)
+* ApiResult::setContinueParam() was removed (deprecated since 1.25)
+* ApiResult::setElement() was removed (deprecated since 1.25)
+* ApiResult::setGeneratorContinueParam() was removed (deprecated since 1.25)
+* ApiResult::setIndexedTagName_internal() was removed (deprecated since 1.25)
+* ApiResult::setIndexedTagName_recursive() was removed (deprecated since 1.25)
+* ApiResult::setMainForContinuation() was removed (deprecated since 1.25)
+* ApiResult::setParsedLimit() was removed (deprecated since 1.25)
+* ApiResult::setRawMode() was removed (deprecated since 1.25)
+* ApiResult::size() was removed (deprecated since 1.25)
+* Added new hooks, 'ApiQueryBaseBeforeQuery', 'ApiQueryBaseAfterQuery', and
+ 'ApiQueryBaseProcessRow', to make it easier for extensions to add 'prop' and
+ 'show' parameters to existing API query modules. A query module can enable
+ these hooks by passing an array for $hookData to ApiQueryBase::select() and
+ by calling ApiQueryBase->processRow() before adding a row's data to the
+ result.
+
+=== Languages updated in 1.28 ===
+
+MediaWiki supports over 375 languages. Many localisations are updated
+regularly. Below only new and removed languages are listed, as well as
+changes to languages because of Phabricator reports.
+
+* (T137411) ban (Balinese), thanks to translators Adi Mayndra, Andru,
+ BASAbali, M. Adiputra, Naval Scene, Nemo bis, NoiX180, and 아라.
+* (T135867) shn (Shan), thanks to translators Khun Sar, Piangpha,
+ Saiddzone Saimawnkham, Saosukham, and Sengwan.
+* Czech (cs) and Slovak (sk) set as reciprocal fallbacks.
+* (T146744) Livvi-Karelian (olo) namespace messages created thanks to translator Ilja.mos.
+
+=== Other changes in 1.28 ===
+* (T128697) Improved handling of large diffs.
+* [BREAKING CHANGE] $wgExtendedLoginCookies has been removed. You can
+ use or update a custom session provider if needed.
+* Deprecated APIEditBeforeSave hook in favor of EditFilterMergedContent.
+* The 'UploadVerification' hook is deprecated. Use 'UploadVerifyFile' instead.
+* SiteConfiguration::isLocalVHost() was removed (deprecated since 1.25).
+* The 'UserLoginComplete' hook has a new parameter to differentiate between actual
+ login and visiting the login page while already logged in.
+* ResourceLoader::makeLoaderURL() was removed (deprecated since 1.24).
+* $.fn.liveAndTestAtStart was removed (deprecated since 1.24).
+* mw.util.tooltipAccessKeyPrefix was removed (deprecated since 1.24).
+* mw.util.tooltipAccessKeyRegexp was removed (deprecated since 1.24).
+* Linker::link() and Linker::linkKnown() were deprecated; please instead use
+ MediaWiki\Linker\LinkRenderer. In addition, the LinkBegin and LinkEnd hooks
+ were replaced by HtmlPageLinkRendererBegin and HtmlPageLinkRendererEnd
+ respectively. See docs/hooks.txt for the specific changes needed for those hooks.
+* Linker::formatSize() was deprecated. Use Language::formatSize() directly.
+* Aliases for Linker methods, deprecated since 1.21, were removed from Skin:
+ * Skin::commentBlock() (use Linker::commentBlock() instead)
+ * Skin::generateRollback() (use Linker::generateRollback() instead)
+ * Skin::link() (use MediaWiki\Linker\LinkRenderer instead)
+ * Skin::linkKnown() (use MediaWiki\Linker\LinkRenderer instead)
+ * Skin::userLink() (use Linker::userLink() instead)
+ * Skin::userToolLinks() (use Linker::userToolLinks() instead)
+* Disabled "bug 2702" HTML tidying of parsed UI messages on wikis where Tidy is
+ disabled.
+* DifferenceEngine::generateDiffBody() was removed (deprecated since 1.21).
+* UploadBase::stashFileGetKey() and UploadBase::stashSession() were deprecated.
+ Use ...->stashFile()->getFileKey() instead.
+* "Public domain" was removed as a wiki license option from the installer, in
+ favour of CC-0.
+* AuthenticationRequest::$required is now changed from REQUIRED to PRIMARY_REQUIRED
+ on requests needed by primary providers even if all primaries need them.
+ Primary providers are discouraged from returning multiple REQUIRED requests.
+* OOjs UI PHP widgets constructed with the `'infusable' => true` config option
+ will no longer be automatically infused. You should call `OO.ui.infuse()`
+ on them yourself from your JavaScript code.
+* parserTests.php has moved to tests/parser/parserTests.php
+* The command line options specific to parser tests have been removed from
+ phpunit.php: --regex and --keep-uploads. Instead of --regex, use --filter.
+ Instead of --keep-uploads, use the same option to parserTests.php, but you
+ must specify a directory with --upload-dir.
+* The 'jquery.arrowSteps' ResourceLoader module is now deprecated.
+* IP::isConfiguredProxy() and IP::isTrustedProxy() were removed. Callers should
+ migrate to using the same functions on a ProxyLookup instance, obtainable from
+ MediaWikiServices.
+* The ArticleAfterFetchContent, ArticleInsertComplete, ArticleSave, ArticleSaveComplete,
+ ArticleViewCustom, EditFilterMerged, EditPageGetDiffText, EditPageGetPreviewText and
+ ShowRawCssJs hooks will now emit deprecation warnings if used.
+* (T68404) CSS3 attr() function with url type is no longer allowed
+ in inline styles.
+* Database::getSearchEngine() is deprecated, use SearchEngineFactory::getSearchEngineClass
+ instead.
+
+== Compatibility ==
+
+MediaWiki 1.28 requires PHP 5.5.9 or later. There is experimental support for
+HHVM 3.6.5 or later.
+
+MySQL is the recommended DBMS. PostgreSQL or SQLite can also be used, but
+support for them is somewhat less mature. There is experimental support for
+Oracle and Microsoft SQL Server.
+
+The supported versions are:
+
+* MySQL 5.0.3 or later
+* PostgreSQL 8.3 or later
+* SQLite 3.3.7 or later
+* Oracle 9.0.1 or later
+* Microsoft SQL Server 2005 (9.00.1399)
+
+== Upgrading ==
+
+1.28 has several database changes since 1.27, and will not work without schema
+updates. Note that due to changes to some very large tables like the revision
+table, the schema update may take quite long (minutes on a medium sized site,
+many hours on a large site).
+
+If upgrading from before 1.11, and you are using a wiki as a commons
+repository, make sure that it is updated as well. Otherwise, errors may arise
+due to database schema changes.
+
+If upgrading from before 1.7, you may want to run refreshLinks.php to ensure
+new database fields are filled with data.
+
+If you are upgrading from MediaWiki 1.4.x or earlier, you should upgrade to
+1.5 first. The upgrade script maintenance/upgrade1_5.php has been removed
+with MediaWiki 1.21.
+
+Don't forget to always back up your database before upgrading!
+
+See the file UPGRADE for more detailed upgrade instructions.
+
+For notes on 1.27.x and older releases, see HISTORY.
+
+== Online documentation ==
+
+Documentation for both end-users and site administrators is available on
+MediaWiki.org, and is covered under the GNU Free Documentation License (except
+for pages that explicitly state that their contents are in the public domain):
+
+ https://www.mediawiki.org/wiki/Special:MyLanguage/Documentation
+
+== Mailing list ==
+
+A mailing list is available for MediaWiki user support and discussion:
+
+ https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
+
+A low-traffic announcements-only list is also available:
+
+ https://lists.wikimedia.org/mailman/listinfo/mediawiki-announce
+
+It's highly recommended that you sign up for one of these lists if you're
+going to run a public MediaWiki, so you can be notified of security fixes.
+
+== IRC help ==
+
+There's usually someone online in #mediawiki on irc.freenode.net.
+
+= MediaWiki 1.27 =
+
+== MediaWiki 1.27.4 ==
+This is a security and maintenance release of the MediaWiki 1.27 branch.
+
+=== Changes since 1.27.3 ===
+* (T100085) Better handling of jobs execution in post-connection shutdown.
+* (T141604) Support conditionally registered namespaces.
+* (T167798) Fix highlighting for phrase queries and phrase search.
+* (T151136) Provide credits information to callbacks.
+* (T160462) Allow namespaces defined in extension.json to be overwritten locally.
+* (T168856) Allow SVGs created by Dia to be uploaded.
+* (T144705) (T148662) Password reset link is no longer shown when no reset options are
+ available.
+* (T143788) (T174262) Various backports for PHP 7.0 and 7.1 support.
+* (T66795) $wgUserEmailUseReplyTo is now true by default to work around restrictive DMARC
+ policies.
+* DB_REPLICA constant added from REL1_28+ to ease backports to extensions and core.
+* (T175439) Unbreak Postgres Updater when setting defaults for a column.
+* (T160298) Remove use of implicitGroupBy() in ActiveUsersPager.
+* (T142304) Allow putting the app ID in the password for bot passwords.
+* Updated dev dependancy phpunit/phpunit from v4.8.24 to v4.8.36.
+* (T178451) SECURITY: Potential XSS when $wgShowExceptionDetails = false and browser
+ sends non-standard url escaping.
+* (T165846) SECURITY: BotPassword login attempts weren't throttled.
+* (T128209) SECURITY: Reflected File Download from api.php.
+* (T134100) SECURITY: Do not reveal if user exists during login failure.
+* (T176247) SECURITY: Ensure Message::rawParams can't lead to XSS.
+* (T125163) SECURITY: Make anchor for headlines escape > and <.
+* (T180237) SECURITY: Protect vendor folder with .htaccess.
+* (T180231) SECURITY: Remove PHPUnit file with known RCE if exists in update.php.
+* (T124404) SECURITY: XSS in langconverter when regex hits pcre.backtrack_limit.
+* (T119158) SECURITY: Handle -{}- syntax in attributes safely.
+
+== MediaWiki 1.27.3 ==
+Due to a packaging error, the wrong version of the SyntaxHighlight extension was
+included in the tarball version of MediaWiki 1.27.2. The version included had a
+serious security issue in it (T158689). There was also some minor code fixes in
+MediaWiki itself since 1.27.2, but none of them were security relevant.
+
+=== Changes since 1.27.2 ===
+* (T145664) Fix broken wincache merge() implementation
+* (T163434) Add wikimedia/testing-access-wrapper for forwards compatibility
+* (T153505) Fix php warnings on php 7.1 due to use of &$this
+
+== MediaWiki 1.27.2 ==
+This is a security and maintenance release of the MediaWiki 1.27 branch.
+
+ApiCreateAccount was removed in 1.27.0. It was incorrectly still marked as
+deprecated (rather than already removed) in the RELEASE-NOTES at the point 1.27.0
+was released.
+
+=== Changes since 1.27.1 ===
+
+* (T68404) CSS3 attr() function with url type argument is no longer allowed
+ in inline styles.
+* $wgRunJobsAsync is now false by default (T142751). This change only affects
+ wikis with $wgJobRunRate > 0.
+* (T152717) Better escaping for PHP mail() command
+* Submitting the lgtoken and lgpassword parameters in the query string to
+ action=login is now deprecated and outputs a warning. They should be submitted
+ in the POST body instead.
+* Submitting sensitive authentication request parameters to action=clientlogin,
+ action=createaccount, action=linkaccount, and action=changeauthenticationdata
+ in the query string is now deprecated and outputs a warning. They should be
+ submitted in the POST body instead.
+* (T158766) Avoid SQL error on MSSQL when using selectRowCount()
+* (T145635) Fix too long index error when installing with MSSQL.
+* (T156184) $wgRawHtml will no longer apply to internationalization messages.
+* (T160519) CACHE_ANYTHING will not be CACHE_ACCEL if no accelerator is installed.
+* (T109140) (T122209) SECURITY: Special:UserLogin and Special:Search allow redirect
+ to interwiki links.
+* (T144845) SECURITY: XSS in SearchHighlighter::highlightText() when
+ $wgAdvancedSearchHighlighting is true.
+* (T125177) SECURITY: API parameters may now be marked as "sensitive" to keep
+ their values out of the logs.
+* (T150044) SECURITY: "Mark all pages visited" on the watchlist now requires a CSRF
+ token.
+* (T156184) SECURITY: Escape content model/format url parameter in message.
+* (T151735) SECURITY: SVG filter evasion using default attribute values in DTD
+ declaration.
+* (T161453) SECURITY: LocalisationCache will no longer use the temporary directory
+ in it's fallback chain when trying to work out where to write the cache.
+* (T48143) SECURITY: Spam blacklist ineffective on encoded URLs inside file inclusion
+ syntax's link parameter.
+* (T108138) SECURITY: Sysops can undelete pages, although the page is protected against
+ it.
+
+== MediaWiki 1.27.1 ==
+
+This is a maintenance release of the MediaWiki 1.27 branch.
+
+=== Changes since 1.27.0 ===
+* BREAKING CHANGE: $wgHTTPProxy is now *required* for all external requests
+ made by MediaWiki via a proxy. Relying on the http_proxy environment
+ variable is no longer supported.
+* (T139565) SECURITY: API: Generate head items in the context of the given title
+* (T137264) SECURITY: XSS in unclosed internal links
+* (T133147) SECURITY: Escape '<' and ']]>' in inline <style> blocks
+* (T133147) SECURITY: Require login to preview user CSS pages
+* (T132926) SECURITY: Do not allow undeleting a revision deleted file if it is
+ the top file
+* (T129738) SECURITY: Make $wgBlockDisablesLogin also restrict logged in
+ permissions
+* (T129738) SECURITY: Make blocks log users out if $wgBlockDisablesLogin is true
+* (T115333) SECURITY: Check read permission when loading page content in ApiParse
+* (T57548) Remove support for $wgWellFormedXml = false, all output is now well formed
+* (T139670) Move 'UserGetRights' call before application of Session::getAllowedUserRights()
+
+== MediaWiki 1.27.0 ==
+
+=== PHP version requirement in 1.27 ===
+As of 1.27, MediaWiki now requires PHP 5.5.9 or higher (see Compatibility
+section). Additionally, the following PHP extensions are required:
+* ctype
+* iconv
+* json
+* mbstring (new requirement in 1.27)
+* xml
+The following PHP extensions are strongly recommended:
+* openssl
+
+=== Configuration changes in 1.27 ===
+* $wgAllowMicrodataAttributes and $wgAllowRdfaAttributes were removed,
+ now always enabled. If you use RDFa on your wiki, you now have to explicitly
+ set $wgHtml5Version to 'HTML+RDFa 1.0' or 'XHTML+RDFa 1.0'.
+* $wgUseLinkNamespaceDBFields was removed.
+* Deprecated $wgResourceLoaderMinifierStatementsOnOwnLine and
+ $wgResourceLoaderMinifierMaxLineLength, because there was little value in
+ making the behavior configurable. The default values (`false` for the former,
+ 1000 for the latter) are now hard-coded.
+* $wgDebugDumpSqlLength was removed (deprecated in 1.24).
+* $wgDebugDBTransactions was removed (deprecated in 1.20).
+* $wgUseXVO has been removed, as it provides functionality only used by
+ custom Wikimedia patches against Squid 2.x that probably noone uses in
+ production anymore. There is now $wgUseKeyHeader that provides similar
+ functionality but instead of the MediaWiki-specific X-Vary-Options header,
+ uses the draft Key header standard.
+* $wgScriptExtension (and support for '.php5' entry points) was removed. See the
+ deprecation notice in the release notes for version 1.25 for advice on how to
+ preserve support for '.php5' entry points via URL rewriting.
+* Password handling via the User object has been deprecated and partially
+ removed, pending the future introduction of AuthManager. In particular:
+** expirePassword(), getPasswordExpireDate(), resetPasswordExpiration(), and
+ getPasswordExpired() have been removed. They were unused outside of core.
+** The mPassword, mNewpassword, mNewpassTime, and mPasswordExpires fields are
+ now private and will be removed in the future.
+** The getPassword() and getTemporaryPassword() methods now throw
+ BadMethodCallException and will be removed in the future.
+** The ability to pass 'password' and 'newpassword' to createNew() has been
+ removed. The only users of it seem to have been using it to set invalid
+ passwords, and so shouldn't be greatly affected.
+** setPassword(), setInternalPassword(), and setNewpassword() have been
+ deprecated, pending the introduction of AuthManager.
+** User::randomPassword() is deprecated in favor of a new method
+ PasswordFactory::generateRandomPasswordString()
+** User::getPasswordFactory() is deprecated, callers should just create a
+ PasswordFactory themselves.
+** A new constructor, User::newSystemUser(), has been added to simplify the
+ creation of passwordless "system" users for logged actions.
+* $wgMaxSquidPurgeTitles was removed.
+* $wgAjaxWatch was removed. This is now enabled by default.
+* $wgUseInstantCommons now hotlinks Commons images by default instead of
+ downloading originals and thumbnailing them locally. This allows wikis to save
+ on CPU and bandwidth while reducing time to first byte for pages, even without
+ a thumbnail handler. See $wgForeignFileRepos documentation for tweaks.
+* (T27397) WebP is enabled by default as an uploadable filetype.
+* (T48998) $wgArticlePath must now be either a full url, or start with a "/".
+* $wgRateLimitLog was removed; use $wgDebugLogGroups['ratelimit'] instead.
+* Deprecated API formats dbg, txt, and yaml have been removed.
+* CLDRPluralRule* classes have been replaced with
+ wikimedia/cldr-plural-rule-parser.
+* Removed $wgProfilePerHost, $wgUDPProfilerHost, $wgUDPProfilerPort,
+ $wgUDPProfilerFormatString, $wgStatsMethod, $wgAggregateStatsID,
+ $wgStatsFormatString, and $wgProfileCallTree (deprecated since 1.20).
+* For proper operation of LocalIdLookup with shared user tables, ensure that
+ $wgSharedDB and $wgSharedTables are properly set even on the "central" wiki
+ that all others are sharing from and that $wgLocalDatabases is set to the
+ full list of sharing wikis on all those wikis.
+* Massive overhaul to session handling:
+** $wgSessionsInObjectCache is no longer supported and must be true, due to
+ MediaWiki\Session\SessionManager. $wgSessionHandler is similarly no longer
+ used.
+** ObjectCacheSessionHandler is removed, replaced with
+ MediaWiki\Session\PhpSessionHandler.
+** PHP session handling in general ($_SESSION, session_id(), and so on) is
+ deprecated. Use MediaWiki\Session\SessionManager instead. A new config
+ variable, $wgPHPSessionHandling, is available to cause use of $_SESSION to
+ issue a deprecation warning or to cause most PHP session handling to throw
+ exceptions.
+** Deprecated UserSetCookies hook. Session-handling extensions should generally
+ be creating a custom subclass of CookieSessionProvider. Other extensions
+ messing with cookies can no longer count on user data being saved in cookies
+ versus other methods.
+** Deprecated UserLoadFromSession hook, extensions should create a
+ MediaWiki\Session\SessionProvider.
+** The User cannot be loaded from session until after Setup.php completes.
+ Attempts to do so will be ignored and the User will remain unloaded.
+** CSRF tokens may be fetched from the MediaWiki\Session\Session, which uses
+ the MediaWiki\Session\Token class.
+* MediaWiki will now auto-create users as necessary, removing the need for
+ extensions to do so. An 'autocreateaccount' right is added to allow
+ auto-creation when 'createaccount' is not granted to all users.
+* Deprecated AuthPluginAutoCreate hook in favor of LocalUserCreated.
+* Most cookie-handling methods in User are deprecated.
+* $wgAllowAsyncCopyUploads and $CopyUploadAsyncTimeout were removed. This was an
+ experimental feature that has never worked.
+* Login and createaccount tokens now vary by timestamp.
+* LoginForm::getLoginToken() and LoginForm::getCreateaccountToken()
+ return a MediaWiki\Session\Token, and tokens must be checked using that
+ class's methods.
+* $wgEnotifUseJobQ was removed and the job queue is always used.
+* The functionality of the ApiSandbox extension has been merged into core. The
+ extension should no longer be used.
+* $wgPreloadJavaScriptMwUtil was removed (deprecated in 1.26).
+ Extensions, skins, gadgets and scripts that use the mediawiki.util module must
+ express a dependency on it.
+* $wgIncludeLegacyJavaScript, deprecated in MediaWiki 1.26, now defaults false.
+ Extensions, skins, gadgets and scripts that need the mediawiki.legacy.wikibits
+ module should express a dependency on it.
+* Removed configuration option $wgCopyrightIcon (deprecated since 1.18). Use
+ $wgFooterIcons['copyright']['copyright'] instead.
+* If the openssl and mcrypt PHP extensions are both unavailable, secure
+ session storage (used for login) will raise an exception. This exception may
+ be bypassed by setting $wgSessionInsecureSecrets = true.
+* Massive overhaul to authentication:
+** AuthPlugin and AuthPluginUser are deprecated.
+** LoginForm and associated templates are deprecated. Extensions which called
+ static LoginForm methods should be converted into authentication providers.
+** The following hooks are deprecated:
+*** AbortAutoAccount (create a MediaWiki\Auth\PreAuthenticationProvider instead)
+*** AbortLogin (create a MediaWiki\Auth\PreAuthenticationProvider instead)
+*** AbortNewAccount (create a MediaWiki\Auth\PreAuthenticationProvider instead)
+*** AddNewAccount (use LocalUserCreated instead)
+*** AuthPluginSetup (create a MediaWiki\Auth\PrimaryAuthenticationProvider instead)
+*** ChangePasswordForm (use AuthChangeFormFields instead, or security levels)
+*** LoginUserMigrated (create a MediaWiki\Auth\PreAuthenticationProvider instead)
+*** UserCreateForm (create a MediaWiki\Auth\AuthenticationProvider of some type instead)
+*** UserLoginForm (create a MediaWiki\Auth\AuthenticationProvider of some type instead)
+** The following hooks are removed:
+*** AbortChangePassword
+*** LoginPasswordResetMessage
+*** PrefsPasswordAudit
+** The UserLoginComplete hook will no longer be called for all logins, only for
+ those via the web UI. Use UserLoggedIn if you need to do something on all
+ logins.
+** $wgRequirePasswordforEmailChange is removed.
+
+=== New features in 1.27 ===
+* $wgDataCenterUpdateStickTTL was also added. This decides how long a user
+ sticks to the primary DC (via cookies) after they make changes to the site.
+* Added a new hook, 'UserMailerTransformContent', to transform the contents
+ of an email. This is similar to the EmailUser hook but applies to all mail
+ sent via UserMailer.
+* Added a new hook, 'UserMailerTransformMessage', to transform the contents
+ of an emai after MIME encoding.
+* Added a new hook, 'UserMailerSplitTo', to control which users have to be
+ emailed separately (ie. there is a single address in the To: field) so
+ user-specific changes to the email can be applied safely.
+* $wgCdnMaxageLagged was added, which limits the CDN cache TTL
+ when any load balancer uses a DB that is lagged beyond the 'max lag'
+ setting in the relevant section of $wgLBFactoryConf.
+* User::newSystemUser() may be used to simplify the creation of passwordless
+ "system" users for logged actions from scripts and extensions.
+* Extensions can now return detailed error information via the API when
+ preventing user actions using 'getUserPermissionsErrors' and similar hooks
+ by using ApiMessage instances instead of strings for the $result value.
+* $wgAPIMaxLagThreshold was added to limit bot changes when databases lag
+ becomes too high.
+* Skins and extensions can now use FlexBox mixins (.flex-display(@display: flex)
+ and .flex(@grow: 1, @shrink: 1, @width: auto, @order: 1)) in Less to create
+ cross-browser-compatible FlexBox rules. Users will still need to add fallback
+ float rules or the like for compatibility with IE9- separately.
+* Added MWTimestamp::getTimezoneString() which returns the localized timezone
+ string, if available. To localize this string, see the comments of
+ $wgLocaltimezone in includes/DefaultSettings.php.
+* Added CentralIdLookup, a service that allows extensions needing a concept of
+ "central" users to get that without having to know about specific central
+ authentication extensions.
+* $wgMaxUserDBWriteDuration added to limit huge user-generated transactions.
+ Regular web request transactions that takes longer than this are aborted.
+* Added a new hook, 'TitleMoveCompleting', which runs before a page move is
+ committed.
+* $wgCdnReboundPurgeDelay was added to provide secondary delayed purges of URLs
+ from CDN to mitigate DB replication lag and WAN cache purge lag.
+* (T49162) Installer will default to setting CACHE_ACCEL as the main cache type
+ if it is available.
+* It is now possible to patrol file uploads (both for new files and new versions
+ of existing files). Special:NewFiles has gained an option to filter by patrol
+ status. This functionality can be disabled using $wgUseFilePatrol.
+* MediaWiki\Session infrastructure allows for easier use of session mechanisms
+ other than the usual cookies.
+** SessionMetadata and SessionCheckInfo hooks allow for setting and checking
+ custom session metadata.
+* Added MWGrants and associated configuration settings $wgGrantPermissions and
+ $wgGrantPermissionGroups to hold configuration for authentication features
+ such as OAuth that want to allow restricting the user rights a user may make
+ use of.
+** If you're already using the OAuth extension, these new variables are
+ identical to (and will replace) $wgMWOAuthGrantPermissions and
+ $wgMWOAuthGrantPermissionGroups.
+* Added MWRestrictions as a class to check restrictions on a WebRequest, e.g.
+ to assert that the request comes from a particular IP range.
+* Added bot passwords, a rights-restricted login mechanism for API-using bots.
+* Whitelisted the following HTML attributes for all elements in wikitext:
+ aria-describedby, aria-flowto, aria-label, aria-labelledby, aria-owns.
+* Removed "presentation" restriction on the HTML role attribute in wikitext.
+ All values are now allowed for the role attribute.
+* $wgContentHandlers now also supports callbacks to create an instance of the
+ appropriate ContentHandler subclass.
+* Added $wgAuthenticationTokenVersion, which if non-null prevents the
+ user_token database field from being exposed in cookies. Setting this would
+ be a good idea, but will log out all current sessions.
+* $wgEventRelayerConfig was added, for managing PubSub event relay configuration,
+ specifically for reliable CDN url purges.
+* Requests have unique IDs, equal to the UNIQUE_ID environment variable (when
+ MediaWiki is behind Apache+mod_unique_id or something similar) or a randomly-
+ generated 24-character string. This request ID is used to annotate log records
+ and error messages. It is available client-side via mw.config.get( 'wgRequestId' ).
+ The request ID supplants exception IDs. Accordingly, MWExceptionHandler::getLogId()
+ is deprecated.
+* (T33313) Add a preference for watching uploads by default, also applies
+ to API-based upload tools.
+* $wgJpegPixelFormat was added to override chroma subsampling for JPEG image
+ thumbnails created via ImageMagick. Defaults to 'yuv420', providing bandwidth
+ savings versus the previous behavior on many files.
+* MediaWiki\Auth infrastructure (called "AuthManager") allows for more flexible
+ configuration of multiple authentication pieces that was possible with
+ AuthPlugin. For example, it's now easy to plug in second-factor
+ authentication, or add additional checks to the login process, or to support
+ multiple login methods at once, or to support non-password-based login methods.
+** Providers are configured via the global setting $wgAuthManagerConfig.
+** A global, $wgDisableAuthManager, is temporarily available to disable
+ AuthManager until extensions are ready to support it.
+** New hook, AuthChangeFormFields, to adjust the form fields on
+ AuthManager-related special pages.
+** New hook, AuthManagerLoginAuthenticateAudit, for additional logging of
+ AuthManager-related authentication requests.
+** New hook, ChangeAuthenticationDataAudit, for additional logging of
+ AuthManager-related authentication data changes.
+** New hook, SecuritySensitiveOperationStatus, to work with the new mechanism
+ for requiring a recent login before taking security-sensitive operations
+ like changing a password.
+** Two new globals, $wgChangeCredentialsBlacklist and $wgRemoveCredentialsBlacklist
+ can be used to prevent the web UI and the API changing certain authentication data.
+* The file upload dialog (available if you install WikiEditor or VisualEditor)
+ can now be configured using $wgUploadDialog.
+
+=== External library changes in 1.27 ===
+
+==== Upgraded external libraries ====
+* Updated oojs/oojs-ui from v0.12.12 to v0.13.3.
+* Updated composer/semver from v1.0.0 to v1.2.0.
+* Updated liuggio/statsd-php-client to 1.0.18.
+* Updated QUnit from v1.18.0 to v1.22.0.
+
+==== New external libraries ====
+* Added wikimedia/base-convert v1.0.1.
+* Added wikimedia/cldr-plural-rule-parser v1.0.0.
+* Added wikimedia/relpath v1.0.3.
+* Added wikimedia/running-stat v1.1.0.
+* Added wikimedia/php-session-serializer v1.0.3.
+
+==== Removed and replaced external libraries ====
+
+=== Bug fixes in 1.27 ===
+* Special:Upload will now display correct maximum allowed file size when running
+ under HHVM (T116347).
+* (T54077) The APIEditBeforeSave hook will once again give only the content of
+ the section being edited, rather than the whole revision. This reverts the
+ change made in MediaWiki 1.22.
+
+=== Action API changes in 1.27 ===
+* Added list=allrevisions.
+* generator=recentchanges now has the option to generate revids.
+* ApiPageSet::setRedirectMergePolicy() was added. This allows generator
+ modules to define how generator data for a redirect source gets merged
+ into the redirect destination.
+* prop=imageinfo&iiprop=uploadwarning will no longer include the possibility of
+ "was-deleted" warning.
+* Added difftotextpst to query=revisions which preforms a pre-save transform on
+ the text before diffing it.
+* Deprecated formats dbg, txt, and yaml have been removed.
+* (T47988) The protect log event details now use new-style formatting.
+* The following response properties from action=login are deprecated, and may
+ be removed in the future: lgtoken, cookieprefix, sessionid. Clients should
+ handle cookies to properly manage session state.
+* action=login transparently allows login using bot passwords. Clients should
+ merely need to change the username and password used after setting up a bot
+ password.
+* action=upload no longer understands statuskey, asyncdownload or leavemessage.
+* Several changes when $wgDisableAuthManager is false:
+** action=login is deprecated for uses other than bot passwords.
+** list=users can now indicate if a missing username is creatable.
+** action=createaccount is changed in a non-backwards-compatible manner.
+** Added action=query&meta=authmanagerinfo.
+** Added action=clientlogin to be used to log into the main account instead of
+ action=login.
+** Added action=linkaccount.
+** Added action=unlinkaccount.
+** Added action=changeauthenticationdata.
+** Added action=removeauthenticationdata.
+** Added action=resetpassword.
+
+=== Action API internal changes in 1.27 ===
+* ApiQueryORM removed.
+* The following classes have been removed:
+** ApiFormatDbg
+** ApiFormatTxt
+** ApiFormatYaml
+* ApiBase::addTokenProperties() was removed (deprecated since 1.24).
+* ApiBase::getFinalPossibleErrors() was removed (deprecated since 1.24).
+* ApiBase::getFinalResultProperties() was removed (deprecated since 1.24).
+* ApiBase::getRequireAtLeastOneParameterErrorMessages() was removed (deprecated since 1.24).
+* ApiBase::getPossibleErrors() was removed (deprecated since 1.24).
+* ApiBase::getRequireMaxOneParameterErrorMessages() was removed (deprecated since 1.24).
+* ApiBase::getRequireOnlyOneParameterErrorMessages() was removed (deprecated since 1.24).
+* ApiBase::getResultProperties() was removed (deprecated since 1.24).
+* ApiBase::getTitleOrPageIdErrorMessage() was removed (deprecated since 1.24).
+* ApiBase::parseErrors() was removed (deprecated since 1.24).
+* ApiQueryBase::titleToKey(), ApiQueryBase::keyToTitle() and
+ ApiQueryBase::keyPartToTitle() all removed (deprecated since 1.24).
+* ApiQueryBase::checkRowCount() was removed (deprecated since 1.24).
+* ApiQueryBase::getDirectionDescription() was removed (deprecated since 1.25).
+* ApiQuery::getGenerators() was removed (deprecated since 1.21).
+* ApiQuery::getModules() was removed (deprecated since 1.21).
+* ApiQuery::getModuleType() was removed (deprecated since 1.21).
+* ApiQuery::setGeneratorContinue() was removed (deprecated since 1.24).
+* ApiMain::getModules() was removed (deprecated since 1.21).
+* ApiBase::getVersion() was removed (deprecated since 1.21).
+* ApiMain::getShowVersions() was removed (deprecated in 1.21).
+* ApiMain::addModule() was removed (deprecated in 1.21).
+* ApiMain::addFormat() was removed (deprecated in 1.21).
+* ApiMain::getFormats() was removed (deprecated in 1.21).
+* ApiPageSet::finishPageSetGeneration() was removed (deprecated in 1.21).
+* ApiCreateAccount was removed.
+
+=== Languages updated in 1.27 ===
+
+MediaWiki supports over 350 languages. Many localisations are updated
+regularly. Below only new and removed languages are listed, as well as
+changes to languages because of Phabricator reports.
+
+* (T113688) Change default numerals from Gurmukhi to Arabic for Punjabi locale.
+* (T116020) Aliases of magic words in MessagesXx.php are sorted by usage.
+
+=== Other changes in 1.27 ===
+* Added dependency injection (DI) infrastructure, see docs/injection.txt for details.
+ It is planned to incrementally move MediaWiki code towards using DI, using the
+ service locator (SL) pattern as a stepping stone.
+* ProfilerOutputUdp was removed. Note that there is a ProfilerOutputStats class.
+* WikiPage::doDeleteArticleReal() and WikiPage::doDeleteArticle() now
+ ignore the 2nd and 3rd arguments (formerly $id and $commit).
+* Removed "loaderScripts" option from ResourceLoaderFileModule class.
+* Removed ORM-like wrapper added in 1.20.
+* LinkCache::getGoodLinks and LinkCache::getBadLinks were removed
+ (deprecated in 1.26).
+* WikiPage::doQuickEdit() was removed (deprecated since 1.21).
+* Removed SiteObject and SiteArray classes (deprecated in 1.21).
+* MessageBlobStore::getInstance() was removed (deprecated since 1.25).
+* (T84937) Free external links ("autolinked" urls) will now be terminated
+ by &nbsp; and HTML entity encodings of &nbsp, <, and >.
+* (T36948) The default file revert message's timestamp is now in
+ $wgLocaltimezone, instead of UTC.
+* The default name of the 'suppress' group page has been changed from
+ 'Project:Oversight' to 'Project:Suppress'.
+* DatabaseBase::resultObject() is now protected (use outside Database classes
+ not necessary since 1.11).
+* Calling ResourceLoaderFileModule::readStyleFiles() without a
+ ResourceLoaderContext instance is deprecated.
+* ResourceLoader::getLessCompiler() now takes an optional parameter of
+ additional LESS variables to set for the compiler.
+* wfBaseConvert() marked as deprecated, use Wikimedia\base_convert() directly
+ instead.
+* Obsolete maintenance scripts clearCacheStats.php and showCacheStats.php
+ were removed. The underlying data is sent to StatsD (see $wgStatsdServer).
+* Removed msg_resource_links database table and associated code.
+* Removed msg_resource database table and associated code.
+* Skin::getNamespaceNotice() was removed.
+* wfIsConfiguredProxy() was removed (deprecated since 1.24).
+* wfDebugTimer() was removed (deprecated since 1.25).
+* wfIsTrustedProxy() was removed (deprecated since 1.24).
+* wfGetIP() was removed (deprecated since 1.19).
+* MWHookException was removed.
+* OutputPage::appendSubtitle() was removed (deprecated since 1.19).
+* OutputPage::loginToUse() was removed (deprecated since 1.19).
+* Article::loadContent() was removed (deprecated since 1.19).
+* User::editToken() was removed (deprecated since 1.19).
+* Removed --force-normal option of dumpBackup.php, as it no longer served
+ any useful purpose since 1.22.
+* The functions processOption() and processArgs() on the BackupDumper and
+ TextPassDumper classes have been removed.
+* The maintenance/backupTextPass.inc file was deleted. You should include
+ maintenance/dumpTextPass.php instead.
+* WikiPage::getUsedTemplates() was removed (deprecated since 1.19).
+* wfEmptyMsg() was removed (deprecated since 1.18).
+* OutputPage::permissionRequired() was removed (deprecated since 1.18).
+* OutputPage::blockedPage() was removed (deprecated since 1.18).
+* User::getSkin() was removed (deprecated since 1.18).
+* OutputPage::includeJQuery() was removed (deprecated since 1.17).
+* WikiPage::updateRestrictions() was removed (deprecated since 1.19).
+* WikiPage::testPreSaveTransform() was removed (deprecated since 1.19).
+* LogPage::logName() was removed (deprecated since 1.19).
+* LogPage::logHeader() was removed (deprecated since 1.19).
+* wfCheckLimits() was removed (deprecated since 1.24).
+* Linker::makeKnownLinkObj() was removed (deprecated since 1.16).
+* Linker::makeLinkObj() was removed (deprecated since 1.16).
+* wfMsgForContentNoTrans() was removed (deprecated since 1.18).
+* ChangesList::usePatrol was removed (deprecated since 1.22).
+* wfMsgNoTrans() was removed (deprecated since 1.18).
+* Linker::makeImageLink2 was removed (deprecated since 1.20).
+* Title::userIsWatching() was removed (deprecated since 1.20).
+* Removed WaitForSlave maintenance script; use SELECT MASTER_POS_WAIT()
+ database function directly instead.
+* wfMsg() was removed (deprecated since 1.18).
+* wfMsgForContent() was removed (deprecated since 1.18).
+* wfMsgReal() was removed (deprecated since 1.18).
+* wfMsgGetKey() was removed (deprecated since 1.18).
+* wfMsgHtml() was removed (deprecated since 1.18).
+* wfMsgWikiHtml() was removed (deprecated since 1.18).
+* wfMsgExt() was removed (deprecated since 1.18).
+* Language::armourMath() was removed (deprecated since 1.22).
+* LanguageConverter::armourMath() was removed (deprecated since 1.22).
+* FakeConverter::armourMath() was removed (deprecated since 1.22).
+* The unused jquery.validate ResourceLoader module was removed.
+* FileRepo::getRootUrl() was removed (deprecated since 1.20).
+* User::generateToken() was removed (deprecated since 1.20).
+* WikiPage::getRawText() was removed (deprecated since 1.21).
+* ParserOutput::hasCustomDataUpdates() was removed (deprecated since 1.25).
+* ParserOutput::addSecondaryDataUpdate() was removed (deprecated since 1.25).
+* ParserOutput::getSecondaryDataUpdates() was removed (deprecated since 1.25).
+* Gallery images with multiple caption pipes no longer concatenate them all
+ together but instead pick the final one, similar to image syntax.
+* XML-like parser tags (such as <gallery>), when unclosed, will be left unparsed
+ rather than consume everything until the end of the page.
+* New maintenance script resetUserEmail.php allows sysadmins to reset user emails in case
+ a user forgot password/account was stolen.
+* wfCheckEntropy() was removed (deprecated in 1.27).
+* Browser support for Internet Explorer 8 lowered from Grade A to Grade C.
+* ContentHandler::supportsCategories method added. Default is true.
+ CategoryMembershipChangeJob updates are skipped for content that
+ does not support categories.
+* wikidiff difference engine is no longer supported, anyone still using it are encouraged
+ to upgrade to wikidiff2 which is actively maintained and has better package availability.
+* Database logic was removed from WatchedItem and a WatchedItemStore was created:
+** WatchedItem::IGNORE_USER_RIGHTS and WatchedItem::CHECK_USER_RIGHTS were deprecated.
+ User::IGNORE_USER_RIGHTS and User::CHECK_USER_RIGHTS were introduced.
+** WatchedItem::fromUserTitle was deprecated in favour of the constructor.
+** WatchedItem::resetNotificationTimestamp was deprecated.
+** WatchedItem::batchAddWatch was deprecated.
+** WatchedItem::addWatch was deprecated.
+** WatchedItem::removeWatch was deprecated.
+** WatchedItem::isWatched was deprecated.
+** WatchedItem::duplicateEntries was deprecated.
+** EmailNotification::updateWatchlistTimestamp was deprecated.
+** User::getWatchedItem was removed.
+* Unit tests don't work with external PHPUnit anymore, Composer is now the only supported
+ way. Run `composer install` to install it and other dev dependencies to run unit tests.
+* wl_id field added to the watchlist table.
+* Revision::getRawText() was removed (deprecated since 1.21).
+* WikiPage::replaceSection() was removed (deprecated since 1.21).
+* Article::replaceSection() was removed (deprecated since 1.21).
+* Language::getLangObj() was removed (deprecated since 1.24).
+* Language::getLanguageName() was removed (deprecated since 1.20).
+* Language::getLanguageNames() was removed (deprecated since 1.20).
+* Language::getTranslatedLanguageNames() was removed (deprecated since 1.20).
+* Language::specialPage() was removed (deprecated since 1.24).
+* MediaWikiTestCase::assertException() was removed (deprecated since 1.22).
+* OutputPage::getHeadItems() was removed (deprecated since 1.24).
+* OutputPage::getScript() was removed (deprecated since 1.24).
+* OutputPage::out() was removed (deprecated since 1.22).
+* OutputPage::setAllowedModules() was removed (deprecated since 1.24).
+* UserrightsPage::makeGroupNameListForLog() was removed (deprecated since 1.21).
+* MediaWikiSite::newFromGlobalId() was removed (deprecated since 1.21).
+* Title::newFromRedirect() was removed (deprecated since 1.21).
+* Skin::commonPrintStylesheet() was removed (deprecated since 1.22).
+* Skin::getCommonStylePath() was removed (deprecated since 1.24).
+* Skin::newFromKey() was removed (deprecated since 1.24).
+* Skin::getUsableSkins() was removed (deprecated since 1.23).
+* LoadBalancer::pickRandom() was removed (deprecated in 1.21).
+* Article::getUndoText() and WikiPage::getUndoText were removed (deprecated since
+ 1.21).
+* DifferenceEngine::setText() was removed (deprecated in 1.21).
+* Title::newFromRedirectArray() was removed (deprecated in 1.21).
+* UserMailer::send() no longer accepts $replyto as the 5th argument and $contentType
+ as the 6th. These must be passed in the options array now.
+* Title::newFromRedirectRecurse() was removed (deprecated in 1.21).
+* Skin::accesskey was removed (deprecated since 1.21).
+* Skin::blockLink was removed (deprecated since 1.21).
+* Skin::buildRollbackLink was removed (deprecated since 1.21).
+* Skin::emailLink was removed (deprecated since 1.21).
+* Skin::formatComment was removed (deprecated since 1.21).
+* Skin::formatHiddenCategories was removed (deprecated since 1.21).
+* Skin::formatLinksInComment was removed (deprecated since 1.21).
+* Skin::formatRevisionSize was removed (deprecated since 1.21).
+* Skin::formatSize was removed (deprecated since 1.21).
+* Skin::formatTemplates was removed (deprecated since 1.21).
+* Skin::generateTOC was removed (deprecated since 1.21).
+* Skin::getInternalLinkAttributes was removed (deprecated since 1.21).
+* Skin::getInternalLinkAttributesObj was removed (deprecated since 1.21).
+* Skin::getInterwikiLinkAttributes was removed (deprecated since 1.21).
+* Skin::getInvalidTitleDescription was removed (deprecated since 1.21).
+* Skin::getLinkColour was removed (deprecated since 1.21).
+* Skin::getRevDeleteLink was removed (deprecated since 1.21).
+* Skin::getRollbackEditCount was removed (deprecated since 1.21).
+* Skin::makeBrokenImageLinkObj was removed (deprecated since 1.21).
+* Skin::makeCommentLink was removed (deprecated since 1.21).
+* Skin::makeExternalImage was removed (deprecated since 1.21).
+* Skin::makeExternalLink was removed (deprecated since 1.21).
+* Skin::makeHeadline was removed (deprecated since 1.21).
+* Skin::makeImageLink was removed (deprecated since 1.21).
+* Skin::makeMediaLinkFile was removed (deprecated since 1.21).
+* Skin::makeMediaLinkObj was removed (deprecated since 1.21).
+* Skin::makeSelfLinkObj was removed (deprecated since 1.21).
+* Skin::makeThumbLink2 was removed (deprecated since 1.21).
+* Skin::makeThumbLinkObj was removed (deprecated since 1.21).
+* Skin::normaliseSpecialPage was removed (deprecated since 1.21).
+* Skin::normalizeSubpageLink was removed (deprecated since 1.21).
+* Skin::processResponsiveImages was removed (deprecated since 1.21).
+* Skin::revComment was removed (deprecated since 1.21).
+* Skin::revDeleteLink was removed (deprecated since 1.21).
+* Skin::revDeleteLinkDisabled was removed (deprecated since 1.21).
+* Skin::revUserLink was removed (deprecated since 1.21).
+* Skin::revUserTools was removed (deprecated since 1.21).
+* Skin::specialLink was removed (deprecated since 1.21).
+* Skin::splitTrail was removed (deprecated since 1.21).
+* Skin::titleAttrib was removed (deprecated since 1.21).
+* Skin::tocIndent was removed (deprecated since 1.21).
+* Skin::tocLine was removed (deprecated since 1.21).
+* Skin::tocLineEnd was removed (deprecated since 1.21).
+* Skin::tocList was removed (deprecated since 1.21).
+* Skin::tocUnindent was removed (deprecated since 1.21).
+* Skin::tooltip was removed (deprecated since 1.21).
+* Skin::tooltipAndAccesskeyAttribs was removed (deprecated since 1.21).
+* Skin::userTalkLink was removed (deprecated since 1.21).
+* Skin::userToolLinksRedContribs was removed (deprecated since 1.21).
+* wikidiff3 is now the default and only PHP diff engine. It provides improved diff
+ performance on complex changes. $wgExternalDiffEngine = 'wikidiff3' therefore
+ makes no difference now. Users are still recommended to use wikidiff2 if possible,
+ though.
+* User::addNewUserLogEntry() was deprecated.
+* User::addNewUserLogEntryAutoCreate() was deprecated.
+* User::isPasswordReminderThrottled() was deprecated.
+* Bot-oriented parameters to Special:UserLogin (wpCookieCheck, wpSkipCookieCheck)
+ were removed.
+* Installer can now be customized without patching MediaWiki code, see
+ mw-config/overrides/README for details.
+
+=== Compatibility ===
+
+MediaWiki 1.27 requires PHP 5.5.9 or later. There is experimental support for
+HHVM 3.6.5 or later.
+
+MySQL is the recommended DBMS. PostgreSQL or SQLite can also be used, but
+support for them is somewhat less mature. There is experimental support for
+Oracle and Microsoft SQL Server.
+
+The supported versions are:
+
+* MySQL 5.0.3 or later
+* PostgreSQL 8.3 or later
+* SQLite 3.3.7 or later
+* Oracle 9.0.1 or later
+* Microsoft SQL Server 2005 (9.00.1399)
+
+=== Upgrading ===
+
+1.27 has several database changes since 1.26, and will not work without schema
+updates. Note that due to changes to some very large tables like the revision
+table, the schema update may take quite long (minutes on a medium sized site,
+many hours on a large site).
+
+If upgrading from before 1.11, and you are using a wiki as a commons
+repository, make sure that it is updated as well. Otherwise, errors may arise
+due to database schema changes.
+
+If upgrading from before 1.7, you may want to run refreshLinks.php to ensure
+new database fields are filled with data.
+
+If you are upgrading from MediaWiki 1.4.x or earlier, you should upgrade to
+1.5 first. The upgrade script maintenance/upgrade1_5.php has been removed
+with MediaWiki 1.21.
+
+Don't forget to always back up your database before upgrading!
+
+See the file UPGRADE for more detailed upgrade instructions.
+
+For notes on 1.26.x and older releases, see HISTORY.
+
+
+= MediaWiki 1.26 =
+
+== MediaWiki 1.26.4 ==
+
+This is a maintenance release of the MediaWiki 1.26 branch.
+
+=== Changes since 1.26.3 ===
+* BREAKING CHANGE: $wgHTTPProxy is now *required* for all external requests
+ made by MediaWiki via a proxy. Relying on the http_proxy environment
+ variable is no longer supported.
+* (T124163) Fixed fatal error in DifferenceEngine under HHVM.
+* (T139565) SECURITY: API: Generate head items in the context of the given title
+* (T137264) SECURITY: XSS in unclosed internal links
+* (T133147) SECURITY: Escape '<' and ']]>' in inline <style> blocks
+* (T133147) SECURITY: Require login to preview user CSS pages
+* (T132926) SECURITY: Do not allow undeleting a revision deleted file if it is
+ the top file
+* (T129738) SECURITY: Make $wgBlockDisablesLogin also restrict logged in
+ permissions
+* (T129738) SECURITY: Make blocks log users out if $wgBlockDisablesLogin is true
+* (T115333) SECURITY: Check read permission when loading page content in ApiParse
+* Remove support for $wgWellFormedXml = false, all output is now well formed
+
+== MediaWiki 1.26.3 ==
+
+This is a maintenance release of the MediaWiki 1.26 branch.
+
+=== Changes since 1.26.2 ===
+* (T116266) Fixed undefined property notices in DairikiDiff under HHVM.
+* (T123166) Fix fatal error when importing pages to titles which cannot be
+ created, such as invalid titles or titles the user is not allowed to edit.
+* (T122056) Old tokens are remaining valid within a new session
+* (T127114) Login throttle can be tricked using non-canonicalized usernames
+* (T123653) Cross-domain policy regexp is too narrow
+* (T123071) Incorrectly identifying http link in a's href attributes, due to
+ m modifier in regex
+* (T129506) MediaWiki:Gadget-popups.js isn't renderable
+* (T125283) Users occasionally logged in as different users after
+ SessionManager deployment
+* (T103239) Patrol allows click catching and patrolling of any page
+* (T122807) [tracking] Check php crypto primatives
+* (T98313) Graphs can leak tokens, leading to CSRF
+* (T130947) Diff generation should use PoolCounter
+* (T133507) Careless use of $wgExternalLinkTarget is insecure
+* (T132874) API action=move is not rate limited
+* (T110143) strip markers can be used to get around html attribute escaping in
+ (many?) parser tags
+* (T116030) Increase pbkdf2 parameter strengths
+* (T127420) Pbkdf2Password does not check if hash_pbkdf2() succeeded
+* (T126685) Globally throttle password attempts
+
+== MediaWiki 1.26.2 ==
+
+This is a maintenance release of the MediaWiki 1.26 branch.
+
+=== Changes since 1.26.1 ===
+* (T121892) Fix fatal error on some Special pages, introduced in 1.26.1.
+
+== MediaWiki 1.26.1 ==
+
+This is a maintenance release of the MediaWiki 1.26 branch.
+
+=== Changes since 1.26.0 ===
+* (T117899) SECURITY: $wgArticlePath can no longer be set to relative paths
+ that do not begin with a slash. This enabled trivial XSS attacks.
+ Configuration values such as "http://my.wiki.com/wiki/$1" are fine, as are
+ "/wiki/$1". A value such as "$1" or "wiki/$1" is not and will now throw an
+ error.
+* (T119309) SECURITY: Use hash_compare() for edit token comparison
+* (T118032) SECURITY: Don't allow cURL to interpret POST parameters starting
+ with '@' as file uploads
+* (T115522) SECURITY: Passwords generated by User::randomPassword() can no
+ longer be shorter than $wgMinimalPasswordLength
+* (T97897) SECURITY: Improve IP parsing and trimming. Previous behavior could
+ result in improper blocks being issued
+* (T109724) SECURITY: Special:MyPage, Special:MyTalk, Special:MyContributions
+ and related pages no longer use HTTP redirects and are now redirected by
+ MediaWiki
+* Fixed ConfigException in ExpandTemplates due to AlwaysUseTidy.
+* Fixed stray literal \n in Special:Search.
+* Fix issue that breaks HHVM Repo Authorative mode.
+* (T120267) Work around APCu memory corruption bug
+
+== MediaWiki 1.26.0 ==
+
+=== Configuration changes in 1.26 ===
+* $wgPasswordResetRoutes['email'] = true by default.
+* $wgEnableParserCache was deprecated, set $wgParserCacheType to CACHE_NONE
+ instead if you want to disable the parser cache.
+* New-style continuation is now the default for API action=continue. Clients may
+ use the 'rawcontinue' parameter to receive raw query-continue data, but the
+ new style is encouraged as it's harder to implement incorrectly.
+* Deprecated API formats dump and wddx have been completely removed.
+* (T7645) The "Signature" button on the edit toolbar is now hidden by default
+ in non-talk namespaces. A new configuration variable,
+ $wgExtraSignatureNamespaces, controls in which subject (non-talk) namespaces
+ the "Signature" button on the edit toolbar will be displayed.
+* $wgResourceLoaderUseESI was deprecated and removed. This was an experimental
+ feature that was never enabled by default.
+* $wgResourceLoaderExperimentalAsyncLoading was deprecated and removed.
+ This experimental feature was never enabled by default and is obsolete as of
+ MediaWiki 1.26, in where ResourceLoader became fully asynchronous.
+* $wgMasterWaitTimeout was removed (deprecated in 1.24).
+* Fields in ParserOptions are now private. Use the accessors instead.
+* Custom LESS functions (defined via $wgResourceLoaderLESSFunctions or
+ in extension.json) have been removed, after being deprecated in 1.24.
+* $wgAlwaysUseTidy has been removed.
+* ResetSessionID hook has been removed. Nothing seems to use it.
+* Certain AuthPlugin methods are deprecated in favor of new hooks:
+** AuthPlugin::initUser() is replaced by LocalUserCreated.
+** AuthPlugin::updateUser() is replaced by UserLoggedIn.
+** AuthPlugin::updateExternalDB() is replaced by the existing UserSaveSettings.
+** AuthPlugin::updateExternalDBGroups() is replaced by UserGroupsChanged.
+** AuthPluginUser::isHidden() is replaced by UserIsHidden.
+** AuthPluginUser::isLocked() is replaced by UserIsLocked.
+* The UserRights hook is deprecated in favor of the new UserGroupsChanged hook.
+* AuthPlugin::initUser() and AuthPlugin::updateUser() should no longer replace
+ the passed User object.
+* $wgBlockAllowsUTEdit is now set to true by default. This allows
+ blocked users to edit their talk pages unless explicitly disabled
+ when they are being blocked.
+
+=== New features in 1.26 ===
+* (T51506) Now action=info gives estimates of actual watchers for a page.
+ See $wgRCMaxAge, $wgWatchersMaxAge and $wgUnwatchedPageSecret
+ to learn how to configure if needed.
+* Change tags can now be hidden in the interface by disabling the associated
+ "tag-<id>" interface message.
+* ':' (colon) is now invalid in usernames for new accounts. Existing accounts
+ are not affected.
+* Added a new hook, 'LogException', to log exceptions in nonstandard ways.
+* Revive the 'SpecialSearchResultsAppend' hook which occurs after the list of
+ search results are rendered. The initial use case is to append a "give us
+ feedback" link beneath the search results.
+* Added a new hook, 'RejectParserCacheValue', which allows extensions to
+ reject an otherwise-successful parser cache lookup. The intent is to allow
+ extensions to manage the eviction of archaic HTML output from the cache.
+* (T68699) The expiration of the UserID and Token login cookies
+ ($wgExtendedLoginCookieExpiration) can be configured independently of the
+ expiration of all other cookies ($wgCookieExpiration).
+* (T50519) Support for generating JPEG/PNG thumbnails from WebP images added
+ if ImageMagick is used as image scaler ($wgUseImageMagick = true). Uploading
+ of WebP images still disabled by default. Add $wgFileExtensions[] =
+ 'webp'; to LocalSettings.php to enable uploading of WebP images.
+* Added new hooks 'EnhancedChangesListModifyLineData' &
+ 'EnhancedChangesListModifyBlockLineData', to modify the data used to build
+ lines in enhanced recentchanges and watchlist.
+* Caches that need purging ability now use the WANObjectCache interface.
+ This corresponds to a new $wgMainWANCache setting, which defaults to using
+ the $wgMainCacheType settings.
+* Callers needing fast light-weight data stores use $wgMainStash to select
+ the store type from $wgObjectCaches. The default is the local database.
+* Interface message overrides in the MediaWiki namespace will now be cached in
+ memcached and APC (if available), rather than memcached and local files.
+* Added a new hook, 'RandomPageQuery', to allow modification of the query used
+ by Special:Random to select random pages.
+* $wgTransactionalTimeLimit was added, which controls the request time limit
+ for potentially slow POST requests that need to be as atomic as possible.
+* ResourceLoader now loads all scripts asynchronously. The top-queue and
+ startup modules are no longer synchronously loaded.
+* 'mediawiki.ui.button' styles are no longer unconditionally loaded on every
+ page. During the deprecation period, the styles will only be loaded on pages
+ which contain 'mw-ui-button' in their HTML. Starting in 1.28, the styles will
+ only be loaded if explicitly required.
+* If search returns zero results and current search engine has a "did you mean"
+ suggestion, results for suggestion will be shown. Can be disabled by setting
+ $wgSearchRunSuggestedQuery to false.
+* Added several JavaScript libraries for uploading files to MediaWiki
+ from the client-side. See documentation for mw.Upload and its
+ subclasses for more information.
+* Added OOUI dialogs and layout for file upload interfaces. See
+ documentation for mw.Upload.Dialog, mw.Upload.BookletLayout and its
+ subclasses for more information.
+
+=== extension.json changes in 1.26 ===
+* (T99344) The extension.json schema is now versioned. All extensions
+ and skins should set a "manifest_version" property corresponding to
+ the schema version they were written for. The only supported version
+ currently is "1".
+* (T102523) The error message if a non-array attribute is set was improved.
+* (T107646) Configuration settings can now specify how they should be merged,
+ which is necessary for arrays using integer keys.
+* (T110389) Adding namespaces through extension.json now actually works
+* $wgNamespaceProtection can now be set in extension.json.
+* $wgCapitalLinkOverrides can now be set in extension.json.
+* (T97186) Extensions using a custom prefix for their configuration settings
+ can now set a "_prefix" key to override the default of "wg".
+* (T99084) Extensions can now specify what MediaWiki core versions they
+ depend upon.
+* (T105236) The extension.json schema now validates custom classes in
+ the "ResourceModules" property properly.
+
+=== External library changes in 1.26 ===
+==== Upgraded external libraries ====
+* Updated es5-shim from v4.0.0 to v4.1.5.
+* Updated json2 from revision 2014-02-04 to 2015-05-03.
+* Updated Sinon.JS from 1.10.3 to 1.15.4.
+* Updated jQuery Client from v1.0.0 to v2.0.0.
+* Updated QUnit from v1.17.1 to v1.18.0.
+* Updated liuggio/statsd-php-client from v1.0.12 to v1.0.16.
+* Updated oojs/oojs-ui from v0.11.3 to v0.12.12.
+* Updated wikimedia/cdb from v1.0.1 to v1.3.0.
+* Updated wikimedia/utfnormal from v1.0.2 to v1.0.3.
+* Updated wikimedia/composer-merge-plugin from v1.0.0 to v1.3.0.
+* Updated zordius/lightncandy from v0.18 to v0.21.
+
+==== New external libraries ====
+* Added composer/semver v1.0.0.
+* Added mediawiki/at-ease v1.1.0.
+* Added wikimedia/assert v0.2.2.
+* Added wikimedia/ip-set v1.0.1.
+* Added wikimedia/wrappedstring v2.0.0.
+
+==== Removed and replaced external libraries ====
+* Replaced leafo/lessphp v0.5.0 with oyejorge/less.php v1.7.0.9.
+
+=== Bug fixes in 1.26 ===
+* (T53283) load.php sometimes sends 304 response without full headers
+* (T65198) Talk page tabs now have a "rel=discussion" attribute
+* (T98841) {{msgnw:}} now preserves comments even when subst: is not used.
+* (T104142) $wgEmergencyContact and $wgPasswordSender now use their default
+ value if set to an empty string.
+
+=== Action API changes in 1.26 ===
+* New-style continuation is now the default for action=continue. Clients may
+ use the 'rawcontinue' parameter to receive raw query-continue data, but the
+ new style is encouraged as it's harder to implement incorrectly.
+* Deprecated API formats dump and wddx have been completely removed.
+* API action=query&list=tags: The displayname can now be boolean false if the
+ tag is meant to be hidden from user interfaces.
+* action=import no longer allows both the namespace= and rootpage= parameters
+ to be set. If they are both set, the value of rootpage= will be ignored.
+* prop=revision output in enum mode is now sorted by timestamp rather than
+ revision ID. This usually won't make any difference.
+* (T102645) Namespace list from meta=siteinfo&siprop=namespaces is now an array
+ with formatversion=2.
+* Various other output from meta=siteinfo will now always be arrays instead of
+ sometimes being numerically-indexed objects with formatversion=2.
+* When errors about users being blocked are returned, they now include
+ information about the relevant block.
+* (T99926) list=random has higher limits, in line with other API modules.
+* list=random's rnredirect parameter is deprecated in favor of a new
+ rnfilterredir parameter that also allows for listing both redirects and
+ non-redirects.
+* list=random now supports continuation.
+* API responses to GET requests may now include ETag and Last-Modified headers,
+ and will honor corresponding If-None-Match and If-Modified-Since on such
+ requests.
+
+=== Action API internal changes in 1.26 ===
+* New metadata item ApiResult::META_KVP_MERGE to allow for merging the KVP key
+ into the value when the value is an assoc.
+* API action modules may now provide values for the RFC 7232 ETag and
+ Last-Modified headers. The API will check these against If-None-Match and
+ If-Modified-Since request headers on GET requests and avoid executing the
+ module when appropriate.
+
+=== Languages updated in 1.26 ===
+
+MediaWiki supports over 350 languages. Many localisations are updated
+regularly. Below only new and removed languages are listed, as well as
+changes to languages because of Phabricator reports.
+
+* Languages added:
+** ase (American sign language), thanks to translator Icemandeaf
+** dty (डोटेली/Doteli), thanks to translators जनक राज भट्ट, बिप्लब आनन्द,
+ मेश सिंह बोहरा, and राम प्रसाद जोशी
+** luz (لئری دوٙمینی / Southern Luri)
+** olo (Livvinкarjala / Livvi-Karelian), thanks to translators Denö, Hiloin Natoi,
+ Ilja.mos, and Mashoi7
+
+=== Other changes in 1.26 ===
+* ChangeTags::tagDescription() will return false if the interface message
+ for the tag is disabled.
+* Added PageHistoryPager::doBatchLookups hook.
+* Added $wikiId parameter to FormatAutocomments hook.
+* Added ParserCacheSaveComplete to ParserCache
+* supportsDirectEditing and supportsDirectApiEditing methods added to
+ ContentHandler, to provide a way for ApiEditPage and EditPage to check
+ if direct editing of content is allowed. These methods return false,
+ by default for the ContentHandler base class and true for TextContentHandler
+ and it's derivative classes (everything in core). For Content types that
+ do not support direct editing, an alternative mechanism should be provided
+ for editing, such as action overrides or specific api modules.
+* mediaWiki.confirmCloseWindow now returns an object of functions, instead of
+ one function. The callback can't be called directly any more. The callback
+ function is replaced with confirmCloseWindow.release().
+* BREAKING CHANGE: Added an optional ResouceLoaderContext parameter to
+ ResourceLoaderModule::getDependencies(). Extension classes that override that
+ method should be updated. If they aren't updated, PHP Strict standards
+ warnings will appear when E_STRICT error reporting is enabled. Note: in the
+ near future, this parameter will probably become non-optional.
+* Removed maintenance script deleteImageMemcached.php.
+* MWFunction::newObj() was removed (deprecated in 1.25).
+ ObjectFactory::getObjectFromSpec() should be used instead.
+* The parser will no longer randomize the string it uses to mark the place of
+ items that were stripped during parsing. It will use a fixed string instead.
+ This causes the parser to re-use the regular expressions it uses to search
+ and replace markers rather than generate novel expressions on each parse.
+ Re-using regular expressions will improve performance on HHVM and the
+ forthcoming PHP 7. The interfaces changes accompanying this change are:
+ - Parser::getRandomString() and Parser::uniqPrefix() have been deprecated.
+ - The $uniq_prefix argument for Parser::extractTagsAndParams() and the
+ $prefix argument for StripState::_construct() are deprecated and their
+ value is ignored.
+* wfSuppressWarnings() and wfRestoreWarnings() were split into a separate library,
+ mediawiki/at-ease, and are now deprecated. Callers should use
+ MediaWiki\suppressWarnings() and MediaWiki\restoreWarnings() directly.
+* The Block class constructor now takes an associative array of parameters
+ instead of many optional positional arguments. Calling the constructor the old
+ way will issue a deprecation warning.
+* The jquery.mwExtension module was deprecated.
+* $wgSpecialPageGroups was removed (deprecated in 1.21).
+* SpecialPageFactory::setGroup was removed (deprecated in 1.21).
+* SpecialPageFactory::getGroup was removed (deprecated in 1.21).
+* DatabaseBase::ignoreErrors() is now protected.
+* BREAKING CHANGE: mediawiki.legacy.ajax has been removed, following
+ a lengthy deprecation period.
+* The ScopedPHPTimeout class was removed.
+* Removed maintenance script fixSlaveDesync.php.
+* Watchlist tokens, SpecialResetTokens, and User::getTokenFromOption()
+ are deprecated. Applications using those can work via the OAuth
+ extension instead. New tokens types should not be added.
+* DatabaseBase::errorCount() was removed (unused).
+* $wgDeferredUpdateList was removed.
+* DeferredUpdates::addHTMLCacheUpdate() was removed.
+
+= MediaWiki 1.25 =
+
+== MediaWiki 1.25.6 ==
+
+This is a maintenance release of the MediaWiki 1.25 branch.
+
+=== Changes since 1.25.5 ===
+* (T123166) Fix fatal error when importing pages to titles which cannot be
+ created, such as invalid titles or titles the user is not allowed to edit.
+* (T122056) Old tokens are remaining valid within a new session
+* (T127114) Login throttle can be tricked using non-canonicalized usernames
+* (T123653) Cross-domain policy regexp is too narrow
+* (T123071) Incorrectly identifying http link in a's href attributes, due to
+ m modifier in regex
+* (T129506) MediaWiki:Gadget-popups.js isn't renderable
+* (T125283) Users occasionally logged in as different users after
+ SessionManager deployment
+* (T103239) Patrol allows click catching and patrolling of any page
+* (T122807) [tracking] Check php crypto primatives
+* (T98313) Graphs can leak tokens, leading to CSRF
+* (T130947) Diff generation should use PoolCounter
+* (T133507) Careless use of $wgExternalLinkTarget is insecure
+* (T132874) API action=move is not rate limited
+* (T110143) strip markers can be used to get around html attribute escaping in
+ (many?) parser tags
+* (T116030) Increase pbkdf2 parameter strengths
+* (T127420) Pbkdf2Password does not check if hash_pbkdf2() succeeded
+* (T126685) Globally throttle password attempts
+
+== MediaWiki 1.25.5 ==
+
+This is a maintenance release of the MediaWiki 1.25 branch.
+
+=== Changes since 1.25.4 ===
+* (T121892) Fix fatal error on some Special pages, introduced in 1.25.4.
+
+== MediaWiki 1.25.4 ==
+
+This is a security and maintenance release of the MediaWiki 1.25 branch.
+
+=== Changes since 1.25.3 ===
+* (T117899) SECURITY: $wgArticlePath can no longer be set to relative paths
+ that do not begin with a slash. This enabled trivial XSS attacks.
+ Configuration values such as "http://my.wiki.com/wiki/$1" are fine, as are
+ "/wiki/$1". A value such as "$1" or "wiki/$1" is not and will now throw an
+ error.
+* (T119309) SECURITY: Use hash_compare() for edit token comparison
+* (T118032) SECURITY: Don't allow cURL to interpret POST parameters starting
+ with '@' as file uploads
+* (T115522) SECURITY: Passwords generated by User::randomPassword() can no
+ longer be shorter than $wgMinimalPasswordLength
+* (T97897) SECURITY: Improve IP parsing and trimming. Previous behavior could
+ result in improper blocks being issued
+* (T109724) SECURITY: Special:MyPage, Special:MyTalk, Special:MyContributions
+ and related pages no longer use HTTP redirects and are now redirected by
+ MediaWiki
+* (T103237) $wgUseGzip had no effect when using file cache.
+* (T114606) mw.notify was not correctly fixed to the page if
+ initialized while not at the top of the page.
+* Fix issue that breaks HHVM Repo Authorative mode.
+
+== MediaWiki 1.25.3 ==
+
+This is a security and maintenance release of the MediaWiki 1.25 branch.
+
+=== Changes since 1.25.2 ===
+
+* (T98975) Fix having multiple callbacks for a single hook.
+* (T107632) maintenance/refreshLinks.php did not always remove all links
+ pointing to nonexistent pages.
+* (T104142) $wgEmergencyContact and $wgPasswordSender now use their default
+ value if set to an empty string.
+* (T62174) Provide fallbacks for use of mb_convert_encoding() in
+ HtmlFormatter. It was causing an error when accessing the api help page
+ if the mbstring PHP extension was not installed.
+* (T105896) Confirmation emails would sometimes contain invalid codes.
+* (T105597) Fixed edit stash inclusion queries.
+* (T91850) SECURITY: Add throttle check in ApiUpload and SpecialUpload
+* (T91203, T91205) SECURITY: API: Improve validation in chunked uploading
+* (T95589) SECURITY: RevDel: Check all revisions for suppression, not just the
+ first
+* (T108616) SECURITY: Avoid exposure of local path in PNG thumbnails
+
+== MediaWiki 1.25.2 ==
+
+This is a security and maintenance release of the MediaWiki 1.25 branch.
+
+=== Changes since 1.25.1 ===
+
+* (T94116) SECURITY: Compare API watchlist token in constant time
+* (T97391) SECURITY: Escape error message strings in thumb.php
+* (T106893) SECURITY: Don't leak autoblocked IP addresses on
+ Special:DeletedContributions
+* (T102562) Fix InstantCommons parameters to handle the new HTTPS-only
+ policy of Wikimedia Commons.
+* (T100767) Setting a configuration setting for skin or extension to
+ false in LocalSettings.php was not working.
+* (T100635) API action=opensearch json output no longer breaks when
+ $wgDebugToolbar is enabled.
+* (T102522) Using an extension.json or skin.json file which has
+ a "manifest_version" property for 1.26 compatability will no longer
+ trigger warnings.
+* (T86156) Running updateSearchIndex.php will not throw an error as
+ page_restrictions has been added to the locked table list.
+* Special:Version would throw notices if using SVN due to an incorrectly
+ named variable. Add an additional check that an index is defined.
+
+== MediaWiki 1.25.1 ==
+
+This is a bug fix release of the MediaWiki 1.25 branch.
+
+=== Changes since 1.25 ===
+* (T100351) Fix syntax errors in extension.json of ConfirmEdit extension
+
+== MediaWiki 1.25.0 ==
+
+=== Configuration changes in 1.25 ===
+* $wgPageShowWatchingUsers was removed.
+* $wgLocalVirtualHosts has been added to replace $wgConf->localVHosts.
+* $wgAntiLockFlags was removed.
+* $wgJavaScriptTestConfig was removed.
+* Edit tokens returned from User::getEditToken may change on every call. Token
+ validity must be checked by passing the user-supplied token to
+ User::matchEditToken rather than by testing for equality with a
+ newly-generated token.
+* (T74951) The UserGetLanguageObject hook may be passed any IContextSource
+ for its $context parameter. Formerly it was documented as receiving a
+ RequestContext specifically.
+* Profiling was restructured and $wgProfiler now requires an 'output' parameter.
+ See StartProfiler.sample for details.
+* $wgMangleFlashPolicy was added to make MediaWiki's mangling of anything that
+ might be a flash policy directive configurable.
+* ApiOpenSearch now supports XML output. The OpenSearchXml extension should no
+ longer be used. If extracts and page images are desired, the TextExtracts and
+ PageImages extensions are required.
+* $wgOpenSearchTemplate is deprecated in favor of $wgOpenSearchTemplates.
+* Edits are now prepared via AJAX as users type edit summaries. This behavior
+ can be disabled via $wgAjaxEditStash.
+* (T46740) The temporary option $wgIncludejQueryMigrate was removed, along
+ with the jQuery Migrate library, as indicated when this option was provided in
+ MediaWiki 1.24.
+* ProfilerStandard and ProfilerSimpleTrace were removed. Make sure that any
+ StartProfiler.php config is updated to reflect this. Xhprof is available
+ for zend/hhvm. Also, for hhvm, one can consider using its xenon profiler.
+* Default value of $wgSVGConverters['rsvg'] now uses the 'rsvg-convert' binary
+ rather than 'rsvg'.
+* Default value of $wgSVGConverters['ImageMagick'] now uses transparent
+ background with white fallback color, rather than just white background.
+ * MediaWikiBagOStuff class removed, make sure any object cache config
+ uses SqlBagOStuff instead.
+* The 'daemonized' flag must be set to true in $wgJobTypeConf for any redis
+ job queues. This means that mediawiki/services/jobrunner service has to
+ be installed and running for any such queues to work.
+* $wgAutopromoteOnce no longer supports the 'view' event. For keeping some
+ compatibility, any 'view' event triggers will still trigger on 'edit'.
+* $wgExtensionDirectory was added for when your extensions directory is somewhere
+ other than $IP/extensions (as $wgStyleDirectory does with the skins directory).
+
+=== New features in 1.25 ===
+* (T64861) Updated plural rules to CLDR 26. Includes incompatible changes
+ for plural forms in Russian, Prussian, Tagalog, Manx and several languages
+ that fall back to Russian.
+* (T60139) ResourceLoaderFileModule now supports language fallback
+ for 'languageScripts'.
+* Added a new hook, "ContentAlterParserOutput", to allow extensions to modify the
+ parser output for a content object before links update.
+* (T37785) Enhanced recent changes and extended watchlist are now default.
+ Documentation: https://meta.wikimedia.org/wiki/Special:MyLanguage/Help:Enhanced_recent_changes
+ and https://www.mediawiki.org/wiki/Special:MyLanguage/Manual:$wgDefaultUserOptions.
+* (T69341) SVG images will no longer be base64-encoded when being embedded
+ in CSS. This results in slight size increase before gzip compression (due to
+ percent-encoding), but up to 20% decrease after it.
+* Update jStorage to v0.4.12.
+* MediaWiki now natively supports page status indicators: icons (or short text
+ snippets) usually displayed in the top-right corner of the page. They have
+ been in use on Wikipedia for a long time, implemented using templates and CSS
+ absolute positioning.
+ - Basic wikitext syntax: <indicator name="foo">[[File:Foo.svg|20px]]</indicator>
+ - Usage instructions: https://www.mediawiki.org/wiki/Help:Page_status_indicators
+ - Adjusting custom skins to support indicators:
+ https://www.mediawiki.org/wiki/Special:MyLanguage/Manual:Skinning#Page_status_indicators
+* Edit tokens may now be time-limited: passing a maximum age to
+ User::matchEditToken will reject any older tokens.
+* The debug logging internals have been overhauled, and are now using the
+ PSR-3 interfaces.
+* Update CSSJanus to v1.1.1.
+* Update lessphp to v0.5.0.
+* Added a hook, "ApiOpenSearchSuggest", to allow extensions to provide extracts
+ and images for ApiOpenSearch output. The semantics are identical to the
+ "OpenSearchXml" hook provided by the OpenSearchXml extension.
+* PrefixSearchBackend hook now has an $offset parameter. Combined with $limit,
+ this allows for pagination of prefix results. Extensions using this hook
+ should implement supporting behavior. Not doing so can result in undefined
+ behavior from API clients trying to continue through prefix results.
+* Update jQuery from v1.11.1 to v1.11.3.
+* External libraries installed via composer will now be displayed
+ on Special:Version in their own section. Extensions or skins that are
+ installed via composer will not be shown in this section as it is assumed
+ they will add the proper credits to the skins or extensions section. They
+ can also be accessed through the API via the new siprop=libraries to
+ ApiQuerySiteInfo.
+* Update QUnit from v1.14.0 to v1.16.0.
+* Update Moment.js from v2.8.3 to v2.8.4.
+* Special:Tags now allows for manipulating the list of user-modifiable change
+ tags.
+* Added 'managetags' user right and 'ChangeTagCanCreate', 'ChangeTagCanDelete',
+ and 'ChangeTagCanCreate' hooks to allow for managing user-modifiable change
+ tags.
+* Added 'ChangeTagsListActive' hook, to separate the concepts of "defined" and
+ "active" formerly conflated by the 'ListDefinedTags' hook.
+* Added TemplateParser class that provides a server-side interface to cachable
+ dynamically-compiled Mustache templates (currently uses lightncandy library).
+* Clickable anchors for each section heading in the content are now generated
+ and appear in the gutter on hovering over the heading.
+* Added 'CategoryViewer::doCategoryQuery' and 'CategoryViewer::generateLink' hooks
+ to allow extensions to override how links to pages are rendered within NS_CATEGORY
+* (T19665) Special:WantedPages only lists page which having at least one red link
+ pointing to it.
+* New hooks 'ApiMain::moduleManager' and 'ApiQuery::moduleManager', can be
+ used for conditional registration of API modules.
+* New hook 'EnhancedChangesList::getLogText' to alter, remove or add to the
+ links of a group of changes in EnhancedChangesList.
+* A full interface for StatsD metric reporting has been added to the context
+ interface, reachable via IContextSource::getStats().
+* Move the jQuery Client library from being mastered in MediaWiki as v0.1.0 to a
+ proper, published library, which is now tagged as v1.0.0.
+* A new message (defaulting to blank), 'editnotice-notext', can be shown to users
+ when they are editing if no edit notices apply to the page being edited.
+* (T94536) You can now make the sitenotice appear to logged-in users only by
+ editing MediaWiki:Anonnotice and replacing its content with "". Setting it to
+ "-" (default) will continue disable it and fallback to MediaWiki:Sitenotice.
+* Modifying the tagging of a revision or log entry is now available via
+ Special:EditTags, generally accessed via the revision-deletion-like interface
+ on history pages and Special:Log is likely to be more useful.
+* Added 'applychangetags' and 'changetags' user rights.
+* (T35235) LogFormatter subclasses are now responsible for formatting the
+ parameters for API log event output. Extensions should implement the new
+ getParametersForApi() method in their log formatters.
+
+==== External libraries ====
+* MediaWiki now requires certain external libraries to be installed. In the past
+ these were bundled inside the Git repository of MediaWiki core, but now they
+ need to be installed separately. For users using the tarball, this will be taken
+ care of and no action will be required. Users using Git will either need to use
+ composer to fetch dependencies or use the mediawiki/vendor repository which includes
+ all dependencies for MediaWiki core and ones used in Wikimedia deployment. Detailed
+ instructions can be found at:
+ https://www.mediawiki.org/wiki/Download_from_Git#Fetch_external_libraries
+* The following libraries are now required:
+** psr/log
+ This library provides the interfaces set by the PSR-3 standard (http://www.php-fig.org/psr/psr-3/)
+ which are used by MediaWiki internally via the
+ MediaWiki\Logger\LoggerFactory class.
+ See the structured logging RfC (https://www.mediawiki.org/wiki/Special:MyLanguage/Requests_for_comment/Structured_logging)
+ for more background information.
+** cssjanus/cssjanus
+ This library was formerly bundled with MediaWiki core and has been removed.
+ It automatically flips CSS for RTL support.
+** leafo/lessphp
+ This library was formerly bundled with MediaWiki core and has been removed.
+ It compiles LESS files into CSS.
+** wikimedia/cdb
+ This library was formerly a part of MediaWiki core, and has been moved into a separate library.
+ It provides CDB functions which are used in the Interwiki and Localization caches.
+ More information about the library can be found at https://www.mediawiki.org/wiki/Special:MyLanguage/CDB.
+** liuggio/statsd-php-client
+ This library provides a StatsD client API for logging application metrics to a remote server.
+
+=== Bug fixes in 1.25 ===
+* (T73003) No additional code will be generated to try to load CSS-embedded
+ SVG images in Internet Explorer 6 and 7, as they don't support them anyway.
+* (T69021) On Special:BookSources, corrected validation of ISBNs (both
+ 10- and 13-digit forms) containing "X".
+* Page moving was refactored into a MovePage class. As part of that:
+** The AbortMove hook was removed.
+** MovePageIsValidMove is for extensions to specify whether a page
+ cannot be moved for technical reasons, and should not be overridden.
+** MovePageCheckPermissions is for checking whether the given user is
+ allowed to make the move.
+** Title::moveNoAuth() was deprecated. Use the MovePage class instead.
+** Title::moveTo() was deprecated. Use the MovePage class instead.
+** Title::isValidMoveOperation() broken down into MovePage::isValidMove()
+ and MovePage::checkPermissions().
+* (T18530) Multiple autocomments are now formatted in an edit summary.
+* (T70361) Autocomments containing "/*" are parsed correctly.
+* The Special:WhatLinksHere page linked from 'Number of redirects to this page'
+ on action=info about a file page does not list file links anymore.
+* (T78637) Search bar is not autofocused unless it is empty so that proper scrolling using arrow keys is possible.
+* (T50853) Database::makeList() modified to handle 'NULL' separately when building IN clause
+* (T85192) Captcha position modified in Usercreate template. As a result:
+** extrafields parameter added to Usercreate.php to insert additional data
+** 'extend' method added to QuickTemplate to append additional values to any field of data array
+* (T86974) Several Title methods now load from the database when necessary
+ (instead of returning incorrect results) even when the page ID is known.
+* (T74070) Duplicate search for archived files on file upload now omits the extension.
+ This requires the fa_sha1 field being populated.
+* Removed rel="archives" from the "View history" link, as it did not pass
+ HTML validation.
+* $wgUseTidy is now set when parserTests are run with the tidy option to match
+ output on wiki.
+* (T37472) update.php will purge ResourceLoader cache unless --nopurge is passed to it.
+* (T72109) mediawiki.language should respect $wgTranslateNumerals in convertNumber().
+
+=== Action API changes in 1.25 ===
+* (T67403) XML tag highlighting is now only performed for formats
+ "xmlfm" and "wddxfm".
+* action=paraminfo supports generalized submodules (modules=query+value),
+ querymodules and formatmodules are deprecated
+* action=paraminfo no longer outputs descriptions and other help text by
+ default. If needed, it may be requested using the new 'helpformat' parameter.
+* action=help has been completely rewritten, and outputs help in HTML
+ rather than plain text.
+* Hitting api.php without specifying an action now displays only the help for
+ the main module, with links to submodule help.
+* API help is no longer displayed on errors.
+* 'uselang' is now a recognized API parameter; "uselang=user" may be used to
+ explicitly select the language from the current user's preferences, and
+ "uselang=content" may be used to select the wiki's content language.
+* Default output format for the API is now jsonfm.
+* Simplified continuation will return a "batchcomplete" property in the result
+ when a batch of pages is complete.
+* Pretty-printed HTML output now has nicer formatting and (if available)
+ better syntax highlighting.
+* Deprecated list=deletedrevs in favor of newly-added prop=deletedrevisions and
+ list=alldeletedrevisions.
+* prop=revisions will gracefully continue when given too many revids or titles,
+ rather than just ignoring the extras.
+* prop=revisions will no longer die if rvcontentformat doesn't match a
+ revision's content model; it will instead warn and omit the content.
+* If the user has the 'deletedhistory' right, action=query's revids parameter
+ will now recognize deleted revids.
+* prop=revisions may be used as a generator, generating revids.
+* (T68776) format=json results will no longer be corrupted when
+ $wgMangleFlashPolicy is in effect. format=php results will cleanly return an
+ error instead of returning invalid serialized data.
+* Generators may now return data for the generated pages when used with
+ action=query.
+* Query page data for generator=search and generator=prefixsearch will now
+ include an "index" field, which may be used by the client for sorting the
+ search results.
+* ApiOpenSearch now supports XML output.
+* ApiOpenSearch will now output descriptions and URLs as array indexes 2 and 3
+ in JSON format.
+* (T76051) list=tags will now continue correctly.
+* (T76052) list=tags can now indicate whether a tag is defined.
+* (T75522) list=prefixsearch now supports continuation
+* (T78737) action=expandtemplates can now return page properties.
+* (T78690) list=allimages now accepts multiple pipe-separated values
+ for the 'aimime' parameter.
+* prop=info with inprop=protections will now return applicable protection types
+ with the 'restrictiontypes' key.
+* (T85417) When resolving redirects, ApiPageSet will now add the targets of
+ interwiki redirects to the list of interwiki titles.
+* (T85417) When outputting the list of redirect titles, a 'tointerwiki'
+ property (like the existing 'tofragment' property) will be set.
+* Added action=managetags to allow for managing the list of
+ user-modifiable change tags. Actually modifying the tagging of a revision or
+ log entry is not implemented yet.
+* list=tags has additional properties to indicate 'active' status and tag
+ sources.
+* siprop=libraries was added to ApiQuerySiteInfo to list installed external libraries.
+* (T88010) Added action=checktoken, to test a CSRF token's validity.
+* (T88010) Added intestactions to prop=info, to allow querying of
+ Title::userCan() via the API.
+* Default type param for query list=watchlist and list=recentchanges has
+ been changed from all types (e.g. including 'external') to 'edit|new|log'.
+* Added formatversion to format=json. Still "experimental" as further changes
+ to the output formatting might still be made.
+* (T73020) Log event details are now always under a 'params' subkey for
+ list=logevents, and a 'logparams' subkey for list=watchlist and
+ list=recentchanges.
+* Log event details are changing formatting:
+ * block events now report flags as an array rather than as a comma-separated
+ list.
+ * patrol events now report the 'auto' flag as a boolean (absent/empty string
+ for BC formats) rather than as an integer.
+ * rights events now report the old and new group lists as arrays rather than
+ as comma-separated lists.
+ * merge events use new-style formatting.
+ * delete/event and delete/revision events use new-style formatting.
+* The root node and various other nodes will now always be an object in formats
+ such as json that distinguish between arrays and objects.
+ * Except for action=opensearch where the spec requires an array.
+
+=== Action API internal changes in 1.25 ===
+* ApiHelp has been rewritten to support i18n and paginated HTML output.
+ Most existing modules should continue working without changes, but should do
+ the following:
+ * Add an i18n message "apihelp-{$moduleName}-description" to replace getDescription().
+ * Add i18n messages "apihelp-{$moduleName}-param-{$param}" for each parameter
+ to replace getParamDescription(). If necessary, the settings array returned
+ by getParams() can use the new ApiBase::PARAM_HELP_MSG key to override the
+ message.
+ * Implement getExamplesMessages() to replace getExamples().
+* Modules with submodules (like action=query) must have their submodules
+ override ApiBase::getParent() to return the correct parent object.
+* The 'APIGetDescription' and 'APIGetParamDescription' hooks are deprecated,
+ and will have no effect for modules using i18n messages. Use
+ 'APIGetDescriptionMessages' and 'APIGetParamDescriptionMessages' instead.
+* Api formatters will no longer be asked to display the help screen on errors.
+* ApiMain::getCredits() was removed. The credits are available in the
+ 'api-credits' i18n message.
+* ApiFormatBase has been changed to support i18n and syntax highlighting via
+ extensions with the new 'ApiFormatHighlight' hook. Core syntax highlighting
+ has been removed.
+* ApiFormatBase now always buffers. Output is done when
+ ApiFormatBase::closePrinter is called.
+* Much of the logic in ApiQueryRevisions has been split into ApiQueryRevisionsBase.
+* The 'revids' parameter supplied by ApiPageSet will now count deleted
+ revisions as "good" if the user has the 'deletedhistory' right. New methods
+ ApiPageSet::getLiveRevisionIDs() and ApiPageSet::getDeletedRevisionIDs() are
+ provided to access just the live or just the deleted revids.
+* Added ApiPageSet::setGeneratorData() and ApiPageSet::populateGeneratorData()
+ to allow generators to include data in the action=query result.
+* New hooks 'ApiMain::moduleManager' and 'ApiQuery::moduleManager', can be
+ used for conditional registration of API modules.
+* Added ApiBase::lacksSameOriginSecurity() to allow modules to easily check if
+ the current request was sent with the 'callback' parameter (or any future
+ method that breaks the same-origin policy).
+* Profiling methods in ApiBase are deprecated and no longer need to be called.
+* ApiResult was greatly overhauled. See inline documentation for details.
+* ApiResult will automatically convert objects to strings or arrays (depending
+ on whether a __toString() method exists on the object), and will refuse to
+ add unsupported value types.
+ * An informal interface, ApiSerializable, exists to override the default
+ object conversion.
+* ApiResult/ApiFormatBase "raw mode" is deprecated.
+* ApiFormatXml now assumes defaults and so on instead of throwing errors when
+ metadata isn't set.
+* (T35235) LogFormatter subclasses are now responsible for formatting log event
+ parameters for the API.
+* Many modules have changed result data formats. While this shouldn't affect
+ clients not using the experimental formatversion=2, code using
+ ApiResult::getResultData() without the transformations for backwards
+ compatibility may need updating, as will code that wasn't following the old
+ conventions for API boolean output.
+* The following methods have been deprecated and may be removed in a future
+ release:
+ * ApiBase::getDescription
+ * ApiBase::getParamDescription
+ * ApiBase::getExamples
+ * ApiBase::makeHelpMsg
+ * ApiBase::makeHelpArrayToString
+ * ApiBase::makeHelpMsgParameters
+ * ApiBase::getModuleProfileName
+ * ApiBase::profileIn
+ * ApiBase::profileOut
+ * ApiBase::safeProfileOut
+ * ApiBase::getProfileTime
+ * ApiBase::profileDBIn
+ * ApiBase::profileDBOut
+ * ApiBase::getProfileDBTime
+ * ApiBase::getResultData
+ * ApiFormatBase::setUnescapeAmps
+ * ApiFormatBase::getWantsHelp
+ * ApiFormatBase::setHelp
+ * ApiFormatBase::formatHTML
+ * ApiFormatBase::setBufferResult
+ * ApiFormatBase::getDescription
+ * ApiFormatBase::getNeedsRawData
+ * ApiMain::setHelp
+ * ApiMain::reallyMakeHelpMsg
+ * ApiMain::makeHelpMsgHeader
+ * ApiResult::setRawMode
+ * ApiResult::getIsRawMode
+ * ApiResult::getData
+ * ApiResult::setElement
+ * ApiResult::setContent
+ * ApiResult::setIndexedTagName_recursive
+ * ApiResult::setIndexedTagName_internal
+ * ApiResult::setParsedLimit
+ * ApiResult::beginContinuation
+ * ApiResult::setContinueParam
+ * ApiResult::setGeneratorContinueParam
+ * ApiResult::endContinuation
+ * ApiResult::size
+ * ApiResult::convertStatusToArray
+ * ApiQueryImageInfo::getPropertyDescriptions
+ * ApiQueryLogEvents::addLogParams
+* The following classes have been deprecated and may be removed in a future
+ release:
+ * ApiQueryDeletedrevs
+
+=== Languages updated in 1.25 ===
+
+MediaWiki supports over 350 languages. Many localisations are updated
+regularly. Below only new and removed languages are listed, as well as
+changes to languages because of Bugzilla reports.
+
+* Languages added:
+** awa (अवधी / Awadhi), thanks to translator 1AnuraagPandey;
+** bgn (بلوچی رخشانی / Western Balochi), thanks to translators
+ Baloch Afghanistan, Ibrahim khashrowdi and Rachitrali;
+** ses (Koyraboro Senni), thanks to translator Songhay.
+* (T66440) Kazakh (kk) wikis should no longer forcefully reset the user's
+ interface language to kk where unexpected.
+* The Chinese conversion table was substantially updated to fix a lot of
+ bugs and ensure better reading experience for different variants.
+
+=== Other changes in 1.25 ===
+* (T45591) Links to MediaWiki.org translatable help were added to indicators,
+ mostly in special pages. Local custom target titles can be placed in the
+ relevant '(namespace-X|action name|special page name)-helppage' system
+ message. Extensions can use the addHelpLink() function to do the same.
+* The skin autodiscovery mechanism, deprecated in MediaWiki 1.23, has been
+ removed. See https://www.mediawiki.org/wiki/Manual:Skin_autodiscovery for
+ migration guide for creators and users of custom skins that relied on it.
+* Javascript variables 'wgFileCanRotate' and 'wgFileExtensions' now only
+ available on Special:Upload.
+* (T58257) Set site logo from mediawiki.skinning.interface module instead of
+ inline styles in the HTML.
+* Removed ApiQueryUsers::getAutoGroups(). (deprecated since 1.20)
+* Removed XmlDumpWriter::schemaVersion(). (deprecated since 1.20)
+* Removed LogEventsList::getDisplayTitle(). (deprecated since 1.20)
+* Removed Preferences::trySetUserEmail(). (deprecated since 1.20)
+* Removed mw.user.name() and mw.user.anonymous() methods. (deprecated since 1.20)
+* Removed 'ok' and 'err' parameters in the mediawiki.api modules. (deprecated
+ since 1.20)
+* Removed 'async' parameter from the mw.Api#getCategories() method. (deprecated
+ since 1.20)
+* Removed 'jquery.json' module. (deprecated since 1.24)
+ Use the 'json' module and global JSON object instead.
+* Deprecated OutputPage::readOnlyPage() and OutputPage::rateLimited().
+ Also, the former will now throw an MWException if called with one or more
+ arguments.
+* Removed hitcounters and associated code.
+* The "temp" zone of the upload respository is now considered private. If it
+ already exists (such as under the images/ directory), please make sure that
+ the directory is not web readable (e.g. via a .htaccess file).
+* BREAKING CHANGE: In the XML dump format used by Special:Export and
+ dumpBackup.php, the <model> and <format> tags now apprear before the <text>
+ tag, instead of after the <text> and <sha1> tags.
+ The new schema version is 0.10, the new schema URI is:
+ https://www.mediawiki.org/xml/export-0.10.xsd
+* MWFunction::call() and MWFunction::callArray() were removed, having being
+ deprecated in 1.22.
+* Deprecated the getInternalLinkAttributes, getInternalLinkAttributesObj,
+ and getInternalLinkAttributes methods in Linker, and removed
+ getExternalLinkAttributes method, which was deprecated in MediaWiki 1.18.
+* Removed Sites class, which was deprecated in 1.21 and replaced by SiteSQLStore.
+* Added wgRelevantArticleId to the client-side config, for use on special pages.
+* Deprecated the TitleIsCssOrJsPage hook. Superseded by the
+ ContentHandlerDefaultModelFor hook since MediaWiki 1.21.
+* Deprecated the TitleIsWikitextPage hook. Superseded by the
+ ContentHandlerDefaultModelFor hook since MediaWiki 1.21.
+* Changed parsing of variables in schema (.sql) files:
+** The substituted values are no longer parsed. (Formerly, several passes
+ were made for each variable, so depending on the order in which variables
+ were defined, variables might have been found inside encoded values. This
+ is no longer the case.)
+** Variables are no longer string encoded when the /*$var*/ syntax is used.
+ If string encoding is necessary, use the '{$var}' syntax instead.
+** Variable names must only consist of one or more of the characters
+ "A-Za-z0-9_".
+** In source text of the form '{$A}'{$B}' or `{$A}`{$B}`, where variable A
+ does not exist yet variable B does, the latter may not be replaced.
+ However, this difference is unlikely to arise in practice.
+* (T67278) RFC, PMID, and ISBN "magic links" must be surrounded by non-word
+ characters on both sides.
+* The FormatAutocomments hook will now receive $pre and $post as booleans,
+ rather than as strings that must be prepended or appended to $comment.
+* (T30950, T31025) RFC, PMID, and ISBN "magic links" can no longer contain
+ newlines; but they can contain &nbsp; and other non-newline whitespace.
+* The 'mediawiki.action.edit' ResourceLoader module no longer generates the edit
+ toolbar, which has been moved to a separate 'mediawiki.toolbar' module. If you
+ relied on this behavior, update your scripts' dependencies.
+* HTMLForm's 'vform' display style has been separated to a subclass. Therefore:
+ * HTMLForm::isVForm() is now deprecated.
+ * You can no longer do this:
+ $form = new HTMLForm( … );
+ $form->setDisplayFormat( 'vform' ); // throws exception
+ Instead, do this:
+ $form = HTMLForm::factory( 'vform', … );
+* Deprecated Revision methods getRawUser(), getRawUserText() and getRawComment().
+* BREAKING CHANGE: mediawiki.user.generateRandomSessionId:
+ The alphabet of the prior string returned was A-Za-z0-9 and now it is 0-9A-F
+* (T87504) Avoid serving SVG background-images in CSS for Opera 12, which
+ renders them incorrectly when combined with border-radius or background-size.
+* Removed maintenance script dumpSisterSites.php.
+* DatabaseBase class constructors must be called using the array argument style.
+ Ideally, DatabaseBase:factory() should be used instead in most cases.
+* Deprecated ParserOutput::addSecondaryDataUpdate and ParserOutput::getSecondaryDataUpdates.
+ This is a hard deprecation, with getSecondaryDataUpdates returning an empty array and
+ addSecondaryDataUpdate throwing an exception. These functions will be removed in 1.26,
+ since they interfere with caching of ParserOutput objects.
+* Introduced new hook 'SecondaryDataUpdates' that allows extensions to inject custom updates.
+* Introduced new hook 'OpportunisticLinksUpdate' that allows extensions to perform
+ updates when a page is re-rendered.
+* EditPage::attemptSave has been modified not to call handleStatus itself and
+ instead just returns the Status object. Extension calling it should be aware of
+ this.
+* Removed class DBObject. (unused since 1.10)
+* wfDiff() is deprecated.
+* The -m (maximum replication lag) option of refreshLinks.php was removed.
+ It had no effect since MediaWiki 1.18 and should be removed from any cron
+ jobs or similar scripts you may have set up.
+* (T85864) The following messages no longer support raw html: redirectto,
+ thisisdeleted, viewdeleted, editlink, retrievedfrom, version-poweredby-others,
+ retrievedfrom, thisisdeleted, viewsourcelink, lastmodifiedat, laggedslavemode,
+ protect-summary-cascade
+* All BloomCache related code has been removed. This was largely experimental.
+* $wgResourceModuleSkinStyles no longer supports per-module local or remote paths. They
+ can only be set for the entire skin.
+* Removed global function swap(). (deprecated since 1.24)
+* Deprecated the ".php5" file extension entry points and the $wgScriptExtension
+ configuration variable. Refer to the ".php" files instead. If you want
+ ".php5" URLs to continue to work, set up redirects. In Apache, this can be
+ done by enabling mod_rewrite and adding the following rules to your
+ configuration:
+
+ RewriteEngine On
+ RewriteBase /
+ RewriteRule ^(.*)\.php5 $1.php [R=301,L]
+
+* The global importScriptURI and importStylesheetURI functions, as well as the
+ loadedScripts object, from wikibits.js (deprecated since 1.17) now emit
+ warnings through mw.log.warn when accessed.
+
+= MediaWiki 1.24 =
+
+== MediaWiki 1.24.6 ==
+
+This is a maintenance release of the MediaWiki 1.24 branch.
+
+=== Changes since 1.24.5 ===
+* (T121892) Fix fatal error on some Special pages, introduced in 1.24.5.
+
+== MediaWiki 1.24.5 ==
+
+This is a security and maintenance release of the MediaWiki 1.23 branch.
+
+=== Changes since 1.24.4 ===
+* (T117899) SECURITY: $wgArticlePath can no longer be set to relative paths
+ that do not begin with a slash. This enabled trivial XSS attacks.
+ Configuration values such as "http://my.wiki.com/wiki/$1" are fine, as are
+ "/wiki/$1". A value such as "$1" or "wiki/$1" is not and will now throw an
+ error.
+* (T119309) SECURITY: Use hash_compare() for edit token comparison
+* (T118032) SECURITY: Don't allow cURL to interpret POST parameters starting
+ with '@' as file uploads
+* (T115522) SECURITY: Passwords generated by User::randomPassword() can no
+ longer be shorter than $wgMinimalPasswordLength
+* (T97897) SECURITY: Improve IP parsing and trimming. Previous behavior could
+ result in improper blocks being issued
+* (T109724) SECURITY: Special:MyPage, Special:MyTalk, Special:MyContributions
+ and related pages no longer use HTTP redirects and are now redirected by
+ MediaWiki
+* (T103237) $wgUseGzip had no effect when using file cache.
+
+== MediaWiki 1.24.4 ==
+
+This is a security and maintenance release of the MediaWiki 1.24 branch.
+
+=== Changes since 1.24.3 ===
+
+* (T91653) Minimal PSR-3 debug logger to support backports from 1.25+.
+* (T68650) Fix indexing of moved pages with PostgreSQL. Requires running
+ update.php to fix.
+* (T91850) SECURITY: Add throttle check in ApiUpload and SpecialUpload
+* (T91203, T91205) SECURITY: API: Improve validation in chunked uploading
+* (T95589) SECURITY: RevDel: Check all revisions for suppression, not just the
+ first
+* (T108616) SECURITY: Avoid exposure of local path in PNG thumbnails
+
+== MediaWiki 1.24.3 ==
+
+This is a security and maintenance release of the MediaWiki 1.24 branch.
+
+=== Changes since 1.24.2 ===
+
+* (T94116) SECURITY: Compare API watchlist token in constant time
+* (T97391) SECURITY: Escape error message strings in thumb.php
+* (T106893) SECURITY: Don't leak autoblocked IP addresses on
+ Special:DeletedContributions
+* Update jQuery from v1.11.2 to v1.11.3.
+* (T102562) Fix InstantCommons parameters to handle the new HTTPS-only
+ policy of Wikimedia Commons.
+
+== MediaWiki 1.24.2 ==
+
+This is a security and maintenance release of the MediaWiki 1.24 branch.
+
+=== Changes since 1.24.1 ===
+
+* (T85848, T71210) SECURITY: Don't parse XMP blocks that contain XML entities,
+ to prevent various DoS attacks.
+* (T85848) SECURITY: Don't allow directly calling Xml::isWellFormed, to reduce
+ likelihood of DoS.
+* (T88310) SECURITY: Always expand xml entities when checking SVG's.
+* (T73394) SECURITY: Escape > in Html::expandAttributes to prevent XSS.
+* (T85855) SECURITY: Don't execute another user's CSS or JS on preview.
+* (T64685) SECURITY: Allow setting maximal password length to prevent DoS when
+ using PBKDF2.
+* (T85349, T85850, T86711) SECURITY: Multiple issues fixed in SVG filtering to
+ prevent XSS and protect viewer's privacy.
+* Fix case of SpecialAllPages/SpecialAllMessages in SpecialPageFactory to fix
+ loading these special pages when $wgAutoloadAttemptLowercase is false.
+* (bug T70087) Fix Special:ActiveUsers page for installations using
+ PostgreSQL.
+* (bug T76254) Fix deleting of pages with PostgreSQL. Requires a schema change
+ and running update.php to fix.
+
+== MediaWiki 1.24.1 ==
+
+This is a security and maintenance release of the MediaWiki 1.24 branch.
+
+=== Changes since 1.24.0 ===
+
+* (bug T76686) [SECURITY] thumb.php outputs wikitext message as raw HTML, which
+ could lead to xss. Permission to edit MediaWiki namespace is required to
+ exploit this.
+* (bug T77028) [SECURITY] Malicious site can bypass CORS restrictions in
+ $wgCrossSiteAJAXdomains in API calls if it only included an allowed domain as
+ part of its name.
+* (bug T74222) The original patch for T74222 was reverted as unnecessary.
+* Fixed a couple of entries in RELEASE-NOTES-1.24.
+* (bug T76168) OutputPage: Add accessors for some protected properties.
+* (bug T74834) Make 1.24 branch directly installable under PostgreSQL.
+
+== MediaWiki 1.24.0 ==
+
+=== Configuration changes in 1.24 ===
+* MediaWiki will no longer run if register_globals is enabled. It has been
+ deprecated for 5 years now, and was removed in PHP 5.4. For more information
+ about why, see <https://www.mediawiki.org/wiki/register_globals>.
+* MediaWiki now requires PHP's iconv extension. openSUSE users may need to
+ install the php5-iconv package. Users of other systems may need to add
+ extension=iconv.so to php.ini or recompile PHP without --without-iconv.
+* MediaWiki will no longer function if magic quotes are enabled. It has
+ been deprecated for 5 years now, and was removed in PHP 5.4.
+* The server's canonical hostname is available as $wgServerName, which is
+ exposed in both mw.config and ApiQuerySiteInfo.
+* Introduced $wgPagePropsHaveSortkey as a backwards-compatibility switch,
+ for using the old schema of the page_props table, in case the respective
+ schema update was not applied.
+* $wgSearchEverythingOnlyLoggedIn was removed as the 'searcheverything'
+ user option was removed. Use $wgNamespacesToBeSearchedDefault instead or
+ if you used to have $wgDefaultUserOptions['searcheverything'] = 1.
+* $wgMasterWaitTimeout has been deprecated.
+* $wgDBClusterTimeout has been removed.
+* $wgProxyKey has been removed. It is no longer used by MediaWiki core.
+ Ensure $wgSecretKey is set in LocalSettings.php.
+* $wgExtraInterlanguageLinkPrefixes is a new configuration variable that
+ contains an array of interwiki prefixes that should be treated as language
+ prefixes (i.e. turned into interlanguage links when $wgInterwikiMagic is set
+ to true).
+* $wgParserTestRemote has been removed.
+* $wgCountTotalSearchHits has been removed. If you're concerned about efficiency
+ of search, you should use something like CirrusSearch instead of built in
+ search.
+* Users in the 'sysop' group have access to Special:MergeHistory by default.
+* $wgFileStore was removed after having been deprecated in 1.17. Alternative
+ configurations are $wgDeletedDirectory and $wgHashedUploadDirectory.
+* The deprecated $wgUseCommaCount variable has been removed.
+* $wgEnableSorbs and $wgSorbsUrl have been removed.
+* The UserCryptPassword and UserComparePassword hooks are no longer called.
+ Any extensions using them must be updated to use the Password Hashing API.
+* $wgCompiledFiles has been removed.
+* $wgSortSpecialPages was removed, the listing on Special:SpecialPages is
+ now always sorted.
+* $wgSpecialPages may now use callback functions as an alternative to plain class names.
+ This allows more control over constructor parameters.
+* $wgHTCPMulticastAddress, $wgHTCPMulticastRouting and $wgHTCPPort were removed.
+* $wgRC2UDPAddress, $wgRC2UDPInterwikiPrefix, $wgRC2UDPOmitBots, $wgRC2UDPPort
+ and $wgRC2UDPPrefix have been removed.
+* The default password type for MediaWiki has been changed from MD5 to PBKDF2.
+ Password hashes will automatically be updated as users log in. If necessary, the
+ old MD5 hashing can be restored by changing $wgPasswordDefault to 'B'. In addition,
+ there is a maintenance script wrapOldPassword.php that can wrap all passwords in
+ PBKDF2 (or the hashing algorithm of your choice) if you don't want to wait for your
+ users to log in.
+* $wgImportSources can now either be a regular array, or an associative map
+ specifying subprojects on the interwiki map of the target wiki, or a mix of
+ the two. Existing configurations will still work.
+* Users must be able to edit through a page's protection to be able to delete it.
+* The default thumb size ($wgDefaultUserOptions['thumbsize']) is now 300px, up from
+ 180px. If you have altered the number of entries in $wgThumbLimits for your wiki, you
+ may need to adjust your default user settings to compensate for the index change.
+* $wgDeferredUpdateList is now deprecated, you should use DeferredUpdates::addUpdate()
+ instead.
+* $wgCanonicalLanguageLinks has been removed. Per Google recommendations, we
+ will not send a rel=canonical pointing to a variant-neutral page, however
+ we will send rel=alternate.
+* $wgResourceLoaderLESSFunctions has been deprecated and will be removed in the future.
+* $wgGoToEdit has been removed. Use the SpecialSearchNogomatch hook for similar
+ functionality.
+
+=== New features in 1.24 ===
+* Added new hook WatchlistEditorBeforeFormRender, allowing subscribers to
+ manipulate the list of pages and/or preload lots of data at once.
+* Added new argument &$link in hook WatchlistEditorBuildRemoveLine, allowing the
+ link to the title to be changed.
+* Added a new hook, "WhatLinksHereProps", to allow extensions to annotate
+ WhatLinksHere entries.
+* Added a new hook, "ContentGetParserOutput", to customize parser output for
+ a given content object.
+* Deprecated the hook "ShowRawCssJs", use "ContentGetParserOutput" instead.
+* HTMLForm's HTMLTextField now supports the 'url' type.
+* HTMLForm fields may now be dynamically hidden based on the values of other
+ fields in the form.
+* HTMLForm now supports multiple copies of an input field or set of input
+ fields, e.g. the form may request "one or more usernames" without having to
+ have the user enter delimited list of names into a text field.
+* Added a new hook, "SidebarBeforeOutput", to allow to edit the structure of
+ the sidebar just before its display.
+* (bug 49156) Added the mediawiki.cookie ResourceLoader module, which wraps
+ jquery.cookie so that getting/setting a cookie is syntactically and
+ functionally similar to using the WebRequest::getCookie() and
+ WebResponse::setcookie() methods.
+* (bug 44740) jQuery upgraded from 1.8.3 to 1.11.1. A new configuration option,
+ $wgIncludejQueryMigrate, also loads the jQuery Migrate hack to let extensions
+ and gadgets use the long-deprecated functions that were removed in jQuery 1.9.
+ This option is turned off by default, and will be removed in MediaWiki 1.25.
+* (bug 47076) jQuery UI upgraded from 1.8.24 to 1.9.2.
+* Changes to content typography (fonts, etc.). See
+ https://www.mediawiki.org/wiki/Typography_refresh for further information.
+* WikitextContent will now render redirects with the expected "redirect"
+ header, rather than as an ordered list. Code calling Article::viewRedirect
+ can probably be changed to no longer special-case redirects.
+* Header font set to a serif font stack. See
+ https://www.mediawiki.org/wiki/Typography_refresh for further information.
+* (bug 65567) Added a new hook, "BeforeHttpsRedirect", to allow cancellation of
+ the HTTP to HTTPS redirect due to forceHTTPS cookie, userRequires, etc. This
+ is only for page views, since this hook doesn't affect UserLogin, OAuth,
+ CentralAuth, etc. ATTENTION: This hook is likely to be removed soon due to
+ overall design of the system.
+* (bug 17367) It is now possible to add pages to your watchlist from
+ Special:UnwatchedPages without reloading the special page.
+* New methods setVolatile and isVolatile are added to PPFrame, so that
+ extensions such as Cite.php can mark that their output is volatile and
+ shouldn't be cached.
+* (bug 52817) Advanced search options are now saved on the search page itself,
+ rather than in a dedicated pane in the preferences panel.
+* (bug 44591) The dropdown actions menu (little triangle next to page tabs) in
+ the Vector skin has gained a label that should make it more discoverable.
+* MWCryptHKDF added for fast, cryptographically secure random number generation
+ that won't deplete openssl's entropy pool.
+* ResourceLoader: File modules can now provide a skip function that uses an
+ inline feature test to bypass loading of the module.
+* (bug 20210) Special pages may now provide autocompletion of their subpage
+ names in search suggestions. Right now the only useful implementation is in
+ Special:Log, but more are to come.
+* Special:MostLinkedTemplates is no longer limited to transclusions from the
+ Template namespace.
+* Skins can now use 'remoteSkinPath' when defining ResourceLoader modules.
+ This works the same as 'remoteExtPath' but is relative to the skins/ folder
+ instead of the extensions/ folder.
+* Added the json2.js polyfill for the ES5 JSON.stringify and JSON.parse methods.
+ Exposed as module "json" with a skip function to optimise loading.
+* Extensions and skins may now use 'namemsg' in $wgExtensionCredits in addition
+ to 'name', to allow for the name to be localizable. 'name' should still be
+ specified for backwards-compatibility and to define the path Special:Version
+ uses to find extension license information.
+* Browser tests are now included to verify basic wiki functionality in developer
+ environments. For details on running tests, see tests/browser/README.mediawiki.
+* Upgrade jStorage to v0.4.10.
+* {{!}} is now a magic word that produces the | character. This removes the need
+ for Template:! for purposes such as passing pipes inside of parameters.
+* (bug 20790) The block log snippet on Special:Contributions and while
+ editing user and user talk pages now works for IP range blocks.
+* (bug 9360) Added ability to change the page language for MediaWiki pages using
+ Special:PageLanguage. All pages are set to wiki language by default.
+ The feature needs to be enabled with $wgPageLanguageUseDB=true and
+ permission needs to be set for 'pagelang'.
+* Upgrade Moment.js to v2.8.3.
+* (bug 67042) Added support for the HTML5 <rtc> tag for East Asian typography.
+* Upgrade Sinon.JS to 1.10.3.
+* Added the es5-shim polyfill for older or non-compliant javascript engines.
+* Upgrade jQuery Cookie to v1.3.1.
+* (bug 20476) Add a "viewsuppressed" user right to be able to view
+ suppressed content but not suppress it ("suppressrevision" right).
+* (bug 66440) The MediaWiki web installer will now allow you to choose the skins
+ to enable (from the ones included in download tarball) and decide which one
+ should be the default.
+* (bug 68085, 68802) Links like [[localInterwikiPrefix:languageCode:pageTitle]],
+ where localInterwikiPrefix is a member of the $wgLocalInterwikis array, will
+ no longer be displayed in the sidebar when $wgInterwikiMagic is true. In a
+ similar way, links like [[localInterwikiPrefix:File:Image.png]] and
+ [[localInterwikiPrefix:Category:Hello]] will now render as regular links, and
+ will not include the file or add the page to the category.
+* New special page, MyLanguage, to redirect users to subpages with localised
+ versions of a page. (Integrated from Extension:Translate)
+* MediaWiki now supports multiple password types, including bcrypt and PBKDF2.
+ The default type can be changed with $wgPasswordDefault and the type
+ configurations can be changed with $wgPasswordConfig.
+* Skins can now define custom styles for default ResourceLoader modules using
+ the $wgResourceModuleSkinStyles global. See the Vector skin for examples.
+* (bug 4488) There is now a preference to watch pages where the user has
+ rollbacked an edit by default.
+* (bug 15484) Users will now be redirected to the login page when they need to
+ log in, rather than being shown a page asking them to log in and having to click
+ another link to actually get to the login page.
+* A JsonContent and JsonContentHandler were added for extensions to extend.
+* (bug 35045) Redirects to sections will now update the URL in browser's address
+ bar using the HTML5 History API. When [[Dog]] redirects to [[Animals#Dog]],
+ the user will now see "Animals#Dog" in their browser instead of "Dog#Dog".
+* API token handling has been rewritten. Any API module using tokens will need
+ to be updated. See the entry below under "Action API internal changes".
+* Added HTMLAutoCompleteSelectField.
+* Added a new hook, "SkinPreloadExistence", to allow extensions to add titles to
+ link existence cache before the page is rendered.
+* Config::set() was moved to its own interface, MutableConfig. GlobalVarConfig::set()
+ is now deprecated, does not implement MutableConfig.
+* A MutableConfig named HashConfig was added, that stores an array of configuration
+ settings.
+* (bug 69418) A MultiConfig implementation was added that supports fallback
+ to multiple Config instances.
+* Update CSSJanus to v1.1.0.
+* Added FormatJson::parse() returning status with result or localized error message
+* Added DeletedContribsPager::reallyDoQuery hook allowing extensions to data to
+ Special:DeletedContributions
+* Added DeletedContributionsLineEnding hook allowing extensions to format
+ Special:DeletedContributions lines
+* (T69525) You can now make MediaWiki speed up its thumbnail rendering by using
+ intermediary thumbnails. $wgThumbnailBuckets must be set to a list of target
+ thumbnail widths; when a new thumbnail needs to be rendered, MediaWiki will
+ find the smallest bucket smaller than the original but larger than the target
+ width + $wgThumbnailMinimumBucketDistance, and it will scale that thumbnail,
+ rather than the original, down to the target size at greater speed in return
+ for minor loss of fidelity.
+
+=== Bug fixes in 1.24 ===
+* (bug 50572) MediaWiki:Blockip should support gender
+* (bug 49116) Footer copyright notice is now always displayed in user language
+ rather than content language (same as copyright notice for editing interface).
+* (bug 62258) A bug was fixed in File::getUnscaledThumb when a height
+ restriction was present in the parameters. Images with both the "frame"
+ option and a size specification set will now always ignore the provided
+ size and display an unscaled image, as the documentation has always
+ claimed it would.
+* (bug 39035) Improved Vector skin performance by removing collapsibleNav,
+ which used to collapse some sidebar elements by default.
+ This removes -list id suffixes like p-lang-list: instead of using things like
+ #p-lang-list, you can do #p-lang .body ul.
+* (bug 890) Links in Special:RecentChanges and Special:Watchlist no longer
+ follow redirects to their target pages.
+* Parser now dies early if called recursively, instead of producing subtle bugs.
+* (bug 14323) Redirect pages, when viewed with redirect=no, no longer hide the
+ remaining page content.
+* (bug 52587) Maintenance script deleteBatch.php no longer follows redirects
+ in the file namespace and delete the file on the target page. It will still
+ however delete the redirect page.
+* (bug 22683) {{msgnw:}} and other uses of PPFrame::RECOVER_ORIG will correctly
+ recover the original code of extension tags.
+* (bug 65757) MSSQL: Update script drops unnamed constraints to be prepared
+ for future updates. Because it's doing so heuristically, it may fail or drop
+ wrong constraints.
+* (bug 67870) wfShellExec() cuts off stdout at multiples of 8192 bytes.
+* $wgRunJobsAsync now works with private wikis (e.g. read requires login).
+* (bugs 57238, 65206) Blank pages can now be directly created.
+* (bug 69789) Title::getContentModel() now loads from the database when
+ necessary instead of incorrectly returning the default content model.
+* (bug 69249) wfBaseConvert() now works around PHP Bug #50175 when using GMP.
+* (bug 57909) URLs in the externallinks table will no longer have certain
+ characters decoded in the query string.
+* (bug 67368) LESS mixins like .background-image() correctly flip image
+ references for RTL stylesheets now.
+
+=== Action API changes in 1.24 ===
+* action=parse API now supports prop=modules, which provides the list of
+ ResourceLoader modules that should be used to enhance the parsed content.
+* action=query&meta=siteinfo&siprop=interwikimap returns a new "protorel"
+ field which is true if protocol-relative urls can be used to access
+ a particular interwiki map entry.
+* list=logevents now provides logpage, which is the page ID from the
+ logging table, if ids are requested and the user has the permissions.
+* action=edit now requires that appendtext, prependtext, or section=new be used
+ when using the 'redirect' parameter, to prevent clients accidentally
+ overwriting the target page with the content of the redirect.
+* list=logevents will now return an error if both letitle and leprefix are
+ specified.
+* list=logevents has a new parameter, lenamespace, to allow filtering by
+ namespace.
+* action=expandtemplates has a new parameter, prop, and a new output format.
+ The old format is still used if prop isn't provided, but this is deprecated.
+* meta=userinfo can now return the count of unread pages on the watchlist.
+* list=watchlist can now filter by unread status.
+* The deprecated action=parse&prop=languageshtml has been removed.
+* (bug 48071) action=setnotificationtimestamp no longer throws PHP or database
+ errors when no pages are given.
+* (bug 60734) Actions that use ApiPageSet (e.g. purge, watch,
+ setnotificationtimestamp) will now include continuation information when
+ using a generator.
+* Removed 'props' and 'errors' from action=paraminfo, as they have extremely
+ limited use and are generally inaccurate, unmaintained, and impossible to
+ properly maintain.
+* Formats dbg, dump, txt, wddx, and yaml are now deprecated.
+* action=paraminfo now indicates when a parameter is specifying a submodule.
+* The iwurl parameter to prop=iwlinks is deprecated in favor of iwprop=url, for
+ parallelism with prop=langlinks.
+* All tokens should be fetched from action=query&meta=tokens; all other methods
+ of fetching tokens are deprecated. The value needed for meta=tokens's 'type'
+ parameter for each module is documented in the action=help output and is
+ returned from action=paraminfo.
+* New action ClearHasMsg that can be used to clear HasMsg flag.
+* The cmstartsortkey and cmendsortkey parameters to list=categorymembers are
+ deprecated in favor of cmstarthexsortkey and cmendhexsortkey.
+* (bug 63326) Add blockedtimestamp field to output of blockinfo property for
+ the list=allusers and list=users modules.
+* prop=imageinfo no longer requires iiurlwidth to be set when using iiurlparam.
+* Added prop=linkshere, prop=fileusage, and prop=transcludedin, which are
+ roughly equivalent to list=backlinks, list=imageusage, and list=embeddedin
+ but can work on a list of titles (including titles from a generator).
+* prop=redirects can now filter returned redirects by namespace.
+
+=== Action API internal changes in 1.24 ===
+* Methods for handling continuation are added to ApiResult, so actions other
+ than query that use generators can easily support continuation.
+* $wgAPIModules (and the related $wgAPIFormatModules, $wgAPIMetaModules,
+ $wgAPIPropModules, and $wgAPIListModules settings) now allow API modules
+ to be specified using a "module spec" array instead of a plain class name.
+ A "module spec" is an associative array containing at least the 'class' key
+ for the module's class, and optionally a 'factory' key for the factory function
+ to use for the module. This is intended for extensions that want control over
+ the instantiation of their API modules, to allow for proper dependency
+ injection.
+* A new param type 'submodule' is available. Parameters of this type will take
+ the list of valid values from the module's ApiModuleManager for the group
+ corresponding to the parameter name.
+* The 'APIGetPossibleErrors' and 'APIGetResultProperties' hooks are no longer used.
+* API token handling has been rewritten. Any API module using tokens will need
+ to be updated:
+ * ApiBase::needsToken now returns a token type instead of boolean true when a
+ token is needed. Returning true will throw an exception. See documentation
+ of that method for details.
+ * Information for the 'token' parameter is automatically set by ApiBase
+ getFinalParams and getFinalParamDescription.
+ * ApiBase::getTokenSalt has been removed.
+ * The hooks APIQueryInfoTokens, APIQueryRevisionsTokens,
+ APIQueryRecentChangesTokens, APIQueryUsersTokens, and
+ ApiTokensGetTokenTypes are deprecated, but are still called to support
+ backwards-compatible token access.
+* ApiBase::validateLimit and ApiBase::validateTimestamp are now protected.
+* ApiQueryRedirects was removed; prop=redirects is now implemented by
+ ApiQueryBacklinksProp along with the newly-added prop modules.
+* The following methods have been deprecated and may be removed in a future
+ release:
+ * ApiBase::getResultProperties
+ * ApiBase::getFinalResultProperties
+ * ApiBase::addTokenProperties
+ * ApiBase::getRequireOnlyOneParameterErrorMessages
+ * ApiBase::getRequireMaxOneParameterErrorMessages
+ * ApiBase::getRequireAtLeastOneParameterErrorMessages
+ * ApiBase::getTitleOrPageIdErrorMessage
+ * ApiBase::getPossibleErrors
+ * ApiBase::getFinalPossibleErrors
+ * ApiBase::parseErrors
+ * ApiQuery::setGeneratorContinue
+ * ApiQueryBase::checkRowCount
+ * ApiQueryBase::titleToKey
+ * ApiQueryBase::keyToTitle
+ * ApiQueryBase::keyPartToTitle
+ * ApiQueryInfo::getTokenFunctions
+ * ApiQueryInfo::resetTokenCache
+ * ApiQueryInfo::getEditToken
+ * ApiQueryInfo::getDeleteToken
+ * ApiQueryInfo::getProtectToken
+ * ApiQueryInfo::getMoveToken
+ * ApiQueryInfo::getBlockToken
+ * ApiQueryInfo::getUnblockToken
+ * ApiQueryInfo::getEmailToken
+ * ApiQueryInfo::getImportToken
+ * ApiQueryInfo::getWatchToken
+ * ApiQueryInfo::getOptionsToken
+ * ApiQueryRecentChanges::getTokenFunctions
+ * ApiQueryRecentChanges::getPatrolToken
+ * ApiQueryRevisions::getTokenFunctions
+ * ApiQueryRevisions::getRollbackToken
+ * ApiQueryUsers::getTokenFunctions
+ * ApiQueryUsers::getUserrightsToken
+* The following classes have been deprecated and may be removed in a future
+ release:
+ * ApiFormatDbg
+ * ApiFormatDump
+ * ApiFormatTxt
+ * ApiFormatWddx
+ * ApiFormatYaml
+ * ApiTokens
+* The following class constants have been deprecated and may be removed in a
+ future release:
+ * ApiBase::PROP_ROOT
+ * ApiBase::PROP_LIST
+ * ApiBase::PROP_TYPE
+ * ApiBase::PROP_NULLABLE
+
+=== Languages updated in 1.24 ===
+
+MediaWiki supports over 350 languages. Many localisations are updated
+regularly. Below only new and removed languages are listed, as well as
+changes to languages because of Bugzilla reports.
+
+=== Other changes in 1.24 ===
+* The deprecated jquery.delayedBind ResourceLoader module was removed.
+* The deprecated function mw.util.toggleToc was removed.
+* The Special:Search hooks SpecialSearchGo and SpecialSearchResultsAppend
+ were removed as they were unused.
+* (bug 65477) User::pingLimiter() now has an additional profile point varying
+ by action being used.
+* mediawiki.util.$content no longer supports old versions of the Vector,
+ Monobook, Modern and CologneBlue skins that don't yet implement the "mw-body"
+ and/or "mw-body-primary" class name in their html.
+* Added pp_sortkey column to page_props table, so pages can be efficiently
+ queried and sorted by property value (bug 58032).
+ See $wgPagePropsHaveSortkey if you want to postpone the schema change.
+* BREAKING CHANGE: All four built-in MediaWiki skins (Vector, MonoBook, Modern
+ and Cologne Blue) were moved out of MediaWiki core to their own respective
+ repositories. They will be installed with the release tarball, but you must
+ install them separately if installing MediaWiki from source code. A warning
+ message displayed until you do it should guide you through the process. See
+ also <https://www.mediawiki.org/wiki/Manual:Skin_configuration>.
+* BREAKING CHANGE: Skins built for MediaWiki 1.15 and earlier that do not use
+ the "headelement" template key are no longer supported. Setting
+ $useHeadElement = false; is no longer supported and will not cause old keys
+ like "headlinks", "skinnameclass", etc. to be defined.
+* BREAKING CHANGE: The files commonElements.css, commonContent.css and
+ commonInterface.css (in skins/common/) have been removed. Skins may no longer
+ rely on their presence and include them in their style modules. ResourceLoader
+ modules introduced in MediaWiki 1.23 should be loaded instead:
+ - skins/common/commonElements.css → 'mediawiki.skinning.elements' module
+ - skins/common/commonContent.css → 'mediawiki.skinning.content' module
+ - skins/common/commonInterface.css → 'mediawiki.skinning.interface' module
+* The deprecated 'SpecialVersionExtensionTypes' hook was removed.
+* (bug 63891) Add 'X-Robots-Tag: noindex' header in action=render pages.
+* SpecialPage no longer supports the syntax for invoking wfSpecial*() functions.
+ Special pages should subclass SpecialPage and implement the execute() method.
+* (bug 63755) The deprecated constants RC_MOVE and RC_MOVE_OVER_REDIRECT were
+ removed.
+* Special:MostLinkedTemplates has been renamed to Special:MostTranscludedPages.
+* The skin autodiscovery mechanism has been deprecated and will be removed in
+ MediaWiki 1.25. See https://www.mediawiki.org/wiki/Manual:Skin_autodiscovery
+ for migration guide for creators and users of custom skins that relied on it.
+* ResourceLoaderFileModule#getAllStyleFiles now returns all style files and all
+ skin style files used by the module.
+* Removed getLang() from IContextSource and subclasses. (deprecated since 1.19)
+* Removed setLang() from subclasses of IContextSource. (deprecated since 1.19)
+* Removed WebRequest::escapeAppendQuery(). (deprecated since 1.20)
+* Removed info(), purge(), revert() and rollback() from the Article class; they
+ have since become subclasses of the Action class. (deprecated since 1.19)
+* SearchEngineReplacePrefixesComplete hook was removed.
+* The "jquery.json" module has been deprecated. Use the "json" module instead.
+* Removed HTMLForm::addJS(). (deprecated since 1.18)
+* Removed LogEventsList::showHeader(). (deprecated since 1.19)
+* Removed ImageGalleryBase::useSkin(). (deprecated since 1.18)
+* Removed DatabaseMysqlBase::getLagFromProcesslist(). (deprecated since 1.19)
+* Removed LoadBalancer::closeConnecton(). (deprecated since 1.18)
+* Removed ApiBase::createContext(). (deprecated since 1.19)
+* BREAKING CHANGE: The undocumented Special{$this->getName()}BeforeFormDisplay
+ set of hooks has been removed and replaced by a single new hook
+ SpecialPageBeforeFormDisplay.
+* (bug 65781) Removed block warning on included {{Special:Contributions}}
+* Removed Skin::makeGlobalVariablesScript(). (deprecated since 1.19)
+* Removed MWNamespace::isMain(). (deprecated since 1.19)
+* Removed Preferences::loadOldSearchNs(). (deprecated since 1.19)
+* Removed OutputPage::getStatusMessage(). (deprecated since 1.18)
+* Removed OutputPage::isUserJsAllowed(). (deprecated since 1.18)
+* Removed Title::updateTitleProtection(). (deprecated since 1.19)
+* Removed ParserOptions::setSkin(). (deprecated since 1.19)
+* Removed Title::escapeCanonicalURL(). (deprecated since 1.19)
+* Removed Title::escapeLocalURL(). (deprecated since 1.19)
+* Removed Title::escapeFullURL(). (deprecated since 1.19)
+* Removed User::isValidEmailAddr(). (deprecated since 1.18)
+* Removed Title::getEscapedText(). (deprecated since 1.19)
+* Removed Language::getFallbackLanguageCode(). (deprecated since 1.19)
+* Removed WikiPage::isBigDeletion(). (deprecated since 1.19)
+* Removed MWInit class which contained functions related to a now discontinued
+ PHP compiler called hphpc. (deprecated since 1.22)
+* ApiResult::enableSizeCheck() and disableSizeCheck() are now obsolete.
+* Removed ResourceLoaderGetStartupModules hook. (deprecated since 1.23)
+* Removed getFormFields(), onSubmit() and onSuccess() from FormlessAction, as
+ these were meant specifically for FormAction instead.
+* Removed Action::execute().
+* Removed AjaxAddScript which has been obsolete since ResourceLoader and
+ is unused by any modern extension.
+* Removed maintenance/nextJobDB.php; no longer in use.
+* Removed global function wfViewPrevNext(). (deprecated since 1.19)
+* Removed global function xmlsafe() from Export.php. (moved to OAIRepo extension)
+* Removed Title::userCanRead(). (deprecated since 1.19)
+* Removed maintenance script importTextFile.php. Use edit.php script instead.
+* A _from_namespace field has been added to the templatelinks, pagelinks,
+ and filelinks tables. Run update.php to apply this change to the schema.
+* Removed File::sha1Base36(). (deprecated since 1.19)
+* Removed File::getPropsFromPath(). (deprecated since 1.19)
+* Removed functions blockedPage(), noCreatePermission(), readOnlyPage() and
+ userNotLoggedInPage() from EditPage.php. (deprecated since 1.19)
+* Removed functions getContent(), getPreloadedText(), mergeChangesInto() and
+ setPreloadedText() from EditPage.php. (deprecated since 1.21)
+* Removed global functions wfArrayLookup(), wfArrayMerge(), wfDebugDieBacktrace()
+ and wfTime(). (deprecated since 1.22)
+* Browser support for Internet Explorer 6 and 7 lowered from Grade A to Grade C,
+ meaning that JavaScript is no longer executed in these browser versions.
+* Browser support for Opera 11 lowered from Grade A to Grade C.
+* Removed IEFixes module which existed purely to provide support for MSIE versions
+ below 7 (conditionally loaded only for those browsers).
+* Deprecated SpecialPageFactory::getList() in favor of
+ SpecialPageFactory::getNames()
+* Action::checkCanExecute() no longer has a return value.
+* Removed cleanupForIRC(), loadFromCurRow(), newFromCurRow(), notifyRC2UDP()
+ and sendToUDP() from RecentChange.php. (deprecated since 1.22)
+* Removed EnhancedChangesList::arrow(), sideArrow(), downArrow(), spacerArrow().
+* Removed Xml::namespaceSelector(). (deprecated since 1.19)
+* Removed WikiPage::estimateRevisionCount(). (deprecated since 1.19)
+* MYSQL: Enum item added to "major MIME type" columns.
+ Running update.php on MySQL < v5.1 may result in heavy processing.
+* RSS and Atom feeds generated by MediaWiki no longer include a fallback
+ stylesheet. It was ignored by most browsers these days anyway.
+* SpecialSearchNoResults hook has been removed. SpecialSearchResults is now
+ called unconditionally.
+* TablePager::getBody() is now 'final' and can't be overridden in subclasses.
+* TablePager::getBody() is deprecated, use getBodyOutput() or getFullOutput().
+* Added $outputPage parameter to the SkinTemplateGetLanguageLink hook.
+* log_page for move log entries store the original page ID, rather than that
+ of the new redirect page. This is not retroactive.
+* LCStoreAccel was removed. $wgLocalisationCacheConf can no longer be set to
+ use this store class.
+* Html::infoBox() no longer accepts paths relative to skins/common/images/.
+* Deprecated defunct Skin::getCommonStylePath().
+* Some extensions had their ResourceLoader modules depend on the "mediawiki"
+ and "jquery" modules. In the past, this behavior was undefined, now it will
+ throw an error.
+* Removed BagOStuff::replace(). (deprecated since 1.23)
+* In Linker.php, link(), linkText() and makeBrokenImageLinkObj() now display
+ warnings if their first parameter is not a Title object. Also makeImageLink()
+ now requires a Parser as its first parameter.
+* (bug 67368) LESS functions embed() and embeddable(), added in MediaWiki 1.23
+ and broken by design, have been removed. Use appropriate LESS mixins instead.
+* Removed cssjanus.py from maintenance directory as it was unused.
+* Removed maintenance/purgeOldText.inc and the PurgeRedundantText() function
+ it contained (superseded by Maintenance::purgeRedundantText() in 1.16).
+ The purgeOldText.php maintenance script has been retained.
+* PHPUnit tests can be found by directory discovery, by adding the directory
+ path from your UnitTestsList callback. Older versions of MediaWiki core will
+ barf at this usage.
+
+==== Renamed classes ====
+* CLDRPluralRuleConverter_Expression to CLDRPluralRuleConverterExpression
+* CLDRPluralRuleConverter_Fragment to CLDRPluralRuleConverterFragment
+* CLDRPluralRuleConverter_Operator to CLDRPluralRuleConverterOperator
+* CLDRPluralRuleEvaluator_Range to CLDRPluralRuleEvaluatorRange
+* CSSJanus_Tokenizer to CSSJanusTokenizer
+* MediaWiki_I18N to MediaWikiI18N
+* Parser_DiffTest to ParserDiffTest
+* RevDel_ArchiveItem to RevDelArchiveItem
+* RevDel_ArchiveList to RevDelArchiveList
+* RevDel_ArchivedFileItem to RevDelArchivedFileItem
+* RevDel_ArchivedFileList to RevDelArchivedFileList
+* RevDel_ArchivedRevisionItem to RevDelArchivedRevisionItem
+* RevDel_FileItem to RevDelFileItem
+* RevDel_FileList to RevDelFileList
+* RevDel_Item to RevDelItem
+* RevDel_List to RevDelList
+* RevDel_LogItem to RevDelLogItem
+* RevDel_LogList to RevDelLogList
+* RevDel_RevisionItem to RevDelRevisionItem
+* RevDel_RevisionList to RevDelRevisionList
+* WebInstaller_Complete to WebInstallerComplete
+* WebInstaller_Copying to WebInstallerCopying
+* WebInstaller_DBConnect to WebInstallerDBConnect
+* WebInstaller_DBSettings to WebInstallerDBSettings
+* WebInstaller_Document to WebInstallerDocument
+* WebInstaller_ExistingWiki to WebInstallerExistingWiki
+* WebInstaller_Install to WebInstallerInstall
+* WebInstaller_Language to WebInstallerLanguage
+* WebInstaller_Name to WebInstallerName
+* WebInstaller_Options to WebInstallerOptions
+* WebInstaller_Readme to WebInstallerReadme
+* WebInstaller_ReleaseNotes to WebInstallerReleaseNotes
+* WebInstaller_Restart to WebInstallerRestart
+* WebInstaller_Upgrade to WebInstallerUpgrade
+* WebInstaller_UpgradeDoc to WebInstallerUpgradeDoc
+* WebInstaller_Welcome to WebInstallerWelcome
+
+==== Removed classes ====
+* IPBlockForm - Use SpecialBlock directly
+* WatchlistEditor - Use SpecialEditWatchlist directly
+* FormatExif - Use FormatMetadata directly
+* RevertFileAction - Use RevertAction directly
+* HistoryPage - Use HistoryAction directly
+* RawPage - Use RawAction directly
+* StubContLang - Use Language::factory() instead
+* XMLReader2 - Use XMLReader directly
+* ResourceLoaderLESSFunctions - No longer in use, not intended for public usage
+
+==== Removed files ====
+The skins/common/ directory, previously containing some assets intended to be
+used by skins and a number of legacy styles and scripts, has been removed. Its
+contents have been deleted or relocated into the resources/ directory. Full list
+of files that are no longer available follows.
+
+* skins/common/ajax.js
+* skins/common/commonContent.css
+* skins/common/commonElements.css
+* skins/common/commonInterface.css
+* skins/common/commonPrint.css
+* skins/common/config-cc.css
+* skins/common/config.css
+* skins/common/config.js
+* skins/common/feed.css
+* skins/common/IEFixes.js
+* skins/common/oldshared.css
+* skins/common/protect.js
+* skins/common/shared.css
+* skins/common/upload.js
+* skins/common/wikibits.js
+* skins/common/images/add.png
+* skins/common/images/ajax-loader.gif
+* skins/common/images/arrow_disabled_first_25.png
+* skins/common/images/arrow_disabled_last_25.png
+* skins/common/images/arrow_disabled_left_25.png
+* skins/common/images/arrow_disabled_right_25.png
+* skins/common/images/arrow_first_25.png
+* skins/common/images/arrow_last_25.png
+* skins/common/images/arrow_left_25.png
+* skins/common/images/arrow_right_25.png
+* skins/common/images/Arr_.png
+* skins/common/images/Arr_d.png
+* skins/common/images/Arr_l.png
+* skins/common/images/Arr_r.png
+* skins/common/images/Arr_u.png
+* skins/common/images/bullet.gif
+* skins/common/images/button_bold.png
+* skins/common/images/button_extlink.png
+* skins/common/images/button_headline.png
+* skins/common/images/button_hr.png
+* skins/common/images/button_image.png
+* skins/common/images/button_italic.png
+* skins/common/images/button_link.png
+* skins/common/images/button_media.png
+* skins/common/images/button_nowiki.png
+* skins/common/images/button_sig.png
+* skins/common/images/button_template.png
+* skins/common/images/cc-0.png
+* skins/common/images/cc-by-nc-sa.png
+* skins/common/images/cc-by-sa.png
+* skins/common/images/cc-by.png
+* skins/common/images/Checker-16x16.png
+* skins/common/images/closewindow.png
+* skins/common/images/closewindow19x19.png
+* skins/common/images/critical-32.png
+* skins/common/images/diffunderline.gif
+* skins/common/images/download-32.png
+* skins/common/images/feed-icon.png
+* skins/common/images/feed-icon.svg
+* skins/common/images/gnu-fdl.png
+* skins/common/images/help-question-hover.gif
+* skins/common/images/help-question.gif
+* skins/common/images/info-32.png
+* skins/common/images/link_icon.gif
+* skins/common/images/magnify-clip-rtl.png
+* skins/common/images/magnify-clip.png
+* skins/common/images/mediawiki.png
+* skins/common/images/nextredirectltr.png
+* skins/common/images/nextredirectrtl.png
+* skins/common/images/poweredby_mediawiki_88x31.png
+* skins/common/images/public-domain.png
+* skins/common/images/question-small.png
+* skins/common/images/question.svg
+* skins/common/images/redirectltr.png
+* skins/common/images/redirectrtl.png
+* skins/common/images/remove.png
+* skins/common/images/spinner.gif
+* skins/common/images/tick-32.png
+* skins/common/images/tipsy-arrow.gif
+* skins/common/images/tooltip_icon.png
+* skins/common/images/warning-32.png
+* skins/common/images/wiki.png
+* skins/common/images/Zoom_sans.gif
+* skins/common/images/ar/button_bold.png
+* skins/common/images/ar/button_headline.png
+* skins/common/images/ar/button_italic.png
+* skins/common/images/ar/button_link.png
+* skins/common/images/ar/button_nowiki.png
+* skins/common/images/be-tarask/button_bold.png
+* skins/common/images/be-tarask/button_italic.png
+* skins/common/images/be-tarask/button_link.png
+* skins/common/images/cyrl/button_bold.png
+* skins/common/images/cyrl/button_italic.png
+* skins/common/images/cyrl/button_link.png
+* skins/common/images/de/button_bold.png
+* skins/common/images/de/button_italic.png
+* skins/common/images/fa/button_bold.png
+* skins/common/images/fa/button_headline.png
+* skins/common/images/fa/button_italic.png
+* skins/common/images/fa/button_link.png
+* skins/common/images/fa/button_nowiki.png
+* skins/common/images/icons/fileicon-c.png
+* skins/common/images/icons/fileicon-cpp.png
+* skins/common/images/icons/fileicon-deb.png
+* skins/common/images/icons/fileicon-djvu.png
+* skins/common/images/icons/fileicon-djvu.xcf
+* skins/common/images/icons/fileicon-dvi.png
+* skins/common/images/icons/fileicon-exe.png
+* skins/common/images/icons/fileicon-h.png
+* skins/common/images/icons/fileicon-html.png
+* skins/common/images/icons/fileicon-iso.png
+* skins/common/images/icons/fileicon-java.png
+* skins/common/images/icons/fileicon-mid.png
+* skins/common/images/icons/fileicon-mov.png
+* skins/common/images/icons/fileicon-o.png
+* skins/common/images/icons/fileicon-ogg.png
+* skins/common/images/icons/fileicon-ogg.xcf
+* skins/common/images/icons/fileicon-pdf.png
+* skins/common/images/icons/fileicon-ps.png
+* skins/common/images/icons/fileicon-psd.png
+* skins/common/images/icons/fileicon-rm.png
+* skins/common/images/icons/fileicon-rpm.png
+* skins/common/images/icons/fileicon-svg.png
+* skins/common/images/icons/fileicon-tar.png
+* skins/common/images/icons/fileicon-tex.png
+* skins/common/images/icons/fileicon-ttf.png
+* skins/common/images/icons/fileicon-txt.png
+* skins/common/images/icons/fileicon.png
+* skins/common/images/ksh/button_S_italic.png
+
+= MediaWiki 1.23 =
+
+== MediaWiki 1.23.16 ==
+This is a security and maintenance release of the MediaWiki 1.23 branch.
+
+=== Changes since 1.23.15 ===
+* (T68404) CSS3 attr() function with url type is no longer allowed
+ in inline styles.
+* (T156184) $wgRawHtml will no longer apply to internationalization messages.
+* Submitting the lgtoken and lgpassword parameters in the query string to
+ action=login is now deprecated and outputs a warning. They should be submitted
+ in the POST body instead.
+* (T109140) (T122209) SECURITY: Special:UserLogin and Special:Search allow redirect
+ to interwiki links.
+* (T144845) SECURITY: XSS in SearchHighlighter::highlightText() when
+ $wgAdvancedSearchHighlighting is true.
+* (T125177) SECURITY: API parameters may now be marked as "sensitive" to keep
+ their values out of the logs.
+* (T150044) SECURITY: "Mark all pages visited" on the watchlist now requires a CSRF
+ token.
+* (T156184) SECURITY: Escape content model/format url parameter in message.
+* (T151735) SECURITY: SVG filter evasion using default attribute values in DTD
+ declaration.
+* (T48143) SECURITY: Spam blacklist ineffective on encoded URLs inside file inclusion
+ syntax's link parameter.
+* (T108138) SECURITY: Sysops can undelete pages, although the page is protected against
+ it.
+
+== MediaWiki 1.23.15 ==
+
+This is a maintenance release of the MediaWiki 1.23 branch.
+
+=== Changes since 1.23.14 ===
+* BREAKING CHANGE: $wgHTTPProxy is now *required* for all external requests
+ made by MediaWiki via a proxy. Relying on the http_proxy environment
+ variable is no longer supported.
+* (T139565) SECURITY: API: Generate head items in the context of the given title
+* (T137264) SECURITY: XSS in unclosed internal links
+* (T133147) SECURITY: Escape '<' and ']]>' in inline <style> blocks
+* (T133147) SECURITY: Require login to preview user CSS pages
+* (T132926) SECURITY: Do not allow undeleting a revision deleted file if it is
+ the top file
+* (T129738) SECURITY: Make $wgBlockDisablesLogin also restrict logged in
+ permissions
+* (T129738) SECURITY: Make blocks log users out if $wgBlockDisablesLogin is true
+* (T115333) SECURITY: Check read permission when loading page content in ApiParse
+* Remove support for $wgWellFormedXml = false, all output is now well formed
+
+== MediaWiki 1.23.13 ==
+
+This is a maintenance release of the MediaWiki 1.23 branch.
+
+=== Changes since 1.23.12 ===
+* (T121892) Fix fatal errors on some Special pages, introduced in 1.23.12.
+
+== MediaWiki 1.23.12 ==
+
+This is a security and maintenance release of the MediaWiki 1.23 branch.
+
+=== Changes since 1.23.11 ===
+* (T117899) SECURITY: $wgArticlePath can no longer be set to relative paths
+ that do not begin with a slash. This enabled trivial XSS attacks.
+ Configuration values such as "http://my.wiki.com/wiki/$1" are fine, as are
+ "/wiki/$1". A value such as "$1" or "wiki/$1" is not and will now throw an
+ error.
+* (T119309) SECURITY: Use hash_compare() for edit token comparison
+* (T118032) SECURITY: Don't allow cURL to interpret POST parameters starting
+ with '@' as file uploads
+* (T115522) SECURITY: Passwords generated by User::randomPassword() can no
+ longer be shorter than $wgMinimalPasswordLength
+* (T97897) SECURITY: Improve IP parsing and trimming. Previous behavior could
+ result in improper blocks being issued
+* (T109724) SECURITY: Special:MyPage, Special:MyTalk, Special:MyContributions
+ and related pages no longer use HTTP redirects and are now redirected by
+ MediaWiki
+
+== MediaWiki 1.23.11 ==
+
+This is a security and maintenance release of the MediaWiki 1.23 branch.
+
+=== Changes since 1.23.10 ===
+
+* (T91850) SECURITY: Add throttle check in ApiUpload and SpecialUpload
+* (T91203, T91205) SECURITY: API: Improve validation in chunked uploading
+* (T108616) SECURITY: Avoid exposure of local path in PNG thumbnails
+
+== MediaWiki 1.23.10 ==
+
+This is a security and maintenance release of the MediaWiki 1.23 branch.
+
+=== Changes since 1.23.9 ===
+
+* (T94116) SECURITY: Compare API watchlist token in constant time
+* (T97391) SECURITY: Escape error message strings in thumb.php
+* (T106893) SECURITY: Don't leak autoblocked IP addresses on
+ Special:DeletedContributions
+* (bug 67644) Make AutoLoaderTest handle namespaces
+* (T91653) Minimal PSR-3 debug logger to support backports from 1.25+.
+* (T102562) Fix InstantCommons parameters to handle the new HTTPS-only
+ policy of Wikimedia Commons.
+
+== MediaWiki 1.23.9 ==
+
+This is a security and maintenance release of the MediaWiki 1.23 branch.
+
+=== Changes since 1.23.8 ===
+
+* (T85848, T71210) SECURITY: Don't parse XMP blocks that contain XML entities,
+ to prevent various DoS attacks.
+* (T85848) SECURITY: Don't allow directly calling Xml::isWellFormed, to reduce
+ likelihood of DoS.
+* (T88310) SECURITY: Always expand xml entities when checking SVG's.
+* (T73394) SECURITY: Escape > in Html::expandAttributes to prevent XSS.
+* (T85855) SECURITY: Don't execute another user's CSS or JS on preview.
+* (T85349, T85850, T86711) SECURITY: Multiple issues fixed in SVG filtering to
+ prevent XSS and protect viewer's privacy.
+* (bug T68650) Fix indexing of moved pages with PostgreSQL. Requires running
+ update.php to fix.
+* (bug T70087) Fix Special:ActiveUsers page for installations using
+ PostgreSQL.
+
+== MediaWiki 1.23.8 ==
+
+This is a security and maintenance release of the MediaWiki 1.23 branch.
+
+=== Changes since 1.23.7 ===
+
+* (bug T76686) [SECURITY] thumb.php outputs wikitext message as raw HTML, which
+ could lead to xss. Permission to edit MediaWiki namespace is required to
+ exploit this.
+* (bug T77028) [SECURITY] Malicious site can bypass CORS restrictions in
+ $wgCrossSiteAJAXdomains in API calls if it only included an allowed domain as
+ part of its name.
+* (bug T74222) The original patch for T74222 was reverted as unnecessary.
+
+== MediaWiki 1.23.7 ==
+
+This is a security and maintenance release of the MediaWiki 1.23 branch.
+
+=== Changes since 1.23.6 ===
+
+* (bugs 66776, 71478) SECURITY: User PleaseStand reported a way to inject code
+ into API clients that used format=php to process pages that underwent flash
+ policy mangling. This was fixed along with improving how the mangling was done
+ for format=json, and allowing sites to disable the mangling using
+ $wgMangleFlashPolicy.
+* (bug 70901) SECURITY: User Jackmcbarn reported that the ability to update
+ the content model for a page could allow an unprivileged attacker to edit
+ another user's common.js under certain circumstances. The user right
+ "editcontentmodel" was added, and is needed to change a revision's content
+ model.
+* (bug 71111) SECURITY: User PleaseStand reported that on wikis that allow raw
+ HTML, it is not safe to preview wikitext coming from an untrusted source such
+ as a cross-site request. Thus add an edit token to the form, and when raw HTML
+ is allowed, ensure the token is provided before showing the preview. This
+ check is not performed on wikis that both allow raw HTML and anonymous
+ editing, since there are easier ways to exploit that scenario.
+* (bug 72222) SECURITY: Do not show log action when the entry is revdeleted with
+ DELETED_ACTION. NOTICE: this may be reverted in a future release pending a
+ public RFC about the desired functionality. This issue was reported by user
+ Bawolff.
+* (bug 71621) Make allowing site-wide styles on restricted special pages a
+ config option.
+* (bug 42723) Added updated version history from 1.19.2 to 1.22.13
+* $wgMangleFlashPolicy was added to make MediaWiki's mangling of anything that
+ might be a flash policy directive configurable.
+
+== MediaWiki 1.23.6 ==
+
+This is a maintenance release of the MediaWiki 1.23 branch.
+
+=== Changes since 1.23.5 ===
+* (Bug 72274) Job queue not running (HTTP 411) due to missing
+ Content-Length: header
+* (Bug 67440) Allow classes to be registered properly from installer
+
+== MediaWiki 1.23.5 ==
+
+This is a security release of the MediaWiki 1.23 branch.
+
+=== Changes since 1.23.4 ===
+* (bug 70672) SECURITY: OutputPage: Remove separation of css and js module
+ allowance.
+
+== MediaWiki 1.23.4 ==
+
+This is a security and maintenance release of the MediaWiki 1.23 branch.
+
+=== Changes since 1.23.3 ===
+
+* (bug 69008) SECURITY: Enhance CSS filtering in SVG files. Filter <style>
+ elements; normalize style elements and attributes before filtering; add
+ checks for attributes that contain css; add unit tests for html5sec and
+ reported bugs.
+* (bug 65998) Make MySQLi work with non-standard socket.
+* (bug 66986) GlobalVarConfig shouldn't throw exceptions for null-valued config
+ settings.
+
+== MediaWiki 1.23.3 ==
+
+This is a maintenance release of the MediaWiki 1.23 branch.
+
+=== Changes since 1.23.2 ===
+
+* (bug 68501) Correctly handle incorrect namespace in cleanupTitles.php.
+* (bug 64970) Fix support for blobs on DatabaseOracle::update.
+* (bug 66574) Display MediaWiki:Loginprompt on the login page.
+* (bug 67870) wfShellExec() cuts off stdout at multiples of 8192 bytes.
+* (bug 60629) Handle invalid language code gracefully in
+ Language::fetchLanguageNames.
+* (bug 62017) Restore the number of rows shown on Special:Watchlist.
+* Check for boolean false result from database query in SqlBagOStuff.
+
+== MediaWiki 1.23.2 ==
+
+This is a security and maintenance release of the MediaWiki 1.23 branch.
+
+=== Changes since 1.23.1 ===
+
+* (bug 68187) SECURITY: Prepend jsonp callback with comment.
+* (bug 66608) SECURITY: Fix for XSS issue in bug 66608: Generate the URL used
+ for loading a new page in Javascript,instead of relying on the URL in the link
+ that has been clicked.
+* (bug 65778) SECURITY: Copy prevent-clickjacking between OutputPage and
+ ParserOutput.
+* (bug 68313) Preferences: Turn stubthreshold back into a combo box.
+* (bug 65214) Fix initSiteStats.php maintenance script.
+* (bug 67594) Special:ActiveUsers: Fix to work with PostgreSQL.
+
+== MediaWiki 1.23.1 ==
+
+This is a security and maintenance release of the MediaWiki 1.23 branch.
+
+=== Changes since 1.23.0 ===
+
+* (bug 65839) SECURITY: Prevent external resources in SVG files.
+* (bug 67025) Special:Watchlist: Don't try to render empty row.
+* (bug 66922) Don't allow some E_NOTICE messages to end up in the LocalSettings.php.
+* (bug 66467) FileBackend: Avoid using popen() when "parallelize" is disabled.
+* (bug 66428) MimeMagic: Don't seek before BOF. This has weird side effects
+ like only extracting the tail of the file partially or not at all.
+* (bug 66182) Removed -x flag on some php files.
+
+== MediaWiki 1.23.0 ==
+
+=== Configuration changes in 1.23 ===
+* (bug 13250) Restored method for clearing a watchlist in web UI
+ so that users with large watchlists don't have to perform
+ contortions to clear them.
+* When $wgJobRunRate is higher than zero, jobs are now executed via an
+ asynchronous HTTP request to a MediaWiki entry point. This may require
+ increasing the number of server worker threads. $wgRunJobsAsync has been
+ added to disable this feature if needed, falling back to executing the job
+ on the same process but making the execution synchronously.
+* $wgDebugLogGroups values may be set to an associative array with a
+ 'destination' key specifying the log destination. The array may also contain
+ a 'sample' key with a positive integer value N indicating that the log group
+ should be sampled by dispatching one in every N messages on average. The
+ sampling is random.
+* In addition to the current exception log format, MediaWiki now serializes
+ exception metadata to JSON and logs it to the 'exception-json' log group.
+ This makes MediaWiki easier to integrate with log aggregation and analysis
+ tools.
+* $wgSquidServersNoPurge now supports the use of Classless Inter-Domain
+ Routing (CIDR) notation to specify contiguous blocks of IPv4 and/or IPv6
+ addresses that should be trusted to provide X-Forwarded-For headers.
+* Preferences 'watchcreations', 'watchdefault', 'enotifwatchlistpages' ("Add
+ pages I create and files I upload to my watchlist", "Add pages and files I
+ edit to my watchlist", "Email me when a page or file on my watchlist is
+ changed") are now enabled by default. In addition new user accounts' personal
+ and talk pages are now watched by them by default.
+* $wgLBFactoryConf: Class names have had underscores removed. The configuration
+ should be updated if LBFactory_Simple or LBFactory_Multi is configured.
+* $wgPasswordSenderName has been removed and is no longer functional. To set a
+ custom mailer name, the system message 'emailsender' should be modified
+ (default: "{{SITENAME}}").
+* (bug 63269) Email notifications were not correctly handling the
+ [[MediaWiki:Helppage]] message being set to a full URL (the default).
+ If you customized [[MediaWiki:Enotif body]] (the text of email notifications),
+ you'll need to edit it locally to include the URL via the new variable
+ $HELPPAGE instead of the parser functions fullurl and canonicalurl; otherwise
+ you don't have to do anything.
+* $wgDBAhandler was removed as the only class using it was also removed
+* The 'max threads' setting was removed from $wgDBservers.
+* Support for AdminSettings.php has been completely removed. All configuration
+ belongs in LocalSettings.php.
+* $wgSkipSkin, which has been replaceable by $wgSkipSkins since 2005 (r9249), is
+ now formally deprecated.
+* Removed deprecated $wgDisabledActions as it is hardly used anywhere.
+* $wgRateLimitLog has been deprecated and replaced by
+ $wgDebugLogGroup['ratelimit'].
+* $wgLocalInterwikis is an array containing multiple local interwiki prefixes
+ (interwiki prefixes that point back to the current wiki). This effectively
+ allows more than one value of $wgLocalInterwiki to be specified and
+ understood by the parser. The value of $wgLocalInterwiki is automatically
+ prepended to the start of this array.
+* $wgQueryPages has been removed. Query Pages should be added to by using the
+ wgQueryPages hook.
+* $wgHttpOnlyBlacklist has been removed.
+* $wgLicenseTerms has been removed as it was unused.
+* $wgProfileOnly is now deprecated; set the log file in
+ $wgDebugLogGroups['profileoutput'] to replace it.
+* $wgMaxBacklinksInvalidate was removed; use $wgJobBackoffThrottling instead
+* Deprecated ResourceLoaderGetStartupModules hook.
+
+=== New features in 1.23 ===
+* ResourceLoader can utilize the Web Storage API to cache modules client-side.
+ Compared to the browser cache, caching in Web Storage allows ResourceLoader
+ to be more granular about evicting stale modules from the cache while
+ retaining the ability to retrieve multiple modules in a single HTTP request.
+ This capability can be enabled by setting $wgResourceLoaderStorageEnabled to
+ true. This feature is currently considered experimental and should only be
+ enabled with care.
+* (bug 6092) Add expensive parser functions {{REVISIONID:}}, {{REVISIONUSER:}}
+ and {{REVISIONTIMESTAMP:}} (with friends).
+* Add "wgRelevantUserName" to mw.config containing the current
+ Skin::getRelevantUser value.
+* (bug 56033) Add content model to the page information.
+* Added Article::MissingArticleConditions hook to give extensions a chance to
+ hide their (unrelated) log entries.
+* Added LonelyPagesQuery hook to let extensions modify the query used to
+ generate Special:LonelyPages.
+* Added $wgOpenSearchDefaultLimit defining the default number of entries to show
+ on action=opensearch API call.
+* For namespaces with $wgNamespaceProtection (including the MediaWiki
+ namespace), the "protect" tab will be shown only if there are restriction
+ levels available that would restrict editing beyond what
+ $wgNamespaceProtection already applies. The protection form will offer only
+ those protection levels.
+* Added $wgAPIFormatModules, allowing extensions to add additional output
+ formatting modules for the API.
+* (bug 47812) The MediaWiki:Group-user.{css,js} pages can now be used to add
+ custom CSS or JavaScript enabled only for registered users.
+* (bug 52005) Special pages RecentChanges, RecentChangesLinked and Watchlist
+ now include a legend describing the symbols used in lists of changes.
+* Improved the accessibility of the tabs in Special:Preferences.
+* Added ApiBeforeMain hook, roughly equivalent to the BeforeInitialize hook:
+ it's called after everything is set up but before any major processing
+ happens.
+* The jquery.client module now performs a component-wise version comparison in
+ its #test method when strings are used in the browser map: version '1.10' is
+ now correctly considered larger than '1.2'. Using numbers in the version map
+ is not affected.
+* All API modules now support an assert parameter, which can either be
+ 'user' or 'bot'. The API will throw an error if the user is not logged
+ in (user) or does not have the 'bot' userright (bot). Based off of the
+ AssertEdit extension by Steve Sanbeg.
+* [[Special:Diff]] was added, allowing users to create internal links to
+ revision comparison pages using syntax such as [[Special:Diff/12345]],
+ [[Special:Diff/12345/prev]] or [[Special:Diff/12345/98765]].
+* New user accounts' personal and talk pages are now watched by them by default.
+* Added SkinTemplateGetLanguageLink hook to allow changing the html of language
+ links.
+* Added MessageCache::get hook as a new way to customize messages across
+ multiple sites.
+* Added jquery.throttle-debounce ResourceLoader module to limit the number of
+ callbacks for frequently occurring events.
+* Special:ProtectedPages shows now a table. The timestamp, the reason and
+ the protecting user are also shown.
+* Added experimental support for using Microsoft SQL Server as the database
+ backend.
+** Added new Microsoft SQL Server-specific configuration variable
+ $wgDBWindowsAuthentication, which makes the web server authenticate against
+ the database server using Integrated Windows Authentication instead of
+ $wgDBuser/$wgDBpassword.
+* HTMLForm 'select', 'selectandother', 'selectorother', 'multiselect', and
+ 'radio' fields can now use message keys as labels via the 'options-messages'
+ parameter, which overrides the 'options' parameter.
+* Admins can expire users passwords manually, or on a schedule using the
+ $wgPasswordExpirationDays configuration setting.
+* Add new hook SendWatchlistEmailNotification, this will be used to determine
+ whether to send a watchlist email notification.
+* (bug 42026) Special:Contributions now includes an option to filter page
+ creations, similar to the topOnly option.
+* Add mediawiki.ui.button styling to all pages so wiki content can use styled
+ buttons.
+* Special:UserLogin/signup now does AJAX checks for invalid and taken usernames,
+ displaying the error live.
+* Added BaseTemplateAfterPortlet hook to allow injecting html after portlets in skins.
+* Support has been added for a JSON based localisation file format. The
+ installer has been updated to use it.
+* Changes to content typography (colors, line-height etc.). See
+ https://www.mediawiki.org/wiki/Typography_refresh for further information.
+* The Vector skin's visual treatment of external links has been simplified to a
+ single icon (from nine). This should not affect local rules unless they were
+ re-using these icons, which have now been deleted.
+* ResourceLoader: mw.loader.using() now implements a Promise interface.
+* Add new hook ChangesListInitRows accessed via ChangesList::initChangesListRows.
+ If called by the ChangesList consumer this gives extensions a chance to batch
+ process the result set prior to rendering.
+* A PoolCounterRedis class was added which can be make use of in $wgPoolCounterConf.
+ This requires at least one Redis 2.6+ server.
+* $wgProfileToDatabase was removed. Set $wgProfiler to ProfilerSimpleDB
+ in StartProfiler.php instead of using this.
+* (bug 63444) Made it possible to change the indent string (default: 4 spaces)
+ used by FormatJson::encode().
+
+=== Bug fixes in 1.23 ===
+* (bug 41759) The "updated since last visit" markers (on history pages, recent
+ changes and watchlist) and the talk page message indicator are now correctly
+ updated when the user is viewing old revisions of pages, instead of always
+ acting as if the latest revision was being viewed.
+* (bug 56443) Special:ConfirmEmail no longer shows a "Mail a confirmation code"
+ when the email address is already confirmed. Also, consistently use
+ "confirmed", rather than "authenticated", when messaging whether or not the
+ user has confirmed an email address.
+* (bug 19415) action=render no longer shows section edit links. This affects
+ behavior of several other features where (bogus) section edit links will
+ disappear, such as file description pages loaded via $wgUseInstantCommons or
+ pages transcluded cross-wiki via $wgEnableScaryTranscluding.
+* (bug 56912) Show correct link color on cached result of Special:DeadendPages.
+* Classes TitleListDependency and TitleDependency have been removed, as they
+ have been found unused in core and extensions for a long time.
+* (bug 57098) SpecialPasswordReset now obeys returnto parameter
+* (bug 37812) ResourceLoader will notice when a module's definition changes and
+ recompile it accordingly.
+* (bug 57201) SpecialRecentChangesFilters hook is now executed for feeds.
+* (bug 58640) Fixed a compatibility issue with PCRE 8.34 that caused pages
+ to appear blank or with missing text.
+* (bug 56931) Updated the plural rules to CLDR 24. They are in new format
+ which is detailed in UTS 35 Rev 33. The PHP parser and evaluator as well as
+ the JavaScript evaluator were updated to support the new format. Plural rules
+ for some languages have changed, most notably Russian. Affected software
+ messages have been updated and marked for review at translatewiki.net.
+* (bug 23542) imagelinks now stores both the redirect and target (as
+ templatelinks does).
+* (bug 58167) The web installer no longer throws an exception when PHP is
+ compiled without support for MySQL yet with support for another DBMS.
+* (bug 56199) Raw option of parser functions must now match complete word,
+ to take effect.
+* (bug 60543) Special:PrefixIndex forgot stripprefix=1 for "Next page" link
+* (bug 29762) Undoing an already-undone edit will now display an appropriate
+ message instead of leading the user to make a null edit.
+* (bug 52659) mediawiki.notification: Notification area remained visible when
+ empty and thus was stealing pointer events from links on the page.
+* (bug 26811) When a DBUnexpectedError occurs, DB server hostnames are now
+ hidden unless $wgShowExceptionDetails is true, and $wgShowDBErrorBacktrace
+ no longer applies in such cases.
+* (bug 60960) Avoid doing file_exist() checks on data: URIs, as they cause
+ warnings to be printed on Windows due to large path length.
+* (bug 48084) Fixed a bug in the installer that could cause $wgLogo to hold
+ the wrong path to the placeholder logo (skins/common/images/wiki.png).
+* (bug 64289) jquery.textSelection: Don't throw errors on empty collections.
+
+=== Web API changes in 1.23 ===
+* (bug 54884) action=parse&prop=categories now indicates hidden and missing
+ categories.
+* action=query&meta=filerepoinfo now returns additional information for each
+ repo.
+* action=parse&prop=languageshtml was deprecated in 1.18 and will be removed in
+ MediaWiki 1.24.
+* action=parse now has disabletoc flag to disable table of contents in output.
+* (bug 25702) list=allcategories, list=allimages, list=alllinks, list=allpages,
+ list=deletedrevs and list=filearchive did not handle case-sensitivity
+ properly for all parameters.
+* ApiQueryBase::titlePartToKey allows an extra parameter that indicates the
+ namespace in order to properly capitalize the title part.
+* (bug 57874) action=feedcontributions no longer has one item more than limit.
+* All API modules now support an assert parameter. See the new features section
+ for more details.
+* Added prop=contributors to fetch the list of contributors to the page.
+* The following API modules will now return entries where fields have been
+ revision-deleted: list=deletedrevs, list=filearchive, list=recentchanges,
+ list=watchlist. "hidden" indicators will be included, in the same style as is
+ already done for prop=revisions.
+* The following API modules will now return the content of revision-deleted
+ fields, in addition to the "hidden" indicators, if the querying user has the
+ necessary rights: list=logevents, list=usercontribs, prop=imageinfo,
+ prop=revisions.
+* The above modules, where applicable, will now return entries filtered by
+ revision-deleted fields if the querying user has the necessary rights. For
+ example, prop=revisions with rvuser or rvexcludeuser will no longer skip
+ revisions where the user was revision-deleted if the current user has the
+ deletedhistory right.
+* The 'hideuser' right, used when blocking, is no longer necessary or
+ sufficient for seeing contributions with revision-deleted in
+ list=usercontribs.
+* list=watchlist now uses the querying user's rights rather than the wlowner's
+ rights when checking whether wlprop=patrol is allowed.
+* (bug 32151) ApiWatch now has pageset capabilities (titles/pageids/generators).
+ Title parameter is now deprecated.
+* (bug 23005) Added action=revisiondelete.
+* Added siprop=restrictions to API action=query&meta=siteinfo for querying
+ possible page restriction (protection) levels and types.
+* Added prop 'limitreportdata' and 'limitreporthtml' to action=parse.
+* (bug 58627) Provide language names on action=parse&prop=langlinks.
+* Deprecated llurl= in favour of llprop=url for action=query&prop=langlinks.
+* Added llprop=langname and llprop=autonym for action=query&prop=langlinks.
+* prop=redirects is added, to return redirects to the pages in the query.
+* list=allredirects is added, to list all redirects pointing to a namespace.
+* (bug 42026) Added ucshow={new,!new,top,!top} to list=usercontribs.
+ Also added newonly to action=feedcontributions.
+* (bug 42026) Deprecated uctoponly in favor of ucshow=top.
+* list=search no longer has a "srredirects" parameter. Redirects are now
+ included in all searches.
+* Added list=prefixsearch that works like action=opensearch but can be used as
+ a generator.
+* (bug 24782) Various modules will now use unique continuation parameters.
+* (bug 63249) Cache RecentChanges Atom feed in varnish for 15 seconds.
+
+=== Languages updated in 1.23 ===
+
+MediaWiki supports over 350 languages. Many localisations are updated
+regularly. Below only new and removed languages are listed, as well as
+changes to languages because of Bugzilla reports.
+
+* Support was added for Algerian Spoken Arabic (arq).
+* Support was added for Riograndenser Hunsrückisch (hrx).
+* Support was added for Northern Luri (lrc).
+
+=== Other changes in 1.23 ===
+* The rc_type field in the recentchanges table has been superseded by a new
+ rc_source field. The rc_source field is a string representation of the
+ change type where rc_type was a numeric constant. This field is not yet
+ queried but will be in a future release.
+** Utilize update.php to create and populate this new field. On larger wikis
+ which do not wish to update recentchanges table in one large update please
+ review the SQL and comments in maintenance/archives/patch-rc_source.sql.
+** The rc_type field of recentchanges will be deprecated in a future release.
+* The global variable $wgArticle has been removed after a lengthy deprecation.
+* The global functions addButton and insertTags (for mw.toolbar.addButton and
+ mw.toolbar.insertTags) now emits mw.log.warn when accessed.
+* The ExpandTemplates extension has been moved into MediaWiki core.
+* (bug 52812) Removed "Disable search suggestions" from Preference.
+* (bug 52809) Removed "Disable browser page caching" from Preference.
+* Three new modules intended for use by custom skins were added:
+ 'mediawiki.skinning.elements', 'mediawiki.skinning.content', and
+ 'mediawiki.skinning.interface', representing three levels of standard
+ MediaWiki styling. Previously skin creators wishing to use them had to refer
+ to the file names of appropriate files directly, which is now discouraged.
+* The modules 'skins.vector' and 'skins.monobook' have been renamed to
+ 'skins.vector.styles' and 'skins.monobook.styles', respectively,
+ and their definition was changed not to include the common*.css files;
+ the two skins now load the 'mediawiki.skinning.interface' module instead.
+* A page_links_updated field has been added to the page table.
+* SpecialPage::getTitle has been deprecated in favor of
+ SpecialPage::getPageTitle.
+* BREAKING CHANGE: Two potentially backwards-incompatible changes have been made
+ to the 'SpecialWatchlistQuery' hook's last parameter (array $values) to make
+ the hook more consistent with the 'SpecialRecentChangesQuery' one:
+** Several array keys have been renamed: hideMinor → hideminor,
+ hideBots → hidebots, hideAnons → hideanons, hideLiu → hideliu,
+ hidePatrolled → hidepatrolled, hideOwn → hidemyself.
+** The parameter value is now a FormOptions object, not a plain array (array
+ access operators should continue to work, as it implements the ArrayAccess
+ interface).
+* Option to mark hooks as deprecated has been added.
+* (bug 52811) Preference "Enable section editing via [edit] links" was removed.
+* (bug 52813) Preference "Show table of contents (for pages with more than
+ 3 headings)" was removed.
+* (bug 52810) Preference "Justify paragraphs" was removed.
+* OutputPage::showErrorPage raises a notice if arguments are incoherent.
+* Thumbnails that keep failing to render in thumb.php will be rate-limited
+ against further render attempts for 1 hour. $wgAttemptFailureEpoch can be
+ altered to reset all rate-limited thumbnails at once.
+* (bug 56572) Builds of the OOjs and OOjs UI libraries are now available.
+* mw.loader.go and mw.loader.version have been removed.
+* (bug 52815) Preference "Enable simplified search bar (Vector skin only)"
+ was removed.
+* A user_password_expires column has been added to the user table. The User
+ object expects this column to exist. Use update.php to create this new field.
+* The jquery.delayedBind ResourceLoader module was deprecated in favor of the
+ jquery.throttle-debounce module. It will be removed in MediaWiki 1.24.
+* mw.user.bucket has been deprecated.
+* On Special:PrefixIndex, a table#mw-prefixindex-list-table was changed to
+ table.mw-prefixindex-list-table to avoid duplicate ids when the special page
+ is transcluded.
+* (bug 62198) window.$j has been deprecated.
+* Preference "Disable link title conversion" was removed.
+* SpecialRecentChanges no longer includes any functionality for generating feeds
+ - it has been factored out to ApiFeedRecentChanges. Old URLs redirect to new
+ ones.
+* RecentChange::mExtra['lang'] is no longer set and should no longer be used.
+ Extensions should read from other configuration variables, including
+ $wgLocalInterwikis, to identify the current wiki.
+* Sections in the parser test framework have been renamed and the old
+ section names are deprecated. Please use "!!wikitext" and "!!html"
+ (or "!!html/php") instead of "!!input" and "!!result". This allows
+ us to extend parser tests to accommodate additional input/output
+ pairs, such as "!!html/parsoid" (for the output of the Parsoid
+ parser, where it differs from the PHP parser).
+* Special:Search no longer has an "include redirects" option on the advanced
+ tab. Redirects are now included in all searches.
+* mediawiki.api.category's getCategories() 'async' parameter was deprecated.
+* The locations of resources have been split between upstream libraries, now in
+ resources/lib/, local libaries in resources/src/, and local forks of upstream
+ libraries, also in resources/src/.
+* BREAKING CHANGE: The automatically-generated function closure with which
+ ResourceLoader wraps all modules' JavaScript code now binds the identifier
+ names 'jQuery' and '$' to the jQuery object of the version of jQuery that is
+ bundled with MediaWiki. If you bind these names to other objects in global
+ scope (like Zepto.js or document.querySelectorAll, for example) you will need
+ to use different names to or re-bind them at the top of each
+ ResourceLoader-loaded module.
+* (bug 52342) Preference "Remember my login" was removed.
+* The skin autodiscovery mechanism has been deprecated and will be removed in
+ MediaWiki 1.25. See https://www.mediawiki.org/wiki/Manual:Skin_autodiscovery
+ for migration guide for creators and users of custom skins that relied on it.
+
+==== Removed classes ====
+* FakeMemCachedClient (deprecated in 1.18)
+* RdfMetaData (unused)
+* TitleDependency (unused)
+* TitleListDependency (unused)
+* WikiError (deprecated in 1.17)
+* WikiXmlError (deprecated in 1.17)
+* WikiErrorMsg (deprecated in 1.17)
+
+==== Renamed classes ====
+* CdbReader_DBA to CdbReaderDBA
+* CdbReader_PHP to CdbReaderPHP
+* CdbWriter_DBA to CdbWriterDBA
+* CdbWriter_PHP to CdbWriterPHP
+* DiffOp_Add to DiffOpAdd
+* DiffOp_Change to DiffOpChange
+* DiffOp_Copy to DiffOpCopy
+* DiffOp_Delete to DiffOpDelete
+* HWLDF_WordAccumulator to HWLDFWordAccumulator
+* LBFactory_Fake to LBFactoryFake
+* LBFactory_Multi to LBFactoryMulti
+* LBFactory_Simple to LBFactorySimple
+* LBFactory_Single to LBFactorySingle
+* LCStore_Accel to LCStoreAccel
+* LCStore_CDB to LCStoreCDB
+* LCStore_DB to LCStoreDB
+* LCStore_Null to LCStoreNull
+* LoadBalancer_Single to LoadBalancerSingle
+* LoadMonitor_MySQL to LoadMonitorMySQL
+* LoadMonitor_Null to LoadMonitorNull
+* LocalisationCache_BulkLoad to LocalisationCacheBulkLoad
+* csvStatsOutput to CsvStatsOutput
+* extensionLanguages to ExtensionLanguages
+* languages to Languages
+* statsOutput to StatsOutput
+* textStatsOutput to TextStatsOutput
+* wikiStatsOutput to WikiStatsOutput
+
+==== Removed methods ====
+* ApiBase::getValidNamespaces() (deprecated in 1.17)
+* ApiMain::setCachePrivate() (deprecated in 1.17)
+* ApiMain::setVaryCookie (deprecated in 1.17)
+* Article::doRedirect() (deprecated in 1.18)
+* Article::doUnwatch() (deprecated in 1.18)
+* Article::doWatch() (deprecated in 1.18)
+* Article::forUpdate() (deprecated in 1.18)
+* Article::markpatrolled() (deprecated in 1.18)
+* Article::unwatch() (deprecated in 1.18)
+* Article::watch() (deprecated in 1.18)
+* Block::clear() (deprecated in 1.18)
+* Block::decodeExpiry() (deprecated in 1.18)
+* Block::encodeExpiry() (deprecated in 1.18)
+* Block::forUpdate() (deprecated in 1.18)
+* Block::infinity() (deprecated in 1.18)
+* Block::load() (deprecated in 1.18)
+* Block::newFromDB() (deprecated in 1.18)
+* Block::normaliseRange() (deprecated in 1.18)
+* Block::parseExpiryInput() (deprecated in 1.18)
+* CategoryViewer::addSubcategory() (deprecated in 1.17)
+* EditPage::spamPage() (deprecated since 1.17)
+* Exif::getFormattedData() (deprecated in 1.18)
+* Exif::makeFormattedData() (deprecated in 1.18)
+* in_string (deprecated in 1.21)
+* Language::convertLinkToAllVariants() (deprecated in 1.17)
+* LanguageConverter::convertLinkToAllVariants() (deprecated in 1.17)
+* Linker::makeBrokenLink() (deprecated in 1.16)
+* Linker::makeBrokenLinkObj() (deprecated in 1.16)
+* Linker::makeColouredLinkObj() (deprecated in 1.16)
+* Linker::makeSizeLinkObj() (deprecated in 1.17)
+* MediaWiki::articleFromTitle() (deprecated in 1.18)
+* ParserOptions::getkin() (deprecated 1.18)
+* ProfilerSimple::getCpuTime (deprecated in 1.20)
+* Revision::revText() (deprecated in 1.17)
+* SkinTemplate::jstext() (deprecated in 1.21)
+* SpecialPage::__call() (deprecated in 1.17)
+* SpecialPage::executePath() (deprecated in 1.18)
+* SpecialPage::exists() (deprecated in 1.18)
+* SpecialPage::file() (deprecated in 1.18)
+* SpecialPage::func() (deprecated in 1.18)
+* SpecialPage::getGroup() (deprecated in 1.18)
+* SpecialPage::getPage() (deprecated in 1.18)
+* SpecialPage::getPageByAlias() (deprecated in 1.18)
+* SpecialPage::getLocalNameFor() (deprecated in 1.18)
+* SpecialPage::getRegularPages() (deprecated in 1.18)
+* SpecialPage::getRestrictedPages() (deprecated in 1.18)
+* SpecialPage::getTitleForAlias() (deprecated in 1.18)
+* SpecialPage::getUsablePages() (deprecated in 1.18)
+* SpecialPage::includable() (deprecated in 1.18)
+* SpecialPage::init()
+* SpecialPage::initAliasList() (deprecated in 1.18)
+* SpecialPage::initList() (deprecated in 1.18)
+* SpecialPage::name() (deprecated in 1.18)
+* SpecialPage::removePage() (deprecated in 1.18)
+* SpecialPage::resolveAlias() (deprecated in 1.18)
+* SpecialPage::resolveAliasWithSubpage() (deprecated in 1.18)
+* SpecialPage::restriction() (deprecated in 1.18)
+* SpecialPage::setGroup() (deprecated in 1.18)
+* SpecialRecentChanges::feedSetup()
+* SpecialRevisionDelete::extractBitField() (deprecated in 1.22)
+* User::getPageRenderingHash() (deprecated in 1.17)
+* WebRequest::getFileSize() (deprecated in 1.17)
+* WebRequest::isPathInfoBad() (deprecated in 1.17)
+* wfGenerateToken (deprecated in 1.20)
+* wfStreamFile (deprecated in 1.19)
+* wfUILang (deprecated in 1.18)
+* WikiPage::createUpdates() (deprecated in 1.18)
+* WikiPage::quickEdit() (deprecated in 1.18)
+* WikiPage::useParserCache() (deprecated in 1.18)
+* WikiPage::viewUpdates() (deprecated in 1.18)
+
+==== Removed globals ====
+* $wgBetterDirectionality (deprecated in 1.18)
+
+= MediaWiki 1.22 =
+
+== MediaWiki 1.22.15 ==
+
+This is a security and maintenance release of the MediaWiki 1.22 branch.
+
+=== Changes since 1.22.14 ===
+
+* (bug T76686) [SECURITY] thumb.php outputs wikitext message as raw HTML, which
+ could lead to xss. Permission to edit MediaWiki namespace is required to
+ exploit this.
+* (bug T77028) [SECURITY] Malicious site can bypass CORS restrictions in
+ $wgCrossSiteAJAXdomains in API calls if it only included an allowed domain as
+ part of its name.
+* (bug T74222) The original patch for T74222 was reverted as unnecessary.
+
+== MediaWiki 1.22.14 ==
+
+This is a security and maintenance release of the MediaWiki 1.22 branch.
+
+=== Changes since 1.22.13 ===
+
+* (bugs 66776, 71478) SECURITY: User PleaseStand reported a way to inject code
+ into API clients that used format=php to process pages that underwent flash
+ policy mangling. This was fixed along with improving how the mangling was done
+ for format=json, and allowing sites to disable the mangling using
+ $wgMangleFlashPolicy.
+* (bug 70901) SECURITY: User Jackmcbarn reported that the ability to update
+ the content model for a page could allow an unprivileged attacker to edit
+ another user's common.js under certain circumstances. The user right
+ "editcontentmodel" was added, and is needed to change a revision's content
+ model.
+* (bug 72222) SECURITY: Do not show log action when the entry is revdeleted with
+ DELETED_ACTION. NOTICE: this may be reverted in a future release pending a
+ public RFC about the desired functionality. This issue was reported by user
+ Bawolff.
+* (bug 71621) Make allowing site-wide styles on restricted special pages a
+ config option.
+* $wgMangleFlashPolicy was added to make MediaWiki's mangling of anything that
+ might be a flash policy directive configurable.
+
+== MediaWiki 1.22.13 ==
+This is a maintenance release of the MediaWiki 1.22 branch.
+
+=== Changes since 1.22.12 ===
+* (bug 67440) Allow classes to be registered properly from installer
+
+== MediaWiki 1.22.12 ==
+This is a security release of the MediaWiki 1.22 branch.
+
+=== Changes since 1.22.11 ===
+* (bug 70672) SECURITY: OutputPage: Remove separation of css and js module allowance.
+
+== MediaWiki 1.22.11 ==
+This is a security release of the MediaWiki 1.22 branch.
+
+=== Changes since 1.22.10 ===
+* (bug 69008) SECURITY: Enhance CSS filtering in SVG files. Filter <style> elements; normalize style elements and attributes before filtering; add checks for attributes that contain css; add unit tests for html5sec and reported bugs.
+
+== MediaWiki 1.22.10 ==
+This is a maintenance release of the MediaWiki 1.22 branch.
+
+=== Changes since 1.22.9 ===
+* (bug 64970) Fix support for blobs on DatabaseOracle::update
+* (bug 60719) In MediaWiki 1.22, the job queue execution on each page request was changed (Gerrit change 59797) so, instead of executing the job inside the same PHP process that's rendering the page, a new PHP cli command is spawned to execute runJobs.php in the background. It will only work if $wgPhpCli is set to an actual path or safe mode is off, otherwise, the old method will be used. https://www.mediawiki.org/wiki/Manual:Job_queue#Changes_introduced_in_MediaWiki_1.22 for more infomation. This change was in earlier releases of 1.22 but was not noted here until now.
+
+== MediaWiki 1.22.9 ==
+This is a security and maintenance release of the MediaWiki 1.22 branch.
+
+=== Changes since 1.22.8 ===
+* (bug 68187) SECURITY: Prepend jsonp callback with comment.
+* (bug 66608) SECURITY: Fix for XSS issue in bug 66608: Generate the URL used for loading a new page in Javascript,instead of relying on the URL in the link that has been clicked.
+* (bug 65778) SECURITY: Copy prevent-clickjacking between OutputPage and ParserOutput.
+* (bug 59147) The img_metadata field was not being decoded from bytea into text.
+
+== MediaWiki 1.22.8 ==
+This is a security and maintenance release of the MediaWiki 1.22 branch.
+
+=== Changes since 1.22.7 ===
+* (bug 65839) SECURITY: Prevent external resources in SVG files.
+* (bug 66428) MimeMagic: Don't seek before BOF. This has weird side effects like only extracting the tail of the file partially or not at all.
+
+== MediaWiki 1.22.7 ==
+This is a security and maintenance release of the MediaWiki 1.22 branch.
+
+=== Changes since 1.22.6 ===
+* (bug 65501) SECURITY: Don't parse usernames as wikitext on Special:PasswordReset.
+* (bug 36356) Add space between two feed links.
+* (bug 63269) Email notifications were not correctly handling the MediaWiki:Helppage message being set to a full URL. This is a regression from the 1.22.5 point release, which made the default value for it a URL. If you customized MediaWiki:Enotif body (the text of email notifications), you'll need to edit it locally to include the URL via the new variable $HELPPAGE instead of the parser functions fullurl and canonicalurl; otherwise you don't have to do anything.
+Add missing uploadstash.us_props for PostgreSQL.
+* (bug 56047) Fixed stream wrapper in PhpHttpRequest.
+
+== MediaWiki 1.22.6 ==
+This is a security release of the MediaWiki 1.22 branch.
+
+=== Changes since 1.22.5 ===
+* (bug 63251) SECURITY: Escape sortKey in pageInfo.
+
+== MediaWiki 1.22.5 ==
+This is a security and maintenance release of the MediaWiki 1.22 branch.
+
+=== Changes since 1.22.4 ===
+* (bug 62497) SECURITY: Add CSRF token on Special:ChangePassword.
+* (bug 62467) Set a title for the context during import on the cli.
+* Fix custom local MediaWiki:Helppage values.
+* mediawiki.js: Fix documentation breakage.
+* (bug 58153) Make MySQLi work with non standard port.
+* (bug 53887) Reintroduced a link to help pages in the default sidebar, that any sysop can customize by editing MediaWiki:Sidebar locally. The link now points to a mediawiki.org page which is guaranteed to exist. Nothing needs to be done on your end, but remember to adjust MediaWiki:Sidebar for the needs of your wikis. Everyone can help with the shared documentation by translating: https://www.mediawiki.org/wiki/Special:Translate/agg-Help_pages .
+* (bug 53888) Corrected a regression in 1.22 which introduced red links on the login page. If you previously installed 1.22.x and have created a local page to make the red link blue, write its title as in MediaWiki:helplogin-url if you didn't already. Otherwise, you don't need to do anything, but you can translate the help page at https://www.mediawiki.org/wiki/Help:Logging_in .
+
+== MediaWiki 1.22.4 ==
+This is a maintenance release of the MediaWiki 1.22 branch.
+
+=== Changes since 1.22.3 ===
+* Use the correct branch of the extensions' git repositories.
+
+== MediaWiki 1.22.3 ==
+This is a security and bugfix release of the MediaWiki 1.22 branch.
+
+=== Changes since 1.22.2 ===
+* (bug 60771) SECURITY: Disallow uploading SVG files using non-whitelisted namespaces. Also disallow iframe elements. * User will get an error including the namespace name if they use a non- whitelisted namespace.
+* (bug 61346) SECURITY: Make token comparison use constant time. It seems like our token comparison would be vulnerable to timing attacks. This will take constant time.
+* (bug 61362) SECURITY: API: Don't find links in the middle of api.php links.
+* (bug 53710) Add sequence support for upsert in DatabaseOracle in the same way as in selectInsert
+* (bug 60231, bug 58719) Various fixes to job running code in Wiki.php: Make it async on Windows. Fixed possible "invalid filename" errors on Windows. Redirect output to dev/null to avoid hanging PHP.
+* (bug 60083) Correct sequence name for fresh Postgres installation. Spotted by gebhkla
+* (bug 60531) Avoid variable naming conflicts in DatabasePostgres::selectSQLText. Spotted by gebhkla
+* (bug 60094) Fix rebuildall.php fatal error with PostgreSQL.
+* (bug 43817) Add error handling if descriptionmsg isn't defined for extension.
+* (bug 60543) Special:PrefixIndex omits stripprefix=1 for "Next page" link.
+
+== MediaWiki 1.22.2 ==
+This is a security and bugfix release of the MediaWiki 1.22 branch.
+
+=== Changes since 1.22.1 ===
+* (bug 60339) SECURITY: Sanitize shell arguments to DjVu files, and other media formats
+* (bug 58253) Check for very old PCRE versions in installer and updater
+* (bug 60054) Make WikiPage::$mPreparedEdit public
+
+== MediaWiki 1.22.1 ==
+This is a security and maintenance release of the MediaWiki 1.22 branch.
+
+=== Changes since 1.22.0 ===
+* (bug 57550) SECURITY: Disallow stylesheets in SVG Uploads
+* (bug 58088) SECURITY: Don't normalize U+FF3C to \ in CSS Checks
+* (bug 58472) SECURITY: Disallow -o-link in styles
+* (bug 58553) SECURITY: Return error on invalid XML for SVG Uploads
+* (bug 58699) SECURITY: Fix RevDel log entry information leaks
+* (bug 58178) Restore compatibility with curl < 7.16.2.
+* (bug 56931) Updated the plural rules to CLDR 24. They are in new format which is detailed in UTS 35 Rev 33. The PHP parser and evaluator as well as the JavaScript evaluator were updated to support the new format. Plural rules for some languages have changed, most notably Russian. Affected software messages have been updated and marked for review at translatewiki.net. This change is backported from the development branch of MediaWiki 1.23.
+* (bug 58434) The broken installer for database backend Oracle was fixed.
+* (bug 58167) The web installer no longer throws an exception when PHP is compiled without support for MySQL yet with support for another DBMS.
+* (bug 58640) Fixed a compatibility issue with PCRE 8.34 that caused pages to appear blank or with missing text.
+* (bug 47055) Changed FOR UPDATE handling in Postgresql
+* (bug 57026) Avoid extra parsing in prepareContentForEdit()
+
+== MediaWiki 1.22.0 ==
+
+=== Configuration changes in 1.22 ===
+* $wgRedirectScript was removed. It was unused.
+* Removed $wgLocalMessageCacheSerialized, it is now always true.
+* $wgVectorUseIconWatch is now enabled by default.
+* $wgCascadingRestrictionLevels was added.
+* ftps, ssh, sftp, xmpp, sip, sips, tel, sms, bitcoin, magnet, urn, and geo
+ have been whitelisted inside of $wgUrlProtocols.
+* $wgDocType and $wgDTD have been removed and are no longer used for the DOCTYPE.
+* $wgHtml5 is no longer used by core. Setting it to false will no longer disable HTML5.
+ It is still set to true for extension compatibility but doing so in extensions is deprecated.
+* $wgXhtmlDefaultNamespace is no longer used by core. Setting it will no longer change the
+ xmlns used by MediaWiki. Reliance on this variable by extensions is deprecated.
+* $wgHandheldStyle was removed.
+* $wgHandheldForIPhone was removed.
+* $wgJsMimeType is no longer used by core. Most usage has been removed since
+ HTML output is now exclusively HTML5.
+* $wgDBOracleDRCP added. True enables persistent connection with DRCP on Oracle.
+* $wgLogAutopatrol added to allow disabling logging of autopatrol edits in the logging table.
+ Default for $wgLogAutopatrol is true.
+* The 'edit' right no longer allows for editing a user's own CSS and JS.
+* New rights 'editmyusercss', 'editmyuserjs', 'viewmywatchlist',
+ 'editmywatchlist', 'viewmyprivateinfo', 'editmyprivateinfo', and
+ 'editmyoptions' restrict actions that were formerly allowed by default. They
+ have been added to the default for $wgGroupPermissions['*'].
+* The 'editprotected' right no longer allows bypassing of all page protection
+ restrictions. Any group using it for this purpose will now need to have all
+ the individual rights listed in $wgRestrictionTypes for the same effect.
+* The 'protect' and 'autoconfirmed' rights are no longer used for the default
+ page protection levels. The rights 'editprotected' and 'editsemiprotected'
+ are now used for this purpose instead.
+* (bug 40866) wgOldChangeTagsIndex removed.
+* $wgNoFollowDomainExceptions now only matches entire domains. For example,
+ an entry for 'bar.com' will still match 'foo.bar.com' but not 'foobar.com'.
+* $wgCopyUploadTimeout and $wgCopyUploadAsyncTimeout added to change the timeout times for
+ fetching the file during upload by url.
+* New key added to $wgGalleryOptions - $wgGalleryOptions['mode'] to set
+ default gallery mode.
+* New hook 'GalleryGetModes' to allow extensions to make new gallery modes.
+* The checkbox for staying in HTTPS displayed on the login form when $wgSecureLogin is
+ enabled has been removed. Instead, whether the user stays in HTTPS will be determined
+ based on the user's preferences, and whether they came from HTTPS or not.
+* $wgRC2UDPAddress, $wgRC2UDPInterwikiPrefix, $wgRC2UDPOmitBots, $wgRC2UDPPort,
+ and $wgRC2UDPPrefix configuration options have been deprecated in favor of a
+ $wgRCFeeds configuration array. $wgRCFeeds makes both the format and
+ destination of recent change notifications customizable, and allows for
+ multiple destinations to be specified.
+* (bug 53862) portal-url, currentevents-url and helppage have been removed from the
+ default Sidebar.
+* The 'vector-simplesearch' preference is now enabled by default. Previously
+ it was only enabled if the Vector extension was installed.
+* The precise format of metric datagrams produced by the UDP profiler and stats counter
+ may now be specified as $wgUDPProfilerFormatString and $wgStatsFormatString,
+ respectively.
+* (bug 54597) $wgBlockOpenProxies, $wgProxyPorts, $wgProxyScriptPath, and
+ $wgProxyMemcExpiry have been removed, along with the open proxy scanner
+ script they were added for.
+* Default value of $wgMaxShellMemory has been tripled (it's now 300 MB).
+
+=== New features in 1.22 ===
+* You can now install extensions using Composer.
+ See https://www.mediawiki.org/wiki/Composer
+* (bug 44525) mediawiki.jqueryMsg can now parse (whitelisted) HTML elements and attributes.
+* (bug 33454) Language::sprintfDate now has a timezone parameter, and supports
+ the "eIOPTZ" formatting characters.
+* EditWarning: A warning is shown when an editor leaves the edit form without
+ saving (enabled by default, users can opt-out via the 'useeditwarning'
+ preference). This feature was moved from the Vector extension, and is now part
+ of core for all skins. Take care when upgrading that you don't use an older
+ version of the Vector extension as this feature may conflict.
+* New 'mediawiki.ui' CSS module providing mw-ui-* styles for buttons and a
+ compact vertical form layout.
+* HTMLForm supports a new display format 'vform' which applies this compact vertical
+ layout and button styling. Special:PasswordReset uses this format.
+* New versions of login (Special:UserLogin) and create account
+ (Special:UserLogin/signup) forms using the "vform" compact vertical form layout.
+ These forms use new messages that assume a "Help logging in" link, see
+ https://www.mediawiki.org/wiki/Manual:Page_customizations;
+ https://www.mediawiki.org/wiki/Account_creation_user_experience/Strings lists the
+ message key changes.
+* (bug 23343) Implemented ability to apply IP blocks to the contents of X-Forwarded-For headers
+ by adding a new configuration variable $wgApplyIpBlocksToXff (disabled by default).
+* The new hook 'APIGetPossibleErrors' to modify the list of possible errors was
+ added.
+* (bug 25592) LogEventsList::showLogExtract() will now ignore various
+ Pager-related WebRequest parameters by default, as this is overwhelmingly
+ likely to be what was intended by users of the method. If any caller wishes
+ to use these parameters, the new param 'useRequestParams' may be set to true.
+* mw.util.addPortletLink: Tooltip is no longer required to be plain (without
+ an accesskey in it already). As such it now rountrips. Creating a link with a
+ message as tooltip, grabbing the title attribute and using it to create
+ another portlet will work as expected.
+* (bug 6747) {{ROOTPAGENAME}} introduced, contains the name of the topmost
+ page without namespace.
+* BREAKING CHANGE: (bug 41729) Display editsection links next to headings. Also
+ change their class name from .editsection to .mw-editsection and place them at
+ the end of the heading element instead of the beginning. Client-side code and
+ screen-scrapers will have to be adjusted to handle both cases (old HTML will
+ still be visible on cached page renders until they are purged); extensions
+ using the DoEditSectionLink or EditSectionLink hooks might need adjustments as
+ well.
+* (bug 45535) introduced the new 'LanguageLinks' hook for manipulating the
+ language links associated with a page before display.
+* Chosen (http://harvesthq.github.io/chosen/) was added as module 'jquery.chosen'
+* HTMLForm will turn multiselect checkboxes into a Chosen interface when setting cssclass 'mw-chosen'
+* rebuildLocalisationCache learned --lang option. Let you rebuild l10n caches
+ of the specified languages instead of all of them.
+* New GetNewMessagesAlert hook allowing extensions to disable or modify the new
+ messages alert
+* New wgUserNewMsgRevisionId JS global for logged in users. This will be null
+ if the user has no new talk page messages. Otherwise it will be set to the
+ revision ID of the oldest new talk page message. This will allow gadgets and
+ extensions to create their own new message alerts on the client side.
+* mediawiki.log: Added log.warn wrapper (uses console.warn and console.trace).
+* mediawiki.log: Implemented log.deprecate. This method defines a property and
+ uses ES5 getter/setter to emit a warning when they are used.
+* $wgCascadingRestrictionLevels was added, allowing one to specify restriction levels
+ which can be cascading (previously 'sysop' was hard-coded as the only one).
+* XHTML5 support has been improved. If you set $wgMimeType = 'application/xhtml+xml'
+ MediaWiki will try outputting markup according to XHTML5 rules.
+* Altered hook 'ProtectionForm::save', adding the reason page protection is
+ changed as third parameter.
+* New hook 'TitleSquidURLs' for manipulating the list of URLs to be purged from
+ HTTP caches when a page is changed.
+* Changed the patrolling system to always show the link for patrolling in case the
+ current revision is patrollable. This also removed the usage of the rcid URI parameters.
+* Oracle DB backend now supports Database Resident Connection Pooling (DRCP).
+ Can be enabled by setting $wgDBOracleDRCP=true.
+ Requires Oracle DB 11gR1 or above, enabled DRCP inside the DB itself and a
+ propper connect string.
+ More about DRCP can be found at:
+ http://www.oracle-base.com/articles/11g/database-resident-connection-pool-11gr1.php
+* Add a new parameter $patrolFooterShown to hook ArticleViewFooter so the hook
+ handlers can take further action based on the status of the patrol footer
+* A new hook TitleQuickPermissions was added to allow overriding of quick
+ permissions in the Title class.
+* LinkCache singleton can now be altered or cleared, letting one to specify
+ another instance that does not rely on a database backend.
+* MediaWiki's PHPUnit tests can now use PHPUnit installed using composer --dev.
+* (bug 43689) The lists of templates used on the page and hidden categories it
+ is a member of, shown below the edit form, are now collapsible (and collapsed
+ by default).
+* Parser profiling data, formerly only available in the "NewPP limit report"
+ HTML comment, is now also displayed at the bottom of page previews.
+* Added ParserLimitReportPrepare and ParserLimitReportFormat hooks, deprecated
+ ParserLimitReport hook.
+* New user rights have been added to increase granularity in rights management
+ for extensions such as OAuth:
+** editmyusercss controls whether a user may edit their own CSS subpages.
+** editmyuserjs controls whether a user may edit their own JS subpages.
+** viewmywatchlist controls whether a user may view their watchlist.
+** editmywatchlist controls whether a user may edit their watchlist.
+** viewmyprivateinfo controls whether a user may access their private
+ information (e.g. registered email address, real name).
+** editmyprivateinfo controls whether a user may change their private
+ information.
+** editmyoptions controls whether a user may change their preferences.
+* Add new hook AbortTalkPageEmailNotification, this will be used to determine
+ whether to send the regular talk page email notification
+* Action classes registered in $wgActions are now also supported in the form of
+ a callback (which returns an instance of Action) instead of providing the name
+ of a subclass of Action.
+* (bug 46513) Vector: Add the collapsibleTabs script from the Vector extension.
+* Added $wgRecentChangesFlags for defining new flags for RecentChanges and
+ watchlists.
+* (bug 40518) mw.toolbar: Implemented mw.toolbar.addButtons for adding multiple
+ button objects in one call.
+* Rights used for the default protection levels ('sysop' and 'autoconfirmed')
+ are now used just for that purpose, instead of overloading other rights. This
+ allows easy granting of the ability to edit sysop-protected pages without
+ also granting the ability to protect and unprotect.
+* (bug 48256) Make brackets in section edit links accessible to CSS.
+ They are now wrapped in <span class="mw-editsection-bracket" />.
+* (bug 8480) Allow handler specific parameters in galleries (like page number)
+* jquery.client: Add detection for Opera 15 and Internet Explorer 11.
+* Change tags (used by the AbuseFilter extension) are now shown on diff pages.
+* Change tag lists (shown on recent changes, watchlist, user contributions,
+ history pages, diff pages) now include a link to Special:Tags to distinguish
+ them from edit summaries.
+* Added a new method and hook, User::isEveryoneAllowed() and
+ UserIsEveryoneAllowed, for use in situations where a "does everyone have this
+ right?" check is used to avoid more expensive checks.
+* (bug 14431) Display "(No difference)" instead of an empty diff (when comparing
+ revisions in the history or when previewing changes while editing).
+* New hook 'IsUploadAllowedFromUrl' is added which can be used to intercept uploads by
+ URL, useful for blacklisting specific URLs
+* (bug 21912) Watchlist token implementation has been refactored and
+ Special:ResetTokens was added to allow users to reset their tokens
+ instead of presenting them in Preferences.
+* Special:PrefixIndex now lets you strip the searched prefix from the displayed
+ titles. Given a list of articles named Bug1, Bug2, you can now transclude the
+ list of bug numbers using: {{Special:PrefixIndex/Bug|stripprefix=1}}.
+ The special page form received a new checkbox matching that option.
+* (bug 23580) Implement javascript callback interface "mw.hook".
+* (bug 30713) New mw.hook "wikipage.content".
+* (bug 40430) jquery.placeholder gets a new parameter to set the attribute value
+ to be used.
+* $wgHTCPMulticastRouting renamed $wgHTCPRouting since it accepts unicast.
+* $wgHTCPRouting rules can now be passed an array of hosts/ports to send purge
+ too. Can be used whenever several multicast group could be interested by a
+ specific purge.
+* (bug 25931) Add Special:RandomInCategory.
+* mediawiki.util: addPortletLink now supports passing a jQuery object as nextnode.
+* <wbr> can now be used inside WikiText.
+* WebResponse::setcookie is much more featureful. Callers using PHP's
+ setcookie() or setrawcookie() should begin using this instead.
+* New hook WebResponseSetCookie, called from WebResponse::setcookie().
+* New hook ResetSessionID, called when the session id is reset.
+* Add a mode parameter to <gallery> tag with potential options of "traditional",
+ "nolines", "packed", "packed-overlay", or "packed-hover".
+* (bug 47399) A success message is now displayed after changing the password.
+* Make thumb.php give HTTP redirects for file redirects
+* (bug 30607) Special:ListFiles can now show old versions of files. Additionally
+ Special:AllMyUploads was introduced so the user can get a list of all things
+ they have ever uploaded, even if it was subsequently overridden.
+* Introduced Special:MyFiles and Special:AllMyFiles as an alias for Special:MyUploads
+ and Special:AllMyUploads respectively.
+* IPv6 addresses in X-Forwarded-For headers are now normalised before checking
+ against allowed proxy lists.
+* Add deferrable update support for callback/closure.
+* Add TitleMove hook before page renames.
+* Revision deletion backend code is moved out of SpecialRevisiondelete
+* Added {{REVISIONSIZE}} variable to get the current size of a revision.
+* Add support for the LESS stylesheet language to ResourceLoader. LESS is a
+ stylesheet language that compiles into CSS. ResourceLoader file modules may
+ include LESS style files; ResourceLoader will compile these files into CSS
+ before sending them to the client.
+** The $wgResourceLoaderLESSVars configuration variable is an associative array
+ mapping variable names to string CSS values. These variables are considered
+ declared for all LESS files. Additional variables may be registered by
+ adding keys to the array.
+** $wgResourceLoaderLESSFunctions is an associative array of custom LESS
+ function names to PHP callables. See <http://leafo.net/lessphp/docs/#custom_functions>
+ for more details regarding custom functions.
+** $wgResourceLoaderLESSImportPaths is an array of file system paths. Files
+ referenced in LESS '@import' statements are looked up here first.
+* ResourceLoader supports hashes as module cache invalidation trigger (instead
+ of or in addition to timestamps).
+* Added $wgExtensionEntryPointListFiles for use in mergeMessageFileList.php.
+* Added a hook, APIQuerySiteInfoStatisticsInfo, to allow extensions to modify
+ the output of the API query meta=siteinfo&siprop=statistics
+* Primary keys have been added to both the archive table and the externallinks
+ tables.
+* Added $wgEnableParserLimitReporting to control whether the NewPP limit report is
+ output in a HTML comment.
+* The 'UnwatchArticle' and 'WatchArticle' hooks now support a Status object
+ instead of just a boolean return value to abort the hook.
+* Added a hook, SpecialWatchlistGetNonRevisionTypes, to allow extensions
+ with custom recentchanges entries to hook into the Watchlist without
+ clobbering each other.
+* A hidden, empty input field was added to the edit form, and any edit that fills
+ it in will be rejected. This prevents against the simplest form of spambots.
+ Previously in the "SimpleAntiSpam" extension by Ryan Schmidt.
+* populateRevisionLength.php maintenance script updated to also populate
+ archive.ar_len field.
+* (bug 43571) DatabaseMySQLBase learned to list views, optionally filtered by a
+ prefix. Also fixed PHPUnit test suite when using a MySQL backend containing
+ views.
+
+=== Bug fixes in 1.22 ===
+* (bug 47271) $wgContentHandlerUseDB should be set to false during the upgrade
+* Disable Special:PasswordReset when $wgEnableEmail is false. Previously one
+ could still navigate to the page by entering the URL directly.
+* (bug 47138) Fixed a fatal error when a blocked user tries to automatically
+ create an account on login due external authentication in some circumstances.
+* (bug 23393) HTML <hN> headings containing line breaks are now handled
+ correctly.
+* (bug 45803) Whitespace within == Headline == syntax and within <hN> headings
+ is now non-significant and not preserved in the HTML output.
+* (bug 47218) Special:BlockList now handles correctly user names with spaces
+ when passed as subpage.
+* Pager's properly validate which fields are allowed to be sorted on.
+* mw.util.tooltipAccessKeyRegexp: The regex now matches "option-" as well.
+ Support for Mac "option" was added in 1.16, but the regex was never updated.
+* (bug 46768) Usernames of blocking users now display correctly, even if numeric.
+* (bug 39590) Self-transclusions now show the most up to date result always
+ after save instead of being a revision behind.
+* A bias in wfRandomString() toward digits 1-7 has been corrected. Generated
+ strings will now start with digits 0 and 8-f as often as they should.
+* (bug 45371) Removed Parser_LinkHooks and CoreLinkFunctions classes.
+* (bug 41545) Allow <kbd>, <samp>, and <var> to be nested like allowed in html.
+* PLURAL magic word no longer causes a PHP notice when no matching form exists.
+* (bug 36641) Patrol page links no longer show on non-existent revisions.
+* (bug 35810) Pages not linked from Special:RecentChanges or Special:NewPages
+ are patrollable now.
+* (bug 30213) JavaScript for search suggestions is now disabled when the API
+ is disabled, and AJAX patrolling and watching are now disabled when use of
+ the write API is not allowed.
+* (bug 48294) API: Fix chunk upload async mode.
+* (bug 46749) Broken files tracking category removed from pages if an image
+ with that name is uploaded.
+* (bug 14176) System messages that are empty were previously incorrectly treated
+ as non-existent, causing a fallback to the default. This stopped users from
+ overriding system messages to make them blank.
+* (bug 48319) action=parse no longer returns an error if passed none of 'oldid',
+ 'pageid', 'page', 'title', and 'text' (e.g. if only passed 'summary'). A
+ warning will instead be issued if 'title' is non-default, unless no props are
+ requested.
+* Special:Recentchangeslinked will now include upload log entries
+* (bug 41281) Fixed ugly output if file size could not be extracted for multi-page media.
+* (bug 50315) list=logevents API module will now output log entries by anonymous users.
+* (bug 38911) Handle headers with rowspan in jquery.tablesorter
+* (bug 658) Converted the table of contents on wiki pages from <table> to <div>
+ and adjusted skin CSS accordingly. The CSS was carefully crafted to be
+ backwards-compatible in all reasonable cases (uses of the __TOC__ magic word,
+ the #toc CSS id and the .toc CSS class). However, particularly bad abuse of
+ the id or the class can possibly break.
+* CSSJanus now supports rgb, hsl, rgba, and hsla color syntaxes.
+* Special:Listfiles can no longer be sorted by image name when filtering
+ by user in miser mode.
+* (bug 49074) CSSJanus: Handle values of border-radius correctly.
+* Handle relative inclusions ({{../name}}) in main namespace with subpages
+ enabled correctly (previously MediaWiki tried to include Template:Parent/name
+ instead of just Parent/name).
+* Added $wgAPIUselessQueryPages to allow extensions to flag their query pages
+ for non-inclusion in ApiQueryQueryPages.
+* (bug 50870) mediawiki.notification: Notification area should remain visible
+ when scrolled down.
+* (bug 13438) Special:MIMESearch no longer an expensive special page.
+* (bug 48342) Fixed a fatal error when $wgValidateAllHtml is set to true and
+ the function apache_request_headers() function is not available.
+* (bug 33399) LivePreview: Re-run wikipage content handlers
+ (jquery.makeCollapsible, jquery.tablesorter) after preview content is loaded.
+* (bug 51891) Fixed PHP notice on Special:PagesWithProp when no properties
+ are defined.
+* (bug 52006) Corrected documentation of $wgTranscludeCacheExpiry.
+* (bug 52077) The APIEditBeforeSave hook is giving the content of the whole
+ revision as second argument now, rather than just the current section.
+* (bug 49694) $wgSpamRegex is now also applied on the new section headline text
+ adding a new topic on a page
+* (bug 41756) Improve treatment of multiple comments on a blank line.
+* (bug 51064) Purge upstream caches when deleting file assets.
+* (bug 39012) File types with a mime that we do not know the extension for
+ can no longer be uploaded as an extension that we do know the mime type
+ for.
+* (bug 51742) Add data-sort-value for better sorting of hitcounts Special:Tags
+* (bug 26811) On DB error pages, server hostnames are now hidden when both
+ $wgShowHostnames and $wgShowSQLErrors are false.
+* (bug 6200) line breaks in <blockquote> are handled like they are in <div>
+* (bug 14931) Default character set now set to 'utf8' when a new MySQL
+ database is created.
+* (bug 47191) Fixed "Column 'si_title' cannot be part of FULLTEXT index"
+ MySQL error when installing using the binary character set option.
+* (bug 45288) Support mysqli PHP extension
+* (bug 55818) BREAKING CHANGE: Removed undocumented 'Debug' hook in wfDebug.
+ This resolves an infinite loop when using $wgDebugFunctionEntry = true.
+* (bug 56707) Correct tooltip of "Next n results" on query special pages.
+* (bug 56770) mw.util.addPortletLink: Check length before access array index.
+
+=== API changes in 1.22 ===
+* (bug 25553) The JSON output formatter now leaves forward slashes unescaped
+ to improve human readability of URLs and similar strings. Also, a "utf8"
+ option is now provided to use UTF-8 encoding instead of hex escape codes
+ for most non-ASCII characters.
+* (bug 46626) xmldoublequote parameter was removed. Because of a bug, the
+ parameter has had no effect since MediaWiki 1.16, and so its removal is
+ unlikely to impact existing clients.
+* (bug 47216) action=query&meta=siteinfo&siprop=skins will now indicate which
+ skin is the default and which are unusable (e.g. listed in $wgSkipSkins).
+* (bug 25325) Added support for wlshow filtering (bots/anon/minor/patrolled)
+ to action=feedwatchlist.
+* WDDX formatted output will actually be formatted (and normal output will no
+ longer be), and will no longer choke on booleans.
+* action=opensearch no longer silently ignores the format parameter.
+* action=opensearch now supports format=jsonfm.
+* list=usercontribs&ucprop=ids will now include the parent revision id.
+* BREAKING CHANGE: action=parse no longer returns all langlinks for the page
+ with prop=langlinks by default. The new effectivelanglinks parameter will
+ request that the LanguageLinks hook be called to determine the effective
+ language links.
+* BREAKING CHANGE: list=allpages, list=langbacklinks, and prop=langlinks do not
+ apply the new LanguageLinks hook, and thus only consider language links
+ stored in the database.
+* (bug 47219) Allow specifying change type of Wikipedia feed items
+* prop=imageinfo now allows setting iiurlheight without setting iiurlwidth
+* prop=info now adds the content model and page language of the title.
+* New upload log entries will now contain information on the relevant
+ image (sha1 and timestamp).
+* (bug 49239) action=parse now can parse in preview and section preview modes.
+* (bug 49259) action=patrol now accepts revision ids.
+* (bug 48129) list=blocks&bkip= now correctly handles IPv6 CIDR ranges and
+ honors $wgBlockCIDRLimit. Note any clients passing invalid values to bkip
+ will now receive an error, rather than the previous behavior listing all
+ user blocks.
+* (bug 48201) action=parse&text=foo now assumes wikitext if no title is given,
+ rather than using the content model of the page "API".
+* action=watch no longer silently ignores hook abort.
+* (bug 50785) action=purge with forcelinkupdate=1 no longer queues refreshLinks
+ jobs in the job queue for link table updates of pages that use the given page
+ as a template. Instead, forcerecursivelinkupdate=1 is introduced and should
+ be used if that behaviour is desirable.
+* The 'debugLog' property (enabled by $wgDebugToolbar) no longer sets the log
+ entry values through ApiResult::content but directly. This changes the JSON
+ output from an array of objects with content in '*' to an array of strings
+ with the content.
+* (bug 51342) prop=imageinfo iicontinue now contains the dbkey, not the text
+ version of the title.
+* (bug 52538) action=edit will now use empty text instead of the contents
+ of section 0 when passed prependtext or appendtext with section=new.
+* Support for the 'gettoken' parameter to action=block and action=unblock,
+ deprecated since 1.20, has been removed.
+* (bug 49090) Token-getting functions will fail when using jsonp callbacks.
+* (bug 52699) action=upload returns normalized file name on warning
+ "exists-normalized" instead of filename to be uploaded to.
+* (bug 53884) action=edit will now return an error when the specified section
+ does not exist in the page.
+* Added meta=filerepoinfo API module for getting information about foreign
+ file repositories, and related ForeignAPIRepo methods getInfo and getApiUrl.
+* The new query module list=allfileusages to enumerate file usages was added.
+
+=== Languages updated in 1.22 ===
+
+MediaWiki supports over 350 languages. Many localisations are updated
+regularly. Below only new and removed languages are listed, as well as
+changes to languages because of Bugzilla reports.
+
+* Batak Toba (bbc-latn) added.
+* (bug 46751) Made Buryat (Russia) (буряад) (bxr) fallback to Russian.
+
+=== Other changes in 1.22 ===
+* BREAKING CHANGE: Implementation of MediaWiki's JS and JSON value encoding
+ has changed:
+** MediaWiki no longer supports PHP installations in which the native JSON
+ extension is missing or disabled.
+** XmlJsCode objects can no longer be nested inside objects or arrays.
+ (For Xml::encodeJsCall(), this individually applies to each argument.)
+** The sets of characters escaped by default, along with the precise escape
+ sequences used, have changed (except for the Xml::escapeJsString()
+ function, which is now deprecated).
+* BREAKING CHANGE: The Services_JSON class has been removed. If necessary,
+ be sure to upgrade affected extensions at the same time (e.g. Collection).
+* redirect.php was removed. It was unused.
+* ClickTracking integration was dropped from the mediaWiki.user.bucket
+ JavaScript function. The 'tracked' option is now ignored.
+* BREAKING CHANGE: Legacy skins Simple, MySkin, Chick, Standard and Nostalgia
+ were all removed. (Nostalgia was moved to an extension.) The SkinLegacy and
+ LegacyTemplate classes that supported them were removed as well and are now a
+ part of the Nostalgia extension.
+* Event namespace used by jquery.makeCollapsible has been changed from
+ 'mw-collapse' to 'mw-collapsible' for consistency with the module name.
+* BREAKING CHANGE: The "ExternalAuth" authentication subsystem was removed, along
+ with its associated globals of $wgExternalAuthType, $wgExternalAuthConf,
+ $wgAutocreatePolicy and $wgAllowPrefChange. Affected users are encouraged to
+ use AuthPlugin for external authentication/authorization needs.
+* The Quickbar feature of the legacy skin model and the last remnants of it
+ throughout the code base have been removed.
+* Externaledit/externaldiff preference was removed. Very few users used this
+ feature, and improper configuration can actually prevent a user from editing
+* Calling Linker methods using a skin will now output deprecation warnings.
+* (bug 46680) "Return to" links are no longer tagged with rel="next".
+* BREAKING CHANGE: mw.util.tooltipAccessKeyRegexp: The match group for the
+ accesskey character is now $6 instead of $5.
+* HipHop compiler (hphpc) support was removed. HipHop VM support (hhvm) was
+ added.
+* A new Special:Redirect page was added, providing lookup by revision ID,
+ user ID, or file name. The old Special:Filepath page was reimplemented
+ to redirect through Special:Redirect.
+* Monobook: Removed the old conditional stylesheets for Opera 6, 7 and 9.
+* Support for XHTML 1.0 has been removed. MediaWiki now only outputs (X)HTML5.
+* wikibits: User-agent related globals have been deprecated. The following
+ properties now default to false and emit mw.log.warn: is_gecko, is_chrome_mac,
+ is_chrome, webkit_version, is_safari_win, is_safari, webkit_match, is_ff2,
+ ff2_bugs, is_ff2_win, is_ff2_x11, opera95_bugs, opera7_bugs, opera6_bugs,
+ is_opera_95, is_opera_preseven, is_opera, and ie6_bugs.
+* (bug 48276) MediaWiki will now flash a confirmation message upon successfully
+ editing a page.
+* (bug 40785) mediawiki.legacy.ajax has been marked as deprecated. The following
+ properties now emit mw.log.warn when accessed: sajax_debug, sajax_init_object,
+ sajax_do_call and wfSupportsAjax.
+* BREAKING CHANGE: meta keywords are no longer supported. A <meta name="keywords"
+ will no longer be output and OutputPage::addKeyword no longer exists.
+* Methods Title::userCanEditCssSubpage and Title::userCanEditJsSubpage,
+ deprecated since 1.19, have been removed.
+* (bug 50134) Hook functions are no longer required to return a value. When a
+ hook function does not return a value (or when it returns an explicit null),
+ processing continues. To abort the hook, a hook function must return an
+ explicit, boolean false or a string error message. Other falsey values are
+ tantamount to a 'return true' in earlier versions of MediaWiki.
+* BREAKING CHANGE: The EditSectionLink hook was removed after being
+ deprecated since MediaWiki 1.14. Use DoEditSectionLink instead.
+* (bug 48256) The 'editsection-brackets' optional message was removed.
+ Section edit links' brackets can now be customized using CSS by
+ styling span.mw-editsection-bracket.
+* The usePatrol function in ChangesList has been marked as deprecated.
+* (bug 50785) A "null edit", that is, a save action in which no changes to the
+ page text are made and no revision recorded, will no longer send refreshLinks
+ jobs to the job table to update pages which use the edited page as a template.
+* The LivePreviewPrepare and LivePreviewDone events triggered on "jQuery( mw )"
+ have been deprecated in favour of using mw.hook.
+* The 'showjumplinks' user preference has been removed, jump links are now
+ always included.
+* Methods RecentChange::notifyRC2UDP, RecentChange::sendToUDP, and
+ RecentChange::cleanupForIRC have been deprecated, as it is now the
+ responsibility of classes implementing the RCFeedFormatter and RCFeedEngine
+ interfaces to implement the formatting and delivery for recent change
+ notifications.
+* SpecialPrefixindex methods namespacePrefixForm() and showPrefixChunk() have
+ been made protected. They were accepting form variance arguments, this is now
+ using properties in the SpecialPrefixindex class.
+* (bug 50310) BREAKING CHANGE: wikibits: Drop support for mwCustomEditButtons.
+ It defaults to an empty array and emits mw.log.warn when accessed.
+* BREAKING CHANGE: Special:Disambiguations has been removed from MediaWiki core.
+ Functions related to disambiguation pages are now handled by the Disambiguator
+ extension (https://www.mediawiki.org/wiki/Extension:Disambiguator) (bug
+ 35981).
+* BREAKING CHANGE: The 'mediawiki.legacy.wikiprintable' module has been removed.
+ The skins/common/wikiprintable.css file no longer exists. Return value of
+ Skin#commonPrintStylesheet is ignored. Please use the 'mediawiki.legacy.commonPrint'
+ module instead or base your skin on SkinTemplate.
+* (bug 49629) The hook ExtractThumbParameters has been deprecated in favour
+ of media handler overriding MediaHandler::parseParamString.
+* (bug 46512) The collapsibleNav feature from the Vector extension has been moved
+ to the Vector skin in core.
+* SpecialRecentChanges::addRecentChangesJS() function has been renamed
+ to addModules() and made protected.
+* Methods WatchAction::doWatch and WatchAction::doUnwatch now return a Status
+ object instead of a boolean.
+* Information boxes (CSS classes errorbox, warningbox, successbox) have been
+ made more subtle.
+* BREAKING CHANGE: The module 'mediawiki.legacy.IEFixes' has been removed as it was
+ unused. The file skins/common/IEFixes.js remains but is only used by wikibits.
+ The file never contained any re-usable components. To use it in a skin, load
+ 'mediawiki.legacy.wikibits' (which IEFixes depends on) and that will import
+ IEFixes automatically if user agent conditions are met.
+* Code specific to the Math extension was marked as deprecated.
+* mediawiki.util: mw.util.wikiGetlink has been renamed to getUrl. (The old name
+ still works, but is deprecated.)
+
+= MediaWiki 1.21 =
+
+== MediaWiki 1.21.11 ==
+This is a security and maintenance release of the MediaWiki 1.21 branch.
+
+=== Changes since 1.21.10 ===
+* (bug 65839) SECURITY: Prevent external resources in SVG files.
+* (bug 66428) MimeMagic: Don't seek before BOF. This has weird side effects like only extracting the tail of the file partially or not at all.
+
+== MediaWiki 1.21.10 ==
+This is a security and maintenance release of the MediaWiki 1.21 branch.
+
+=== Changes since 1.21.9 ===
+* (bug 65501) SECURITY: Don't parse usernames as wikitext on Special:PasswordReset.
+* (bug 36356) Add space between two feed links.
+
+== MediaWiki 1.21.9 ==
+This is a security and maintenance release of the MediaWiki 1.21 branch.
+
+=== Changes since 1.21.8 ===
+* (bug 63251) SECURITY: Escape sortKey in pageInfo.
+* (bug 58640) Fixed a compatibility issue with PCRE 8.34 that caused pages to appear blank or with missing text.
+
+== MediaWiki 1.21.8 ==
+This is a security and maintenance release of the MediaWiki 1.21 branch.
+
+=== Changes since 1.21.7 ===
+* (bug 62497) SECURITY: Add CSRF token on Special:ChangePassword.
+* (bug 62467) Set a title for the context during import on the cli.
+
+== MediaWiki 1.21.7 ==
+This is a maintenance release of the MediaWiki 1.21 branch.
+
+=== Changes since 1.21.6 ===
+* Use the correct branch of the extensions' git repositories.
+
+== MediaWiki 1.21.6 ==
+This is a security release of the MediaWiki 1.21 branch.
+
+=== Changes since 1.21.5 ===
+* (bug 60771) SECURITY: Disallow uploading SVG files using non-whitelisted namespaces. Also disallow iframe elements. * User will get an error including the namespace name if they use a non- whitelisted namespace.
+* (bug 61346) SECURITY: Make token comparison use constant time. It seems like our token comparison would be vulnerable to timing attacks. This will take constant time.
+* (bug 61362) SECURITY: API: Don't find links in the middle of api.php links.
+
+== MediaWiki 1.21.5 ==
+This is a security release of the MediaWiki 1.21 branch.
+
+=== Changes since 1.21.4 ===
+* (bug 60339) SECURITY: Sanitize shell arguments to DjVu files, and other media formats
+
+== MediaWiki 1.21.4 ==
+This is a security release of the MediaWiki 1.21 branch.
+
+=== Changes since 1.21.3 ===
+* (bug 57550) SECURITY: Disallow stylesheets in SVG Uploads
+* (bug 58088) SECURITY: Don't normalize U+FF3C to \ in CSS Checks
+* (bug 58472) SECURITY: Disallow -o-link in styles
+* (bug 58553) SECURITY: Return error on invalid XML for SVG Uploads
+* (bug 58699) SECURITY: Fix RevDel log entry information leaks
+
+== MediaWiki 1.21.3 ==
+This is a security and maintenance release of the MediaWiki 1.21 branch.
+
+=== Changes since 1.21.2 ===
+* (bug 53032) SECURITY: Don't cache when a call could autocreate
+* (bug 55332) SECURITY: Improve css javascript detection
+* (bug 49717) Fix behaviour $wgVerifyMimeType = false; in Upload
+* Fix comma errors in various js files
+* Translations
+
+== MediaWiki 1.21.2 ==
+This is a security and maintenance release of the MediaWiki 1.21 branch.
+
+=== Changes since 1.21.1 ===
+* SECURITY: Fix extension detection with 2 .'s
+* SECURITY: Support for the 'gettoken' parameter to action=block and action=unblock, deprecated since 1.20, has been removed.
+* SECURITY: Sanitize ResourceLoader exception messages
+* Purge upstream caches when deleting file assets.
+* Unit test suite now runs the AutoLoader tests. Also fixed the autoloading entry for the PageORMTableForTesting class though it had no impact.
+
+== MediaWiki 1.21.1 ==
+This is a maintenance release of the MediaWiki 1.21 branch.
+
+=== Changes since 1.21.0 ===
+* An incorrect version number was used for 1.21.0. 1.21.1 has the correct number.
+* A problem with the Oracle SQL table creation was fixed.
+* (PdfHandler extension) Fix warning if pdfinfo fails but pdftext succeeds.
+
+== MediaWiki 1.21.0 ==
+
+=== Configuration changes in 1.21 ===
+* (bug 29374) $wgVectorUseSimpleSearch is now enabled by default.
+* Deprecated $wgAllowRealName is removed. Use $wgHiddenPrefs[] = 'realname'
+ instead.
+* (bug 39957) Added $wgUnwatchedPageThreshold, specifying minimum count
+ of page watchers required for the number to be accessible to users
+ without the unwatchedpages permission.
+* $wgBug34832TransitionalRollback has been removed.
+* (bug 29472) $wgUseDynamicDates has been removed and its functionality
+ disabled.
+
+=== New features in 1.21 ===
+* (bug 38110) Schema changes (adding or dropping tables, indices and
+ fields) can be now be done separately from other changes that
+ update.php makes. This is useful in environments that use database
+ permissions to restrict schema changes but allow the DB user that
+ MediaWiki normally runs as to perform other changes that update.php
+ makes. Schema changes can be run separately. See the file UPGRADE
+ for more information.
+* (bug 34876) jquery.makeCollapsible has been improved in performance.
+* Added ContentHandler facility to allow extensions to support other content
+ than wikitext. See docs/contenthandler.txt for details.
+* New feature was developed for showing high-DPI thumbnails for high-DPI mobile
+ and desktop displays (configurable with $wgResponsiveImages).
+* Added new backend to represent and store information about sites and site
+ specific configuration.
+* jQuery upgraded from 1.8.2 to 1.8.3.
+* jQuery UI upgraded from 1.8.23 to 1.8.24.
+* Added separate fa_sha1 field to filearchive table. This allows sha1
+ searches with the api in miser mode for deleted files.
+* Add initial and programmatic sorting for tablesorter.
+* Add the event "sortEnd.tablesorter", triggered after sorting has completed.
+* The Job system was refactored to allow for different backing stores for
+ queues as well as cross-wiki access to queues, among other things. The schema
+ for the DB queue was changed to support better concurrency and reduce
+ deadlock errors.
+* Added ApiQueryORM class to facilitate creation of query API modules based on
+ tables that have a corresponding ORMTable class.
+* (bug 40876) Icon for PSD (Adobe Photoshop) file types.
+* (bug 40641) Implemented Special:Version/Credits with a list of contributors.
+* (bug 7851) Implemented one-click AJAX patrolling.
+* The <data>, <time>, <meta>, and <link> elements are allowed within WikiText
+ for use with Microdata.
+* The HTML5 <mark> tag has been whitelisted.
+* Added ParserCloned hook for when the Parser object is cloned.
+* Added AlternateEditPreview hook to allow extensions to replace the page
+ preview from the edit page.
+* Added EditPage::showStandardInputs:options hook to allow extensions to add
+ new fields to the "editOptions" area of the edit form.
+* Upload stash DB schema altered to improve upload performance.
+* The following global functions are now reporting deprecated warnings in
+ debug mode: wfMsg, wfMsgNoTrans, wfMsgForContent, wfMsgForContentNoTrans,
+ wfMsgReal, wfMsgGetKey, wfMsgHtml, wfMsgWikiHtml, wfMsgExt, wfEmptyMsg. Use
+ the Message class, or the global method wfMessage.
+* Added $wgEnableCanonicalServerLink, off by default. If enabled, a
+ <link rel=canonical> tag is added to every page indicating the correct server
+ to use.
+* Debug message emitted by wfDebugLog() will now be prefixed with the group
+ name when its logged to the default log file. That is the case whenever the
+ group has no key in wgDebugLogGroups, that will help triage the default log.
+* (bug 24620) Add types to LogFormatter.
+* jQuery JSON upgraded from 2.3 to 2.4.0.
+* Added GetDoubleUnderscoreIDs hook, for modifying the list of magic words.
+* DatabaseUpdater class has two new methods to ease extensions schema changes:
+ dropExtensionIndex and renameExtensionIndex.
+* New preference type - 'api'. Preferences of this type are not shown on
+ Special:Preferences, but are still available via the action=options API.
+* (bug 39397) Hide rollback link if a user is the only contributor of the page.
+* $wgPageInfoTransclusionLimit limits the list size of transcluded articles
+ on the info action. Default is 50.
+* Added action=createaccount to allow user account creation.
+* (bug 40124) action=options API also allows for setting of arbitrary
+ preferences, provided that their names are prefixed with 'userjs-'. This
+ officially reenables the feature that was undocumented and defective
+ in MW 1.20 (saving preferences using Special:Preferences cleared any
+ additional fields) and which has been disabled in 1.20.1 as a part of
+ a security fix (bug 42202).
+* Added option to specify "others" as author in extension credits using
+ "..." as author name.
+* Added the ability to limit the wall clock time used by shell processes,
+ as well as the CPU time. Configurable with $wgMaxShellWallClockTime.
+* Allow memory of shell subprocesses to be limited using Linux cgroups
+ instead of ulimit -v, which tends to cause deadlocks in recent versions
+ of ImageMagick. Configurable with $wgShellCgroup.
+* Added $wgWhitelistReadRegexp for regex whitelisting.
+* (bug 5346) Categories that are redirects will be displayed italic in
+ the category links section at the bottom of a page.
+* (bug 43915) New maintenance script deleteEqualMessages.php.
+* You can now create checkbox option matrices through the HTMLCheckMatrix
+ subclass in HTMLForm.
+* WikiText now permits the use of WAI-ARIA's role="presentation" inside of
+ html elements and tables. This allows presentational markup, especially
+ tables. To be marked up as such.
+* maintenance/sql.php learned the --cluster option. Let you run the script
+ on some external cluster instead of the primary cluster for a given wiki.
+* (bug 20281) test the parsing of inline URLs.
+* Added Special:PagesWithProp, which lists pages using a particular page property.
+* Implemented language-specific collations for category sorting for 67 languages
+ based in latin, greek and cyrillic alphabets. This allows one to *finally* get
+ articles to be correctly sorted on category pages. They are named
+ 'uca-<langcode>', where <langcode> is one of: af, ast, az, be, bg, br, bs, ca,
+ co, cs, cy, da, de, dsb, el, en, eo, es, et, eu, fi, fo, fr, fur, fy, ga, gd,
+ gl, hr, hsb, hu, is, it, kk, kl, ku, ky, la, lb, lt, lv, mk, mo, mt, nl, no,
+ oc, pl, pt, rm, ro, ru, rup, sco, sk, sl, smn, sq, sr, sv, tk, tl, tr, tt, uk,
+ uz, vi.
+* Added 'CategoryAfterPageAdded' and 'CategoryAfterPageRemoved' hooks.
+* Added 'HistoryRevisionTools' and 'DiffRevisionTools' hooks.
+* Added 'SpecialSearchResultsPrepend' and 'SpecialSearchResultsAppend' hooks.
+* (bug 33186) Add image rotation api "imagerotate"
+* (bug 34040) Add "User rights management" link on user page toolbox.
+* (bug 45526) Add QUnit assertion helper "QUnit.assert.htmlEqual" for asserting
+ structual equality of HTML (ignoring insignificant differences like
+ quotmarks, order and whitespace in the attribute list).
+* (bug 23393) HTML <hN> headings containing line breaks are now handled
+ correctly.
+* (bug 45803) Whitespace within == Headline == syntax and within <hN> headings
+ is now non-significant and not preserved in the HTML output.
+
+=== Bug fixes in 1.21 ===
+* (bug 40353) SpecialDoubleRedirect should support interwiki redirects.
+* (bug 40352) fixDoubleRedirects.php should support interwiki redirects.
+* (bug 9237) SpecialBrokenRedirect should not list interwiki redirects.
+* (bug 34960) Drop unused fields rc_moved_to_ns and rc_moved_to_title from
+ recentchanges table.
+* (bug 32951) Do not register internal externals with absolute protocol,
+ when server has relative protocol.
+* (bug 39005) When purging proxies listed in $wgSquidServers using HTTP PURGE
+ method requests, we now send a Host header by default, for Varnish
+ compatibility. This also works with Squid in reverse-proxy mode. If you wish
+ to support Squid configured in forward-proxy mode, set
+ $wgSquidPurgeUseHostHeader to false.
+* (bug 37020) sql.php with readline eats semicolon.
+* (bug 11748) Properly handle optionally-closed HTML tags when Tidy is
+ disabled, and don't wrap HTML-syntax definition lists in paragraphs.
+* (bug 41409) Diffs while editing an old revision should again diff against the
+ current revision.
+* (bug 41494) Honor $wgLogExceptionBacktrace when logging non-API exceptions
+ caught during API execution.
+* (bug 37963) Fixed loading process for user options.
+* (bug 26995) Update filename field on Upload page after having sanitized it.
+* (bug 41793) Contribution links to users with 0 edits on Special:ListUsers
+ didn't show up red.
+* (bug 41899) A PHP notice no longer occurs when using the "rvcontinue" API
+ parameter.
+* (bug 42036) Account creation emails now contain canonical (not
+ protocol-relative) URLs.
+* (bug 41990) Fix regression: API edit with redirect=true and lacking
+ starttimestamp and basetimestamp should not cause an edit conflict.
+* (bug 41706) EditPage: Preloaded page should be converted if possible and
+ needed.
+* (bug 41886) Rowspans are no longer exploded by tablesorter until the table is
+ actually sorted.
+* (bug 2865) User interface HTML elements don't use lang attribute.
+ (completed the fix by adding the lang attribute to firstHeading).
+* (bug 42173) Removed namespace prefixes on Special:UncategorizedCategories.
+* (bug 36053) Log in "returnto" feature forgets query parameters if no
+ title parameter was specified.
+* (bug 42410) API action=edit now returns correct timestamp for the new edit.
+* (bug 14901) Email notification mistakes log action for new page creation.
+ Enotif no longer sends "page has been created" notifications for some log
+ actions. The following events now have a correct message: page creation,
+ deletion, move, restore (undeletion), change (edit). Parameter
+ $CHANGEDORCREATED is deprecated in 'enotif_body' and scheduled for removal in
+ MediaWiki 1.23.
+* (bug 457) In the sidebar of Vector, CologneBlue, Monobook, and Monobook-based
+ skins, the heading levels have been changed from (variously per skin)
+ <h4>, <h5> or <h6> to only <h3>s, with a <h2> hidden heading above them.
+ If you are styling or scripting the headings in a custom way, this change
+ will require updates to your site's CSS or JS.
+* (bug 41342) jquery.suggestions should cancel any active (async) fetches
+ before it triggers another fetch.
+* (bug 42184) $wgUploadSizeWarning missing second variable.
+* (bug 34581) removeUnusedAccounts.php maintenance script now ignores newuser
+ log when determining whether an account is used.
+* (bug 43379) Gracefully fail if rev_len is unavailable for a revision on the
+ History page.
+* (bug 42949) API no longer assumes all exceptions are MWException.
+* (bug 41733) Hide "New user message" (.usermessage) element from printable view.
+* (bug 39062) Special:Contributions will display changes that don't have
+ a parent id instead of just an empty bullet item.
+* (bug 37209) "LinkCache doesn't currently know about this title" error fixed.
+* wfMerge() now works if $wgDiff3 contains spaces
+* (bug 43052) mediawiki.action.view.dblClickEdit.dblClickEdit should trigger
+ ca-edit click instead opening URL directly.
+* (bug 43964) Invalid value of "link" parameter in <gallery> no longer produces
+ a fatal error.
+* (bug 44775) The username field is not pre-filled when creating an account.
+* (bug 45069) wfParseUrl() no longer produces a PHP notice if passed a "mailto:"
+ URL without address
+* (bug 45012) Creating an account by e-mail can no longer show a
+ "password mismatch" error.
+* (bug 44599) On Special:Version, HEADs for submodule checkouts (e.g. for
+ extensions) performed using Git 1.7.8+ should now appear.
+* (bug 42184) $wgUploadSizeWarning missing second variable
+* (bug 40326) Check if files exist with a different extension during uploading
+* (bug 34798) Updated CSS for Atom/RSS recent changes feeds to match on-wiki diffs.
+* (bug 42430) Calling numRows on MySQL no longer propagates unrelated errors.
+* (bug 44719) Removed mention of non-existing maintenance/migrateCurStubs.php
+ script in includes/DefaultSettings.php
+* (bug 45143) jquery.badge: Treat non-Latin variants of zero as zero as well.
+* (bug 46151) mwdocgen.php should not ignore exit code of doxygen command.
+* (bug 41889) Fix $.tablesorter rowspan exploding for complex cases.
+
+=== API changes in 1.21 ===
+* prop=revisions can now report the contentmodel and contentformat.
+ See docs/contenthandler.txt.
+* action=edit and action=parse now support contentmodel and contentformat
+ parameters to control the interpretation of page content.
+ See docs/contenthandler.txt for details.
+* (bug 35693) ApiQueryImageInfo now suppresses errors when unserializing metadata.
+* (bug 40111) Disable minor edit for page/section creation by API.
+* (bug 41042) Revert change to action=parse&page=... behavior when the page
+ does not exist.
+* (bug 27202) Add timestamp sort to list=allimages.
+* (bug 43137) Don't return the sha1 of revisions through the API if the content is
+ revision-deleted.
+* ApiQueryImageInfo now also returns imageinfo for redirects.
+* list=alltransclusions added to enumerate every instance of page embedding
+* list=alllinks & alltransclusions now allow both 'from' and 'continue' in
+ the same query. When both are present, 'from' is simply ignored.
+* list=alllinks & alltransclusions now allow 'unique' in generators, to yield
+ a list of all link/template target pages instead of source pages.
+* BREAKING CHANGE: list=logevents output format changed for details of some log
+ types. Specifically, details that were formerly reported under a key like
+ "4::foo" will now be reported under a key of simply "foo".
+* BREAKING CHANGE: '??_badcontinue' error code was changed to '??badcontinue'
+ for all query modules.
+* ApiQueryBase adds 'badcontinue' error code if module has 'continue' parameter.
+* (bug 35885) Removed version parameter and all getVersion() methods.
+* action=options now takes a "resetkinds" option, which allows only resetting
+ certain types of preferences when the "reset" option is set.
+* (bug 36751) ApiQueryImageInfo now returns imageinfo for the redirect target
+ when queried with &redirects=.
+* (bug 31849) ApiQueryImageInfo no longer gets confused when asked for info on
+ a redirect and its target.
+* (bug 43849) ApiQueryImageInfo no longer throws exceptions with ForeignDBRepo
+ redirects.
+* On error, any warnings generated before that error will be shown in the result.
+* action=help supports generalized submodules (modules=query+value), querymodules obsolete
+* ApiQueryImageInfo continuation is more reliable. The only major change is
+ that the imagerepository property will no longer be set on page objects not
+ processed in the current query (i.e. non-images or those skipped due to
+ iicontinue).
+* Add supports for all pageset capabilities - generators, redirects, converttitles to
+ action=purge and action=setnotificationtimestamp.
+* (bug 43251) prop=pageprops&ppprop= now accepts multiple props to query.
+* ApiQueryImageInfo will now limit the number of calls to File::transform made
+ in any one query. If there are too many, iicontinue will be returned.
+* action=query&meta=siteinfo&siprop=general will now return the regexes used for
+ link trails and link prefixes. Added for Parsoid support.
+* Added an API query module list=pageswithprop, which lists pages using a
+ particular page property.
+* Added an API query module list=pagepropnames, which lists all page prop names
+ currently in use on the wiki.
+* (bug 44921) ApiMain::execute() will now return after the CORS check for an
+ HTTP OPTIONS request.
+* (bug 44923) action=upload works correctly if the entire file is uploaded in
+ the first chunk.
+* Added 'continue=' parameter to streamline client iteration over complex query results
+* (bug 44909) API parameters may now be marked as type "upload", which is now
+ used for action=upload's 'file' and 'chunk' parameters. This type will raise
+ an error during parameter validation if the parameter is given but not
+ recognized as an uploaded file.
+* (bug 44244) prop=info may now return the number of people watching each page.
+* (bug 33304) list=allpages will no longer return duplicate entries when
+ querying protection.
+* (bug 33304) list=allpages will now find really old indefinite protections.
+* (bug 45937) meta=allmessages will report a syntactically invalid lang as a
+ proper error instead of as an uncaught exception.
+* (bug 25325) added support for wlshow filtering (bots/anon/minor/patrolled)
+ to action=feedwatchlist
+* WDDX formatted output will actually be formatted (and normal output will no
+ longer be), and will no longer choke on booleans.
+
+=== API internal changes in 1.21 ===
+* For debugging only, a new global $wgDebugAPI removes many API restrictions when true.
+ Never use on the production servers, as this flag introduces security holes.
+ Whenever enabled, a warning will also be added to all output.
+* ApiModuleManager now handles all submodules (actions,props,lists) and instantiation
+* Query stores prop/list/meta as submodules
+* ApiPageSet can now be used in any action to process titles/pageids/revids or any generator.
+* BREAKING CHANGE: ApiPageSet constructor now has two params instead of three, with only the
+ first one keeping its meaning. ApiPageSet is now derived from ApiBase.
+* BREAKING CHANGE: ApiQuery::newGenerator() and executeGeneratorModule() were deleted.
+* ApiQueryGeneratorBase::setGeneratorMode() now requires a pageset param.
+* $wgAPIGeneratorModules is now obsolete and will be ignored.
+* Added flags ApiResult::OVERRIDE and ADD_ON_TOP to setElement() and addValue()
+* Internal API calls will now include <warnings> in case of unused parameters
+
+=== Languages updated in 1.21 ===
+
+MediaWiki supports over 350 languages. Many localisations are updated
+regularly. Below only new and removed languages are listed, as well as
+changes to languages because of Bugzilla reports.
+
+* South Azerbaijani (azb) added.
+* (bug 30040) Autonym for nds-nl is now 'Nedersaksies' (was 'Nedersaksisch').
+* (bug 45436) Autonym for pi (Pali) is now 'पालि' (was ''पाळि').
+* (bug 34977) Now formatted numbers in Spanish use space as separator
+ for thousands, as mandated by the Real Academia Española.
+* (bug 35031) Kurdish formatted numbers now use period and comma
+ as separators for thousands and decimals respectively.
+
+=== Other changes in 1.21 ===
+* BREAKING CHANGE: (bug 44385) Removed the jquery.collapsibleTabs module and
+ moved it to the Vector extension. It was entirely Vector-extension-specific,
+ deeply interconnected with the extension, and this functionality really
+ belongs to the extension instead of the skin anyway. In the unlikely case you
+ were using it, you have to either copy it to your extension, or install the
+ Vector extension (and possibly disable its features using config settings if
+ you don't want them).
+* Experimental IBM DB2 support was removed due to lack of interest and maintainership
+* BREAKING CHANGE: Filenames of maintenance scripts were standardized into
+ lowerCamelCase format, and made more explicit:
+ - clear_stats.php -> clearCacheStats.php
+ - clear_interwiki_cache.php -> clearInterwikiCache.php
+ - initStats.php -> initSiteStats.php
+ - proxy_check.php -> proxyCheck.php
+ - stats.php -> showCacheStats.php
+ - showStats.php -> showSiteStats.php.
+ Class names were renamed accordingly:
+ - clear_stats -> ClearCacheStats
+ - InitStats -> InitSiteStats
+ - CacheStats -> ShowCacheStats
+ - ShowStats -> ShowSiteStats.
+* BREAKING CHANGE: (bug 38244) Removed the mediawiki.api.titleblacklist module
+ and moved it to the TitleBlacklist extension.
+
+= MediaWiki 1.20 =
+
+== MediaWiki 1.20.8 ==
+This is a security release of the MediaWiki 1.20 branch.
+
+=== Changes since 1.20.7 ===
+* (bug 53032) SECURITY: Don't cache when a call could autocreate
+* (bug 55332) SECURITY: Improve css javascript detection
+* (bug 49717) Fix behaviour $wgVerifyMimeType = false; in Upload
+* Fix comma errors in various js files
+* Translations
+
+== MediaWiki 1.20.7 ==
+This is a security release of the MediaWiki 1.20 branch.
+
+=== Changes since 1.20.6 ===
+* SECURITY: Fix extension detection with 2 .'s
+* SECURITY: Token-getting functions will fail when using jsonp callbacks.
+* SECURITY: Sanitize ResourceLoader exception messages
+* Purge upstream caches when deleting file assets.
+
+== MediaWiki 1.20.6 ==
+This is a security and maintenance release of the MediaWiki 1.20 branch.
+
+=== Changes since 1.20.5 ===
+* (bug 48306) SECURITY: Run file validation checks on chunked uploads, and chunks of upload, during the upload process.
+* (bug 44327) mediawiki.user: Use session ID instead of 1-year cross-session cookies
+* (bug 47202) wikibits: FF2Fixes.css should not be loaded in Firefox 20.
+* (bug 31044) Make ResourceLoader behave in read-only mode
+
+== MediaWiki 1.20.5 ==
+This is a security and maintenance release of the MediaWiki 1.20 branch.
+
+=== Changes since 1.20.4 ===
+* (bug 46590) Add hook AbortChangePassword to Special:ChangePassword
+* (bug 47304) SECURITY: Check SVG xml encoding against whitelist
+* Localisation updates from http://translatewiki.net.
+* mwdocgen.php: Implement --version option.
+* Remove svnstat stuff used in Doxygen generation
+* (bug 43594) Correctly supress warnings that were missed after the upstream
+* PHP change to E_STRICT being included in E_ALL.
+
+== MediaWiki 1.20.4 ==
+This is a security release of the MediaWiki 1.20 branch.
+
+=== Changes since 1.20.3 ===
+* (bug 47251) SECURITY: Disable external entities in Import
+* (bug 46859) SECURITY: Disable external entities in XMLReader
+* (bug 46084) SECURITY: Sanitize $limitReport before outputting
+
+== MediaWiki 1.20.3 ==
+This is a security and maintenance release of the MediaWiki 1.20 branch.
+
+=== Changes since MediaWiki 1.20.2 ===
+* New preference type - 'api'. Preferences of this type are not shown on Special:Preferences, but are still available via the action=options API. (Unbreaks MLEB.)
+* (bug 44010) Context is passed to UserGetLanguageObject.
+* The recursion guard on RequestContext::getLanguage() was weakened.
+* (bug 40585) Don't drop 'step="any"' in HTML input fields.
+* (bug 44024) Fixed problems in ObjectCache when using XCache.
+* (bug 44010) FauxRequest leaked cookie data from primary request.
+* (bug 44135/bug 42441) Pass '2' instead of 'true' to CURLOPT_SSL_VERIFYHOST
+* (bug 43518) API action=unblock should return the user name, not the full user object
+* (bug 45355) Prevent read of arbitrary files through mwdoc-filter.php
+
+== MediaWiki 1.20.2 ==
+This is a maintenance release of the MediaWiki 1.20 branch
+
+=== Changes since MediaWiki 1.20.1 ===
+* (bug 42638) Fix API action=options&reset=1 & unit tests.
+* (bug 42370) Fixed backport of 60cc060 to use mDoneWrites — caused * (bug 42592) User rights, preferences and other things are not saving in 1.20.1.
+
+== MediaWiki 1.20.1 ==
+This is a security release of the MediaWiki 1.20 branch
+
+=== Changes since 1.20.0 ===
+* (bug 42202) Validate options to prevent html injection
+* (bug 40995) Prevent session fixation in Special:UserLogin (CVE-2012-5391)
+* (bug 41400) Prevent linker regex from exceeding PCRE backtrack limit
+* Javscript Lint fixes
+* (bug 40632) Remove CleanupPresentationalAttributes feature
+* [Database] Fixed case where trx idle callbacks might be lost.
+
+== MediaWiki 1.20.0 ==
+
+=== PHP 5.3 now required ===
+Since 1.20, the lowest supported version of PHP is now 5.3.2. Please
+upgrade PHP if you have not done so prior to upgrading MediaWiki.
+
+=== Configuration changes in 1.20 ===
+* $wgGitRepositoryViewers defines a mapping from Git remote repository to the
+ Gitweb instance URL used in Special:Version.
+* `$wgUsePathInfo = true;` is no longer needed to make $wgArticlePath work on servers
+ using like nginx, lighttpd, and apache over fastcgi. MediaWiki now always extracts
+ path info from REQUEST_URI if it's available.
+* The user right 'upload_by_url' is no longer given to sysops by default.
+ This only affects installations which have $wgAllowCopyUploads set to true.
+* Removed f-prot support from $wgAntivirusSetup.
+* New variable $wgDBerrorLogTZ to provide dates in the error log in a
+ different timezone than the wiki timezone set by $wgLocaltimezone.
+* New variables $wgDBssl and $wgDBcompress to enable SSL and compression for database
+ connections, if either are available for the selected DB type.
+* $wgUseCombinedLoginLink now defaults to false, making MediaWiki output separate
+ login and create account links by default.
+
+=== New features in 1.20 ===
+* Added TitleIsAlwaysKnown hook which gets called when determining if a page exists.
+* Added NamespaceIsMovable hook which gets called when determining if pages in a
+ certain namespace can be moved.
+* Added SpecialPageBeforeExecute hook which gets called before SpecialPage::execute.
+* Added SpecialPageAfterExecute hook which gets called after SpecialPage::execute.
+* Added ORMTable, ORMRow and ORMResult classes for additional abstraction of
+ database interaction.
+* Added CacheHelper and associated SpecialCachedPage and CachedAction helper classes.
+* (bug 32341) Add upload by URL domain limitation.
+* &useskin=default will now always display the default skin. Useful for users with a
+ preference for the non-default skin to look at something using the default skin.
+* (bug 27619) Remove preference option to display broken links as link?
+* (bug 34896) jQuery JSON plugin upgraded to v2.3 (2011-09-17).
+* (bug 34302) Add CSS classes to email fields in user preferences.
+* Introduced $wgDebugDBTransactions to trace transaction status (currently PostgreSQL only).
+* (bug 23795) Add parser itself to ParserMakeImageParams hook.
+* Introduce a cryptographic random number generator source api for use when
+ generating various tokens.
+* (bug 30963) Option on Special:Prefixindex and Special:Allpages to not show redirects.
+* (bug 18062) New message when edit or create the local page of a shared file.
+* (bug 22870) Separate interface message when creating a page.
+* (bug 17615) nosummary option should be reassigned on preview/captcha.
+* (bug 34355) Add a variable and parser function for the namespace number.
+* (bug 35649) Special:Version now shows hashes of extensions checked out from git.
+* (bug 35728) Git revisions are now linked on Special:Version.
+* "Show Changes" on default messages shows now diff against default message text
+* (bug 23006) create #speciale parser function.
+* generateSitemap can now optionally skip redirect pages.
+* (bug 27757) New API command just for retrieving tokens (not page-based).
+* Added GitViewers hook for extensions using external git repositories to have a web-based
+ repository viewer linked to from Special:Version.
+* Memcached debug logs can now be sent to their own file logs by setting
+ $wgDebugLogFile['memcached'] to some filepath.
+* (bug 35685) api.php URL and other entry point URLs are now listed on
+ Special:Version
+* Edit notices can now be translated.
+* jQuery upgraded to 1.8.2.
+* jQuery UI upgraded to 1.8.23.
+* QUnit upgraded from v1.2.0 to v1.10.0.
+* (bug 37604) jquery.cookie upgraded to 2011 version.
+* (bug 22887) Add warning and tracking category for preprocessor errors
+* (bug 31704) Allow selection of associated namespace on the watchlist
+* (bug 5445) Now remove autoblocks when a user is unblocked.
+* Added $wgLogExceptionBacktrace, on by default, to allow logging of exception
+ backtraces.
+* Added device detection for determining device capabilities.
+* QUnit.newMwEnvironment now supports passing a custom setup and/or teardown function.
+ Arguments signature has changed. First arguments is now an options object of which
+ 'config' can be a property. Previously 'config' itself was the first and only argument.
+* New getCreator and getOldestRevision methods added to WikiPage class
+* (bug 4220) the XML dump format schema now have unique identity constraints
+ for page and revision identifiers. Patch by Elvis Stansvik.
+* cleanupSpam.php now can delete spam pages if --delete was specified instead of blanking
+ them.
+* Added new hook ChangePasswordForm to allow adding of additional fields in Special:ChangePassword
+* Added new function getDomain to AuthPlugin for getting a user's domain
+* (bug 23427) New magic word {{PAGEID}} which gives the current page ID.
+ Will be null on previewing a page being created.
+* (bug 37627) UserNotLoggedIn() exception to show a generic error page whenever
+ a user is not logged in.
+* Watched status in changes lists are no longer indicated by <strong></strong>
+ tags with class "mw-watched". Instead, each line now has a class
+ "mw-changeslist-line-watched" or "mw-changeslist-line-not-watched", and the
+ title itself is surrounded by <span></span> tags with class "mw-title".
+* Added ContribsPager::reallyDoQuery hook allowing extensions to data to MyContribs
+* Added new hook ParserAfterParse to allow extensions to affect parsed output
+ after the parse is complete but before block level processing, link holder
+ replacement, and so on.
+* (bug 34678) Added InternalParseBeforeSanitize hook which gets called during Parser's
+ internalParse method just before the parser removes unwanted/dangerous HTML tags.
+* Added new hook AfterFinalPageOutput to allow modifications to buffered page output before sent
+ to the client.
+* (bug 36783) Implement jQuery Promise interface in mediawiki.api module.
+* Make dates in sortable tables sort according to the page content language
+ instead of the site content language
+* (bug 37926) Deleterevision will no longer allow users to delete log entries,
+ the new deletelogentry permission is required for this.
+* (bug 14237) Allow PAGESINCATEGORY to distinguish between 'all', 'pages', 'files'
+ and 'subcats'
+* (bug 38362) Make Special:Listuser includeable on wiki pages.
+* Added support in jquery.localize for placeholder attributes.
+* (bug 38151) Implemented mw.user.getRights for getting and caching the current
+ user's user rights.
+* Session storage can now configured independently of general object cache
+ storage, by using $wgSessionCacheType. $wgSessionsInMemcached has been
+ renamed to $wgSessionsInObjectCache, with the old name retained for backwards
+ compatibility. When this feature is enabled, the expiry time can now be
+ configured with $wgObjectCacheSessionExpiry.
+* Added a Redis client for object caching.
+* Implemented mw.user.getGroups for getting and caching user groups.
+* (bug 37830) Added $wgRequirePasswordforEmailChange to control whether password
+ confirmation is required for changing an email address or not.
+* HTMLForm mutators can now be chained (they return $this)
+* A new message, "api-error-filetype-banned-type", is available for formatting
+ API upload errors due to the file extension blacklist.
+* New hook 'ParserTestGlobals' allows to set globals before running parser tests.
+* Allow importing pages as subpage.
+* Add lang and hreflang attributes to language links on Login page.
+* (bug 22749) Create Special:MostInterwikis.
+* Show change tags when transclude Special:Recentchanges(linked) or Special:Newpages.
+* (bug 23226) Add |class= parameter to image links in order to add class(es) to HTML img tag.
+* (bug 39431) SVG animated status is now shown in long description.
+* (bug 39376) jquery.form upgraded to 3.14.
+* SVG files will now show the actual width in the SVG's specified units
+ in the metadata box.
+* Added ResourceLoader module "jquery.jStorage" (v0.3.0, http://jStorage.info/).
+* (bug 39273) Added AJAX support for "Show changes" (diff) in LivePreview.
+* Added ResourceLoader module "jquery.badge".
+* mw.util.$content now points to the overall content area in the skin rather than just
+ page text content area. If you need the old behavior please use $( '#mw-content-text').
+* jsMessage has been replaced with a floating bubble notification system complete
+ with auto-hide, multi-message support, and message replacement tags.
+* jquery.messageBox which appears to be unused by both core and extensions has
+ been removed.
+* (bug 34939) Made link parsing insensitive ([HttP://]).
+* (bug 40072) Add CSS classes to items in output of ChangesList pages.
+* Added $wgCopyUploadProxy global to define which proxy to use for copy
+ uploads.
+* (bug 40448) mediawiki.legacy.mwsuggest has been replaced with a new module,
+ mediawiki.searchSuggest, based on SimpleSearch from Extension:Vector.
+
+=== Known issues in 1.20.0 ===
+These are issues that we're targeting to be fixed in a later release
+in the 1.20 series. Issues may be added or removed from this list as
+we see fit. For now, it is comprised of those bugs on the 1.20.0
+milestone in Bugzilla.
+
+* (bug 35894): Reports of secret key generation "hanging" on windows
+ This is probably a bug that has been fixed in PHP. If you run
+ into this, try upgrading your PHP.
+* (bug 38334): PHP Notice: Undefined index: href in /www/w/skins/Vector.php on line 416
+ We think this is a problem in some extension. If you see this,
+ try disabling your extensions and check out the logging patch on
+ this bug. Or try this patch:
+ <https://gerrit.wikimedia.org/r/#/c/27937/1/skins/Vector.php>
+* (bug 39268): [Regression] Toolbar inserts in main textarea only (instead of the focussed textarea)
+ This should only be an issue if you are using the ProofreadPage
+ extension.
+* (bug 40641): Clicking "others" in Special:Version asks to download a file
+ If you encounter this, you can tell your webserver to serve the
+ CREDITS file with text/plain MIME type to fix it.
+
+=== Bug fixes in 1.20 ===
+* (bug 40939): [Regression] InfoAction: Call to a member function getUserText() on a non-object
+* (bug 40780): searchsuggest-containing line ("containing...") doesn't include the entered text
+* (bug 37714): [Regression] Incomplete log entries
+* (bug 27202): API: Add timestamp sort to list=allimages
+* (bug 30245) Use the correct way to construct a log page title.
+* (bug 34237) Regenerate an empty user_token and save to the database
+ when we try to set the user's cookies for login.
+* (bug 32210) New edit emails for watched pages always provide a link to the
+ edit which triggered the mail.
+* (bug 12021) Added user talk link on Special:Listusers.
+* (bug 34445) section edit and TOC hide/show links are excluded from selection and
+ copy/paste on supporting browsers.
+* (bug 34428) Fixed incorrect hash mismatch errors in the DiffHistoryBlob
+ history compression method.
+* (bug 34702) Localised parentheses are now used in more special pages.
+* (bug 34723) When editing a script page on a RTL wiki the textbox should be LTR.
+* (bug 34762) Calling close() on a DatabaseBase object now clears the connection.
+* (bug 34863) Show deletion log extract on non-existent file pages if applicable.
+* (bug 28019) Let ?preloadtitle=foo be passed on to target of
+ Special:MyPage and Special:MyTalk.
+* (bug 34929) Show the correct diff when a section edit is rejected by the spam
+ filter.
+* (bug 15816) Add a switch for SETting the search_path (Postgres).
+* (bug 34521) Returning to the previous page after logging in loses any array-
+ valued parameters in the query string.
+* (bug 34735) Updated compressOld.php documentation to mention the different
+ usages of -s and -n parameters depending on compression type.
+* (bug 13896) Rendering of devanagari numbers in automatic '#' number lists.
+* (bug 33689) Upgrade to 1.19 on Postgres fails due to incomplete query when
+ trying to defer foreign key for externallinks.
+* (bug 32748) Printer friendly version of article decode Unicode chars as a
+ pretty IRI in footer.
+* Removed white border around thumbnails in galleries.
+* (bug 31236) "Next" and "Previous" buttons are shown incorrectly in
+ an RTL environment.
+* (bug 35749) Updated maintenance/checkSyntax.php to use Git instead of
+ Subversion when invoked with the --modified option.
+* (bug 35069) On history pages, the " . . " separator after the number of
+ characters changed in a revision is now suppressed if no text would follow.
+* (bug 18704) Add a unique CSS class or ID to the tagfilter table row at RecentChanges
+* (bug 33564) transwiki import sometimes result in invalid title.
+* (bug 35572) Blocks appear to succeed even if query fails due to wrong DB structure
+* (bug 31757) Add a word-separator between help-messages in HTMLForm
+* (bug 30410) Removed deprecated $wgFilterCallback and the 'filtered' API error.
+* (bug 32604) Some messages needs escaping of wikitext inside username.
+* (bug 36537) Rename wfArrayToCGI to wfArrayToCgi for consistency with wfCgiToArray.
+* (bug 25946) The message on the top of Special:RecentChanges is now displayed
+ in user language instead of content language.
+* (bug 35264) Wrong type used for <ns> in export.xsd
+* (bug 24985) Use $wgTmpDirectory as the default temp directory so that people
+ who don't have access to /tmp can specify an alternative.
+* (bug 27283) SqlBagOStuff breaks PostgreSQL transactions.
+* (bug 35727) mw.Api ajax() should put token parameter last.
+* (bug 37708) mw.Uri.clone() should make a deep copy.
+* (bug 38024) ResourceLoader should not create empty stylesheets for modules
+ that don't have stylesheets.
+* (bug 36812) Special:ActiveUsers "Hide bots" should hide users from any group
+ having the "bot" user right, instead of just the default "bot" user group.
+* (bug 35082) mw.util.addPortletLink incorrectly adds link to mutiple <ul> tags.
+* (bug 36991) jquery.tablesorter should extract date sort format from date
+ string instead of global config. Dates like "April 1 2012" and "1 April 2012"
+ now sort correctly regardless of the content language's DefaultDateFormat.
+* (bug 31895) mw.loader mode now correct when triggered from a $.fn.ready
+ handler that is bound before mediawiki.js's handler (e.g. browser-userscripts
+ like greasemonkey).
+* (bug 38152) jquery.tablesorter: Use .data() instead of .attr(), so that live
+ values are used instead of just the fixed values from when the tablesorter
+ was initialized.
+* (bug 38093) Gender of changed user groups missing in Special:Log/rights
+* (bug 35893) Special:Block needs to load mediawiki.special.block.js.
+* (bug 37331) ResourceLoader modules sometimes execute twice in Firefox
+* (bug 31644) GlobalUsage, CentralAuth and AbuseLog extensions should not use
+ insecure links to foreign wikis in the WikiMap.
+* (bug 36073) Avoid duplicate element IDs on File pages.
+* (bug 25095) Special:Categories should also include the first relevant item
+ when "from" is filled.
+* (bug 35526) jquery.tablesorter now uses a stable sort.
+* (bug 38953) --memory-limit switch not working for runJobs.php.
+* (bug 33037) Make subpage of Special:newfiles control how many files
+ are returned, like in previous versions.
+* (bug 36524) "Show" options on Special:RecentChanges and Special:RecentChangesLinked
+ are now remembered between successive clicks.
+* (bug 26069) Page title is no longer "Error" for all error pages.
+* (bug 39297) Show warning if thumbnail of animated image will not be animated.
+* (bug 38249) Parser will throw an exception instead of outputting gibberish if
+ PCRE is compiled without support for unicode properties.
+* (bug 30390) Suggested file name on Special:Upload should not contain
+ illegal characters.
+* EXIF below sea level GPS altitude data is now shown correctly.
+* (bug 39284) jquery.tablesorter should not consider "."" or "?"" to be a currency.
+* (bug 39273) "Show changes" should not be incorrectly displayed in the Live Preview state.
+* Made body-content lang attribute honor the variant language when it is set.
+* (bug 36761) "Mark pages as visited" now submits previously established filter options.
+* (bug 39635) PostgreSQL LOCK IN SHARE MODE option is a syntax error.
+* (bug 36329) Accesskey tooltips for Firefox 14 on Mac should use "ctrl-option-" prefix.
+* (bug 32552) Drop unused database field cat_hidden from table category.
+* (bug 24502) Do not allow multiple language links to the same language.
+* (bug 40214) Category pages no longer use deprecated "width" HTML attribute.
+* (bug 39941) Add missing stylesheets to the installer pages
+* In HTML5 mode, allow new input element types values (such as color, range..)
+* (bug 36151) mw.Title: Don't limit extension in title parsing.
+* (bug 38158) jquery.byteLimit sometimes causes an unexpected 0 maxLength being enforced.
+* (bug 38163) jquery.byteLimit incorrectly limits input when using methods other than
+ basic per-char typing.
+* (bug 34495) patrol log now credit the user patrolling (instead of patrolled
+ user).
+* (bug 31676) ResourceLoader should work around IE stylesheet limit.
+* (bug 40498) ResourceLoader should not output an empty "@media print { }" block.
+* (bug 40500) ResourceLoader should not ignore media-type for urls in debug mode.
+* (bug 40660) ResourceLoaderWikiModule should not convert "&nbsp;" to a space
+ for pages from the MediaWiki-namespace.
+* (bug 40329) (bug 40632) Removed CleanupPresentationalAttributes feature.
+
+=== API changes in 1.20 ===
+* (bug 34316) Add ability to retrieve maximum upload size from MediaWiki API.
+* (bug 34313) MediaWiki API intro message about "HTML format" should mention
+ the format parameter.
+* (bug 32384) Allow descending order for list=watchlistraw.
+* (bug 31883) Limit of bkusers of list=blocks and titles of action=query is
+ not documented in API help.
+* (bug 32492) API now allows editing using pageid.
+* (bug 32497) API now allows changing of protection level using pageid.
+* (bug 32498) API now allows comparing pages using pageids.
+* (bug 30975) API import of pages with invalid characters in this wiki leads to Fatal Error.
+* (bug 30488) API now allows listing of backlinks/embeddedin/imageusage per pageid.
+* (bug 34927) Output media_type for list=filearchive.
+* (bug 28814) add properties to output of action=parse.
+* (bug 33224) add variants of content language to meta=siteinfo.
+* (bug 32643) action=purge with forcelinkupdate no longer crashes when ratelimit is reached.
+* The paraminfo module now also contains result properties for most modules.
+* (bug 32348) Allow descending order for list=alllinks.
+* (bug 31777) Upload unknown error ``fileexists-forbidden''.
+* (bug 32382) Allow descending order for list=iwbacklinks.
+* (bug 32381) Allow descending order for list=backlinks, list=embeddedin and list=imageusage.
+* (bug 32383) Allow descending order for list=langbacklinks.
+* API meta=siteinfo can now return the list of known variable IDs.
+* (bug 35980) list=deletedrevs now honors drdir correctly in "all" mode (mode #3).
+* (bug 29290) API avoids mangling fields in continuation parameters
+* (bug 36987) API avoids mangling fields in continuation parameters
+* (bug 30836) siteinfo prop=specialpagealiases will no longer return nonexistent special pages
+* (bug 38190) Add "required" flag to some token params for hint in api docs.
+* (bug 27567) Add file repo support to prop=duplicatefiles.
+* (bug 27610) Add archivename for non-latest image version to list=filearchive
+* (bug 38231) Add xml parse tree to action=parse.
+* Watchlist notification timestamp may be queried by page and may be updated via the API.
+* (bug 38904) prop=revisions&rvstart=... no longer blows up when continuing.
+* (bug 39032) ApiQuery generates help in constructor.
+* (bug 11142) Improve file extension blacklist error reporting in API upload.
+* (bug 39665) List of query generators is now not built using reflection, instead it is
+ defined in code.
+* (bug 35993) Deprecated gettoken parameter - support will be removed in 1.22.
+
+=== Languages updated in 1.20 ===
+
+MediaWiki supports over 350 languages. Many localisations are updated
+regularly. Below only new and removed languages are listed, as well as
+changes to languages because of Bugzilla reports.
+
+* Emilian (egl) added.
+* Tornedalen Finnish (fit) added.
+* Mizo (lus) added.
+* Santali (sat) added.
+* (bug 34192) Namespace gender aliases for Albanian languages (sq & aln).
+* (bug 35541) Namespace gender aliases for Croatian (hr).
+* (bug 36012) Space in $separatorTransformTable should be non-breaking in
+ Portuguese, Esperanto and Udmurt.
+* Turoyo (tru) added.
+* Cyrillic-Latin language converter added for Uzbek (uz).
+
+=== Other changes in 1.20 ===
+* The user_token field is now left empty until a user attempts to login and
+ cookies need to be set. It is also now possible to reset every user's
+ user_token simply by clearing the values in the user_token column.
+* Removed ./tests/qunit/index.html from core. It wasn't actively maintained and
+ has been made obsolete when [[Special:JavaScriptTest/qunit]] was introduced,
+ which actually uses ResourceLoader, LocalSettings and the Skin.
+* Removed $wgDBtransactions global. This was only checked in one class
+ and only applies to MyISAM or similar DBs. Those should only be used
+ for archived sites anyway. We can't get edit conflicts on such sites,
+ so the WikiPage code wasn't useful there either.
+* Deprecated mw.user.name in favour of mw.user.getName.
+* Deprecated mw.user.anonymous in favour of mw.user.isAnon.
+* Deprecated DatabaseBase functions newFromParams(), newFromType(), set(),
+ quote_ident(), and escapeLike() were removed.
+* Use of __DIR__ instead of dirname( __FILE__ ).
+* OutputPage::wrapWikiMsg() no longer supports the 'options' parameter. It was
+ not used and complicated migration to Message class.
+* Live preview functionality has been improved and moved into the
+ 'mediawiki.action.edit.preview' module. The old 'mediawiki.legacy.preview' module
+ has been removed.
+* (bug 40448) Removed mediawiki.legacy.mwsuggest module, and removed the
+ following that has become obsolete:
+ - globals $wgEnableMWSuggest and $wgMWSuggestTemplate.
+ - mw.config.values wgMWSuggestTemplate and wgSearchNamespaces.
+ - method SearchEngine::getMWSuggestTemplate().
+
+== MediaWiki 1.19 ==
+
+== MediaWiki 1.19.21 ==
+This is a maintenance release of the MediaWiki 1.19 branch.
+
+=== Changes since 1.19.20 ===
+* (bug 67440) Allow classes to be registered properly from installer.
+* (bug 47281) Fixed a dumpBackup.php error with --uploads --include-filesoptions: Unable to find the wrapper "mwstore". * System administrators are encouraged to upgrade to this release or 1.22+ and produce a full data dump. https://www.mediawiki.org/wiki/Special:MyLanguage/Manual:Backing_up_a_wiki
+* (bug 63049) Removed anonymous functions from ApiFormatBase, added in1.19.13 as part of the fix for bug 61362, for PHP 5.2 compatibility.
+
+== MediaWiki 1.19.20 ==
+This is a security release of the MediaWiki 1.19 branch.
+
+=== Changes since 1.19.19 ===
+* (bug 70672) SECURITY: OutputPage: Remove separation of css and js module allowance.
+
+== MediaWiki 1.19.19 ==
+This is a security release of the MediaWiki 1.19 branch.
+
+=== Changes since 1.19.18 ===
+* (bug 69008) SECURITY: Enhance CSS filtering in SVG files. Filter <style> elements; normalize style elements and attributes before filtering; add checks for attributes that contain css; add unit tests for html5sec and reported bugs.
+
+== MediaWiki 1.19.18 ==
+This is a security release of the MediaWiki 1.19 branch.
+
+=== Changes since 1.19.17 ===
+* (bug 68187) SECURITY: Prepend jsonp callback with comment.
+* (bug 65778) SECURITY: Copy prevent-clickjacking between OutputPage and ParserOutput.
+
+== MediaWiki 1.19.17 ==
+This is a security and maintenance release of the MediaWiki 1.19 branch.
+
+=== Changes since 1.19.16 ===
+* (bug 65839) SECURITY: Prevent external resources in SVG files.
+* (bug 66428) MimeMagic: Don't seek before BOF. This has weird side effects like only extracting the tail of the file partially or not at all.
+
+== MediaWiki 1.19.16 ==
+This is a security release of the MediaWiki 1.19 branch.
+
+=== Changes since 1.19.15 ===
+* (bug 65501) SECURITY: Don't parse usernames as wikitext on Special:PasswordReset.
+
+== MediaWiki 1.19.15 ==
+This is a security and maintenance release of the MediaWiki 1.19 branch.
+
+=== Changes since 1.19.14 ===
+Fixed resetting passwords.
+* (bug 58640) Fixed a compatibility issue with PCRE 8.34 that caused pages to appear blank or with missing text.
+
+== MediaWiki 1.19.14 ==
+This is a security and maintenance release of the MediaWiki 1.19 branch.
+
+=== Changes since 1.19.13 ===
+* (bug 62497) SECURITY: Add CSRF token on Special:ChangePassword.
+* (bug 62467) Set a title for the context during import on the cli.
+
+== MediaWiki 1.19.13 ==
+This is a security and maintenance release of the MediaWiki 1.19 branch.
+
+=== Changes since 1.19.12 ===
+* (bug 61362) SECURITY: API: Don't find links in the middle of api.php links.
+* Use the correct branch of the extensions' git repositories.
+
+== MediaWiki 1.19.12 ==
+This is a security release of the MediaWiki 1.19 branch.
+
+=== Changes since 1.19.11 ===
+* (bug 60771) SECURITY: Disallow uploading SVG files using non-whitelisted namespaces. Also disallow iframe elements. * User will get an error including the namespace name if they use a non- whitelisted namespace.
+* (bug 61346) SECURITY: Make token comparison use constant time. It seems like our token comparison would be vulnerable to timing attacks. This will take constant time.
+
+== MediaWiki 1.19.11 ==
+This is a security release of the MediaWiki 1.19 branch.
+
+=== Changes since 1.19.10 ===
+* (bug 60339) SECURITY: Sanitize shell arguments to DjVu files, and other media formats
+
+== MediaWiki 1.19.10 ==
+This is a security release of the MediaWiki 1.19 branch.
+
+=== Changes since 1.19.9 ===
+* (bug 57550) SECURITY: Disallow stylesheets in SVG Uploads
+* (bug 58088) SECURITY: Don't normalize U+FF3C to \ in CSS Checks
+* (bug 58472) SECURITY: Disallow -o-link in styles
+* (bug 58553) SECURITY: Return error on invalid XML for SVG Uploads
+* (bug 58699) SECURITY: Fix RevDel log entry information leaks
+
+== MediaWiki 1.19.9 ==
+This is a security and maintenance release of the MediaWiki 1.19 branch.
+
+=== Changes since 1.19.8 ===
+* (bug 53032) SECURITY: Don't cache when a call could autocreate
+* (bug 55332) SECURITY: Improve css javascript detection
+* (bug 49717) Fix behaviour $wgVerifyMimeType = false; in Upload
+* Translations
+
+== MediaWiki 1.19.8 ==
+2013-09-03
+
+This is a security and maintenance release of the MediaWiki 1.19 branch.
+
+=== Changes since 1.19.7 ===
+* SECURITY: Sanitize ResourceLoader exception messages
+* SECURITY: Token-getting functions will fail when using jsonp callbacks.
+* SECURITY: Fix extension detection with 2 .'s
+* Allow a string other than '*' as condition for DatabaseBase::delete()
+* Purge upstream caches when deleting file assets.
+* jquery.tablesorter: Add missing dependency on jquery.mwExtension
+
+== MediaWiki 1.19.7 ==
+2013-05-21
+
+This is a security release of the MediaWiki 1.19 branch
+
+=== Changes since 1.19.6 ===
+* (bug 48306) SECURITY: Run file validation checks on chunked uploads, and chunks of upload, during the upload process.
+
+== MediaWiki 1.19.6 ==
+2013-04-30
+
+This is a security and maintenance release of the MediaWiki 1.19 branch
+
+=== Changes since 1.19.5 ===
+* (bug 47304) SECURITY: Check SVG xml encoding against whitelist
+* (bug 46590) Added AbortChangePassword hook to allow extensions to abort password changes from Special:ChangePassword
+* Localisation updates from http://translatewiki.net.
+* mwdocgen.php: Implement --version option.
+* Remove svnstat stuff used in Doxygen generation
+* E_USER_DEPRECATED undefined prior to php 5.3
+
+== MediaWiki 1.19.5 ==
+2013-04-15
+
+This is a security and maintenance release of the MediaWiki 1.19 branch
+
+=== Changes since 1.19.4 ===
+* (bug 47251) SECURITY: Disable external entities in Import
+* (bug 46859) SECURITY: Disable external entities in XMLReader
+* (bug 46084) SECURITY: Sanitize $limitReport before outputting
+* (bug 43594) Fix notices displayed on PHP 5.4
+* (bug 40585) Don't drop 'step="any"' in HTML input fields.
+
+== MediaWiki 1.19.4 ==
+2013-03-04
+
+This is a security release of the MediaWiki 1.19 branch
+
+=== Changes since 1.19.3 ===
+* New preference type - 'api'. Preferences of this type are not shown on Special:Preferences, but are still available via the action=options API.
+* (bug 44010) Context is passed to UserGetLanguageObject.
+* The recursion guard on RequestContext::getLanguage() was weakened.
+* (bug 44135/bug 42441) Pass '2' instead of 'true' to CURLOPT_SSL_VERIFYHOST
+* (bug 43518) API action=unblock should return the user name, not the full user object
+
+== MediaWiki 1.19.3 ==
+2012-11-30
+
+This is a security release of the MediaWiki 1.19 branch
+
+=== Changes since 1.19.2 ===
+* (bug 40995) Prevent session fixation in Special:UserLogin (CVE-2012-5391)
+* (bug 41400) Prevent linker regex from exceeding PCRE backtrack limit
+* Increase permitted runtime for testParserTest (only used for continuous integration).
+* Updated messages translations from http://translatewiki.net/
+
+== MediaWiki 1.19.2 ==
+
+This is a security release of the MediaWiki 1.19 branch
+
+=== Changes since 1.19.1 ===
+* (bug 39700) File: link to non-existing file can inject html
+* (bug 39823) Hidden block text leaking to admins
+* (bug 39184) LDAP password leakage
+* (bug 39180) Disallow framing of api results
+* (bug 37587) Enforce language codes to be html safe
+* (bug 39824) Check global blocks on account creation
+
+== MediaWiki 1.19 ==
+
+MediaWiki 1.19 is a large release that contains many new features and bug
+fixes. This is a summary of the major changes of interest to users.
+You can consult the RELEASE-NOTES-1.19 file for the full list of changes in
+this version.
+
+Our thanks go to everyone who helped to improve MediaWiki by testing the beta
+release and submitting bug reports.
+
+=== Changes since 1.19.1 ===
+* (bug 38406) Properly quote table names in DatabaseBase::tableName()
+* (bug 38249) Parser will throw an exception instead of outputting gibberish if
+ PCRE is compiled without support for unicode properties.
+
+=== Changes since 1.19.0 ===
+* (bug 36568) Fixed "Illegal string offset 'LIMIT'" warnings in updater
+* (bug 36938) Correctly escape uselang attribute to prevent xss
+* Expanded Blacklist for SVG Files
+
+=== Changes since 1.19 beta 2 ===
+* Special:Watchlist no longer sets links to feed when the user is anonymous.
+* (bug 35961) Hash comparison should always be strict.
+* Fix broken email confirmation expiration caused by MWCryptRand changes.
+* (bug 35671) PHP Notice: Undefined index: gettoken in includes/api/ApiMain.php
+ on line 598.
+* (bug 36042) 'show' causes a fatal in blocks API.
+
+=== Changes since 1.19 beta 1 ===
+* (bug 35014) Including a special page no longer sets the page's title to the
+ included page
+* (bug 35019) Edit summaries are no longer transformed in notification e-mails
+* (bug 35152) Help message for e-mail is shown again in user preferences
+* (bug 34887) $3 and $4 parameters are now substituted correctly in message
+ "movepage-moved"
+* (bug 34841) Edit links are no longer displayed when display old page versions
+* (bug 34889) User name should be normalized on Special:Contributions
+* (bug 35051) If heading has a trailing space after == then its name is not
+ preloaded into edit summary on section edit
+* (bug 31417) New ID mw-content-text around the actual page text, without categories,
+ contentSub, ... The same div often also contains the class mw-content-ltr/rtl.
+* (bug 35303) Proxy and DNS blacklist blocking works again
+* (bug 22555) Remove or skip strip markers from tag hooks like &lt;nowiki&gt; in
+ core parser functions which operate on strings, such as padleft.
+* (bug 18295) Don't expose strip markers when a tag appears inside a link
+ inside a heading.
+* (bug 34212) ApiBlock/ApiUnblock allow action to take place without a token
+ parameter present.
+* (bug 34907) Fixed exposure of tokens through load.php that could have facilitated
+ CSRF attacks.
+* (bug 35317) CSRF in Special:Upload.
+
+=== Configuration changes in 1.19 ===
+* Removed SkinTemplateSetupPageCss hook; use BeforePageDisplay instead.
+* (bug 27132) movefile right granted by default to registered users.
+* Default cookie lifetime ($wgCookieExpiration) is increased to 180 days.
+* (bug 31204) Removed old user.user_options.
+* $wgMaxImageArea now applies to jpeg files if they are not scaled with
+ ImageMagick.
+* Introduced $wgQueryPageDefaultLimit (defaults to 50) for the number of
+ items to show by default on query pages (special pages such as Whatlinkshere).
+* (bug 32470) Increase the length of ug_group.
+* (bug 32239) Removed $wgEnableTooltipsAndAccesskeys.
+* Removed $wgVectorShowVariantName.
+* Removed $wgExtensionAliasesFiles. Use $wgExtensionMessagesFiles.
+* Removed $wgResourceLoaderInlinePrivateModules , now always enabled.
+
+=== New features in 1.19 ===
+* (bug 19838) Add ability to get all interwiki prefixes also if the interwiki
+ cache is used.
+* $wgDnsBlacklistUrls now accepts an array with url and key as the
+ elements to work with DNSBLs that require keys, such as
+ Project Honeypot.
+* (bug 30022) Add support for custom loadScript sources to ResourceLoader.
+* (bug 19052) Unicode space separator characters (Zs) now terminates external
+ links and images links.
+* (bug 30160) Add public method to mw.loader to get module names from registry.
+* (bug 15558) Parameters to special pages included in wikitext can now be passed
+ as with templates.
+* Installer now issues a warning if mod_security is present.
+* (bug 29455) Add support for a filter callback function in jQuery byteLimit
+ plugin.
+* Added two new GetLocalURL hooks to better serve extensions working on a
+ limited type of titles.
+* Added a --no-updates flag to importDump.php that skips updating the links
+ tables.
+* Most presentational html attributes like valign are now converted to inline
+ css style rules. These attributes were removed from html5 and so we clean
+ them up when $wgHtml5 is enabled. This can be disabled using
+ $wgCleanupPresentationalAttributes.
+* Magic words (time and number-formatting ones, plus DIRECTIONMARK, but not
+ NAMESPACE) now depend on the page content language instead of the site
+ language. In theory this sets the right magic words in system messages,
+ although they are not used there.
+* (bug 30451) Add page_props to RefreshLinks::deleteLinksFromNonexistent.
+* (bug 30450) Clear page_props table on page deletion.
+* Hook added to check for exempt from account creation throttle.
+* (bug 30344) Add configuration variable for setting custom priorities when
+ generating sitemaps.
+* (bug 96170) Add array support for space-separated list attributes (like
+ 'class') in the Html helper class.
+* (bug 26470) Add checkered background image on hover on files pages.
+* (bug 30774) mediawiki.html: Add support for numbers and booleans in the
+ attribute values and element contents.
+* Conversion script between Tifinagh and Latin for the Tachelhit language.
+* (bug 16755) Add options 'noreplace' and 'noerror' to {{DEFAULTSORT:...}}
+ to stop it from replace an already existing default sort, and suppress error.
+* (bug 18578) Rewrote revision delete related messages to allow better
+ localisation.
+* (bug 30364) LanguageConverter now depends on the page content language
+ instead of the wiki content language.
+* Jump links will now be usable in CSS-capable browsers instead of only
+ in outdated text browsers.
+* New common*.css files usable by skins instead of having to copy piles
+ of generic styles from MonoBook or Vector's css.
+* Some deprecated presentational html attributes will now be automatically
+ converted to css.
+* (bug 31297) Add support for namespaces in Special:RecentChanges subpage filter
+ syntax.
+* The default user signature now contains a talk link in addition to the user link.
+* (bug 25306) Add link of old page title to MediaWiki:Delete_and_move_reason.
+* Added hook BitmapHandlerCheckImageArea.
+* (bug 30062) Add $wgDBprefix option to cli installer.
+* getUserPermissionsErrors and getUserPermissionsErrorsExpensive hooks are now
+ also called when checking for 'read' permission.
+* Introduce $wgEnableSearchContributorsByIP which controls whether searching
+ for an IP address redirects to the contributions list for that IP.
+* (bug 8859) Database::update should take array of tables too.
+* (bug 19698) Add "Inverse namespaces" option to Special:Contributions.
+* (bug 24037) Add byte length of revision to Special:Contributions.
+* (bug 1672) Added $wgDisableUploadScriptChecks to allow uploading of files
+ containing HTML or JS. DISABLING THESE CHECKS IS VERY DANGEROUS.
+* New path mappings can be added using the WebRequestPathInfoRouter hook
+ and adding paths to the PathRouter.
+* (bug 32666) Special:ActiveUsers now allows a subpage to be used as value for the
+ "target" query parameter (eg. Special:ActiveUsers/Username).
+* New JavaScript variable wgPageContentLanguage.
+* Added new debugging toolbar, enabled with $wgDebugToolbar.
+* Differences in the history page now uses slightly better colors for people
+ perceiving colors differently.
+* (bug 32879) Upgrade jQuery to 1.7.1.
+* jQuery UI upgraded to 1.8.17.
+* Extensions can use the 'Language::getMessagesFileName' hook to define new
+ languages using messages files outside of core.
+* (bug 32512) Add 'Associated namespace' checkbox to Special:Contributions.
+* Added $wgSend404Code, true by default, which can be set to false to send a
+ 200 status code instead of 404 for nonexistent articles.
+* (bug 33447) Link to the broken image tracking category from Special:Wantedfiles.
+* (bug 27724) Add timestamp to job queue.
+* (bug 30339) Implement SpecialPage for running javascript tests. Disabled by default, due to
+ tests potentially being harmful, not to be run on a production wiki.
+ Enable by setting $wgEnableJavaScriptTest to true.
+* Extensions can use the RequestContextCreateSkin hook to override what skin is
+ loaded in some contexts.
+* (bug 33456) Show $wgQueryCacheLimit on cached query pages.
+* (bug 10574) Add an option to allow all pages to be exported by Special:Export.
+* mediawiki.js Message object constructor is now publicly available as mw.Message.
+* (bug 29309) Allow CSS class per tooltip (tipsy).
+* (bug 33565) Add accesskey/tooltip to submit buttons on Special:EditWatchlist.
+* (bug 17959) Inline rendering/thumbnailing for Gimp XCF images.
+* (bug 27775) Namespace has it's own XML tag in the XML dump file.
+* (bug 30513) Redirect tag is now resolved in XML dump file.
+* sha1 xml tag added to XML dump file.
+* (bug 33646) Badtitle error page now emits a 400 HTTP status.
+* Special:MovePage now has a dropdown menu for namespaces.
+* (bug 34420) Special:Version now shows git HEAD sha1 when available.
+* (bug 33952) Refactor mw.toolbar to allow dynamic additions at any time.
+
+=== Bug fixes in 1.19 ===
+* $wgUploadNavigationUrl should be used for file redlinks if.
+ $wgUploadMissingFileUrl is not set. The first was used for this
+ until the second was introduced in 1.17.
+* BREAKING CHANGE: Style rules for wikitable are now more specific and prevent
+ inheritance to nested tables which caused various issues (bug 30485 and bug
+ 33434). If your wiki has overridden rules for ".wikitable", please revise them and
+ adjust where necessary. For comparison, use the "table.wikitable" section in
+ skins/common/shared.css as base.
+* $wgUploadNavigationUrl is now used for file redlinks if
+ $wgUploadMissingFileUrl is not set. The former was used for this until the
+ second was introduced in 1.17.
+* (bug 27894) Move 'editondblclick' event listener down from body to
+ div#bodyContent.
+* (bug 30172) The check for posix_isatty() in maintenance scripts did not detect
+ when the function exists but is disabled. Introduced
+ Maintenance::posix_isatty().
+* (bug 30264) Changed installer-generated LocalSettings.php to use
+ require_once() instead require() for included extensions.
+* Do not convert text in the user interface language to another script.
+* (bug 26283) Previewing user JS/CSS pages didn't load other user JS/CSS pages.
+* (bug 26486) ResourceLoader modules with paths to nonexistent files cause PHP
+ warnings/notices to be thrown.
+* (bug 30335) Fix for HTMLForms using GET that were breaking when non-friendly
+ URLs are used.
+* (bug 28649) Preventing half truncated multi-byte unicode characters when
+ truncating log comments.
+* Show --batch-size option in help of maintenance scripts that support it.
+* (bug 4381) Magic quotes cleaning was not comprehensive, key strings were not
+ unescaped.
+* (bug 23057) Importers no longer can 'edit' or 'create' a fully-protected page by
+ importing a new revision into it.
+* Allow moving the associated talk pages of subpages even if the base page
+ has no subpage.
+* Per page edit-notices now work in namespaces without subpages enabled.
+* (bug 31081) $wgEnotifUseJobQ is no longer unconditionally enqueueing jobs.
+* (bug 30202) File names are now restricted on upload to 240 bytes, because of
+ restrictions on some of the database fields.
+* Timezones are now recognised in user preferences when offset is different
+ due to DST.
+* (bug 31692) "summary" parameter now also works when undoing revisions.
+* (bug 18823) "move succeeded" text displayed bluelinks even when redirect was
+ suppressed.
+* (bug 19186) Special:UserLogin's title on Special:SpecialPages now says
+ "create account" when the user cannot create an account.
+* (bug 31818) 'usercreated' message now supports GENDER.
+* (bug 32022) Our phpunit.php script can now be executed from another directory.
+* (bug 26020) Setting $wgEmailConfirmToEdit to true no longer removes diffs
+ from recent changes feeds.
+* (bug 30232) add current time to message wlnote on Special:Watchlist.
+* (bug 29110) $wgFeedDiffCutoff did not affect new pages.
+* (bug 32168) Add wfRemoveDotSegments for use in wfExpandUrl.
+* (bug 32358) Do not display "No higher resolution available" for dimensionless
+ files (like audio files).
+* (bug 32168) Add wfAssembleUrl for use in wfExpandUrl.
+* (bug 32168) fixed - wfExpandUrl expands dot segments now.
+* (bug 31535) Upload comments now truncated properly, and don't have brackets.
+* (bug 32086) Special:PermanentLink now shows an error message when no subpage
+ was specified.
+* (bug 30368) Special:Newpages now shows the new page name for moved pages.
+* (bug 1697) The way to search blocked usernames in block log should be clearer.
+* (bug 29747) eAccelerator shared memory caching has been removed since it is
+ now disabled by default and is buggy. APC, XCache and WinCache are not affected.
+* Installer now refuses to install if php was not compiled with Ctype support.
+* (bug 29475) Remove "trackback" feature entirely from core.
+* (bug 32665) Special:BlockList prefills the username in the input field if
+ using the Special:BlockList/username URL.
+* (bug 27721) Make JavaScript variables wgSeparatorTransformTable and
+ wgDigitTransformTable depend on page content language so the sort script
+ sorts correctly more often.
+* (bug 32230) Expose wgRedirectedFrom in JavaScript.
+* (bug 31212) History tab not collapsed when the screen is narrow.
+* (bug 15521) Use new section summary when the action of adding a new section
+ also happens to create the page.
+* (bug 32960) Remove EmailAuthenticationTimestamp from database when a
+ email address is removed.
+* (bug 32414) Empty page get a empty bytes attribute in Export/Dump.
+* (bug 33101) Viewing a User or User talk of username resembling IP ending
+ with .xxx causes Internal error.
+* Warning about undefined index in certain situations when $wgLogRestrictions
+ causes the first log type requested to be removed but not the others.
+* Use separate message ('prefixindex-namespace') for title of
+ Special:PrefixIndex rather then re-using Special:AllPages's allinnamespace.
+* (bug 33156) Special:Block now allows you to confirm you want to block yourself
+ when using non-normalized username.
+* (bug 33246) News icon shown for news:// URLs but not for news: URLs.
+* (bug 33305) Make mw.util.addCSS resistant to IE's @font-face bug by setting
+ cssText after DOM insertion.
+* (bug 30711) When adding a new section to a page with section=new, the text is
+ now always added to the current version of the page.
+* (bug 31719) Fix uploads of SVGs exported by Adobe Illustrator by expanding
+ XML entities correctly.
+* (bug 30914) Embeddable ResourceLoader modules (user.options, user.tokens)
+ should be loaded in <head> for proper dependency resolution.
+* (bug 32702) Removed method Skin::makeGlobalVariablesScript() has been readded
+ for backward compatibility.
+* (bug 31469) Make sure tracking category messages expand variables like
+ {{NAMESPACE}} relative to correct title.
+* (bug 33454) ISO-8601 week-based year number (format character 'o') is now
+ calculated correctly with respect to timezone.
+* (bug 32219) InstantCommons now fetches content from Wikimedia Commons using
+ HTTPS when the local wiki is served over HTTPS.
+* (bug 33525) clearTagHooks doesn't clear function hooks.
+* (bug 33523) Function tag hooks don't appear on Special:Version.
+* Files with IPTC blocks we can't read no longer prevent extraction of exif
+ or other metadata.
+* (bug 33587) Remove action "historysubmit" from history pages.
+* (bug 25800) mw.config wgAction should contain the actually performed action instead
+ of whatever the query value contains.
+* (bug 4438) Add CSS hook for current WikiPage action.
+* (bug 33703) Common border-bottom color for <abbr> should inherit default (text) color.
+* (bug 33819) Display file sizes in appropriate units.
+* (bug 32948) {{REVISIONID}} and related variables are no longer blank after doing
+ a null edit.
+* (bug 33880) $wgUsersNotifiedOnAllChanges should not send e-mail to user who made
+ the edit.
+* (bug 33902) Decoding %2B with mw.Uri.decode results in ' ' instead of +.
+* (bug 33762) QueryPage-based special pages no longer misses *-summary message.
+* Other sizes links are no longer generated for wikis without a 404 thumbnail handler.
+* (bug 29454) Enforce byteLimit for page title input on Special:MovePage.
+* (bug 34114) CSSMin::remap() doesn't respect its $embed parameter.
+* Special:Contributions/newbies now shows the contributions for the user "newbies".
+ New user contributions are obtained using the form or using ?contribs=newbie in URL.
+* It is now possible to delete images that have no corresponding description pages.
+* (bug 33165) GlobalFunctions.php line 1312: Call to a member function
+ getText() on a non-object.
+* (bug 31676) Group dynamically inserted CSS into a single <style> tag, to work
+ around a bug where not all styles were applied in Internet Explorer.
+* (bug 28936, bug 5280) Broken or invalid titles can't be removed from watchlist.
+* (bug 34600) Older skins using useHeadElement=false were broken in 1.18.
+* (bug 34604) [mw.config] wgActionPaths should be an object instead of a numeral
+ array.
+* (bug 12262) Indents and lists are now aligned
+* (bug 29753) mw.util.tooltipAccessKeyPrefix should be alt-shift for Chrome
+ on Windows
+* (bug 25095) Special:Categories should also include the first relevant item
+ when "from" is filled.
+* (bug 34972) An error occurred while changing your watchlist settings for
+ [[Special:WhatLinksHere/Example]]
+
+=== API changes in 1.19 ===
+* Made action=edit less likely to return "unknownerror", by returning the actual error
+ message (which may have come from a hook call or similar).
+* (bug 19838) siprop=interwikimap can now use the interwiki cache.
+* (bug 29748) Add API search prefix support.
+* (bug 29684) Set forgotten parameter types in ApiQueryIWLinks.
+* (bug 29685) do not output NULL parentid with list=deletedrevs&drprop=parentid.
+* siprop=interwikimap and siprop=languages can use silanguagecode to have
+ a best effort language name translation. Use CLDR extension for best result.
+* (bug 30230) action=expandtemplates should not silently override invalid title
+ inputs.
+* (bug 18634) Create API to fetch MediaWiki's language fallback tree structure.
+* (bug 26885) Allow show/hide of account blocks, temporary blocks and single IP
+ address blocks for list=blocks.
+* (bug 30591) Add support to only return keys in ApiAllMessages.
+* The API now respects $wgShowHostnames and won't share the hostname in
+ servedby if it's set to false.
+* wlexcludeuser parameter added to ApiFeedWatchlist.
+* (bug 7304) Links on redirect pages no longer cause the redirect page to show
+ up as a redirect to the linked page on Special:Whatlinkshere.
+* (bug 32609) API: Move captchaid/captchaword of action=edit from core
+ to Captcha extension(s).
+* Added 'APIGetDescription' hook.
+* (bug 32688) Paraminfo for parameter "generator" of the query module shows too
+ many types.
+* (bug 32415) Empty page get no size attribute in API output.
+* (bug 31759) Undefined property notice in querypages API.
+* (bug 32495) API should allow purge by pageids.
+* (bug 33147) API examples should explain what they do.
+* (bug 33482) Api incorrectly calls ApiBase::parseMultiValue if allowed
+ values is given as an array.
+* (bug 32948) {{REVISIONID}} and related variables are no longer blank after
+ calling action=purge&forcelinkupdate.
+* (bug 34377) action=watch now parses messages using the correct title instead
+ of "API".
+* (bug 35036) WikiLove messages were not automatically updated in JavaScript
+ after having been changed on-wiki due to a bug in core
+
+=== Languages updated in 1.19 ===
+
+MediaWiki supports over 350 languages. Many localisations are updated
+regularly. Below only new and removed languages are listed, as well as
+changes to languages because of Bugzilla reports.
+
+* Canadian English (en-ca) (new).
+* Norwegian (bokmål) (nb) (renamed from no).
+* Uighur (Latin) (ug-latn) was incorrectly marked as right-to-left language.
+* (bug 30217) Make pt-br a fallback of pt.
+* (bug 31193) Set fallback language of Assamese from Bengali to English.
+* Update date format for dsb and hsb: month names need the genitive.
+* (bug 28643) Serbian variant conversion improvements (Nikola Smolenski).
+* (bug 29405, bug 30809) Lower diacritics are invisible in titles in Indic
+ languages Assamese, Bengali, Hindi, Malyalam and Odiya.
+* (bug 32826) Titles in indic languages are partially cut.
+* (bug 33367) Gendered namespaces for Czech.
+* (bug 33014) Language::formatSize()/formatBitrate() should be able to deal
+ with larger numbers (tera-yotta).
+
+=== Other changes in 1.19 ===
+* BREAKING CHANGE: Legacy global array 'ta' and global function 'akeytt' have
+ been removed from wikibits.js.
+* jquery.mwPrototypes module was renamed to jquery.mwExtension.
+* The maintenance script populateSha1.php was renamed to the more concise
+ populateImageSha1.php.
+* The Client-IP header is no longer checked for when trying to resolve a client's
+ real IP address.
+* (bug 22096) Although IE5.x and below was already unsupported officially, stylesheets
+ existing exclusively for IE5.0 and IE5.5 have now been removed (which were in skins
+ 'chick' and 'monobook').
+* The constructor for CategoryView has changed, the second parameter is now a
+ Context source and is required.
+* The Title::escape{Local,Full,Canonical}URL methods are deprecated, please use
+ proper html building methods to escape the normal get{...}URL methods instead.
+* The $variant arguments in the Title::get{Local,Full,Link,Canonical}URL methods
+ have been replaced with a secondary query argument.
+* The $variant argument in the hooks for the Title::get{Local,Full,Link,Canonical}URL
+ methods have been removed, the variant is now part of the $query argument.
+* Removed Title::isValidCssJsSubpage(), deprecated since 1.17 in favor of
+ using Title::isCssJsSubpage() or checking Title::isWrongCaseCssJsPage().
+* Support for the deprecated hook MagicWordMagicWords was removed.
+* The Xml::namespaceSelector method has been deprecated, please use
+ Html::namespaceSelector instead (note that the parameters have changed also).
+* (bug 33746) Preload popular ResourceLoader modules (mediawiki.util) as stop-gap
+ for scripts missing dependencies.
+ New configuration variable $wgPreloadJavaScriptMwUtil has been introduced for this
+ (set to false by default for new installations). Set to true if your wiki has a large
+ amount of user/site scripts that are lacking dependency information. In the short to
+ medium term these user/site scripts should be fixed by adding the used modules to the
+ dependencies in the module registry and/or wrapping them in a callback to mw.loader.using.
+
+== MediaWiki 1.18 ==
+
+== MediaWiki 1.18.5 ==
+2012-08-30
+
+This is a security release of the MediaWiki 1.18 branch
+
+=== Changes since 1.18.4 ===
+* (bug 39700) File: link to non-existing file can inject html
+* (bug 39823) Hidden block text leaking to admins
+* (bug 39184) LDAP password leakage
+* (bug 39180) Disallow framing of api results
+* (bug 37587) Enforce language codes to be html safe
+* (bug 39824) Check global blocks on account creation
+
+== MediaWiki 1.18.4 ==
+2012-06-12
+
+This is a security release of the MediaWiki 1.18 branch.
+
+=== Changes since 1.18.3 ===
+* (bug 36938) Correctly escape uselang attribute to prevent xss
+* Expanded Blacklist for SVG Files
+
+== MediaWiki 1.18.3 ==
+2012-04-25
+
+This is a maintenance release of the MediaWiki 1.18 branch.
+
+=== Changes since 1.18.2 ===
+* (bug 35446) Using "{{nse:}}" with an invalid namespace name no longer throws
+ a PHP warning.
+* (bug 35567) The whole password reminder e-mail is now sent in the same language.
+* (bug 35961) Hash comparison should always be strict.
+* (bug 35671) PHP Notice: Undefined index: gettoken in includes/api/ApiMain.php
+ on line 598.
+* Fix broken email confirmation expiration caused by MWCryptRand changes.
+
+== MediaWiki 1.18.2 ==
+2012-03-21
+
+This is a maintenance and security release of the MediaWiki 1.18 branch.
+
+=== Changes since 1.18.1 ===
+* (bug 33686) could not get a list of contributors for an article when using
+ a SQLite database.
+* (Bug 33865) Exception thrown in action=parse when attempting to use the title
+ parameter without setting the text parameter.
+* UserMailer could potentially throw a fatal error when a MailAddress object had
+ an empty email address.
+* (Bug 33087) Exchange server rejected mail sent by MediaWiki
+* (bug 34528) Edit section tooltips show correction section name again
+* (bug 34246) MediaWiki:Whatlinkshere-summary message is displayed again in
+ Special:Whatlinkshere
+* (bug 22555) Remove or skip strip markers from tag hooks like &lt;nowiki&gt; in
+ core parser functions which operate on strings, such as formatnum.
+* (bug 34212) ApiBlock/ApiUnblock allow action to take place without a token
+ parameter present.
+* (bug 34907) Fixed exposure of tokens through load.php that could have facilitated
+ CSRF attacks.
+* (bug 35317) CSRF in Special:Upload.
+
+== MediaWiki 1.18.1 ==
+2012-01-11
+
+This a maintenance and security release of the MediaWiki 1.18 branch.
+
+=== Changes since 1.18.0 ===
+* (bug 32712) Fix for search indexing of pages with certain unicode chars following URL.
+* (bug 3901) Lang, hreflang attribs added to sidebar interlanguage links for screen readers.
+* (bug 30774) mediawiki.html: Add support for numbers and booleans in the
+ attribute values and element contents.
+* (bug 32473) [[Special:PasswordReset]] can not be used on private wiki.
+* (bug 32853) Fixed CACHE_DBA object cache type.
+* (bug 32786) Backward compatibility for extension using 1.17's Database::newFromType().
+* Fixed exception when using Special:WhatLinksHere on a Media: file.
+* (bug 32709) Private Wiki users were always taken to Special:Badtitle on login.
+* (bug 33240) Sort images are missing but referenced in css.
+* (bug 31921) Magic words REVISIONDAY, REVISIONMONTH and REVISIONYEAR were
+ not showing their values on preview.
+* (bug 32702) Removed method Skin::makeGlobalVariablesScript() has been readded
+ for backward compatibility.
+* (bug 30172) The check for posix_isatty() in maintenance scripts did not detect
+ when the function exists but is disabled. Introduced Maintenance::posix_isatty().
+* (bug 33305) Make mw.util.addCSS resistant to IE's @font-face bug by setting
+ cssText after DOM insertion.
+* (bug 29102) Upgrades no longer fail with the error "Unknown character set: 'mysql4'.
+* (bug 25355) Parser generates edit section links for special pages.
+* (bug 33321) Adding a line to MediaWiki:Sidebar that contains a pipe, but doesn't
+ have any pipes after being transformed by MessageCache, causes exception on
+ all pages.
+* Fixed recentchanges FK violation on page delete and cache purge error in updater
+ for Oracle DB.
+* (bug 33117) prop=revisions allows deleted text to be exposed through cache pollution.
+
+== MediaWiki 1.18.0 ==
+2011-11-24
+
+This is the first stable release of the MediaWiki 1.18 branch.
+
+=== Summary of selected changes in 1.18 ===
+
+Selected changes since MediaWiki 1.17 that may be of interest:
+
+* Some of the more commonly used MediaWiki extensions are now included in the
+ release tarball. These extensions are ConfirmEdit, Gadgets, Nuke, ParserFunctions,
+ Renameuser, Vector and WikiEditor.
+
+* Gender support has been improved, meaning user pages can display the correct gender
+ variant of "User" can now be used.
+
+* MediaWiki can now detect the camera orientation of an image from the Exif metadata, and
+ can rotate the image thumbnail appropriately. Metadata support has been generally
+ improved, and can now extract IPTC and XMP metadata.
+
+* Improved directionality support in 1.18 means that MediaWiki is better to use for
+ RTL users.
+
+* MediaWiki now supports protocol - relative URLs in links, interwiki targets and $wgServer
+
+* Math support has been removed from core
+
+=== Changes since 1.18.0rc1 ===
+* (bug 32228) regression in Special:Search which did not conserve profile on new search
+* (bug 32460) Categories were improperly aligned in Simple and CologneBlue
+* (bug 32412) TOC links on [[Special:EditWatchlist]] points to the fieldsets
+* (bug 32582) Fix TOC show/hide link regression on IE 8
+
+=== Changes since 1.18 beta 1 ===
+* (bug 31886) Wrong titles redirecting to Special:Badtitle in the 1.18 deployment.
+* (bug 32051) Fix description for wlprop=sizes.
+* (bug 31913) Special:MostLinkedTemplates had an incorrect GROUP BY clause
+ under Microsoft SQL.
+* (bug 32100) installer complains about suhosin GET limit.
+* (bug 31933) fix 1.18 regression in Monobook sidebar: huge spacing between portlets
+ on IE 7 and IE 8/9 in compatibility view.
+* (bug 32126) Fix 1.18 regression in watchlist editor when items already removed
+ from watchlist.
+* (bug 32183) remove the client-* classes added from user-agent-sniffing onto
+ the <html> element.
+* (bug 29912) Unit tests break if parsertest tables are still present.
+* (bug 31694) During installation, tabbing order (cursor focus) goes to logo
+ instead of 'continue'.
+* (bug 29102) Upgrade fails "Unknown character set: 'mysql4".
+* (bug 31990) justify paragraphs pref adds extra space to category listing.
+* (bug 20148) Better title for [[Special:Disambiguations]] page.
+* (bug 31502) TOC is missing on Special:EditWatchlist.
+* (bug 32256) API list=search stops at first invalid result.
+* (bug 32047) jquery.tablesorter.js: thead is before caption.
+* (bug 29854) Store protocol-relative links twice in the externallinks table,
+ one with http: in el_index and once with https.
+* (bug 31822) Error during upgrade due to output buffer reset in stdout.
+
+=== Configuration changes in 1.18 ===
+* The WantedPages::getSQL hook has been removed and replaced with
+ WantedPages::getQueryInfo. This may break older extensions.
+* The SkinTemplateBuildContentActionUrlsAfterSpecialPage,
+ SkinTemplateContentActions and SkinTemplateTabs hooks have been removed in
+ favor of SkinTemplateNavigation and SkinTemplateNavigation::SpecialPage.
+* $wgUseCombinedLoginLink controls whether to output a combined
+ login / create account link in the personal bar, or to output separate login
+ and create account links.
+* Skin names are no longer created based on a ucfirst version of the key in
+ $wgValidSkinNames but now the value. This means for
+ $wgValidSkinNames["monobook"] = "MonoBook"; the skin loader will no longer try
+ loading SkinMonobook and will instead load SkinMonoBook.
+* $wgMaxUploadSize may now be set to an array to specify the upload size limit
+ per upload type.
+* $wgAPICacheHelp added in 1.16 is now removed. To disable API help caching, set
+ $wgAPICacheHelpTimeout = 0;
+* OutputPage::isUserJsAllowed() no longer returns false when scripts are allowed
+ by the page, but $wgAllowUserJs is set to false.
+* Pure "Skin" class based custom skins are no longer supported, all custom skins
+ should be put together using SkinTemplate and BaseTemplate or QuickTemplate.
+* The transliteration for passwords in case they were migrated from an old
+ Latin-1 install (previous to MediaWiki 1.5) is now only done for wikis with
+ $wgLegacyEncoding set.
+* (bug 27508) Add $wgSVGMetadataCutoff to limit the maximum amount of an SVG we
+ look at when finding metadata to prevent excessive resource usage.
+* $wgSysopUserBans and $wgSysopRangeBans (deprecated in 1.17) are now removed.
+ Use $wgBlockCIDRLimit = array( 'IPv4' => 43, 'IPv6' => 128 ) to achieve the
+ same functionality as $wgSysopRangeBans; you can use the BlockIp hook to
+ replicate $wgSysopUserBans functionality.
+* The options on the block form have been standardised such that checking a box
+ makes the block 'more serious'; so while "check to prevent account creation"
+ and "check to enable autoblock" remain the same, "check to allow user-talk
+ edit" is reversed to "check to *disable* user-talk edit", and "check to block
+ anon-only" becomes "check to block logged-in users too". The default settings
+ remain the same.
+* Most of the field names on the Special:Block form have been changed, which
+ will probably break screen-scraping bots.
+* (bug 26866) The 'trackback' right is no longer granted to sysops by default.
+ $wgUseTrackbacks is already false by default.
+* (bug 17009) the hiddenStructure CSS class, a highly hackish way of at least
+ *appearing* to hide article elements, has been removed. Use the
+ ParserFunctions extension to actually remove unwanted elements from the
+ output.
+* (bug 14202) $wgUseTeX has been superseded by the Math extension. To re-enable
+ math conversion after upgrading, obtain the Math extension from SVN or from
+ https://www.mediawiki.org/wiki/Extension:Math and add to LocalSettings.php:
+ require_once "$IP/extensions/Math/Math.php";
+* $wgProfiler is now a configuration array, see StartProfiler.sample for
+ details.
+* $wgProfiling has been removed.
+* The spyc library is now no longer included in phase3.
+* (bug 28343) Unused preferences contextlines/contextchars have been removed
+* $wgSkinExtensionFunctions has been removed. Use $wgExtensionFunctions instead.
+* $wgProto has been removed. You now only need to set $wgServer to change the
+ URL protocol.
+* $wgRateLimitsExcludedGroups (deprecated in 1.13) has been removed.
+* $wgInputEncoding and $wgOutputEncoding (deprecated in 1.5) have now been removed.
+* $wgAllowUserSkin (deprecated in 1.16) has now been removed.
+* $wgExtraRandompageSQL (deprecated in 1.16) has now been removed.
+* LogReader and LogViewer classes (deprecated in 1.14) have now been removed.
+* (bug 26033) Added $wgArticleCountMethod to select the method to use to say
+ whether a page is an article or not. $wgUseCommaCount is now deprecated.
+* $wgEnableDublinCoreRdf and $wgEnableCreativeCommonsRdf no longer work in core,
+ and the functionality has been moved to the relevant extensions. See
+ https://www.mediawiki.org/wiki/Extension:DublinCoreRdf and
+ https://www.mediawiki.org/wiki/Extension:CreativeCommonsRdf as appropriate.
+* (bug 21107) Split error "customcssjsprotected" into separate messages for JS and CSS
+* Removed $wgCheckCopyrightUpload from DefaultSettings, since the relevant feature
+ was removed in about 1.5.
+* LogPageValidTypes, LogPageLogName, LogPageLogHeader and LogPageActionText
+ hooks have been removed.
+* New hook "Collation::factory" to allow extensions to create custom
+ category collations.
+* $wgGroupPermissions now supports per namespace permissions.
+* $wgEnableAutoRotation enables or disables auto-rotation. Leaving it set to
+ null will cause MediaWiki to determine if auto-rotation is available.
+
+=== New features in 1.18 ===
+* BREAKING CHANGE: action=watch / action=unwatch now requires a token.
+* BREAKING CHANGE: Article class hierarchy split into WikiPage (backend)
+ and Article (frontend) hierarchies. Several hooks now pass a WikiPage object instead
+ of an Article object. These hooks all use an $article parameter as documented in hooks.txt.
+ Extensions should be updated to account for this, though most won't require any changes.
+* (bug 27860) Minor edit after clicking 'new section' tab
+ Now the "This is a minor edit" checkbox is not available when you
+ create a page or new section.
+* (bug 8130) Query pages should limit to content namespaces, not just main
+ namespace.
+* Special:Contribs now redirects to Special:Contributions.
+* (bug 6672) Images are now autorotated according to their EXIF orientation.
+ This only affects thumbnails; the source remains unrotated.
+* (bug 25708) Update case mappings and normalization to Unicode 6.0.0.
+* New hook ArticlePrepareTextForEdit added, called when preparing text to be
+ saved.
+* New parser option PreSaveTransform added, allows the pre-save transformation
+ to be selectively disabled.
+* Alternative to $wgHooks implemented, using the new Hooks class.
+* Add width parameter to Special:Filepath to allow getting the file path of a
+ thumbnail.
+* (bug 26870) Add size to {{filepath:}}.
+* Upload warnings now show a thumbnail of the uploaded file.
+* Introduced the edittools-upload message, which will be inserted under the
+ upload form instead of edittools if available.
+* (bug 26285) Extensions will be automatically generated on upload if the user
+ specified a filename without extension.
+* (bug 26851) Special:UserRights now allows to prefill the reason field
+* New maintenance script to fix double redirects
+ (maintenance/fixDoubleRedirects.php).
+* (bug 23315) New body classes to allow easier styling of special pages.
+* (bug 27159) Make email confirmation code expiration time configurable.
+* (bug 29047) CSS/JS for each user group is imported from MediaWiki:Group-sysop.js,
+ MediaWiki:Group-autoconfirmed.css, etc.
+* (bug 24230) Uploads of ZIP types, such as MS Office or OpenOffice can now be
+ safely enabled. A ZIP file reader was added which can scan a ZIP file for
+ potentially dangerous Java applets. This allows applets to be blocked
+ specifically, rather than all ZIP files being blocked.
+* (bug 2429) Allow selection of associated namespace in recent changes.
+* (bug 26217) File size is now checked before uploading in HTML5 browsers.
+* CSS stylesheet MediaWiki:Noscript.css is now loaded for users with JavaScript
+ disabled (enclosed in the head in a <noscript> tag).
+* Added UserGetLanguageObject hook to change the language used in $wgLang.
+* (bug 14645) When $wgMiserMode is on, expensive special pages are styled
+ differently (italicized by default) on Special:SpecialPages.
+* Added $wgAggregateStatsID, which allows UDP stats to be aggregated over
+ several wikis.
+* When $wgAllowMicrodataAttributes is true, all itemtypes are allowed, not just
+ the three that were defined in the original specification.
+* (bug 14706) Added support for the Imagick PHP extension.
+* (bug 18691) Added support for SVG rasterization using the Imagick PHP
+ extension.
+* (bug 2581, bug 6834) Added links to thumbnail in several resolutions to the
+ file description page. The sizes are set by $wgImageLimits.
+* (bug 28031) Add pageCount support to ArchivedFile.
+* (bug 27924) PhpHttpRequest doesn't return response body if HTTP != 200.
+* Added hook BitmapHandlerTransform to allow extension to transform a file
+ without overriding the entire handler.
+* The parser now attempts to output markers for editsection tokens and defer the
+ rendering of them post-cache to reduce parser cache fragmentation and ensure
+ skin customizability of edit section links.
+* (bug 24755) AuthPlugin auto-creation of local accounts can now be aborted by
+ other extensions by handling the 'AbortAutoAccount' hook, similar to the
+ 'AbortNewAccount' triggered by explicit account creations. (They are separate
+ to avoid loops and confusion; auth plugins like CentralAuth need to handle
+ AbortNewAccount separately.
+* Special:ListFiles is now transcludable.
+* (bug 13879) Special:Emailuser asks for suitable target user if called without.
+* (bug 16956) IPTC and XMP metadata now extracted from images.
+* (bug 23816) A tracking category is now added for any pages with broken images.
+* (bug 23495) Allow createAndPromote.php to create non-sysop users.
+* (bug 28916) A way to to toggle mw.config legacy globals settings from
+ LocalSettings.php has been created by introducing $wgLegacyJavaScriptGlobals.
+* (bug 28503) Support for ircs:// URL protocols.
+* (bug 26033) It is now possible to count all non-redirect pages in content
+ namespaces as articles.
+* Images can now be embedded in an XML dump stream using backupDump.php
+ --include-files and can be imported using importDump.php --uploads;
+ furthermore, it can import files from the filesystem using --image-base-path.
+* Three new hooks in Special:Undelete, 'UndeleteForm::showHistory',
+ 'UndeleteForm::showRevision' and 'UndeleteForm::undelete', so that extensions
+ may override the usage of PageArchive class and replace it with their own
+ class that extends PageArchive.
+* (bug 28915) Implement QUnit test suite for MediaWiki JavaScript.
+ Also built-in support for distribution through a TestSwarm instance.
+* (bug 29036) For cascade-protected pages, the mw-textarea-cprotected class is
+ added to the textarea on the edit form.
+* mw.util.wikiScript has been implemented (like wfScript in GlobalFunctions.php)
+* (bug 29067) Expose user.tokens (like we do user.options) in ResourceLoader.
+* New 'Debug' hook used by wfDebug() and wfDebugLog().
+* (bug 27655) Require token for watching/unwatching pages)
+* (bug 28904) (bug 29773) Update jQuery version from 1.4.4 to 1.6.2 (the latest version)
+* (bug 29441) Expose CapitalLinks config in JS to allow modules to properly
+ handle titles on case-sensitive wikis.
+* (bug 29397) Implement mw.Title module in core.
+* In MySQL 4.1.9+ with replication enabled, fetch the slave lag from SHOW SLAVE
+ STATUS instead of SHOW PROCESSLIST. This ensures that lag is reported
+ correctly in the case where there are no write events occurring. Note that
+ the DB user now needs to have the REPLICATION CLIENT privilege if you are
+ using replication.
+* Language codes in $wgDummyLanguageCodes are now excluded on localization
+ statistics (maintenance/language/transstat.php).
+* (bug 29586) Make the (next 200) links on categories link directly to
+ the relevant section of the category.
+* (bug 29109) Allow the automatic edit summary for redirect creation
+ show the first bit of the new redirect page.
+* (bug 29723) mw.util.wikiGetlink() now defaults to wgPageName.
+* (bug 29680) Add GetDefaultSortkey hook to override the default sortkey.
+* (bug 16699) {{#language:}} accepts second parameter to specify the language in
+ which the language name is wanted. Coverage depends on the cldr extension.
+* (bug 15802) An easy way to look up messages: language qqx which returns
+ the message keys.
+* (bug 29868) Add support for passing parameters to mw.msg in jquery.localize.
+* (bug 29558) $wgMiserMode now disables update.php by default.
+* AjaxCategories: Easily add, edit or delete categories on article pages.
+ Suggests possible categories when typing, all saves are done via AJAX.
+ Supports editing of multiple categories and then saving them in one batch.
+* $wgAutopromoteOnce was added, allowing for users to be automatically promoted
+ to explicit usergroups. If a group is removed from a user via Special:UserRights,
+ it will not automatically be re-added. Configuration is similar to
+ $wgAutopromote (see DefaultSettings.php).
+* The PerformRetroactiveAutoblock hook was added to allow overriding or complementing
+ retroactive autoblock handling. This runs when blocking a user with the 'autoblock' option.
+* MediaWiki now supports using protocol-relative URLs in links, interwiki
+ targets and $wgServer.
+* Introduced $wgVaryOnXFPForAPI which will cause the API to send
+ Vary: X-Forwarded-Proto headers.
+* New maintenance script to refresh image metadata (maintenance/refreshImageMetadata.php).
+* (bug 16428) Include permalink in printable version.
+* (bug 30722) Add an identity collation that sorts things based on what the
+ unicode code point is (aka pre-1.17 behavior).
+* (bug 30940) Add a hook in User:getDefaultOptions.
+ To give extensions a better and more flexible way of providing default
+ values for preferences a hook has been introduced in User:getDefaultOptions().
+ Setting preferences in $wgDefaultUserOptions still work fine, but when reading
+ them (i.e. with array_keys) to get a list of all preferences, then
+ $wgDefaultUserOptions should no longer be used as it will contain those set via
+ User:getDefaultOptions().
+* (bug 30497) Add client-nojs and client-js classes on document element
+ to let styles easily hide or show things based on general JS availability.
+* (bug 31293) If Special:Userlogin is loaded over HTTPS, display
+ MediaWiki:loginend-https instead of MediaWiki:loginend, if it's not empty.
+ Same for signupend on the account creation page.
+* (bug 31233) New OutputPage::addJsConfigVars() method to make the output page specific
+ mw.config map extendable.
+* mw.util.wikiScript has been implemented (like wfScript in GlobalFunctions.php).
+
+=== Bug fixes in 1.18 ===
+* (bug 27860) Minor edit after clicking 'new section' tab.
+* (bug 23119) WikiError class and subclasses are now marked as deprecated.
+* (bug 10871) Javascript and CSS pages in MediaWiki namespace are no longer
+ treated as wikitext on preview.
+* (bug 22753) Output from update.php is more clear when things changed, entries
+ indicating nothing changed are now all prefixed by "...".
+* Page existence is now not revealed (in the colour of the tabs) to users who
+ cannot read the page in question.
+* (bug 19006) {{REVISIONUSER}} no longer acts like {{CURRENTUSER}} in some
+ cases.
+* (bug 16019) $wgArticlePath = "/$1" no longer breaks API edit/watch actions.
+* (bug 18372) File types blacklisted by $wgFileBlacklist will no longer be shown
+ as "Permitted file types" on the upload form.
+* (bug 26379) importImages.php gives more descriptive error message on failure.
+* (bug 26410) + signs are no longer treated as spaces in internal links if
+ link has a % sign in it.
+* (bug 26412) Search results headers no longer show a bogus edit link.
+* (bug 26540) Fixed wrong call to applyPatch in MysqlUpdater.
+* (bug 26574) Added 'upload' to $wgRestrictionTypes, allowing upload protected
+ pages to be queried via the API and Special:ProtectedPages, and allowing
+ disabling upload protection by removing it from $wgRestrictionTypes.
+* If an edit summary exceeds 250 bytes and is truncated, add an ellipse.
+* (bug 26638) Database error pages display correctly in RTL languages.
+* (bug 26187) Confirmrecreate no longer parses the edit summary.
+* (bug 26208) Mark directionality of some interlanguage links.
+* (bug 26034) Make the "View / Read" tab in content_navigation style tabs remain
+ selected when the action is "purge".
+* (bug 14267) Support a MediaWiki:Mainpage-nstab override for the subject
+ namespace tab on the mainpage of a wiki.
+* (bug 10158) Do not mention allowing others to contact you when the feature
+ is disabled ($wgEnableUserEmail=false).
+* (bug 26733) Wrap initial table creation in transaction.
+* (bug 26729) Category pages should return 404 if they do not exist and have no
+ members.
+* (bug 2585) Image pages should send 404 if no image, no shared image and no
+ description page.
+* Custom editintro's using the editintro url parameter will no longer show
+ <noinclude> sections on pages they are included on.
+* (bug 26449) Keep underlines from headings outside of tables and thumbs by
+ adding overflow:hidden to h1,h2,h3,h4,h5,h6 (also fixes editsection bunching).
+* (bug 26708) Remove background-color:white from tables in Monobook and Vector.
+* (bug 28422) Remove color:black from tables in Monobook and Vector. And add it
+ to table.wikitable instead.
+* (bug 26781) {{PAGENAME}} and related parser functions escape their output
+ better.
+* (bug 26716) Provide link to instructions for external editor related
+ preferences and add a comment to the ini control file explaining what is
+ going on.
+* Trying to upload a file with no extension or with a disallowed MIME type now
+ gives the right message instead of complaining about a MIME/extension
+ mismatch.
+* (bug 26809) Uploading files with multiple extensions where one of the
+ extensions is blacklisted now gives the proper extension in the error message.
+* (bug 26961) Hide anon edits in watchlist preference now actually works.
+* (bug 19751) Filesystem is now checked during image undeletion.
+* Send last modified headers for Special:Recentchanges when RC patrol is
+ enabled, but user cannot see rc patrol links.
+* (bug 26548) ForeignAPIRepo (InstantCommons) now works with PDF files
+ and other multi-paged file formats.
+* Files with a mime type that does not match the extension are now properly
+ thumbnailed.
+* (bug 27201) Special:WhatLinksHere output no longer contains duplicate IDs.
+* (bug 15905) Nostalgia skin could become more usable by including a Talk:
+ link at the top of the page.
+* (bug 27560) Search queries no longer fail in Walloon language.
+* (bug 27679) Broken embedded files with special characters are no longer
+ double HTML escaped.
+* (bug 27700) The upload protection can now also be set for files that do not
+ exist.
+* (bug 27763) Article::getParserOutput() no longer throws a fatal given when an
+ incorrect revision ID is passed.
+* Trim the form field for uploading by url to remove extra spaces which could
+ cause confusing error messages.
+* (bug 27854) Http::isValidURI is way too lax.
+* Do not show enotifminoredits preference, if disabled by $wgEnotifMinorEdits.
+* AbortLogin returning "ABORTED" now handled. Also allows message identifier
+ for "ABORTED" reason to be returned and displayed to user.
+* (bug 28034) uploading file to local wiki when file exists on shared repository
+ (commons) gives spurious info in the warning message.
+* Usernames get lost when selecting different sorts on Special:listfiles.
+* (bug 14005) editing section 0 of an existing but empty page gives no such
+ section error.
+* (bug 26939) Installer does not set $wgMetaNamespace.
+* (bug 28166) UploadBase assumes that 'edit' and 'upload' rights are not per
+ page restrictions.
+* Make truncate function automatically consider length of '...' string,
+ since length can vary by localization.
+* (bug 28242) Make redirects generated by urls containing a local interwiki
+ prefix be a 301 instead of a 302.
+* (bug 15641) blocked administrators are now prevented from deleting or
+ protecting their own talk page; and all blocked users are more
+ comprehensively prevented from performing other actions.
+* (bug 27893) Edit-on-doubleclick now applies only on view and purge actions;
+ no longer triggers unexpectedly on delete, history etc.
+* (bug 28417) Fix PHP notice when importing revision without a listed id.
+* (bug 28430) Make html and TeX output of <math> always be left-to-right.
+* (bug 28306) Fix exposure of suppressed usernames in ForeignDBRepo.
+* (bug 28372) Fix bogus link to suppressed file versions in ForeignDBRepo.
+* (bug 27473) Fix regression: bold, italic no longer interfere with linktrail
+ for ca, kaa.
+* (bug 28444) Fix regression: edit-on-doubleclick retains revision id again.
+* &apos; character entity is now allowed in wikitext.
+* UtfNormal::cleanUp on an invalid utf-8 sequence no longer returns false if
+ intl installed.
+* (bug 28561) The css class small will no longer make nested elements even
+ smaller.
+* (bug 13172) Array type exif data (like GPS) was not being extracted from
+ images.
+* (bug 28532) wfMsgExt() and wfMsgWikiHtml() use $wgOut->parse().
+* (bug 16129) Transcluded special pages expose strip markers when they output
+ parsed messages.
+* (bug 27249) "Installed software" table in Special:Version should always be
+ left-to-right.
+* (bug 28719) Do not call mLinkHolders __destruct explicitly.
+* (bug 21196) Article::getContributors() no longer fails on PostgreSQL.
+* (bug 28752) XCache doesn't work in CLI mode.
+* (bug 28076) Thumbnail height limited to 360 pixels on Special:Listfiles.
+* (bug 22227) Special:Listfiles no longer throws an error on bogus file entries.
+* (bug 19408) user_properties.up_property: 32 bytes is not enough.
+* (bug 25262) Fix for minification of hardcoded data: URIs in CSS.
+* (bug 29263) Add LTR class to the shared CSS to be used for left-to-right text
+ such as SQL queries shown in dberrortext and similar messages in RTL
+ environments.
+* (bug 14977) Fixed $wgServer detection in cases where an IPv6 address is used
+ as the server name.
+* The View X deleted revisions is now shown again on Special:Upload.
+* (bug 29071) mediawiki.action.watch.ajax.js should pass uselang to API.
+* (bug 28868) Show total pages in the subtitle of an image on the
+ file description page for multi-paged documents.
+* (bug 28883) Message names for different compression types commonly
+ used in Tiff files.
+* When transcluding a special page, do not let it interpret url parameters.
+* (bug 28887) Special page classes are no longer re-used during 1 request.
+* (bug 28888) Searching for something starting with a # sign no longer tells
+ the user a page named [[:]] already exists.
+* (bug 23002) Imagelinks table not updated after imagemove.
+* (bug 27864) Transcluding {{Special:Prefix}} with empty prefix now lists all
+ pages.
+* (bug 18803) JPEG2000 images should not be uploadable as .jpg files.
+* (bug 11868) If using links to count articles, the checking will now be based
+ on the real presence of an internal link instead of the "[[" string.
+* (bug 28287) The "your changes" box for edit conflicts is now read-only.
+* (bug 28940) When making a thumb of an SVG, and only specifying the height
+ make the width be the max SVG size, not the natrual width of the SVG.
+* (bug 1780) Uploading files with non-ascii characters are now forbidden on
+ Windows.
+* (bug 23464) File: prefixes are now chopped off during uploading.
+* (bug 28174) Message config-logo-help amended to not explicitly assume any
+ LTR/RTL screen layout.
+* (bug 28992) Revision numbers in the patrol log are transformed in the user
+ language.
+* (bug 27073) ResourceLoaderDynamicStyles marker should be dynamically appended to
+ the document head if it doesn't exist.
+* (bug 27023) After the document is ready, mw.loader is broken (calls callback
+ before module is parsed).
+* (bug 4330) External URLs without a custom title should be treated as LTR,
+ even in RTL text.
+* (bug 29055) Make "don't send email on minor edits" preference apply to
+ changes to talk page in addition to watchlist edits.
+* (bug 28272) Special:AllMessages should have only one "Go" button.
+* (bug 29101) Special:FileDuplicateSearch no longer shows silly message.
+* (bug 29048) jQuery.tabIndex: firstTabIndex() should not output the same
+ as lastTabIndex().
+* (bug 29332) Warn if user requests mediawiki-announce subscription but does not
+ enter an e-mail address.
+* (bug 25375) Add canonical namespaces to "wgNamespaceIds" in mw.config.
+* The class JpegOrTiffHandler was renamed ExifBitmapHandler.
+* (bug 29443) Special:Undelete should use JavaScript to invert all checkboxes
+ instead of reloading the page.
+* (bug 29325) Setting $wgStrictFileExtensions to false no longer gives incorrect warning.
+* (bug 29437) Multiple apostrophes in deleted article title cause odd rendering.
+* (bug 29485) RSS feed of Special:RecentChange grouped together multiple
+ consecutive edits by same user in included diff, but then linked to
+ a single ungrouped diff.
+* Do not try to group together a page creation and edit in the RSS feed of RC.
+* (bug 29342) Patrol preferences shouldn't be visible to users who don't have
+ patrol permissions.
+* (bug 29471) Exception no longer thrown for files with invalid date in metadata.
+* (bug 29492) Long-running steps in the installer (such as Upgrade and Install)
+ no longer cause timeouts.
+* (bug 29507) Change 'image link' to 'file link' in Special:Whatlinkshere.
+* If the db is really screwed up, and doesn't have a recentchanges table,
+ make the updater throw an exception instead of a fatal.
+* wfArrayToCGI() and wfCgiToArray() now handle nested and associative arrays
+ correctly.
+* (bug 29567) mw.util.addPortletLink should only wrap link in <span> for
+ "vectorTabs" portlets.
+* (bug 8556) Incorrect session failure warning on preview-on-open
+ namespaces (categories) when combined with $wgRawHtml.
+* Use content language in formatting of dates in revertpage message
+ (rollback revert edit summary) and do not adjust for user timezone.
+* (bug 29277) MediaWiki:Filepage.css is also shown on the local wiki
+* Make sure Backlink cache does not retrieve interwiki redirects when looking for
+ redirects to a local page.
+* (bug 6100) Allow different directionality (LTR/RTL) for user interface
+ and wiki content, along with many other RTL and directionality improvements
+ (such as bugs 28030, 12406, 28349).
+* (bug 29712) Removed broken defaultUserOptionOverrides in MessagesXx files and
+ unneeded CSS flipping of quickbar. Instead, introduce option 5 which sets
+ left/right according to the directionality of your interface language.
+* (bug 19514) Unordered list list-style-image should be IE6-compatible (8-bit).
+* (bug 27410) The tag filter on a history page is now within a <label> element.
+* (bug 29779) DairikiDiff/WikiDiff <ins> and <del> should undo browser default
+ styling (strike/underline).
+* (bug 28630) Add iwlinks, langlinks, redirect to
+ RefreshLinks::deleteLinksFromNonexistent.
+* (bug 29797) Error: "Tried to load block with invalid type" when subpages
+ are disabled for user pages.
+* (bug 12205) Bidirectional names in action=credits are split and displayed
+ incorrectly when wrapped to the next line.
+* (bug 20781) Move 'mainpagetext' messages to installer's .i18n file.
+* (bug 29737) "MediaWiki:Qbsettings-directionality" should refer to script,
+ not language.
+* (bug 26360) $wgSessionHandler was overriding system settings unconditionally.
+* Removed AjaxFunctions.php. The last remaining function js_unescape() was moved
+ to the FCKEditor extension.
+* (bug 28762) Resizing to specified height broken for very thin images.
+* (bug 29959) Installer fatal when cURL and allow_url_fopen is disabled and user
+ tries to subscribe to mediawiki-announce.
+* (bug 27427) mw.util.getParamValue shouldn't return value from hash even if
+ param is only present in hash.
+* Installer checked for magic_quotes_runtime instead of register_globals.
+* (bug 30131) XCache with variable caching disabled no longer used for variable
+ caching (CACHE_ACCEL)
+* $wgSVGMaxSize is now applied to the smaller of width or height, making very wide
+ pano/timeline/diagram SVGs renderable at saner sizes.
+* (bug 30219) The page shown when LocalSettings.php does not exist was broken on
+ Windows servers.
+* (bug 30074) Moving user JS subpages resulted in JS errors because
+ #REDIRECT [[Foo]] is invalid JS.
+* (bug 30335) Fix for HTMLForms using GET breaking when non-friendly URLs
+ are used.
+* (bug 30264) Changed installer-generated LocalSettings.php to use require_once()
+ instead of require() for included extensions.
+* Tracking categories are no longer shown in footer for special pages.
+* (bug 30684) Fix bad escaping in mw.message for inexistent messages (i.e. <key>).
+* $wgOverrideSiteFeed no longer double escapes urls.
+* The preprocessor no longer fails with a PHP warning about XML_PARSE_HUGE when
+ processing complex pages using newer versions of libxml2.
+* (bug 30907) Special:Unusedcategories should sort ascendingly.
+* (bug 28545) When using the uca-default collation, sortkey's starting with a
+ space (U+20) will sort under an invisible header like in 1.16 rather than a U+6DE.
+* (bug 30192) Thumbnails of archived files are now deleted.
+* (bug 30843) mediawiki.Title should not convert extensions (anything after the
+ last full stop) to lower case).
+* (bug 31213) Exception thrown when trying to move file cross-namespace.
+* (bug 18424) Special:Prefixindex and Special:Allpages paging links are
+ really small, and somewhat inconsistent with each other.
+* (bug 30466) Entries in iwlinks table are now cleared when moving a page over
+ redirect.
+* (bug 31674) Can't edit watchlist if it contains special pages.
+* (bug 32100) Installer complains about Suhosin GET limit even if it is
+ already set above 1024 bytes.
+
+=== API changes in 1.18 ===
+* BREAKING CHANGE: action=watch now requires POST and token.
+* (bug 26339) Throw warning when truncating an overlarge API result.
+* (bug 14869) Add API module for accessing QueryPage-based special pages.
+* (bug 14020) API for Special:Unwatchedpages.
+* (bug 24287) Wrap API Help output at 100 characters.
+* Add a realname uiprop option to query=userinfo so a user's realname can be
+ extracted.
+* Add a &watchuser option to ApiBlock.
+* (bug 26541) Generator-ise ApiQueryRecentChanges.
+* action=parse now correctly returns an error for nonexistent pages.
+* (bug 25767) Add userrights properties to allusers and users query lists.
+* (bug 26558) list=allusers auprop=groups does not list groups a user is
+ automatically a member of.
+* (bug 26559) list=allusers auprop=rights does not match
+ list=users usprop=rights.
+* (bug 26560) On allusers if limit < total number of users, last user gets
+ duplicate.
+* (bug 25135) add "normalized" to action=parse.
+* (bug 26460) Add support for listing category members by category pageid.
+* (bug 26482) add a imimages param to prop=images.
+* (bug 26498) allow LinksUpdate with API.
+* (bug 26485) add a elextlinks param to prop=extlinks.
+* (bug 26483) add a iwtitles param to prop=iwlinks.
+* (bug 26484) add a lltitles param to prop=langlinks.
+* (bug 26480) add a pppageprops param to prop=pageprops.
+* (bug 26650) Remove $wgAPICacheHelp in favour of $wgAPICacheHelpTimeout.
+* (bug 24650) Fix API to work with categorylinks changes.
+* Expose list of skins in meta=siteinfo.
+* (bug 26548) Add iiurlparam param to query=imageinfo and query=stashimageinfo.
+* (bug 27205) aiprop=metadata and aiprop=parsedcomment need help text.
+* Add a amtitle param to meta=allmessages.
+* (bug 25832) query=allimages now outputs ns/title as well.
+* (bug 27199) Thumbnail urls can be fetched for old files as well.
+* (bug 27376) when using ApiBase::PARAM_TYPE => 'integer' without a min or
+ max value, API doesn't validate the input is actually an integer.
+* (bug 27479) API error when using both prop=pageprops and
+ prop=info&inprop=displaytitle.
+* (bug 27554) Update API information text to reflect change in bug 26125.
+* (bug 27611) list=blocks: Use ipb_by_text instead of join with user table.
+* (bug 27616) Add userid of blocked user and blocker to list=blocks.
+* (bug 27688) Simplify queries to list user block information.
+* (bug 27708) list=users does not have a property to return user id.
+* (bug 27715) imageinfo didn't respect revdelete.
+* (bug 27862) Useremail module didn't properly return success on success.
+* (bug 27590) prop=imageinfo now allows querying the media type.
+* (bug 27587) list=filearchive now outputs full title info.
+* (bug 27018) Added action=filerevert to revert files to an old version.
+* (bug 27897) list=allusers and list=users list hidden users.
+* (bug 27717) API's exturlusage module does not respect $wgMiserMode.
+* (bug 27588) list=filearchive&faprop=sha1 returns empty attribute.
+* (bug 28010) Passing a non existent user to list=users gives internal error.
+* (bug 27549) action=query&list=users&usprop=groups doesn't show implicit
+ groups if a user doesn't have explicit groups.
+* (bug 27670) Ordering by timestamp (and usage of start and end) isn't as clear
+ in auto generated document, as it is on mediawiki.org.
+* (bug 27182) API: Add filter by prefix for meta=allmessages.
+* (bug 27183) API: Add filter by customisation state for meta=allmessages.
+* (bug 27340) API: Allow listing of "small" categories.
+* (bug 27342) Add audir param to list=allusers.
+* (bug 27203) add fato param to list=filearchive.
+* (bug 27341) Add drto param to list=deletedrevs.
+* (bug 26630) Add API for Special:ActiveUsers.
+* (bug 27020) API: Allow title prefix search of logevents (only when not in
+ miser mode).
+* (bug 26629) add Special:MIMESearch to API.
+* (bug 27585) add pagecount to list=filearchive.
+* (bug 28104) Namespace for local pages in interwiki backlinks (iwbacklinks)
+ is missing.
+* (bug 27343) Add parseddescription to list=filearchive.
+* (bug 27469) label implicit groups in list=allusers&auprop=groups/
+ list=users&usprop=groups.
+* Addition of APIQuerySiteInfoGeneralInfo hook to add extra information to
+ the general site info results.
+* (bug 16288) API: consider making closure status of wikis more clear
+ with meta=siteinfo.
+* (bug 27589) list=allimages&aiprop=archivename is useless.
+* (bug 27586) Remove duplication of props in ApiQueryStashImageInfo
+ by using ApiQueryImageInfo.
+* (bug 28226) prop=extlinks&eloffset should be an integer.
+* (bug 28070) Fix watchlist RSS for databases that store timestamps in a
+ real timestamp field.
+* API upload errors may now return the parameter that needs to be changed and
+ a sessionkey to fix the error.
+* (bug 28249) allow dupes in meta=allmessages&amargs.
+* (bug 28263) cannot import xml with the API, when have not "import" user
+ right, but "importupload".
+* (bug 28365) Added description for uiprop=preferencestoken in meta=userinfo.
+* (bug 28394) Set forgotten parameters types in ApiUnblock.
+* (bug 28395) Set forgotten parameters types in ApiParse.
+* (bug 28368) add hint for multipart/form-data to API information of
+ action=import&xml=.
+* (bug 28391) action=feedwatchlist&allrev should be a bool.
+* (bug 28364) add registration date to meta=userinfo.
+* (bug 28254) action=paraminfo: Extract type from PARAM_DFLT if
+ PARAM_TYPE is not set.
+* (bug 27712) add parent_id to list=deletedrevs.
+* (bug 28455) Add 'toponly' to recentchanges API module.
+* (bug 26873) API: Add 'toponly' filter in usercontribs module.
+* (bug 28586) YAML: strings that are the same as boolean literals.
+* (bug 28591) Update/replace/supplement spyc (YAML parsing library).
+* YAML API output is now 1.2 compliant, using JSON as the formatter.
+* (bug 28672) give information about misermode on API.
+* (bug 28558) Add iw_api and iw_wikiid to meta=siteinfo&siprop=interwikimap
+* (bug 26882) Allow listing of indefinite protections with the API.
+* (bug 27344) add drprefix param to list=deletedrevs.
+* (bug 28560) list=deletedrevs should die, if combination of param is invalid.
+* (bug 28238) paraminfo: output both limits for multi param.
+* (bug 27179) API: List of extension tags through meta=siteinfo.
+* Get a list of function hooks through meta=siteinfo.
+* Get a list of all subscribed hooks, and those subscribers.
+* (bug 28225) Allow hiding of user groups in list=allusers.
+* (bug 27185) API: Add Special:ComparePages.
+* (bug 28265) allow outputting of comments for action=expandtemplates.
+* (bug 27790) Add query type for querymodules to output of ApiParamInfo.
+* (bug 28963) Add langbacklinks query module to the api.
+* (bug 27593) API should return error message when sha1/sha1base36 is invalid.
+* (bug 28578) API's parse module should not silently override invalid
+ title inputs.
+* (bug 20699) Watchlist API should list log-events.
+* (bug 29070) Require a token in API action=watch.
+* (bug 29221) Expose oldrevid in ApiQueryWatchlist output.
+* (bug 29267) Always give the servername for meta=siteinfo&siprop=dbrepllag.
+* (bug 28897) rvparse now respects rvsection for action=query&prop=revisions.
+* (bug 25734) API: Possible issue with revids validation.
+* (bug 28002) Internal error in ApiFormatRaw::getMimeType.
+* (bug 29237) ApiQuery now has an option to output the "iwurl" attribute.
+* (bug 28392) Mark action=undelete&timestamps as type "timestamp".
+* (bug 21346) Make deleted images searchable by hash (disabled in Miser Mode).
+* (bug 27595) sha1 search of list=filearchive does not work.
+* (bug 26763) Make RSS/Atom of user contributions more visible.
+* (bug 25133) Allow redirects also for action=parse&pageid.
+* (bug 29745) Fatal error in API search.
+* (bug 29476) API returns page title instead of sectiontitle for
+ srprop=sectiontitle.
+* Correct the documentation of srprop properties.
+* (bug 28817) Add reference help page link to API Modules.
+* (bug 29935) Improve formatting of examples in ApiParamInfo.
+* (bug 29938) list=users&usprop=rights shows rights the user doesn't have.
+* (bug 24781) The API will include an XML namespace if the includexmlnamespace
+ parameter is set.
+* (bug 29392) Setting the start or end parameter now works with lists blocks,
+ categorymembers, deletedrevs, logevents, protectedtitles, usercontributions
+ and watchlist in Postgres.
+
+=== Languages updated in 1.18 ===
+
+MediaWiki supports over 330 languages. Many localisations are updated
+regularly. Below only new and removed languages are listed, as well as
+changes to languages because of Bugzilla reports.
+
+* Angika (anp) (new).
+* Brahui (brh) (new).
+* Central Dusun (dtp) (new).
+* Jamaican Creole English (jam) (new).
+* Khowar (khw) (new).
+* Liv (liv) (new).
+* Kichwa (qug) (new).
+* Tokipona (tp) (removed) 'tokipona' is still valid.
+* (bug 17160) Gender specific display text for User namespace.
+* Link trail added for sl and sh.
+* (bug 27633) Add characters to linkTrail for Portuguese (pt and pt-br).
+* (bug 27426) Set $namespaceGenderAliases for Arabic (ar).
+* (bug 27385) Set Polish $namespaceGenderAliases.
+* (bug 27681) Set $namespaceGenderAliases for Portuguese (pt and pt-br).
+* (bug 27785) Fallback language for Kabardian (kbd) is English now.
+* (bug 27825) Raw watchlist edit message now uses formatted numbers.
+* (bug 28040) Turkish: properly lower case 'I' to 'i' (dotless i) and
+ uppercase 'i' to 'I' (dotted i).
+* Conversion script between Syllabics and Latin for the Inuktitut language.
+* Date formats for Indonesian (id) updated.
+* Bhojpuri (bho) (renamed from "bh").
+* (bug 29031) When translating block log entries, indefinite, infinite, and
+ infinity are now considered the same.
+* Aromanian (rup) (renamed from "rua-rup").
+* Kashmiri (ks) split into Kashmiri (Perso-Arabic) (ks-arab) and Kashmiri
+ (Devanagari) (ks-deva). Defaults to ks-arab.
+* (bug 30864) Use bengali numerals for <ol> for Assamese.
+* (bug 30817) Restored linktrail for kk (Kazakh).
+* (bug 27398) Add $wgExtraGenderNamespaces for configured gendered namespaces.
+* (bug 30846) New LanguageOs class.
+
+=== Other changes in 1.18 ===
+* Removed legacy wgAjaxWatch javascript global object, no longer in use.
+* (bug 28556) Upload support for MacBinary files has been removed (Used by
+ Internet Explorer 5 for Mac OS 9).
+* On wiki farm setups using $wgConf, 'wgCanonicalServer' is now expected to be
+ set for all wikis. This was already the case for 'wgServer'.
+
+== MediaWiki 1.17 ==
+
+== MediaWiki 1.17.5 ==
+2012-06-12
+
+This is a security release of the MediaWiki 1.17 branch.
+
+=== Summary of selected changes in 1.17 ===
+
+Selected changes since MediaWiki 1.16 that may be of interest:
+
+* A new installer has been introduced. It has a wizard-style interface which is
+ translated into many languages. Many shortcomings in the old installer were
+ addressed with this rewrite. Note that it is no longer required for the config
+ directory to be made writable by the webserver. Instead the generated
+ LocalSettings.php file is offered as a download, which you must then upload
+ to the wiki's base directory.
+
+* ResourceLoader, a new framework for delivering client-side resources such as
+ JavaScript and CSS, has been introduced. These resources are now delivered
+ through the new entry point script "load.php", instead of as static files
+ served directly by the web server. This allows minification, compression and
+ client-side caching to be used more effectively, which should provide a net
+ performance improvement for most users.
+
+* Category sorting has been improved.
+** Sorting is now case insensitive.
+** Sub-categories, pages and files can now be paged separately.
+** When several pages are given the same sort key, they sort by their
+ names instead of randomly.
+
+* The lowest supported version of PHP is now 5.2.3. If necessary, please
+ upgrade PHP prior to upgrading MediaWiki.
+
+=== Changes since 1.17.4 ===
+
+* (bug 36938) Correctly escape uselang attribute to prevent xss
+* Expanded Blacklist for SVG Files
+
+=== Changes since 1.17.3 ===
+
+* (bug 35961) Hash comparison should always be strict.
+* Fix broken email confirmation expiration caused by MWCryptRand changes.
+* (bug 35671) PHP Notice: Undefined index: gettoken in includes/api/ApiMain.php
+ on line 598.
+
+=== Changes since 1.17.2 ===
+
+* (bug 22555) Remove or skip strip markers from tag hooks like &lt;nowiki&gt; in
+ core parser functions which operate on strings, such as padleft.
+* (bug 34212) ApiBlock/ApiUnblock allow action to take place without a token
+ parameter present.
+* (bug 34907) Fixed exposure of tokens through load.php that could have facilitated
+ CSRF attacks.
+* (bug 35317) CSRF in Special:Upload.
+
+=== Changes since 1.17.1 ===
+* (bug 33117) prop=revisions allows deleted text to be exposed through cache pollution.
+* (bug 32709) Private Wiki users were always taken to Special:Badtitle on login.
+
+=== Changes since 1.17.0 ===
+
+* (bug 29535) Added missing Creative Commons CC0 icon.
+* (bug 29726) Fixed failure to load internationalization messages in
+ client-side scripts on WebKit-based browsers.
+* Fixed a bug in message transformation where the previous language could leak
+ into later transformations in the UI language.
+* (bug 29091) Fixed form of native name for Ossetic language (Иронау -> Ирон)
+* Fixed maintenance scripts upgrade1_5.php and rebuildImages.php, they did not
+ work at all since 1.17 beta 1.
+* (bug 29531) Fixed img_auth.php for thumbnails and other filenames with
+ multiple dots, was broken by the fix for bug 28840.
+* In the maintenance script purgeList.php, fixed a fatal error when a page
+ title is given, instead of a URL.
+* (bug 19514) Unordered list list-style-image should be IE6-compatible (8-bit).
+* Installer checked for magic_quotes_runtime instead of register_globals.
+* $wgSVGMaxSize is now applied to the smaller of width or height, making very
+ wide pano/timeline/diagram SVGs renderable at saner sizes.
+* (bug 29959) Installer fatal when cURL and allow_url_fopen is disabled and user
+ tries to subscribe to mediawiki-announce.
+* Installer checked for magic_quotes_runtime instead of register_globals
+* (bug 30131) XCache with variable caching disabled no longer used for variable
+ caching (CACHE_ACCEL)
+* (bug 30264) Changed installer-generated LocalSettings.php to use require_once()
+ instead require() for included extensions.
+* (bug 26486) ResourceLoader modules with paths to nonexistent files cause PHP
+ warnings/notices to be thrown
+* (bug 30907) Special:Unusedcategories should sort ascendingly.
+* (bug 30219) The page shown when LocalSettings.php does not exist was broken on
+ Windows servers.
+* Hardcoded NLS_NUMERIC_CHARACTERS for Oracle DB to prevent type conversion errors.
+* Fixed recentchanges FK violation on page delete and cache purge error in updater
+ for Oracle DB.
+* (bug 32276) Skins were generating output using the internal page title which
+ would allow anonymous users to determine whether a page exists, potentially
+ leaking private data. In fact, the curid and oldid request parameters would
+ allow page titles to be enumerated even when they are not guessable.
+* (bug 32616) action=ajax requests were dispatched to the relevant internal
+ functions without any read permission checks being done. This could lead to
+ data leakage on private wikis.
+
+=== Changes since 1.17.0rc1 ===
+
+* Fixed syntax error in generated LocalSettings.php when a non-default user
+ rights profile is chosen.
+* (bug 29399) Fixed PostgreSQL installation when the DB user for installation
+ is the same as the one for web access.
+* (bug 29233) Fixed failover for DB slave servers. When a DB slave went down,
+ an error was immediately shown to the user, instead of trying another slave.
+ Was broken since 1.17 beta 1.
+* (bug 29278) Fixed PHP fatal error when attempting to add text to a page via a
+ redirect.
+* (bug 29408) Fixed uploads of files with MIME types that aren't detected by
+ MediaWiki.
+* Removed DEFAULT '' NOT NULL field definitions from Oracle DB schema because
+ using the DEFAULT value ('') in DML broke Oracle backend as it treats an
+ empty VARCHAR2 value as NULL. Indexes on Oracle do not require NOT NULL
+ fields.
+
+=== Changes since 1.17 beta 1 ===
+
+* Fixed warning about missing file "password.js".
+* When installing on MySQL, don't attempt to create a new database user if the
+ same user is used for installation and web access.
+* Fixed SQL query errors in queries with table aliases.
+* (bug 27891) Fixed the "chronology protector", broken since 1.17beta1, which
+ ensures that when database replication is used, the new version is seen by
+ the user immediately after they create or edit an article.
+* (bug 28845) Allow PostgreSQL installation using a non-root user account which
+ has role creation abilities.
+* When installing on PostgreSQL and the install account is the same as the web
+ account, check to make sure that the account has suitable privileges in the
+ mediawiki schema.
+* (bug 28172) Fixed error in PostgreSQL installation when creating the wiki
+ sysop account.
+* Fixed an issue with the Oracle installer in cases where the user is different
+ to the database name.
+* Added "unblockself" to the list of available rights.
+* In the installer, fixed the "user rights profile" option, it never worked.
+* (bug 29117) Fixed Hebrew localisation of the installer.
+* (bug 28840) Reduce the collateral damage caused by the fix for bug 28235 (XSS
+ on Internet Explorer 6 due to a file extension in the query string) by
+ reducing the number of URLs that are blocked, and by redirecting the request
+ to a safer URL where possible instead of blocking it.
+* (bug 28812) Fixed documentation of API action=parse.
+* (bug 28979) Fixed styling of <abbr> and <acronym>.
+* Fixed the error message displayed when you try to create an account by email,
+ but an email address is not given.
+* Fixed JS error due to missing dependency for jquery.suggestions.
+* Exposed $wgExtensionAssetsPath in JavaScript.
+* (bug 28738) Made ResourceLoader support environments with small URL length
+ limits. The length limit can be configured via $wgResourceLoaderMaxQueryLength,
+ and this is set automatically in the generated LocalSettings.php when the
+ php.ini variable "suhosin.get.max_value_length" is set. When a URL exceeds
+ this limit, the request is split up. Also, reduced the average length of
+ load.php URLs by using a more compact parameter format.
+* (bug 25262) Fix for minification of hardcoded data: URIs in CSS.
+* (bug 25124) Respect $wgStyleDirectory in ResourceLoader.
+* Allow installation when no HTTP client is available, don't throw an exception.
+* (bug 27465) Fix metadata extraction for SVG files using unusual namespace
+ names.
+* (bug 29174) Fix regression in upload-by-URL: uploading files larger than the
+ PHP memory limit should work again.
+* Fixed the display of comments in the new user log.
+* (bug 28237) When installing extensions using the web-based installer, create
+ any necessary database tables.
+* (bug 28983) Fixed automated installation of extensions that overwrite $path.
+* Fixed error caused by missing magic words.
+* Fixed breakage of article editing in PostgreSQL due to text search
+ configuration errors.
+* Fixed the HTTPS client used when Curl is not available. This avoids an error
+ during install about failure of the mediawiki-announce subscription.
+* (bug 28162) When installing to PostgreSQL, respect the "database port" input,
+ it was ignored.
+
+=== Configuration changes in 1.17 ===
+
+* $wgLogAutocreatedAccounts controls whether autocreation of accounts is logged
+ to new users log.
+* (bug 22858) $wgLocalStylePath is by default set to the same value as
+ $wgStylePath but should never point to a different domain than the site is
+ on, allowing skins to use .htc files which are not cross-domain friendly.
+* $wgFileStore has been deprecated. The only usage $wgFileStore['deleted'] has
+ been turned into $wgDeletedDirectory.
+* $wgDeletedDirectory has been added to specify what directory to place deleted
+ uploads in.
+* IBM DB2 database no longer uses the db specific $wgDBport_db2 variable but the
+ normal $wgDBport.
+* $wgCategoryPrefixedDefaultSortkey was removed and is now always false. This
+ provides more sensible sorting behavior for categories.
+* Removed unused globals: $wgEnableSerializedMessages, $wgCheckSerialized,
+ $wgUseMemCached, $wgDisableSearchContext, $wgColorErrors, $wgUseZhdaemon,
+ $wgZhdaemonHost and $wgZhdaemonPort.
+* (bug 24408) The include_path is not modified in the default LocalSettings.php
+* $wgVectorExtraStyles was removed, and is no longer in use.
+* Removed $wgUpdates for database updates; extensions should use
+ DatabaseUpdater::addExtensionUpdate() via the LoadExtensionSchemaUpdates hook.
+* Removed $wgServerName. It doesn't need to be set anymore and is no longer
+ available as input for other configuration items, either.
+* It's no longer necessary for LocalSettings.php to include DefaultSettings.php.
+* It's no longer necessary to set $wgCacheEpoch to the file modification time
+ of LocalSettings.php, in LocalSettings.php itself. Instead, this is done
+ automatically if $wgInvalidateCacheOnLocalSettingsChange is true (which is
+ the default).
+* $wgCopyrightIcon is deprecated and $wgFooterIcons['copyright']['copyright']
+ should be used instead.
+* $wgSysopUserBans is deprecated, and will be made permanently true in 1.18.
+ If you need this functionality, you should use the BlockIp hook to filter and
+ reject such blocks.
+* $wgSysopRangeBans is deprecated, you should set $wgBlockCIDRLimit to maximum
+ (32 for IPv4, 128 for IPv6), equivalent to allowing rangeblocks of only 1
+ address at a time.
+
+=== New features in 1.17 ===
+
+* (bug 10183) Users can now add personal styles and scripts to all skins via
+ User:<name>/common.css and /common.js (if user css/js is enabled).
+* (bug 22748) Add anchors on Special:ListGroupRights.
+* (bug 21981) Add parameter 'showfilename' to <gallery> to automatically
+ apply the names of the individual files within the gallery.
+* Future-proof redirection to fragments in Gecko, so things work a little nicer
+ if they fix <https://bugzilla.mozilla.org/show_bug.cgi?id=516293>.
+* Support git:// and mms:// protocols by default for external links.
+* (bug 15810) Blocked admins can no longer unblock themselves without the
+ 'unblockself' permission (which they have by default).
+* (bug 18499) Added "enhanced" URL parameter to switch between old and enhanced
+ changes list.
+* (bug 22925) "sp-contributions-blocked-notice-anon" message now displayed when
+ viewing contributions of a blocked IP address.
+* (bug 22474) {{urlencode:}} now takes an optional second parameter for type of
+ escaping.
+* Special:Listfiles now supports a username parameter.
+* Special:Random carries over query string parameters.
+* (bug 23206) Add Special::Search hook for detecting successful "Go".
+* When visiting a "red link" of a deleted file, a deletion and move log excerpt
+ is provided on the Upload form.
+* (bug 22647) Add category details in search results.
+* (bug 23276) Add hook to Special:NewPages to modify query.
+* Add accesskey 's' and tooltip to 'Save' button at Special:Preferences.
+* Add accesskey 'b' and tooltip to the summary field of edit mode.
+* (bug 20186) Allow filtering Special:Contributions for RevisionDeleted edits.
+* ajaxwatch now uses the API and JQuery, and can be used to animate arbitrary
+ watch links, not just to watch the page the link is on.
+* (bug 20976) "searchmenu-new-nocreate" message now displayed when there
+ is no title match in search and the user has no rights to create pages.
+* (bug 23429) Added new hook WatchlistEditorBuildRemoveLine.
+* (bug 22844) Added support for WinCache object caching (for IIS).
+* (bug 23580) Add two new events to LivePreview so that scripts can be notified
+ about the beginning and finishing of LivePreview actions.
+* (bug 21278) Now the sidebar allows inclusion of wiki markup.
+* (bug 23733) Add IDs to messages used on CSS/JS pages.
+* Show validity period of the login cookie in Special:UserLogin and
+ Special:Preferences.
+* Interlanguage links display the page title in their tooltip.
+* (bug 23621) New Special:ComparePages to compare (diff) two articles.
+* (bug 4597) Provide support in Special:Contributions to show only "current"
+ contributions
+* (bug 17857) {{anchorencode}} acts more like how the parser creates section ids
+* (bug 21477) \& can now be used in <math>
+* (bug 11641) \dotsc \dotsm \dotsi \dotso can now be used in <math>
+* (bug 21475) \mathtt and \textsf can now be used in <math>
+* texvc is now run via ulimit4.sh, to limit execution time.
+* SQLite now supports $wgSharedDB.
+* (bug 8507) Group file links by namespace:title on image pages.
+* Stop emitting named entities, so we can use <!DOCTYPE html> while still being
+ well-formed XML.
+* texvc now supports \bcancel and \xcancel in addition to \cancel and \cancelto
+* Added scriptExtension setting to $wgForeignFileRepos.
+* ForeignApiRepo uses scriptDirUrl if apiBase not set.
+* (bug 24212) Added MediaWiki:Filepage.css which is also included on foreign
+ client wikis.
+* (bug 14685) Double underscore magic word usage is now tracked in the
+ page_props table, as well as the behavioral magic words {{DEFAULTSORT}} and
+ {{DISPLAYTITLE}}
+* (bug 24045) MediaWiki:Ipb-needreblock is now wrapped in a div with class
+ "mw-ipb-needreblock"
+* Non-file pages can no longer be moved to the file namespace, nor vice versa.
+* (bug 671) The <dfn>, <kbd> and <samp> elements have been whitelisted in user
+ input.
+* (bug 21503) There's now a "reason" field when creating account for other users.
+* (bug 24418) action=markpatrolled now requires a token.
+* A variety of category sort-related fixes, including:
+** (bug 164) In English, lowercase and uppercase letters now sort the same.
+** (bug 1211) Subcategories, ordinary pages, and files now page separately.
+** When several pages are given the same sort key, they sort by their names
+ instead of randomly.
+* (bug 23848) Add {{ARTICLEPATH}} Magic Word.
+* (bug 8140) Add dedicated CSS classes to Special:Newpages elements.
+* (bug 11005) Add CSS class to empty pages in Special:Newpages.
+* The parser cache is now shared amongst users whose different settings aren't
+ used in the page.
+* Any attribute beginning with "data-" can now be used in wikitext, per HTML5.
+* (bug 24007) Diff pages now mention the number of users having edited
+ intermediate revisions.
+* Added new hook GetIP.
+* Special:Version now displays whether a SQLite database supports full-text
+ search.
+* TS_ISO_8691_BASIC was added as a time format, which is used by ResourceLoader
+ for versioning.
+* Maintenance scripts get a --memory-limit option to override defaults (which
+ is usually to set it to -1 to disable the limit).
+* (bug 25397) Allow uploading (not displaying) of WebP images, disabled
+ by default.
+* (bug 23194) Special:ListFiles now has thumbnails.
+* Use hreflang to specify canonical and alternate links, search engine friendly
+ when a wiki has multiple variant languages.
+* (bug 19593) Specifying --server in now works for all maintenance scripts.
+* Now rebuildtextindex.php warns if SQLite doesn't support full-text search.
+* (bug 10541) Front/backend separation of installation/upgrade code.
+* (bug 10596) Allow installer to enable extensions already in extensions folder.
+* (bug 20627) Installer should be in languages other than English.
+* Support for metadata in SVG files (title, description).
+* Special:Search: Add CSS classes to 'none found' and 'create link' messages.
+* Add CSS classes (including namespace and pagename) to the enhanced recent
+ changes/watchlist entries.
+* (bug 22463) Add hook 'SkinGetPoweredBy' to make 'powered by' icon/text
+ customizable.
+* Added CSS print pagination to the print stylesheets.
+* (bug 25960) Add <link rel=canonical"> for File pages of shared/foreign
+ file repositories.
+* When viewing a redirect, the redirect arrow and redirection target are both
+ wrapped in a div that has the class "redirectMsg" so that the redirection
+ arrow can be customized with CSS.
+* (bug 21911) Hard coded limit for long page warning removed. New message
+ [[MediaWiki:Longpage-hint]] (empty per default) can be used instead.
+ Parameters: $1 shows the formatted textsize in Byte/KB/MB, $2 is the raw
+ number of the textsize in Byte.
+* (bug 3276) Give image <gallery>s fluid width.
+* Added uploads link to page subtitle in Special:Contributions.
+* Added Special:Myuploads special page that redirects to Special:Listfiles.
+* The footerlinks used in Monobook/Vector/Modern are now part of common skin
+ code, SkinTemplateOutputPageBeforeExec can be used to customize the list.
+* Special wrapping setups can now define MW_CONFIG_FILE to load a config file
+ other than LocalSettings.php. This is like MW_CONFIG_CALLBACK but works in
+ some cases where MW_CONFIG_CALLBACK will not work.
+* (bug 26574) Added 'upload' to $wgRestrictionTypes, allowing upload protected
+ pages to be queried via the API and Special:ProtectedPages, and allowing
+ disabling upload protection by removing it from $wgRestrictionTypes.
+* The name attribute of HTMLForm fields can now be overridden by passing a
+ 'name' key in the descriptor array. Hidden field names are now treated
+ consistently with other fields and, by default, prefixed with 'wp'.
+* (bug 27402) Add support for disabling MWSuggest.
+* (bug 26563) Add bytes changed per revision for stub and full article dumps.
+* (bug 27508) Add $wgSVGMetadataCutoff to limit the maximum amount of an svg we
+ look at when finding metadata to prevent excessive resource usage.
+* (bug 198) $wgUpgradeKey allows unlocking the web installer for upgrades
+ without having to move LocalSettings.php
+* Added $wgAllowImageTag, which can be set to true to whitelist the <img> tag
+ in wikitext.
+* (bug 12797) Add $wgGalleryOptions for adjusting of default gallery display
+ options.
+* Added the $wgAllowUserCssPrefs option which allows disabling CSS-based
+ preferences; which can improve page loading speed.
+* Added $wgSQLMode for setting database SQL modes - either performance (null)
+ or other reasons (such as enabling stricter checks).
+* (bug 20193) Added $wgVectorShowVariantName global configuration variable
+ which causes Vector to render the variants drop-down menu with a label
+ showing the current variant name. This is off by default, pending further
+ research into its user experience implications.
+* The upload link for missing files can now be set separately from the
+ navigation link with $wgUploadMissingFileUrl.
+* $wgAdditionalMailParams added to allow setting extra options to mail() calls.
+* Added $wgSecureLogin to optionally login using HTTPS.
+* (bug 25728) Added $wgPasswordSenderName to make the name associated
+ with $wgPasswordSender configurable.
+* (bug 22463) $wgFooterIcons added to allow configuration of the icons shown in
+ the footers of skins.
+* $wgFileCacheDepth can be used to set the depth of the subdirectory hierarchy
+ used for the file cache. Default value is 2, which matches former behavior.
+
+=== Bug fixes in 1.17 ===
+
+* (bug 17560) Half-broken deletion moved image files to deletion archive
+ without updating database.
+* (bug 22666) Submitting user block form with an invalid user name no longer
+ throws an error.
+* (bug 22665, bug 22667) User '0' can now be unblocked and have its block
+ settings changed.
+* (bug 22606) The body of e-mail address confirmation message is now different
+ when the address changed.
+* (bug 22664) Special:Userrights now accepts '0' as a valid user name.
+* (bug 5210) Preload parser now parses <noinclude>, <includeonly> and
+ redirects.
+* (bug 22709) IIS7 mishandles redirects generated by OutputPage::output() when
+ the URL contains a colon.
+* (bug 22353) Categorised recent changes now works again.
+* (bug 22747) "Reveal my e-mail address in notification e-mails" preference is
+ now only displayed when relevant.
+* (bug 22772) {{#special:}} parser function now works with subpages.
+* (bug 18664) Relative URIs in interwiki links cause failed redirects.
+* (bug 19270) Relative URIs in interwiki links break interwiki transclusion.
+* (bug 22903) Revdelete log entries now show in the user preferred language.
+* (bug 22905) Correctly handle <abbr> followed by ISBN.
+* (bug 22940) Namespace aliases pointing to main namespace don't work.
+* (bug 15810) Blocked admins can no longer block/unblock other users.
+* (bug 22876) Avoid possible PHP Notice if $wgDefaultUserOptions is not
+ correctly set.
+* (bug 14952) Page titles are renormalized after html entities are removed so
+ that links with non-NFC character references work correctly.
+* (bug 22991) wgUserGroups JavaScript variable now reports * group for
+ anonymous users instead of null.
+* (bug 22627) Remove PHP notice when deleting a page only hidden users edited.
+* (bug 21520) Anonymous previews now also gives a warning about not being
+ logged in (anonpreviewwarning).
+* (bug 22935) image/x-ms-bmp mime type added for BMP files.
+* (bug 23024) Special:ListFiles now escapes file names correctly.
+* (bug 22867) "View source" tab is now only displayed if there's source text.
+* (bug 19393) Feeds now format dates in user language rather than content
+ language.
+* (bug 22852) "Served in" comment is now the time used to cache a single page
+ when using rebuildFileCache.php
+* (bug 22496) Viewing diff of a redirect page without specifying "oldid"
+ parameter no longer makes the page displayed as being the redirect target.
+* (bug 22918) Feed cache keys now use $wgRenderHashAppend.
+* (bug 21916) Last-Modified header is now correct when outputting cached feed.
+* (bug 20049) Fixed PHP notice in search highlighter that occurs in some cases.
+* (bug 23017) Special:Disambiguations now list pages in content namespaces
+ rather than only main namespace.
+* (bug 23063) $wgMaxAnimatedGifArea is checked against the total size of all
+ frames, and $wgMaxImageArea against the size of the first frame, rather than
+ the other way around. Both now default to 12.5 megapixels. Also, images
+ exceeding $wgMaxImageArea can still be embedded at original size.
+* (bug 23078) "All public logs" option on Special:Log is now always the first
+ item.
+* (bug 16817) Group names in user rights log are now singular and in lowercase.
+* Special:Preferences no longer crashes if the wiki default date formatting
+ style is not valid for the user's interface language.
+* (bug 23167) Check the watch checkbox by default if the watchcreations
+ preference is set.
+* Maintenance script cleanupTitles is now able to fix titles stored
+ in a negative namespace (which is invalid).
+* (bug 19858) Removed obsolete <big> in interface messages.
+* (bug 21456) "Bad title" error when showing non-local interwiki pages no longer
+ displays incorrect tabs.
+* (bug 23190) Improved math representation for text browsers.
+* (bug 22015) Improved upload-by-url error handling and error display.
+* (bug 17941) $wgMaxUploadSize is now honored by all upload sources.
+* (bug 23080) New usernames now limited to 235 bytes so that custom skin files
+ work.
+* (bug 23075) Correct MediaTransformError default width in gallery.
+* (bug 16487) The Anonymous user account used on Postgres is no longer
+ displayed on Special:Listusers.
+* (bug 23313) Move watchlisthidepatrolled above token in watchlist preferences
+ to enhance preference grouping.
+* (bug 23298) Interwiki links with prefix only in log summaries now link to the
+ correct link.
+* (bug 23284) Times are now rounded correctly.
+* (bug 23375) Added ogv, oga, spx as extensions for ogg files.
+* (bug 18408) All required permissions for uploading (upload, edit, create)
+ are now checked when loading Special:Upload. Toolbar link for Special:Upload
+ is no longer shown if the user does not have the required permissions.
+* (bug 23397) texvc in html mode renders \sim as &tilde; not &sim;
+* (bug 23241) License selector should be disabled during upload of a new
+ version.
+* (bug 23240) Add ID to namespace selector form on Special:Watchlist.
+* The pipe | character in urls is now escaped.
+* (bug 23422) mp3 files can now be moved.
+* (bug 23448) MediaWiki:Summary-preview is now displayed instead of
+ MediaWiki:Subject-preview when previewing summary.
+* (bug 23426) The {{REVISIONMONTH}} variable is now zero-padded and added
+ new variable {{REVISIONMONTH1}} when unpadded version is needed.
+* Special:Userrights didn't recognize user as changing his/her own rights if
+ user did not capitalize first letter of username.
+* (bug 23507) Add styles for printing wikitables.
+* (bug 19586) Avoid JS errors in mwsuggest when using old browsers such
+ as Opera 8.
+* (bug 23563) Old skins now support $wgUploadNavigationUrl and take into
+ account upload rights.
+* (bug 1347) Render \phi in math using images, in order to create consistent
+ and correct render results.
+* (bug 16573) Render \epsilon in math using images, in order to create
+ consistent and correct render results.
+* (bug 22541) Support image redirects when using ForeignAPIRepo.
+* (bug 22967) Make edit summary length cut-off behave correctly for multibyte
+ characters.
+* (bug 8689) Long numeric lines no longer kill the parser.
+* (bug 23740) Article::doRedirect() now use $extraQuery parameter correctly if
+ the $noRedir parameter is set to true.
+* (bug 23688) Correct mime types for Office 2007 OpenXML documents.
+* (bug 23787) Corrected $wgDefaultSkin's comment in DefaultSettings.php.
+* (bug 23797) Xml::input() now allows '0' for the value parameter.
+* (bug 23747) Make sure that on History pages, the RevDel button is not
+ accidentally activated when hitting enter.
+* (bug 23845) Special:ListFiles now uses correct file names without underscores.
+* Ask for permanent login in Special:Preferences only if $wgCookieExpiration > 0.
+* (bug 16356) Repair dumpInterwiki.inc to use proper normalization.
+* (bug 24006) deleteArchivedRevisions.php maintenance script now longer throws
+ a fatal error.
+* (bug 23465) Don't ignore the predefined destination filename on
+ Special:Upload after following a red link.
+* (bug 23642) Recognize mime types of MS OpenXML documents.
+* (bug 22784) Normalise underscores and spaces in autocomments.
+* (bug 19910) Headings of the form ===+\s+ are now displayed as valid headings.
+* (bug 24022) Only check file extensions on the uploadpage when needed.
+* (bug 24076) Recognize Office 2003 files with OpenXML trailers.
+* (bug 24244) Updated comments in DefaultSettings.php to reflect
+ Image: --> File: namespace rename.
+* Make wfTimestamp recognize negative unix timestamp values.
+* (bug 24401) SimpleSearch: No button/text indicating 'Search' if image is
+ disabled.
+* (bug 23293) Do not show change tags when Special:RecentChanges(linked) or
+ Special:Newpages is transcluded into another page as it messes up the page.
+* (bug 24517) LocalFile::newFromKey() and OldLocalFile::newFromKey() no longer
+ throw fatal errors.
+* (bug 23380) Uploaded files that are larger than allowed by PHP now show a
+ useful error message.
+* Uploading to a protected title will allow the user to choose a new name
+ instead of showing an error page.
+* (bug 24425) Use Database::replace instead of delete/insert in
+ SqlBagOStuff::set to avoid query errors about duplicate keynames.
+* (bug 15470) First letters of filenames are always capitalized by upload JS.
+* (bug 21215) NoLocalSettings.php doesn't tolerate rewrite rules.
+* (bug 21052) Fix link color for stubs in NewPages.
+* (bug 24714) Usage of {{#dateformat: }} in wikis without $wgUseDynamicDates no
+ longer pollutes the parser cache.
+* (bug 17031) Correct which characters the parser allows in tag attributes (a
+ letter, colon or underscore followed by 0 or more letters, numbers, colons,
+ underscores, hyphens, and/or periods).
+* Save 200 useless queries on each category page view.
+* Shell commands will now work on Linux in filesystems mounted noexec.
+* (bug 24804) Corrected commafying in Polish and Ukrainian.
+* "Difference between pages" is now displayed instead of "Difference between
+ revisions" on diffs when appropriate.
+* (bug 23703) ForeignAPIRepo fails on findBySha1() when using a 1.14 install as
+ a repository due to missing 'name' attribute from the API list=allimages.
+* (bug 24898) MediaWiki uses /tmp even if a vHost-specific tempdir is set, also
+ make wfTempDir() return a sane value for Windows on worst-case.
+* (bug 24824) Support ImageMagick 6.5.6-2+ JPEG decoder size hint, to reduce
+ memory usage when such an ImageMagick is used for scaling.
+* Disable multithreaded behavior in recent ImageMagick, to avoid a deadlock
+ when a resource limit such as $wgMaxShellMemory is hit.
+* (bug 24981) Allow extensions to access SpecialUpload variables again.
+* (bug 20744) Wiki forgets about an uploaded file.
+* (bug 17913) Don't show "older edit" when no older edit available.
+* (bug 6204) TOC not properly rendered when using $wgMaxTocLevel.
+* (bug 24977) The accesskey in history page now lead directly to the diff
+ instead of alternating focus between the two buttons.
+* (bug 24987) Special:ListUsers does not take external groups into account.
+* (bug 20633) update.php has mixed language output.
+* SQLite system table names are now never prefixed.
+* (bug 25292) SkinSubPageSubtitle hook now passes the Skin object as second
+ parameter.
+* (bug 25167) Correctly load JS fixes for IE6 (fixing a regression in 1.16).
+* (bug 25367) wfShellExec() is more explicit when failing due to disabled
+ passthru().
+* (bug 25462) Fix double-escaping for section edit link tooltips.
+* action=raw was removed for Special:Statistics. This information is still
+ available via the API.
+* (bug 23934) Groups defined in $wgRevokePermissions but not in
+ $wgGroupPermissions now appear on Special:ListGroupRights.
+* (bug 23923) Special:Prefixindex no longer shows results if nothing was
+ requested.
+* (bug 22308) Search now finds text in default main page immediately after setup.
+* (bug 25697) Make sure empty lines render in diff view.
+* Use an actual minus sign in diff views, instead of a hyphen.
+* (bug 23732) Clarified "n links" message on Special:MostLinkedFiles.
+* (bug 23731) Clarified "n links" message on Special:MostLinkedTemplates.
+* (bug 25642) A exception is now thrown instead of a fatal error when using
+ $wgSMTP without PEAR mail package.
+* (bug 19633) When possible, Upscale small SVGs when creating thumbnails.
+* (bug 11013) Database driver detection needs rewriting for robustness.
+* (bug 13409) Installer prompts could use clarification--now has help boxes.
+* (bug 16902) Installer spews warnings when exec() and dl() are not available.
+* (bug 19129) Only show MyISAM/InnoDB when supported.
+* (bug 17762) Only show other e-mail options when e-mail is globally enabled.
+* Cache multiple sizes of InstantCommons thumbnails.
+* (bug 25488) Disallowing anonymous users to read pages no longer throws error
+ on discussion pages with vector as default skin.
+* (bug 24833) Files name in includes/diff/ are now less confusing.
+* (bug 25713) SpecialPage::resolveAlias() now normalise spaces to underscores.
+* (bug 25829) Special:Mypage and Special:Mytalk now forward oldid, diff and dir
+ parameters.
+* (bug 25175) HTML file cache now honor $wgCacheDirectory if
+ $wgFileCacheDirectory is not set.
+* (bug 13353) Diff3 version checks were too strict, did not detect working diff3.
+* (bug 25843) Links to special pages using link= attribute on images are now
+ normalised like normal links to special pages.
+* (bug 21364) External links using link= attribute on images now respect
+ $wgExternalLinkTarget.
+* (bug 17789) Added a note to the total views on Special:Statistics saying that
+ is doesn't count non-existing pages and special pages.
+* (bug 17996) HTTP redirects are now combined when requesting a special page.
+* (bug 19944) Link on image thumbnails no longer link to "Media:" namespace in
+ some cases.
+* (bug 25670) wfFindFile() now checks the namespace of the given title, only
+ "File" and "Media" are allowed now.
+* (bug 25872) Rename the HttpRequest class to MWHttpRequest to avoid conflict
+ with php extension that defines same class.
+* (bug 20591) There's now a different message on Special:MovePage when
+ $wgFixDoubleRedirects is set to false.
+* Fixed PHP warnings when updating a broken MySQL database.
+* (bug 26023) Corrected deleteBacth.php's documentation.
+* (bug 25451) Improved datetime representation in 32 bit php >= 5.2.
+* Show "skin does not exist error" only when the skin is inputted in the wrong
+ case.
+* (bug 26164) Potential html injection when the database server isn't available.
+* (bug 26160) Upload description set by extensions are not propagated.
+* (bug 9675) generateSitemap.php now takes an --urlpath parameter to allow
+ absolute URLs in the sitemap index (as required e.g. by Google).
+* Partial workaround for bug 6220: at least make files on shared repositories
+ show up as (struck-out) bluelinks instead of redlinks on Special:WantedFiles.
+* rebuildFileCache.php no longer creates inappropriate cache files for redirects.
+* (bug 25512) Subcategory list should not include category prefix for members.
+* (bug 10871) Javascript and CSS pages in MediaWiki namespace are no longer
+ treated as wikitext on preview.
+* Page existence is now not revealed (in the colour of the tabs) to users who
+ cannot read the page in question.
+* (bug 22753) Output from update.php is more clear when things changed, entries
+ indicating nothing changed are now all prefixed by "..."
+* (bug 16019) $wgArticlePath = "/$1" no longer breaks API edit/watch actions.
+* (bug 18372) File types blacklisted by $wgFileBlacklist will no longer be shown as
+ "Permitted file types" on the upload form.
+* (bug 26540) Fixed wrong call to applyPatch in MysqlUpdater.
+* (bug 26034) Make the "View / Read" tab in content_navigation style tabs remain
+ selected when the action is "purge".
+* (bug 26733) Wrap initial table creation in transaction.
+* (bug 26208) Mark directionality of some interlanguage links.
+* (bug 26716) Provide link to instructions for external editor related preferences.
+* (bug 26961) Hide anon edits in watchlist preference now actually works.
+* (bug 1379) Installer directory conflicts with some hosts' configuration panel.
+* (bug 27781) Installer does not warn about 5.1.x. Added a compatibility function
+ for array_key_exists().
+* Fix XML well-formedness on a few pages when $wgHtml5 is true (the default).
+* (bug 28069) MediaWiki fails streaming files when mod_deflate and ob_gzhandler
+ are also set.
+* (bug 26223) Concurrently moving an article to different titles leaks a
+ redirect revision with no page.
+* (bug 15641) Fixed permissions checks in Special:Import which allowed users
+ without the 'import' permission to import pages from configured import sources.
+* (bug 26449) Keep underlines from headings outside of tables and thumbs by
+ adding overflow:hidden to h1,h2,h3,h4,h5,h6 (also fixes editsection bunching).
+* (bug 26708) Remove background-color:white from tables in Monobook and Vector.
+* (bug 26781) {{PAGENAME}} and related parser functions escape their output better.
+* (bug 26716) Provide link to instructions for external editor related preferences
+ and add a comment to the ini control file explaining what is going on.
+* (bug 28422) Remove color:black from tables in Monobook and Vector. And add it
+ to table.wikitable instead.
+* (bug 27560) Search queries no longer fail in walloon language.
+* (bug 27700) The upload protection can now also be set for files that do not
+ exist.
+* (bug 28034) uploading file to local wiki when file exists on shared repository
+ (commons) gives spurious info in the warning message.
+* Usernames get lost when selecting different sorts on Special:listfiles.
+* (bug 28166) UploadBase assumes that 'edit' and 'upload' rights are not per
+ page restrictions.
+* (bug 28242) Make redirects generated by urls containing a local interwiki
+ prefix be a 301 instead of a 302.
+* (bug 28568) Entries in the iwlinks table are now removed on page deletion.
+* (bug 28306) Fix exposure of suppressed usernames in ForeignDBRepo.
+* (bug 28444) Fix regression: edit-on-doubleclick retains revision id again.
+* UtfNormal::cleanUp on an invalid utf-8 sequence no longer returns false if
+ intl installed.
+* (bug 26729) Category pages should return 404 if they do not exist and have no
+ members.
+* (bug 28214) When page not found, sends malformed HTTP/1.x instead of HTTP/1.1
+ in header of response.
+* (bug 27634) TOC title appears in wrong language.
+* (bug 27761) Fix regression: pages with Esperanto titles containing convertible
+ character sequences became unreachable.
+* (bug 27508) SVGMetadataExtractor takes too much resources on huge svgs.
+* (bug 27465) SVG thumbnail generation.
+* (bug 27467) preload can leave UNIQ.
+* (bug 27539) Allow attributes beginning with a digit in wikitext tag parameters.
+* (bug 27328) using relative paths in CSS imports in MediaWiki:Common.css broken
+ in 1.17.
+* (bug 27333) Fix repetitive last-seen time queries on page history.
+* (bug 26250, bug 23817) Fix wfObjectToArray() to descend into arrays; fixes
+ processing of JSON return values for ForeignAPIRepo when native json module
+ not present.
+* (bug 25675) Fix search suggestions for Special: pages with spaces.
+* (bug 25571) Xml::encodeJsVar now passes floats natively instead of converting
+ to strings.
+* (bug 27338) Gallery in 1.17 breaks for audio/video + ogghandler.
+* (bug 27302) Don't append the current timestamp for user/site modules when no
+ user/site JS/CSS is present.
+* (bug 27016) dumpTextPass.php now consider the "output" parameter.
+* (bug 22606) don't send the "someone registred an account" message when setting
+ email address (i.e. old one empty) in user preferences.
+* (bug 26458) Section edit links appear on pages that user does not have right
+ to edit.
+* (bug 28611) Don't die in SqlBagOStuff::incr() if there's a race condition.
+* (bug 16886) Sister projects box moves down the extract of the first result
+ in IE 7.
+* (bug 17398) Fixed "link" parameter in image links with "thumb" or "frame"
+ parameter.
+
+=== API changes in 1.17 ===
+
+* BREAKING CHANGE: action=patrol now requires POST.
+* BREAKING CHANGE: patrol token is no longer the same as edit token.
+* BREAKING CHANGE: Session keys returned by ApiUpload are now strings instead
+ of integers.
+* BREAKING CHANGE: (bug 25303) Fix API parameter integer validation to actually
+ enforce validation on the input values in addition to giving a warning.
+ Also add flag to enforce (die) if integer out of range.
+* (bug 24650) Fix API to work with categorylinks changes.
+* action=parse now correctly returns an error for nonexistent pages.
+* (bug 27201) Special:WhatLinksHere output no longer contains duplicate IDs.
+* (bug 26560) On allusers if limit < total number of users, last user gets
+ duplicated.
+* (bug 27715) imageinfo didn't respect revdelete.
+* (bug 27479) API error when using both prop=pageprops and
+ prop=info&inprop=displaytitle.
+* (bug 27862) Useremail module didn't properly return success on success.
+* (bug 27590) prop=imageinfo now allows querying the media type.
+* (bug 27587) list=filearchive now outputs full title info.
+* (bug 27897) list=allusers and list=users list hidden users.
+* (bug 22738) Allow filtering by action type on query=logevent.
+* (bug 22764) uselang parameter for action=parse.
+* (bug 22944) API: watchlist options are inconsistent.
+* (bug 22868) don't list infinite block expiry date as "now" in API logevents.
+* (bug 22290) prop=revisions now outputs "comment" field even when comment
+ is empty, for consistency with list=recentchanges.
+* (bug 19721) API action=help should have a way to just list for a specific
+ module.
+* (bug 23458) Add support for pageid parameter to action=parse requests.
+* (bug 23460) Parse action should have a section option.
+* (bug 21346) Make deleted images searchable by hash.
+* (bug 23461) Normalise usage of parameter names in parameter descriptions.
+* (bug 23548) Allow access of another users watchlist through watchlistraw
+ using token and username.
+* (bug 23524) Api Modules as followup to bug 14473 (Add iwlinks table to
+ track inline interwiki link usage).
+* Add pltitles and tltemplates to prop=links and prop=templates respectively,
+ similar to prop=categories's clcategories.
+* (bug 23834) Invalid "thumbwidth" and "thumbheight" in "imageinfo" query when
+ thumbnailing larger than original image.
+* (bug 23835) Need "thumbmime" result in "imageinfo" query.
+* (bug 23851) Repair diff for file redirect pages.
+* (bug 24009) Include implicit groups in action=query&list=users&usprop=groups.
+* (bug 24016) API: Handle parameters specified in simple string syntax
+ ( 'paramname' => 'defaultval' ) correctly when outputting help.
+* (bug 24089) Logevents causes PHP Notice if leprop=title isn't supplied.
+* (bug 23473) Give description of properties on all modules.
+* (bug 24136) unknownerror when adding new section without summary, but
+ forceditsummary.
+* (bug 22339) Added srwhat=nearmatch to list=search to get a "go" result.
+* (bug 24303) Added new &servedby parameter to all actions which adds the
+ hostname that served the request to the result. It is also added
+ unconditionally on error.
+* (bug 24185) Titles in the Media and Special namespace are now supported for
+ title normalization in action=query. Special pages have their name resolved
+ to the local alias.
+* (bug 24296) Added converttitles parameter to convert titles to their
+ canonical language variant.
+* (bug 23936) Add "displaytitle" to query/info API.
+* (bug 24485) Make iwbacklinks a generator, optionally display iwprefix and
+ iwtitle.
+* (bug 24564) Fix fatal errors when using list=deletedrevs, prop=revisions or
+ one of the backlinks generators with limit=max.
+* (bug 24656) API's parse module needs option to disable PP report.
+* PARAM_REQUIRED parameter flag added. If this flag is set, and the end user
+ does not set the parameter, the API will automatically throw an error.
+* (bug 24665) When starttimestamp is not specified, fake it by setting it to
+ NOW, not to the timestamp of the last edit.
+* (bug 24677) axto= parameters added to allcategories, allimages, alllinks,
+ allmessages, allpages, and allusers.
+* (bug 24236) Add add, remove, add-self, remove-self tags to
+ meta=siteinfo&siprop=usergroups.
+* (bug 24484) Add prop=pageprops module.
+* (bug 24330) Add &redirect parameter to ?action=edit.
+* (bug 24722) For list=allusers&auprop=blockinfo, only show blockedby and
+ blockreason if the user is actually blocked.
+* Add format=dump and format=dumpfm, outputs results in PHP's var_dump() format.
+* For required string parameters, if '' is provided, this is now classed as
+ missing.
+* (bug 24724) list=allusers is out by 1 (shows total users - 1).
+* (bug 24166) API error when using rvprop=tags.
+* Introduced "asynchronous download" mode for upload-by-url. Requires
+ $wgAllowAsyncCopyUploads to be true.
+* sinumberingroup correctly gives size of 'user' group, and omits size of
+ implicit groups rather than showing 0.
+* (bug 25248) API: paraminfo errors with certain modules.
+* (bug 24792) API help for action=purge sometimes wrongly stated whether a
+ POST request was needed due to cache pollution.
+* Added iiprop=parsedcomment to prop=imageinfo, similar to prop=revisions.
+* Added rvparse to parse revisions. For performance reasons if this option is
+ used, rvlimit is enforced to 1.
+* (bug 25748) If a action=parse request provides an oldid that is actually the
+ current revision id, try the parser cache, and save it to it if necessary.
+* (bug 25463) Export header should not be shown if no pages were requested, to
+ reduce confusion.
+* (bug 25648) API discovery information has been added as RSD link in page
+ <head> and by providing an API module action=rsd. Added hook
+ ApiRsdServiceApis for extensions to add their own service to the services
+ list.
+* The HTML of diff output markers has changed. Hyphens are now minus signs,
+ empty markers are now filled with non-breaking-space characters.
+* (bug 25741) Add more data to list=search's srprop.
+* (bug 25760) counter property still reported by the API when
+ $wgDisableCounters enabled.
+* (bug 25987) prop=info&inprop=watched now also works for missing pages.
+* (bug 26006) prop=langlinks now allows obtaining full URL.
+* (bug 26075) ApiDelete.php now calls correctly ArticleDelete hook.
+* (bug 26089) add block expiration to blockinfo.
+* (bug 26125) prop=imageinfo&iiprop=size now returns the page count if the
+ file is a multi-page file.
+* (bug 10268) Added linktodiffs parameter on action=feedwatchlist.
+* (bug 26219) Show API limits for multi values in description.
+* (bug 28070) Fix watchlist RSS for databases that store timestamps in a
+ real timestamp field.
+* (bug 27722) list=filearchive now supports revdel.
+
+=== Language support changes in 1.17 ===
+
+MediaWiki supports over 330 languages. Many localizations are updated regularly.
+
+The following languages were added:
+
+* Moroccan Spoken Arabic (ary)
+* Banjar (bjn)
+* Kabardian (kbd)
+* Kabardian (Cyrillic) (kbd-cyrl)
+* Latgalian (ltg)
+* Minangkabau (min)
+* Dutch (informal) (nl-informal)
+* Rusyn (rue)
+
+Other significant changes to MediaWiki's language support:
+
+* Fiji Hindi (Devangari script) was removed.
+* Removed deprecated language code "dk" (Danish), use "da" instead.
+* Link trail added for sl and sh.
+* (bug 27633) Add characters to linkTrail for Portuguese (pt and pt-br).
+* (bug 23156) Commafy and search normalization updated for Belarusian
+ (Taraškievica).
+* (bug 23283) Native name for Old English -> Ænglisc.
+* (bug 23364) Native name for Azerbaijani -> Azərbaycanca.
+* (bug 24593) Native name for Sorani now uses only Arabic script.
+* (bug 24628) Generic translations for NS_USER/NS_USER_TALK for Esperanto.
+* (bug 24917) Polish as fallback for Kashubia.
+* (bug 24794) Tatar link trail updated.
+* Esperanto date format corrected.
+* (bug 28159) Change interwiki name of language kbd to Къэбэрдеибзэ /
+ Qabardjajəbza.
+* (bug 28184) Namespaces for the Latgalian Wikipedia.
+* (bug 25010) Bashkir-language interwikis: linktext change from Башҡорт
+ to Башҡортса.
+* (bug 26395) Change name of Cornish language to Kernowek.
+
+=== Other changes in 1.17 ===
+
+* DatabaseFunctions.php that was needed for compatibility with pre-1.3
+ extensions has been removed.
+* XmlFunctions.php has been removed. Use the Xml or Html classes as appropriate.
+* The FailFunction "error handling" method has now been removed
+* Sysops now have the "suppressredirect" right by default
+* Removed $wgRemoteUploads. It was not well supported and superseded by
+ $wgUploadNavigationUrl.
+* (bug 26253) $wgPostCommitUpdateList has been removed
+* The PHPUnit test suite has been removed from this release due to serious issues
+ which should be resolved by the 1.18 release.
+* Oracle DB now uses the __destruct function to commit/close connection as it
+ doesn't commit on close if transation is triggered in OCI.
+
+== MediaWiki 1.16 ==
+
+=== Configuration changes in 1.16 ===
+
+* (bug 18222) $wgMinimalPasswordLength default is now 1
+* $wgSessionHandler can be used to configure session.save_handler
+* $wgLocalFileRepo/$wgForeignFileRepos now have a 'fileMode' parameter to
+ be used when uploading/moving files
+* (bug 18761) $wgHiddenPrefs is a new array for specifying preferences not
+ to be shown to users
+* $wgAllowRealName and $wgAllowUserSkin were deprecated in favor of
+ $wgHiddenPrefs[] = 'realname', but the former are still retained
+ for backwards-compatibility
+* (bug 9257) $wgRCMaxAge now defaults to three months
+* $wgDevelopmentWarnings can be set to true to show warnings about deprecated
+ functions and other potential errors when developing.
+* Subpages are now enabled in the MediaWiki namespace by default. This is
+ mainly a cosmetic change, and does not in any way affect the MessageCache,
+ which was already effectively treating the namespace as if it had subpages.
+* Oracle: maintenance/ora/user.sql script for creating DB user on oracle with
+ appropriate privileges. Creating this user with web-install page requires
+ oci8.privileged_connect set to On in php.ini.
+* Removed UserrightsChangeableGroups hook introduced in 1.14
+* Added $wgCacheDirectory, to replace $wgFileCacheDirectory,
+ $wgLocalMessageCache, and any other local caches which need a place to put
+ files.
+* $wgFileCacheDirectory is no longer set to anything by default, and so either
+ needs to be set explicitly, or $wgCacheDirectory needs to be set instead.
+* $wgLocalMessageCache has been removed. Instead, set $wgUseLocalMessageCache
+ to true
+* Removed $wgEnableSerializedMessages and $wgCheckSerialized. Similar
+ functionality is now available via $wgLocalisationCacheConf.
+* $wgMessageCache->addMessages() is deprecated. Messages added via this
+ interface will not appear in Special:AllMessages.
+* $wgRegisterInternalExternals can be used to record external links pointing
+ to same server
+* (bug 19907) $wgCrossSiteAJAXdomains and $wgCrossSiteAJAXdomainExceptions added
+ to control which external domains may access the API via cross-site AJAX.
+* $wgMaintenanceScripts for extensions to add their scripts to the default list
+* $wgMemoryLimit has been added, default value '50M'
+* $wgExtraRandompageSQL is deprecated, the SpecialRandomGetRandomTitle hook
+ should be used instead
+* (bug 20489) $wgIllegalFileChars added to override the default list of illegal
+ characters in file names.
+* (bug 19646) $wgImgAuthDetails added to display reason access to uploaded file
+ was denied to users(img_auth only)
+* (bug 19646) $wgImgAuthPublicTest added to test to see if img_auth set up
+ correctly (img_auth only)
+* $wgUploadMaintenance added to disable file deletions and restorations during
+ maintenance
+* $wgCapitalLinkOverrides added to configure per-namespace capitalization
+* (bug 21172) $wgSorbsUrl can now be an array with multiple DNSBL and renamed
+ to $wgDnsBlacklistUrls (backward compatibility kept)
+* $wgEnableHtmlDiff has been removed
+* (bug 3340) $wgBlockCIDRLimit added (default: 16) to configure the low end of
+ CIDR ranges for blocking
+* $wgUseInstantCommons added for quick and easy enabling of Commons as a remote
+ file repository
+* $wgDBAhandler added to choose a DBA handler when using CACHE_DBA
+* $wgPreviewOnOpenNamespaces for extensions that create namespaces that behave
+ similarly to the category namespace.
+* $wgEnableSorbs renamed to $wgDnsBlacklistUrls ($wgEnableSorbs kept for
+ backward compatibility)
+* $wgUploadNavigationUrl now also affects inline images that do not
+ exist. In that case the URL will get (?|&)wpDestFile=<filename> appended to
+ it as appropriate.
+* If $wgLocaltimezone is null, use the server's timezone as the default for
+ signatures. This was always the behavior documented in DefaultSettings.php
+ but has not been the actual behavior for some time: instead, UTC was used
+ by default.
+* Added $wgExtensionAssetsPath, to decouple assets serving from $wgScriptPath.
+ If not specified it will default to $wgScriptPath/extensions
+* Added $wgCountTotalSearchHits to make search UI display total number of hits
+ with some search engines.
+* Added $wgAdvertisedFeedTypes to decide what feed types (RSS, Atom, both, or
+ neither) MediaWiki advertises. Default is array( 'atom' ), so RSS is no
+ longer advertised by default (but it still works).
+* Added $wgMemCachedTimeout, controls how long to wait for data from the
+ memcached servers.
+* New configuration variables $wgDebugTimestamps and $wgDebugPrintHttpHeaders
+ for controlling debug output.
+* New $wgBlockDisablesLogin when set to true disallows blocked users from
+ logging in.
+* (bug 8790) Metadata edition ($wgUseMetadataEdit) has been moved to a separate
+ extension "MetadataEdit".
+
+=== New features in 1.16 ===
+
+* Add CSS defintion of the 'wikitable' class to shared.css
+* (bug 17163) Added MediaWiki:Talkpageheader which will be displayed when
+ viewing talk pages
+* Superfluous border="0" removed from images
+* Added new hook 'MessageCacheReplace' into MessageCache.php. For instance
+ to allow extensions to update caches in similar way as MediaWiki invalidates
+ a cached MonoBook sidebar
+* Special:AllPages: Move hardcoded styles from code to CSS
+* (bug 18529) New hook: SoftwareInfo for adding information about the software
+ to Special:Version
+* Added $wgExtPGAlteredFields to allow extensions to easily alter the data
+ type of columns when using the Postgres backend.
+* (bug 16950) Show move log when viewing/creating a deleted page
+* (bug 18242) Show the Subversion revision number per extensions in
+ Special:Version
+* (bug 18420) Missing file revisions are handled gracefully now
+* (bug 9219) Auth plugins can control editing RealName/Email/Nick preferences
+* (bug 18466) Add note or warning when overruling a move (semi-)protection
+* (bug 18342) insertTags works in edit summary box
+* (bug 18411) The upload form also checks post_max_size
+* Watchlist now has a specialized <div> tag that contains a unique class for
+ each page
+* Added Minguo calendar support for the Taiwan Chinese language
+* Database: unionQueries function to be used for UNION sql construction, so
+ it can be overloaded on DB abstraction level for DB specific functionality
+* (bug 18849) Implement Japanese and North Korean calendars
+* (bug 5755) Introduce {{CURRENTMONTH1}} and {{LOCALMONTH1}} to display the
+ month number without the leading zero
+* (bug 13456) categoriespagetext supports PLURAL
+* (bug 18860) Blocks of IPs affecting registered users can now block email
+* (bug 17093) Date and time are separate parameters in Special:BlockList
+* (bug 11484) Added ISO speed rating to default collapsed EXIF metadata view
+* (bug 14866) Messages 'recentchangeslinked-toolbox' and
+ 'recentchangeslinked-toolbox' were added to allow more fine grained
+ customisation of the user interface
+* DISPLAYTITLE now accepts a limited amount of wiki markup (the single-quote
+ items)
+* Special:Search now could search terms in all variant-forms. ONLY apply on
+ wikis enabled LanguageConverter.
+* Add autopromote condition APCOND_BLOCKED to autopromote blocked users to
+ various user groups.
+* Add $wgRevokePermissions as a means of restricting a group's rights. The
+ syntax is identical to $wgGroupPermissions, but users in these groups will
+ have these rights stripped from them.
+* Added a PHP port of CDB (constant database), for improved local caching when
+ the DBA extension is not available.
+* Introduced a new system for localisation caching. The system is based around
+ fast fetches of individual messages, minimising memory overhead and startup
+ time in the typical case. The database backend will be used by default, but
+ set $wgCacheDirectory to get a faster CDB-based implementation.
+* Expanded the number of variables which can be set in the extension messages
+ files.
+* Added a feature to allow per-article process pool size control for the parsing
+ task, to limit resource usage when the cache for a heavily-viewed article is
+ invalidated. Requires an external daemon.
+* (bug 19576) Moved the id attributes from the anchors accompanying section
+ headers to the <span class="mw-headline"> elements within the section headers,
+ removing the redundant anchor elements.
+* Parser::setFunctionTagHook now can be used to add a new tag which is parsed at
+ preprocesor level.
+* Added $wgShowArchiveThumbnails, allowing sysadmins to disable thumbnail
+ display for old versions of images.
+* In watchlists and Special:RecentChanges, the difference in page size now
+ appears in dark green if bytes were added and dark red if bytes were removed.
+* Added FSRepo configuration properties thumbUrl and thumbDir, to allow the
+ thumbnails to be stored in a separate location to the source images.
+* If config/ directory is not executable, the command to make it executable
+ now asks the user to cd to the correct directory
+* Add experimental new external authentication framework, ExternalAuth
+* (bug 18768) Remove AdminSettings requirements. Maintenance environment
+ will still load it if it exists, but it's not required for anything
+* (bug 19900) The "listgrouprights-key" message is now wrapped in a div with
+ class "mw-listgrouprights-key"
+* (bug 471) Allow RSS feeds for watchlist, using an opt-in security token
+* (bug 10812) Interwiki links can have names and descriptions, fetched from
+ message 'interwiki-desc-PREFIX', not really used anywhere yet though
+* (bug 9691) Add type (signup or login) parameter to
+ AuthPlugin::ModifyUITemplate()
+* (bug 14454) "Member of group(s)" in Special:Preferences causes language
+ difficulties
+* (bug 16697) Unicode combining characters are difficult to edit in some
+ browsers
+* Parser test supports uploading results to remote CodeReview instance
+* (bug 20013) Added CSS class "mw-version-ext-version" is wrapped on the
+ extension version in Special:Version
+* (bug 20014) Added CSS class "mw-listgrouprights-right-name" is wrapped on the
+ right name in Special:ListGroupRights
+* (bug 12920) New CoreParserFunction {{nse:...}} as an url-friendly equivalent
+ to {{ns:...}}
+* (bug 16322) Allow maintenance scripts to accept DB user/pass over input or
+ params
+* (bug 18566) Maintenance script to un/protect pages
+* (bug 671) The HTML <abbr> tag is now permitted.
+* RecentChanges now has a legend to explain what the Nmb! flags mean, and the
+ flags have tooltips.
+* (bug 15209) New hook BeforeInitialize called after everything has been setup
+ but before Mediawiki::performRequestForTitle()
+* wgMainPageTitle variable now available to JavaScript code to identify the main
+ page link, so it doesn't have to be extracted from the link URLs.
+* (bug 16836) Display preview of signature in user preferences and describe its
+ use
+* The default output format is now HTML 5 instead of XHTML 1.0 Transitional.
+ This can be disabled by setting $wgHtml5 = false;. Specific features enabled
+ if HTML 5 is used:
+** Some extra inputs will be autofocused, in supporting browsers.
+** The summary attribute has been removed from tables of contents. summary is
+ obsolete in HTML 5 and wasn't useful here anyway.
+** Unnecessary type="" attribute removed for CSS and JS.
+** If $wgWellFormedXml is set to false, some bytes will be shaved off of HTML
+ output by omitting some things like quotation marks where HTML 5 allows.
+** (bug 16921) maxlength enabled for page move comments
+* The description message in $wgExtensionCredits can be an array with parameters
+* New hook SpecialRandomGetRandomTitle allows extensions to modify the selection
+ criteria used by Special:Random and subclasses, or substitute a custom result,
+ deprecating the $wgExtraRandompageSQL config variable
+* (bug 20318) Distinct CSS classes for ISBN/RFC/PMID special links added
+* (bug 20404) Custom fields in the user creation form template can now have
+ detail labels in prefsectiontip divs.
+* MakeSysop and MakeBot are now aliases for Special:UserRights
+* IndexPager->mLimitsShown can now be an associative array of limit => text-to-
+ display-in-limit-form.
+* (bug 18880) LogEventsList::showLogExtract() can now take a string-by-reference
+ and add its HTML to it, rather than having to go straight to $wgOut.
+* Added $wgShowDBErrorBacktrace, to allow users to easily gather backtraces for
+ database connection and query errors.
+* Show change block / unblock link on Special:Contributions if user is blocked
+* Display note on Special:Contributions if the user is blocked, and provide an
+ excerpt from the block log.
+* (bug 19646) New hook: ImgAuthBeforeStream for tests and functionality before
+ file is streamed to user, but only when using img_auth
+* Note on non-existing user and user talk pages if user does not exist
+* New hook ShowMissingArticle so extensions can modify the output for
+ non-existent pages.
+* Admins could disable some variants using $wgDisabledVariants now. ONLY apply
+ on wikis enabled LanguageConverter.
+* (bug 16310) Credits page now lists IP addresses rather than saying the number
+ of anonymous users that edited the page
+* New permission 'sendemail' added. Default right for all registered users. Can
+ for example be used to prevent new accounts from sending spam.
+* (bug 16979) Tracking categories for __INDEX__ and __NOINDEX__
+* Two new hooks, ConfirmEmailComplete and InvalidateEmailComplete, which are
+ called after a user's email has been successfully confirmed or invalidated.
+* (bug 19741) Moved the XCF files out of the main MediaWiki distribution, for
+ a smaller subversion checkout.
+* (bug 13750) First letter capitalization can now be a per-namespace setting
+* (bug 21073) "User does not exist" message no longer displayed on sub-sub-pages
+ of existing users
+* (bug 21095) Tracking categories produced by the parser (expensive parser
+ function limit exceeded, __NOINDEX__ tracking, etc) can now be disabled by
+ setting the system message ([[MediaWiki:expensive-parserfunction-category]]
+ etc) to "-".
+* Added maintenance script sqlite.php for SQLite-specific maintenance tasks.
+* Rewrote Special:Upload to allow easier extension.
+* Upload errors that can be solved by changing the filename now do not require
+ reuploading.
+* Added $wgRateLimitsExcludedIPs, to allow specific IPs to be whitelisted from
+ rate limits.
+* (bug 21222) When $wgUseTeX is not enabled, <math> is no longer registered with
+ the parser so extensions are free to implement their own <math> tag
+* (bug 21047) Wrap 'cannotdelete' into a div with the generic 'error' class and
+ an own 'mw-error-cannotdelete' class
+* New hook AbortNewAccountAuto, called before account creation from AuthPlugin-
+ or ExtUser-driven requests.
+* (bug 3480) The warning saying that the page has a history when deleting it now
+ contains the number of revisions in the history
+* $wgStylePath and $wgLogo are now set in the default LocalSettings.php file.
+* (bug 20186) Allow filtering history for revision deletion.
+* New hook OtherBlockLogLink, called in Special:IPBlockList and Special:Block
+ to show links to block logs of other blocking extensions, i.e. GlobalBlocking
+* Added search capabilities to SQLite backend
+* rebuildtextindex.php maintenance script now supports databases other than
+ MySQL
+* upgrade1_5.php now requires to be run --update option to prevent confusion
+* (bug 17662) Customizable default preload/editintro for new sections in the
+ respective addsection-preload and addsection-editintro messages
+* Added maintenance script checkSyntax.php that checks for PHP syntax errors
+ and common coding mistakes
+* Updated Unicode normalization tables
+* (bug 21604) Spellcheck attribute for editsummary
+* New wgCategories JavaScript global variable for userscripts.
+* (bug 20717) Added checkboxes to hide users with bot and/or sysop group
+ membership in SpecialActiveusers
+* Allow \pagecolor and \definecolor in texvc
+* $wgTexvcBackgroundColor contains background color for texvc call
+* (bug 21574) Redirects can now have "303 See Other" HTTP status
+* EditPage refactored to allow extensions to derive new edit modes much easier.
+* (bug 21826) Subsections of Special:Version now also have anchors
+* (bug 19791) Add URL of file source as comment to thumbs (for ImageMagick)
+* (bug 21946) Sorted wikitables do not properly handle minus signs
+* (bug 18885) Red links for media files do not support shared repositories
+* Added $wgFixArabicUnicode, to convert deprecated presentation forms in
+ Arabic text to their modern equivalents, and $wgFixMalayalamUnicode, to
+ convert ZWJ-based chillu sequences in Malayalam text to their Unicode 5.1
+ equivalents.
+* (bug 22051) Returing false in SpecialContributionsBeforeMainOutput hook now
+ stops normal output
+* Send new password e-mail in users preference language
+* LanguageConverter now support nested using of manual convert syntax like
+ "-{-{}-}-"
+* Upload license preview now uses the API instead of action=ajax
+* (bug 7346) Add <guid> to RSS to avoid duplicates
+* (bug 19996) Added new hooks for Special:Search, which allow to further
+ restrict/expand it.
+* (bug 21936) When a revision has been patrolled, there's now a link back to the
+ article
+* (bug 22315) SpecialRecentChangesQuery hook now pass $query_options and checks
+ the return value
+* Separate unit test suites under t/ and tests/ were merged and moved to
+ maintenance/tests/.
+* importImages.php maintenance script can now use the original uploader and
+comment from another wiki.
+* Support for Turck MMCache was removed
+* (bug 14592) Warn users when they try to move their user page that their
+ account will not be renamed
+* Show block log on non-existing user (talk) pages of currently blocked users
+
+=== Bug fixes in 1.16 ===
+
+* (bug 18031) Make namespace selector on Special:Export remember the previous
+ selection
+* The svn-version version numbers on Special:Version have been removed
+* (bug 17374) Special:Export no longer exports two copies of the same page
+* (bug 18190) Proper parsing in MediaWiki:Sharedupload message
+* (bug 17617) HTML cleanup for ImagePage
+* (bug 17964) namespaceDupes.php no longer fails on an empty interwiki table
+* Improved error handling for image moving
+* (bug 17974) On Special:SpecialPages, restricted special pages are now marked
+ with <strong> tags, helps with text-based browsers
+* (bug 18259) Special:DeletedContributions now also uses
+ MediaWiki:Sp-contributions-logs for the link to Special:Log
+* Don't add empty title="" attributes to links to anchors on the current page
+* (bug 18291) rebuildrecentchanges.php failed to add deletion log entries
+* (bug 18304) rebuildrecentchanges.php got size changes wrong
+* (bug 18170) Fixed a PHP warning in Parser::preSaveTransform() in PHP 5.3
+* (bug 18289) Database connection error page now returns correct HTML
+* "successbox", "errorbox" and related CSS classes are now available in all
+ skins
+* (bug 18316) Removed superfluous name="fulltext" from Special:Search
+* (bug 18331) MediaWiki:Undelete-revision can now have wikitext
+* The "noautoblock" flag is no longer displayed in the block log when blocking
+ an IP address
+* (bug 18009) $wgHooks and $wgExtensionFunctions now support closures
+* (bug 17948) Maintenance scripts now exit(0) or exit(1) as appropriate
+* (bug 18377) Time in Enhanced ChangesList lacking localisation
+* (bug 12998) Allow <sup>, <sub>, etc. in DISPLAYTITLE
+* (bug 1553) Lowercase navigation headings in German
+* (bug 7830) Pending transactions failed to commit on loginToUse() error
+* (bug 11613) session.save_handler being over-ridden
+* (bug 11381) session.save_handler being set twice (causes error)
+* (bug 17835) ForeignAPIRepo throwing error on first page load for file
+* (bug 18115) ForeignAPIRepo cache isn't working
+* Fixed a bug caused by LanguageConverter.php, which brings an abnormal '}-'
+ after some parsed math syntax.
+* (bug 18441) rebuildrecentchanges.inc no longer ignores $wgLogRestrictions
+* (bug 18317) Bolded selections in 1 | 3 | etc days on RecentChanges now use
+ <strong> instead of hardcoded styles
+* (bug 18449) Fixed items number per column on category pages when the total is
+ divisible by 3
+* (bug 18121) maintenance/deleteArchivedRevisions.php no longer deletes
+ revisions when --delete is not passed
+* (bug 13172) GPS coordinates in image Exif data are now actually displayed
+* Overhaul of preferences system, includes the following bug fixes:
+** (bug 5363) Changes to default preferences now impact registered users.
+** (bug 14806) Hook to enable putting preferences in existing tabs.
+** (bug 17191) Registration date now listed on preferences page.
+** The user_properties table (now used for storing preferences) has been added
+ to $wgSharedTables.
+** Note that this change will break some extensions which have not been adapted
+ for it.
+* (bug 17020) Adding fallback encodings for Traditional and Simplified Chinese
+ languages while the text is typed as URLs.
+* (bug 17614) Prev / Next links are not shown if all results are shown
+* (bug 18207) Strange spacing before [[irc:...]] links
+* Removed float from the user login form in RTL interface - caused display
+ problems in FF2
+* (bug 15008) Redirect images are now subject to Bad image list rules
+* (bug 6802) profileinfo.php now also work on other database servers than MySQL
+* (bug 16925) Diffs no longer fail when $wgExternalDiffEngine is set to
+ 'wikidiff' or 'wikidiff2' but extension is not installed
+* (bug 18326) Chmod errors in file repos have been hidden
+* (bug 18718) Comma after a } create a error in IE
+* (bug 18716) Removed redundant class in Modern skin CSS for category links and
+ tweaked spacing.
+* (bug 18656) Use proper directory separators in wfMkdirParents()
+* (bug 18549) Make Special:Blockip respect $wgEnableUserEmail and
+ $wgSysopEmailBans
+* (bug 16912) Tooltips on images with link= disappear
+* (bug 18389) Localise numbers in EXIF data
+* (bug 18522) Wrap MediaWiki:Protect-cascadeon in a div for identification
+* (bug 18438) Tweak HTML for preview bar for consistency and accessibility
+* (bug 18432) Updated documentation for dumpBackup.php
+* Fix array logic in Sanitizer::removeHTMLtags so that it doesn't strip good
+ tags that were redundantly defined.
+* (bug 14118) SpecialPage::getTitleFor does not return a localised name
+* (bug 18698) Renaming non entry point maintenance scripts from .inc.php to
+ .inc
+* Deprecated methods Title::getInterwikiLink, Title::userCanCreate(),
+ Title::userCanEdit() and Title::userCanMove() have been removed
+* Only show upload links on file description if $wgEnableUploads = true
+ and user can upload
+* Don't say "You need to log in to upload/move", because it's possible that
+ uploading/moving is disabled for registered users as well (e.g. only sysops)
+* (bug 18943) Handle invalid titles gracefully at Special:Mostlinked
+* (bug 8873) Enable variant conversion in text on 'alt' and 'title' attributes
+* (bug 10837) Introducing the StubUserVariant class to determine the variant
+ variable instead of using this to overrule the user language preference.
+* (bug 19014) If user had deletedhistory right, but not undeleted right, then
+ show "view" instead of "view/restore" on logs.
+* (bug 19017) TOC level calculation error in an odd case
+* (bug 18999) CSS update for RTL interwiki links
+* (bug 18925) history.js removes class names of list elements on initialization
+* Multiple whitespace in TOC anchors is now stripped, for consistency with the
+ link from the edit comment
+* (bug 19112) Preferences now respects $wgUseExternalEditor
+* (bug 18173) MediaWiki now fails when unable to determine a client IP
+* (bug 19170) Special:Version should follow the content language direction
+* (bug 19160) maintenance/purgeOldText.inc is now compatible with PostgreSQL
+* Fixed performance regression in "bad image list" feature
+* Show user preference 'Use live preview' if $wgLivePreview is enabled only
+* (bug 17014) Blocked users can no longer use Special:UserRights unless they
+ can add/remove *all* groups (have 'userrights' permission).
+* (bug 19294) Always show Sp-contributions-footer(-anon)
+* Attempts to restrict reading of pages while anonymous viewing is allowed
+ via extensions not using the userCan hook and via $wgRevokePermissions now
+ work.
+* (bug 8445) Multiple-character search terms are now handled properly for
+ Chinese
+* (bug 19450) Use formatNum for "Number of edits" in Special:Preferences
+* (bug 11242) Check for MySQL storage engines during installation now checks
+ whether the engines are actually available
+* (bug 19390) Omit the "printable version" link on the printable version
+* (bug 18394) img_auth.php now respects userCan
+* (bug 19509) Uploading to a file named '0' previously treated it as null input
+ and attempted to upload with the source name. Now warns about not having an
+ extension (since 0.ext is perfectly valid)
+* (bug 19468) Enotif preferences are now only displayed when they are turned on
+* (bug 19442) Show/hide options on watchlist only work once
+* (bug 19602) PubMed Magic links now use updated NIH url
+* (bug 19637) externallinks have links to self
+* Don't load Opera 9.5 RTL fixes for Opera 9.6
+* Remove five-year-old KHTMLFixes.css, which is unlikely to be relevant anymore
+ and was causing problems.
+* Removed repetition of URIs in the title attributes of external links.
+* (bug 19693) User name is now escaped in "Contributions for ..." link on
+ Special:BlockIP
+* (bug 19571) Override buildConcat for SQLite.
+* Log in and log out links no longer return to page view when clicked from
+ history view, edit page, or something similar
+* (bug 19513) RTL fixes for new Search UI
+* (bug 16497) Special:Allmessages is paginated
+* (bug 18708) CSS plainlinks class now available to all skins
+* (bug 19590) Database error messages no longer have "MySQL" hardcoded as the
+ database type
+* (bug 19759) successbox on Special:Preferences now correctly aligned on
+ standard, nostalgia and cologneblue skin
+* (bug 19814) interwiki links from file links ([[File:Foo.jpg|link=de:Test]])
+ are no longer recorded in the pagelinks table
+* (bug 19784) date option "ISO 8601" produced illegal id
+* (bug 19761) Removed autogenerated <meta keywords> tag with link data.
+ Keyword set was not useful, and is ignored by modern search engines anyway.
+* (bug 19827) Special:SpecialPages title is "Upload file
+* (bug 19355) Added .xhtml, .xht to upload file extension blacklist
+* (bug 19287) Workaround for lag on history page in Firefox 3.5
+* (bug 19564) Updated docs/hooks.txt
+* (bug 18751) Fix for buggage in profiling setup for some extensions on PHP 5.1
+* (bug 17139) ts_resortTable inconsistent trimming makes date sorting fragile
+* (bug 19445) Change oldimage table to use ON UPDATE CASCADE for FK to image
+ table.
+* (bug 14080) Short notation links to subpages didn't work in edit summaries
+* (bug 17374) Special:Export no longer exports multiple copies of pages
+* (bug 19818) Edits to user CSS/JS subpages can now be marked as patrolled by
+ users who can't edit them
+* (bug 19839) Comments in log items are no more double escaped
+* (bug 18161) Fix inconsistent separators in watchlist link toolbars with
+ "enhanced recent changes"
+* (bug 16877) Moving a page over a redirect no longer leaves an orphan entry in
+ the recentchanges table
+* (bug 16009) Limit selection forms based on Pager now links to the correct page
+ when using long urls
+* The display of the language list on the preferences is more comply with the
+ BCP 47 standards.
+* (bug 19849) Custom X-Vary-Options header now disabled unless $wgUseXVO is set
+* (bug 19301) Duplicate entries in $wgAddGroups, $wgRemoveGroups,
+ $wgGroupsAddToSelf and $wgGroupsRemoveFromSelf are no more displayed on
+ Special:ListGroupRights
+* (bug 18799) Special:Userlogin now handles correctly the returnto parameter
+ to not link back to Special:Userlogout when user's language isn't the same as
+ content's language
+* (bug 19479) Show proper error message when unable to connect to PostgreSQL
+ database with username/password in MediaWiki's setup
+* (bugs 18407, 18409) Special:Upload is now listed on Special:Specialpages only
+ if uploads are enabled and the user can access it
+* (bug 17988) Spaces before [[Category:]] links are no longer ignored
+* (bug 19957) All known-failing tests now marked disabled; added --run-disabled
+ option to parser test suite to run disabled tests if desired.
+* (bug 16311) Make recent change flags (n/m/b) <abbr>s instead of <span>s
+* (bug 15680) Split the edit tip message of user CSS/JS subpage into
+ "usercssyoucanpreview" and "userjsyoucanpreview" respectively.
+* (bug 12110) Split the rights for editing users' CSS/JS subpage from
+ "editusercssjs" into "editusercss" and "edituserjs" respectively.
+* (bug 19394) RecentChanges feed URLs for log items with no revisions
+ (eg Newuser, Userrights) are no longer broken
+* (bug 17395) Remote file descriptions use user language ($wgLang), not wiki
+ language ($wgContLang)
+* (bug 11867) Lock error on redirect table when running orphans.php
+* (bug 18930) initStats.php now refreshes active users count
+* (bug 18699) Using the nosummary URL option no longer triggers the "You have
+ not provided a summary" warning for those who activated it in their
+ preferences
+* (bug 18855) commandLine.inc and Maintenance.php are now properly included
+ using the full path
+* (bug 18497) Fixed broken style sheets in Opera fullscreen mode
+* (bug 16084) Default memory limit has be increased to 50M, see $wgMemoryLimit
+* (bug 17864/19519) Added proper input normalization in Special:UserRights
+* (bug 20086) Add Hook to add extra statistics at the end of Special:Statistics
+* (bug 19289) importDump.php can now handle bzip2 and 7zip
+* (bug 20131) Fixed a PHP notice for users having the "rollback" right on
+ Special:RecentChangesLinked
+* Do not transform EXIF fields with pure text to avoid results like
+ foo,bar@example,com
+* (bug 20176) Fix login/logout links in skin CologneBlue
+* (bug 20203) "Powered by Mediawiki" now has height/width on image tag
+* (bug 20273) Fix broken output when no pages are found in the content
+ namespaces
+* (bug 20265) Make AncientPages and UnusedFiles work on SQLite
+* Fixed XSS vulnerability for Internet Explorer clients (only pre-release
+ versions of MediaWiki were affected).
+* (bug 14817) Moving a page to a subpage of itself moves it twice
+* (bug 20289) $wgMaximumMovedPages should only count pages actually moved
+* (bug 15248) Non-breaking spaces and certain other Unicode space characters
+ are now normalized to ordinary spaces in titles; if your wiki has existing
+ titles with such characters, run cleanupTitles.php and/or cleanupImages.php
+* (bug 11143) Links containing invalid UTF-8 percent-code sequences are now
+ cleanly disabled instead of breaking parsing entirely on PHP 5.2.
+* (bug 20296) Fixed an PHP warning in Language::getMagic() in PHP 5.3
+* (bug 20358) Unprotect tab was missing accesskey; now same as protect tab.
+* (bug 20317) Cleaned up default main page link accesskey settings
+* (bug 20362) Special:Statistics now produces valid HTML when view counters are
+ enabled
+* (bug 19857) maintenance/deleteRevision.php on last revision no longer breaks
+ target page
+* (bug 20365) Page name with c/g/h/j/s/u + x are now correctly handled in
+ Special:MovePage with Esperanto as content language
+* (bug 20364) Fixed regression in GIF metadata loading
+* (bug 20299) MediaWiki:Move-subpages and MediaWiki:Move-talk-subpages can now
+ use wikitext
+* (bug 15475) DatabaseBase::setFlag(), DatabaseBase::clearFlag() and
+ DatabaseBase::getFlag() now have documentation
+* (bug 19966) MediaWiki:License-header is now used for the licensing header in
+ the file description page instead of MediaWiki:License
+* (bug 20380) Links to history/deleted edits at the top of
+ Special:RevisionDelete are no more displayed when doing log suppression
+* (bug 8143) Localised parser function names are now correctly case insensitive
+ if they contain non-ASCII characters
+* (bug 19055) maintenance/rebuildrecentchanges.php now purges
+ Special:Recentchanges's RSS and Atom feed cache
+* The installer will now try to bypass PHP's max_execution_time
+* (bug 20260) SQLite no longer tries to automatically create the database at
+ execution time, this now happens only at install time; if it is not available
+ at script execution, it now throws an exception
+* Fixed EditFilterMerged hook so the hookError parameter serves a purpose
+ (analogous to EditFilter hook)
+* (bug 2257) Tag extensions can expand template parameters provided to the tag,
+ by using a new parameter added to the recursiveTagParse function
+* (bug 14900) __INDEX__ and __NOINDEX__ no longer override site config set in
+ $wgArticleRobotPolicies.
+* (bug 20466) Hidden categories are no more displayed when printing
+* (bug 20446) When changing user rights with User@remotewiki and remotewiki is
+ the local wiki, the user is now treated as the local user
+* (bug 20494) OutputPage::getArticleBodyOnly() no longer requires an useless
+ argument
+* (bug 20136) Protection form JavaScript now synchronizes the expiry boxes on
+ any change, in addition to onkeyup.
+* Don't link to "edit this page" on MediaWiki:Noarticletext if user is not
+ allowed to create page. Done via new message
+ MediaWiki:Noarticletext-nopermission
+* Improved compatibility between the Vector skin and addPortletLink() from
+ wikibits.js: empty portlets are now present but hidden, adding an element to a
+ portlet unhides it
+* (bug 19531) addPortletLink() now wraps inserted labels in a <span> element to
+ be compatible with the CSS for the Vector skin
+* (bug 20578) Wrong localized image metadata - duplicated string?
+* (bug 20556) Stub threshold's "other" <input> in Special:Preferences now has a
+ correct type="text" parameter
+* (bug 482) Don't include TOC in the printable version if it has been hidden
+* Adjust the time according to the user configuration on Special:Revisiondelete
+* (bug 20624) Installation no longer allows "qqq" as the chosen language
+* (bug 20634) The installer-created database user will now have all rights on
+ the database so that upgrades will go more smoothly.
+* (bug 18180) Special:Export ignores limit, dir, offset parameters
+* User::getBlockedStatus() works for all kinds of user objects and doesn't
+ assume the user object is equal to the current-user object ($wgUser)
+* (bug 20517) Cancel link from edit page now returns to the old version when
+ editing an old version
+* (bug 16902) Installer no longer shows warnings when exec() has been disabled
+ by disable_functions
+* (bug 20726) Title::getLatestRevID's documentation now says that the function
+ returns false if the page doesn't exist
+* (bug 20751) ForeignApiRepo now urldecodes filenames when saving to local cache
+* (bug 20730) Fix to Special:Version ViewVC link for branch checkouts
+* (bug 20353) wfShellExec() was adding extra quotes on Windows Vista, causing
+ command line scripts to fail
+* (bug 20702) Parser functions can now be used correctly in
+ MediaWiki:Missing-article
+* (bug 14117) "redirected from" is now also shown on foreign file redirects
+* (bug 17747) Only display thumbnail column in file history if the image can
+ be rendered.
+* (bug 3421) Live preview no longer breaks user CSS/JS previews
+* (bug 11264) The file logo on a file description page for documents (PDF, ...)
+ now links to the file rather than the file description page
+* Password fields built with HTMLForm now still have the type="password"
+ attribute if $wgHtml5=false.
+* (bug 20836) Preload now works for MediaWiki namespace
+* (bug 20885) Search box no longer suggests unavailable special pages
+* (bug 20948) "Create this page" on Special:Search is no longer displayed when
+ searching for special pages
+* (bug 20524) Hideuser: Show nice error when trying to block hidden user without
+ hideuser right
+* (bug 21026) Fixed file redirects on shared repos on non-English client wikis
+* (bug 21030) Fixed schema choices from being overwritten by defining unique
+ field names per driver.
+* (bug 21115) wgCanonicalSpecialPageName javascript variable is now always
+ false on non-special pages
+* (bug 21113) "Other statistics" header on Special:Statistics is no more
+ displayed when there isn't any entry in it
+* (bug 21114) Special:Contributions no longer shows diff links for new
+ revisions
+* (bug 21116) MediaWiki:Templatesused, MediaWiki:Templatesusedpreview and
+ MediaWiki:Templatesusedsection now support plural
+* (bug 21079) There is no more line wrapping between label and field in
+ Special:Log
+* (bug 20256) Fixed SQL errors on Special:Recentchanges and
+ Special:Recentchangeslinked on SQLite backend
+* (bug 20880) Fixed updater failure on SQLite backend
+* (bug 21182) Fixed invalid HTML in Special:Listgrouprights
+* (bug 20242) Installer no longer promts for user credentials for SQLite
+ databases
+* (bug 20911) Installer failed to create a SQLite database
+* (bug 20847) Deprecated deprecated akeytt() removed in wikibits.js leaving
+ dummy
+* (bug 21161) Changing $wgCacheEpoch now always invalidates file cache
+* (bug 20268) Fixed row count estimation on SQLite backend
+* (bug 20275) Fixed LIKE queries on SQLite backend
+* (bug 21234) Moving subpages of titles containing \\ now works properly
+* (bug 21006) maintenance/updateArticleCount.php now works again on PostgreSQL
+* (bug 19319) Add activeusers-intro message at top of SpecialActiveUsers page
+* (bug 21255) Fixed hostname construction for DNSBL checking
+* (bug 18019) Users are now warned when moving a file to a name in use on a
+ shared repository and only users with the 'reupload-shared' permission can
+ complete the move.
+* (bug 18909) Add missing Postgres INSERT SELECT wrapper
+* User::isValidPassword now only returns boolean results,
+ User::getPasswordValidity can be used to get an error message string
+* The error message shown in Special:ChangePassword now parses wiki markup
+* (bug 19859) Removed experimental HTMLDiff feature
+* Removed section edit links in edit conflict form
+* Allow SpecialActiveusers to work on non-MySQL databases
+* (bug 6579) Fixed protecting images from uploading only
+* (bug 18609) Search index was empty for some pages
+* (bug 13453) rebuildrecentchanges maintenance script works on PG again
+* (bug 16583) Reduce false positives when checking for PHP (on upload, etc.)
+* (bug 20112) Bitrotted tests in the t/ directory were failing.
+* (bug 21470) MediaWiki:Sp-contributions-explain is now wrapped in a <p> with
+ id "mw-sp-contributions-explain"
+* (bug 19159) Fixed \overleftrightarrow in texvc
+* (bug 19391) Fix caching for Recent ChangesFeed.
+* (bug 21455) Fixed "Watch this page" checkbox appearing on some special pages
+ even to non-logged in users
+* (bug 21551) Rewrote the Squid purge HTTP client to provide a more robust and
+ general implementation of HTTP, allowing it to purge non-Squid caches such as
+ Varnish.
+* Fixed corruption of long UDP debug log messages by using socket_sendto()
+ instead of fsockopen() with fwrite().
+* (bug 16884) Fixed feed links in sidebar not complying with URL parameters
+ of the displayed page
+* (bug 21403) memcached class renamed to MWMemecached to avoid conflict with
+ PHP's memcached extension
+* (bug 21650) Both calls to SkinTemplateTabs hook are now compatible
+* (bug 21672) Add missing Accept-Language to both Vary and XVO headers
+* (bug 21679) "Edit block reasons" link at the bottom of Special:Blockip is now
+ only displayed to the users that have "editinterface" right
+* (bug 21740) Attempting to protect a page that doesn't exist (salting) returns
+ "unknown error"
+* (bug 18762) both redirects and links get fixed one after another if
+ redirects-only switch is not present
+* (bug 20159) thumbnails rerendered if older than $wgThumbnailEpoch
+* Fixed a bug which in some situations causes the job queue to grow forever,
+ due to an infinite loop of job requeues.
+* (bug 21523) File that can have multiple pages (djvu, pdf, ...) no longer have
+ the page selector when they have only one page
+* (bug 21559) "logempty" message is now wrapped in a div with class
+ "mw-warning-logempty" when used in log extract
+* (bug 20549) Parser tests were broken on SQLite backend
+* (bug 21776) Interwiki urls like http://en.wikibooks.org/wiki/cs: should give
+ a redirect instead of a baderror.
+* (bug 21803) Special:MyContributions now keeps the query string parameters
+* Redirecting special pages now keep query string parameters set to "0" (e.g.
+ for namespace)
+* (bug 20765) Special:ListGroupRights no longer misses addables and removables
+ groups if there are duplicate entries
+* (bug 21814) Message shown when rolling back an edit with a deleted username
+ now shows '(username deleted)' instead of broken user tool links
+* (bug 21536) Fixed JavaScript error on Special:Search caused by an incorrect ID
+* (bug 21535) RecentChanges RSS feed now always recognises the namespace filter,
+ previously it sometimes didn't due to caching.
+* (bug 20388) ProfilerSimpleText no longer outputs comment on action=raw
+* refreshLinks.php now purges orphaned redirect table rows
+* (bug 2971) Swap links of hist & diff location on Special:Contributions for
+ consistency with RC/WL
+* (bug 21986) Special page names are now capitalized by content language
+* If two log types have the same description, they're now both displayed in the
+ type selector on Special:Log
+* (bug 20115) Special:Userlogin title says "Log in / create account" even if the
+ user can't create an account
+* (bug 2658) Don't attempt to set the TZ environment variable.
+* (bug 9794) User rights log entries for foreign user now links to the foreign
+ user's page if possible
+* (bug 14717) Don't load nonexistent CSS fix files for non-Monobook skins
+* (bug 22034) Use wfClientAcceptsGzip() in wfGzipHandler instead of
+ reimplementing it.
+* (bug 19226) First line renders differently on many UI messages.
+* (bug 21303) Comments are no longer stripped from MediaWiki:Common.js and
+ skin-specific JS pages
+* (bug 5061) Use the more precise thumbcaption thumbimage and thumbinner classes
+ for image divs.
+* (bug 22096) IE50Fixes.css and IE55Fixes.css have been dropped from the Monobook
+ and Chick skins
+* Fixed bug involving unclosed "-{" markup in the language converter
+* (bug 21870) No longer include Google logo from an external server on wiki error.
+* (bug 22181) Do not truncate if the ellipsis actually make the string longer
+* (bug 16039) Text disappearing after a bad image
+* (bug 18784) Internal links like [[File:Foo|caption]] should read 'caption',
+ not 'File:Foo' when Foo is not an image
+* (bug 21518) Special:UserRights no longer displays the user name box for users
+ that can only change their rights
+* (bug 21593) Special:UserRights now lists automatic groups membership
+* (bug 22364) Setting $wgUseExternalEditor to false no longer hides the reupload
+ link from file pages
+* Fix bug introduced in MediaWiki 1.12: The author field in
+ $wgExtensionCredits is no longer sorted with sort() but rather used
+ as it appears in extensions as was the case before r30117 where it
+ was unintentionally sorted along with other fields.
+* (bug 19334) Textarea no longer jumps when editing longer articles in IE8
+* Truncate summary of page moves in revision comment field to avoid broken
+ multibyte characters
+* (bug 22540) ForeignApiRepos no longer try to store thumbnails that don't exist
+* (bug 22551) Special:Resetpass now has a "Cancel" button that sends the user to
+ the page set in the &returnto parameter.
+* (bug 19194) Search box in Modern skin doesn't focus with Safari/Chrome
+* (bug 17790) Users instantly logged off on HughesNet
+* (bug 21549) Make foreign key constraints DEFERRABLE INITIALLY DEFERRED
+ when using Postgres as the database backend.
+
+== API changes in 1.16 ==
+
+* Added uiprop=changeablegroups to meta=userinfo
+* Added usprop=gender to list=users
+* (bug 18311) action=purge now works for images too
+* Add parentid to prop=revisions output
+* (bug 17832) action=delete returns 'unknownerror' instead of 'permissiondenied'
+ when the user is blocked
+* (bug 18546) Added timestamp of new revision to action=edit output
+* (bug 18554) Also list hidden revisions in list=usercontribs for privileged
+ users
+* (bug 13049) "API must be accessed from the primary script entry point" error
+* (bug 16422) Don't display help for format=jsonfm unless specifically requested
+* Added PHP and database version to meta=siteinfo output
+* (bug 18533) Add readonly message to meta=siteinfo output
+* (bug 18518) Add clprop=hidden to prop=categories
+* (bug 18710) Fixed internal error with empty parameter in action=paraminfo
+* (bug 18709) Missing descriptions for some parameters in action=paraminfo
+ output
+* (bug 18731) Show correct SVN links for extension modules in api.php?version
+* (bug 18730) Add version information to action=paraminfo output
+* (bug 18743) Add ucprop=size to list=usercontribs
+* (bug 18749) Add generator flag to action=paraminfo output
+* Make action=block respect $wgEnableUserEmail and $wgSysopEmailBans
+* Made deleting file description pages without files possible
+* (bug 18773) Add content flag to siprop=namespaces output
+* (bug 18785) Add siprop=languages to meta=siteinfo
+* (bug 14200) Added user and excludeuser parameters to list=watchlist and
+ list=recentchanges
+* Added index, fromtitle and byteoffset fields to action=parse&prop=sections
+ output
+* (bug 19313) action=rollback returns wrong revid on master/slave setups
+* (bug 19323) action=parse doesn't return section tree on pages with Cite
+ warnings
+* (bug 18720) Add anchor field to action=parse&prop=sections output
+* (bug 19423) The initial file description page used caption in user lang
+ rather than UI lang
+* (bug 17809) Add number of users in user groups to meta=siteinfo
+* (bug 18533) Add readonly reason to readonly exception
+* (bug 19528) Added XSLT parameter to API queries in format=xml
+* (bug 19040) Fix prependtext and appendtext in combination with section
+ parameter in action=edit
+* (bug 19090) Added watchlist parameter, deprecated watch and unwatch
+ parameter in action=edit
+* Added fields to list=search output: size, wordcount, timestamp, snippet
+* Where supported by backend, list=search adds a 'searchinfo' element with
+ optional info: 'totalhits' count and 'suggestion' alternate query term
+* (bug 19907) $wgCrossSiteAJAXdomains added to allow specified (or all)
+ external domains to access api.php via AJAX, if the browser supports the
+ Access-Control-Allow-Origin HTTP header
+* (bug 19999) Made metadata and properties of search results optional. Added
+ srprop and srinfo.
+* (bug 20700) Add amprop=default to meta=allmessages to list default value for
+ customized messages
+* Don't parse magic words in meta=allmessages, output messages unparsed
+* (bug 21105) list=usercontribs can now list contribs for User:0
+* (bug 21085) list=deletedrevs no longer returns only one revision when
+ drcontinue param is passed
+* (bug 21106) Deprecated parameters now tagged in action=paraminfo
+* (bug 19004) Added support for tags
+* (bug 21083) list=allusers no longer returns current timestamp for users
+ without registration date
+* (bug 20967) action=edit allows creation of invalid titles
+* (bug 19523) Add inprop=watched to prop=info
+* (bug 21589) API: Separate summary and initial page text for uploads
+* (bug 21817) list=usercontribs returns empty result for empty ucuser
+* (bug 21441) meta=userinfo&uiprop=options no longer returns default options
+ for logged-in users under certain circumstances
+* (bug 21945) Add chomp control in YAML
+* Expand the thumburl to an absolute url to make it consistent with url and
+ descriptionurl
+* (bug 20233) ApiLogin::execute() doesn't handle LoginForm :: RESET_PASS
+* (bug 22061) API: add prop=headitems to action=parse
+* (bug 22240) API: include time in siteinfo
+* (bug 22241) Quick edit is still using the deprecated watch parameter (API: Setting default for watch/unwatch wrongly set)
+* (bug 22245) blfilterredirect=nonredirects in blredirect mode wrongly filtering
+* (bug 22248) Output extension URLs in meta=siteinfo&siprop=extensions
+* Support key-params arrays in 'descriptionmsg' in meta=siteinfo&siprop=extensions
+* (bug 21922) YAML output should quote asterisk when used as key
+* (bug 22297) safesubst: to allow substitution without breaking transclusion
+* (bug 18758) API read of watchlist's wl_notificationtimestamp
+* (bug 20809) Expose EditFormPreloadText via the API
+* (bug 18427) Comment (edit summary) parser option for API
+* (bug 18608) API should provide list of CSS styles to apply to rendered output
+* (bug 18771) List possible errors in action=paraminfo
+
+=== Languages updated in 1.16 ===
+
+MediaWiki supports over 300 languages. Many localisations are updated
+regularly. Below only new and removed languages are listed, as well as
+changes to languages because of Bugzilla reports.
+
+* Capiznon (cps) (new)
+* North Frisian (frr) (new)
+* Kirmanjki (kiu) (new)
+* Komi-Permyak (koi) (new)
+* Karachay-Balkar (krc) (new)
+* Hill Mari (mrj) (new)
+* Prussian (prg) (new)
+* Romagnol (rgn) (new)
+* Lower Silesian (sli) (new)
+* Picard (pcd) (new)
+* Uyghur (Arabic script) (ug-arab) (new)
+* Upper Franconian (vmf) (new)
+* Votic (vot) (new)
+* Eastern Yiddish (ydd) (removed)
+* Iriga Bicolano (bto) (removed)
+* Ladin (lld) (removed)
+* Laz (lzz) (removed)
+* Palembang (plm) (removed)
+* Megleno-Romanian (Greek script) (ruq-grek) (removed)
+* Tamazight (tzm) (removed)
+* Laz (lzz) (new)
+
+* (bug 18474) Sorani (ckb - Central Kurdish) (renamed from ku-arab)
+* Add PLURAL function for Scots Gaelic (gd)
+* Add Estonian letters äöõšüž to linktrail (et)
+* (bug 18776) Native name of Burmese language (my)
+* (bug 18806) Use correct unicode characters in spelling of native Chuvash
+ (Чӑвашла)
+* (bug 18864) Updated autonym for Zhuang language
+* (bug 18308) Updated date formatting in Occitan (oc)
+* (bug 19080) Added ăâîşţșțĂÂÎŞŢȘȚ to Romanion (ro) linktrail
+* (bug 19286) Correct commafying function in Polish (pl)
+* (bug 19441) Updated date formatting for Lithuanian
+* (bug 19630) Added ÄäÇçĞğŇňÖöŞşÜüÝýŽž to Turkmen (tk) linktrail
+* (bug 19949) New linktrail for Greek (el)
+* (bug 19809) Korean (North Korea) (ko-kp) (new)
+* (bug 19968) Fixed "Project talk" namespace name for Maltese (mt)
+* (bug 21168) Added áâãàéêçíóôõúü to Portuguese (pt) linktrail
+* (bug 21596) Change interwiki link for Kurdish (ku)
+* (bug 23767) PHP warning/error when REQUEST_URI returns blank (IIS issue).
+
+== MediaWiki 1.15 ==
+
+=== Configuration changes in 1.15 ===
+
+* Added $wgNewPasswordExpiry, to specify an expiry time (in seconds) to
+ temporary passwords
+* Added $wgUseTwoButtonsSearchForm to choose the Search form behavior/look
+* Added $wgNoFollowDomainExceptions to allow exempting particular domain names
+ from rel="nofollow" on external links
+* (bug 12970) Brought back $wgUseImageResize.
+* Added $wgRedirectOnLogin to allow specifying a specific page to redirect users
+ to upon logging in (ex: "Main Page")
+* Add $wgExportFromNamespaces for enabling/disabling the "export all from
+ namespace" option (disabled by default)
+
+=== New features in 1.15 ===
+
+* (bug 2242) Add an expiry time to temporary passwords
+* (bug 9947) Add PROTECTIONLEVEL parser function to return the protection level
+ for the current page for a given action
+* (bug 17002) Add &minor= and &summary= as parameters in the url when editing,
+ to automatically add a summary or a minor edit.
+* (bug 16852) padleft and padright now accept multiletter pad characters
+* When using 'UserCreateForm' hook to add new checkboxes into
+ Special:UserLogin/signup, the messages can now contain HTML to allow
+ hyperlinking to the site's Terms of Service page, for example
+* Add new hook 'UserLoadFromDatabase' that is called while loading a user
+ from the database.
+* (bug 17045) Options on the block form are prefilled with the options of the
+ existing block when modifying an existing block.
+* (bug 17055) "(show/hide)" links to Special:RevisionDelete now use a CSS class
+ rather than hardcoded HTML tags
+* Added new hook 'WantedPages::getSQL' into SpecialWantedpages.php to allow
+ extensions to alter the SQL query which is used to get the list of wanted
+ pages
+* (bugs 16957/16969) Add show/hide to preferences for RC patrol options on
+ specialpages
+* (bug 11443) Auto-noindex user/user talk pages for blocked user
+* (bug 11644) Add $wgMaxRedirects variable to control how many redirects are
+ recursed through until the "destination" page is reached.
+* Add $wgInvalidRedirectTargets variable to prevent redirects to certain
+ special pages.
+* Use HTML5 rel attributes for some links, where appropriate
+* Added optional alternative Search form look - Go button & Advanced search
+ link instead of Go button & Search button
+* (bug 2314) Add links to user custom CSS and JS to Special:Preferences
+* More helpful error message on raw page access if PHP_SELF isn't set
+* (bug 13040) Gender switch in user preferences
+* (bug 13040) {{GENDER:}} magic word for interface messages
+* (bug 3301) Optionally sort user list according to account creation time
+* Remote description pages for foreign file repos are now fetched in the
+ content language.
+* (bug 17180) If $wgUseFileCache is enabled, $wgShowIPinHeader is automatically
+ set to false.
+* (bug 16604) Mark non-patrolled edits in feeds with "!"
+* (bug 16604) Show title/rev in IRC for patrol log
+* (bug 16854) Whether a page is being parsed as a preview or section preview
+ can now be determined and set with ParserOptions.
+* Wrap message 'confirmemail_pending' into a div with CSS classes "error" and
+ "mw-confirmemail-pending"
+* (bug 8249) The magic words for namespaces and pagenames can now be used as
+ parser functions to return the desired namespace or normalized title/title
+ part for a given title.
+* (bug 17110) Styled #mw-data-after-content in cologneblue.css to match the
+ rest of the font
+* (bug 7556) Time zone names in signatures lack i18n
+* (bug 3311) Automatic category redirects
+* (bug 17236) Suppress 'watch user page link' for IP range blocks
+* Wrap message 'searchresulttext' (Special:Search) into a div with
+ class "mw-searchresult"
+* (bug 15283) Interwiki imports can now fetch included templates
+* Treat svn:// URLs as external links by default
+* New function to convert namespace text for display (only applies on wiki with
+ LanguageConverter class)
+* (bug 17379) Contributions-title is now parsed for magic words.
+* Preprocessor output now cached in memcached.
+* (bug 14468) Lines in classic RecentChanges and Watchlist have classes
+ "mw-line-odd" and "mw-line-even" to make styling using css possible.
+* (bug 17311) Add a note beside the gender selection menu to tell users that
+ this information will be public
+* Localize time zone regions in Special:Preferences
+* Add NUMBEROFACTIVEUSERS magic word, which is like NUMBEROFUSERS, but uses
+ the active users data from site_stats.
+* Add a <link rel="canonical"> tag on redirected page views
+* Replace hardcoded '...' as indication of a truncation with the
+ 'ellipsis' message
+* Wrap warning message 'editinginterface' into a div with class
+ 'mw-editinginterface'
+* (bug 17497) Oasis opendocument added to mime.types
+* Remove the link to Special:FileDuplicateSearch from the "file history" section
+ of image description pages as the list of duplicated files is shown in the
+ next section anyway.
+* Added $wgRateLimitsExcludedIPs, to allow specific IPs to be whitelisted from
+ rate limits.
+* (bug 14981) Shared repositories can now have display names, located at
+ Mediawiki:Shared-repo-name-REPONAME, where REPONAME is the name in
+ $wgForeignFileRepos
+* Special:ListUsers: Sort list of usergroups by alphabet
+* (bug 16762) Special:Movepage now shows a list of subpages when possible
+* (bug 17585) Hide legend on Special:Specialpages from non-privileged users
+* Added $wgUseTagFilter to control enabling of filter-by-change-tag
+* (bug 17291) MediaWiki:Nocontribs now has an optional $1 parameter for the
+ username
+* Wrap special page summary message '$specialPageName-summary' into a div
+ with class 'mw-specialpage-summary'
+* $wgSummarySpamRegex added to handle edit summary spam. This is used *instead*
+ of $wgSpamRegex for edit summary checks. Text checks still use $wgSpamRegex.
+* New function to convert content text to specified language (only applies on wiki with
+ LanguageConverter class)
+* (bug 17844) Redirect users to a specific page when they log in, see
+ $wgRedirectOnLogin
+* Added a link to Special:UserRights on Special:Contributions for privileged users
+* (bug 10336) Added new magic word {{REVISIONUSER}}, which displays the editor
+ of the displayed revision
+* LinkerMakeExternalLink now has an $attribs parameter for link attributes and
+ a $linkType parameter for the type of external link being made
+* (bug 17785) Dynamic dates surrounded with a <span> tag, fixing sortable tables with
+ dynamic dates.
+* (bug 4582) Provide preference-based autoformatting of unlinked dates with the dateformat
+ parser function.
+* (bug 17886) Special:Export now allows you to export a whole namespace (limited to 5000 pages)
+* (bug 17714) Limited TIFF upload support now built in if 'tif' extension is
+ enabled. Image width and height are now recognized, and when using ImageMagick,
+ optional flattening to PNG or JPEG for inline display can be enabled by setting
+ $wgTiffThumbnailType
+* Renamed two input IDs on Special:Log from 'page' and 'user' to 'mw-log-page' and
+ 'mw-log-user', respectively
+* Added $wgInvalidUsernameCharacters to disallow certain characters in
+ usernames during registration (such as "@")
+* Added $wgUserrightsInterwikiDelimiter to allow changing the delimiter
+ used in Special:UserRights to denote the user should be searched for
+ on a different database
+* Add a class if 'missingsummary' is triggered to allow styling of the summary
+ line
+* Title attributes are now always blank on framed and thumbnailed images, and default to blank
+ on inline images instead of defaulting to the image's filename. Additionally, the alt
+ attribute now defaults to the filename on framed and thumbnailed images if no caption or alt
+ attribute is specified.
+
+=== Bug fixes in 1.15 ===
+* (bug 16968) Special:Upload no longer throws useless warnings.
+* (bug 17000) Special:RevisionDelete now checks if the database is locked
+ before trying to delete the edit.
+* (bug 16852) padleft and padright now handle multibyte characters correctly
+* (bug 17010) maintenance/namespaceDupes.php now add the suffix recursively if
+ the destination page exists
+* (bug 17035) Special:Upload now fails gracefully if PHP's file_uploads has
+ been disabled
+* Fixing the caching issue by using -{T|xxx}- syntax (only applies on wiki with
+ LanguageConverter class)
+* Improving the efficiency by using -{A|xxx}- syntax (only applies on wiki with
+ LanguageConverter class)
+* (bug 17054) Added more descriptive errors in Special:RevisionDelete
+* (bug 11527) Diff on page with one revision shows "Next" link to same diff
+* (bug 8065) Fix summary forcing for new pages
+* (bug 10569) redirects to Special:Mypage and Special:Mytalk are no longer
+ allowed by default. Change $wgInvalidRedirectTargets to re-enable.
+* (bug 3043) Feed links of given page are now preceded by standard feed icon
+* (bug 17150) escapeLike now escapes literal \ properly
+* Inconsistent use of sysop, admin, administrator in system messages changed
+ to 'administrator'
+* (bug 14423) Check block flag validity for block logging
+* DB transaction and slave-lag avoidance tweaks for Email Notifications
+* (bug 17104) Removed [Mark as patrolled] link for already patrolled revisions
+* (bug 17106) Added 'redirect=no' and 'mw-redirect' class to redirects at
+ "user contributions"
+* Rollback links on new pages removed from "user contributions"
+* (bug 15811) Re-upload form tweaks: license fields removed, destination locked,
+ comment label uses better message
+* Whole HTML validation ($wgValidateAllHtml) now works with external tidy
+* Parser tests no longer fail when $wgExternalLinkTarget is set in
+ LocalSettings
+* (bug 15391) catch DBQueryErrors on external storage insertion. This avoids
+ error messages on save were the edit in fact is saved.
+* (bug 17184) Remove duplicate "z" accesskey in MonoBook
+* Parser tests no longer fail when $wgAlwaysUseTidy is set in LocalSettings.php
+* Removed redundant dupe warnings on reupload for the same title. Dupe warnings
+ for identical files at different titles are still given.
+* Add 'change tagging' facility, where changes can be tagged internally with
+ certain designations, which are displayed on various summaries of changes,
+ and the entries can be styled with CSS.
+* (bug 17207) Fix regression breaking category page display on PHP 5.1
+* Categoryfinder utility class no longer fails on invalid input or gives wrong
+ results for category names that include pseudo-namespaces
+* (bug 17252) Galician numbering format
+* (bug 17146) Fix for UTF-8 and short word search for some possible MySQL
+ configs
+* (bug 7480) Internationalize database error message
+* (bug 16555) Number of links to mediawiki.org scaled back on post-installation
+* (bug 14938) Removing a section no longer leaves excess whitespace
+* (bug 17304) Fixed fatal error when thumbnails couldn't be generated for file
+ history
+* (bug 17283) Remove double URL escaping in show/hide links for log entries
+ and RevisionDeleteForm::__construct
+* (bug 17105) Numeric table sorting broken
+* (bug 17231) Transcluding special pages on wikis using language conversion no
+ longer affects the page title
+* (bug 6702) Default system messages updated/improved
+* (bug 17190) User ID on preference page no longer has delimeters
+* (bug 17341) "Powered by MediaWiki" should be on the left on RTL wikis
+* (bug 17404) "userrights-interwiki" right was missing in User::$mCoreRights
+* (bug 7509) Separation strings should be configurable
+* (bug 17420) Send the correct content type from action=raw when the HTML file
+ cache is enabled.
+* (bug 12746) Do not allow new password e-mails when wiki is in read-only mode
+* (bug 17478) Fixed a PHP Strict standards error in
+ maintenance/cleanupWatchlist.php
+* (bug 17488) RSS/Atom links in left toolbar are now localized in classic skin
+* (bug 17472) use print <<<EOF in maintenance/importTextFile.php
+* Special:PrefixIndex: Move table styling to shared.css, add CSS IDs to tables
+ use correct message 'allpagesprefix' for input form label, replace _ with ' '
+ in next page link
+* (bug 17506) Exceptions within exceptions now respect $wgShowExceptionDetails
+* Fixed excessive job queue utilisation
+* File dupe messages for remote repos are now shown only once.
+* (bug 14980) Messages 'shareduploadwiki' and 'shareduploadwiki-desc' are now
+ used as a parameter in 'sharedupload' for easier styling and customization.
+* (bug 17482) Formatting error in Special:Preferences#Misc (Opera)
+* (bug 17556) <link> parameters in Special:Contributions feeds (RSS and Atom)
+ now point to the actual contributors' feed.
+* ForeignApiRepos now fetch MIME types, rather than trying to figure it locally
+* Special:Import: Do not show input field for import depth if
+ $wgExportMaxLinkDepth == 0
+* (bug 17570) $wgMaxRedirects is now correctly respected when following
+ redirects (was previously one more than $wgMaxRedirects)
+* (bug 16335) __NONEWSECTIONLINK__ magic word to suppress new section link.
+* (bug 17581) Wrong index name in PostgreSQL's updater: was rc_timestamp_nobot,
+ changed to rc_timestamp_bot
+* (bug 17437) Fixed incorrect link to web-based installer
+* (bug 17538) Use shorter URLs in <link> elements
+* (bug 13778) Hidden input added to the search form so that using the Enter key
+ on IE will do a fulltext search like clicking the button does
+* (bug 1061) CSS-added icons next to links display through the text and makes
+ it unreadable in RTL
+* Special:Wantedtemplates now works on PostgreSQL
+* (bug 14414) maintenance/updateSpecialPages.php no longer throws error with
+ PostgreSQL
+* (bug 17546) Correct Tongan language native name is "lea faka-Tonga"
+* (bug 17621) Special:WantedFiles has no link to Special:Whatlinkshere
+* (bug 17460) Client ecoding is now correctly set for PostgreSQL
+* (bug 17648) Prevent floats from intruding into edit area in previews if no
+ toolbar present
+* (bug 17692) Added (list of members) link to 'user' in Special:Listgrouprights
+* (bug 17707) Show file destination as plain text if &wpForReUpload=1
+* (bug 10172) Moved setting of "changed since last visit" flags out of the job
+ queue
+* (bug 17761) "show/hide" link in page history in now works for the first
+ displayed revision if it's not the current one
+* (bug 17722) Fix regression where users are unable to change temporary passwords
+* (bug 17799) Special:Random no longer throws a database error when a non-
+ namespace is given, silently falls back to NS_MAIN
+* (bug 17751) The message for bad titles in WantedPages is now localized
+* (bug 17860) Moving a page in the "MediaWiki" namespace using SuppressRedirect
+ no longer corrupts the message cache
+* (bug 17900) Fixed User Groups interface log display after saving groups.
+* (bug 17897) Fixed string offset error in <pre> tags
+* (bug 17778) MediaWiki:Catseparator can now have HTML entities
+* (bug 17676) Error on Special:ListFiles when using Postgres
+* Special:Export doesn't use raw SQL queries anymore
+* (bug 14771) Thumbnail links to individual DjVu pages no longer have
+ two "page" parameters
+* (bug 17972) Special:FileDuplicateSearch form now works correctly on wikis that
+ don't use PathInfo or short urls
+* (bug 17990) trackback.php now has a trackback.php5 alias and works with
+ $wgScriptExtension
+* (bug 14990) Parser tests works again with PostgreSQL
+* (bug 11487) Special:Protectedpages doesn't list protections with pr_expiry
+ IS NULL
+* (bug 18018) Deleting a file redirect leaves behind a malfunctioning redirect
+* (bug 17537) Disable bad zlib.output_compression output on HTTP 304 responses
+* (bug 11213) [edit] section links in printable version no longer appear when you cut-and-paste article text
+* (bug 17405) "Did you mean" to mirror Go/Search behavior of original request
+* (bug 18116) 'edittools' is now output identically on edit and upload pages
+* (bug 17241) The diffonly URI parameter should cascade to "Next edit" and "Previous edit" diff links
+* (bug 16823) 'Sidebar search form should not use Special:Search view URL as target'
+* (bug 16343) Non-existing, but in use, category pages can be "go" match hits
+* Fixed a CSS validation issue which allowed external images to be included
+ into wikis where that is disallowed by configuration.
+* Fixed a data leakage vulnerability for private wikis using img_auth.php or
+ similar image access authentication schemes. Check user permissions before
+ streaming out scaled images from thumb.php.
+
+== API changes in 1.15 ==
+* (bug 16858) Revamped list=deletedrevs to make listing deleted contributions
+ and listing all deleted pages possible
+* (bug 16844) Added clcategories parameter to prop=categories
+* (bug 17025) Add "fileextension" parameter to meta=siteinfo&siprop=
+* (bug 17048) Show the 'new' flag in list=usercontribs for the revision that
+ created the page, even if it's not the top revision
+* (bug 17069) Added ucshow=patrolled|!patrolled to list=usercontribs
+* action=delete respects $wgDeleteRevisionsLimit and the bigdelete user right
+* (bug 15949) Add undo functionality to action=edit
+* (bug 16483) Kill filesort in ApiQueryBacklinks caused by missing parentheses.
+ Building query properly now using makeList()
+* (bug 17182) Fix pretty printer so URLs with parentheses in them are
+ autolinked correctly
+* (bug 17224) Added siprop=rightsinfo to meta=siteinfo
+* (bug 17239) Added prop=displaytitle to action=parse
+* (bug 17317) Added watch parameter to action=protect
+* (bug 17007) Added export and exportnowrap parameters to action=query
+* (bug 17326) BREAKING CHANGE: Changed output format for iiprop=metadata
+* (bug 17355) Added auwitheditsonly parameter to list=allusers
+* (bug 17007) Added action=import
+* BREAKING CHANGE: Removed rctitles parameter from list=recentchanges because
+ of performance concerns
+* Listing (semi-)deleted revisions and log entries as well in prop=revisions
+ and list=logevents
+* (bug 11430) BREAKING CHANGE: Modules may return fewer results than the
+ limit and still set a query-continue in some cases
+* (bug 17357) Added movesubpages parameter to action=move
+* (bug 17433) Added bot flag to list=watchlist&wlprop=flags output
+* (bug 16740) Added list=protectedtitles
+* Added mainmodule and pagesetmodule parameters to action=paraminfo
+* (bug 17502) meta=siteinfo&siprop=namespacealiases no longer lists namespace
+ aliases already listed in siprop=namespaces
+* (bug 17529) rvend ignored when rvstartid is specified
+* (bug 17626) Added uiprop=email to list=userinfo
+* (bug 13209) Added rvdiffto parameter to prop=revisions
+* Manual language conversion improve: Now we can include both ";" and ":" in
+ conversion rules
+* (bug 17795) Don't report views count on meta=siteinfo if $wgDisableCounters
+ is set
+* (bug 17774) Don't hide read-restricted modules like action=query from users
+ without read rights, but throw an error when they try to use them.
+* Don't hide write modules when $wgEnableWriteAPI is false, but throw an error
+ when someone tries to use them
+* BREAKING CHANGE: action=purge requires write rights and, for anonymous users,
+ a POST request
+* (bug 18099) Using appendtext to edit a non-existent page causes an interface
+ message to be included in the page text
+* Fixed the circular template inclusion check, was broken when the loop
+ involved redirects. Without this, infinite recursion within the parser is
+ possible.
+* (bug 18601) generator=backlinks returns invalid continue parameter
+* (bug 18597) Internal error with empty generator= parameter
+* (bug 18617) Add xml:space="preserve" attribute to relevant tags in XML output
+* (bug 17611) Provide a sensible error message on install when the SQLite data
+ directory is wrong.
+
+=== Languages updated in 1.15 ===
+
+MediaWiki supports over 300 languages. Many localisations are updated
+regularly. Below only new and removed languages are listed, as well as
+changes to languages because of Bugzilla reports.
+
+* Austrian German (de-at) (new)
+* Swiss Standard German (de-ch) (new)
+* Simplified Gan Chinese (gan-hans) (new)
+* Traditional Gan Chinese (gan-hant) (new)
+* Literary Chinese (lzh) (new)
+* Uyghur (Latin script) (ug-latn) (renamed from 'ug')
+* Veps (vep) (new)
+* Võro (vro) (renamed from fiu-vro)
+* (bug 17151) Add magic word alias for #redirect for Vietnamese
+* (bug 17288) Messages improved for default language (English)
+* (bug 12937) Update native name for Afar
+* (bug 16909) 'histlegend' now reuses messages instead of copying them
+* (bug 17832) action=delete returns 'unknownerror' instead of 'permissiondenied' when
+ the user is blocked
+* Traditional/Simplified Gan Chinese conversion support
+
+== MediaWiki 1.14 ==
+
+=== Configuration changes in 1.14 ===
+
+* $wgExemptFromUserRobotsControl is an array of namespaces to be exempt from
+ the effect of the new __INDEX__/__NOINDEX__ magic words. (Default: null, ex-
+ empt all content namespaces.)
+* $wgForwardSearchUrl has been removed entirely. Documented setting since 1.4
+ has been $wgSearchForwardUrl.
+* (bug 15080) $wgOverrideSiteFeed has been added. Setting either
+ $wgSiteFeed['rss'] or 'atom' to a URL will override the default Recent
+ Changes feed that appears on all pages.
+* $wgSQLiteDataDirMode has been introduced as the default directory mode for
+ SQLite data directories on creation. Note that this setting is separate from
+ $wgDirectoryMode, which applies to all normal dirs created by MediaWiki.
+* $wgGroupsAddToSelf and $wgGroupsRemoveFromSelf now work more like
+ $wgAddGroups and $wgRemoveGroups, where the user must belong to a specified
+ group in order to add or remove those groups from themselves.
+ Backwards compatibility is maintained.
+* $wgRestrictDisplayTitle controls if the use of the {{DISPLAYTITLE}} magic
+ word is restricted to titles equivalent to the actual page title. This
+ is true per default, but can be set to false to allow any title.
+* $wgSpamRegex may now be an array of multiple regular expressions.
+* $wgAjaxSearch has been removed; use $wgEnableMWSuggest instead.
+* Editing the MediaWiki namespace is now unconditionally restricted to people
+ with the editinterface right, configuring this in $wgNamespaceProtection
+ is not required.
+* $wgAllowExternalImagesFrom may now be an array of multiple strings.
+* Introduced $wgEnableImageWhitelist to toggle the on-wiki external image
+ whitelist on or off.
+* Added $wgRenderHashAppend to append some string to the parser cache and the
+ sitenotice cache keys.
+* $wgRCChangedSizeThreshold is now a positive integer by default,
+* (bug 16006) $wgEnableWriteAPI is now true by default. Authorized can perform
+ write actions using the API.
+* Added $wgRC2UDPInterwikiPrefix which adds an interwiki prefix
+ ($wgLocalInterwiki) onto the page names in the UDP feed.
+* Added $wgAllowUserSkin to let the wiki's owner disable user selectable skins
+ on the wiki. If it's set to false, then the skin used will *always* be
+ $wgDefaultSkin.
+* Added $wgEnotifUseRealName, which allows UserMailer to send out e-mails based
+ on the user's real name if one is set. Defaults to false (use the username)
+* Removed the 'apiThumbCacheDir' option from $wgForeignFileRepos (only used in
+ ForeignAPIRepo)
+* (bug 44) Image namespace and accompanying talk namespace renamed to File.
+ For backward compatibility purposes, Image still works. External tools may
+ need to be updated.
+* The constants NS_FILE and NS_FILE_TALK can now be used instead of NS_IMAGE and
+ NS_IMAGE_TALK. The old constants are retained as aliases for compatibility,
+ and should still be used in code meant to be compatible with v1.13 or older.
+* MediaWiki can be forced to use private IPs forwarded by a proxy server by
+ using $wgUsePrivateIPs.
+* The 'BeforeWatchlist' hook has been removed due to internal changes in
+ Special:Watchlist. 'SpecialWatchlistQuery' should now be used by extensions
+ to customize the watchlist database query.
+
+=== Migrated extensions ===
+The following extensions are migrated into MediaWiki 1.14:
+
+* Special:DeletedContributions to show deleted user contributions (was
+ extension DeletedContributions)
+* Special:Log/newusers recording new users (was extension Newuserlog)
+* Special:LinkSearch to search for external links (was extension LinkSearch)
+* RenderHash
+* NoMoveUserPages
+* UniversalEditButton
+
+=== New features in 1.14 ===
+
+* New URL syntaxes for Special:ListUsers - 'Special:ListUsers/USER' and
+ 'Special:ListUsers/GROUP/USER', in addition to the older syntax
+ 'Special:ListUsers/GROUP' where GROUP is a valid group name.
+* Configurable per-namespace and per-page notices for the edit form,
+ respectively MediaWiki:Editnotice-# where # is the namespace number, and
+ MediaWiki:Editnotice-#-PAGENAME where # is the page's namespace number and
+ PAGENAME is the page name minus the namespace prefix.
+* (bug 8068) New __INDEX__ and __NOINDEX__ magic words allow user control of
+ search engine indexing on a per-article basis.
+* Handheld stylesheet options
+* Added 'DoEditSectionLink' hook as a cleaner unified version of the old
+ 'EditSectionLink' and 'EditSectionLinkForOther' hooks. Note that the
+ 'EditSectionLinkForOther' hook has been removed, but 'EditSectionLink' is
+ run in all cases instead, so extensions using the old hooks should still work
+ if they ran roughly the same code for both hooks (as is almost certain).
+* Signature (~~~~) "cleaning", i.e. template removal, can be disabled with
+ $wgCleanSignatures=false
+* Extensions can use the SkinBuildSidebar hook to modify the content of the
+ sidebar and add custom portlets to it
+* Added 'MakeGlobalVariablesScript' hook for extensions to be able to add vari-
+ ables into the output of Skin::makeVariablesScript
+* (bug 13846) Added $wgAddGroups and $wgRemoveGroups display on
+ Special:ListGroupRights
+* (bug 14377) Add a date selector to history pages
+* (bug 15007) New 'pagetitle-view-mainpage' message allows the HTML <title> of
+ the main page to be customized
+* Added $wgDisableTitleConversion to disabling the conversion for all pages on
+ the wiki
+* Added 'noconvertlink' toggle that can be set per user preferences, also
+ added 'convertlink=no|yes' on GET requests whether have the link titles
+ being converted or not
+* (bug 14921) Special:Contributions/: add user name to <title>
+ Patch by Emufarmers
+* Unescape more "safe" characters when producing URLs, for added prettiness
+* Introduced a new hook 'SkinAfterContent' that allows extensions to add text
+ after the page content and article metadata. Updated all skins and skin
+ templates to work with that hook.
+* (bug 14929) removeUnusedAccounts.php now supports 'ignore-touched' and
+ 'ignore-groups'. Patch by Louperivois
+* (bug 15127) Work around minor display glitch in Opera.
+* By default, reject file uploads that look like ZIP files, to avoid the
+ so-called GIFAR vulnerability.
+* (bug 15141) Give ability to only list protected pages with the cascading
+ option enabled on Special:ProtectedPages
+* (bug 15157) Special:Watchlist has the same options as Special:Watchlist:
+ Show/Hide logged in users, Show/Hide anonymous, Invert namespace selection
+* Added hook 'UserrightsChangeableGroups' to allow modification of what
+ groups may be added or removed via the Special:UserRights interface.
+* HTML entities like &nbsp; now work (are not escaped) in edit summaries.
+* (bug 13815) In the comment for page moves, use the colon-separator message
+ instead of a hardcoded colon.
+* Allow <gallery> to accept image names without an Image: prefix
+* Add tooltips to rollback and undo links
+* BMP images are now displayed as PNG
+* (bug 13471) Added NUMBERINGROUP magic word
+* (bug 11884) Now support Flash EXIF attribute
+* Show thumbnails in the file history list, patch by User:Agbad
+* Added support of piped wikilinks using double-width brackets
+* Added an on-wiki external image whitelist. Items in this whitelist are
+ treated as regular expression fragments to match for when possibly
+ displaying an external image inline.
+* (bugs 15405, 15436) Sort more currency types correctly in sortable tables
+* (bug 15422) Sort more different types of numbers in sortable tables
+* (bug 2889) MediaWiki:Print.css applies to the printable version
+* Category counts (e.g. from {{PAGESINCATEGORY:}}) should be more accurate for
+ small categories
+* After logging in, automatically redirect to wherever you logged in from
+* (bug 5619) Break messages used in Special:Statistics down further
+* (bug 11029) Add link to Special:Listusers?group=sysop etc at
+ Special:Statistics
+* (bug 15514) Setting $wgRightsText without $wgRightsUrl now produces a
+ plaintext copyright notice. Patch by Juliano F. Ravasi.
+* (bug 15551) Deletion log excerpt is now shown whenever a user vists a
+ deleted page, even if they are unable to edit it.
+* Added Wantedfiles special pages, allowing users to find image links with no
+ image.
+* (bug 12650) It is now possible to set different expiration times for
+ different restriction types on the protection form.
+* (bug 8440) Allow preventing blocked users from editing their talk pages
+* Improved upload file type detection for OpenDocument formats
+* Added the ability to set the target attribute on external links with
+ $wgExternalLinkTarget
+* api.php now sends "Retry-After" and "X-Database-Lag" HTTP headers if the
+ maxlag check fails, just like index.php does
+* Added "link" parameter to image links, to allow images to link to an
+ arbitrary title or URL. This should replace inaccessible and incomplete
+ solutions such as CSS-based overlays and ImageMap.
+* (bug 368) Don't use caption for alt attribute; allow manual specification
+ using new "alt=" parameter for images
+* (bug 44) The {{ns:}} core parser function now also accepts localized
+ namespace names and aliases; also, its output now uses spaces instead of
+ underscores to match the behavior of the {{NAMESPACE}} magic word
+* Added the ability to display user edit counts in Special:ListUsers. Off by
+ default, enabled with $wgEdititis = true (named after the medical condition
+ marked by unhealthy obsession with edit counts).
+* Added a file cache to the parser to improve page rendering time on pages with
+ several uses of the same image.
+* (bug 1250) Users can still use "show preview" and "show changes" even if the
+ wiki is set to read-only mode.
+* Added a call to the 'UnwatchArticleComplete' hook to the watchlist editor.
+ This should make it so that ALL user-accessible methods of removing a page
+ from a watchlist lead to this hook being called (it was previously only
+ called from within Article.php
+* Maximum execution time for shell processes on linux is now configured with
+ $wgMaxShellTime (180 seconds by default)
+* (bug 1306) 'Email user' link no longer shown on user page when emailing
+ is not available due to lack of confirmed address or disabled preference
+* Special:Wanted templates special page added to display missing templates
+ linked from articles
+* Make search matches bold only, not red as well
+* (bug 10080) Blocks can be modified without unblocking first
+* (bug 15820) Special:BlockIP shows a notice if the user being blocked is
+ already directly blocked
+* (bug 13710) Allow to force "watch this" checkbox via URL using parameter
+ "watchthis"
+* (bug 15125) Add Public Domain to default options when installing. Patch by
+ Nathan Larson.
+* Set a special temporary directory for ImageMagick with $wgImageMagickTempDir
+* (bug 16113) Show/hide for redirects in Special:NewPages
+* (bug 15903) Upload link was added to Nostalgia skin
+* (bug 15761) Add user toggle to omit diff after rollback
+* Added the BitmapHandler_ClientOnly media handler, which allows server-side
+ image scaling to be completely disabled for specific media types, via the
+ $wgMediaHandlers configuration variable.
+* New 'AbortDiffCache' hook can be used to cancel the caching of a diff
+* (bug 15835) Added Content-Style-Type meta tag
+* (bug 11027) Add parameter to MW:Randompage-nopages so that user can see the
+ namespace.
+* Add id="mw-user-domain-section" to <tr> tag in Userlogin.php template so that
+ admins with a single domain can hide the domain section using CSS
+* Dropped old Paser_OldPP class. Only new parser with preprocessor is used.
+* Moved password reset form from Special:Preferences to Special:ResetPass
+* Added Special:ChangePassword as a special page alias for Special:ResetPass
+* Added complementary function for addHandler() called removeHandler() for removing events
+* Improved security of file uploads for IE clients, using a reverse-engineered
+ algorithm very similar to IE's content detection algorithm.
+* Cascading protection no longer requires that both edit and move are restricted
+ to sysop, just edit=sysop is enough
+* (bug 2391) A warning is now shown for invalid ISBN numbers on Special:Booksources.
+* Installer has been updated to reflect the release of the GFDL 1.3. The URL for 1.2
+ has been updated, and the 1.3 URL has been given. 1.2 is still Wikipedia-compatible.
+ RightsCode was changed from 'gfdl' to 'gfdl1_2', so we can now support 1.2 as well
+ as 1.3 (gfdl1_3).
+* (bug 16293) PD URL was changed to the CreativeCommons site on PD (which auto-detects
+ your language) instead of Wikipedia.
+* (bug 16635) The "view and edit watchlist" page (Special:Watchlist/edit) now
+ includes a table of contents
+* File objects returned by wfFindFile() are now cached by default
+* (bug 7492) Rights can now be assigned to specific IP addresses and ranges by
+ using $wgAutopromote (new defines: APCOND_ISIP and APCOND_IPINRANGE)
+* Add a 'change block' link to Special:IPBlockList and Special:Log
+* (bug 16459) Use native getElementsByClassName where possible, for better
+ performance in modern browsers
+* Enable \cancel and \cancelto in texvc (recompile required)
+* Added 'UserCryptPassword' and 'UserComparePasswords' hooks to allow extensions to implement
+ their own password hashing methods.
+* (bug 16760) Add CSS-class to action links of Special:Log
+* (bug 505) Time zones can now be specified by location in user preferences,
+ avoiding the need to manually update for DST. Patch by Brad Jorsch.
+* (bug 2585) HTTP 404 return code is now given for a page view if the page
+ does not exist, allowing spiders and link checkers to detect broken links.
+* Special:Log: Add 'change protection' link for unprotected pages too
+* Special:Log: Add log type specific CSS classes 'mw-logline-$logtype' to
+ 'li' elements
+* (bug 16754) Making arbitrary rows of sortable tables sticky:
+ |- class="unsortable"
+* Show subversion too even if a "normal" version number is available
+* (bug 16121) Add a note that a page move was without creating a redirect in the
+ move log
+* Image moving is now enabled for sysops by default
+* Make "Did you mean" search feature more noticeable
+* (bug 16720) Transcluded Special:NewPages processes "/username="
+
+=== Bug fixes in 1.14 ===
+
+* (bug 14907) DatabasePostgres::fieldType now defined.
+* (bug 14659) Passing the default limit param to Special:Recentchanges no more
+ falls back to the user option
+* (bug 14954) Fix regression in Modern and Simple skins
+* Recursion loop check added to Categoryfinder class
+* Fixed few performance troubles of large job queue processing
+* Not setting various parameters in Foreign Repos now fails more gracefully
+* (bug 2333) Redirects are properly rendered when previewing an edit.
+* (bug 14972) Use localized alias of Special:Search on all search forms
+* (bug 11035) Special:Search should have descriptive <title>
+* Special pages are now not subject to special handling for "self-links"
+* (bug 15053) Syntactically incorrect redirects with another link in them
+ no longer redirect to the second link
+* (bug 15049) Fix for CheckUser extension's log search: usernames containing
+ a "-" were incorrectly turned into bogus IP range searches.
+ Patch by Max Semenik.
+* (bug 15055) Talk page notifications no longer attempt to send mail when
+ user's e-mail address is invalid or unconfirmed
+* (bug 12370) Add throttle on password attempts. Defaults to max 5 attempts in
+ 5 minutes.
+* (bug 15016) 'Templates used on this page' list in view source should be
+ wrapped in a div with class "templatesUsed"
+* (bug 14868) Setting $wgFeedDiffCutoff to 0 now disables generation of the
+ diff entirely, not just the display of it.
+* (bug 6387) Introduced new setting $wgCategoryPrefixedDefaultSortkey which
+ allows having the unprefixed page title as the default category sortkey
+* (bug 15079) Add class="ns-talk" / "ns-subject" to <body>. Also added
+ ns-special to special pages.
+* (bug 15052) Skins should add their name as a class in <body>
+* (bug 14165, bug 14294) Wikimedia specific configuration in convertGrammar()
+ for several languages was removed. The settings have been put in extension
+ WikimediaMessages. Patch for Czech by Danny B.
+* (bug 15101) Displaying only bots edits in Special:Recentchanges now works
+ again
+* (bug 13770) Fixed incorrect detection of PHP's DOM module
+* (bug 14790) Export of category pages when using Category: prefix now actually
+ gives results
+* Avoid recursive crazy expansions in section edit comments for pages which
+ contain '/*' in the title
+* Fix excessive memory usage when parsing pages with lots of links
+* $wgSpamRegex now matches the edit summary and page move descriptions in
+ addition to body text.
+* Navigation links to images available from a shared repository (like Commons)
+ from their local talk pages no longer appear as redlinks
+* Action=purge on ForeignApiFiles now works (purges their thumbnails and
+ description pages).
+* (bug 15303) Title conversion for templates wasn't working in some cases.
+* (bug 15264) Underscores in Special:Search/Foo_bar parameters were taken
+ literally; now converting them to spaces per expectation.
+* (bug 15342) "Invert" checkbox now works correctly when selecting main
+ namespace in Special:Watchlist
+* (bug 15172) 'Go' button of Special:Recentchanges now on the same line as the
+ last input element (like Special:Watchlist too)
+* (bug 15351) Fix fatal error for invalid section fragments in autocomments
+* Fixed intermittent deadlock errors involving objectcache table queries.
+ Use a separate database connection for the objectcache table to avoid
+ long-lasting locks on that table.
+* Respect file restrictions in the file history list
+* (bug 15399) Odd/even classes on sortable tables' rows could be slow for large
+ tables, and have been disabled by default.
+* (bug 15482) Special:Recentchangeslinked has no longer two submit buttons
+* (bug 15292) New message notification for unregistred users now works again
+* (bug 14398) mwsuggest.js: Let width of container be configurable
+* (bug 15543) Only include user touched timestamp to generated CSS
+* (bug 15497) Removed encoding attribute from <?xml ?> tag
+* (bug 12284) Special:Preferences now sets a returnto parameter on the link to
+ Special:UserLogin. Patch by Marooned.
+* Fixed the HTTP accept language string detection length in
+ LanguageConverter.php, instead of the fixed length language codes.
+* Special:RecentChangesLinked no longer shows outgoing links for nonexistent
+ pages even if there are broken link records with source article id 0 in the
+ database
+* (bug 15598) Special:Newpages default limit uses user preference for
+ recentchanges limit instead of hardcoded 50.
+* (bug 15617) $wgFeedClassesOutputPage::getHeadLinks() respects $wgFeedClasses,
+ instead of hardcoding rss and atom. Patch by Juliano F. Ravasi.
+* (bug 14638) Special:Blockip now provides a link to the block log if the user
+ has been blocked more than 10 times. Patch by Matt Johnston.
+* (bug 12678) Skins don't show Upload link if the user isn't allowed to upload.
+* Fixed incorrect usage of DB_LAST in Special:Export. Deprecated DB_LAST.
+* (bug 15642) Blocked sysops can no longer block other users
+* Http::request() now respects $wgHTTPtimeout when not using cURL
+* (bug 15158) Userinvalidcssjstitle not shown on preview
+* (bug 15196) Free external links should be numbered in a localised manner
+* (bug 15388) Title of Special:PrefixIndex
+* Links with no title but a curid parameter now use the curid to pick a page
+* (bug 10323) Special:Undelete should have "inverse selection" button
+* (bug 15831) Modern skin RTL support is bugous
+* (bug 15869) Nostalgia skin does not show page title in printable mode
+* (bug 15795) Special:Userrights is now listed on Special:SpecialPages when the
+ user can only change his rights
+* (bug 15846) Categories "leak" from older revisions in certain circumstances
+* (bug 15928) Special pages dropdown should be inline in non-MonoBook skins
+* (bug 14178) Some uses of UserLoadFromSession hook cause segfault
+* (bug 15925) Postitive bytes added on recentchanges and watchlists are now
+ bolded if above the threshold, previously it only worked for negatives
+* Specify apple-touch-icon before favicon in HTML head section to make the
+ Konqueror browser correctly use the latter
+* (bug 15717) Set $separatorTransformTable for language 'eu'
+* (bug 15605) Enabled $datePreferences for language 'hr'. Added standard date
+ preferences.
+* (bug 13701) {{NUMBEROFVIEWS}} magic word to show number of total views.
+* (bug 5101) Image from Commons doesn't show up when searched in Wikipedia
+ search box
+* (bug 14609) User's namespaces to be searched default not updated after adding
+ new namespace
+* Purge form uses valid XHTML
+* (bug 12764) Special:LonelyPages shows transcluded pages
+* (bug 16073) Enhanced RecentChanges uses onclick handler with better fallback
+ if JavaScript is disabled
+* (bug 4253) Recentchanges IRC messages no longer include title in diff URLs
+* Allow '0' to be an accesskey.
+* (bug 8063) Use language-dependent sorting in client-side sortable tables
+* (bug 16160) Suggestions box should be resized from left for RTL wikis
+* (bug 11533) Fixed insane slowdown when in read-only mode for long periods
+ of time with CACHE_NONE (default objectcache table configuration).
+* Trying to set two different default category sort keys for one page now
+ produces a warning
+* (bug 16143) Fix redirect loop on special pages starting with lower case
+ letters
+* (bug 15737) Fix notices while expanding using PPCustomFrame
+* (bug 15544) Non-index entry points cause the "Wiki not set up" message to
+ have corrupt URLs
+* (bug 5101) Image from Commons doesn't show up when searched in Wikipedia
+ search box
+* (bug 4362) [[MediaWiki:History copyright]] no more used with most recent
+ revision when passing oldid parameter in the url
+* (bug 16265) When caching thumbs with the ForeignApiRepo, we now use the same
+ filename as the remote site.
+* (bug 8345) Don't autosummarize where a redirect was left unchanged
+* Made thumb caching in ForeignApiFile objects integrated with normal thumb
+ path naming (/thumbs/hash/file), retired 'apiThumbCacheDir' as a result.
+* (bug 5530) Consistency between character encoding in {{PAGENAMEE}},
+ {{SUBPAGENAMEE}} and {{FULLPAGENAMEE}}
+* Safer handling of non-MediaWiki exceptions -- now obeys our settings for
+ formatting and path exposure.
+* Less verbose errors from profileinfo.php when not configured
+* Blacklist redirects via Special:Filepath, hard to use.
+* Improved input validation on Special:Import form
+* Add a .htaccess to deleted images directory for additional protection
+ against exposure of deleted files with known SHA-1 hashes on default
+ installations.
+* Improved scripting safety heuristics for IE 5/6 content-type detection.
+* Improved scripting safety heuristics on SVG uploads.
+* (bug 11728) Unify layout of enhanced watchlist/recent changes
+* (bug 8702) Properly update stats when running nukePage maintenance script
+* (bug 7726) Searches for words less than 4 characters now work without
+ requiring customization of MySQL server settings
+* Honour unchecked "Leave a redirect behind" for moved subpages
+* (bug 16440) Broken 0-byte math renderings are now deleted and re-rendered
+ when page is re-parsed.
+* (bug 6100) Unicode BiDi embedding/override characters (U+202A - U+202E) are
+ now automatically removed from titles; these characters can accidentally end
+ up in copy-and-pasted titles, and, by overriding normal bidirectional text
+ handling, can lead to annoying behavior such as text rendering backwards
+* Fixed minor bug where the memcached value for how many accounts an IP had
+ created that day would be increased even if $wgAccountCreationThrottle was
+ hit. This meant if an IP hit the throttle and then the throttle was raised
+ later that day, the IP still couldn't create another account, because it
+ had marked them as having created another account, when their last account
+ creation had actually failed.
+* (bug 12647) Allow autogenerated edit summary messages to be blanked with '-'
+* (bug 16026) 'Revision-info' and 'revision-info-current' both accept wiki
+ markup now.
+* (bug 16529) Fix for search suggestions with some third-party JS libraries
+* (bug 13342) importScript() generates more consistent URI encoding
+* (bug 16577) When a blocked user tries to rollback a page, the block message
+ is now only displayed once
+* (bug 14268) SVG image sizes now extracted with proper XML parser
+* (bug 14365) RepoGroup::findFiles() no longer crashes if passed an invalid
+ title via the API
+* (bug 4253, bug 16586) Revision ID is now given instead of title in URLs for
+ new pages in the recent changes IRC feed
+* Ugly tooltips in Special:Statistics were phased out in favor of more direct
+ information. Went ahead and rewrote SpecialStatistics to subclass SpecialPage
+* (bug 5506) Links to files on foreign repositories are now shown consistently
+ as bluelinks e.g. in logs and edit summaries
+* (bug 16623) Add missing </p> tag in Special:LockDB
+* (bug 15849) Special:Movepage now throws a more specific error when trying to
+ move a title to an interwiki target
+* (bug 16638) 8-bit URL fallback encoding now set on additional languages using
+ Arabic script (Persian, Urdu, Sindhi, Punjabi)
+* (bug 16656) cleanupTitles and friends should now work in load-balanced
+ DB environments when $wgDBserver isn't set.
+* (bug 3691) Aspect ratio from viewBox attribute is now preserved for SVG
+ images which do not specify width and height attributes.
+* (bug 15027) Internet domain names and IP addresses can now be indexed and
+ searched sensibly with the default MySQL search backend.
+* (bug 11733) Fixed parameter validation in importTextFile.php
+* (bug 16712) Special:NewFiles updated to use "newer"/"older" paging messages
+ for clarity over "previous/next"
+* (bug 16612) Fixed "noprint" class for Modern skin print style
+* Section anchors now have an "id" attribute as well as a "name" attribute,
+ even when Tidy is not used
+* (bug 16026) revision-info, revision-info-current, cannotdelete,
+ redirectedfrom, historywarning and difference messages now use Wiki text
+ rather than raw HTML markup
+* (bug 13835) Fix rendering of {{filepath:Wiki.png|nowiki}}
+* (bug 16772) Special:Upload now correctly rejects files with spaces in the
+ file extension (e.g. Foo. jpg).
+* Image moving over an existing file no longer throws a database error
+* (bug 16786) Restored "redundant" links recently removed from Classic sidebar
+* (bug 16850) $wgActionPaths can have query strings now, previously, this broke
+ local URLs
+* (bug 16376) Mention in deleteBatch.php and moveBatch.php maintenance scripts
+ that STDIN can be used for page list
+* (bug 16560) Special:Random returns a page from ContentNamespaces, and no
+ longer from NS_MAIN
+
+=== API changes in 1.14 ===
+
+* Registration time of users registered before the DB field was created is now
+ shown as empty instead of the current time.
+* API search now falls back to fulltext search by default when using Lucene
+ or other engine which doesn't support a separate title search function.
+ This means you can use API search on Wikipedia without explicitly adding
+ &srwhat=text to the query.
+* Added iiprop=bitdepth to imageinfo and aiprop=bitdepth to allimages
+* (bug 14713) API-specific permissions (such as 'writeapi' and 'apihighlimits'
+ are now listed on action=help
+* (bug 15044) Added requestid parameter to api.php to facilitate distinguishing
+ between requests
+* (bug 15048) Added limit field for multivalue parameters to action=paraminfo
+ output.
+* When the limit on multivalue parameters is exceeded, a warning is issued
+* list=search doesn't list missing pages any more
+* (bug 15178) Added clshow to prop=categories to allow filtering for hidden/
+ non-hidden categories
+* (bug 15228) Combining revids= and redirects now throws a warning instead of
+ an error, and still resolves redirects generated by the generator.
+* list={backlinks,embeddedin,imageusage} now return arrays with keys 0, 1, 2,
+ etc. (AKA lists) instead of arrays with pageIDs as keys (AKA hash tables)
+ for consistency with other list modules.
+* Added action=watch
+* (bug 15275) apprefix and related parameters ignore spaces at the end
+* action=edit no longer throws unknown error 228 when trying to create an
+ empty section with section=new
+* Database replication lag doesn't cause all action=edit requests to return the
+ nochange flag any more
+* (bug 15392) ApiFormatBase::formatHTML now uses $wgUrlProtocols.
+* (bug 15444) action=edit returns "Unknown error: ``AS_END''" where it should
+ return just "Unknown error"
+* (bug 15448) YAML output returns empty values instead of 0
+* (bug 15445) Added action=patrol
+* (bug 15466) Added action=purge
+* (bug 15486) action=block ignores autoblock parameter
+* (bug 15492) added rcprop=loginfo to list=recentchanges
+* (bug 15527) action=rollback can now revert anonymous editors
+* (bug 15535) prop=info&inprop=protection doesn't list pre-1.10 protections
+ if the page is also protected otherwise (1.10+ style or cascading)
+* list=random now has rnredirect parameter, to get random redirects.
+* Added APIAfterExecute, APIQueryAfterExecute and APIQueryGeneratorAfterExecute
+ hooks which allow for extending core modules in a cleaner way
+* action=protect checks for invalid protection types and levels
+* (bug 15673) Added indentation to format=wddxfm output and improved built-in
+ WDDX formatter to resemble PHP's more
+* (bug 15706) Empty values for apprtype and apprlevel are now silently ignored
+ rather than causing an exception
+* Added uiprop=preferencestoken to meta=userinfo
+* (bug 15609) Add inprop=url and inprop=readable to prop=info
+* Add ApiDisabled and ApiQueryDisabled classes so individual modules can
+ be disabled in LocalSettings.php
+* (bug 15653) Add prop=duplicatefiles
+* (bug 15768) Add list=watchlistraw
+* (bug 15647) action=edit with basetimestamp fails if the page has been deleted
+ and undeleted since the last edit
+* (bug 15785) Allow for different expiry times for different protections in
+ action=protect
+* Added allowsduplicates attribute to action=paraminfo output
+* (bug 15767) apfilterlanglinks returns duplicate results
+* (bug 15845) Added pageid/fromid parameter to action=delete/move, making
+ manipulation of legacy pages with invalid titles possible
+* (bug 15881) Empty or invalid parameters cause database errors
+* The maxage and smaxage parameters are now properly validated
+* (bug 15945) list=recentchanges doesn't check $wgUseRCPatrol, $wgUseNPPatrol
+ and patrolmarks right
+* (bug 15985) acfrom and aifrom parameters didn't work when sorting in
+ descending order.
+* (bug 15995) Add cmstartsortkey and cmendsortkey parameters to
+ list=categorymembers
+* (bug 16017) list=categorymembers sets invalid continue parameters for
+ sortkeys containing pipes
+* (bug 16018) Added uccontinue parameter to list=usercontribs so paging
+ works properly when multiple users are queried or a userprefix is used
+* (bug 16047) Added activeusers attribute to meta=siteinfo&siprop=statistics
+ output
+* Added redirect resolution to action=parse
+* (bug 16074) rvprop=content combined with a generator with a high limit causes
+ an error
+* (bug 16105) Image metadata attributes containing spaces result in invalid XML
+* (bug 16126) Added siprop=magicwords to meta=siteinfo
+* (bug 16159) Added wlshow=patrolled|!patrolled to list=watchlist
+* (bug 16225) Titles like Talk:Talk:Foo broke apfrom and friends
+* meta=siteinfo&siprop=interwikimap no longer throws an exception for empty
+ sifilter parameter.
+* (bug 12760) meta=userinfo&uiprop=ratelimits doesn't list group-specific rate
+ limits
+* (bug 16398) meta=userinfo&uiprop=rights lists some rights twice in some cases
+* (bug 16408) Added rvgeneratexml to prop=revisions
+* (bug 16421) Made list=logevents's leuser accept user names with underscores
+ instead of spaces
+* (bug 16516) Made rvsection=T-2 work
+* (bug 16526) Added usprop=emailable to list=users
+* (bug 16548) list=search threw errors with an invalid error code
+* (bug 16515) Added pst and onlypst parameters to action=parse
+* (bug 16541) Added block expiry timestamp to list=logevents output
+* (bug 16613) action=protect doesn't tell when &cascade was set but cascading
+ protection wasn't allowed
+* (bug 16626) action=delete now correctly handles empty "reason" param
+* (bug 15579) clshow considers all categories !hidden
+* (bug 16647) list=allcategories, prop=categories don't return "hidden"
+ property for hidden categories
+* New siprop parameter of 'extensions' to list all installed extensions
+* (bug 16672) Include canonical namespace name in
+ meta=siteinfo&siprop=namespaces.
+* (bug 16726) siprop=namespacealiases should also list localized aliases
+* (bug 16730) Added apprfiltercascade parameter to list=allpages to filter
+ cascade-protected pages
+
+=== Languages updated in 1.14 ===
+
+MediaWiki supports over 300 languages. Many localisations are updated
+regularly. Below only new and removed languages are listed.
+
+* Bakhtiari (bqi) (new)
+* Fiji Hindi (Devanagari script) (hif-deva) (new)
+* Krio (kri) (new)
+* Lezghian (lez) (new)
+* Laz (lzz) (new)
+* Eastern Mari (mhr) (new)
+* Niuean (niu) (new)
+* Oromo (om) (new)
+* Plautdietsch (pdt) (new)
+* Western Punjabi (pnb) (new)
+* Tarantino (roa-tara) (new)
+* Serbo-Croatian (sh) (new)
+* Tulu (tcy) (new)
+
+
+== MediaWiki 1.13 ==
+
+== Changes since 1.13.2 ==
+
+David Remahl of Apple's Product Security team has identified a number of
+security issues in previous releases of MediaWiki. Subsequent analysis by the
+MediaWiki development team expanded the scope of these vulnerabilities. The
+issues with a significant impact are as follows:
+
+* An XSS vulnerability affecting all MediaWiki installations between 1.13.0 and
+ 1.13.2. [CVE-2008-5249]
+* A local script injection vulnerability affecting Internet Explorer clients for
+ all MediaWiki installations with uploads enabled. [CVE-2008-5250]
+* A local script injection vulnerability affecting clients with SVG scripting
+ capability (such as Firefox 1.5+), for all MediaWiki installations with SVG
+ uploads enabled. [CVE-2008-5250]
+* A CSRF vulnerability affecting the Special:Import feature, for all MediaWiki
+ installations since the feature was introduced in 1.3.0. [CVE-2008-5252]
+
+XSS (cross-site scripting) vulnerabilities allow an attacker to steal an
+authorised user's login session, and to act as that user on the wiki. The
+authorised user must visit a web page controlled by the attacker in order to
+activate the attack. Intranet wikis are vulnerable if the attacker can
+determine the intranet URL.
+
+Local script injection vulnerabilities are like XSS vulnerabilities, except
+that the attacker must have an account on the local wiki, and there is no
+external site involved. The attacker uploads a script to the wiki, which another
+user is tricked into executing, with the effect that the attacker is able to act
+as the privileged user.
+
+CSRF vulnerabilities allow an attacker to act as an authorised user on the wiki,
+but unlike an XSS vulnerability, the attacker can only act as the user in a
+specific and restricted way. The present CSRF vulnerability allows pages to be
+edited, with forged revision histories. Like an XSS vulnerability, the
+authorised user must visit the malicious web page to activate the attack.
+
+These four vulnerabilities are all fixed in this release.
+
+David Remahl also reminded us of some security-related configuration issues:
+
+* By default, MediaWiki stores a backup of deleted images in the images/deleted
+ directory. If you do not want these images to be publically accessible, make
+ sure this directory is not accessible from the web. MediaWiki takes some steps
+ to avoid leaking these images, but these measures are not perfect.
+* Set display_errors=off in your php.ini to avoid path disclosure via PHP fatal
+ errors. This is the default on most shared web hosts.
+* Enabling MediaWiki's debugging features, such as $wgShowExceptionDetails, may
+ lead to path disclosure.
+
+Other changes in this release:
+
+* Avoid fatal error in profileinfo.php when not configured.
+* Add a .htaccess to deleted images directory for additional protection against
+ exposure of deleted files with known SHA-1 hashes on default installations.
+* Avoid streaming uploaded files to the user via index.php. This allows
+ security-conscious users to serve uploaded files via a different domain, and
+ thus client-side scripts executed from that domain cannot access the login
+ cookies. Affects Special:Undelete, img_auth.php and thumb.php.
+* When streaming files via index.php, use the MIME type detected from the
+ file extension, not from the data. This reduces the XSS attack surface.
+* Blacklist redirects via Special:Filepath. Such redirects exacerbate any
+ XSS vulnerabilities involving uploads of files containing scripts.
+* Internationalisation updates.
+
+== Changes since 1.13.1 ==
+
+* Security: Work around misconfiguration by requiring strict comparisons for
+ in_array in User::isAllowed().
+* (bug 14944) Added $wgShellLocale for configuration of an appropriate locale
+ to use for LC_CTYPE during shell invocation. For servers that don't have
+ en_US.utf8. Also added locale detection during install.
+* Localisation updates
+* Security: Fixed XSS vulnerability in useskin parameter.
+
+== Changes since 1.13.0 ==
+
+* (bug 15460) Fixed intermittent deadlock errors and poor concurrent
+ performance for installations without memcached.
+* (bug 13770) Fixed DOM module detection for installations with both dom
+ and domxml.
+* (bug 15148) Fixed Special:BlockIP for PostgreSQL
+* Fixed SQLite support for non-memcached installations
+* Localisation updates, Achinese (ace) added.
+
+== Changes since 1.13.0rc2 ==
+
+* (bug 13770) Fixed incorrect detection of PHP's DOM module
+* Fix regression from r37834: accesskey tooltip hint should be given for the
+ minor edit and watch labels on the edit page.
+* Updated Chinese simplified/traditional conversion tables
+
+== Changes since 1.13.0rc1 ==
+
+* $wgForwardSearchUrl has been removed entirely. Documented setting since 1.4
+ has been $wgSearchForwardUrl.
+* (bug 14907) DatabasePostgres::fieldType now defined.
+* (bug 14966) Fix SearchEngineDummy class for silently non-functional search
+ on Sqlite instead of horribly fatal error breaky one.
+* (bug 14987) Only fix double redirects on page move when the checkbox is
+ checked
+* (bug 13376) Use $wgPasswordSender, not $wgEmergencyContact, as return
+ address for page update notification mails.
+* API: Registration time of users registered before the DB field was created is now
+ shown as empty instead of the current time.
+* (bug 14904): fragments were lost when redirects were fixed.
+* Added magic word __STATICREDIRECT__ to suppress the redirect fixer
+* (bug 15035) Revert English linkTrail to /^([a-z]+)(.*)$/sD, as it was before
+ r36253. Multiple reports of breakage due to old (pre-5.0) PCRE libraries,
+ both bundled with PHP and packaged with distros such as RHEL.
+* (bug 14944) Shell invocation of external programs such as ImageMagick convert
+ was broken in PHP 5.2.6, if the server had a non-UTF-8 locale.
+
+
+=== Configuration changes in 1.13 ===
+
+* New option $wgFeed can be set false to turn off syndication feeds
+* (bug 5745) Special:Whatlinkshere now shows up to $wgMaxRedirectLinksRetrieved
+ links through each redirect instead of hardcoded 500
+* Set $wgUploadSizeWarning to false by default
+* Added $wgLBFactoryConf, for generic configuration of multi-master wiki farms
+* Removed $wgAlternateMaster, use $wgLBFactoryConf
+* (bug 13562) Misspelled option $wgUserNotifedOnAllChanges changed to
+ $wgUserNotifiedOnAllChanges
+* (bug 12860) New option $wgSitemapNamespaces allows sitemaps to be generated
+ for only some namespaces
+* Removed the emailconfirmed implicit group by default. To re-add it, use:
+ $wgAutopromote['emailconfirmed'] = APCOND_EMAILCONFIRMED;
+ in your LocalSettings.php.
+* (bug 2396) New shared database configuration variables. $wgSharedPrefix allows
+ you to use a shared database with a different prefix. Or you can now use a local
+ database and use prefixes to separate wiki and the shared tables. And the new
+ $wgSharedTables variable allows you to specify a list of tables to share.
+* Automatic edit summaries can be disabled with $wgUseAutomaticEditSummaries
+* Duplicates of images are now shown on the image page
+* $wgRCFilterByAge allows for the list of dates in recent changes special pages to
+ be filtered to only those within the range of $wgRCMaxAge
+* $wgRCLinkLimits and $wgRCLinkDays allow for customization of the list and limits
+ displayed on the recent changes special pages
+* The "createpage" permission is no longer required when uploading if the target
+ image page already exists
+* $wgMaximumMovedPages restricts the number of pages that can be moved at once
+ (default 100) with the new subpage-move functionality of Special:Movepage
+* Hooks display in Special:Version is now disabled by default, use
+ $wgSpecialVersionShowHooks = true; to enable it.
+* $wgActiveUserEditCount sets the number of edits that must be performed over
+ a certain number of days to be considered active
+* $wgActiveUserDays is that number of days
+* $wgRateLimitsExcludedGroups has been deprecated in favor of
+ $wgGroupPermissions[]['noratelimit']. The former still works, however.
+* New $wgGroupPermissions option 'move-subpages' added to control bulk-moving
+ subpages along with pages. Assigned to 'user' and 'sysop' by default.
+* New $wgRC2UDPOmitBots allows user to omit bot edits from UDP output.
+ Default: false
+* Removed $wgEnableCascadingProtection option. Disabling cascading protection
+ is no longer possible.
+* $wgMessageCacheType defines now the type of cache used by the MessageCache class,
+ previously it was choosen based on $wgParserCacheType
+* $wgExtensionAliasesFiles option to simplify adding aliases to special pages
+ provided by extensions, in a similar way to $wgExtensionMessagesFiles
+* Added $wgXMLMimeTypes, an array of XML mimetypes we can check for
+ with MimeMagic.
+* Added $wgDirectoryMode, which allows for setting the default CHMOD value when
+ creating new directories.
+* (bug 14843) $wgCookiePrefix can be set by LocalSettings now, false defaults
+ current behavior.
+
+=== New features in 1.13 ===
+
+* __HIDDENCAT__ on a category page causes the category to be hidden on the
+ article page
+* Do not show edit permissions errors on a red link click, just redirect to the
+ article. This is so that readers who don't know what a red link is are not
+ confused when they are told they are range-blocked.
+* Add a new hook ImageBeforeProduceHTML to allow extensions to modify wikitext
+ image syntax output
+* (bug 13100) Added 'preloadtitle' parameter to action=edit&section=new that
+ pre-fills the section title field
+* (bug 13112) Added Special:RelatedChanges alias to Special:RecentChangesLinked
+* (bug 13130) Moved edit token and autosummary fields above edit tools to
+ reduce broken form submissions
+* Add --old-redirects-only option to maintenance/refreshLinks.php, to add old
+ redirects to the redirect table
+* Add links to page and file deletion forms to edit predefined delete reasons
+* (bug 13269) Added MediaWiki:Uploadfooter to the bottom of Special:Upload
+* (bug 2815) Search results for media now use thumbnail instead of text extract
+* When a page doesn't exist, the tab should say "create", not "edit"
+* (bug 12882) Added a span with class "patrollink" around "Mark as patrolled"
+ link on diffs
+* Magic word formatnum can now take raw suffix to undo formatting
+* Add updatelog table to reliably permit updates that don't change the schema
+* Add category table to allow better tracking of category membership counts
+** (bug 1212) Give correct membership counts on the pages of large categories
+** Use category table for more efficient display of Special:Categories
+* (bug 1459) Search for duplicate files by hash: Special:FileDuplicateSearch
+* (bug 9447) Added hooks for search result headings
+* Image redirects are now enabled by default
+* (bug 13450) Email confirmation can now be canceled before the expiration
+* (bug 13490) Show upload/file size limit on upload form
+* Redesign of Special:UserRights
+* Make rev_deleted log entries more intelligible
+* (bug 6943) Added PAGESINCATEGORY: magic word
+* (bug 13604) Added Special:ListGroupRights
+* (bug 6332, 8617) Added message 'mainpage-description' as duplicate of
+ 'mainpage' and added it to message 'sidebar'
+* Automatically add old redirects to the redirect table when needed
+* (bug 6934) Allow inclusions, links, redirects to be separately toggled on or
+ off on Special:WhatLinksHere
+* Cache image redirects
+* (bug 10457) Organize Special:SpecialPages into sections
+* Add a new hook EditPageBeforeConflictDiff to allow extensions like FCKeditor
+ to modify the output for edit conflicts
+* Add class="nested" for <fieldset>s so fieldsets inside fieldsets get
+ a slightly less huge margin and padding
+* (bug 13527) Use sitemaps.org format 0.9 instead of a Google-specific format
+* Allow \C and \Q as TeX commands to match \R, \N, \Z
+* On Special:UserRights, when you can add a group you can't remove or remove
+ one you can't add, a notice is printed to warn you
+* (bug 12698) Create PAGESIZE parser function, to return the size of a page
+* Allow the "log in / create account" link in the toolbar to have different
+ text from Special:UserLogin title (new message 'nav-login-createaccount')
+* Say "log in / create account" if an anonymous user can create an account,
+ otherwise just "log in", consistently across skins
+* Special:Shortpages and Special:Longpages now returns pages in all content
+ namespaces, not just NS_MAIN.
+* (bug 889) Improve conflict-handling between shared upload repository
+ and local one
+* Update documentation links in auto-generated LocalSettings.php
+* (bug 13584) The new hook SkinTemplateToolboxEnd was added.
+* (bug 709) Cannot rename/move images and other media files [EXPERIMENTAL]
+* Custom rollback summaries now accept the same arguments as the default message
+* (bug 12542) Added hooks for expansion of Special:Listusers
+* Drop-down AJAX search suggestions (turn on $wgEnableMWSuggest)
+* More relevant search snippets (turn on $wgAdvancedSearchHighlighting)
+* (bug 13950) Allow users to watch the user/talk pages of users they block.
+* (bug 13970) Allow MonoBook-based skins to specify their own print stylesheet
+* Show image links on Special:Whatlinkshere
+* Use rel="start", "prev", "next" appropriately on Pager-based pages
+* Add support for SQLite
+* AutoAuthenticate hook renamed to UserLoadFromSession
+* (bug 13232) importScript(), importStylesheet() funcs available to custom JS
+* (bug 13095) Search by first letters or digits in [[Special:Categories]]
+* Users moving a page can now move all subpages automatically as well
+* (bug 14259) Localisation message for upload button on Special:Import is now
+ 'import-upload' instead of 'upload'
+* Add information about user group membership to Special:Preferences
+* (bug 14146) Wrap usage section on imagepages into <div>s.
+* New layout for Special:Specialpages. Restricted pages are marked but not separated
+ from other pages in their group.
+* (bug 14263) Show a diff of the revert on rollback notification page.
+* (bug 13434) Show a warning when hash identical files exist
+* Sidebar is now cached for all languages
+* The User class now contains a public function called isActiveEditor. Figures
+ out if a user is active based on at least $wgActiveUserEditCount number of
+ edits in the last $wgActiveUserDays days.
+* SpecialSearchResults hook now passes results by reference, so they can be
+ changed by extensions.
+* Add a new hook LinkerMakeExternalLink to allow extensions to modify the output of
+ external links.
+* (bug 14132) Allow user to disable bot edits from being output to UDP.
+* (bug 14328) jsMsg() within Wikibits now accepts a DOM object, not just a string
+* (bug 14558) New system message (emailuserfooter) is now added to the footer of
+ e-mails sent with Special:Emailuser
+* Add support for Hijri (Islamic) calendar
+* Add a new hook LinkerMakeExternalImage to allow extensions to modify the output
+ of external (hotlinked) images.
+* (bug 14604) Introduced the following features for the LanguageConverter:
+ Multi-tag support, single conversion flag, remove conversion flag on a single
+ page, description flag, variant name, multi-variant fallbacks.
+* Add zh-mo and zh-my variants for the zh language
+* (bugs 4832, 9481, 12890) Special:Recentchangeslinked now has all options that
+ are in Special:Recentchanges
+* Allow an $error message to be passed to ArticleDelete hook
+* Allow extensions to modify the user creation form by calling addInputItem();
+* Add meta generator tag to HTML output
+* MediawikiPerformAction hook is now passed the Mediawiki object
+* Added blank special page Special:BlankPage for benchmarking, etc.
+* Foreign repo file descriptions and thumbnails are now cached.
+* (bug 11732) Allow localisation of edit button images
+* Allow the search box, toolbox and languages box in the Monobook sidebar to be
+ moved around arbitrarily using special sections in [[MediaWiki:Sidebar]]:
+ SEARCH, TOOLBOX and LANGUAGES
+* Add a new hook NormalizeMessageKey to allow extensions to replace messages before
+ the database is potentially queried
+* (bug 9736) Redirects on Special:Fewestrevisions are now marked as such.
+* New date/time formats in Cs localization according to ČSN and PČP.
+* Special:Recentchangeslinked now includes changes to transcluded pages and
+ displayed images; also, the "Show changes to pages linked" checkbox now works on
+ category pages too, showing all links that are not categorizations
+* (bug 4578) Automatically fix redirects broken by a page move
+
+=== Bug fixes in 1.13 ===
+
+* (bug 10677) Add link to the file description page on the shared repository
+* (bug 13084) Increase size of source/destination filename fields in upload form
+* (bug 13115) rebuildrecentchanges should print the current value of $wgRCMaxAge
+* (bug 13140) Show parent categories in category namespace
+* (bug 13149) Correctly format 'fileexists' message on Upload page
+* Make the default filepageexists message accurate
+* (bug 12988) $wgMinimalPasswordLength no longer breaks create user by email
+* (bug 13022) Fix upload from URL on PHP 5.0.x
+* (bug 13132) Unable to unprotect pages protected with earlier versions of MediaWiki
+* (bug 12723) OpenSearch description name now uses more compact language code
+ to avoid passing the length limit as often, is customizable per site via
+ 'opensearch-desc' message.
+* (bug 13135) Special:Userrights now passes IDs through form submission
+ to allow functionality on not-quite-right usernames
+* (bug 12575) Prevent duplicate patrol log entries from being created
+* (bug 13174) __HIDDENCAT__ now applies only to category pages
+* (bug 13031) Add links to user pages in e-mail form
+* (bug 13147) Description for categoriespagetext (used in Special:Categories) reworded
+* (bug 11561) Fix fatal error when calling action=revert to non-image page
+* (bug 12430) Fix call to private method LinkFilter::makeRegex fatal error in
+ maintenance/cleanupSpam.php
+* All skins should have the "mediawiki" class on the body element
+* (bug 13019) Message cache for some extensions not loaded at time of editing
+* (bug 13247) Prettified ISBN links
+* maintenance/refreshLinks.php did not fix page_id 1 with the --new-only option
+* (bug 13110) Don't show "Permission error" page if the edit is already rolled
+ back when using rollback
+* (bug 13012) Use content messages for block options when generating the
+ recentchanges entry
+* (bug 13274) Change links for messages to ucfirst
+* (bug 13273) Un-hardcode some punctuation (add new messages colon-separator,
+ autocomment-prefix)
+* Parse MediaWiki message translations with a correct language setting on preview
+* (bug 13281) Treat X-Forwarded-For, Client-ip and User-Agent headers as
+ case-insensitive names.
+* Adding the fix for lists in RTL wikis to more skins, and fixing the image toc
+* (bug 8157) Remove redirects from Special:Unusedtemplates. Patch by WebBoy.
+* (bug 10721) Duplicate section anchors with differing case now disambiguated
+ for Internet Explorer's sake and standards compliance
+* (bug 13298) Tighter limits on Special:Newpages limits when embedding
+* Email subject in content language instead of sending user's UI language
+* (bug 13251) Allow maintenance rebuild scripts to work with Postgres
+* (bug 2084) Fixed incorrect regex to match redirects
+* (bug 3131) Manually-specified upload destination filename is no longer
+ overwritten by browsing for a file after you wrote it.
+* (bug 7251) Sidebars generated by MediaWiki:Sidebar now have the class
+ 'generated-sidebar'.
+* (bug 13265) Media handler is missing 'image/x-bmp'
+* (bug 13407) MediaWiki:Powersearch is used in two places
+* (bug 13403) Fix cache invalidation of history pages when old revisions change
+* (bug 11563) Deprecated SearchMySQL4 class; merged code to SearchMySQL
+* (bug 12801) Fix link in subtitle message in AJAX search
+* (bug 13428) Fix regression in protection form layout HTML validity
+* (bug 9403) Sanitize newlines from search term input
+* (bug 13429) Separate date and time in message sp-newimages-showfrom
+* (bug 13137) Allow setting 'editprotected' right separately from 'protect',
+ so groups may optionally edit protected pages without having 'protect' perms
+* Disallow deletion of big pages by means of moving a page to its title and
+ using the "delete and move" option.
+* (bug 13466, 13632) White space differences not shown in diffs
+* (bug 1953) Search form now honors namespace selections more reliably
+* (bug 12294) Namespace class renamed to MWNamespace for PHP 5.3 compatibility
+* PHP 5.3 compatibility fix for wfRunHooks() called with no parameters
+* (bug 6447) Trackbacks now work with transactional tables, if enabled
+* (bug 6892, 7147) Trackback error handling, optional fields more robust
+* (bug 6813) Don't break HTML validator when using trackbacks
+* Fix for size checks on SVG images with global 'stroke-width' attribute
+* (bug 11874) Inline CSS with !important no longer borken
+* (bug 1600) Strip extra == section markup == in new-comment field
+* (bug 11325) Wrapped page titles in MonoBook skin spaced more nicely
+* (bug 12077) Fix HTML nesting for TOC
+* (bug 344) Purge cache for talk/article pages when deleting the other tab
+* (bug 13436) Treat image captions correctly when they include option keywords
+ (like ending with "px" or starting with "upright")
+* Trackback display formatting fixed
+* Don't die when single-element arrays are passed to SQL query constructors
+ that have an array index other than 0
+* (bug 13522) Fix fatal error in Parser::extractTagsAndParams
+* (bug 13532) Use proper timestamp call when reverting images
+* (bug 13543) Updated FAQ link in the installer sidebar
+* (bug 13540) Date format in confirmation e-mail now matches message language
+* (bug 13554) PHP Notice in old pre-processor when list item is empty.
+* (bug 13556) Don't show a blank form if no image is attached in Special:Upload
+* (bug 13576) maintenance/rebuildrecentchanges.php fails
+* (bug 13441) Allow Special:Recentchanges to show bots only
+* (bug 13431) Show true message source in Special:Allmessages&ot=php / xml
+* (bug 13463) Login successful page doesn't use user's preferred interface language
+* (bug 13630) Fixed warnings for pass by reference at call time in
+ Special:Revisiondelete when generating the log entry.
+* (bug 12064) BeforePageDisplay hook is now called for all skins
+* (bug 13624) Fix regression with manual thumb= parameter on images
+* (bug 11039) Add missing labels on protection form
+* (bug 13458) Preview/edit toolbar spacing now works consistently
+* (bug 13433) Fix action=render on Image: pages
+* (bug 13678) Fix CSS validation for Monobook
+* (bug 13684) Links in Special:ListGroupRights should be in content language
+* (bug 13690) Fix PHP notice on accessing some URLs
+* Hide (undo) link if user isn't able to edit page
+* Invalidate cache of pages that includes images via redirects on upload
+* (bug 13705) Don't show rollback link in page history on incorrect revisions
+* (bug 13708) Don't set "Search results" title when loading Special:Search
+ without query
+* (bug 13736) Don't show MediaWiki:Anontalkpagetext on non-existent IP addresses
+* (bug 13728) Don't trim initial whitespace during section edits
+* (bug 13727) Don't delete log entries from recentchanges on page deletion
+* (bug 13752) Redirects to sections now work again
+* (bug 13725) Upload form watch checkbox state set correctly with wpDestFile
+* (bug 13756) Don't show the form and navigation links of Special:Newpages if
+ the page is included
+* When hiding things on WhatLinksHere, generated URLs should hide them too
+* Properly escape search terms with regex chars so they appear highlighted in
+ search results
+* (bug 13768) pt_title field encoding fixed
+* Do not display empty columns on Special:UserRights if all groups are
+ changeable or all unchangeable
+* Fix fatal error on calling PAGESINCATEGORY with invalid category name
+* (bug 13793) Special:Whatlinkshere filters wrong - after paginating instead of before
+* (bug 13796) Show links to parent pages even if some of them are missing
+* (bug 13816) Filter by main namespace doesn't work on WhatLinksHere
+* (bug 13822) Fatal error on some pages when calculating subpage subtitle
+* (bug 13824) AJAX search suggestion now works with non-SkinTemplate skins
+* Added 'application/x-dia-diagram' MediaWiki's known MIME types
+* (bug 13866) skins/common/shared.css - invalid attribute fixing
+* Hide edit section links on Special:Undelete
+* (bug 13860) Fix "Justify paragraphs" option for Modern skin
+* (bug 13168) accessibility links in Modern skin link to wrong anchor id
+* (bug 13185) No line break after 'subpages' class in Modern skin
+* (bug 13583) No "poweredby" in Modern skin
+* (bug 13880) "Printable" link in Modern skin now formats as print mode
+* (bug 13885) Bump default $wgSVGMaxSize from 1024 to 2048 pixels
+* (bug 13891) Show categories box even if all categories are hidden and user has
+ "show hidden categories" option on
+* (bug 13915) Undefined variable $wltsfield in includes/SpecialWatchlist.php
+* (bug 13913) Special:Whatlinkshere now has correct HTML markup
+* (bug 13905) Blacklist Mac IE from HttpOnly cookies; it eats them sometimes
+* (bug 13922) Fix bad HTML on empty Special:Prefixindex and Special:Allpages
+* (bug 13924) Fix bad HTML on power search form
+* (bug 13820) Fix updater for rev_parent_id population
+* (bug 13925) Fix bad HTML on search results list
+* (bug 13934) Fixing the link to GNU General Public License Version 2
+* Show correct accesskey prefix for Firefox 3 beta (Alt-Shift-, not Alt-)
+* (bug 13949) Special:PrefixIndex/AllPages paging links contain invalid XML
+* (bug 13770) Use Preprocessor_Hash by default to avoid missing DOM module errors
+* (bug 13982) Disable ccmeonemails preference when user-to-user mails disabled
+* (bug 13615) Update case mappings and normalization to Unicode 5.1.0
+ Note that case mappings will only be used if mbstring extension is not present.
+* (bug 14044) Don't increment page view counters on views from bot users
+* (bug 14042) Calling Database::limitResult() misplaced the comment in the log file
+* (bug 14047) Fix regression in installer which hid DB-specific options
+ Also makes SQLite path configurable in the installer.
+* (bug 13546) Follow image redirects on image page
+* (bug 12644) Template list on edit page now sorted on preview
+* (bug 14058) Support pipe trick for namespaces and interwikis with "-"
+* Message name filter on Special:Allmessages now case-insensitive
+* (bug 13943) Fix image redirect behavior on image pages
+* (bug 14093) Do 'sysop' => 'protect' magic in Title::isValidMoveOperation
+* (bug 14063) Power search form missing <label> for redirects check
+* (bug 14111) Similar filename warning links now lead to correct page
+* (bug 14082) Fix for complex text input vs AJAX suggestions on some browsers
+* (bug 13693) Categories sometimes claim to have a negative number of members
+* (bug 1701) Korean Hangul syllables now broken down properly in Category lists
+ even if the wiki's overall content language is not Korean
+* (bug 12773) addOnloadHook() now calls functions immediately when scripts are
+ loaded after the primary page completion, instead of dropping them
+* (bug 14199) Fix deletion form for image redirect pages
+* (bug 14220) Disabling $wgCheckFileExtensions now works without also
+ disabling $wgStrictFileExtensions
+* (bug 14241) Pages can no longer be protected to levels you are not in
+* (bug 14296) Fix local name of ang: (Anglo-Saxon)
+* (bug 4871) Hardcoded superscript in time zone preferences moved to message
+* (bug 6957) E-mail confirmation links now using English special page name
+ for better compatibility and keeping the links shorter. Avoids problem
+ with corrupt links in Gmail on IE 6.
+* (bug 14273) Fix for HTTP Accept header parsing with spaces as from Konqueror
+* (bug 14312) Update LanguageKaa.php for handling transform issues with i to İ
+ and I to ı
+* (bug 13826) MediaWiki:Defaultns accepts Wikicode
+* (bug 14324) Creating an account is again possible with $wgEmailConfirmToEdit
+ set to true
+* (bug 13034) Interwiki pages can now be reached using Go search button
+* (bug 14362) Change interwiki names of Erzya and Moksha Wikipedias
+* (bug 14370) When a grouppage-x message does not exist the entry on the
+ ListGroupRights special page now links to the project namespace page for it,
+ not the main namespace page.
+* (bug 11659) Urldecode image names in galleries
+* (bug 14258, 14368) Fix for subpage renames in replication environments
+* (bug 14367) Failed block no longer adds phantom watchlist entry
+* (bug 14385) "Move subpages" option no longer tries to move to invalid titles
+* (bug 14386) Fix subpage namespace oddity when moving a talk page
+* (bug 11771) Signup form now not shown if in read-only mode.
+* (bug 12859) $wgRateLimitsExcludedGroups has been deprecated in favor of
+ $wgGroupPermissions[]['noratelimit'].
+* (Bug 13828) Split parameter $1 of MediaWiki:Missingarticle into $1 (=title)
+ and $2 (=revision numbers)
+* (bug 14401) Fix Safari access key tooltips for Windows and >3.1 Mac versions
+* (bug 14432) Fix notice regression in Special:Newpages feed mode
+* (bug 11951) EditPage::getEditToolbar() is now static.
+* (bug 14392) Fix regression breaking table prefix in installer
+* (bug 11084) $wgDBprefix replacement for updater SQL will now work for
+ extension tables using uppercase letters or digits in their names.
+* (bug 12311) Fix regression with lists at start of undeletion preview
+* (bug 14496) Fix regression with parseinline on Special:Upload.
+* We no longer just give up on a missing upload base directory; it's now
+ created automatically if we have sufficient permissions!
+* (bug 14479) MediaWiki:upload-maxfilesize should have a div id wrapper
+* (bug 14497) Throw visible errors in installer scripts when SQL files
+ fail due to database permission or other error
+* (bug 14500) Site feed (Recentchanges) no longer shows up on the actual
+ recent changes page.
+* (bug 14511) MediaWiki:Delete-legend is no longer double escaped
+* Generate correct section anchors for numeric headers
+* (bug 14520) Don't load nonexistent CSS files for Chick/Myskin/Simple skins
+* (bug 14551) Cancel upload no longer automatically suppresses warnings
+* (bug 13878) Deprecate Article::getDB() in favor of direct wfGetDB() calls
+* (bug 4977) Fix for possible squid purging errors when using HTTP purges
+ and multiple servers
+* (bug 14572) Redirects listed on file links on image pages no longer redirect.
+* (bug 14537) Change interwiki name for Old Church Slavonic (cu)
+* (bug 14583) Fix regression in recent changes "limit to certain categories."
+* (bug 14515) HTML nesting cleanup on edit form
+* (bug 14647) Removed unused 'townBox' CSS classes
+* (bug 14687) OutputPage::addStyle() now adds type="text/css" like it should.
+* OpenSearch cleanup; Firefox now sends you to the search page for empty
+ searches instead of the domain root (which may not even be a wiki).
+* (bug 3481) Pages moved shortly after creation are shown at their new title
+ on Special:Newpages.
+* (bug 12716) Trying to unprotect a title that isn't protected no longer
+ generates a log entry.
+* (bug 14088) Excessively long block expiry times are rejected as invalid,
+ keeps the log page from being distorted.
+* (bug 14708) Emulate INSERT...IGNORE with standard SQL for Postgres backend.
+* (bug 14646) Fix some double-escaping of HTML in feed output
+* (bug 14709) Fix login success message formatting when using cookie check
+* (bug 14710) Remove "donate" link from default sidebar
+* (bug 14745) Image moving works on sites that transform thumbnails via 404
+* (bug 2186) Document.write() in wikibits caused failures when using
+ application/xhtml+xml. The calls to this have been removed.
+* (bug 14764) Fix regression in from Article::lastModified(), failed to work
+ on non-mySQL schemas.
+* (bug 14763) Child classes of Database (DatabasePostgres and DatabaseOracle)
+ had strict standards issues with setFakeSlaveLag() and setFakeMaster().
+* (bug 451) Improve the phrase mappings of the Chinese converter arrays.
+* (bug 12487) Rights log is not fully internationalized
+* (bug 10837) Language variants no longer override other languages than base
+* (bug 14778) 'limit' parameter now applies to history feeds as well as
+ history pages
+* (bug 14845) Bug in prefs javascript: Calling an array item without checking
+ its existance.
+* Accesskeys for minor edit/watch checkboxes on edit now work in Firefox 3
+* (bug 12384) Comments in maintenance/*php
+* (bug 12441) ./maintenance/generateSitemap.php fix -fspath requiring
+ a trailing slash.
+* (bug 12568) configuration script now produce valid XHTML.
+* The accesskey to edit a page is now disabled when editing the page, to pre-
+ vent conflicts with Safari shortcuts.
+
+=== API changes in 1.13 ===
+
+* Fixing main page display in meta=siteinfo
+* (bug 13128) Added patrolled flag to list=recentchanges
+* Implemented {bl,ei,iu}redirect (lists links through redirects as well)
+* (bug 13154) Introduced subpages flag to meta=siteinfo&siprop=namespaces
+* (bug 13157) Added ucuserprefix parameter to list=usercontribs
+* (bug 12394) Added rctitles parameter to list=recentchanges, making rcid
+ retrieval easier
+* (bug 13218) Fix inclusion of " character in hyperlinks
+* Added watch and unwatch parameters to action=delete and action=move
+* Added action=edit
+* (bug 11401) Added xmldoublequote to xml formatter
+* Added rvsection parameter to prop=revisions to allow fetching the content of
+ a certain section only
+* Introduced list=allimages
+* (bug 13371) Build page set from image hashes
+* Mark non-existent messages in meta=allmessages as missing
+* (bug 13390) One invalid title no longer kills an entire API query
+* (bug 13419) Fix gblredirect so it actually works
+* (bug 13418) Disable eiredirect because it's useless
+* (bug 13395) list=allcategories should use category table
+* (bug 13442) Missing pages in prop=langlinks and prop=extlinks are now
+ handled properly.
+* (bug 13444) Add description to list=watchlist
+* (bug 13482) Disabled search types handled properly
+* Added inprop=talkid,subjectid to prop=info
+* Added help text message that specifies whether a module is POST-only
+* Added createonly parameter to action=edit
+* Replaced $wgAPIUCUserPrefixMinLength by the more generic $wgAPIMaxDBRows
+* (bug 11719) Remove trailing blanks in YAML output.
+* (bug 13541) Added siprop=specialpagealiases to meta=siteinfo
+* Added fallback8bitEncoding and readonly fields to
+ meta=siteinfo&siprop=general output
+* (bug 13544) Added prop=revid to action=parse
+* (bug 13603) Added siprop=usergroups to meta=siteinfo
+* Cleaned up redirect resolution
+* Added possibility to obtain all external links through list=exturlusage
+* (bug 13606) Added archivename to iiprop
+* (bug 11633) Explicitly convert redirect titles to strings due to PHP's
+ very weak typing on array keys.
+* (bug 12136) Extend allowed characters in JSON callback to ][.'"_A-Za-z0-9
+* (bug 11673) Return error 'unknown_action' in specified format
+* (bug 13618) Added rcprop=redirect and rcshow=redirect to list=recentchanges
+* (bug 13544) Added oldid parameter to action=parse to allow for parsing of old
+ revisions
+* (bug 13718) Return the proper continue parameter for cmsort=timestamp
+* action=login now returns the correct waiting time in the details property
+* (bug 13792) Broken titles are now silently skipped in search results.
+* (bug 13819) exturlusage paging skipped an item
+* Fixed handling of usernames containing spaces in list=block
+* (bug 13836) Fixed fatal errors resulting from combining iiprop=metadata with
+ format=xml
+* (bug 13735) Added prop=categoryinfo module
+* (bug 13945) Retrieve cascading protection sources via inprop=protection
+* (bug 13965) Hardcoded 51 limit on titles is too limiting
+* (bug 13993) apfrom doesn't work with apdir=descending
+* (bug 14018) Introduced alcontinue to list=alllinks to improve paging
+* (bug 14013) Added rcshow=patrolled to list=recentchanges
+* (bug 14028) Added language attribute to interwiki map in meta=siteinfo
+* (bug 14022) Added usprop=registration and auprop=blockinfo
+* (bug 14021) Removed titles= support from list=backlinks (has been obsolete
+ for ages)
+* (bug 13829) Expose parse tree via action=expandtemplates
+* (bug 13606) Allow deletion of images
+* Added iiprop=mime and aiprop=metadata
+* Handled unrecognized values for parameters more gracefully
+* Handled requesting disallowed tokens more gracefully
+* (bug 14140) URL-encoded page titles are now decoded in edit summaries
+* (bug 14243) Only accept post requests in action=edit; patch by HardDisk
+* action=block now returns an ISO8601 timestamp, like all other modules do
+* Added md5 parameter to action=edit
+* (bug 14335) Logging in to unified account using API not possible
+* Added action=emailuser to send an email to a user
+* (bug 14471) Use HTMLTidy and generate limit report in action=parse
+* (bug 14459) Added prependtext and appendtext parameters to action=edit
+* (bug 14526) Unescaped SQL in list=backlinks
+* Added 'hidden' flag to list=allcategories and prop=categoryinfo output
+* Added nocreate parameter to action=edit
+* (bug 14402) Added maxage and smaxage parameters to api.php
+* Added bkip parameter to list=blocks
+* (bug 14651) apprefix and similar parameters are now canonicalized
+* Added clprop=timestamp to prop=categories
+* (bug 14678) API errors now respects $wgShowExceptionDetails and
+ $wgShowSQLErrors
+* (bug 14723) Added time zone and writing direction to meta=siteinfo
+* Added APIQueryInfoTokens and APIQueryRevisionsTokens hooks so extensions
+ can add their own tokens
+* Added block and unblock tokens to prop=info as well
+* Added paging (limit and continue parameters) to
+ prop={links,templatelinks,langlinks,extlinks,categories,images}
+* Added flag "top" to list=usercontribs if the user is the last contributor to
+ the page
+* list=exturlusage in "list all links" mode can now filter by protocol
+
+
+
+== MediaWiki 1.12 ==
+
+This is the Winter 2007 quarterly release.
+
+MediaWiki is now using a "continuous integration" development model with
+quarterly snapshot releases. The latest development code is always kept
+"ready to run", and in fact runs our own sites on Wikipedia.
+
+Release branches will continue to receive security updates for about a year
+from first release, but nonessential bugfixes and feature developments
+will be made on the development trunk and appear in the next quarterly release.
+
+Those wishing to use the latest code instead of a branch release can obtain
+it from source control: https://www.mediawiki.org/wiki/Download_from_SVN
+
+=== Configuration changes in 1.12 ===
+* Marking edits as bot edits with Special:Contributions?bot=1 now requires the
+ markbotedit permission, rather than the rollback permission previously used.
+ This permission is assigned by default to the sysop group.
+* MediaWiki now checks if serialized files are out of date. New configuration
+ variable $wgCheckSerialized can be set to false to enable old behavior (i.e.
+ to not check and assume they are always up to date)
+* The rollback permission can now be rate-limited using the normal mechanism.
+* New configuration variable $wgExtraLanguageNames
+* Behavior of $wgAddGroups and $wgRemoveGroups changed. New behavior:
+* * Granting the userrights privilege allows arbitrary changing of rights.
+* * Without the userrights privilege, a user will be able to add and/or
+ remove the groups specified in $wgAddGroups and $wgRemoveGroups for
+ any groups they are in.
+* New permission userrights-interwiki for changing user rights on foreign wikis.
+* $wgImplicitGroups for groups that are hidden from Special:Listusers, etc.
+* $wgAutopromote: automatically promote users who match specified criteria
+* $wgGroupsAddToSelf, $wgGroupsRemoveFromSelf: allow users to add or remove
+ themselves from specified groups via Special:Userrights.
+* When $wgUseTidy has been enabled, PHP's Tidy module is now used if it is
+ present, in preference to an external Tidy executable which may or may not
+ be present. To force use of external Tidy even when the PHP module is
+ available, set $wgTidyInternal to false.
+
+
+=== New features in 1.12 ===
+* (bug 10735) Add a warning for non-descriptive filenames at Special:Upload
+* Add {{filepath:}} parser function to get full path to an uploaded file,
+ complementing {{fullurl:}} for pages.
+* (bug 11136) If using Postgres, search path is explicitly set if wgDBmwschema
+ is not set to 'mediawiki', allowing multiple mediawiki instances per user.
+* (bug 11151) Add descriptive <title> to revision history page
+* (bug 5412) Add feed links for the site to all pages
+* (bug 11353) Add ability to retrieve raw section content via action=raw
+* (bug 6909) Show relevant deletion log lines when uploading a previously
+ deleted file
+* On SkinTemplate based skins (like MonoBook), omit confusing "edit"/"view
+ source" tab entirely if the page doesn't exist and the user isn't allowed to
+ create it
+* Clarify instructions given when an exception is thrown
+* AuthPlugin added strictUserAuth() method to allow per-user override
+ of the strict() authentication behavior.
+* (bug 7872) Deleted revisions can now be viewed as diffs showing changes
+ against the previous revision, whether currently deleted or live.
+* Added tooltips for the "Go" and "Search" buttons
+* (bug 11649) Show input form when Special:Whatlinkshere has no parameters
+* isValidEmailAddr hook added to User method of that name, to allow, e.g., re-
+ stricting e-mail addresses to a specific domain
+* Removed "Clear" link in watchlist editor tools, as people were afraid to
+ click it. Existing clear links will fall back to the raw editor, which is
+ very easy to clear your watchlist with.
+* (bug 1405) Add wgUseNPPatrol option to control patroling for new articles
+ on Special:Newpages
+* LogLine hook added to allow formatting custom entries in Special:Log.
+* Support for Iranian calendar
+* (bug 1401) Allow hiding logged-in users, bots and patrolled pages on
+ Special:Newpages
+* ChangesListInsertArticleLink hook added for adding extra article info to RC.
+* MediaWikiPerformAction hook added for diverting control after the main
+ globals have been set up but before any actions have been taken.
+* BeforeWatchlist hook added for filtering or replacing watchlist.
+* SkinTemplateTabAction hook added for altering the properties of tab links.
+* OutputPage::getRedirect public method added.
+* (bug 11848, 12506) Allow URL parameters 'section', 'editintro' and 'preload'
+ in Special:Mypage and Special:Mytalk
+* Add ot=raw to Special:Allmessages
+* Support for Hebrew calendar
+* Support for Hebrew numerals in dates and times
+* (bug 11315) Signatures can be configured in [[MediaWiki:Signature]] and
+ [[MediaWiki:Signature-anon]]
+* Signatures for anonymous users link to Special:Contributions page rather than
+ user page
+* Added --override switch for disabled pages in updateSpecialPages.php
+* Provide a unique message (ipb_blocked_as_range) if unblock of a single IP
+ fails
+ because it is part of a blocked range.
+* (bug 3973) Use a separate message for the email content when an account is
+ created by another user
+* dumpTextPass.php can spawn fetchText.php as a subprocess, which should restart
+ cleanly if database connections fail unpleasantly.
+* (bug 12028) Add Special:Listbots as shortcut for Special:Listusers/bot
+* (bug 9633) Add a predefined list of delete reasons to the deletion form
+* Show a warning message when creating/editing a user (talk) page but the user
+ does not exists
+* (bug 8396) Ignore out-of-date serialised message caches
+* (bug 12195) Undeleting pages now requires 'undelete' permission
+* (bug 11810) Localize displayed semicolons
+* (bug 11657) Support for Thai solar calendar
+* (bug 943) RSS feed for Recentchangeslinked
+* Introduced AbortMove hook
+* (bug 2919) Protection of nonexistent pages with regular protection interface.
+* Special:Upload now lists permitted/prohibited file extensions.
+* Split ambiguous filetype-badtype message into two new messages,
+ filetype-unwanted-type and filetype-banned-type.
+* Added link to the old title in Special:Movepage
+* On Special:Movepage, errors are now more noticeable.
+* It is now possible to change rights on other local wikis without the MakeSysop
+ extension
+* Add HTML ID's mw-read-only-warning and mw-anon-edit-warning to warnings when
+ editing to allow CSS styling.
+* Parser now returns list of sections
+* When a user is prohibited from creating a page, a title of "View source"
+ makes no sense, and there should be no "Return to [[Page]]" link.
+* (bug 12486) Protected titles now give a warning for privileged editors.
+* (bug 9939) Special:Search now sets focus to search input box when no existing
+ search is active
+* For Special:Userrights, use GET instead of POST to search for users.
+* Allow subpage syntax for Special:Userrights, i.e., Special:Userrights/Name.
+* When submitting changes on Special:Userrights, show the full form again, not
+ just the search box.
+* Added exception hooks
+* (bug 12574) Allow bots to specify whether an edit should be marked as a bot
+ edit, via the parameter 'bot'. (Default: '1')
+* (bug 12536) User should be able to get MediaWiki version from any page
+* (bug 12622) A JavaScript constant to declare whether api.php is available
+* Add caching to the AJAX search
+* Add APCOND_INGROUPS
+* Add DBA caching to installer
+* (bug 12585) Added a bunch of parameters to the revertpage message
+* Support redirects in image namespace
+* (bug 10049) Prefix index search and namespaces in Special:Withoutinterwiki
+* (bug 12668) Support for custom iPhone bookmark icon via $wgAppleTouchIcon
+* Add option to include templates in Special:Export.
+* (bug 12655) Added $wgUserEmailUseReplyTo config option to put sender
+ address in Reply-To instead of From for user-to-user emails.
+ This protects against SPF problems and privacy-leaking bounce messages
+ when using mailers that set the envelope sender to the From header value.
+* (bug 11897) Add alias [[Special:CreateAccount]] & [[Special:Userlogin/signup]]
+ for Special:Userlogin?type=signup
+* (bug 12214) Add a predefined list of delete reasons to the file deletion form
+* Merged backends for OpenSearch suggestions and AJAX search.
+ Both now accept namespace prefixes, handle 'Media:' and 'Special:' pages,
+ and reject interwiki prefixes. PrefixSearch class centralizes this code,
+ and the backend part can be overridden by the PrefixSearchBackend hook.
+* (bug 10365) Localization of Special:Version
+* When installing using Postgres, the Pl/Pgsql language is now checked for
+ and installed when at the superuser level.
+* The default robot policy for the entire wiki is now configurable via the
+ $wgDefaultRobotPolicy setting.
+* (bug 12239) Use different separators for autocomments
+* (bug 12857) Patrol link on new pages should clear floats
+* (bug 12968) Render redirect wikilinks in a redirect class for customization
+ via user/site CSS.
+* EditPageBeforeEditButtons hook added for altering the edit buttons below the edit box
+
+=== Bug fixes in 1.12 ===
+
+* Subpages are now indexed for searching properly when using PostgreSQL
+* (bug 3846) Suppress warnings from, e.g. open_basedir when scanning for
+ ImageMagick, diff3 et al. during installation [patch by Jan Reininghaus]
+* (bug 7027) Shift handling of deletion permissions-checking to
+ getUserPermissionsErrors.
+* Login and signup forms are now more correct for right-to-left languages.
+* (bug 5387) Block log items on RecentChanges don't make use of possible
+ translations
+* (bug 11211) Pass, as a parameter to the protectedpagetext interface
+ message, the level of protection.
+* (bug 9611) Supply the blocker and reason for the cantcreateaccounttext
+ message.
+* (bug 8759) Fixed bug where rollback was allowed on protected pages for wikis
+ where rollback is given to non-sysops.
+* (bug 8834) Split off permission for editing user JavaScript and CSS from
+ editinterface to a new permission key editusercssjs.
+* (bug 11266) Set fallback language for Fulfulde (ff) to French
+* (bug 11179) Include image version deletion comment in public log
+* Fixed notice when accessing special page without read permission and whitelist
+ is not defined
+* (bug 9252) Fix for tidy funkiness when using editintro mode
+* (bug 4021) Fix for MySQL wildcard search
+* (bug 10699) Fix for MySQL phrase search
+* (bug 11321) Fix width of gallerybox when option "width=xxx" is used
+* (bug 7890) Special:BrokenRedirects links deleted redirects to a non-existent
+ page
+* Fix initial statistics when installing: add correct values
+* (bug 11342) Fix several 'returnto' links in permissions/error pages which
+ linked to the main page instead of targetted page
+* Strike the link to the redirect rather than using an asterisk in
+ Special:Listredirects
+* (bug 11355) Fix false positives in Safe Mode and other config detection
+ when boolean settings are disabled with 'Off' via php_admin_value/php_value
+* (bug 11292) Fixed unserialize errors with Postgres by creating special Blob
+ object.
+* (bug 11363) Make all metadata fields bytea when using Postgres.
+* (bug 11331) Add buildConcat() and use CASE not IF for DB compatibility. Make
+ oldimage cascade delete via image table for Postgres, change fa_storage_key
+ TEXT.
+* (bug 11438) Live Preview chops returned text
+* Show the right message on account creation when the user is blocked
+* (bug 11450) Fix creation of objectcache table on upgrade
+* Fix namespace selection after submit of Special:Newpages
+* Make input form of Special:Newpages nicer for RTL wikis
+* (bug 11462) Fix typo in LanguageGetSpecialPageAliases hook name
+* (bug 11474) Fix unintentional fall-through in math error handling
+* (bug 11478) Fix undefined method call in file deletion interface
+* (bug 278) Search results no longer highlight incorrect partial word matches
+* Compatibility with incorrectly detected old-style DJVU mime types
+* (bug 11560) Fix broken HTML output from weird link nesting in edit comments.
+ Nested links (as in image caption text) still don't work _right_ but they're
+ less wrong
+* (bug 9718) Remove unnecessary css from main.css causing spacing issues on
+ some browsers.
+* (bug 11574) Add an interface message loginstart, which, similarly to loginend,
+ appears just before the login form. Patch by MinuteElectron.
+* Do not cache category pages if using 'from' or 'until'
+* Created new hook getUserPermissionsErrors, to go with userCan changes.
+* Diff pages did not properly display css/js pages.
+* (bug 11620) Add call to User::isValidEmailAddr during accout creation.
+* (bug 11629) If $wgEmailConfirmToEdit is true, require people to supply an
+ email address when registering.
+* (bug 11612) Days to show in recent changes cannot be larger than 7
+* (bug 11131) Change filearchive width/height columns to int for Postgres
+* Support plural in undeleted{revisions,revisions-files,files}
+* (bug 11343) If the database is read-only, ensure that undelete fails.
+* (bug 11690) Show revert link for page moves in Special:Log to allowed users
+ only
+* Initial-lowercase prefix checks in namespaceDupes.php now actually work.
+* Fix regression in LinkBatch.php breaking PHP 5.0
+* (bug 11452) wfMsgExt uses sometimes wrong language object for parsing magic
+ words when called with options ''parsemag'' or ''content''.
+* (bug 11727) Support plural in 'historysize' message
+* (bug 11744) Incorrect return value from Title::getParentCategories()
+* (bug 11762) Fix native language name of Akan (ak)
+* (bug 11722) Fix inconsistent case in unprotect tabs
+* (bug 11795) Be more paranoid about confirming accept-encoding header is
+ present
+* (bug 11809) Use formatNum() for more numbers
+* (bug 11818) Fix native language name of Inuktitut (iu)
+* Remove all commas when parsing float numbers in sorted tables
+* Limit text field of deletion, protection and user rights changes reasons to
+ 255 characters (already restricted in the database)
+* In the deletion default reasons, calculate how much text to get from the
+ article text, rather than getting 150 characters (which may be too much)
+* Add two messages for Special:Blockme which were used but undefined
+* (bug 11921) Support plural in message number_of_watching_users_pageview
+* If an IP address is blocked as part of a rangeblock, attempting to unblock
+ the single IP should not unblock the entire range.
+* (bug 6695) Fix native language name of Southern Sotho (Sesotho) (st)
+* Make action=render follow redirects by default
+* If restricted read access was enabled, whitelist didn't work with special
+ pages which had spaces in theirs names
+* If restricted read access was enabled, requests for non-existing special pages
+ threw an exception
+* Feeds for recent changes now provide correct URLs for the change, not just
+ the page
+* Check for if IP is blocked as part of a range when unblocking (see above bug-
+ fix) was faulty. Now fixed.
+* Fixed wpReason URL parameter to action=delete.
+* Do not force a password for account creation by email
+* Ensure that rate-limiting is applied to rollbacks.
+* Make a better rate-limiting error message (i.e. a normal MW error,
+ rather than an "Internal Server Error").
+* Do not present an image bigger than the source when 'frameless' option is used
+ (to be consistent with the 'thumb' option now)
+* Support {{PLURAL}} for import log
+* Make sure that the correct log entries are shown on Special:Userrights even
+ for users with special characters in their names
+* The number of watching users in watchlists was always reported as 1
+* namespaceDupes.php no longer dies when coming across an illegal title
+* (bug 12143) Do not show a link to patrol new pages for non existent pages
+* (bug 12166) Fix XHTML validity for Special:Emailuser
+* (bug 11346) Users who cannot edit a page can now no longer unprotect it.
+* (bug 451) Add a generic Traditional / Simplified Chinese conversion table,
+ instead of a Traditional conversion with Taiwan variant, and a Simplified
+ conversion with China variant.
+* (bug 12178) Fix wpReason parameter to action=delete, again.
+* Graceful behavior for updateRestrictions.php if a page already has records
+ in the page_restrictions matching its old page_restrictions field.
+ May help with odd upgrade issues or race condition.
+* (bug 11993) Remove contentsub "revision history"
+* (bug 11952) Ensure we quote_ident() all schema names as needed
+ inside of the DatabasePostgres.php file.
+* (bug 12184) Exceptions now sent to stderr instead of stdout for command-line
+ scripts, making for cleaner reporting during batch jobs. PHP errors will also
+ be redirected in most cases on PHP 5.2.4 and later, switching 'display_errors'
+ to 'stderr' at runtime.
+* (bug 12148) Text highlight wasn't applied to cleanly deleted and added
+ lines in diff output
+* (bug 10166) Fix a PHP warning in Language::getMagic
+* Only mark rollback edits as minor if the user can normally mark edits minor
+* Escape page names in the move successful page (e.g. for pages with two
+ apostrophes).
+* (bug 12145) Add localized names of kk-variants
+* (bug 12259) Localize the numbers in deleted pages on the sysop view
+* Set proper page title for successful file deletion
+* (bug 11221) Do not show 'Compare selected versions' button for a history page
+ with one revision only
+* (bug 12267) Set the default date format to Thai solar calender for the Thai
+ language
+* (bug 10184) Extensions' stylesheets and scripts should be loaded before
+ user-customized ones (like Common.css, Common.js)
+* (bug 12283) Special:Newpages forgets parameters
+* (bug 12031) All namespaces doesn't work in Special:Newpages
+* (bug 585) Only create searchindex replica table for parser tests if db is
+ MySQL
+* Allow --record option if parserTests.php to work when using Postgres
+* (bug 12296) Simplify cache epoch in default LocalSettings.php
+* (bug 12346) XML fix when body double-click and click handlers are present
+* Fix regression -- missing feed links in sidebar on Special:Recentchanges
+* (bug 12371) Handle more namespace case variants in namespaceDupes.php
+* (bug 12380) Bot-friendly EditPage::spamPage
+* (bug 8066) Spaces can't be entered in special page aliases
+* Hide undo link if user can't edit article
+* (bug 12416) Fix password setting for createAndPromote.php
+* (bug 3097) Inconsistently usable titles containing HTML character entities
+ are now forbidden. A run of cleanupTitles.php will fix up existing pages.
+* (bug 12446) Permissions check fix for undelete link
+* (bug 12451) AJAX title normalization tweaks
+* When a user creating a page is not allowed to either create the page nor edit
+ it, all applicable reasons are now shown.
+* (bug 11428) Allow $wgScript inside $wgArticlePath when emulating PATH_INFO
+ Fixes 'root'-style rewrite configurations
+* (bug 12493) Removed hardcoded MAX_FILE_SIZE from Special:Import upload form
+* (bug 12489) Special:Userrights listed in restricted section again
+* (bug 12553) Fixed invalid XHTML in edit conflict screen
+* (bug 12505) Fixed section=0 with action=raw
+* (bug 12614) Do not log user rights change that didn't change anything
+* (bug 12584) Don't reset cl_timestamp when auto-updating sort key on move
+* (bug 12588) Fix selection in namespace selector on Special:Newpages
+* Use only default options when generating RSS and Atom syndication links.
+ This should help prevent infinite link loops that some software may follow,
+ and will generally keep feed behavior cleaner.
+* (bug 12608) Unifying the spelling of getDBkey() in the code.
+* (bug 12611) Bot flag ignored in recent changes
+* (bug 12617) Decimal and thousands separators for Romanian
+* (bug 12567) Fix for misformatted read-only messages on edit, protect.
+ Also added proper read-only checks to several special pages.
+ Have removed read-only checks from the general user permission framework.
+* Creating a site with a name containing '#' is no longer permitted, since the
+ name will not work (but $wgSiteName is not checked if manually set).
+* (bug 12695) Suppress dvips verbiage from web server error log
+* (bug 12716) Unprotecting a non-protected page leaves a log entry
+* Log username blocks with canonical form of name instead of input form
+* (bug 11593, 12719) Fixes for overzealous invocation of thumb.php.
+ Non-image handlers and full-size images may now decline it, fixing
+ mystery failures when using $wgThumbnailScriptPath.
+* (bug 12327) Comma in username no longer disrupts mail headers
+* (bug 6436) Localization of Special:Import XML parser Error message(s).
+* Security fix for API on MSIE
+* (bug 12768) Database query syntax error in maintenance/storage/compressOld.inc
+* (bug 12753) Empty captions in MediaWiki:Sidebar result in PHP errors
+* (bug 12790) Page protection is not logged when edit-protection is used
+ and move-protection is not
+* (bug 12793) Fix for restricted namespaces/pages in Special:Export
+* Fix for Special:Export so it doesn't ignore the page named '0'
+* Don't display rollback link if the user doesn't have all required permissions
+* The comment of a time-limited protection now contains the date in the default
+ format
+* (bug 12880) wfLoadExtensionMessages does not use $fallback from MessagesXx.php
+* (bug 12885) Correction for Russian convertPlural function
+* (bug 12768) Make DatabasePostgres->hasContraint() schema aware.
+* (bug 12735) Truncate usernames in comments using mb_ functions.
+* (bug 12892) Poor tab indexing on "delete file" form
+* (bug 12660) When creating an account by e-mail, do not send the creator's IP
+ address
+* (bug 12931) Fix wrong global variable in SpecialVersion
+* (bug 12919) Use 'deletedrevision' message as content when deleting an old file
+ version
+* (bug 12952) Using Nosuchusershort instead of Nosuchuser when account creation
+ is disabled
+* (bug 12869) Magnify icon alignment should be adjusted using linked CSS
+* Fixing message cache updates for MediaWiki messages moves
+* (bug 12815) Signature timestamps were always in UTC, even if the timezone code
+ in parentheses after them claimed otherwise
+* (bug 12732) Fix installer and searching to handle built-in tsearch2 for Postgres.
+* (bug 12784) Change "bool" types to smallint to handle Postgres 8.3 strictness.
+* (bug 12301) Allow maintenance/findhooks.php to search hooks in multiple directories.
+* (bug 7681, 11559) Cookie values no longer override GET and POST variables.
+* (bug 5262) Fully-qualified $wgStylePath no longer corrupted on XML feeds
+* (bug 3269) Inaccessible titles ending in '/.' or '/..' now forbidden.
+* (bug 12935, 12981) Fully-qualify archive URLs in delete, revert messages
+* (bug 12938) Fix template expansion and 404 returns for action=raw with section
+* (bug 11567) Fix error checking for PEAR::Mail. UserMailer::send() now returns
+ true-or-WikiError, which seems to be the calling convention expected by half
+ its callers already
+* (bug 12846) IE rtl.css issue in RTL wikis special:Preferences when selecting an
+ LTR user language
+* (bug 13005) DISPLAYTITLE does not work on preview
+* (bug 13004) Fix error on Postgres searches that return too many results.
+
+== Parser changes in 1.12 ==
+
+For help with migration to the MediaWiki 1.12 parser, please visit:
+
+http://meta.wikimedia.org/wiki/Migration_to_the_new_preprocessor
+
+The parser pass order has changed from
+
+ * Extension tag strip and render
+ * HTML normalisation and security
+ * Template expansion
+ * Main section...
+
+to
+
+ * Template and extension tag parse to intermediate representation
+ * Template expansion and extension rendering
+ * HTML normalisation and security
+ * Main section...
+
+The main effect of this for the user is that the rules for uncovered syntax
+have changed.
+
+Uncovered main-pass syntax, such as HTML tags, are now generally valid, whereas
+previously in some cases they were escaped. For example, you could have "<ta" in
+one template, and "ble>" in another template, and put them together to make a
+valid <table> tag. Previously the result would have been "&lt;table&gt;".
+
+Uncovered preprocessor syntax is generally not recognised. For example, if you
+have "{{a" in Template:A and "b}}" in Template:B, then "{{a}}{{b}}" will be
+converted to a literal "{{ab}}" rather than the contents of Template:Ab. This
+was the case previously in HTML output mode, and is now uniformly the case in
+the other modes as well. HTML-style comments uncovered by template expansion
+will not be recognised by the preprocessor and hence will not prevent template
+expansion within them, but they will be stripped by the following HTML security
+pass.
+
+Bug 5678 has been fixed. This has a number of user-visible effects related to
+the removal of this double-parse. Please see the wiki page for examples.
+
+Message transformation mode has been removed, and replaced with "preprocess"
+mode. This means that some MediaWiki namespace messages may need to be updated,
+especially ones which took advantage of the terribly counterintuitive behavior
+of the former message mode.
+
+The header identification routines for section edit and for numbering section
+edit links have been merged. This removes a significant failure mode and fixes a
+whole category of bugs (tracked by bug #4899). Wikitext headings uncovered by
+template expansion will still be rendered into a heading tag, and will get an
+entry in the TOC, but will not have a section edit link. HTML-style headings
+will also not have a section edit link. Valid wikitext headings present in the
+template source text will get a template section edit link. This is a major
+break from previous behavior, but I believe the effects are almost entirely
+beneficial.
+
+The main motivation for making these changes was performance. The new two-pass
+preprocessor can skip "dead branches" in template expansion, such as unfollowed
+#switch cases and unused defaults for template arguments. This provides a
+significant performance improvement in template-heavy test cases taken from
+Wikipedia. Parser function hooks can participate in this performance improvement
+by using the new SFH_OBJECT_ARGS flag during registration.
+
+The pre-expand include size limit has been removed, since there's no efficient
+way to calculate such a figure, and it would now be meaningless for performance
+anyway. The "preprocessor node count" takes its place, with a generous default
+limit.
+
+The context in which XML-style extension tags are called has changed, so
+extensions which make use of the parser state may need compatibility changes.
+
+The new preprocessor syntax has been documented in Backus-Naur Form at:
+
+https://www.mediawiki.org/wiki/Preprocessor_ABNF
+
+The ExpandTemplates extension now has the ability to generate an XML parse
+tree from wikitext source. This parse tree corresponds closely to the grammar
+documented on that page.
+
+=== API changes in 1.12 ===
+
+Full API documentation is available at https://www.mediawiki.org/wiki/API
+
+* (bug 11275) Enable descending sort in categorymembers
+* (bug 11308) Allow the API to output the image metadata
+* (bug 11296) Temporary fix for escaping of ampersands inside links in
+ pretty-printed
+ help document.
+* (bug 11405) Expand templates implementation in the API
+* (bug 11218) Add option to feedwatchlist to display multiple revisions for each
+ page.
+* (bug 11404) Provide name of exception caught in error code field of internal
+ api error messages.
+* (bug 11534) rvendid doesn't work
+* Fixed rvlimit of the revisions query to only enforce the lower query limit if
+ revision content is requested.
+* Include svn revision number (if install is checked-out from svn) in siteinfo
+ query.
+* (bug 11173) Allow limited wikicode rendering via api.php
+* (bug 11572) API should provide interface for expanding templates
+* (bug 11569) Login should return the cookie prefix
+* (bug 11632) Breaking change: Specify the type of a change in the recentchanges
+ list as 'edit', 'new', 'log' instead of 0, 1, 2, respectively.
+* Compatibility fix for PHP 5.0.x.
+* Add rctype parameter to list=recentchanges that filters by type
+* Add apprtype and apprlevel parameters to filter list=allpages by protection
+ types and levels
+* Add apdir parameter to enable listing all pages from Z to A
+* (bug 11721) Use a different title for results than for the help page.
+* (bug 11562) Added a user_registration parameter/field to the list=allusers
+ query.
+* (bug 11588) Preserve document structure for empty dataset in backlinks query.
+* Outputting list of all user preferences rather than having to request them by
+ name
+* (bug 11206) api.php should honor maxlag
+* Make prop=info check for restrictions in the old format too.
+* Add apihighlimits permission, default for sysops and bots
+* Add limit=max to use maximal limit
+* Add action=parse to render parser output. Use it instead of action=render
+ which has been removed
+* Add rvtoken=rollback to prop=revisions
+* Add meta=allmessages to get messages from site's messages cache.
+* Use bold and italics highlighting only in API help
+* Added action={block,delete,move,protect,rollback,unblock,undelete} and
+ list={blocks,deletedrevs}
+* Fixed sessionid attribute in action=login
+* Standardized limits. Revisions and Deletedrevisions formerly using
+ 200 / 10000, now 500 / 5000, in line with other modules.
+* Added list=allcategories module
+* (bug 12321) API list=blocks reveals private data
+* Fix output of wfSajaxSearch
+* (bug 12413) meta=userinfo missing <query> tag
+* Add list of sections to action=parse output
+* Added action=logout
+* Added cascade flag to prop=info&inprop=protections
+* Added wlshow parameter to list=watchlist, similar to rcshow
+ (list=recentchanges)
+* Added support for image thumbnailing to prop=imageinfo
+* action={login,block,delete,move,protect,rollback,unblock,undelete} now must be
+ POSTed
+* prop=imageinfo interface changed: iihistory replaced by iilimit, iistart and
+ iiend parameters
+* Added amlang parameter to meta=allmessages
+* Added apfilterlanglinks parameter to list=allpages, replacing
+ query.php?what=nolanglinks
+* (bug 12718) Added action=paraminfo module that provides information about API
+ modules and their parameters
+* Added iiurlwidth and iiurlheight parameters to prop=imageinfo
+* Added format=txt and format=dbg, imported from query.php
+* Added uiprop=editcount to meta=userinfo
+* Added list=users which fetches user information
+* Added list=random which fetches a list of random pages
+* Added page parameter to action=parse to facilitate parsing of existing pages
+* Added uiprop=ratelimits to meta=userinfo
+* Added siprop=namespacealiases to meta=siteinfo
+* Made multiple values for ucuser possible in list=usercontribs
+* (bug 12944) Added cmstart and cmend parameters to list=categorymembers
+* Allow queries to have a where range that does not match the range field
+
+== MediaWiki 1.11 ==
+
+This is the Summer 2007 branch release of MediaWiki.
+
+MediaWiki is now using a "continuous integration" development model with
+quarterly snapshot releases. The latest development code is always kept
+"ready to run", and in fact runs our own sites on Wikipedia.
+
+Release branches will continue to receive security updates for about a year
+from first release, but nonessential bugfixes and feature developments
+will be made on the development trunk and appear in the next quarterly release.
+
+Those wishing to use the latest code instead of a branch release can obtain
+it from source control: https://www.mediawiki.org/wiki/Download_from_SVN
+
+== Configuration changes since 1.10 ==
+
+* $wgThumbUpright - Adjust width of upright images when parameter 'upright' is
+ used
+* $wgAddGroups, $wgRemoveGroups - Finer control over who can assign which
+ usergroups
+* $wgEnotifImpersonal, $wgEnotifUseJobQ - Bulk mail options for large sites
+* $wgShowHostnames - Expose server host names through the API and HTML comments
+* $wgSaveDeletedFiles has been removed, the feature is now enabled unconditionally
+
+== New features since 1.10 ==
+
+* (bug 8868) Separate "blocked" message for autoblocks
+* Adding expiry of block to block messages
+* Links to redirect pages in categories are wrapped in
+ <span class="redirect-in-category"></span>
+* Introduced 'ImageOpenShowImageInlineBefore' hook; see docs/hooks.txt for
+ more information
+* (bug 9628) Show warnings about slave lag on Special:Contributions,
+ Special:Watchlist
+* (bug 8818) Expose "wpDestFile" as parameter $1 to "uploaddisabledtext"
+* Introducing new image keyword 'upright' and corresponding variable
+ $wgThumbUpright. This allows better proportional view of upright images
+ related to landscape images on a page without nailing the width of upright
+ images to a fix value which makes views for anon unproportional and user
+ preferences useless
+* (bug 6072) Introducing 'border' keyword to the [[Image:]] syntax
+* Introducing 'frameless' keyword to [[Image:]] syntax which respects the
+ user preferences for image width like 'thumb' but without a frame.
+* (bug 7960) Link to "what links here" for each "what links here" entry
+* Added support for configuration of an arbitrary number of commons-style
+ file repositories.
+* Added a Content-Disposition header to thumb.php output
+* Improved thumb.php error handling
+* Display file history on local image description pages of shared images
+* Added $wgArticleRobotPolicies
+* (bug 10076) Additional parameter $7 added to MediaWiki:Blockedtext
+ containing, the ip, ip range, or username whose block is affecting the
+* (bug 7691) Show relevant lines from the deletion log when re-creating a
+ previously deleted article
+* Added variables 'wgRestrictionEdit' and 'wgRestrictionMove' for JS to header
+* (bug 9898) Allow viewing all namespaces in Special:Newpages
+* (bug 10139) Introduce 'EditSectionLink' and 'EditSectionLinkForOther' hooks;
+ see docs/hooks.txt for details
+* (bug 9769) Provide "watch this page" toggle on protection form
+* (bug 9886) Provide clear example "stub link" in Special:Preferences
+* (bug 10055) Populate email address and real name properties of User objects
+ passed to the 'AbortNewAccount' hook
+* Show result of Special:Booksources in wiki content language always, it's
+ normally better maintained than the generic list from the standard message
+ files
+* (bug 7997) Allow users to be blocked from using Special:Emailuser
+* (bug 8989) Blacklist 'mhtml' and 'mht' files from upload
+* (bug 8760) Allow wiki links in "protectexpiry" message
+* (bug 5908) Add "DEFAULTSORTKEY" and "DEFAULTCATEGORYSORT" aliases for
+ "DEFAULTSORT" magic word
+* (bug 10181) Support the XCache object caching mechanism
+* (bug 9058) Introduce '--aconf' option for all maintenance scripts, to provide
+ a path to the AdminSettings.php file
+* (bug 8781) Remind users to check file permissions for LocalSettings.php
+ post-installation
+* Use shared.css for all skins and oldshared.css in place of common.css for
+ pre-Monobook skins. As always, modifications should go in-wiki to MediaWiki:
+ Common.css and MediaWiki:Monobook.css.
+* (bug 8869) Introduce Special:Uncategorizedtemplates
+* (bug 8734) Different log message when article protection level is changed
+* (bug 8458, 10338) Limit custom signature length to $wgMaxSigChars Unicode
+ characters
+* (bug 10096) Added an ability to query interwiki map table
+* On reupload, add a null revision to the image description page
+* Group log output by date
+* Kurdish interface latin/arabic writing system with transliteration
+* Support wiki text in all query page headers
+* Add 'Orphanedpages' as an alias to Special:Lonelypages
+* (bug 9328) Use "revision-info-current" message in place of "revision-info"
+ when viewing the current revision of a page, if available
+* (bug 8890) Enable wiki text for "license" message
+* Throw a showstopper exception when a hook function fails to return a value.
+ Forgetting to give a 'true' return value is a very common error which tends
+ to cause hard-to-track-down interactions between extensions.
+* Use $wgJobClasses to determine the correct Job to instantiate for a particular
+ queued task; allows extensions to introduce custom jobs
+* (bug 10326) AJAX-based page watching and unwatching has been cleaned up and
+ enabled by default.
+* Added option to install to MyISAM
+* (bug 9250) Remove hardcoded minimum image name length of three characters
+* Fixed DISPLAYTITLE behavior to reject titles which don't normalise to the
+ same title as the current page, and enabled per default
+* Wrap site CSS and JavaScript in a <pre> tag, like user JS/CSS
+* (bug 10196) Add classes and dir="ltr" to the <pre>s on CSS and JS pages (new
+ classes: mw-code, mw-css, mw-js)
+* (bug 6711) Add $wgAddGroups and $wgRemoveGroups to allow finer control over
+ usergroup assignment.
+* Introduce 'UserEffectiveGroups' hook; see docs/hooks.txt for more information
+* (bug 10387) Detect and handle '.php5' extension environments at install time
+* Introduce 'ShowRawCssJs' hook; see docs/hooks.txt for more information
+* (bug 10404) Show rights log for the selected user in Special:Userrights
+* New javascript for upload page that will show a warning if a file with the
+ "destination filename" already exists.
+* Add 'editsection-brackets' message to allow localization (or removal) of the
+ brackets in the "[edit]" link for sections
+* (bug 10437) Move texvc styling to shared.css
+* Introduce "raw editing" mode for the watchlist, to allow bulk additions,
+ removals, and convenient exporting of watchlist contents
+* Show "undo" links in page histories
+* Option to jump to specified time period in user contributions
+* Improved feedback on "rollback success" page
+* Show distinct 'namespaceprotected' message to users when namespace protection
+ prevents page editing
+* (bug 9936) Per-edit suppression of preview-on-first edit with "preview=no"
+* Allow showing a one-off preview on first edit with "preview=yes"
+* (bug 9151) Remove timed redirects on "Return to X" pages for accessibility.
+* Link to user logs in toolbox when viewing a user page
+* (bug 10508) Allow HTML attributes on <gallery>
+* (bug 1962) Allow HTML attributes on <math>
+* (bug 10530) Introduce optional "sp-contributions-explain" message for
+ additional explanation in Special:Contributions
+* (bug 10520) Preview licences during upload via AJAX (toggle with
+ $wgAjaxLicensePreview)
+* New Parser::setTransparentTagHook for parser extension and template
+ compatibility
+* Introduced 'ContributionsToolLinks' hook; see docs/hooks.txt for more
+ information
+* Add a message if category is empty
+* Add CSS compatibility for Opera 9.5
+* Remove largely untested handheld stylesheet, which was causing more trouble
+ than good. Proper handheld support will be added at a future date. For now,
+ display should be acceptable either with CSS turned off or when using a so-
+ phisticated handheld browser.
+* (bug 3173) Option to offer exported pages as a download, rather than displaying
+ inline, as in most browsers
+* Pass the user as an argument to 'isValidPassword' hook callbacks; see
+ docs/hooks.txt for more information
+* Introduce 'UserGetRights' hook; see docs/hooks.txt for more information
+* (bug 9595) Pass new Revision to the 'ArticleInsertComplete' and
+ 'ArticleSaveComplete' hooks; see docs/hooks.txt for more information
+* (bug 9575) Accept upload description from GET parameters
+* Skip the difference engine cache when 'action=purge' is used while requesting
+ a difference page, to allow refreshing the cache in case of errors
+* (bug 10701) Link to Special:Listusers in default Special:Statistics messages
+* Improved file history presentation
+* (bug 10739) Users can now enter comments when reverting files
+* Improved handling of permissions errors
+* (bug 10793) "Mark patrolled" links will now be shown for users with
+ patrol permissions on all eligible diff pages
+* (bug 10655) Show standard tool links for blocked users in block log messages
+* Show standard tool links for blocked users in Special:Ipblocklist
+* Miscellaneous aesthetic improvements to Special:Ipblocklist
+* (bug 10826) Added link trail with Cyrillic characters for Mongolian language
+* (bug 10859) Introduce 'UserGetImplicitGroups' hook; see docs/hooks.txt for
+ more information
+* (bug 10832) Include user information when viewing a deleted revision
+* (bug 10872) Fall back to sane defaults when generating protection selector
+ labels for custom restriction levels
+* Show edit count in user preferences
+* Improved support for audio/video extensions
+* (bug 10937) Distinguish overwritten files in upload log
+* Introduce 'ArticleUpdateBeforeRedirect' hook; see docs/hooks.txt for more
+ information
+* Confirmation is now required when deleting old versions of files
+* (bug 7535) Users can now enter comments when deleting old versions of files
+* (bug 11001) Submit Special:Newpages as a GET, rather than a POST request
+* The <strong></strong> around links to watched pages in change lists now
+ has a class - "mw-watched"
+* (bug 9002) Provide a "view/restore deleted edits" link on Special:Upload
+ when a destination filename is provided that corresponds with previous
+ deleted files
+* Make the "invalid special page" message clearer
+* Add accesskey 's' and tooltip to 'upload file' button at Special:Upload
+* Introduced 'SkinAfterBottomScripts' hook; see docs/hooks.txt for
+ more information
+* (bug 11095) Honour "preview on first edit" preference when preloading
+ text for a non-existent page
+* (bug 11022) Use a more accurate page title for Special:Whatlinkshere and
+ Special:Recentchangeslinked
+* Add link to user contributions in normal watchlist edit mode
+* (bug 9426) Add 'newsectionheaderdefaultlevel' message to allow
+ modification of the heading formatting for new sections when section=new
+ argument is supplied
+* (bug 10836) Add 'newsectionsummary' message to allow modification of the
+ text that prefixes a new section link in Recent Changes
+
+== Bugfixes since 1.10 ==
+
+* (bug 9712) Use Arabic comma in date/time formats for Arabic and Farsi
+* (bug 9670) Follow redirects when render edit section links to transcluded
+ templates.
+* (bug 6204) Fix incorrect unindentation with $wgMaxTocLevel
+* (bug 3431) Suppress "next page" link in Special:Search at end of results
+* Don't show unblock form if the user doesn't have permission to use it
+ (cosmetic change, no vulnerabilities existed)
+* Subtitle success message when unblocking a block ID instead of a pseudo link
+ like [[User:#123|#123]]
+* Use the standard HTTP fetch functions when retrieving remote wiki pages
+ through transwiki, so we can take advantage of cURL goodies if available
+* Disable user JavaScript on Special:Userlogin, Special:Resetpass and
+ Special:Preferences, to avoid a compromised script sniffing passwords, etc.
+* (bug 9854, 3770) Clip overflow text in gallery boxes for visual cleanliness
+ instead of letting it flow outside the box or trigger ugly scroll bars.
+* Tooltips for print version and permalink
+* Links to the MediaWiki namespace for system messages having their default
+ values are no longer shown as nonexistent (e.g., in red)
+* Special:Ipblocklist differentiates between empty list and no search results.
+* (bug 5375) profiling does not respect read-only mode.
+* (bug 7070) monobook/user.gif has antialias artifacts
+* (bug 9123) Safer way when applying $wgLocalTZoffset
+* (bug 9896) Documentation for $wgSquidServers and X-FORWARDED-FOR
+* (bug 9417) Uploading new versions of images when using Postgres no longer
+ throws warnings.
+* (bug 9908) Using tsearch2 with Postgres 8.1 no longer gives an error.
+* (bug 1438) Fix for diff table layout on very wide lines.
+ Diff style rules have been broken out to common/diff.css,
+ and the dupes removed from the default skin files.
+ Skins can still override the default rules.
+* (bug 1229) Balance columns in diff display evenly
+* Right-align diff line numbers in RTL language display
+* (bug 9332) Fix instructions in tests/README
+* (bug 9813) Reject usernames containing '#' to avoid silent truncation
+ of fragments during the normalisation process
+* (bug 7989) RSS feeds content now use black text when using white background.
+* (bug 9971) Typo in a french language message.
+* (bug 9973) Changed size was shown in advanced recentchanges collapsible items
+ with $wgRCShowChangedSized = false.
+* Fix PHP strict standards warning in enhanced recent changes.
+* (bug 5850) Added hexadecimal html entities comments for $digitTransformTable
+ entries.
+* (bug 7432) Change language name for Aromanian (roa-rup)
+* (bug 908) Unexistent special pages now generate a red link.
+* (bug 7899) Added \hline and \vline to the list of allowed TeX commands
+* (bug 7993) support mathematical symbol classes
+* (bug 10007) Allow Block IP to work with Postgrs again.
+* Add Google Wireless Transcoder to the Unicode editing blacklist
+* (bug 10083) Fix for Special:Version breakage on PHP 5.2 with some hooks
+* (bug 3624) TeX: \ker, \hom, \arg, \dim treated like \sin & \cos
+* (bug 10132, 10134) Restore back-compatibility Image::imageUrl() function
+* (bug 10113) Fix double-click for view source on protected pages
+* (bug 10117) Special:Wantedpages doesn't handle invalid titles in result
+ set [now prints out a warning]
+* (bug 10118) Introduced Special:Mostlinkedtemplates, report which lists
+ templates with a high number of inclusion links
+* (bug 10104) Fixed Database::getLag() for PostgreSQL and Oracle
+* (bug 9820) session.save_path check no longer halts installation, but
+ warns of possible bad values
+* (bug 9978) Fixed session.save_path validation when using extended
+ configuration format, e.g. "5;/tmp"
+* Don't generate a diff link in the patrol log if the page doesn't exist
+* (bug 10067) Translations for former skins removed from message files
+* (bug 9993) Force $wgShowExceptionDetails on during installation
+* (bug 9980) Validate administrator username and password during
+ installation
+* (bug 9383) Don't set a default value for BLOB column in rc-deleted
+ database patch
+* (bug 10149) Don't show full template list on section-0 edit
+* (bug 9909) Ensure access to binary fields in the math table use encodeBlob()
+ and decodeBlob()
+* (bug 6743) Don't link broken image links to the upload form when uploads
+ are disabled
+* (bug 9679) Improve documentation for $wgSiteNotice
+* (bug 10215) Show custom editing introduction when editing existing pages
+* (bug 10223) Fix edit link in noarticletext localizations for fr, oc
+* (bug 10247) Fix IP address regex to avoid false positive IPv6 matches
+* (bug 9948) Workaround for diff regression with old Mozilla versions
+* (bug 10265) Fix regression in category image gallery paging
+* (bug 8577) Fix some weird misapplications of time zones.
+ {{CURRENT*}} functions now consistently use UTC as intended, while
+ {{LOCAL*}} functions return local time per server config or $wgLocaltimezone.
+ Signature dates for Japanese and other languages including weekday now show
+ the correct day to match the rest of the time in local time.
+* Escape the output of magic variables that return page name or part of it
+* (bug 10309) Initialise parser state properly in extractSections(), fixes
+ some cases where section edits broke because tags were improperly stripped
+* Avoid PHP notice errors when doing HTTP proxy purges for an empty list
+* As intended, *skip* the HTTP proxy purges when doing HTCP purges
+* (bug 9696) Fix handling of brace transformations in "pagemovedtext"
+* (bug 10325) Fix regression in form action on Special:Listusers
+* Fixed installation on MyISAM or old InnoDB with charset=utf8, was giving
+ overlong key errors.
+* Fixed zero-padding issues with MySQL 5 binary schema
+* (bug 10344) Don't follow a redirect after changing its protection level
+* (bug 10333) Correct date format in Slovenian
+* (bug 10160) Show error message for unknown namespace on Special:Allpages and
+ Special:Prefixindex; making forms prettier for RTL wikis.
+* (bug 10334) Replace normal spaces before percent (%) signs with non-breaking
+ spaces
+* (bug 10372) namespaceDupes.php no longer ignores namespace aliases
+* (bug 10198) namespaceDupes.php no longer ignores interwiki prefixes
+* namespaceDupes.php should work better for initial-lowercase wikis
+* (bug 10377) "Permanent links" to revisions still work if the page is moved
+ and the redirect deleted
+* (bug 7071) Properly handle an 'oldid' passed to view or edit that doesn't
+ match the given title. Fixes inconsistencies with talk, history, edit links.
+* (bug 10397) Fix AJAX watch error fallback when we receive a bogus result
+* (bug 10396) Fix AJAX error when $wgScriptPath/index.php is not valid;
+ using $wgScript now included in JS info
+* Use native XMLHttpRequest class in preference to ActiveX on IE 7; this
+ avoids the "ActiveX "Do you want to allow ActiveX?" prompt when something
+ security settings are cranked this way and AJAX-y gets used.
+* Delay AJAX watch initialization until click so IE 6 with ugly security
+ settings doesn't prompt you until you use the link.
+* (bug 10401) Provide non-redirecting link to original title in Special:Movepage
+* Fix broken handling of log views for page titles consisting of one
+ or more zeros, e.g. "0", "00" etc.
+* Fix read permission check for special pages with subpage parameters, e.g.
+ Special:Confirmemail
+* Fix read permission check for unreadable page titles which are numerically
+ equivalent to a whitelisted title
+* '?>' closing tag removed from all files to help avoid problems with extraneous
+ whitespace (broken XML feeds, etc.)
+* Don't use garbled parser cache output when viewing custom CSS or JavaScript
+ pages
+* (bug 10406) Fix Special:Listusers filter form for non-ASCII localizations
+* Fix empty message checks for message names containing &
+ This corrects some odd behavior with sidebar items and custom namespaces
+ containing ampersands.
+* (bug 10375) Change thousands separator character to &nbsp; for Latin (la)
+* (bug 10477) Fix AJAX watch for Farsi on Firefox: JavaScript encoding tweak
+* (bug 10496) Fix broken DISTINCT option logic in database backend
+* Fix CSS media declaration for "screen, projection"; was causing some
+ validation issues
+* (bug 10495) $wgMemcachedDebug set twice in includes/DefaultSettings.php
+* (bug 10316) Prevent inconsistent cached skin settings in gen=js by setting
+ the intended skin directly in the URL.
+* (bug 9903) Don't mark redirects in categories as stubs
+* (bug 6965) Cannot include "Template:R" with {{R}} (magic word conflict)
+* Padding parser functions now work with strings like '0' that evaluate to false
+* (bug 10332) Title->userCan( 'edit' ) may return false positive
+* Fix bug with <nowiki> in front of links for wikis where linkPrefixExtension is true
+* (bug 10552) Suppress rollback link in history for single-revision pages
+* (bug 10538) Gracefully handle invalid input on move success page
+* Fix for Esperanto double-x-encoding in move success page
+* (bug 10526) Fix toolbar/insertTags behavior for IE 6/7 and Opera (8+)
+ Now matches the selection behavior on Mozilla / Safari.
+ Patch by Alex Smotrov.
+* Don't show non-functional toolbar buttons on Opera 7 anymore
+* (bug 9151) Fix relative subpage links with section fragments
+* (bug 10560) Adding a space between category letter heading and "continues"
+* (bug 4650) Keep impossibly large/small counts off Special:Statistics
+* (bug 10608) PHP notice when installing with PostgreSQL
+* (bug 10615) Fix for transwiki import when CURL not available
+* (bug 8054) Return search page for empty search requests with ugly URLs
+* (bug 10572) Force refresh after clearing visitation timestamps on watchlist
+* (bug 10631) Warn when illegal characters are removed from filename at upload
+* Fix several JavaScript bugs under MSIE 5/Macintosh
+* (bug 10591) Use Arabic numerals (0,1,2...) for the Malayam language
+* (bug 10642) Fix shift-click checkbox behavior for Opera 9.0+ and 6.0
+* Work around Safari bug with pages ending in ".gz" or ".tgz"
+* Removed obsolete maintenance/changeuser.sql script; use RenameUser extension
+* (bug 2735) "Preview" shown in title bar for action=submit on special pages
+* Removed "restore" links from the deletion log embedded in Special:Undelete
+* Improved error reporting and robustness for file delete/undelete.
+* Improved speed of file delete by storing the SHA-1 hash in image/oldimage
+* Fixed leading zero in base 36 SHA-1 hash
+* Protection form no longer produces JavaScript errors
+* (bug 10741) File histories show "delete" links for non-sysops
+* (bug 10744) Treat "noarticletext" and "noarticletextanon" as wiki text when
+ used on a non-existent page with "action=info"
+* Fix escaping of raw message text when used on a non-existent page with
+ "action=info"
+* (bug 10683) Fix inconsistent handling of URL-encoded titles in links
+ used in redirects (i.e. they now work)
+* (bug 8878) Changes to $dateFormats in German localization (removing unused,
+ nonexistent formats, putting time after date)
+* (bug 10769) Database::update() should return boolean result
+* Fix preference checkbox display for right-to-left languages which caused
+ them to be hidden in IE in some cases
+* Fix upload form display in right-to-left languages
+* Fixed regression in blocking of username '0'
+* (bug 9437) Don't overwrite edit form submission handler when setting up
+ edit box scroll position preserve/restore behavior
+* (bug 10805) Fix "undo" link when viewing the diff of the most recent
+ change to a page using "diff=0"
+* (bug 10765) img_auth.php will now refuse logged-out requests where
+ $wgWhitelistRead is undefined, instead of (incorrectly) honouring them
+* Fixed img_auth.php file name extraction for whitelist checking
+* Tweak spacing of email preference display
+* Table sorting JavaScript prefers textContent over innerText to allow hidden
+ sort keys to work on Safari
+* (bug 4530) Fix local name of Kurdish language
+* (bug 10830) Fix local name of Haitian Creole language
+* Fix invalid XHTML in Special:Protectedpages
+* Fix comments in contributions and log pages for right-to-left languages
+* Make installer include_path-independent, so it should work on hosts which
+ disable user setting of PHP include_path setting
+* glob() is horribly unreliable and doesn't work on some systems, including
+ free.fr shared hosting. No longer using it in Language::getLanguageNames()
+* (bug 10763) Fix multi-insert logic for PostgreSQL
+* Fix invalid XHTML when viewing a deleted revision
+* Fix syntax error in translations of magic words in Romanian language
+* (bug 8737) Fix warnings caused by incorrect use of `/dev/null` when piping
+ process error output under Windows
+* (bug 7890) Don't list redirects to special pages in Special:BrokenRedirects
+* (bug 10783) Resizing PNG-24 images with GD no longer causes all alpha
+ channel transparency to be lost and transparent pixels to be turned black
+* (bug 9339) General error pages were transforming messages and their parameters
+ in the wrong order
+* (bug 9026) Incorrect heading numbering when viewing Special:Statistics with
+ "auto-numbered headings" enabled
+* Fixed invalid XHTML in Special:Upload
+* (bug 11013) Make sure dl() is available before attempting to use it to check
+ available databases in installer
+* Resizing transparent GIF images with GD now retains transparency by skipping
+ resampling
+* (bug 11065) Fix regression in handling of wiki-formatted EXIF metadata
+* Double encoding broke Special:Newpages for some languages
+* Adding a newline before the statistics footer, to prevent parsing problems
+* Preventing the TOC from appearing in Special:Statistics
+* (bug 11082) Fix check for fully-specced table names in Database::tableName
+* (bug 11067) Fix regression in upload conflict thumbnail display
+* (bug 10985) Resolved cached entries on Special:DoubleRedirects were being
+ supressed, breaking paging - now strikes out "fixed" results
+* (bug 8393) <sup> and <sub> need to be preserved (without attributes) for
+ entries in the table of contents
+* (bug 11114) Fix regression in read-only mode error display during editing
+* Force non-MySQL databases to use an ORDER BY in SpecialAllpages to ensure
+ that the first page_title is truly the first page title.
+* (bug 10836) Change the summary on creating of new section
+* Inclusion of Special:Wantedpages now works again
+
+== API changes since 1.10 ==
+
+Full API documentation is available at https://www.mediawiki.org/wiki/API
+
+* New properties: links, templates, images, langlinks, categories, external
+ links
+* Breaking Change: imagelinks renamed into imageusage (il->iu)
+* Bug fix: incorrect generator behavior in some cases
+* JSON format allows an optional callback function to wrap the result.
+* Login module disabled until a more secure solution can be implemented
+* (bug 9938) Querying by revision identifier returns the most recent revision
+ for the corresponding page, rather than the requested revision
+* (bug 8772) Filter page revision queries by user
+* (bug 9927) User contributions queries do not accept IP addresses
+* Watchlist feed now reports a proper feed item when the user is not logged in
+* Watchlist feed date bug fixed - automatically shows one last day
+* Watchlist feed now allows to specify number of hours to monitor
+* list=allpages now returns a list instead of a map in JSON format
+* Breaking Change: in json, revisions are now returned as a list, not as a map.
+* Add: prop=info can show page is new flag, current page length, and visit
+ counter.
+* Change: Query watchlist now shows flags only when explicitly requested with
+ wlparam=flags
+* rc_this_oldid (textid) is no longer accessible from query watchlist
+* action=usercontribs: additional filtering by ucshow=; selection of needed
+ fields with ucprop=; the textid (rev_text_id) is no longer being exposed
+* (bug 9970) Breaking Change: backlinks, embeddedin and imageusage now return
+ lists in JSON instead of a map, and do not return anything when titles do
+ not exist
+* (bug 9121) Introduced indexpageids query parameter to list the page_id
+ values of all returned page items
+* (bug 10147) Now interwiki titles are not processed but added to a separate
+ "interwiki" section of the output.
+* Added categorymembers list to query for pages in a category.
+* (bug 10260) Show page protection status
+* (bug 10392) Include MediaWiki version details in version output
+* (bug 10411) Site language in meta=siteinfo
+* (bug 10391) action=help doesn't return help if format is fancy markup
+* backlinks, embeddedin and imageusage lists should use (bl|ei|iu)title parameter
+ instead of titles. Titles for these lists is obsolete and might stop working soon.
+* Added prop=imageinfo - gets image properties and upload history
+* (bug 10211) Added db server replication lag information in meta=siteinfo
+* Added external url search within wiki pages (list=exturlusage)
+* Added link enumeration (list=alllinks)
+* Added registered users enumeration (list=allusers)
+* Added full text search in titles and content (list=search)
+* (bug 10684) Expanded list=allusers functionality
+* Possible breaking change: prop=revisions no longer includes pageid for rvprop=ids
+* Added rvprop=size to prop=revisions (The size will not be shown if it is NULL in the database)
+* list=allpages now allows to filter by article min/max size and protection status
+* Added site statistics (siprop=statistics for meta=siteinfo)
+* (bug 10902) Unable to fetch user contributions from IP addresses
+* `list=usercontribs` no longer requires that the user exist
+* (bug 10971) `aufrom` parameter doesn't work with spaces
+* Fix username handling issue with `auprefix` parameter
+* Treat underscores as spaces for `aufrom` and `auprefix` parameters
+* Added edit/delete/... token retrieval to prop=info
+* Added meta=userinfo - logged-in user information, group membership, rights
+* (bug 11072) Fix regression in API image history query
+* (bug 11115) Adding SHA1 hash to imageinfo query
+* (bug 10898) API does not return an edit token for non-existent pages
+* (bug 10890) Timestamp support for categorymembers query
+* (bug 10980) Add exclude redirects on backlinks
+* IPv6 titles in User namespace are normalized (run cleanupTitles.php to fix any old stray pages)
+
+== Maintenance script changes since 1.10 ==
+
+* Add support for wgMaxTocLevel option in parserTests
+* (bug 6823) Disable article view counter in maintenance/dumpHTML.php
+* Fix maintenance/importImages.php so it doesn't barf PHP errors when no
+ suitable files are found, and make the list of extensions an option (defaults
+ to $wgFileExtensions)
+* Add option to maintenance/createAndPromote.php to give the user bureaucrat
+ permissions (--bureaucrat)
+* Allow overwriting existing files with a conflicting name using
+ maintenance/importImages.php
+* (bug 10266) Use native newlines when rebuilding a messages file.
+
+== Languages updated since 1.10 ==
+
+* Afrikaans (af)
+* Arabic (ar)
+* Bikol (bcl)
+* Bulgarian (bg)
+* Catalan (ca)
+* Danish (da)
+* German (de)
+* Greek (el)
+* Esperanto (eo)
+* Spanish (es)
+* Estonian (et)
+* Extremaduran (ext)
+* Farsi (fa)
+* Finnish (fi)
+* Vöro (fiu-vro)
+* French (fr)
+* Français Cadien (frc) (new)
+* Franco-Provençal/Arpetan (frp)
+* Galician (gl)
+* Hakka (hak)
+* Hebrew (he)
+* Upper Sorbian (hsb)
+* Haitian (ht)
+* Indonesian (id)
+* Icelandic (is)
+* Italian (it)
+* Japanese (ja)
+* Georgian (ka)
+* Kabyle (kab)
+* Kazakh (kk)
+* Korean (ko)
+* Kinaray-a (krj) (new)
+* Kurdish (ku)
+* Latin (la)
+* Lao (lo)
+* Lithuanian (lt)
+* Latviešu (lv)
+* Malayalam (ml)
+* Bahasa Melayu (ms)
+* Burmese (my)
+* Low German (nds)
+* Dutch (nl)
+* Norwegian (no)
+* Occitan (oc)
+* Punjabi (Gurmukhi) (pa)
+* Polish (pl)
+* Piedmontese (pms)
+* Portuguese (pt)
+* Romani (rmy)
+* Romanian (ro)
+* Aromanian (roa-rup)
+* Russian (ru)
+* Sakha (sah)
+* Sango (se) (new)
+* Slovak (sk)
+* Slovenian (sl)
+* Shona (sn)
+* Somali (so)
+* Albanian (sq)
+* Sundanese (su)
+* Swedish (sv)
+* Tamil (ta)
+* Thai (th)
+* Tigrinya (ti)
+* Setswana (tn)
+* Tok Pisin (tpi)
+* Uyghur (ug)
+* Volapük (vo)
+* Winaray (war) (new)
+* Yiddish (yi)
+* Old Chinese / Late Middle Chinese (zh-classical)
+* Chinese (PRC) (zh-cn)
+* Chinese (Taiwan) (zh-tw)
+* Cantonese (zh-yue)
+
+== MediaWiki 1.10 ==
+
+This is the Spring 2007 branch release of MediaWiki.
+
+MediaWiki is now using a "continuous integration" development model with
+quarterly snapshot releases. The latest development code is always kept
+"ready to run", and in fact runs our own sites on Wikipedia.
+
+Release branches will continue to receive security updates for about a year
+from first release, but nonessential bugfixes and feature developments
+will be made on the development trunk and appear in the next quarterly release.
+
+Those wishing to use the latest code instead of a branch release can obtain
+it from source control: https://www.mediawiki.org/wiki/Download_from_SVN
+
+== Configuration changes ==
+
+* A new switch $wgCommandLineDarkBg used by maintenance scripts (parserTests.php).
+ It lets you specify if your terminal use a dark background, the colorized
+ output will be made lighter making things easier to read.
+* The minimum permissions needed to edit a page in each namespace can now be
+ customized via the $wgNamespaceProtection array. By default, editing pages in
+ the MediaWiki namespace requires "editinterface" permission, as before.
+* Allow restriction of autoconfirmed permission by edit count. New global setting
+ $wgAutoConfirmCount (defaulting to zero, naturally).
+* Added rate limiter for Special:Emailuser
+* Private logs can now be created using $wgLogRestrictions
+* (Bug 8590) limited HTML is now always enabled ($wgUserHtml = true).
+* Deprecated $wgUseImageResize, thumbnailing will be enabled unconditionally.
+
+== New features since 1.9 ==
+
+* (bug 6937) Introduce "statistics-footer" message, appended to
+ Special:Statistics
+* (bug 6638) List block flags in block log entries
+* (bugs 5051, 5376) Tooltips and accesskeys no longer require JavaScript
+* Added SkinTemplateOutputPageBeforeExec hook before SkinTemplate::outputPage()
+ starts page output
+ (http://lists.wikimedia.org/pipermail/wikitech-l/2007-January/028554.html)
+* Introduce "cascading protection" -- implicit protection on pages transcluded
+ into a page protected with this option enabled
+* (bug 8567) Added hook RawPageViewBeforeOutput just before the text is blown
+ out in action=raw, so extensions might influence the output.
+* (bug 3446) Add user preference to hide page content below diffs, can be
+ overridden by adding diffonly=1 or diffonly=0 to the URL of the diff page
+* Add 'purge' privilege to replace the hardcoded check for login state in
+ determining whether action=purge can be done via GET. Switching the
+ permission on for anons can be helpful for benchmarking.
+* (bug 7842) Link back to deleted revision list from deleted revision preview
+* (bug 8619) Add user-aware "unblock" link to Special:Blockip
+* (bug 8522) Provide a "delete" link on Special:Brokenredirects for users with
+ the appropriate permission
+* (bug 8628) Add user-aware block list link to Special:Blockip
+* (bug 8621) Log revisions marked as patrolled
+* Introduce "BookInformation" hook; see docs/hooks.txt for more details
+* Add title prefix search for Special:Undelete
+* Remove full-archive list from Special:Undelete
+* (bug 8136) Introduce 'ArticleUndelete' hook; see docs/hooks.txt for more info
+* (bug 8712) Expose user groups as a JavaScript global
+* Introduce 'CustomEditor' hook; see docs/hooks.txt for more information
+* New special page, Special:Protectedpages, which shows all protected pages
+ and their protection status (full protection status is not pulled out due
+ to performance considerations, so it just shows "full protected" or
+ "semi protected".
+* (bug 4133) Allow page protections to be made with an expiry date, in the same
+ format as block expiry dates. Existing protections are assumed to be infinite,
+ as are protections made with the new field left blank.
+* (bug 8535) Allow certain vertical alignment attributes to be used as image
+ keywords
+* (bug 6987) Allow perrow, widths, and heights attributes for <gallery>
+* (bug 3678) Allow disabling MediaWiki:Aboutsite in the same way as
+ MediaWiki:Disclaimers; Also means that if any of the footer links are
+ disabled in the wiki's default language (by setting to "-"), they'll also
+ be disabled in other languages too (e.g. if the user specifies uselang=fr).
+* Sort log types in Special:Log
+* Added a classname ("mw-toolbar-editbutton") and unique IDs to the edit
+ toolbar buttons
+* Hide irrelevant block options in Special:Blockip based on whether an
+ IP address/range or username is listed. (Dynamic using JS.)
+* (bug 9032) Make quickbarSettings localizable through Special:Allmessages
+* (bug 7782) Standardisation of file info at image description pages.
+* (bug 1035) View contributions / recentchanges for an IP range.
+* (bug 8747) When unwatching pages from Special:Watchlist/edit, put the
+ confirmation messages in a proper list with a CSS class and id.
+* (bug 9118) Show relevant log fragments on deletion confirmatio page
+* (bug 9009) Add username entry field to Special:Contributions
+* (bug 1723) Article size in history
+* (bug 9223) Disallow magic tilde sequences in page titles and usernames
+* (bug 6997) Link from Special:log/block to unblock form
+* (bug 9117) Link from Special:log/delete to undelete form
+* Link from Special:log/protect to change protection form
+* (bug 1196) Add IPv6 support added to blocks, more consistancy for IPv6 contribs
+* (bug 3984) Searching in logs by title%
+* Show thumbnail of existing image if image exists already under this filename
+* (bug 5546) Watchlist reflects logged actions like move, protection, undelete
+* Support protocols other than HTTP in LinkFilter, use $wgUrlProtocols
+* (bug 3069) Warning on upload of scaled down images
+* Warning on upload of images with uppercase extension if image with lowercase
+ extension exists
+* (bug 4624) Namespace selection for Special:Whatlinkshere
+* Introduce PageHistoryBeforeList and PageHistoryLineEnding hooks; see docs/hooks.txt
+ for more information
+* (bug 9397) Introduce "sp-contributions-footer" and "sp-contributions-footer-anon"
+ messages, shown at the end of Special:Contributions as appropriate for the target
+* (bug 8421) Expose current action in JavaScript globals (as 'wgAction')
+* (bug 9069) Use galleries in query pages dedicated to images
+* (bug 9177) Installer now warns of various conditions affecting session.save_path
+ which can lead to broken session storage
+* (bug 9046) Special page to list pages without language links
+* (bug 9508) Special page to list articles with the fewest revisions
+* Introduce 'FileUpload' hook; see docs/hooks.txt for more information
+* Introduce 'SearchUpdate' hook; see docs/hooks.txt for more information
+* Introduce 'mywatchlist' message; used on personal menu to link to watchlist page
+* Introduce magic word {{NUMBEROFEDITS}}
+* Introduced media handlers for file-type specific operations.
+* Improved error reporting for image thumbnailing
+* Added sharpening option for ImageMagick thumbnailing
+* (bug 9656) Autosummaries will be generated for deletion of pages longer than
+ 500 characters
+* Predefined block reasons added to Special:Blockip
+* (bug 9196) Installer now check that zend.ze1_compatibility_mode is off
+* (bug 9697) Introduce 'InternalParseBeforeLinks' hook; see docs/hooks.txt for more information
+* 'contribsub' message changed to 'contribsub2' with two parameters to permit
+ better localization. Change is reverse-compatible and can be ignored for
+ most wikis.
+* Adding a 'reason' field to Special:Userrights
+
+== Bugfixes since 1.9 ==
+
+* (bug 7292) Fix site statistics when moving pages in/out of content namespaces
+* (bug 8531) Correct local name of Lingála
+* Made the PLURAL: parser function return singular on -1 per default
+* Fixed up the AjaxSearch
+* Fix SpecialVersion->formatCredits input. Version and Url parameters should be
+ null to be treated properly with isset.
+* Page restrictions moved into a new, dedicated table
+* Correct tooltip accesskey hint for Opera on the Macintosh
+ (uses Shift-Esc-, not Ctrl-).
+* (bug 8002) Math should render left-to-right even in right-to-left wikis
+* Pass e-mail and real name fields to AuthPlugin::addUser, as additional
+ optional fields, which may be considered useful at registration time.
+* PostgreSQL upgrade scripts fixed and updated
+* (bug 8613) Fix error when viewing "Recent Changes" and using Postgres.
+* Initialise site_stats table at upgrade time if data was missing
+* (bug 7250) Updated Unicode normalization tables to Unicode 5.0
+* Unmaintained Oracle support files have been removed.
+* Use browser default for printing size, don't force to 11pt
+* (bug 8632) Fix regression in page protection null edit update
+* (bug 8407) Disallow indexing of "printable" versions
+* (bug 8643) Correctly escape the page-specific CSS class for non-Monobook skins
+* (bug 8629) Document $wgFilterCallback
+* (bug 1000) Clarify warning about memory_limit in installer
+* Suppress PHP warning about set_time_limit in installer when safe mode is on
+* (bug 3000) Fall back to SCRIPT_NAME plus QUERY_STRING when REQUEST_URI is
+ not available, as on IIS with PHP-CGI
+* Missing interwiki row for English Wikipedia restored (as "wikipedia:")
+* use configured cache servers for mctest.php
+* bucket details in mcc.php
+* fix input validation and remove debugging code in compressOld
+* full ID range for moveToExternal
+* fix resolveStubs.php for compatibility with older serialized data
+* maximum line length for bar graphs in getLagTimes.php
+* recognize specieswiki in rebuildInterwiki.inc
+* profile unicode cleanup in Xml
+* log slow parses in Article.php
+* profile wfMsgReal
+* log mkdir failures
+* profile AutoLoader
+* rebuild empty DjVu metadata containing ''
+* security fix for DjVu metadata retrieval
+* Undelete page list can use plural marker
+* (bug 8638) Fix update from 1.4 and earlier
+* (bug 8641) Fix order of updates to ipblocks table
+* (bug 8678) Fix detection of self-links for numeric titles in Parser
+* (bug 6171) Magically close tags in tables when not using Tidy.
+* Sanitizer now correctly escapes lonely '>' occurring before the first wikitag.
+* Ignore self closing on closing tags ( '</div />' now gives '</div>')
+* (bug 8673) Minor fix for web service API content-type header
+* Fix API revision list on PHP 5.2.1; bad reference assignment
+* (bug 8688) Handle underscores/spaces in Special:Blockip and Special:Ipblocklist
+ in a consistent manner
+* (bug 8701) Check database lock status when blocking/unblocking users
+* ParserOptions and ParserOutput classes are now in their own files
+* (bug 8708) Namespace translations for Zealandic language
+* Renamed constructor methods to PHP 5 __construct reserved name
+* (bug 8715) Warn users when editing an interface message whether or not the
+ message page exists
+* ar: fix the 'create a new page' on search page when no exact match found
+* (bug 8703) Corrected talk and image namespace name for Limburgish (li)
+* (bug 8671) Expose "wpDestFile" as a parameter to "uploadtext"
+* (bug 8403) Respect bad image list exceptions in galleries on wiki pages
+* Allow sending per-user contribution requests to "contributions" query group
+* (bug 3717) Update user count for AuthPlugin account autocreation
+* (bug 8719) Firefox release notes lie! Fix tooltips for Firefox 2 on x11;
+ accesskeys default settings appear to be same as Windows.
+* Added an option to make Linker::userToolLinks() show the contribs link
+ red when the user has no edits. Linker::userToolLinksRedContribs() is an
+ alias to that which should be used to make it more self documentating.
+* (bug 8749) Bring MySQL 5 table defs back into sync
+* (bug 8751) Set session cookies to HTTPS-only to match other cookies
+* (bug 8652) Catch exceptions generated by malformed XML in multipage media
+* (bug 8782) Help text in Makefile
+* (bug 8777) Suppress 'previous' link on Special:Allpages when at first page
+* (bug 8774) Fix path for GNU FDL rights icon on new installs
+* Fix multipage selector drop-down for DjVu images to work when title
+ is passed as a query string parameter; we have to pass the title as
+ a form parameter or it gets dropped from the form submission URL
+* (bug 8819) Fix full path disclosure in with skins dependencies
+* Fixed bug affecting HTML formatting in sortable table column titles
+* Merged table sorting code into wikibits.js
+* (bug 8711) Stop floats in previews from spilling into edit area
+* (bug 8858) Safer handling when $wgImageLimits is changed. Added a note
+ in DefaultSettings to make it clear.
+* (bug 4268) Fixed data-loss bug in compressOld batch text compression
+ affecting pages which had null edits (move, protect, etc) as second
+ edit in a batch group. Isolated and patched by Travis Derouin.
+* Fix for paths in 1.4->1.5 special-case updater script
+* (bug 8789) AJAX search: IE users can now use the return key
+* (bug 6844) Use <ins> and <del> tags to emphase the differences
+* (bug 6684) Fix improper javascript array iteration
+* (bug 4347) use MailAddress object for reply-to
+* Add AlphabeticPager abstract class
+* Use faster AlphabeticPager for Special:Categories
+* (bug 8875) Show printable link in MonoBook sidebar for locally nonexistent
+ pages; perhaps useful for categories and shared images
+* Clean up session checks to better handle the case where the session was
+ opened during the current request. May help with some caching corner
+ cases.
+* (bug 8897) Fix whitespace removal for interlanguage links with link prefix
+* Add 'ParserTestTables' hook to expand the list of temporary tables copied
+ by the parser test harness; use for extensions which require the presence
+ of other tables while they work.
+* Message names changed for AlphabeticPager introduced with r19758
+ for better localisations.
+* (bug 8944) The deprecated is_a() function is used in StubObjects.php
+* (bug 8992) Fix a remaining raw use of REQUEST_URI in history
+* (bug 8999) User.php gives "undefined user editcount" PHP notice.
+* (bug 8984) Fix a database error in Special:Recentchangeslinked
+ when using the Postgres database.
+* Moved the main ob_start() from the default LocalSettings.php to WebStart.php.
+ The ob_start() section should preferably be removed from older
+ LocalSettings.php files.
+* Give Content-Length header for HTTP/1.0 clients.
+* Partial support for Flash cross-domain-policy filtering.
+* Lazy-initialize site_stats row on load when empty. Somewhat kinder to
+ dump-based installations, avoiding PHP warnings when NUMBEROFARTICLES
+ and such are used.
+* Add 'charset' to Content-Type headers on various HTTP error responses
+ to forestall additional UTF-7-autodetect XSS issues. PHP sends only
+ 'text/html' by default when the script didn't specify more details,
+ which some inconsiderate browsers consider a license to autodetect
+ the deadly, hard-to-escape UTF-7.
+ This fixes an issue with the Ajax interface error message on MSIE when
+ $wgUseAjax is enabled (not default configuration); this UTF-7 variant
+ on a previously fixed attack vector was discovered by Moshe BA from BugSec:
+ http://www.bugsec.com/articles.php?Security=24
+* Trackback responses now specify XML content type
+* (bug 9044) Send a comment with action=raw pages in CSS/JS output mode
+ to work around IE/Mac bug where empty pages time out verrrrryyyyy slowly,
+ particularly with new keepalive-friendly HTTP on Wikipedia
+* (bug 8919) Suppress paging links and related messages where there are no
+ rows to list for query pages
+* (bug 9057) Standardize MediaWiki: namespace for oc
+* (bug 8132) Suppress "Pages in this category" heading in categories when
+ there are none
+* (bug 8958) Handle search operators better when using tsearch2 (Postgres)
+* (bug 8799) Use redirect table for Special:BrokenRedirects and
+ Special:DoubleRedirects
+* (bug 8918) Enable PLURAL option for MediaWiki:showingresults and
+ MediaWiki:showingresultsnum
+* (bug 9122) Fix minor display issue in RTL with section edit link margin
+* (bug 5805) Enable PLURAL option for some messages of watchlist and statistic
+* (bug 3953) Work around poor display of parenthesis in the in other
+ languages section of MonoBook skin
+* (bug 8539) Enable PLURAL option for another message of recentchanges.
+* (bug 8728) MediaWiki:Badfiletype split into 3 messages
+* (bug 9131) Allow SpecialContributions to work with Postgres
+* (bug 9155) Allow footer info to wrap in Monobook
+* (bug 8847) Strip spurious #fragments from request URI to fix redirect
+ loops on some server configurations
+* (bug 9097) column "pr_pagetype" does not exist
+* (bug 9217) Balance wfProfile calls in Skin::outputPage
+* (bug 9222) PostgreSQL updater should not be version-specific
+* Fix fallback implementation of mb_strlen so it works and isn't insanely
+ slow for large strings, since it's used for page edit lengths
+* (bug 8815) Setting password in initUser() breaks LdapAuthentication plugin
+* (bug 9256) Add a quick note to index.php header comments
+* Make Special:Listusers caseinsensitive for first letter
+* Default tidy.conf has been moved from extensions module into includes.
+* Ignore lonely '''''
+* (bug 9244) When calling edit page for nonexistent section, generate error
+ inside of just discarding edits, since edit links sometimes go to the wrong
+ place.
+* (bug 9019) No warning during upload if image description page exists, but no
+ image
+* (bug 8582) Allow thumbnailing when imagesize has a space.
+* (bug 8716) Change math_inputhash and math_outputhash to bytea for Postgres
+* (bug 9343) Correct internal name for Wolof language
+* (bug 9363) Fix Postgres error on Recentchangeslinked
+* (bug 5142) Fixed call of hook ArticleViewHeader
+* (bug 4777) Separate prev/next messages for Special:Whatlinkshere
+* Merge approx 15 missing Wikipedia language codes into wikipedia-interwiki.sql
+ based on Jeff Merkey's mediawiki-1.9.3.WG-20070316.tar.gz.bz2 archive.
+* (bug 9411) Fix for shared image descriptions using query-string titles
+* (bug 4756) Add user tool links for self created accounts at special:log
+ instead of sometimes broken block links from newuserlog extension
+* (bug 5817) Special:Recentchangeslinked now shows red link for nonexistent
+ target page instead of silently redirecting
+* (bug 8914) Don't transform colons in {{anchorencode:}}
+* (bug 9241) Handle edit section links and include size links for cached
+ templates the same as the first transclusion.
+* (bug 9466) "Rollback failed" page doesn't format edit comment
+* (bug 9472) Invalid XHTML on cached special pages
+* (bug 9472) Invalid XHTML on Special:Newpages
+* (bug 4764) "My contributions" not bold when viewing own contributions
+* (bug 9194) Add {{PLURAL:...}} to navigation bar of Special:Whatlinkshere
+* (bug 9033) Use a more specific error message when users are not able/allowed
+ to edit page protection levels due to a block, database lock or permissions
+* Fixed $wgFeedLimit
+* (bug 9270) Corrected help namespace name for Dutch Lower Saxon (nds-nl)
+* (bug 929, 4215) Expose "rcdays" user preference in Special:Preferences
+* (bug 9554) Extension-provided group name messages not used
+* (bug 9565) Translate template namespace name for Hindi (hi)
+* (bug 8599) Correct localized names of zh-variants
+* (bug 3366) Require skins based on SkinTemplate to override the skinname
+ property.
+* (bug 9220) Removed obsoletes functions in install-utils.inc.
+* Removed obsoletes Title::getRelatedCache and Title:touchArray
+* (bug 7285) Check MySQL username length during install
+* (bug 6910) Correct date/time formats in Vietnamese (vi)
+* (bug 9608) Correctly use ORDER BY in dumpLinks.php
+* (bug 9609) Correctly use ORDER BY in SpecialWhatlinkshere.php
+* Special:Random and Special:Randomredirect now try harder to send the user to
+ a random page, and will give an error message if none really can be found
+ instead of sending the user to the main page like they used to
+* Fix object variable used for displaying "not-patrolled" CSS class on list
+* Fixed interaction of page parameter to ImagePage with the HTML file cache
+* Fixed MIME type for SVG files, will be silently changed from image/svg
+ to image/svg+xml after loading from the database.
+* Workaround for djvutoxml bug #1704049 (poor performance). Use djvudump
+ instead.
+* Fixed odd behavior in ImagePage on DjVu thumbnailing errors
+* (bug 5439) "Go" title search will now jump to shared/foreign Image: and
+ MediaWiki: pages that have not been locally edited.
+* (bug 9630) Limits links in Whatlinkshere forgot about namespace filter
+* Fixed upgrade for the non-standard MySQL schemas
+* Disable MySQL's strict mode at session start for MySQL 4.1+, to avoid the
+ various problems that occur when it is on.
+* (bug 9585) Fix regression in tidy usage in Special:Undelete previews
+* (bug 3826) Normalize some invalid cookie name characters when setting
+ up $wgCookiePrefix. Completes application of patch by Anders Kaseorg.
+* (bug 9649) Fix RTL form alignment for Special:Movepage
+* (bug 9582) Members of bot group now mark edits patrolled by default
+* (bug 9669) Fix limit ordering for rebuildrecentchanges; broken since
+ converted from 1.4 to 1.5 schema
+* (bug 9682) Revert PHP 5.1 dependency on warning suppression for SVN info
+* (bug 5959) Anchors dropped from stub links
+* (bug 3348) Some additional weak password checks: password which is same
+ as username will now be rejected.
+* (bug 8602) Converted Special:Contributions to use an IndexPager. The
+ interpretation of the offset parameter has changed, and the go parameter
+ has been removed.
+* (bug 6204) Fixes for indentation with $wgMaxTocLevel:
+ - don't emit too many list close tags after an invisible header
+ - don't emit too many final list close tags if last header is invisible
+ - don't emit TOC when there are no visible headers
+* (bug 7629) Fix $wgBrowserBlackList to avoid false positive on MSIE
+ when certain plugins are present which alter the user agent
+
+
+== Maintenance ==
+
+* New script maintenance/language/checkExtensioni18n.php used to check i18n
+ progress in the extension repository.
+* Running maintenance/parserTests.php with '--record' option, will now
+ automatically attempt to create the required tables
+* --purge option to do additional parser-cache purging for purgeList.php
+* Fix hardcoded background color in parserTests.php
+* parserTests.php : removed the 'light' option for --color argument, replacing
+ it with a new global switch : $wgCommandLineDarkBg
+* (bug 8780) Clarify message for command-line scripts if LocalSettings.php
+ exists but is not readable
+* dumpBackup / importDump now work with PostgreSQL
+* (bug 8975) Use "Maintenance script" as the default username for importImages.php
+ and importTextFile.php scripts
+* (bug 8933) Fix maintenance/reassignEdits.php script
+* (bug 9440) Added "mediawikiwiki" interwiki prefix to MediaWiki.org
+* (bug 2979) Import now gracefully skips invalid titles with a warning
+* Restore '--norc' option for maintenance/importTextFile.php
+* Help information for maintenance/importTextFile.php now easier to read on
+ consoles
+* Doxygen documentation now show the revision number of each file, generate
+ graphs using dot and include a search engine.
+
+
+== Languages updated ==
+
+* Arabic (ar)
+* Aramaic (arc)
+* Aymara (ay)
+* Belarusian normative (be)
+* Belarusian alternative (be-x-old)
+* Bulgarian (bg)
+* Bihara (bh)
+* Breton (br)
+* Catalan (ca)
+* Czech (cs)
+* Danish (da)
+* German (de)
+* Greek (el)
+* Esperanto (eo)
+* Spanish (es)
+* Estonian (et)
+* Basque (eu)
+* Finnish (fi)
+* Võro (fiu-vro)
+* French (fr)
+* Hebrew (he)
+* Hindi (hi)
+* Upper Sorbian (hsb)
+* Hungarian (hu)
+* Armenian (hy)
+* Indonesian (id)
+* Italian (it)
+* Japanese (ja)
+* Javanese (jv)
+* Georgian (ka)
+* Kabyle (kab)
+* Kazakh (kk)
+* Korean (ko)
+* Kashmiri (ks)
+* Ripuarian (ksh)
+* Latin (la)
+* Luganda (lg)
+* Limburgish (li)
+* Lithuanian (lt)
+* Latvian (lv)
+* Marathi (mr)
+* Low Saxon (nds)
+* Dutch Lower Saxon (nds-nl)
+* Nepali (ne)
+* Nepal Bhasa (new)
+* Dutch (nl)
+* Occitan (oc)
+* Pali (pi)
+* Polish (pl)
+* Romanian (ro)
+* Russian (ru)
+* Sanskrit (sa)
+* Sicilian (scn)
+* Slovak (sk)
+* Sundanese (su)
+* Swedish (sv)
+* Tahitian (ty)
+* Ukrainian (uk)
+* Urdu (ur)
+* Uzbek (uz)
+* Vietnamese (vi)
+* Zealandic (zea)
+* Old Chinese / Late Middle Chinese (zh-classical)
+* Chinese (PRC) (zh-cn)
+* Chinese (Taiwan) (zh-tw)
+* Cantonese (zh-yue)
+
+== Compatibility ==
+
+MediaWiki 1.10 requires PHP 5 (5.1 recommended). PHP 4 is no longer supported.
+
+PHP 5.0.x fails on 64-bit systems due to serious bugs with array processing:
+http://bugs.php.net/bug.php?id=34879
+Upgrade affected systems to PHP 5.1 or higher.
+
+MySQL 3.23.x is no longer supported; some older hosts may need to upgrade.
+At this time we still recommend 4.0, but 4.1/5.0 will work fine in most cases.
+
+
+== Upgrading ==
+
+1.10 has several database changes since 1.9, and will not work without schema
+updates.
+
+If upgrading from before 1.7, you may want to run refreshLinks.php to ensure
+new database fields are filled with data.
+
+If you are upgrading from MediaWiki 1.4.x or earlier, some major database
+changes are made, and there is a slightly higher chance that things could
+break. Don't forget to always back up your database before upgrading!
+
+See the file UPGRADE for more detailed upgrade instructions.
+
+= MediaWiki release notes =
+
+Security reminder: MediaWiki does not require PHP's register_globals
+setting since version 1.2.0. If you have it on, turn it *off* if you can.
+
+
+== Changes since 1.8 ==
+
+* (bug 8200) Make category lists sorted by name when using Postgres.
+* (bug 7841) Support 'IGNORE' inserts for Postgres, fixes watchlist
+ adding problem.
+* (bug 6835) Removing the includes/Parser.php::getTemplateArgs() function,
+ because it seems to be unused.
+* (bug 7139) Increasing the visual width of the edit summary field on larger
+ screen sizes, for the default monobook skin.
+* Fix PHP notice and estimates for dumpBackup.php and friends
+* Improved register_globals paranoia checks
+* (bug 7545) Fix PHP version check on install
+* Disable PHP exception backtrace printing unless $wgShowExceptionDetails
+ is set. Backtraces may contain sensitive information in function call
+ parameters.
+* (bug 6164) Avoid smashing Cite state if message transformation triggers
+ during bad image list check, by skipping message transformation.
+ This isn't a good permanent fix.
+* (bug 6918) Stopped borders and backgrounds from showing through floated
+ tables in Monobook
+* (bug 6868) Un-hardcode section edit link style
+* (bug 3205) Stop right floats from stacking horizontally in non-Monobook skins
+* Added global $wgStyleVersion to centralize bumping CSS and JS file versions
+ for cache-friendly style and script updating
+* (bug 7562) Fix non-ASCII namespaces on Windows/XAMPP servers
+* Friendlier check for PHP 5 in command-line scripts; it's common for parallel
+ PHP 4 and 5 installations to interfere on the command-line.
+* Fix regression in autoconfirm permission check
+* (bug 3015) Add CSS ids to subcategory and page sections on category pages
+* (bug 7587) Fix erroneous id for specialpage tab, enabling informative popup
+* (bug 7599) Fix thumbnail purging, PHP notices on HTCP image page purge
+* (bug 7581) Update language name for cbk-zam
+* (bug 7444) Update namespace translations for Telugu (te), kept old values as
+ alias for compatibility
+* (bug 4525) Move section links down visually to same level as headings
+ (editsection links are now inside the heading elements)
+* Workaround for http://bugs.php.net/bug.php?id=31892 , PATH_INFO and hence
+ URLs of the style /index.php/Main_Page were broken on some CGI installations.
+* (bug 7623) Validate custom HTML id's correctly in Monobook interface
+* (bug 2241) Fix collision of 'w' and 'd' accesskeys
+* (bug 5795) CSS class added to body based on page name for page-specific
+ styling
+* (bug 6276) Stopped search field from getting too large in Cologne Blue
+* (bug 7644) User creations that are aborted by hooks shouldn't be counted
+ against account creations per day limit
+* (bug 7636) Show Firefox 2 users correct accesskey prefix
+* (bug 6427) Block blocked IPs from using the mail password function
+ to allow blocking of flooders
+* Include common.css from classic-style skins in main HTML with the bump URL
+* (bug 7607) Add Karakalpak (kaa) to Names.php and stub message file for linktrail
+* (bug 7582) Add 'tog-nolangconversion' to MessagesEn.php.
+ This key is need for languages with variants (zh, sr, kk)
+* (bug 7606) MediaWiki messages for "rss" and "atom" missing
+* (bug 7609) Add some more '*-summary' messages to MessagesEn.php with empty
+ strings to allow better localisation via Special:Allmessages. Mark this new
+ messages as optional for localisation.
+* Fix user_newpass upgrade for prefixed tables (reported by Fyren)
+* (bug 7663) Include language variant switcher links on Nostalgia skin
+* (bug 6531) Fix PHP fatal error on installation page with bad username input.
+* (bug 6977) Remove 404 link for autogenerated database documentation.
+* (bug 7369) Allow "Show Changes" without requiring edit token.
+* (bug 7687) Fix movetalk box checks itself when confirming a delete and move.
+* (bug 7684) Obey watchcreated preference for Special:Upload watch checkbox
+* (bug 7686) Include id attribute on delete form confirmation button
+* Allow compound interwiki prefixes in $wgImportSources
+* (bug 7304) Added redirect table to store redirect targets.
+* Added querycachetwo table (similar to querycache but has two titles)
+* PageArchive can now return a Revision object for more convenient processing
+ of deleted revision data
+* Added 'UndeleteShowRevision' hook in Special:Undelete
+* Error message on attempt to view invalid or missing deleted revisions
+* Remove unsightly "_" from namespace in Special:Allpages, Special:Prefixindex
+* (bug 3224) Allow minor edits by bots to skip new message notification on
+ user talk pages. This can be disabled by adjusting the 'nominornewtalk'
+ permission. Patch by Werdna.
+* (bug 7741) MATH: fixed broken syntax of underbrace etc. Fixed arrays
+* Fix purging for updated SVG files
+* (bug 7745) Add id attribute to search button in Monobook
+* (bug 7749) MATH: added some more LaTeX symbols, e.g. parallel, diamond, ast, ...
+* (bug 7304) Added code in Article.php to keep redirect table up to date.
+* Made special page names case-insensitive and localisable. Care has been taken
+ to maintain backwards compatibility.
+* Used special page subpages in a few more places, instead of query parameters.
+* (bug 7758) Added wrapper span to "templates used" explanation to allow CSS
+ styling (class="mw-templatesUsedExplanation").
+* Added {{#special:}} parser function, to give the local default title for
+ special pages
+* (bug 7766) Remove redundant / from AJAX requests, can break some servers
+* Add tab links from extensions to classic-based skins (SkinTemplateTab hook)
+ Provides better cross-skin compatibility for extensions using the modern
+ skin hooks, such as Oversight
+* Moved variant language links on Cologne Blue and Nostalgia to before the
+ login/logout link
+* Fix for parser tests with MySQL 5 in strict mode
+* Added block option "enable autoblocks"
+* Amend Special:Ipblocklist to note when a block has autoblock DISABLED.
+* (bug 7780) Fix regression in editing redirects
+* Add whitespace above "templates included on this page" using CSS, not
+ hardcoded line break.
+* Remove entries from redirect table on article deletion
+* (bug 7788) Force section headers in new section links for users who have
+ 'prompt for blank edit summaries' on.
+* (bug 1133) Special:Emailuser: add an option to send yourself a copy of your mail.
+* (bug 461) Allow "Categories:" link at bottom of pages to be customized via
+ pagecategorieslink message.
+* Sort the list of skins in "My Preferences" -> Skins by alphabetical order.
+* (bug 7785) Postgres compatibility for timestamps in RC feeds
+* (bug 7550) Normalize user parameter normally on Special:Log
+* (bug 7294) Fix PATH search for diff3 on install
+* Various fixes related to the blocking change re: autoblocks. On inserting
+ an IP block, the ipb_enable_autoblock field is now automagically blanked,
+ because it doesn't make any sense for an IP. Additionally, IP blocks
+ without the ipb_enable_autoblock option no longer show up as "autoblock
+ disabled" on Special:Ipblocklist.
+* (bug 7774) MATH: aded more amstex functions
+* (bug 1182) MATH: fixed inconsistent rendering of upper case Greek letters in TeX
+* Fix regression in streaming page dump generation
+* (bug 7801) Add support for parser function hooks in parser tests
+* checkUsernames.php now uses wfDebugLog instead of hardcoded path to log
+* (bug 7810) Update talk namespaces for Occitan
+* Allow case-sensitive URLs to be used for uploading from URLs.
+* (bug 1109) Correct fix for compressed 304 responses when additional output
+ buffers have been installed within the compression handler
+* (bug 7819) Move automatic redirect edit summary after pre-save transform
+ to work properly with subst: fun
+* (bug 7826) Fix typos in two English messages.
+* (bug 5365) Stop users being prompted to enter an edit summary for null edits,
+ if they have selected that option in preferences.
+* (bug 5936) Show an 'm' to the left of the edit summary on diff pages for minor edits.
+* (bug 7820) Improve error reporting for uploads via URL.
+* (bug 5149) When autoblocks are enabled, retroactively apply an autoblock to the most
+ recently used IP of a user when they are blocked.
+* Add an index on (rc_user_text,rc_timestamp) on the recentchanges table. This will
+ make CheckUser.php and the new retroactive autoblock functionality faster.
+* Fix regression in Special:Undelete for revisions deleted under MediaWiki 1.4
+ with compression or legacy encoding
+* (bug 6737) Fixes for MySQL 5 schema in strict mode
+* Approximate height for client-side scaling fallback instead of passing -1
+ into the HTML output.
+* Make the DNSBL to check for proxy blocking configurable via $wgSorbsUrl
+* Add experimental recording/reporting mode to parser tests runner, to
+ compare changes against the previous run.
+ Additional tables 'testrun' and 'testitem' are in maintenance/testRunner.sql,
+ source this and pass --record option to parserTests.php
+* Make the set of default parser test input files extensible via
+ $wgParserTestFiles. This can now be appended to by extensions or local
+ configuration files so that extension or custom tests can be automatically
+ run along with the main batch.
+* Run PHP install version checks on update.php so command-line updaters see
+ new version requirements
+* Do a check for the PHP 5.0.x 64-bit bug, since this is much more disruptive
+ as of MW 1.8 than it used to be. Install or upgrade now aborts with a
+ warning and a request to upgrade.
+* (bug 6440) Updated indexes to improve backlinking queries (links, templates, images)
+* Switched 'anon-only' block mode to default for IP blocks
+* (bug 3687, 7892) Add distinct heading for media files in category display,
+ with count.
+* (bug 1578) Add different icons for external links to audio, video, or PDF in
+ Monobook.
+* Made autoblocks block account creation if the user block has that option enabled.
+* Add auto-summaries to blankings and large removals without summaries.
+* (bug 7811) Allow preview of edit summaries.
+* (bug 6839) Wikibits.js minor changes to make JS-lint happier.
+* (bug 7932) Make sure that edit toolbar clears floats so it appears correctly.
+* (bug 6873) When viewing old revisions, add link to diff to current version.
+* (bug 3315) Provide rollback link directly on history page.
+* Replace 'old-revision-navigation' message with 'revision-info' and
+ 'revision-nav' messages, wrapped in divs with appropriate id's.
+* (bug 4178) MediaWiki:Common.js will now be included for all users if
+ $wgUseSiteJs is enabled, in addition to (if applicable) MediaWiki:Monobook.js
+ and user JS subpages.
+* (bug 7918) "Templates used on this page" changes during preview to reflect
+ any added or removed templates, and works as expected for section edits.
+* (bug 7919) "Templates used on this page" is now shown for read-only pages.
+* (bug 7688) When viewing diff, section anchors in autosummary jump to section
+ on current page instead of loading the latest version.
+* (bug 7970) Use current connection explicitly on Database::getServerVersion
+* (bug 2001) Tables with class="sortable" can now be dynamically sorted via
+ JavaScript.
+* Added autosummary for new pages with 500 or less characters, and refactor
+ the autosummary code so it's all done in one function. doEdit is getting too
+ big!
+* (bug 7554) The correct MIME type for SVG images is now displayed on the
+ image page (image/svg+xml, not image/svg).
+* (bug 7883) Added autoblock whitelisting feature, using which specific ranges
+ can be protected from autoblocking. These ranges are specified, in list format,
+ in the autoblock_whitelist system message.
+* Added placeholders for text injection by hooks to EditPage.php
+* (bug 8009) Automatic edit summary for redirects is not filled for edits in existing pages
+* Installer support for experimental MySQL 4.1/5.0 binary-safe schema
+* Use INSERT IGNORE for db-based BagOStuff add/insert, for more memcache-like
+ behavior when keys already exist on add (instead of dying with an error...)
+* Add a hook 'UploadForm:initial' before the upload form is generated, and two
+ member variable for text injection into the form, which can be filled by the hooks.
+* (bug 6295) Add a "revision patching" functionality, where an edit can be undone
+ (with a functionality similar to diff rev1 rev2 | patch -R rev3 -o rev3).
+ This is triggered by including &undo=revid in an edit URL. A link to a URL
+ that will undo a given edit is shown on NEW revision headers on diff pages.
+ The link leads to a "Show Changes" page showing what will be done to undo the
+ edit.
+* Fix display of link in "already rolled back" message for image/category pages
+* (bug 6016) Left-aligned images should stack vertically, like right-aligned
+ images, not horizontally.
+* Patch from LeonWP: added UploadForm:BeforeProcessing hook in SpecialUpload.php
+* Add AuthPluginSetup hook to override $wgAuth after configuration
+* Fix regression in authentication hook auto-creation on login
+* (bug 8110) Allow spaces in ISBNs
+* (bug 8024) Introduce "send me copies of emails I send to others" preference
+* Added 'EditPage::attemptSave' hook before an article is saved.
+* (bug 8083) Applied patch for sk localisation
+* Add a backslash character to the edit token, to prevent edits via certain
+ broken proxies that mangle such characters in form submissions
+* (bug 7461) Allow overwriting pages using importTextFile.php
+* (bug 7946) importTextFile.php doesn't perform pre-save transform
+* (bug 8117) {{REVISIONTIMESTAMP}} showed weird default if $wgLocalTZoffset set;
+ now uses current time for previews and if timestamp can't be loaded from DB
+* {{REVISIONTIMESTAMP}} now uses site local timezone instead of user timezone
+ to ensure consistent behavior
+* {{REVISIONTIMESTAMP}} and friends should now work on non-MySQL backends
+* (bug 7671) Observe canonical media namespace prefix in Linker::formatComment
+* Added js variable wgCurRevisionId to the output
+* (bug 8141) Cleanup of Parser::doTableStuff, patch by AzaTht
+* (bug 8042) Make miser mode caching limits settable via $wgQueryCacheLimit
+ instead of hardcoding to 1000
+* Enable QueryPage classes to override list formatting
+* (bug 5485) Show number of intervening revisions in diff view
+* (bug 8100) Fix XHTML validity in Taiwanese localization
+* Added redirect to section feature. Use it wisely.
+* Added a configuration variable allowing the "break out of framesets" feature
+ to be switched on and off ($wgBreakFrames). Off by default.
+* Allow Xml::check() $attribs parameter to override 'value' attribute
+* DB schema change: added two columns (rc_old_len and rc_new_len) to the recentchanges table to store
+ the text lengths before and after the edit
+* (bug 1085) Made Special:Recentchanges show the character difference between the changed revisions
+* Removed a redundant <strong> tag from diff pages that was causing display issues for some users
+* (bug 8203) The keyboard shortcut for "log out" was removed, because users were pressing it
+ when they intended to press the shortcut for "preview".
+* (bug 8148) Handle non-removable output buffers gracefully when cleaning
+ buffers for HTTP 304 responses, StreamFile, and Special:Export.
+ Duplicated code merged into wfResetOutputBuffers() and wfClearOutputBuffers()
+* Special:AllPages : 'next page' link now point to the first title of the next
+ chunk instead of pointing to the last title of current chunk.
+* (bug 4673) Special:AllPages : add a 'previous' link (new message 'prevpage')
+* (bug 8121) wfRandom() was not between 0 and 1
+* Add static method Parser::createAssocArgs($args), so parser functions can
+ use the same code to parse arguments as the templates do.
+* Change behavior of logins using the temporary e-mailed password (as stored
+ in user_newpassword hash field). Instead of just logging in silently and
+ leaving the previous user_password field in place indefinitely, the user
+ is now prompted to set a new password.
+
+ The password-changing form is at Special:Resetpass; currently it's only
+ usable for changing from the temporary password during login, but it
+ could perhaps be generalized, replacing the subform in preferences.
+
+ Once the new password is set successfully, the temporary password is wiped
+ so it cannot be used to login a second time, and the login process
+ is completed.
+* Suppress 'mail new password' button on login form if $wgAuth forbids
+ changing user passwords; it wouldn't work very well...
+* Consolidate password length checks and $wgAuth manipulation into
+ User::setPassword() to avoid duplicate code in different places
+ that set passwords.
+* User::setPassword() now throws PasswordError exceptions if the password
+ is illegal or cannot be set via $wgAuth. These can be caught and a human-
+ readable error message displayed by UI code.
+* Added Title::isSubpage()
+* (bug 8241) Don't consider user pages of User:Foo.css to be CSS subpages
+* Set an explicit class on framed thumbnail inner divs and images, changed some
+ CSS to use these instead of using descendent selectors.
+* Accept null parameter to User::setPassword() as indicating the password
+ field should be cleared to an unusable state. Login will only be possible
+ after the password is reset, for instance by e-mail.
+* (bug 6394) Invalidate the password set for "by e-mail" account creations
+ to avoid accidental empty password creations.
+* Made the show change size function work on page moves, page creations, and
+ log entries. Also fixed it in the javascript recentchanges.
+* (bug 8239) correctly get 50 new contributions when clicking '(50 next)'
+* (bug 2259) Fix old regression where e-mail addresses were no longer
+ confirmed on login with mailed password.
+* Add a notification about the confirmation mail sent during account
+ creation, so people don't immediately go off to request a second one.
+* Add a warning on Special:Confirmemail if a code was already sent and has
+ not yet expired.
+* Add user_editcount field to provide data for heuristics on account use.
+ Incremented on edit, with lazy initialization from past revision data.
+ Can batch-initialize with maintenance/initEditCount.php (not yet friendly
+ to replication environments, this will do all accounts in one query).
+* Allow raw SQL subsections in Database::update() SET portion as well as
+ for WHERE portion. Handy for increments and such.
+* User::getOption now accept a default value to override default user values
+ this makes it consistent with WebRequest::get* methods. Corrected code in
+ various places accordingly.
+* (bug 8264) Fix JavaScript global vars for XHTML mode
+* Make $wgSiteNotice value wikitext again, for consistency with editable
+ MediaWiki:Sitenotice and MediaWiki:Anonnotice.
+* (bug 8044) When redirecting from the canonical name of the special page
+ to the localised one, parameters/subpages are omitted
+* (bug 8164) Special:Booksources should use GET for form submission
+* Rewrite Special:Booksources to clean up interface and remove redundant code
+* (bug 7925) Change Special:Allmessages message name filter javascript to be
+ a bit more responsive and easier on the CPU
+* (bug 4488) Support watching pages on deletion; introduces new user preference
+* Minor restructuring of Special:Preferences; "watch pages I edit" and "watch
+ pages I create" options now accessible under "Watchlist" options
+* (bug 8153) <nowiki> doesn't work in site notice
+* (bug 6690) wfMsgNoTrans() transforms messages
+* (bug 8274) Wrap edit tools in a <div> with a specified class
+* Detect PHP 5.0.x 64-bit bug and abort in WebStart.php; too many things break
+ mysteriously otherwise (detection code copied from install-utils.inc)
+* (bug 8295) Change handling of <center> tags in doBlockLevels() to match that
+ of <div>
+* (bug 8110) Make magic ISBN linking stricter: only match ten-digit sequences
+ (plus optional ISBN-13 prefix) with no immediately following alphanumeric
+ character, disallow multiple consecutive internal redirects
+* (bug 2785) Accept optional colon prefix in links when formatting comments
+* Don't show "you can view and copy the source of this page" message for
+ pages which don't exist
+* (bug 8310) Blank line added to top of 'post' when page is blank
+* (bug 8109) Template parameters ignored in "recentchangestext"
+* Gracefully skip redirect-to-fragment on WebKit versions less than 420;
+ it messes up on current versions of Safari but is ok in the latest
+ nightlies. Checking the version number will allow it to automatically
+ work when new releases of Safari appear.
+* Fix regression in thumb styles; size and padding didn't match with
+ new arrangement.
+* (bug 8333) Fix quick user data update on login password change on
+ replication database setups. User data is now pulled from master
+ instead of slave in User::loadFromDatabase, ensuring that it is
+ fresh and accurate when read and then saved back into cache.
+ This was breaking with the Special:Rename operation which
+ automatically logs the user in with the new password after changing
+ it; pulling from slave meant the record was often not the updated
+ one.
+* (bug 8335) Set image width to the first valid parameter found.
+* (bug 8350) Fix watchlist viewing bug when using Postgres.
+* (bug 6603) When warning about invalid file extensions, output the bit
+ of the extension we actually checked
+* (bug 7669) Drop defaults on BLOB/TEXT columns for better compatibility
+ with MySQL's strict mode, often enabled by the Windows installer.
+ The defaults are ignored anyway when strict mode is off...
+* (bug 7685) Use explicit values for ar_text and ar_flags when deleting,
+ for better compatibility with MySQL's strict mode
+* Update default interwiki values to reflect changed location of ursine:
+* (bug 5411) Remove autopatrol preference
+* Users who have the "autopatrol" permission will have their edits marked as
+ patrolled automatically
+* Users who do not have the "autopatrol" permission will no longer be able
+ to mark their own edits as patrolled
+* Introduce 'PingLimiter' hook; see docs/hooks.txt for more information
+* (bug 532) Tweaked alt text for some interface messages
+* (bug 8231) Gave useful alt text to the main <img> on image pages
+* (bug 371) Remove alt text for "Enlarge" icon on thumbnails
+* Initialize user_editcount to 0 instead of NULL for newly created accounts
+* (bug 3696) Strip LRM and RLM characters from titles to work around the
+ problem some people have where titles cut-and-pasted from lists include
+ the bidi override characters appended to the lists.
+ A more thorough blacklist for forbidden and translatable characters would
+ be wise, though, as might a cleaner method for the lists in the first place.
+* Fix regression in email password resets on read-restricted sites
+* Set tabindex on fields in deletion form so you don't have to tab through
+ the links in the sitenotice
+* (bug 8271) Show full time and date on viewer for individual deleted
+ revisions
+* (bug 8214) Output file size limit and actual file size in appropriate units
+ on Special:Upload
+* (bug 8016) Purge objectcache table during upgrade processes - use the --nopurge
+ option to prevent this when running maintenance/update.php
+* (bug 7612) Remove superfluous link to Special:Categories from result items
+ on Special:Mostcategories
+* {{PLURAL:}} now handles formatted numbers correctly
+* (bug 8331) Added the change size value to watchlists; therefore made
+ watchlists use RecentChange::newFromRow() instead of newFromCurRow()
+* (bug 8351) Fix undo for simple reverts
+* (bug 6856) User::clearNotification() does not respect read-only mode
+* (bug 6853) Use a checkbox on the installer form to indicate that a superuser
+ account should be used; this is clearer than the old check which relied on
+ the password never being an obscure value
+* Remove old unused watchlist cache, which was a leftover from the old schema
+ where watchlists were more expensive to generate
+* Minor cosmetic changes to Special:Userrights
+* Added wgCanonicalSpecialPageName to JavaScript variables
+* Fix image deleting when using Postgres.
+* Output both source and destination titles in maintenance/moveBatch.php
+* Added basic parser tests for language variants
+* Enable selflinks and categories to be written in some of the language variants
+* Prevent conversion of JavaScript code in language variants
+* Output software version number in maintenance/parserTests.php
+* (bug 7169) Use Ajax to watch/unwatch articles if enabled
+* Make variant table caching a little more robust, using main language code
+ in cache key. Probably this is still a bit wonky, though. Was breaking
+ parser tests when Chinese tables were getting loaded into Serbian code.
+* (bug 8380) Be nicer about blank lines in deleteBatch.php
+* (bug 8401) Fix regression in SORBS lookup for some DNS setups
+* Use raw file descriptor in posix_isatty() check to avoid warning on
+ Linux systems with at least some versions of PHP
+* (bug 5908) Allow overriding the default category sort key for all items on
+ a page using {{DEFAULTSORT}}
+* (bug 6449) Throw a more definitive error message when installation fails
+ due to an invalid database name
+* (bug 5827) Use full text for option link labels on Special:Watchlist
+* (bug 8018) Allow hiding minor edits from the watchlist
+* (bug 8427) MonoBook RTL IE 7.0 tweaks failed when sidebar's navigation
+ section is renamed; no longer relies on first section name
+* Stabilize client-side table sorting even if the underlying Javascript sort()
+ implementation is unstable
+* Add hook for extensions to add user information to the panel in preferences,
+ next to the user name and ID.
+* (bug 8392) Display protection status of transcluded pages in the edit page
+ template list. Patch by Fyren, with i18n naming tweak.
+* Fix for interwiki transclusion where target wiki uses query string for title
+* Resolve namespaces on interwiki Title objects using canonical namespace names
+ if possible (should not happen, though, outside interwiki transclusion... and
+ maybe not even then, but it does)
+* (bug 8447) Fix SQL typo breaking non-default $wgHitcounterUpdateFreq
+* Do not allow previews of deleted images to be cached
+* Add global variable $wgDefaultLanguageVariant used to set the default language
+ variant of a wiki to something different than the main language code
+* Add 'variant' option to parserTests - runs test with the given variant as
+ preferred, utilize it for more parser tests of language variants code
+* (bug 6503) Fix bug that stopped certain irrelevant links from being hidden
+ for printing
+* Avoid PHP warning in Creative Commons metadata when a creative commons
+ license is not actually set up
+* (bug 8463) Don't print external link icons for Monobook
+* (bug 8461) Support watching pages on move
+* (bug 8041) Work around bug with debug_backtrace when Zend Optimizer is
+ loaded by skipping the function. Use wfDebugBacktrace() wrapper function.
+* Reduce config file clutter by setting various script and upload paths
+ based on $IP or $wgScriptPath in Setup.php. They can still be explicitly
+ overridden in LocalSettings.php if desired...
+* Attempt to detect redirect loops for the canonical title redirect, and
+ give some hints to the poor confused administrator.
+* Introduce new flag 'R' - raw output for language variant escape tags
+* Advise users when updates for a query page have been disabled using
+ $wgDisableQueryPageUpdate
+* (bug 8413) Improve comments for $wgNamespaceRobotPolicies
+* (bug 8330) Show "bytes" suffix on recent changes diff counter
+ optionally... if set in rc-changes-size message (default empty for now)
+* (bug 8489) Support basic links in <gallery> caption attribute
+* (bug 8485) Correct Lingala number formatting
+* The MediaWiki namespace is no longer pre-filled with default messages on
+ install. All default messages will be removed from the MediaWiki namespace
+ on upgrade.
+* Recentchanges RSS/Atom feeds now use a separate message for the description
+ to avoid cluttering it with useless wiki formatting
+* (bug 8417) Handle EXIF unknown dates
+* (bug 8372) Return nothing on empty <math> tags.
+* New maintenance script to show the cached statistics : showStats.php.
+* Count deleted edits when regenerating total edits in maintenance/initStats.php
+* (bug 3706) Allow users to be exempted from IP blocks. The ipblock-exempt permission
+ key has been added to enable this behavior, by default assigned to sysops.
+* (bug 7948) importDump.php now warn that Recentchanges need to be rebuild.
+* (bug 7667) allow XHTML namespaces customization
+* (bug 8531) Correct local name of Lingála (patch by Raymond)
+* Fix regression with default lock file and cache directories; threw visible
+ warning with open_basedir
+
+
+== 1.8 Compatibility changes ==
+
+=== Zend Optimizer ===
+
+A bug in some versions of PHP 5 and Zend Optimizer which was triggered under
+MediaWiki 1.8.x has been worked around by disabling some internal debugging
+features when Zend Optimizer is loaded. This should solve some common
+"blank page" problems.
+
+=== PHP 5.0 64-bit ===
+
+MediaWiki now checks for a condition where PHP 5.0.x corrupts array data
+on 64-bit systems and warns you to upgrade PHP to solve the problem. This
+bug causes Special: pages to fail on affected systems under MediaWiki 1.8
+and higher, and subtler data corruption on earlier versions.
+
+The only known workaround is to upgrade PHP to 5.1 or later, which you
+probably should do anyway for security reasons!
+
+=== MySQL 5 ===
+
+MediaWiki should now install and run correctly on MySQL 5.0 and higher when
+MySQL's "strict mode" is enabled. (This is now the default for many Windows
+installations, though it seems to remain off by default on Unix.)
+
+This fixes errors about "cannot default default value for BLOB/TEXT fields".
+
+=== ImageMagick ===
+
+Note that ImageMagick older than 6.x may no longer work for image resizing
+due to use of the -thumbnail option.
+
+
+== 1.8 Behavior changes ==
+
+=== Localized special pages ===
+
+The names of Special: pages can now be localized, so links and URLs to them
+are more legible in languages that aren't English.
+
+Not all languages have included localized names yet.
+
+=== E-mail password ===
+
+Users are now required to set a new password for themselves when they first
+log in with a newly generated e-mailed password.
+
+Requesting passwords frequently is prevented to reduce abusive mailbombing.
+
+=== Undo revision ===
+
+An "undo" link now appears in diff view for easier reverting of older edits.
+When GNU diff3 is available for edit conflict merging, this can make it much
+easier to "undo" the changes of an older edit when there are surrounding
+changes elsewhere in the page.
+
+The changes must be manually reviewed and approved, as with conventional
+full-revision reverts.
+
+=== Blocking ===
+
+User blocks can be set to disable the automatic blocking of IP addresses the
+account logs in with.
+
+
+== 1.8 Database changes ==
+
+* new 'redirect' table stores data on page redirects
+* new 'querycachetwo' table used for some cached special pages
+* 'ipblocks' table adds 'ipb_enable_autoblock'
+* 'recentchanges' table adds 'rc_old_len', 'rc_new_len' for size tracking
+* 'user' table has added 'user_newpass_time' and 'user_editcount' fields
+* some indexes have been updated on 'recentchanges'
+
+== 1.8 Configuration changes ==
+
+Several configuration options have changed since 1.8:
+
+=== $wgEnableAPI ===
+
+The experimental machine API interface is now enabled by default, read-only.
+You can disable it by setting $wgEnableAPI = false; in LocalSettings.php.
+
+=== $wgPathInfo ===
+
+The use of PATH_INFO (the text after the script name in 'index.php/Blah')
+is controlled by the $wgUsePathInfo setting. This is now explicitly disabled
+for CGI, apache2filter, and ISAPI configurations of PHP, for more consistency
+with the autodetection from the installer.
+
+In some rarer configurations you may have to switch $wgUsePathInfo from false
+to true or, perhaps, from true to false to make things work properly if bad
+PATH_INFO data comes through the server.
+
+The wiki now tries to detect this condition and should show you an error
+message describing what to change instead of sending the browser into an
+infinite redirect loop.
+
+=== $wgScript and other path settings ===
+
+The following configuration variables are now automatically set in Setup.php
+if they are not overridden in LocalSettings.php:
+
+from $wgScriptPath:
+ + $wgScript
+ | \- $wgArticlePath
+ + $wgRedirectScript
+ + $wgStylePath
+ + $wgUploadPath
+ \- $wgLogo
+ + $wgMathPath
+
+from $IP:
+ - $wgStyleDirectory
+ + $wgUploadDirectory
+ \- $wgMathDirectory
+ + $wgTmpDirectory
+
+Newly generated configuration files will by default include only $wgScriptPath
+(hardcoded from the installer) and $IP (detected at runtime).
+
+Old configuration files which specify all these values explicitly should
+continue to work just fine, but if you use the defaults you can remove them
+to reduce clutter.
+
+=== $wgGroupPermissions ===
+
+The sysop group now holds the "autopatrol" and "ipblock-exempt" rights by
+default.
+
+"autopatrol" replaces the preference for marking ones own edits patrolled
+by default; users holding this permission will automatically have their
+edits patrolled, while others cannot mark their own edits as patrolled
+even if they have patrolling rights.
+
+"ipblock-exempt" excludes the user from IP blocks; accounts which are blocked
+explicitly by name will still be blocked, however. This is given to sysops
+to minimize annoyance from accidental "collateral damage"; remember that a
+sysop will be able to lift the block if they desire.
+
+The bot group now holds the "nominornewtalk" right. A user with this right
+will not trigger new message notifications when making minor edits to user
+talk pages. This is meant to minimize annoyance from maintenance bot
+processes.
+
+=== $wgUseWatchlistCache ===
+
+Watchlist caching has been removed. The feature was not maintained, and has
+been unnecessary since switching to the 'recentchanges' database table
+reduced server pressure for Wikipedia's watchlists.
+
+=== $wgBreakFrames ===
+
+MediaWiki in the past attempted to detect when it was embedded in a frameset
+and "break out" of it, assuming it to be hostile.
+
+This behavior is now disabled by default, but can be reenabled by setting
+$wgBreakFrames to true in LocalSettings.php.
+
+
+== 1.8 New settings ==
+
+=== $wgVariantArticlePath ===
+
+For languages with script variant support (Chinese, Serbian, and others),
+it's possible to use alternate URL paths to select the variant for article
+display, setting $wgVariantArticlePath.
+
+Documentation for this setting would be useful.
+
+=== $wgMaxMsgCacheEntrySize ===
+
+The message cache can now skip items larger than a given size; this allows
+it to better handle the primary caching case when large CSS and JS blobs are
+present.
+
+=== $wgStyleVersion ===
+
+When making significant changes to skin stylesheets and JavaScript files,
+you can append a string to this variable to tweak the generated URLs,
+forcing newly rendered pages to bring in a fresh version despite server-
+or browser-side caching.
+
+Normally this will be set in the course of MediaWiki development, but
+if doing development on a custom skin you may wish to poke it as well.
+
+=== $wgRCShowChangedSize ===
+
+Special:Recentchanges and Special:Watchlist now show the number of bytes
+added or removed to an article to give an idea of the size of the edit.
+This information was previously available only in the IRC update feeds.
+
+To disable this site-wide, set $wgRCShowChangedSize to false.
+(Individual users can suppress the data in custom CSS.)
+
+Adjust $wgRCChangedSizeThreshold to trigger highlighting of particularly
+large changes.
+
+The formatting of the size figure can be adjusted through the
+[[MediaWiki:Rc-change-size]] message.
+
+=== $wgQueryCacheLimit ===
+
+The number of rows stored for "expensive" special pages in miser mode
+can now be adjusted up or down from the default 1000.
+
+=== $wgDisableQueryPageUpdate ===
+
+Individual "expensive" special pages can be skipped in processing by
+updateSpecialPages if added to this list.
+
+=== $wgSorbsUrl ===
+
+The base hostname for the DNS-based proxy blacklist can now be overridden
+when $wgEnableSorbs is set, to use a different blacklist instead of SORBS.
+The blacklist would need to respond the same was as SORBS; any positive
+response will be taken as a proxy.
+
+=== $wgAjaxWatch ===
+
+Experimental AJAX mode for the watch/unwatch tabs to execute inline.
+Does not include the UI messages describing how to reach the watchlist,
+so you may not want it on a general-audience site just yet.
+
+=== $wgParserTestFiles ===
+
+MediaWiki's parser test suite can now be expanded with additional test
+files. Custom extensions can add their test files to this array, and
+they will be run along with the main tests by maintenance/parserTests.php
+
+
+== Changes since 1.7 ==
+
+* Introduced AjaxResponse object, superceding AjaxCachePolicy
+* Changes to sajax_do_call: optionally accept an element to fill instead of a
+ callback function; take the target function or element as a third parameter;
+ pass the full XMLHttpRequest object to the handler function, instead of just
+ the resultText value; use HTTP response codes to report errors.
+* (bug 6562) Removed unmaintained ParserXml.php for now
+* History paging overlap bug fixed
+* (bug 6586) Regression in "unblocked" subtitle
+* Don't put empty-page message into view-source when page text is blank
+* (bug 6587) Remove redundant "allnonarticles" message
+* Block improvements: Allow blocks on anonymous users only. Optionally allow
+ or disallow account creation from blocked IP addresses. Prevent duplicate
+ blocks. Fixed the problem of expiry and unblocking erroneously affecting
+ multiple blocks. Fixed confusing lack of error message when a blocked user
+ attempts to create an account. Fixed inefficiency of Special:Ipblocklist in
+ the presence of large numbers of blocks; added indexes and implemented an
+ indexed pager.
+* (bug 6448) Allow filtering of Special:Newpages according to username
+* (bug 6618) Improve permissions/error detection in Special:Lockdb
+* Quick hack for extension testing: parser test doesn't create new message
+ cache object.
+* (bug 6299) Maintain parser's revision ID across recursive calls to fix
+ {{REVISIONID}} when Cite extension is used
+* (bug 6622) Removed deprecated function Image::newFromTitle
+* (bug 6627) Fix regression in Special:Ipblocklist with table prefix
+* Removed forced dereferencements (new() returns a reference in PHP5)
+* Note about $wgUploadSizeWarning using byte
+* (bug 6592) Add most viewed pages summary to Special:Statistics
+* Pre-strip characters ignored in IDNs from URLs so they can't be used
+ to break the blacklists for regular URLs
+* Fix regression in blocking of user accounts
+* (bug 6635) Fix regression searching for range blocks on Ipblocklist
+* Fix regression searching Ipblocklist with ugly URLs
+* (bug 6639) Use a consistent default for upload directories
+* Preserve entered reason when reporting unconfirmed lock on Special:Lockdb
+* (bug 6642) Don't offer to unlock the database when it isn't locked
+* cleanupTitles.php changed from --dry-run option to --fix, so default
+ behavior is now a non-invasive check as with namespaceDupes.php
+* (bug 6660) Fix behavior of EditPage::blockedPage() when the article does
+ not exist; now doesn't show the source box if the user hasn't provided it
+ (blocked mid-edit) and the page doesn't exist
+* Improve default value of "blockedtext"
+* (bug 6680) Added localisation for Dutch bookstore list (nl)
+* Renamed maintainace script redundanttrans.php to unusedMessages.php - clearer usage
+* Fix regression which allowed some blocked users to create additional accounts
+* (bug 6657) Fix Hungarian linktrail
+* (bug 6751) Fix preview of blanked section with edit on first preview option
+* (bug 5456) Separate MediaWiki:Search into messages for both noun and verb,
+ introduced 'MediaWiki:Searchbutton'
+* Made lines from initialiseMessages() appear as list items during installation
+* Moved the bulk of the localisation data from the Language*.php files to the
+ Messages*.php files. Deleted most of the Languages*.php files.
+* Introduced "stub global" framework to provide deferred initialisation of core
+ modules.
+* Removed placeholder values for $wgTitle and $wgArticle, these variables will
+ now be null during the initialisation process, until they are set by index.php
+ or another entry point.
+* Added DBA cache type, for BDB-style caches.
+* Removed custom date format functions, replacing them with a format string in
+ the style of PHP's date(). Used string identifiers instead of integer
+ identifiers, in both the language files and user preferences. Migration should
+ be transparent in most cases.
+* Simplified the initialisation API for LoadBalancer objects.
+* Removed the broken altencoding feature.
+* Moved default user options and toggles from Language to User. Language objects
+ are still able to define default preference overrides and extra user toggles,
+ via a slightly different interface.
+* Don't include the date option in the parser cache rendering hash unless
+ $wgUseDynamicDates is enabled.
+* Merged LanguageUtf8 with Language. Removed LanguageUtf8.php.
+* Removed inclusion of language files from the bottom of Language.php. This is
+ now consistently done from Language::factory().
+* Add the name of the executing maintenance script to the debug log. Start the
+ profiler during maintenance scripts.
+* Added "serialized" directory, for storing precompiled data in serialized form.
+* Fix regression in auto-set NS_PROJECT_TALK namespace
+* Fix regression in ordering of namespaces
+* (bug 6806, 6030) Added several global JS variables for article path, user name,
+ page title, etc.
+* hooks registered with addOnloadHook are now called at the one of the html body
+ by all skins.
+* Split ajax aided search from core ajax framework. Use wgUseAjax to enable the
+ framework and wgAjaxSearch to enable the suggest feature for the search box.
+* Added experimental installer for extensions.
+ See maintenance/installExtension.php
+* Added Tajic (tg) language file.
+* (bug 6903) Added Cantonese localisation (zh-yue)
+* Fix regression in Korean and Japanese date formatting (day of week)
+* (bug 6919) Add English alias magic words for Tatar (tt) language file.
+* (bug 6753) Fixed broken Kazakh linktrail (kk)
+* (bug 6700) Added Kazakh language variants to Names.php
+* (bug 6827) some i18n specific maintenance scripts fails after merge of localisation-work branch
+* Throwed an exception for the deprecated functions OutputPage::sysopRequired and
+ OutputPage::developerRequired - use OutputPage::permissionRequired instead.
+* Removed the deprecated functions User::isSysop, User::isBureaucrat and User::isDeveloper -
+ use User::isAllowed instead.
+* (bug 769) OutputPage::permissionRequired() should suggest groups with the needed permission
+* (bug 6971) Fix regression in Special:Export history view
+* Revamped Special:Imagelist
+* (bug 7000) updated MessagesPl.php
+* (bug 6946) Fix unexpected behavior change with GET hits to Special:Export
+* (bug 1866) Improve navigation on Special:Listusers; user now a starting
+ point as with Special:Allpages, rather than a pure limit.
+* Clean up tab order on Special:Blockip
+* (bug 5969) Clean up tab order on Special:Userlogin forms
+* (bug 3512) namespaceDupes now handles spaces and initial caps properly
+* (bug 7037) Fix regression in login tab order
+* (bug 7031) Report missing email on 'email password' instead of false success
+* (bug 7010) Don't send email notifications for watched talk pages when user
+ has selected to receive only updates for their own talk page
+* Added {{CURRENTHOUR}}
+* Added [[:Image:Foo.png]] style links to the pagelinks table
+* Avoid duplicate revision imports with Special:Import
+* (bug 7054) Validate email address before sending email confirmation message
+* (bug 7061) Format title on "from (page)" links on Special:Allpages
+* (bug 7044) Introduce "padleft" and "padright" colon functions
+* Pass page title as parameters to "linkshere" and "nolinkshere" and update
+ default message text
+* Allows to upload from publicy accessible URL. Set $wgAllowCopyUploads = true ; in LocalSettings.php
+ Limited to $wgMaxUploadSize (default:100MB); URL upload is limited to sysops by default, and displayed as a second line if appropriate
+* (bug 832) Return to user page after emailing a user
+* (bug 366) Add local-system-timezone equivalents for date/time variables
+* (bug 7109) Fix Atom feed version number in header links
+* (bug 7075) List registered parser function hooks on Special:Version
+* (bug 7059) Introduce "anchorencode" colon function
+* Include SVN revision number in {{CURRENTVERSION}} output, where applicable
+* Fix bug in wfRunHooks which caused corruption of objects in the hook list
+* (bug 4979) Use simplified email addresses when running on Windows
+* (bug 4434) Show block log fragment on Special:Blockip
+* [[MediaWiki:Disambiguationspage]] may optionally contain wiki links to any number
+ of disambiguation templates.
+* [[Special:Disambiguations]] now shows pages in NS:0 that link to any pages that embed
+ any of the templates listed at [[MediaWiki:Disambiguationspage]].
+* Fix formatting of titles on Special:Undelete
+* (bug 7026) Fix action=raw&templates=expand
+* (bug 6976) Add namespace and direction classes to classic skins
+* (bug 7144) Don't "return to main" from OutputPage::loginToUse() if the user can't
+ read the main page in the first place
+* (bug 7188) Fix minor borkage in HTMLForm
+* (bug 6675) Replaced message 'watchthis' with new message 'watchthisupload in Special:Upload
+* Add a quickie script dumpSisterSites.php for generating a page list in the
+ format for WSR-1 SisterSites support
+* (bug 7223) Monobook.js is used for site content, should not be localized
+* Set default disabled values for DjVu render options
+* Added Xml::option() for generating <option>s easily
+* Localized page numbers in drop-down for DjVu page selection
+* Fixed linktrail for vi
+* (bug 6893) "Call to a member function exists() on a non-object" on trackback.php with bad input
+* (bug 6886) PHP undefined offset on bad input to Special:Revisiondelete
+* (bug 6887) PHP error for call to getId() on bad input to Special:Revisiondelete
+* (bug 6888) PHP error for call to getTimestamp() on bad input to Special:Revisiondelete
+* (bug 7252) Use dvipng support in texvc math rastrization. dvipng is required if texvc is rebuilt.
+* (bug 7279) Use wfBaseName in place of basename() in more places
+* Clear newtalk marker on diff links with explicit current revision number
+* (bug 7064) Replace hard-coded empty message checks with wfEmptyMsg calls
+* (bug 6777) Remove some PHP 4 compat cruft
+* Add --user, --comment, and --license options to importImages.php
+* (bug 6216) The immobile namespace message does not mention the source page
+* (bug 7299) Normalize username filter on Special:Newpages
+* (bug 7306) RTL text in an LTR wiki breaks appearance of Special:Recentchanges
+* (bug 7312) Don't emit SET NAMES utf8 if connection failed
+* (bug 7305) Proper compare for bot check on RC notify, should fix overrides
+ that force edits by non-bot users to bot mode
+* Set Vary: Cookie on action=raw generated CSS and JS, to ensure that user
+ preferences don't get stuck in proxy caches for other people
+* (bug 7324) Fix error message for failure of Database::sourceFile()
+* (bug 7309) Plurals: use singular form for zero in French and Brazilian Portuguese
+* Add page_no_title_convert field to support language variant conversion
+ for page titles which shouldn't be converted on display/linking
+* Lazy extraction of text chunks in Revision objects, may reduce hits to
+ external storage when actual text content is not used
+* Added experimental $wgRevisionCacheExpiry to cache extracted revision text
+ in $wgMemc, to further reduce hits to external storage.
+ Set to 0 (disabled) by default.
+* Minor changes to the installer.
+* Remove ":" for 'youremail' and 'yourrealname' in includes/templates/Userlogin.php
+ so that ":" could be used in i18n for Special:Preferences (like 'username' and 'uid').
+* Fix layout for Special:Preferences->Date and Time (position for 'timezonetext').
+* Updates to language variant code for Serbian et al
+* (bug 6756) Enabling RTL direction for kk-cn
+* (bug 6701) Kazakh language variants in MessagesEn.php
+* (bug 7335) SVN revision check in Special:Version fails on SVN 1.4 working copy
+* (bug 6518) Replaced 'lastmodified' with 'lastmodifiedat' and 'lastmodifiedby' with 'lastmodifiedatby'
+ with separated parameters for date and time to allow better localisation. Updated all message files
+ to display the old format for compatibility.
+* (bug 7357) Make supposedly static methods of Skin actually static
+* Added info text to Special:Deadendpages and Special:Lonelypages
+* Fix regression in cachability of generated CSS and JS for MonoBook skin,
+ while avoiding clobbering of different users' cached data
+* (bug 6849) Block @ from usernames; interferes with multi-database tools and
+ was meant to be banned years ago... For now existing accounts will not be
+ prevented fromm login.
+* (bug 6092) Introduce magic words {{REVISIONDAY}}, {{REVISIONDAY2}, {{REVISIONMONTH}},
+ {{REVISIONYEAR}} and {{REVISIONTIMESTAMP}}
+* (bug 7425) Preceeding whitespace in [[...]] breaks subpages
+* Try to reconnect after transitory database errors in dumpTextPass.php
+* (bug 6023) Fixed mismatch of 0/NULL for wl_notificationtimestamp; now notification
+ mails are working after 'Mark all pages visited' button on Special:Watchlist is clicked
+* Made {{INT:}} a core parser function instead of a special case. The syntax
+ and behavior is largely unchanged.
+* (bug 7448) Fixing the native name for Ewe (ee)
+* (bug 6864) Replace message 'editing' with new message 'editinguser' in Special:Userrights
+ to allow better localisation
+* Add '*-summary' for special pages to MessagesEn.php to allow customizing/translation
+ directly through Special:Allmessages
+* (bug 6130, bug 5818) Replaced message 'go' with the new message 'searcharticle' in skins
+ to allow better localisation
+* Add + to $wgLegalTitleChars by default. Some sites may have occasional
+ problems with hard-to-reach pages, but it should be less trouble than
+ "I can't import dumps from Wikipedia" complaints
+* (bug 7460) Revert broken patch for bug 7226 which slows down
+ Special:Allmessages by a factor of 16
+* Committed a bunch of live hacks from Wikimedia servers
+* (bug 6889) PHP notices in thumb.php with missing params
+* Cleaner error behavior on thumb.php with invalid page selection
+* (bug 6617) Validate timestamps on Special:Undelete
+* Do fewer unnecessary full writes of user rows; only update user_touched
+ for watch/unwatch, group membership change, and login operations
+* Restructured the languages directory, to avoid problems when people
+ untar MW 1.8 over the top of a 1.7 installation.
+* (bug 6890) SQL query error on bad input to Pager lists
+ due to negative LIMIT clause, caused by integer wraparound.
+* Fixed various bugs related to table prefixes, especially the interaction
+ between table prefixes and memcached, which was formerly completely broken.
+* (bug 7004) PHP iconv() notice on bad password input to Special:Userlogin.
+* (bug 6826) Extend pre-save transform context link ("pipe trick")
+ syntax to pages with commas in title
+* Use ImageMagick -thumbnail option instead of -resize to avoid including
+ excessive metadata in thumbs (requires ImageMagick 6.0.0 or newer).
+* (bug 7499) Corrections to Swedish talk namespace names
+* (bug 7508) Added option to compress HTML pages by dumpHTML.php
+* (bug 7519) Add plural in SpecialWatchlist
+* (bug 7459) Magic word variables are always case sensitive
+* Replaced {{SERVER}}{{localurl:xxx}} with {{fullurl:xxx}} in localisation files
+* Fix regression in Special:Watchlist text header
+* (bug 7510) Update article counts etc on undelete
+* (bug 7520) Update article counts on XML import
+* (bug 7526) Make $wgDefaultUserOptions work again
+* (bug 7472) Localize Help namespace for Basque
+* (bug 7529) Including a non-existent category in an article places that article in the category
+* (bug 4528) Lack of important LaTeX functions stackrel, rightleftharpoon
+* (bug 6721) missing symbols ulcorner, urcorner, llcorner, lrcorner, twoheadrightarrow, twoheadleftarrow
+* (bug 7367) Hyphens sometimes erroneously appended to equations when not converted to PNG
+* Add "title" to the opensearch link to allow automatic adding of the search engine in Firefox 2
+* (bug 7537) Add php5 to $wgFileBlacklist
+* (bug 6929) Restore AutoAuthenticate hook
+
+
+== Changes since 1.6 ==
+
+* (bug 5458) Fix double-URL encoding in block log link in contribs and contribs
+ link in block log
+* (bug 5462) Bogus missing patch warning in updater
+* (bug 5461) Use of deprecated "showhideminor" in Special:Recentchangeslinked
+* PHP warning when allow_call_time_pass_reference is off
+* Update to Finnish localization
+* (bug 5467) Link to page histories in watchlist edit mode
+* Further additions to Hebrew localisation
+* (bug 5476) Invalid xhtml in German localization
+* (bug 5479) Id translation for preferences tabs caption
+* (bug 5493) Id translation for special pages
+* Added skinname and style path parameters to CBT version of MonoBook
+* Include subversion revision number in Special:Version if available
+* (bug 5344) Fix regression that broke slashes in extension tag parameters
+* Improve Special:Log performance on big log sets
+* (bug 5507) Changed mediawiki:logouttext from plain to wikitext
+* (bug 4760) Prevent creation of entries in protection log when protection
+ levels haven't changed
+* (bug 861) Show page protection/unprotection events in histories
+* (bug 5499) Don't clear the tag strip state when asked not to clear state.
+ Fixes regression with use of <ref> in a template breaking <nowiki> etc.
+* Minor improvements to English language files
+* Display the anon talk page info message on anon talk pages again
+ (moved outside the parser cache)
+* Optional {{DISPLAYTITLE|title with markup}} magic word
+ Deactivated by default, set "$wgAllowDisplayTitle = true" in LocalSettings.php
+ to activate
+* Cleaned SpecialContributions a bit
+* Added a table to track interlanguage links
+* (bug 5544) Fix redirect arrow in Special:Listredirects for right-to-left
+ languages
+* Replace "doubleredirectsarrow" with a content language check that picks the
+ appropriate arrow
+* (bug 5537) Add stub language file for Samogitian (bat-smg); inherits
+ Lithuanian (lt)
+* Don't force edit summaries when a user is editing their own user/talk page
+* (bug 5510) Warning produced when using {{SUBPAGENAME}} in some namespaces
+* (bug 385) Installer support for PostgreSQL, fixes for PG compatibility
+* PersistentObject removed; it doesn't do anything and was broken besides.
+ All extensions using it have been corrected.
+* Propagate ISBN number for Booksources in LanguageNo.php
+* (bug 5548) Improvements to Indonesian localisation [patch: Ivan Lanin]
+* Add TALKSPACE, SUBJECTSPACE, TALKPAGENAME, SUBJECTPAGENAME (and encoded forms
+ for all) magic words
+* (bug 5403) Fix Special:Newpages RSS/Atom feeds
+* Reject malformed addresses in X-Forwarded-For entries
+* (bug 3359) Add hooks on completion of file upload
+* (bug 5559) Improve detection of ImageMagick [patch: Greg Turnquist]
+* (bug 5475) New pages feeds ignore "limit" argument
+* (bug 5184) CSS misapplied to elements in Special:Allmessages due to
+ conflicting anchor identifiers
+* (bug 5519) Allow sidebar cache to be disabled; disable it by default.
+* Maintenance script to import the contents of a text file into a wiki page
+* Add $wgReservedUsernames configuration directive to block account creation/use
+* (bug 5576) Remove debugging hack in session check
+* (bug 5426) Lowercase treatment of titles in rights log leads to broken links
+ on Special:Log
+* Minor improvements to French localisation files
+* (bug 5181) Update "nogomatch" for Slovak
+* (bug 5594) Id translation up to # Login and logout pages section
+* (bug 5536) Use content language for editing help link
+* Improvements to German localisation files
+* (bug 5570) Problems using <special page>/parameter link form for long titles
+* (bug 3884) Add $user parameter to AddNewUser hook, call it for by-email
+ registrations as well as self-registrations.
+* (bug 4327) Report age of cached data sets in query pages
+* (bug 4662) Fix Safari check in wikibits.js
+* (bug 4663) Edit toolbar enabled in compatible versions of Safari
+* (bug 5572) Edit toolbar enabled in compatible versions of Konqueror (3.5+)
+* (bug 5235) Edit toolbar tooltips no longer show JavaScript junk in Opera
+* Edit toolbar now works in pure XHTML mode (application/xhtml+xml)
+* Add watchlist clear function to allow quick purging of all items
+* (bug 5625) Additional namespace translations for Welsh
+* Add meta tag and JavaScript variables to cached special pages which provides
+ the timestamp of the last update, in YYYYMMDDHHMMSS format.
+* (bug 5628) More translations for MessagesHr.php
+* (bug 5595) Localisation for Bosnian language (bs)
+* (bug 2910) Default view preferences for watchlists
+* Add "hide bot edits from the watchlist" user preference
+* (bug 5250) Introduce Special:Unusedtemplates
+* Add user preference setting for an extended watchlist, showing all recent
+ edits up to a certain edit, and not just the latest edit..
+* Made MessageRo.php more general
+* (bug 5640) Indonesian localisation improvements
+* (bug 5592) Actions are logged with the default language for the
+ wiki, not the language of the user performing the operation.
+* (bug 5644) Error in LanguageBs.php file
+* (bug 5646) Compare for identical types in wfElement()
+* (bug 5472) Language::userAdjust()->minDiff not initialized on else condition
+* (bug 5386) LanguageMk.php: updated namespaces translations
+* (bug 5422) Stub for Romani (rmy) language which extends ro
+* Fix linktrail for LanguageSr
+* (bug 5664) Fix Bosnian linktrail
+* (bug 3825) Namespace filtering on Special:Newpages
+* (bug 1922) When Special:Wantedpages is cached, mark links to pages
+ which have since been created
+* (bug 5659) Change grammar hacks for Bosnian Wikimedia namespaces.
+ This sort of special casing should be removed and fixed properly.
+* Remove useless whitespace from Special:Brokenredirects header
+* Treat "allmessagesnotsupporteddb" as wikitext when echoing; change default
+ text
+* (bug 5497) Regression in HTML normalization in 1.6 (unclosed <li>,<dd>,<dt>)
+* (bug 5709) Allow customisation of separator for categories
+* (bug 5684) Introduce Special:Randomredirect
+* (bug 5611) Add a name attribute to the text box containing source text in
+ read-only pages
+* Indicate when a protected page is an interface message ("protectedinterface")
+* (bug 4259) Indicate when a protected page being edited is an interface message
+ ("editinginterface")
+* (bug 4834) Fix XHTML output when using $wgMaxTocLevel
+* Pass login link to "whitelistedittext" containing 'returnto' parameter
+* (bug 5728): mVersion missing from User::__sleep() leading to constant cache
+ miss
+* Updated maintenance/transstat.php so it can show duplicate messages
+* Improvements to update scripts; print out the version, check for superuser
+ credentials before attempting a connection, and produce a friendlier error if
+ the connection fails
+* (bug 5005) Fix XHTML <gallery> output.
+* (bug 5315) "Expires: -1" HTTP header made strictly valid (using 1970 date).
+* (bug 4825) note in DefaultSettings.php about 'profiling' table creation
+* Remove unneeded extra whitespace at top of Special:Categories
+* (bug 5679) time units are now using local numerals
+* (bug 5751) Updates to Portuguese localisation files
+* (bug 5741) Introduce {{NUMBEROFUSERS}} magic word
+* (bug 93) <nowiki> tags and tildes in templates
+* The returnto parameter is now actually used by SpecialUserlogin.php
+* Parser can now know that it is parsing an interface message
+* (bug 4737) MediaWiki:Viewcount supports {{PLURAL}} now
+* Fix bug in wfMsgExt under PHP 5.1.2
+* (bug 5761) Project talk namespace broken in Xal, Os, Udm and Cv
+* Rewrite reassignEdits script to be more efficient; support optional updates to
+ recent changes table; add reporting and silent modes
+* Cleaned up formatNum usage in langfiles
+* (bug 5716) Warn when a user tries to upload a file which was previously
+ deleted
+* (bug 5565) Add a class attribute to the table on Special:Allpages
+* "lang=xx" option for parser test cases to set content language
+* (bug 5764) Friulian translation updated
+* (bug 5757) Fix premature cutoff in LanguageConverter with extra end markers
+* (bug 5516) Show appropriate "return to" link on blocked page
+* (bug 5377) Do not auto-login when creating an account as another user
+* (bug 5284) Special redirect pages should remember parameters
+* Suppress 7za output on dumpBackup
+* (bug 5338) Reject extra initial colons in title
+* (bug 5487) Escape self-closed HTML pair tags
+* Add "raw suffix" magic word for some magic words, e.g. {{NUMBEROFUSERS|R}}
+ will produce a count minus formatting
+* Fix Parser::cleanSig() to use Parser::startExternalParse() and choose an
+ appropriate output format given the scope of the clean
+* (bug 5593) Change "bureaucrat log" to "rights log"
+* Show a boilerplate "(none)" in place of a blank within the log action text for
+ user rights
+* (bug 137) Commented out translations for copyrightwarning which mention GNU FDL
+* (bug 5723) Don't count pages linked to from the MediaWiki namespace as "wanted"
+* (bug 5696) Add a third parameter, $3, to "rcnote", passing the current time
+ formatted according to the current user's settings
+* (bug 5780) Thousands and decimal separators for Norwegian
+* Updated initStats maintenance script
+* (bug 5767) Fix date formats in Vietnamese locale
+* (bug 361) URL in URL, they were almost fixed. Now they are.
+* (bug 4876) Add __NEWSECTIONLINK__ magic word to force the "new section" link/tab to
+ show up on specific pages on demand
+* Bidi-aid on list pages
+* (bug 5782) Allow entries in the bad image list to use canonical namespace names
+* (bug 5789) Treat "loginreqpagetext" as wikitext
+* Sanitizer: now handles nested <li> in <ul> or <ol>
+* (bug 5796) We require MySQL >=4.0.14
+* Add 'EmailConfirmed' hook
+* New findhooks.php script to find undocumented hooks.
+* Silently ignore errors on profiling table update.
+* (bug 5801) Correct handling of underscores in Special:Listusers
+* Clean up Special:Listusers; add an "(all)" label to the group selection box
+* (bug 5812) Use appropriate link colour in Special:Mostlinked
+* (bug 5802) {{CURRENTMONTHNAME}} variable broken in Vietnamese locale
+* (bug 5817) Appropriate handling for Special:Recentchangeslinked where the target
+ page doesn't exist
+* Special:Randompage now additionally accepts English namespace name as parameter
+* (bug 2981) Really fixed linktrail for Tamil (ta)
+* Disallow substituting Special pages when included into a page
+* (bug 5587) Clean up the languages from references to the Groups special page
+* Added new group-X and group-X-member messages
+* Rewritten removeUnusedAccounts to be more efficient, print names of inactive
+ accounts
+* Redirect Special:Userlist to Special:Listusers
+* Introduce $wgAllowTitlesInSVG, which allows the <title> attribute in uploaded files
+ bearing the image/svg MIME type. Disabled by default due to the vast majority of
+ web servers being hideously misconfigured. See DefaultSettings.php for more details.
+* Changed default LocalSettings.php to append the previous include path when setting it
+* (bug 5837) Use "members" for the value descriptor in Special:Categories,
+ Special:Wantedcategories and Special:Mostlinkedcategories.
+* (bug 3309) Allow comments when undeleting pages
+* Clean up Special:Undelete a bit
+* (bug 5805) messages nbytes, ncategories can now use {{plural:}}
+* Clean up Special:Imagelist a bit
+* (bug 5838) Namespace names for Nds-NL
+* (bug 5749) Added Tyvan language files
+* (bug 5791) Fix SQL syntax in Special:BrokenRedirects, was causing incorrect data to show
+* (bug 5839) Prevent access to Special:Confirmemail for logged-out users
+* (bug 5853) Update for Portuguese messages (pt)
+* (bug 5851) Use Cyrillic for Kirghiz language name
+* (bug 5841) Allow the 'EditFilter' hook to return a non-fatal error message
+* (bug 5846) Link to individual group description pages in Special:Listusers
+* (bug 5857) Update for German localisation (de)
+* (bug 5858) Update for Russian language (ru)
+* (bug 5860) Update for Indonesian language (id)
+* (bug 1120) Update for Czech language (Cs)
+* Added many missing formatNum calls
+* Added grammar function to Belarusian (be)
+* (bug 5819) Add 'PersonalUrls' hook
+* (bug 5862) Update of Belarusian language (be)
+* (bug 5886) Update for Portuguese messages (pt)
+* (bug 5586) <gallery> treated text as links
+* (bug 5878) Update for Indonesian language (id)
+* (bug 5697) Update for Malay language (ms)
+* (bug 5890) Update for German language (de)
+* (bug 5889) Name for Sindhi language should appear as سنڌي
+* --force-normal parameter on dump scripts to force check for ICU extension
+* (bug 5895) Update for Dutch language (nl)
+* (bug 5891) Linktrail for Polish language (pl)
+* User::isBureaucrat , User::isDeveloper , User::isSysop deprecated in
+ v1.6 now die with a backtrace. They will be removed in v1.8
+* dumpTextPass now skips goes to database for entries that were blank in the
+ previous dump, as this may indicate a broken dump.
+* dumpTextPass progress includes percentage of items prefetched
+* dumpTextPass can now use 7zip files for prefetch
+* (bug 5915) Update to Indonesian localisation (id)
+* (bug 5913) Update for German localisation (de)
+* (bug 5905) Plural support for Bosnian localisation (bs)
+* Groups which won't hit the rate limiter now configurable with
+ $wgRateLimitsExcludedGroups
+* (bug 5806) {{plural:}} support instead of "twin" MediaWiki messages
+* (bug 5931) Update for Polish language (pl)
+* Ignore the user and user talk namespaces on Special:Wantedpages
+* Introduce NUMBEROFPAGES magic word
+* (bug 5833) Introduce CURRENTVERSION magic word
+* (bug 5370) Allow throttling of password reminder requests with the rate limiter
+* (bug 5683) Respect parser output marked as uncacheable when saving
+* (bug 5918) Links autonumbering now work for all defined protocols
+* (bug 5935) Improvement to German localisation (de)
+* (bug 5937) Register links from gallery captions with the parent parser output
+ object so that link tables receive those updates too
+* (bug 5845) Introduce BASEPAGENAME and BASEPAGENAMEE magic words
+* (bug 5941) Use content language when getting the administrator page title for
+ Special:Statistics
+* (bug 5949) Update to Indonesian localisation (id)
+* (bug 5862) Update of Belarusian translation (be)
+* (bug 5950) Improvements to French localisation
+* (bug 5805) {{plural:}} support for counters in some special pages
+* (bug 5952) Improvement to German localisation (de)
+* Rename conflicting metadata help message to "metadata_help" (was "metadata")
+ and treat it as wiki text
+* Improve preferences input filtering
+* Maintenance script to import multiple files into the wiki
+* (bug 5957) Update for Hebrew language (he)
+* (bug 5962) Update for Italian language (it)
+* (bug 5961) Update for Portuguese localisation (pt)
+* (bug 5849) Remove some hard-coded references to "Wikipedia" in messages
+* (bug 5967) Improvement to German localisation (de)
+* (bug 5962) Update for Italian language (it)
+* Suppress images in galleries which appear on the bad image list (when rendering
+ for a wiki page; galleries in special pages and categories are unaffected)
+* Maintenance script to remove orphaned revisions from the database
+* (bug 5991) Update for Russian language (ru)
+* (bug 6001) PAGENAMEE and FULLPAGENAMEE don't work in FULLURL and LOCALURL magic
+ words
+* (bug 5958) Switch Uzbek language name to use latin script
+* (bug 839) Add URLENCODE magic word
+* (bug 6004) Update for Polish language (pl)
+* (bug 5971) Improvement to German localisation (de)
+* (bug 4873) Don't overwrite the subtitle navigation when viewing a redirect page
+ that isn't current
+* (bug 2203) Namespace updates for Thai
+* Fix breakage in parser test suite which caused incorrect reporting of the failure of
+ {{NUMBEROFFILES}}. Now initialises the site_stats table with some dumb data. Updated
+ the expected output for {{NUMBEROFARTICLES}} to reflect this.
+* (bug 6009) Use {{ns:project}} in messages where appropriate
+* (bug 6012) Update to Indonesian localisation (id)
+* (bug 6017) Update list of bookstores in German localisation files
+* (bug 5187) Allow programmatically bypassing username validation, for scripts
+* (bug 6025) SpecialImport: wrong message when no file selected
+* (bug 6015) EditPage: add spacing in the boxes "edit is minor" and "watch this"
+* (bug 6018) Userrights: new message when no user specified ('nouserspecified')
+* (bug 2015) Add "\sim" to ~ conversion for HTML rendering
+* (bug 6029) Improvement to German localisation (de)
+* (bug 5015) Update be: magic words
+* (bug 3974) Add parameter for site URL to "passwordremindertext"
+* (bug 6039) Update for Portuguese localisation (pt)
+* (bug 764) Add CREATE TEMPORARY TABLES to default database permissions
+* Big update to Swedish localisation (sv)
+* Use appropriate HTML functions to create the tool links on image pages, so they don't
+ look garbled when tidy isn't on
+* (bug 5511) Fix URL-encoding of usernames in links on Special:Ipblocklist
+* (bug 6046) Update to Indonesian localisation (id) #15
+* (bug 5523) $wgNoFollowNsExceptions to allow disabling rel="nofollow" in
+ specially-selected namespaces.
+* (bug 6055) Fix for HTML/JS injection bug in variable handler (found by Nick Jenkins)
+* Reordered wiki table handling and __TOC__ extraction in the parser to better
+ handle some overlapping tag cases.
+* Only the first __TOC__ is now turned into a TOC
+* (bug 4610) Indicate patrolled status on watchlists and allow users to mark
+ changes as patrolled using the diff links there
+* Add 'DiffViewHeader' hook called before diff page output
+* (bug 6051) Improvement to German localisation (de)
+* (bug 6054) Update to Indonesian localisation (id) #16
+* Add {{CURRENTTIMESTAMP}} magic word
+* (bug 6061) Improper escaping in some html forms
+* (bug 6065) Remove underscore when using NAMESPACE and TALKSPACE magics.
+* (bug 6074) Correct squid purging of offsite upload URLs
+* To simplify the lives of extension developers, the logging type arrays
+ can now be appended to directly by an extension setup function. It is
+ no longer necessary to write four separate functions just to add a
+ custom log type.
+* (bug 6057) Count "licenses" as a message (and show it in Special:Allmessages)
+* Added $wgGrammarForms global
+* Fixed hardcoded 'done.' when removing watchlist entries.
+* (bug 5962) Update for Italian language (it)
+* (bug 6086) Remove vestigial attempt to call Article::validate()
+* wfHostname() function for consistent server hostname use in debug messages
+* Send thumbnailing error messages to 'thumbnail' log group
+* wfShellexec() now accepts an optional parameter to receive the exit code
+* Failed, but not zero-length, thumbnail renderings are now removed.
+ Should help clean up when rsvg fails in weird ways.
+* (bug 6081) Change description for Turkmen language
+* Increase robustness of parser placeholders; fixes some glitches when
+ adjacent to identifier-ish constructs such as URLs.
+* Shut up the parser test whining about files in a temp directory.
+* (bug 6098) Add Aragonese language support (an)
+* (bug 6101) Update for Russian language (ru)
+* Add $wgIgnoreImageErrors to suppress error messages for thumbnail rendering
+ problems. If errors are transitory, this should reduce annoying messages
+ making it into cached display.
+* (bug 6103) Wrap self-links in a CSS class ("selflink")
+* (bug 6102) For consistency with other markup, normalize all HTML-encoded
+ character entities in URLs, not just ampersands. This allows use of eg
+ &#61; when making URLs for template parameters.
+* Markup anality: escape </ as <\/ in toolbar javascript for pure correctness
+ under HTML-compatible browsers.
+* (bug 5077) Added hook 'BeforePageDisplay' to SkinTemplate::outputPage
+* Replace fatally changed 'uploadnewversion' with 'uploadnewversion-linktext'
+* (bug 472) Syndication feeds for the last few edits of page history
+* Format edit comments in Recent Changes feed
+* Switch incorrectly ordered column headers on Recent Changes feed diffs
+* (bug 6117) Use message for history feed description, add German localization
+* (bug 1017) fixed thumbnails of animated gifs.
+* Add APC as object caching option
+* Update to Albanian localization (sq)
+* (bug 6099) Introduce {{DIRECTIONMARK}} magic word (with {{DIRMARK}} as an alias)
+* Use optimized php5-only microtime()
+* Add possibility to store local message cache as PHP executable script
+* Fix profiling table definition
+* (bug 6040) Run pre-save transform before calculating the diff. when doing a
+ "show changes" operation in the editor
+* (bug 4033) Respect $wgStyleDirectory when checking available skins
+* Remove hideous backslashes from MessagesBr.php
+* Fix APC object cache issues, add functionality to installer
+* (bug 6133) Update strip state as we work. This mostly fixes extensions
+ used in Cite.php <ref> tags when Tidy is on.
+* (bug 6139) Workaround for transclusion oddities in Vietnamese upload text
+* (bug 6136) Update to Catalan language (ca)
+* Update to Japanese localization (ja)
+* Add /usr/local/bin to the diff3 search paths in the installer
+* (bug 6106) Update to Indonesian localisation (id) #17
+* (bug 6125) Add links to edit old versions to diff views
+* (bug 5127) Auto edit summary when creating/editing redirect page
+* (bug 3926) Introduce {{#language:}} magic word
+* Fix section links from edit comments for [[:Image:Bla.jpg]] in section titles
+* (bug 6126) Allow fallback to customized primary language when user language
+ message contains '-'; fixes licenses selector on Commons configuration after
+ recent addition of the message to Messages.php
+* (bug 5527) Batch up job queue insertions for, hopefully, better survivability
+ of lock contention etc. Duplicates are now removed at pop time instead of
+ at insert time.
+* When showing the "blah has been undeleted" page, make sure it's a blue link
+* parserTests.php accepts a --file parameter to run an alternate test sutie
+* parser tests can now test extensions using !!hooks sections
+* Fix oddity with open tag parameters getting stuck on </li>
+* (bug 5384) Fix <!-- comments --> in <ref> extension
+* Nesting of different tag extensions and comments should now work more
+ consistently and more safely. A cleaner, one-pass tag strip lets the
+ 'outer' tag either take source (<nowiki>-style) or pass it down to
+ further parsing (<ref>-style). There should no longer be surprise
+ expansion of foreign extensions inside HTML output, or differences
+ in behavior based on the order tags are loaded.
+* (bug 885) Pre-save transform no longer silently appends close tags
+* Pre-save transform no longer changes the case of close tags
+* (bug 6164) Fix regression with <gallery> resetting <ref> state
+* Hackaround for IE 7 wrapping bug in MonoBook footer
+* New message sp-newimages-showfrom replaces rclistfrom on special:newimages
+* Improve handling of ;: definition list construct with overlapping or
+ nested HTML tags
+* (bug 6171) Fix sanitizing of HTML-elements with an optional closing
+ tag. The sanitizer still needs to learn how to make well-formed XML
+ in this case.
+* Fix fatal error when specifying illegal name for manual thumbnail
+* (bug 6184) Use shinier Linker::userLink() to make user links in
+ Special:Undelete
+* (bug 6170) Update for Kashubian translation (csb)
+* (bug 6191) Update to Indonesian translation (id) #18
+* (bug 6114) Update to Walloon localization (wa)
+* Added $wgNamespaceRobotPolicies to allow customisation of robot policies on a
+ per-namespace basis.
+* Add <ol> to the list of block elements for doBlockLevels; avoids <p>s being
+ interspersed into your ordered lists.
+* (bug 5021) Transcluding the same special page twice now works
+* Add 'SiteNoticeBefore' and 'SiteNoticeAfter' hooks
+* (bug 6182) Date passed in "sp-newimages-showfrom" not adjusted to user time
+ preferences
+* (bug 2587) Fix for section editing with comment prefix
+* (bug 2607) Fix for section editing with mix of wiki and HTML headings
+* (bug 3342) Fix for section editing with headings wrapped in <noinclude>
+* (bug 3476) Fix for section editing with faux headings in extensions
+* (bug 5272) Fix for section editing with HTML-heading subsections
+* Fix for bogus wiki headings improperly detected with following text
+* Fix for HTML headings improperly not detected with preceding/following text
+* Section extraction and replacement functions merged into one implementation
+ on the Parser object, so they can't get out of sync with each other.
+* Edit security precautions in raw HTML mode, etc
+* (bug 6197) Update to Indonesian translation (id) #19
+* (bug 6175) Improvement to German translation (de)
+* Redirect Special:Logs to Special:Log
+* (bug 6206) Linktrail for Swedish localization (se)
+* (bug 3202) Attributes now allowed on <pre> tags
+* Sanitizer::validateTagAttributes now available to discard illegal/unsafe
+ attribute values from an array.
+* (bug 3837) Leave <center> as is instead of doing an unsafe text replacement
+ to <div class="center">. <center> is perfectly valid in the target doctype
+ (XHTML 1.0 Transitional), while the replacement didn't catch all cases and
+ could even result in invalid output from valid input.
+* (bug 4280) Use 'noindex,nofollow' instead of 'noindex,follow' for default
+ meta robots tag on diff view and special pages. Should reduce impact of
+ robots on scrolling special pages, diffs etc on sites where robots.txt
+ doesn't forbid access.
+* Regression fix: suppress warning about session failure when clicking to
+ edit with 'preview on first edit' enabled.
+* (bug 6230) Regression fix: <nowiki> in [URL link text]
+* Added AutoLoader.php, which loads classes without need of require_once()
+* (bug 5981) Add plural function Slovenian (sl)
+* (bug 5945) Introduce {{CONTENTLANGUAGE}} magic word
+* {{PLURAL}} can now take up to five forms
+* (bug 6243) Fix email for usernames containing dots when using PEAR::Mail
+* Remove a number of needless {{ns:project}}-type transforms from messages files. These
+ usages already have separate label text. Such transforms are wasteful on each page view.
+* Update to Yiddish localization (yi)
+* (bug 6254) Update to Indonesian translation (id) #20
+* (bug 6255) Fix transclusions starting with "#" or "*" in HTML attributes
+* Whitespace now normalized more or less properly in HTML attributes
+* Fix regression(?) in behavior of initial-whitespace-pre in <center>
+* (bug 6260) Update to Interlingua localization (ia)
+* Update to Vlax Romany localization (rmy)
+* Update to Latin translation (la)
+* Update to Dutch translation (nl)
+* Avoid some notices in page history with bad input
+* Use double quoted consistently on attributes in linker output; preparing
+ for new normalization code when tidy not in use
+* Replace "nogomatch" with "noexactmatch" and place the magic colon in the messages
+ themselves. Some minor tweaks to the actual message content.
+* Introduce $wgContentNamespaces which allows for articles to exist in namespaces other
+ than the main namespace, and still be counted as valid content in the site statistics.
+* (bug 5932) Introduce {{PAGESINNAMESPACE}} magic word
+* Disable $wgAllowExternalImages by default.
+* (bug 2700) Nice things like link completion and signatures now work in <gallery> tags.
+* Cancel output buffering in StreamFile; when used inside gzip buffering this
+ could cause funny timeout behavior as the Content-Length was wrong.
+* Return correct content-type header with 304 responses for StreamFile;
+ it confuses Safari if you let it return "text/html".
+* (bug 6280) Correct GRAMMAR for Slovenian localisation (sl)
+* (bug 6162) Change date format for Dutch Low Saxon (nds-nl)
+* (bug 6296) Update to Indonesian localisation (id) #21
+* Introduce EditFormPreloadText hook, see docs/hooks.txt for more information
+* (bug 4054) Add "boteditletter" to recent changes flags
+* Update to Catalan localization (ca)
+* (bug 2099) Deleted image files can now be archived and undeleted.
+ Set $wgSaveDeletedFiles on and an appropriate directory path in
+ $wgFileStore['deleted']['directory']
+* (bug 6324) Fix regression in enhanced RC alignment
+* Introduce {{NUMBEROFADMINS}} magic word
+* Update to Slovak translation (sk)
+* Update to Alemannic localization (gsw)
+* (bug 6300) Bug fixes for sr: variants
+* namespaceDupes.php can now accept an arbitrary prefix, for checking rogue
+ interwikis and such. Not yet fully automated.
+* (bug 6344) Add Special:Uncategorizedimages page
+* (bug 6357) Update to Russian translation (ru)
+* Workaround possible bug in Firefox nightlies by properly removing the
+ Content-Encoding header instead of sending explicit 'identity' value
+ in StreamFile
+* (bug 6304) Show timestamp for current revision in diff pages
+* Vertically align current version with old version header in diff display
+* (bug 6174) Remove redundant "emailforlost" message
+* (bug 6189) Show an error to an unprivileged user trying to create account
+* (bug 6365) Show user information in the "old revision" navigation links
+* Introduce 'FetchChangesList' hook; see docs/hooks.txt for more information
+* (bug 6345) Update to Indonesian localisation (id) #22
+* (bug 6279) Add genitive month names to Slovenian localisation
+* (bug 6351) Update to German translation (de)
+* Respect language directionality when displaying arrow in Special:Brokenredirects
+* Remove unused "validation" table definitions from the schema files
+* (bug 6398) Work around apparent PCRE bug breaking section editing when
+ massively-indented preformatted text immediately followed a header
+* (bug 6392) Fix misbehaving <br /> in preferences form
+* Add translated magic words to Hebrew localization
+* (bug 6396) Change name for Chuvash language
+* Introduce optional (off by default) language selector bar for user login
+ and registration. Customisable via the "loginlanguagelinks" message, the
+ links will preserve "returnto" values. If the user creates an account while
+ using such a link, then the language in use will be saved as their language
+ preference.
+* Make sure '~~~' '~~~~' '~~~~~' are removed in Nickname preference.
+* Rename "ipusuccess" to "unblocked", change the format (now wiki text)
+* (bug 2316) Add "caption" attribute to <gallery> tag
+* Allow setting the skin object that ImageGallery will use; needed during parse
+ operations (the skin must come from the ParserOptions, not $wgUser)
+* Fix notice in MacBinary detection debug data for files of certain lengths
+* (bug 6131) Add type detection for DjVu files, allowing them to be uploaded
+ with validity checking and size detection. No inline thumbnailing yet,
+ but could be added in the future.
+* (bug 6423) Don't update newtalk flag if page content didn't change (null edits
+ were causing the newtalk flag to trigger inappropriately)
+* Parser functions are now set using magic words.
+* (bug 6428) Incorrect form action URL on Special:Newimages with hidebots = 0 set
+* (bug 4990) Show page source to blocked users on edits, or their modified version
+ if blocked during an edit
+* (bug 5903) When requesting the raw source of a non-existent message page,
+ return blank content (as opposed to the message key)
+* Improve default blank content of MediaWiki:Common.css and MediaWiki:Monobook.css
+* (bug 6434) Allow customisation of submit button text on Special:Export
+* (bug 6314) Add user tool links on page histories
+* Fix display of file-type icons in galleries when $wgIgnoreImageErrors is off
+* (bug 6438) Update to Indonesian translation (id) #23
+* Adding the language code parameter to the hook "LanguageGetMagic", to allow
+ localizble extensions magic words.
+* Update to Romanian translation (ro)
+* Update to Esperanto translation (eo)
+* Check for preg_match() existence when installing and die out whining about PCRE
+ if it's not there, instead of throwing a fatal error
+* (bug 672) Add MathAfterTexvc hook
+* Update to Piedmontese localization (pms)
+* dumpBackup can optionally compress via dbzip2
+* (bug 2483) Run link updates on change via XML import
+* (bug 2481) List imported pages during Special:Import
+* (bug 2482) Log and RC entries for Special:Import events
+* Allow fetching all revisions from transwiki Special:Import
+* Allow fetching all revisions from Special:Export GET request
+* Disable output buffering on Special:Export; should help with streaming
+ large numbers of history items.
+* Allow setting a maximum number of revisions for history Special:Export;
+ pages with more than $wgExportMaxHistory revisions are excluded from
+ export when history is requested.
+* Fix transwiki import of pages with space in name
+* Save null edit when importing pages through Special:Import
+* Update to Korean translation (ko)
+* Show a more specific message when an anonymous user tries to access Special:Watchlist
+* (bug 3278) Paging links in Special:Prefixindex
+* Added Latvian localization (lv)
+* (bug 6472) Fix regression in Special:Export with multiple pages
+* Update to Macedonian translation (mk)
+* Allow page moves over historyless self-redirects. Such are usually created
+ as part of namespace rearrangements, and it's easier to clean them up if
+ we can move over them.
+* Show some error results in moveBatch.php
+* (bug 6479) Allow specification of the skin to use during HTML dumps
+* (bug 6461) Link to page histories in Special:Newpages
+* (bug 6484) Don't do message transformations when preloading messages for editing
+* (bug 6201) Treat spaces as underscores in parameters to {{ns:}}
+* (bug 6006) Allow hiding the password change fields using an authentication plugin
+* (bug 6489) Use appropriate link colour on Special:Shortpages
+* Added formatnum magic word
+* Added Javanese localization (jv)
+* (bug 6491) Apply bad image list in category galleries
+* (bug 6488) Show relevant log fragment in Special:Movepage
+* Fix potential PHP notice in Special:Blockme when $wgBlockOpenProxies is true
+* Use mysql_real_escape_string instead of addslashes for string escaping in
+ the MySQL Database class. This may fix some rare breakage with binary fields.
+ Note that MediaWiki does not support the multibyte character sets where a
+ "dumb" byte replacement can be actively dangerous; UTF-8 is always safe
+ in this regard due to the bit patterns which make head and tail bytes
+ distinct.
+* (bug 6497) Use $wgMetaNamespaceTalk for Esperanto if set
+* (bug 6498) Use localized forms for image size in Special:Undelete
+* (bug 6485) Update to Indonesian translation (id) #24
+* Extension messages translation is now possible.
+* Add target namespace override selector for transwiki imports.
+ $wgImportTargetNamespace specifies the default, to be used for
+ Wiktionary's 'Transwiki:' namespace etc.
+* (bug 6506) Update to German localisation (de)
+* (bug 502) Avoid silly tabs on bad title by using virtual special page
+* (bug 6511) Add diff links to old revision navigation bar
+* (bug 6511) Replace 'oldrevisionnavigation' message with 'old-revision-navigation'
+* Fix regression in Polish genitive month forms
+* (bug 4037) Make input handling in Special:Allpages and Special:Prefixindex
+ more consistent: Accept just a namespace prefix and a colon, reject input
+ with interwiki prefixes, otherwise do what Title::makeTitleSafe() does.
+* (bug 6516) Update to Russian translation
+* New 'allpagesbadtitle' message for Special:Allpages, based on 'badtitletext'.
+* Rename "searchquery" to "searchsubtitle" and support wiki text in it
+* Introduce updateArticleCount maintenance script which uses a better check that
+ reflects what Article::isCountable() tests for
+* Introduce 'BadImage' hook; see docs/hooks.txt for more information
+* Add "searchsubtitleinvalid" message for searches that are not valid titles.
+* (bug 5962) Update to Italian localisation
+* (bug 6530) Update to Indonesian localisation (id) #25
+* (bug 6523) Fix SVG issue in rebuildImages.php
+* (bug 6512) Link to page-specific logs on page histories
+* (bug 6504) Allow configuring session name with $wgSessionName
+* (bug 6185) Add standard user tool links to log page views
+* Update to Venetian translation (vec)
+* Update to Slovenian translation (sl)
+* Add standard user tool links to deleted revision list
+* Separate out EditPage's getContent bits from regular Article getContent.
+ Cleans up read-only-mode warning on empty pages and neats up some code.
+* (bug 6565) Strict JavaScript writing
+* (bug 6570) Update to Indonesian localisation (id) #26
+* Added Telugu translation (te)
+* Update to Catalan translation (ca)
+* (bug 6560) Avoid PHP notice when trimming ISBN whitespace
+* Added namespace translation to Kannada (ka)
+* (bug 6566) Improve input validation on timestamp conversion
+* Implicit group "emailconfirmed" for all users whose email addresses are confirmed
+* (bug 6577) Avoid multiline parser breakage on <pre> with newline in attribute
+* (bug 6771) Make old revisions of MediaWiki pages available with action=raw
+
+== Changes since 1.5 ==
+
+* (bug 2885) More PHP 5.1 fixes: skin, search, log, undelete
+
+Code quality:
+* Use strval() to make sure we don't accidentally get null on bad revision
+ text loads or other fields mucking up XML export output
+* Clean up duplicate code for selection of changeslist style
+* Correct blob caching to reduce redundant blob loads on backups
+* (bug 3182) Clear link cache during import to prevent memory leak
+* Fixed possible infinite loop in formatComment
+* Wrap message page insertions in a transaction to speed up installation
+* Avoid notice warning on edit with no User-Agent header
+* (bug 3649) Remove obsolete, broken moveCustomMessages script
+* Avoid numerous redundant latest-revision lookups in history
+* Require PHP 4.3.2 or higher strictly now.
+* Tweak infinite-template-handling loop for PHP 5.1.1 string handling change
+* Remove unused OutputPage::addCookie()
+* Fix for short_open_tag off again; please don't break this, guys
+* (bug 4507) Adjust FULLPAGENAMEE escaping to standard form
+* (bug 5302) Merge the two #p-search .pBody statements in monobook css.
+
+Database:
+* Finally dropped MySQL 3.23.x support
+* Oracle support
+* (bug 3056) MySQL 3 compatibility fix: USE INDEX instead of FORCE INDEX
+* Update all stats fields on recount.sql
+* (bug 3227) Fix SQL injection introduced in experimental code
+* Fix table prefix usage in Block::enumBlocks
+* (bug 3448) Set page_len on undelete
+* (bug 3506) Avoid MySQL error when Listusers returns no results
+* Skip update of disused 'rc_cur_time' field (todo: discard the field)
+* (bug 3735) Fix to run under MySQL 5's strict mode
+* (bug 3786) Experimental support for MySQL 4.1/5.0 utf8 charset mode
+ NOTE: Enabling this may break existing wikis, and still doesn't
+ work for all Unicode characters due to MySQL limitations.
+* MySQL 5.0 strict mode fix for moving unwatched pages
+* Ability to set the table name for external storage servers
+* Update ipblocks table in MySQL 5 table defs
+* Removed FulltextStoplist.php, no longer used (was for MySQL 3.x workaround)
+* Added templatelinks table, to track template inclusions. User-visible effects
+ will be:
+ * (inclusion) tag for inclusions in Special:Whatlinkshere
+ * More accurate list of used templates on the edit page
+ * More reliable cache invalidation when templates outside the template
+ namespace are changed
+* Respect database prefix in dumpHTML.inc
+* Removed read-only check from Database::query()
+* Added externallinks table, to track links to arbitrary URLs
+* Added job table, for deferred processing of jobs. The immediate application is
+ to complete the link table refresh operation when templates are changed.
+* Don't change the password of the MySQL root user.
+
+Documentation:
+* (bug 3306) Document $wgLocalTZoffset
+
+Hooks:
+(list not complete)
+* Move ArticleSave hook execution into Article insert/update functions,
+ so they get called on non-EditPage actions that use these functions
+ to create or update pages.
+* Added EditFilter hook, and output callback on EditPage::showEditForm()
+ for a place to add in captcha-type extensions in the edit flow
+* (bug 3684) Fix typo in fatal error backtraces in Hooks.php
+* Fix for hook callbacks on objects containing no fields
+* Add a hook for additional user creation throttle / limiter extensions
+* Use $wgOut->parse() in wfGetSiteNotice() instead of creating a new parser
+ instance. This allows use of extension hooks if required.
+* Added AutoAuthenticate hook for external User object suppliers
+* Added 'PageRenderingHash' hook for changing the parser cache hash key
+ from an extension that changes rendering based on nonstandard options.
+* Add 'GetInternalURL' hook to match the GetFullURL and GetLocalURL ones
+* (bug 4456) Add hook for marking article patrolled
+* Add UserRights hook, fires after a user's group memberships are changed
+
+Images:
+* Support SVG rendering with rsvg
+* Cap arbitrary SVG renders to given image size or $wgSVGMaxSize pixels wide
+* (bug 3127) Render large SVGs at image page size correctly
+* Fix scaling of non-integer SVG unit sizes
+* (bug 2800) Don't scale up small images on |thumb| without explicit size
+* Use the real file link instead of the default-size rasterized version for
+ large SVG images on image description page
+* Include the file name/type/size line for non-resized images
+* (bug 3489) PHP 5.1 compat problem with captioned images
+* (bug 3643) Fix image page display of large images with resizing disabled
+* Added a limit to the size of image files which can be thumbnailed
+* (bug 3806) Gracefully fall back to client-side scaling on |thumb| image
+ that passes $wgMaxImageArea
+* (bug 153) Adjust thumbnail size calculations to match consistently;
+ patch by David Benbennick
+* (bug 4162) Add $wgThumbnailEpoch timestamp to force old thumbs to
+ be rerendered on demand, sitewide
+* (bug 1850) Additional fixes so existing local and remote images
+ get a blue link even if there's no local description page
+* Avoid FATAL ERROR when creating thumbnail of non-existing image
+* (bug 4207) Wrong image size when using 100x200px syntax to scale image up
+ patch by David Benbennick
+* Don't delete thumbnails when refreshing exif metadata. This caused thumbs
+ to vanish mysteriously from time to time for files that didn't have metadata.
+* (bug 4426) Add link to user_talk page on image pages
+* Support a custom convert command for thumbnailing. See DefaultSettings.php
+ and the comments for $wgCustomConvertCommand, for more information.
+* UserCan hook now allows advisory return values, rather than mandatory ones.
+
+Installer:
+* (bug 3782) Throw fatal installation warning if mbstring.func_overload on.
+ Why do people invent these crazy options that change language semantics?
+* Fixed installer bugs 921 and 3914 (issues with using root and so forth)
+* (bug 4258) Use ugly urls for ISAPI by default
+ patch by Rob Church
+* Improve installer
+ * Use a superuser account (such as root), if specifed, to create tables
+ * Don't overwrite conservative permissions on the mySQL user with ALL
+ permissions, if said user exists
+ * Changes to some of the wording of explanations for fields
+* (bug 1734) granting db permissions failed with db usernames containg '-'
+* Add basic check for session support in PHP and die if not present
+
+Maintenance:
+* Fix problem reported on mailing list where re-initialising stats didn't work (can't insert
+ duplicate rows with the same id field)
+* Added --conf option to command line scripts, allowing the user to specify a
+ different LocalSettings.php.
+* Maintenance script to delete unused text records
+* Maintenance script to delete non-current revisions
+* Maintenance script to wipe a page and all revisions from the database
+* Maintenance script to reassign edits from one user to another
+* Maintenance script to find and remove links to a given domain (cleanupSpam.php)
+* Fix --report interval option for dumpTextPass
+
+i18n / Languages:
+* Partial support for Basque language (from wikipedia and meta)
+* (bug 3141) Partial support for Breton language (thanks Fulup).
+* Support for venitian language
+* (bug 1334) LanguageGa.php update
+* Finnish date format was hardcoded, now implemented properly
+* (bug 3190) Added some date format choices for language sr
+* (bug 2753) Some namespaces were not translated in LanguageTa.php (Tamil)
+* (bug 3204) Fix typo breaking special pages in fy localization
+* (bug 3177) Estonian date formats not implemented in LanguageEt.php
+* (bug 1020) Changing user interface language does not work immediately
+* (bug 3271) Updated LanguageNn.php for HEAD
+* Experimental feature to allow translation of block expiry times
+ Implementation only for Finnish currently
+* (bug 3304) Language file for Croatian (LanguageHr.php)
+* (bug 2143) Update Vietnamese interface
+* (bug 3063) Remove some hardcodings from Hebrew localisation
+* (bug 3408) Bulgarian formatNum corrected
+* (bug 1512) Disable x-code interp on Esperanto URLs for now, it does more
+ harm than good under current system by breaking incoming URLs with "ux".
+ (Editing is not affected, just URLs.)
+* (bug 1423) LanguageJa.php update
+* Fix language name for dv
+* (bug 3503) Update LanguageSq.php from sq.wikipedia.org messages
+* (bug 3629) Fix date & time format for Frisian
+* (bug 3334) Namespace changes for Polish
+* (bug 3580) Change default Dutch language file to more neutral
+* (bug 3656) LanguageHr.php - added convertPlural
+* (bug 3414) LanguageBe.php - added convertPlural
+* (bug 3163) Full translation of LanguageBr
+* (bug 3617) Update for portuguese language (pt)
+* Namespaces hacks on LanguagePl
+* (bug 3682) LanguageSr.php - added convertPlural
+* (bug 3694) LanguageTr.php update
+* (bug 3711) Removed invisible unicode characters from LanguageHu
+* (bug 2981) Linktrail for Tamil (ta)
+* (bug 3722) Update of Arabic language (ar) Namespace changes
+* Removed hardcoded Norwegian (no) project namespaces
+* (bug 2324) image for redirects should be without text and oriented according to content language
+* (bug 3666) Don't spew PHP warnings in prefs on unrecognized site language
+* (bug 3817) Use localized date formats in preferences; 'no preference' option
+ localizable as 'datedefault' message. Tweaked lots of languages files...
+* (bug 2721) Regression: Use European number separators for vi: wikis
+* (bug 3961) minor languageDe changes
+* (bug 1984) LanguageKo.php (Korean) update
+* (bug 3804) update of LanguageWa.php file
+* (bug 3886) Update for Portuguese language (pt)
+* (bug 4020) Update namespaces for ms
+* (bug 3922) bidi embedding overrides on category links
+* (bug 4061) Update of Slovene namespace names (LanguageSl.php)
+* (bug 4064) LanguageDe comma changes
+* (bug 3922) Further tweaks to bidi overrides in category list for old
+ versions of Safari and Konqueror
+* Fix custom namespaces on wikis set for Portuguese
+* (bug 4153) Fix block length localizations in Greek
+* (bug 3844) ab: av: ba: ce: & kv: now inherit from LanguageRu.php
+ ii: & za: now inherit from LanguageZn_cn.php
+* (bug 4165) Correct validation for user language selection (data taint)
+* (bug 4192) Remove silly 'The Free Encyclopedia' default sitesubtitle
+* Use content-lang for sitenotice
+* (bug 4233) Update LanguageJa.php
+* (bug 4279) Small correction to LanguageDa.php
+* (bug 4108, 4336) Remove trailing whitespace from various messages, which
+ mucks up message updating to create dupe entries
+* (bug 4389) Fix math options on zh-hk and zh-tw (but not localized)
+* (bug 4392) Update of LanguageSr.php
+* (bug 4382) Frisian numeric format
+* (bug 4424) Update for Spanish language (es) 100% messages translated
+* (bug 4425) Typos in Polish translation
+* (bug 4436) Update for Turkish language (tr)
+* (bug 4413) Update of Farsi language file (LanguageFa.php)
+* Update for LanguageSr (Serbian): magic words
+* (bug 137) MediaWiki:Copyrightwarning hardcoding
+* (bug 4457) Update for Portuguese language (pt)
+* convertPlural breakage fixed a little
+* (bug 4144) Support for Sudanese language (Basa Sunda)
+* Big cleanup:
+ - Removed obsolote, badly or untranslated messages
+ - Removed references to wikipedia/wikimedia etc in messages
+ - Other cleanup, like removing html and javascript and extension calls
+ - Removed hardcoded namespaces: Tt, Ms, Ia, Ga, Fo, Bn, Csb, He, Nv, Oc, Tlh
+ - Removed some useless backwards compatibility hacks
+ - Fixed formatnum on many languages
+* wgAmericanDates check produced incorrect results in languages that don't have
+ a such distinction
+* (bug 4548) Update for Portuguese language (pt): time format
+* (bug 4530) Use consistent name for Kurdish
+* Tweak default "upload disabled" text
+* (bug 4504) Use site language for namespace name resolution
+* (bug 4510) Correct Barnes & Noble bookstore URLs
+* (bug 3991) Allow the operation of wikicode on Protect move only text
+* (bug 4267) Switch dv sd ug ks arc languages to RTL
+* Default main page content improved per bug 4690
+* (bug 4615) Update for Portuguese language (pt)
+* Separated MessagesSl.php as the other languages.
+* (bug 4960) Add additional namespaces variants to Yiddish for compatibility
+* (bug 4805) Removed more wikipedia-references from MessagesUk.php
+* (bug 5015) Update magic words translation in LanguageBe.php
+* (bug 4859) Update for Portuguese messages (pt)
+* (bug 4788) One string for MessagesPl
+* Restriction types now use restriction-* messages instead of ui messages
+* (bug 4685) Slovenian LanguageSl.php hardcodes project namespace
+* (bug 5097) Fix Hungarian language (hu): thousands separator
+* (bug 5098) Update for Portuguese messages (pt)
+* (bug 5113) Spelling error in French language file
+* (bug 5105) Magic words for LanguageAr.php
+* (bug 3993) Variants for Serbian language
+* Typo in English messages file
+* (bug 4114) Spacing in watchlist rows (in editing mode)
+* Update default "exporttext" to reflect that Special:Import exists
+* (bug 4960) Add additional namespaces variants to Yi projects: Yiddish Wikinews fix
+* (bug 5357) Add the icon near the user name also in RTL interfaces
+* (bug 5156) Update for Hebrew language (he)
+* (bug 4497,4704,5010) Added some new language codes.
+* (bug 5362) Piedmontese added
+* (bug 5349) Update for Portuguese messages (pt)
+* (bug 3573) Finished full Greek translation: namespaces
+* (bug 5288) Initial localisation for Az
+* (bug 4361) Fix "allmessagesnotsupportedui" so it doesn't refer to nonexisting
+ page
+* Tweak wording of "allmessagesnotsupporteddb"
+
+Parser:
+* (bug 2522) {{CURRENTDAY2}} now shows the current day number with two digits
+* (bug 3210) Fix Media: links with remote image URL path
+* (bug 3405) Don't use raw letters as aliases of MSGNW: and SUBST:
+* (bug 3412) Clean up date format handling so ~~~~-sigs work with default
+ format as designed. Documentation comments updated.
+* Fix Parser::unstrip on PHP 5.1.0RC4
+* (bug 3797) Don't expand variables and sigs in comments
+* Allow parser cache on redirect targets
+* Run wikitext-escaping on plaintext sigs (no wiki markup, just name)
+* Check for unbalanced HTML tags on raw sigs (markup allowed, but show
+ a warning in prefs and use default sig if not balanced)
+* Respect <noinclude> and <includeonly> during {{subst:}} expansion as well as
+ ordinary templates.
+* Support <includeonly> in templates loaded through preload= parameter
+* (bug 3979) Save correct {{REVISIONID}} into parser cache on edit
+* Substitute {{REVISIONID}} correctly in diff display
+* (bug 1850) Allow red-links on image pages linked with [[:image:foo]]
+* Fix XML validity checks in parser tests on PHP 5.1
+* (bug 4377) "[" is not valid in URLs
+* (bug 4453) fix for __TOC__ dollar-number breakage
+* Convert unnecessary URL escape codes in external links to their equivalent
+ character before doing anything with them. This prevents certain kinds of
+ spam filter evasion.
+* (bug 4783) : Fix for "{{ns:0}} does not render"
+* Improved support for interwiki transclusion
+* (bug 1850) Image link to nonexistent file fixed.
+* (bug 5167) Add {{SUBPAGENAME}} and {{SUBPAGENAMEE}} variables
+* (bug 4949) Missing : in "addedwatchtext" for English and Spanish
+* Allow user-defined functions, which work in a similar way to {{GRAMMAR:}}
+ etc. Registered via an interface similar to tag hooks.
+
+Upload:
+* (bug 2527) Always set destination filename when new file is selected
+* (bug 3076) Support MacBinary-encoded uploads from IE/Mac
+* (bug 2554) Tell users they are uploading too large file
+* Support for a license selection box on Special:Upload, configurable from MediaWiki:Licenses
+* Add 'reupload' and 'reupload-shared' permission keys to restrict new uploads
+ overwriting existing files; default is the old behavior (allowed).
+
+Security:
+* (bug 3244) Fix remote image loading hack, JavaScript injection on MSIE
+* (bug 3280) Respect 'move' group permission on page moves
+* (bug 2613) Clear saved passwords from the form
+* IP privacy fix for blocklist search on autoblocks
+* Security fix for <math>
+* Security fix for tables
+* Security fix for Special:Upload license selection list
+* Add UploadVerification hook for custom file upload validation/security checks
+* Blacklist additional MSIE CSS safety tricks
+* Fix meta robots tag on Special:Version again to avoid listing vulnerable
+ versions for convenient harvesting by automated worms
+* Sanitizer CSS comment processing order fix
+* Forbid usernames that can be interpreted as titles with namespaces, as that
+ leads to hard-to-manage names.
+* (bug 4071) Generate passwords long enough for $wgMinimalPasswordLength
+* Add createpage and createtalk permission keys, allowing a quick
+ switch to disable page creation for anonymous users.
+* (bug 675) Add page protection level for unregistered/new accounts
+* User::isNewbie now uses the registration date and $wgAutoconfirmAge
+* Add 'deletedhistory' permission key for ability to view deleted history
+ list via Special:Undelete. Default is off, replicating the 1.5 behavior,
+ but it can be turned back on for random users to replicate the previous
+ 1.6 dev behavior.
+* Set cookies to secure mode based on use of HTTPS or $wgCookieSecure
+* (bug 4371) Disallow tilde character in signatures
+* Removed broken wgAllowAnonymousMinor and added new group right minoredit
+* Added detection for WMF files (application/x-msmetafile), added this
+ MIME type to the default blacklist. Prevented inline display of images
+ which are not of known image types. This is in response to
+ http://en.wikipedia.org/wiki/Windows_Metafile_vulnerability
+* Blocked users can no longer roll back, change the protection of, or delete/undelete pages
+* Protect against spoofing of X-Forwarded-For header
+* XSS issue : now sanitize search query input (fixed in 1.5rc3)
+* Remove deprecated $wgOnlySysopsCanPatrol references; use User::isAllowed( 'patrol' )
+ per bug 5282. Patch by Alan Harder.
+* Prevent registration/login with the username "MediaWiki default"
+
+Special Pages:
+* Rearranged Special:Movepage form to reduce confusion between destination
+ title and reason input boxes
+* (bug 1956) Hide bot uploads from Special:Newimages
+* (bug 3220) Fix escaping of block URLs in Recentchanges
+* (bug 3284) Ipblocklist paging, substring search
+* Allow filtering of robot edits in Special:Watchlist by setting
+ $wgFilterRobotsWL = true.
+* Fix interlanguage links on special pages when extra namespaces configured
+* (bug 3475) anon contrib links on Special:Newpages
+* Special:Import/importDump fixes: report XML parse errors, accept <minor/>
+* (bug 2369) Add separate message for input box on Special:Prefixindex
+* (bug 3798) DoubleRedirects no longer has hard coded arrows
+* (bug 3803) Fix links on Special:Wantedcategories with miser mode off
+* Fix Special:BrokenRedirects on MySQL 5.0
+* (bug 3807) Fix 'all' in namespaces drop-down on contribs, rc
+* Fail gracefully on invalid namespace in Special:Newpages
+* (bug 3762) Define missing Special:Import UI messages
+* (bug 3761) Avoid deprecation warnings in Special:Import
+* (bug 2894) Enhanced Recent Changes link fixes
+* (bug 4059) fix 'hide minor edits' on Recentchangeslinked
+* (bug 146) List number of category members in Special:Categories
+ (patch by Joel Nothman)
+* (bug 4090) Fix diff links in Special:Recentchangeslinked
+* (bug 4093) '&bot=1' in Special:Contributions now propagate to other links
+* Fix display of old recentchanges records for page moves
+* (bug 360) Let Whatlinkshere track [[:image:foo]] links
+* (bug 3073) Keep search parameter on paging in Special:Newimages
+* Removed Special:Validate, it's been superseded by the Review extension
+* (bug 4359) red [[user:#id]] links generated in [[special:Log]]
+* (bug 1996) Special page to list redirects
+* (bug 4334) Add "watch" links to Special:Unwatchedpages
+* Generate target user page links in Special:Ipblocklist where appropriate
+ (i.e. not an autoblock)
+* Generate link to talk page of the blocker in Special:Ipblocklist, move
+ contribs. link of the target next to their name
+* (bug 2714) Backlink from special:whatlinkshere was hard set as 'existing'
+* Move parentheses out of <a> link in Special:Contributions
+* (bug 3192): properly check 'limit' parameter on Special:Contributions
+* (bug 3187) watchlist text refer to unexistent "Stop watching" action
+* Add block, block log and general log links to Special:Contributions
+* Add contributions link to block log items
+* Added optional "hide own edits" feature to Special:Recentchanges
+* (bug 5018) Anchors for each message in Special:Allmessages
+* Introduce $wgWantedPagesThreshold per bug 5011; Special:Wantedpages will not
+ list pages with less than this number of links. Defaults to 1.
+* (bug 4319) Don't show a "create account" link on the login form when
+ account creation is disabled.
+* JavaScript filter for Special:Allmessages
+* (bug 3047) Don't mention talk pages on Special:Movepage when there isn't one
+* Show links to user page, talk page and contributions page on Special:Newpages
+* Special:Export can now export a list of all contributors to an article (off by default)
+* (bug 5372) Add number of files to Special:Statistics
+* (bug 2871) Links to talk pages in watchlist editing view
+* (bug 5385) Allow hiding anonymous edits on Special:Recentchanges
+* (bug 2544) Illogical error reporting order in Special:Userlogin
+* (bug 5409) Hide "show/hide patrolled edits" in Special:Recentchanges if patrolling
+ is disabled
+* (bug 5447) Convert first letter of username to uppercase before searching in Special:Listusers
+* (bug 759) Wrap redirects on the watchlist editing page in a span, class "watchlistredir"
+* (bug 1862) Namespace filtering in watchlists
+
+Misc.:
+* PHP 4.1 compatibility fix: don't use new_link parameter to mysql_connect
+ if running prior to 4.2.0 as it causes the call to fail
+* (bug 3117) Fix display of upload size and type with tidy on
+* (bug 2323) Remove "last" tabindex from history page
+* (bug 3116) Division by zero on [[Image:Foo.png|123x123px|]]
+* Fix display of read-only lockfile message
+* Include software-visible client IP address in Special:Version comment
+ as a proxy debugging aid
+* (bug 3170) Page Title failed to obey MediaWiki:Pagetitle.
+ wikititlesuffix was removed
+* Add ability to break off certain debug topics into additional log files;
+ use $wgDebugLogGroups to configure and wfDebugLog() to log.
+* Edit conflict on recreation of deleted page
+* (bug 3216) Don't show empty warning page when no warnings.
+* (bug 3218) Use proper quoting on history Compare Revisions button
+* Fix upgrade from 1.4 due to version number check breakage [for rc future]
+* Fix upgrade from 1.4 with no old revisions
+* Remove "info" editing toolbar that was shown in browsers which do not
+fully support the editing toolbar, but was found to be too confusing.
+* Don't override edit conflict suppression on section edits; section merging
+ should provide the expected transparency here and fits usage patterns better.
+* (bug 3292) Fix move-over-redirect test when current entries are not plaintext
+* (bug 2078) Don't hide watch tab on preview
+* Fix regressions in ChangesList traditional layout
+* Fix edit on double-click for move-protected pages in Classic skin
+* (bug 3485) Fix bogus warning about filename capitalization when off
+* (bug 2570) Add 'watch this page' checkbox on uploads, watch uploads
+ by default when 'watchdefault' option is on
+* Add options to dumpBackup.php for making split/partial dumps by page id
+* Added filter options, compression piping, and multiple output streams for
+ dumpBackup.php
+* (bug 3595) Warn and abort if importDump.php called in read-only mode.
+* (bug 3598) Update message cache on message page deletion, patch by Tietew
+* Added separate noarticletext and newarticletext messages for logged in and anon users.
+* (bug 3332) Installation now uses Monobook, validates, plus usability improvements.
+* (bug 3660) Update diff3 detection to work with Windows/Cygwin
+* (bug 2330) Don't do funny thinks with "links" in MediaWiki:Undeletedtext
+* Two-pass data dump for friendliness to the DB (--stub, then dumpTextPass.php)
+* Data dump 'prefetch' mode to read normalized text from a prior dump
+ (requires PHP 5, XMLReader extension)
+* (bug 2773) Print style sheet no longer overrides RTL text direction
+* (bug 2938) Update MediaWiki:Exporttext to be more general
+* Various fixes
+* Fix wfMsg*() replacements; args containing literal $[2-9] were wiped
+* Added @import for [[MediaWiki:Common.css]] to all skins
+* Edit box now remembers scrollbar position on preview
+* (bug 3816) Throw edit conflict instead of fatal error when a page is
+ moved or deleted during section edit
+* (bug 3771) Handle internal functions in backtrace in wfAbruptExit()
+* (bug 3291) 'last' diff link for last history line when not at end
+* (bug 3667) Add missing global in page move code
+* (bug 2885) Remove unnecessary reference parameter which broke classic skin
+ talk notification on PHP 5.0.5
+* (bug 3852) "Redirected from" link no longer obscured on double-redirects
+* changed directory hierarchy in images/math/. System upgrades from old to
+ new hierarchy on the fly.
+* (bug 3487) Fix category edit preview with preview-on-bottom
+* (bug 918) Search index incorrectly joined words at == headings ==
+* (bug 3877) Render math images into temp directory, then move to hashed
+ subdir so you can render new math images and have them work
+* (bug 2392) Fix Atom items content type, upgrade to Atom 1.0
+* Allow $wgFeedCacheTimeout of 0 to disable feed caching
+* Fix WebRequest::getRequestURL() to strip off the host bits squid prepends
+* Require POST for action=purge, to stop bots from purging the cache
+* Added local message cache feature ($wgLocalMessageCache), to reduce bandwidth
+ requirements to the memcached server.
+* (bug 3562) for go search, try Caps-Variants-Broken-At-Non-Whitespace
+* (bug 2569) Use PATH_SEPARATOR instead of trying to guess based on
+ DIRECTORY_SEPARATOR (was wrong on NetWare)
+* (bug 2740) Accept image deletions on 'enter' submit from MSIE
+* (bug 3939) Don't try to load text for interwiki redirect target
+* (bug 3948) Avoid notice warning in debug statement in bad search
+* Recognize Special:Search consistently so read whitelist works
+* (bug 3999) Change atom 1.0 feed id; had been unnecessarily complex due to
+ unclear language in the spec. Now using the URL, same as the permalink,
+ which someone else will probably whine about because it's not 'perma'
+ enough or something.
+* (bug 4014) Fix include mode for Allpages on small page sets
+* (bug 3996) Fix text for new entries in RC RSS/Atom feed
+* (bug 3065) Update both watched namespaces when renaming pages
+* Changed mail form to have a bigger message entry box (like for editing
+ a page
+* Fix ulimit parameters for wfShellExec when memory_limit is specified in 'm'
+* (bug 2111) Collapsable exif metadata table, clean up display
+* Reduce fractions in display of exif exposure time
+* (bug 4048) Optional footer link to site privacy policy
+* Don't die() when update.php reaches the end of the warning count
+* (bug 1915) Fix edit links when 'direction' used with 'oldid';
+ using revision ID reported via OutputPage; Skin::editUrlOptions()
+* Remove obsolete 'redirect=no' on some edit links
+* Include oldid for the second revision on edit link on diff view
+* (bug 4035) Fix prev/next revision links on edit page
+* (bug 4100, 3049) Add 'edittools' message to hold edit tools, put it
+ on Special:Upload as well as edit, rearrange edit page pieces a bit.
+ Copyright warning now above the buttons to ensure it's visible,
+ template list at the bottom so it can grow.
+* Optional summary parameter to action=rollback, for user javascript
+* (bug 4167) Fix regression caused by patch for bug 153
+* (bug 4169) Use $wgLegalTitleChars in pipe trick conversions
+* (bug 4170) Decode HTML character escapes in sort key
+* (bug 4201) Fix user-talk mode for Enotif, and general code cleanup
+* (bug 4214) Skip redundant action text inserts into the HTML <title>
+* (bug 4212) Skip redundant meta-robots tag for default settings
+* Fix regression: old version missing from edit links in Nostalgia skin
+* (bug 1600) Trigger edit conflict on duplicate section=new submissions
+* (bug 4001) Use local variables properly in wikibits.js akeytt()
+* Fix regression: old version missing from edit links on CSS/JS pages
+* (bug 3211) Include Date, To mail headers when using PEAR::Mail
+* (bug 3407) Fix encoding of subject and from/to headers on notification
+ mails; userMailer() now takes a MailAddress wrapper object instead of
+ a raw string to abstract things a level.
+* Fixed --server override on dumpTextPass.php
+* Added plugin interface for dumpBackup, so additional filters and output
+ sink types can be registered at runtime from an extension
+* (bug 349) Fix for some numeric differences not being highlighted
+ patch by Andrius Ramanauskas
+* (bug 4298) Include rc_id on enhanced RC singleton diff links for patrolling
+* Did some refactoring on ChangesList.php merging dupe code
+* (bug 1586) Fix interwiki generator for wikimedia obscure domains
+* (bug 3493) Mark edits patrolled when they are reverted
+ patch by Leon Planken
+* Removed experimental Amethyst skin from default set
+* Upgrade old skin preferences properly at Special:Preferences
+ (used to spontaneously switch to Classic skin for old numeric pref records)
+* (bug 3424) Update page_touched for category members on category page creation
+* Log views show message when no matches
+* Fix raw sitenotice display on database error
+* Fix autoconfirm check for old accounts
+* (bug 4368) Don't show useless empty preview on new section creation
+* Don't show useless empty preview on new page creation
+* (bug 4411) Fix messages diff link for classic skin
+* (bug 4385) Separate parser cache entries for non-editing users, so section
+ edit links don't vanish / appear unwanted on protected pages
+* (bug 2726, 3397) Fix [[Special:]] and [[:Image]] links in action=render
+* (bug 4419) Remove obsolete magnify.png.old
+* Removed $wgUseCategoryMagic option, categories are now enabled unconditionally
+* (bug 3318) UI workarounds for disabled items in license selector
+ MSIE/Win: items now grayed out, JS will revert to 'non selected' if clicked
+ Safari: JS will revert to 'non selected' if clicked (but not gray)
+ MSIE/Mac: indented items now visible (JS hack)
+* (bug 714) "plainlinks" class issues in IE, Opera
+* (bug 4317) Inconsistent "broken redirects" messages
+* Default interface text for "selflinks" tweaked
+* (bug 3194) default implementation of translateBlockExpiry
+ which uses ipboptions
+* (bug 4446) $wgExportAllowHistory option to explicitly disable history in
+ Special:Export form, 'exportnohistory' message to translate live hack.
+* Maintenance script to delete unused user accounts
+* (bug 912) Search box easier to reach in text browsers (lynx, links)
+* $wgParserCacheExpireTime added
+* Skip loading of RecentChange.php except where needed
+* Enforce $wgSVGMaxSize when rendering, even for SVGs with a very large source
+ size. This is necessary to limit server memory usage.
+* Cleanup and error checking on Special:Listredirects
+* Clear up some instances of old OutputPage::sysopRequired() function usage
+* Improve "upload disabled" notice
+* Move parts of index.php to include/Wiki.php in an attempt to both cleanup index.php
+ and create a MediaWiki-class mediaWiki base object
+* (bug 4104) Added OutputPageBeforeHTML hook for tweaking primary wiki output
+ HTML on final output (cached or not)
+* Avoid PHP notice on command-line scripts if empty argument is passed ('')
+* (bug 4571) Partial fix hack for {{fulllurl:}} in action=render
+* (bug 3502) Bowtie symbol for TeX
+* (bug 4000) Support for \textstyle et al. in <math>
+* (bug 1663) support color in TeX formulas
+* (bug 2026) missing glue around \not= (TeX)
+* (bug 4576) Missing '>' broke license selector's first option in IE, Opera
+* Override $wgLocaltimezone in parser tests for us outside Iceland and UK
+* Fix extra whitespace at end of Wiki.php, DESTROYS XML OUTPUT
+* Remove redundant 'echo' statements from MonoBook.php
+* (bug 1103) Fix up redirect handling for images, categories
+ Redirects are now followed from the top-level, outside of the Article
+ content loading and viewing, for clarity and consistency.
+* (bug 4104) 'OutputPageBeforeHTML' hook to postprocess article HTML on
+ page view (comes after parser cache, if used). Patch by ThomasV.
+* Linker::formatComment corrupted the passed title object on PHP 5
+ if the comment included a section link. Use clone() to make a safe copy.
+* Add wfClone() wrapper since we're still using PHP 4 on some servers.
+* Remove obsolete killthread.php
+* Added wfDie() wrapper, and some manual die(-1), to force the return code
+ to the shell to return nonzero when we crap out with an error.
+* Allow input of the stub from a compressed file instead of stdin
+ for dumpTextPass.php; easier to get errors back on the shell
+* Added an attractive space on the namespace selector on contribs
+* Move PHP 5-friendly XHTML doctype hack to Sanitizer, use for sig checks.
+ Fixes use of named entities in sigs on PHP 5
+* (bug 4482) Include move comment on the null edit as well as the redirect
+* (bug 3990) Use existing session name if session.auto_start is on
+ Fixes checks for open sessions, such as the cookie warning on login.
+ Patch by Zbigniew Braniecki.
+* Add cache-safe alternate sitenotice for anonymous users. (MediaWiki:Anonnotice)
+ This is displayed instead of the regular sitenotice, if it exists. If not, the
+ regular sitenotice shows. If that doesn't exist, the value of $wgSiteNotice is used,
+ and if that's null, then nothing is shown.
+* Spit the generated LocalSettings code out during the installer as an aid
+ to debugging issues. (Keep this?)
+* Use __FILE__ to form path in new LocalSettings.php, so it stays accurate
+ when the directory is relocated for typical usage.
+* Auto-update $wgCacheEpoch when LocalSettings.php changes on new installs.
+ For typical usage this will be a light burden and should reduce confusion
+ when the configuration is edited.
+* Fix $wgCacheEpoch's effect on client-side caching.
+* (bug 1122) gray out 'older revision' when viewing first article revision.
+* Clearer message in DefaultSettings.php: edit LocalSettings.php instead
+* MonoBook skin top link id changed from "contentTop" to "top" (shared with
+ name attribute)
+* (bug 3350) Missing label for move talk page checkbox.
+* (bug 2108) Sort entries when using category browser
+* (bug 2393) Fix MIME type for Atom feeds ( application/rss+atom )
+* Add ".deps.php" include-file preloaders for some dynamically-loaded
+ language and skin classes. Should help with the broken base-class
+ problem under PHP 5 with APC as opcode cache. See details:
+ http://mail.wikipedia.org/pipermail/wikitech-l/2006-January/033660.html
+* Small changes to tabs in Monobook skin c/o Chris Ware
+* (bug 4679) Work around buggy basename() function in PHP5, which breaks
+ uploads of files starting with multibyte characters on Linux.
+ wfBaseName() doesn't suffer this bug, and understands backslash on
+ both Unix and Windows.
+* (bug 3603) headscripts variable not hooked up to MonoBook skin
+* Allow local cdb-based interwiki cache
+* Use the "block", not the "protect" permission, when determining whether to
+ show a "block user" link in the toolbox
+* Fix backup dump text prefetch for XMLReader constant changes in PHP 5.1
+* Suppress useless percentage indicator on output from 7za during dumps
+* (bug 4633) Add (previous 200) (next 200) also above catlinks
+* (bug 4686) Fix regression where ?diff=0&oldid=0 caused fatal error on
+ pages with only one revision. Fixes message diff link on first edit.
+* Fix dependence on hardcoded UNIQ_PREFIX in LanguageConverter.php
+* Do not check lag on external storage servers
+* Do not tidy interface messages (unless full tidy is set)
+* Do not trust equality propagation and give more hints to MySQL
+ optimizer for revision fetches (avoids index scans)
+* Use revision rate for ETA in dump generation; it tends to be more stable
+ than the per-page count for full-history dumps.
+* Include timestamp in wfDebugLog breakouts
+* (bug 4469) Namespace-specific notice to be displayed below site-notice
+ Edit messages like "MediaWiki:Namespacenotice-" plus namespace name
+ which is blank for main namespace, or like e.g. "User_talk"
+* Adjust user login/creation form hooks to work with a captcha plugin
+* (bug 1284) Inline styles for diffs in Recent Changes RSS/Atom feeds
+* (bug 4824) IE7 beta 2 broke compatibility with PNG logo workarounds,
+ and seems to work ok with other bits. No longer including the IE
+ workarounds JavaScript for IE 7 and above.
+* Fix extra namespace for Bulgarian
+* (bug 4303) Add $wgFavicon to change the shorticon icon link from
+ the default /favicon.ico or disable it (if set to false)
+* (bug 3347) strip linebreaks in math error source
+* (bug 4841) Warning for non-logged-in edits
+* (bug 4867) Leave invalid EXIF date fields unformatted instead of
+ showing a bogus current timestamp
+* Reset $wgActionPaths during parser test; corrects some false failures
+ in the automated test report.
+* (bug 4875) Define a div containing the shared image description
+* (bug 4860) Expose Title->userCan() as Hooks
+* (bug 4828) Fix genitive month-name variable for cs, pl, uk
+* (bug 4842) Fix 'show number of watching users' with enhanced RC
+* (bug 4889) Fix image talk namespace for Tamil
+* (bug 4147) Added cleanupWatchlist.php to clear out bogus watchlist entries
+* (partial bug 3456) Disable auto redirect to Main Page after account creation
+* (bug 4824) Separate out IE7 CSS compat hacks, fix for RTL pages
+* Added support for wikidiff2 and similar external diff engines.
+* Allow cookies to be shared between multiple wikis with a shared user database
+* Blocking some Unicode whitespace characters in usernames. Should check
+ if some or all should be blocked from all page titles.
+* Unknown log types no longer throw notices everywhere in RecentChanges
+* (bug 4502, 5017) Don't render potentially hostile deleted page contents
+ on Special:Undelete by default; show source, with an optional preview.
+ The revisions list no longer shows the latest text by default, so it can
+ still be operated if the text is hostile.
+* (bug 5013) Check for existence on "return to" links
+* Removed trailing whitespace on a bunch more messages.
+* Fix missing bad title check in Special:Booksources
+* Remove empty booksources string in fy
+* Avoid corrupting <gallery> inside <!-- comment -->
+* Remove legacy PHPTal code, hasn't been maintained in ages.
+* Tweak Userlogin include order for APC issue
+* Don't try to link to current page on protection tab
+* More exact checking in Title::equals() to fox moves of numerically similar
+ page titles. (Odd hex title bug on 64-bit.)
+* Fix explicit s-maxage=0 on raw pages; should help with proxy issues in
+ generated stylesheets... hopefully...
+* (bug 4685) More fixes for Slovenian project namespace
+* Fixed and enhanced a little the Live Preview, which had been broken for some time
+* Added article size limit, $wgMaxArticleSize
+* (bug 4974) Don't follow redirected talk page on "new messages" link
+* (bug 4970) Make category paging limits configurable
+* (bug 4535) Warn user when editing CSS or JS subpage of a skin that doesn't exist
+* Make Live Preview an user preference, still controllable by the global variable
+* Rename the stub LanguageAls / LanguageGem_alsation to LanguageGsw to follow
+ updated language code assignments
+* (bug 5081) Remove bogus fix for invalid characters in links which simply
+ broke use of legitimate multiple whitespace characters in bracketed link.
+* (bug 4838) Add relative oldids (prev, next, cur) for raw pages
+ Patch by Lupin
+* (bug 5086) Force image resize dimensions on ImageMagick, as for instance
+ "-resize 100x35!"; some thumbs were off due to differences in rounding and
+ would be generated smaller than expected.
+* (bug 5062) Width sometimes one pixel short when using maximum heights
+* Purge thumbnails and metadata cache for action=purge on an image page
+* (bug 4273) Bounce back with a message when attempting to submit a new comment
+ with an empty main textbox (user probably hit Enter in subject field)
+* (bug 5141) Gracefully handle the new account link when createaccount off
+* (bug 5150 and related) Fix missing ID attribute in HTML namespace selector
+* (bug 5152) Proper HTML escaping on subpage breadcrumbs
+* (bug 4855) Section edit links now have the section name in the title attribute.
+* (bug 2115) Support shift-selecting multiple checkboxes with JavaScript.
+* (bug 5161) Don't try to load template list for nonexistent pages
+* (bug 5228) Workaround for broken LanguageConverter title overrides; avoid
+ unnecessary hidden UI work when watch/unwatch is performed on edit
+* Fixed bogus master fallback in external storage
+* (bug 5246) Add speak:none to "hiddenStructure" class in main.css
+* Further work on rev_deleted; changed to a bitfield with several data-hiding
+ options. Not yet ready for production use; Special:Revisiondelete is
+ incomplete, and the flags are not preserved across page deletion/undeletion.
+ To try it; add the 'deleterevision' permission to a privileged group.
+* (bug 5270) Fix broken linktrail for br, cv, fr, hr, nn, oc, ta, wa
+* Add a clickable contribs link in user tool links (rc, watchlist, diff view)
+ to see how people like it. (There was one in the old hacked-up diff view.)
+* (bug 5236) Load wikibits.js before site-customized javascript
+* (bug 4119) Workaround for <nowiki> following link in Walloon; remove capitals
+ from linktrail, as they're not used anywhere else.
+* (bug 4781) Output links with the percent-encoding they're supplied with;
+ save the normalization for internal link storage. The normalization is a bit
+ buggy and can make incorrect foldings in the query string and such, so isn't
+ reliable beyond the hostname where it's used for the spam bulk checker.
+* Don't URL-decode in the title attribute for URL links; it can produce false
+ results that don't code back to their original values.
+* (bug 4611) Add user preference (default on) to add new pages to creators's watchlist
+* (bug 5286) Fix regression in display of missing/bad revision IDs
+* (bug 4729) Add user preference that marks a user's edits as patrolled if user is able to
+* (bug 4630) Add user preference to prompt users when entering blank edit summaries
+* Added optional suggest feature for the search box. Set wgUseAjax to true to
+ enable it.
+* (bug 5277) Use audio/midi rather that audio/mid
+* (bug 5410) Use namespace name when a custom namespace's nstab-NS message is nonexistent
+* (bug 5432) Fix inconsistencies in cookie names when using table prefixes
+* Additional protections against HTML breakage in table parsing
+* (bug 5355) Include skin name and style JS settings in page source;
+ fixes regression where Opera 6/7 and KHTML CSS fixes weren't applied
+ when wikibits.js was moved up before user JS inclusion.
+* Added $wgColorErrors: if set, database error messages will be highlighted
+ when running command-line scripts in a Unix terminal.
+* (bug 5195) rebuildrecentchanges.php works again; Database::insertSelect now
+ has a parameter for select options.
+* Fix updateSearchIndex.php for new schema
+* Fix bogus "filename too short" error when uploading files with a period in the base
+ name, e.g. "Mr. Zee.png"
+* (bug 2139) Show page title in subtitle when viewing "read only" page
+* (bug 5452) Update language name for Cree
+
+
+
+----
+
+== MediaWiki 1.5.8 ==
+
+March 26, 2006
+
+MediaWiki 1.5.8 is a security and bugfix maintenance release.
+
+A bug in decoding of certain encoded links could allow injection of raw
+HTML into page output; this could potentially lead to XSS attacks.
+
+Some minor UI fixes were also made, see the change log at the bottom of
+this file.
+
+
+== MediaWiki 1.5.7 ==
+
+March 2, 2006
+
+MediaWiki 1.5.7 is a bugfix maintenance release.
+
+Most importantly, a security issue in the installer has been fixed. The bug
+affects new installations of 1.5.6 only. If the user specified the MySQL root
+password, to allow the installer to create an unprivileged account, the
+installer would not only create the new account but also change the root
+password to be equal to the password of the new account.
+
+Anyone affected by this bug will need to change the root password back
+manually. For information about how to change passwords in MySQL please see:
+http://dev.mysql.com/doc/refman/5.1/en/passwords.html
+
+This version includes fixes for compatibility with Internet Explorer 7
+beta 2, and various other bugs; see the full changelog at the end of
+the release notes.
+
+
+== MediaWiki 1.5.6 ==
+
+January 19, 2006
+
+MediaWiki 1.5.6 is a security and bugfix maintenance release.
+
+A bug in edit comment formatting could send PHP into an infinite loop
+if certain malformed links were included. In most installations, this
+would cause the script to fail after PHP's 30-second failsafe timeout.
+
+Some improvements have been made to the installer which should make
+installation possible on a system with a broken MySQL "root" account.
+
+For several other minor fixes, see the complete changelog at the end
+of this file.
+
+
+== MediaWiki 1.5.5 ==
+
+January 5, 2006
+
+MediaWiki 1.5.5 is a security and bugfix maintenance release.
+
+Detection for uploads of Windows Metafile (.wmf) images has been added
+to help protect against a client-side vulnerability in unpatched Microsoft
+Windows operating systems.
+
+Sites which have enabled uploads and added non-standard file types
+(such as .ogg, .doc, or .pdf) should upgrade to this release to ensure
+that malicious .wmf files can't be uploaded with a fake extension;
+such files could put visitors to the site at risk.
+
+For more details on this, see:
+http://en.wikipedia.org/wiki/Windows_Metafile_vulnerability
+
+Additionally, a maintenance script removeUnusedAccounts.php has been added;
+this replaces an older Perl script which had not been updated for the new
+schema in 1.5.
+
+
+== MediaWiki 1.5.4 ==
+
+December 21, 2005
+
+MediaWiki 1.5.4 is a security and bugfix maintenance release.
+
+A hardcoded internal placeholder string has been replaced with a random
+one. This closes a hole where security checks in inline style attributes
+could be bypassed, injecting JavaScript code that could execute in
+Microsoft Internet Explorer.
+
+Other browsers would not be vulnerable.
+
+Several minor fixes are included in this release, most notably a fix
+to clear the "you have new messages" flag properly for usernames
+containing spaces when e-mail notification is enabled.
+
+See the changelog at the end of the release notes for a full list of
+fixes.
+
+
+== MediaWiki 1.5.3 ==
+
+December 4, 2005
+
+MediaWiki 1.5.3 is a security and bugfix maintenance release.
+
+Validation of the user language option was broken by a code change in
+May 2005, opening the possibility of remote code execution as this
+parameter is used in forming a class name dynamically created with
+eval().
+
+The validation has been corrected in this version. All prior 1.5 release
+and prelease versions are affected; 1.4 and earlier and not affected.
+
+Additionally several bugs have been fixed; see the changelog later in
+this file for a complete list.
+
+
+== MediaWiki 1.5.2 ==
+
+November 2, 2005
+
+MediaWiki 1.5.2 is a bugfix maintenance release.
+
+A change in PHP 4.4.1 and PHP 5.1.0RC broke handling of extension and
+<pre> sections, causing garbage data to be inserted in output and saved
+edits. This version works around the change.
+
+Several other glitches with MySQL 5.0 and PHP 5.0.5 were also fixed;
+see the change log below for a complete list.
+
+
+== MediaWiki 1.5.1 ==
+
+October 26, 2005
+
+MediaWiki 1.5.1 is a bugfix and security maintenance release, and is a
+recommended upgrade for all installations.
+
+This release includes further corrections to the inline CSS style sanitation
+which works around a JavaScript "feature" on Microsoft Internet Explorer.
+Users of Microsoft Internet Explorer for Windows may be vulnerable to
+XSS injections on prior versions; users of standards-compliant browsers
+are not vulnerable.
+
+Major fixes include:
+* Image pages work again with resizing disabled
+* Works in MySQL 5.0 strict mode
+
+There is experimental support in this release for explicitly declaring
+the UTF-8 charset in the database; this has been tested with MySQL 5.0.15
+but should work on 4.1 as well.
+
+IMPORTANT: Changing this setting on an existing wiki may produce interesting
+data corruption, depending on server configuration. Page contents should,
+usually, be unaffected, but page titles and other items may be. Limitations
+in MySQL's Unicode support mean that characters outside the BMP cannot be used
+in page titles or various other fields when using this mode.
+
+Table definitions are in maintenance/mysql5/tables.sql, and the runtime
+option to send 'SET NAMES utf8' is set by $wgDBmysql5 = true.
+
+(MySQL 3.23.x and 4.0.x do not support character set declarations; on these
+versions MediaWiki simply works with UTF-8 data and MySQL is blissfully
+unaware of it.)
+
+
+
+== MediaWiki 1.5.0 final ==
+
+October 5, 2005
+
+MediaWiki 1.5.0 is the new stable release branch of MediaWiki, and is
+recommended for all new installations.
+
+Any wikis running a 1.5 beta or release candidate are strongly recommended
+to upgrade to the final release, which includes a number of bug fixes and
+a security fix for CSS bugs in Microsoft Internet Explorer.
+
+IMPORTANT: Running a 1.3 or 1.4 wiki and don't want to jump to 1.5 yet?
+Be sure to upgrade to 1.3.17 or 1.4.11, also released today. Versions
+prior to 1.3.16 and 1.4.10 have a serious data corruption bug which is
+triggered by a spambot known to operate in the wild.
+
+
+=== What's new in 1.5? ===
+
+Schema:
+ The core table schema has changed significantly. This should make better
+ use of the database's cache and disk I/O, and make significantly speed up
+ rename and delete operations on pages with very long edit histories.
+
+ Unfortunately this does mean upgrading a wiki of size from 1.4 will require
+ some downtime for the schema restructuring, but future storage backend
+ changes should be able to integrate into the new system more easily.
+
+Permalinks:
+ The current revision of a page now has a permanent 'oldid' number assigned
+ immediately, and the id numbers are now preserved across deletion/undeletion.
+ A permanent reference to the current revision of a page is now just a matter
+ of going to the 'history' tab and copying the first link in the list.
+
+Page move log:
+ Renames of pages are now recorded in Special:Log and the page history.
+ A handy revert link is available from the log for sysops.
+
+Editing diff:
+ Ever lost track of what you'd done so far during an edit? A 'Show diff'
+ button on the edit page now makes it easy to remember.
+
+Uploads:
+ It's now possible to specify the final filename of an upload distinct
+ from the original filename on your disk.
+
+ An image link for a missing file will now take you straight to the upload page.
+
+ More metadata is pre-extracted from uploaded images, which will ease pressure
+ on disk or NFS volumes used to store images. EXIF metadata is displayed on
+ the image description page if PHP is configured with the necessary module.
+
+ If .svg files are added to the upload whitelist, you can choose to render
+ them to rasterized .png images for inline display using one of several
+ external helper programs. See DefaultSettings.php for SVG options.
+
+User accounts:
+ There are some changes to the user permissions system, with assignable
+ groups. Note that this does *not* allow you to make pages which are only
+ accessible to certain groups.
+
+ For details see: https://www.mediawiki.org/wiki/Manual:User_rights
+
+E-mail:
+ User-to-user e-mail can now be restricted to require a mail-back confirmation
+ first to reduce potential for abuse with false addresses.
+
+ Updates to user talk pages and watchlist entries can optionally send e-mail
+ notifications.
+
+External hooks:
+ A somewhat experimental interface for hooking in an external editor
+ application is included.
+
+And...
+ A bunch of stuff we forgot to mention.
+
+
+=== What's gone? ===
+
+Latin-1:
+ Wikis must now be encoded in Unicode UTF-8; this has been the default for
+ some time, but some languages could optionally be installed in Latin-1 mode.
+ This is no longer supported.
+
+ You can check if your current wiki is in Latin-1 mode by using your browser's
+ "view source"; look for a line like this:
+
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+
+ If it says charset=utf-8, you're ready. If it says charset=iso8859-1,
+ you may need to convert your data. (English-language wikis avoiding
+ any accented characters may be able to get away without conversion.)
+
+MySQL 3.x:
+ Some optimization hacks for MySQL 3.x have been removed as part of the schema
+ clean-up (specifically, the inverse_timestamp fields).
+
+ MediaWiki 1.5 may still run on 3.x, but wikis of non-trivial size should
+ very seriously consider upgrading to a more modern release. MySQL 3.x support
+ will probably be entirely dropped in the next major release.
+
+Special:Maintenance
+ These tools were, ironically enough, not really maintained. This special
+ page has been removed; insofar as some of its pieces were useful and haven't
+ already been supplanted by other special pages they should be rewritten in
+ an efficient and safe manner in the future.
+
+
+=== Caveats ===
+
+Upgrade:
+ Wikis in Latin-1 encoding are no longer supported; only Unicode UTF-8.
+ A new option $wgLegacyEncoding is provided to allow on-the-fly recoding of
+ old page text entries, but other metadata fields (titles, comments etc) need
+ to be pre-converted. The standard upgrade process does not yet fully automate
+ this, but you can try the alternate partial-upgrader in upgrade1_5.php.
+
+ The upgrade from 1.4 to 1.5 schema has not been tested for all cases, so
+ it's possible you may experience problems in some combinations.
+
+Backups:
+ The text entries of deleted pages are no longer removed from the main
+ text table on deletion. If you provide public backup dumps of your databases,
+ you will probably want to use the new XML-format dump generator, available
+ as maintenance/dumpBackup.php.
+
+ For more information on how we run our own public data dumps at Wikimedia,
+ see http://meta.wikimedia.org/wiki/Data_dumps
+
+PostgreSQL:
+ The table definitions for PostgreSQL install are out of date. PostgreSQL
+ support may return in later releases, pending appropriate patches.
+
+MySQL 4.1+:
+ Some users may encounter installation problems with MySQL 4.1 or higher
+ due to strange charset encoding / collation configurations. Try setting
+ to 'latin1' or 'utf8' if you encounter problems.
+
+
+
+== MediaWiki 1.5 release candidate 4 ==
+
+August 29, 2005
+
+MediaWiki 1.5rc4 is a preview release of the new 1.5 release series.
+It fixes compatibility with PHP 5.1, and corrects two cross-site scripting
+security bugs:
+
+* <math> tags were handled incorrectly when TeX rendering support is off,
+ as in the default configuration.
+* Extension or <nowiki> sections in Wiki table syntax could bypass HTML
+ style attribute restrictions for cross-site scripting attacks against
+ Microsoft Internet Explorer
+
+Wikis where the optional math support has been *enabled* are not vulnerable
+to the first, but are vulnerable to the second.
+
+
+
+== MediaWiki 1.5 release candidate 3 ==
+
+August 24, 2005
+
+MediaWiki 1.5rc3 is a preview release of the new 1.5 release series.
+It fixes several major problems in 1.5rc2:
+
+* Fixed a cross-site scripting injection in the search form
+ (broken since 1.5beta1)
+
+* Fixed upgrades from 1.4 database schema
+ (broken since 1.5rc2)
+
+1.3 and 1.4 releases are not vulnerable to the XSS bug, but anyone
+running an earlier 1.5 beta or release candidate should upgrade
+immediately.
+
+
+== MediaWiki 1.5 release candidate 2 ==
+
+August 23, 2005
+
+MediaWiki 1.5rc2 is a preview release of the new 1.5 release series.
+Numerous bug fixes since last beta, plus a security fix; see change
+log below for full details.
+
+A flaw in the interaction between extensions and HTML attribute
+sanitization was discovered which could allow unauthorized use
+of offsite resources in style sheets, and possible exploitation
+of a JavaScript injection feature on Microsoft Internet Explorer.
+
+This version expands the returned text and properly checks it
+before output.
+
+A 1.5rc1 release was mistakenly made from the incorrect source code
+branch; 1.5rc2 is identical to the actual 1.5rc1 in revision control
+except for version number.
+
+
+== MediaWiki 1.5 beta 4 ==
+
+July 30, 2005
+
+MediaWiki 1.5 beta 4 is a preview release of the new 1.5 release series.
+A number of bugs have been fixed since beta 3; see the full changelist below.
+
+
+== MediaWiki 1.5 beta 3 ==
+
+July 7, 2005
+
+MediaWiki 1.5 beta 3 is a preview release of the new 1.5 release
+series, with a security update over beta 2.
+
+Incorrect escaping of a parameter in the page move template could
+be used to inject JavaScript code by getting a victim to visit a
+maliciously constructed URL. Users of vulnerable releases are
+recommended to upgrade to this release.
+
+Vulnerable versions:
+* 1.5 preview series: n <= 1.5beta2 vulnerable, fixed in 1.5beta3
+* 1.4 stable series: 1.4beta6 <= n <= 1.4.5 vulnerable, fixed in 1.4.6
+* 1.3 legacy series: not vulnerable
+
+This release also includes several bug fixes and localization updates.
+See the changelog at the end of this file for a detailed list.
+
+
+
+== MediaWiki 1.5 beta 2 ==
+
+July 5, 2005
+
+MediaWiki 1.5 beta 2 is a preview release of the new 1.5 release series.
+While most exciting new bugs should have been ironed out at this point,
+third-party wiki operators should probably not run this beta release
+on a public site without closely following additional development.
+
+Anyone who _has_ been running beta 1 is very very strongly advised to
+upgrade to beta 2, as it fixes many bugs from the previous beta including
+a couple of HTML and SQL injections.
+
+This release should be followed by one or two release candidates and
+a 1.5.0 final within the next few weeks.
+
+Beta upgraders, note there are some minor database changes. For upgrades
+from 1.4, see the file UPGRADE for details on significant database and
+configuration file changes.
+
+Beta 2 includes a preliminary command-line XML wiki dump importer tool,
+maintenance/importDump.php, paired with maintenance/dumpBackup.php.
+These use the same format as Special:Export and Special:Import, able
+to package a wiki's entire page set independent of the backend database
+and compression format.
+
+
+== MediaWiki 1.5 beta 1 ==
+
+June 26, 2005
+
+MediaWiki 1.5 beta 1 is a preview release, pretty much feature complete,
+of the new 1.5 release series. There are several known and likely a number
+of unknown bugs; it is not recommended to use this release in a production
+environment but would be recommended for testing in mind of an upcoming
+deployment.
+
+A number of significant changes have been made since the alpha releases,
+including database changes and a reworking of the user permissions settings.
+See the file UPGRADE for details of upgrading and changing your prior
+configuration settings for the new system.
+
+
+
+== MediaWiki 1.5 alpha 2 ==
+
+June 3, 2005
+
+MediaWiki 1.5 alpha 2 includes a lot of bug fixes, feature merges,
+and a security update.
+
+Incorrect handling of page template inclusions made it possible to
+inject JavaScript code into HTML attributes, which could lead to
+cross-site scripting attacks on a publicly editable wiki.
+
+Vulnerable releases and fix:
+* 1.5 prerelease: fixed in 1.5alpha2
+* 1.4 stable series: fixed in 1.4.5
+* 1.3 legacy series: fixed in 1.3.13
+* 1.2 series no longer supported; upgrade to 1.4.5 strongly recommended
+
+
+== MediaWiki 1.5 alpha 1 ==
+
+May 3, 2005
+
+This is a testing preview release, being put out mainly to aid testers in
+finding installation bugs and other major problems. It is strongly recommended
+NOT to run a live production web site on this alpha release.
+
+** WARNING: USE OF THIS ALPHA RELEASE MAY INFEST YOUR HOUSE WITH **
+** TERMITES, ROT YOUR TEETH, GROW HAIR ON YOUR PALMS, AND PASTE **
+** INNUENDO INTO YOUR C.V. RIGHT BEFORE A JOB INTERVIEW! **
+** DON'T SAY WE DIDN'T WARN YOU, MAN. WE TOTALLY DID RIGHT HERE. **
+
+
+=== Smaller changes since 1.4 ===
+
+Various bugfixes, small features, and a few experimental things:
+
+* 'live preview' reduces preview reload burden on supported browsers
+* support for external editors for files and wiki pages:
+ https://www.mediawiki.org/wiki/Manual:External_editors
+* Schema reworking: https://www.mediawiki.org/wiki/Proposed_Database_Schema_Changes/October_2004
+* (bug 15) Allow editors to view diff of their change before actually submitting an edit
+* (bug 190) Hide your own edits on the watchlist
+* (bug 510): Special:Randompage now works for other namespaces than NS_MAIN.
+* (bug 1015) support for the full wikisyntax in <gallery> captions.
+* (bug 1105) A "Destination filename" (save as) added to Special:Upload Upload.
+* (bug 1352) Images on description pages now get thumbnailed regardless of whether the thumbnail is larger than the original.
+* (bug 1662) A new magicword, {{CURRENTMONTHABBREV}} returns the abbreviation of the current month
+* (bug 1668) 'Date format' supported for other languages than English, see:
+ http://mail.wikipedia.org/pipermail/wikitech-l/2005-March/028364.html
+* (bug 1739) A new magicword, {{REVISIONID}} give you the article or diff database
+ revision id, useful for proper citation.
+* (bug 1998) Updated the Russian translation.
+* (bug 2064) Configurable JavaScript mimetype with $wgJsMimeType
+* (bug 2084) Fixed a regular expression in includes/Title.php that was accepting invalid syntax like #REDIRECT [[foo] in redirects
+* It's now possible to invert the namespace selection at Special:Allpages and Special:Contributions
+* No longer using sorbs.net to check for open proxies by default.
+* What was $wgDisableUploads is now $wgEnableUploads, and should be set to true if one wishes to enable uploads.
+* Supplying a reason for a block is no longer mandatory
+* Language conversion support for category pages
+* $wgStyleSheetDirectory is no longer an alias for $wgStyleDirectory;
+* Special:Movepage can now take parameters like Special:Movepage/Page_to_move
+ (used to just be able to take parameters via a GET request like index.php?title=Special:Movepage&target=Page_to_move)
+* (bug 2151) The delete summary now includes editor name, if only one has edited the article.
+* (bug 2105) Fixed from argument to the PHP mail() function. A missing space could prevent sending mail with some versions of sendmail.
+* (bug 2228) Updated the Slovak translation
+* ...and more!
+
+
+=== Changes since 1.5alpha1 ===
+
+* (bug 73) Category sort key is set to file name when adding category to
+ file description from upload page (previously it would be set to
+ "Special:Upload", causing problems with category paging)
+* (bug 419) The contents of the navigation toolbar are now editable through
+ the MediaWiki namespace on the MediaWiki:navbar page.
+* (bug 498) The Views heading in MonoBook.php is now localizable
+* (bug 898) The wiki can now do advanced sanity check on uploaded files
+ including virus checks using external programs.
+* (bug 1692) Fix margin on unwatch tab
+* (bug 1906) Generalize project namespace for Latin localization, update namespaces
+* (bug 1975) The name for Limburgish (li) changed from "Lèmburgs" to "Limburgs
+* (bug 2019) Wrapped the output of Special:Version in <div dir='ltr'> in order
+ to preserve the correct flow of text on RTL wikis.
+* (bug 2067) Fixed crash on empty quoted HTML attribute
+* (bug 2075) Corrected namespace definitions in Tamil localization
+* (bug 2079) Removed links to Special:Maintenance from movepagetext message
+* (bug 2094) Multiple use of a template produced wrong results in some cases
+* (bug 2095) Triple-closing-bracket thing partly fixed
+* (bug 2110) "noarticletext" should not display on Image page for "sharedupload" media
+* (bug 2150) Fix tab indexes on edit form
+* (bug 2152) Add missing bgcolor to attribute whitelist for <td> and <th>
+* (bug 2176) Section edit 'show changes' button works correctly now
+* (bug 2178) Use temp dir from environment in parser tests
+* (bug 2217) Negative ISO years were incorrectly converted to BC notation
+* (bug 2234) allow special chars in database passwords during install
+* Deprecated the {{msg:template}} syntax for referring to templates, {{msg: is
+ now the wikisyntax representation of wfMsgForContent()
+* Fix for reading incorrectly re-gzipped HistoryBlob entries
+* HistoryBlobStub: the last-used HistoryBlob is kept open to speed up
+ multiple-revision pulls
+* Add $wgLegacySchemaConversion update-time option to reduce amount of
+ copying during the schema upgrade: creates HistoryBlobCurStub reference
+ records in text instead of copying all the cur_text fields. Requires
+ that the cur table be left in place until/unless such fields are migrated
+ into the main text store.
+* Special:Export now includes page, revision, and user id numbers by
+ default (previously this was disabled for no particular reason)
+* dumpBackup.php can dump the full database to Export XML, with current
+ revisions only or complete histories.
+* The group table was renamed to groups because "group" is a reserved word in
+ SQL which caused some inconveniances.
+* New fileicons for c, cpp, deb, dvi, exe, h, html, iso, java, mid, mov, o,
+ ogg, pdf, ps, rm, rpm, tar, tex, ttf and txt files based on the KDE
+ crystalsvg theme.
+* Fixed a bug in Special:Newimages that made it impossible to search for '0'
+* Added language variant support for Icelandic, now supports "Íslenzka"
+* The #p-nav id in MonoBook is now #p-navigation
+* Putting $4 in msg:userstatstext will now give the percentage of
+ admnistrators out of normal users.
+* links and brokenlinks tables merged to pagelinks; this will reduce pain
+ dealing with moves and deletes of widely-linked pages.
+* Add validate table and val_ip column through the updater.
+* Simple rate limiter for edits and page moves; set $wgRateLimits
+ (somewhat experimental; currently needs memcached)
+* (bug 2262) Hide math preferences when TeX is not enabled
+* (bug 2267) Don't generate thumbnail at the same size as the source image.
+* Fix rebuildtextindex.inc for new schema
+* Remove linkscc table code, no longer used.
+* (bug 2271) Use faster text-only link replacement in image alt text
+ instead of rerunning expensive link lookup and HTML generation.
+* Only build the HTML attribute whitelist tree once.
+* Replace wfMungeToUtf8 and do_html_entity_decode with a single function
+ that does both numeric and named chars: Sanitizer::decodeCharReferences
+* Removed some obsolete UTF-8 converter functions
+* Fix function comment in debug dump of SQL statements
+* (bug 2275) Update search index more or less right on page move
+* (bug 2053) Move comment whitespace trimming from edit page to save;
+ leaves the whitespace from the section comment there on preview.
+* (bug 2274) Respect stub threshold in category page list
+* (bug 2173) Fatal error when removing an article with an empty title from the watchlist
+* Removed -f parameter from mail() usage, likely to cause failures and bounces.
+* (bug 2130) Fixed interwiki links with fragments
+* (bug 684) Accept an attribute parameter array on parser hook tags
+* (bug 814) Integrate AuthPlugin changes to support Ryan Lane's external
+ LDAP authentication plugin
+* (bug 2034) Armor HTML attributes against template inclusion and links munging
+
+=== Changes since 1.5alpha2 ===
+
+* (bug 2319) Fix parse hook tag matching
+* (bug 2329) Fix title formatting in several special pages
+* (bug 2223) Add unique index on user_name field to prevent duplicate accounts
+* (bug 1976) fix shared user database with a table prefix set
+* (bug 2334) Accept null for attribs in wfElement without PHP warning
+* (bug 2309) Allow templates and template parameters in HTML attribute zone,
+ with proper validation checks. (regression from fix for 2304)
+* Disallow close tags and enforce empty tags for <hr> and <br>
+* Changed user_groups format quite a bit.
+* (bug 2368) Avoid fatally breaking PHP 4.1.2 in a debug line
+* (bug 2367) Insert correct redirect link record on page move
+* (bug 2372) Fix rendering of empty-title inline interwiki links
+* (bug 2384) Fix typo in regex for IP address checking
+* (bug 650) Prominently link MySQL 4.1 help page in installer if a possible
+ version conflict is detected
+* (bug 2394) Undo incompatible breakage to {{msg:}} compatibility includes
+* (bug 1322) Use a shorter cl_sortkey field to avoid breaking on MySQL 4.1
+ when the default charset is set to utf8
+* (bug 2400) don't send confirmation mail on account creation if
+ $wgEmailAuthentication is false.
+* (bug 2172) Fix problem with nowiki beeing replaced by marker strings
+ when a template with a gallery was used.
+* Guard Special:Userrights against form submission forgery
+* (bug 2408) page_is_new was inverted (whoops!)
+* Added wfMsgHtml() function for escaping messages and leaving params intact
+* Fix ordering of Special:Listusers; fix groups list so it shows all groups
+ when searching for a specific group and can't be split across pages
+* (bug 1702) Display a handy upload link instead of a useless blank link
+ for [[media:]] links to nonexistent files.
+* (bug 873) Fix usage of createaccount permission; replaces $wgWhitelistAccount
+* (bug 1805) Initialise $wgContLang before $wgUser
+* (bug 2277) Added Friulian language file
+* (bug 2457) The "Special page" href now links to the current special page
+ rather than to "".
+* (bug 1120) Updated the Czech translation
+* A new magic word, {{SCRIPTPATH}}, returns $wgScriptPath
+* A new magic word, {{SERVERNAME}}, returns $wgServerName
+* A new magic word, {{NUMBEROFFILES}}, returns the number of rows in the image table
+* Special:Imagelist displays titles with " " instead of "_"
+* Less gratuitous munging of content sample in delete summary
+* badaccess/badaccesstext to supercede sysop*, developer* messages
+* Changed $wgGroupPermissions to more cut-n-paste-friendly format
+* 'developer' group deprecated by default
+* Special:Upload now uses 'upload' permission instead of hardcoding login check
+* Add 'importupload' permission to disable direct uploads to Special:Import
+* (bug 2459) Correct escaping in Special:Log prev/next links
+* (bug 2462 etc) Taking out the experimental dash conversion; it broke too many
+ things for the current parser to handle cleanly
+* (bug 2467) Added a Turkish language file
+* Fixed a bug in Special:Contributions that caused the namespace selection to
+ be forgotten between submits
+* Special:Watchlist/edit now has namespace subheadings
+* (bug 1714) the "Save page" button now has right margin to separate it from
+ "Show preview" and "Show changes"
+* Special:Statistics now supports action=raw, useful for bots designed to
+ harwest e.g. article counts from multiple wikis.
+* The copyright confirmation box at Special:Upload is now turned off by default
+ and can be turned back on by setting $wgCopyrightAffirmation to a true value.
+* Restored prior text for password reminder button and e-mail, replacing
+ the factually inaccurate text that was there.
+* (bug 2178) Fix temp dir check again
+* (bug 2488) Format 'deletedtext' message as wikitext
+* (bug 750) Keep line endings consistent in LocalSettings.php
+* (bug 1577) Add 'printable version' tab in MonoBook for people who don't
+ realize you can just hit print to get a nicely formatted printable page.
+* Trim whitespace from option values to weather line-ending corruption problems
+* Fixed a typo in the Romanian language file (NS_MESIA => NS_MEDIA)
+* (bug 2504) Updated the Finnish translation
+* (bug 2506, 2512) Updated the Nynorsk translation
+* (bug 996) Replace $wgWhitelistEdit with 'edit' permission; fixup UPGRADE
+ documentation about edit and read whitelists.
+* (bug 2515) Fix incremental link table update
+* Removed some wikipedia-specifica from LanguageXx.php's
+* (bug 2496) Allow MediaWiki:edithelppage to point to external page
+* Added a versionRequired() function to OutputPage, useful for extension
+ writers that want to control what version of MediaWiki their extension
+ can be used with.
+* Serialized user objects now checked for versioning
+* Fix for interwiki link regression
+* Printable link shorter in monobook
+* Experimental Latin-1-and-replication-friendly upgrader script
+* (bug 2520) Don't show enotif options when disabled
+
+== Changes since 1.5beta1 ==
+
+* (bug 2531) Changed the interwiki name for sh (Serbocroatian) to
+ Srpskohrvatski/Српскохрватски (was Српскохрватски (Srbskohrvatski))
+* Nonzero return code for command-line scripts on wfDebugDieBacktrace()
+* Conversion fix for empty old table in upgrade1_5.php
+* Try reading revisions from master if no result on slave
+* (bug 2538) Suppress notice on user serialized checks
+* Fix paging on Special:Contributions
+* (bug 2541) Fix unprotect tab
+* (bug 1242) category list now show on edit page
+* Skip sidebar entries where link text is '-'
+* Convert non-UTF-8 URL parameters even if referer is local
+* (bug 2460) <img> width & height properly filled when resizing image
+* (bug 2273) deletion log comment used user interface language
+* Try reading revision _text_ from master if no result on slave
+* Use content-language message cache for raw view of message pages
+* (bug 2530) Not displaying talk pages on Special:Watchlist/edit
+* Fixed a bug that would occour if $wgCapitalLinks was set to false, a user
+ agent could create a username that began with a lower case letter that was
+ not in the ASCII character set ( now user $wgContLang->ucfirst() instead of
+ PHP ucfirst() )
+* Moved the user name / password validity checking from
+ LoginForm::addNewAccountInternal() to two new functions,
+ User::isValidUserName() and User::isValidPassword(), extensions can now do
+ these checks without rewriting code.
+* Fix $wgSiteNotice when MediaWiki:Sitenotice is set to default '-'
+* Fixed a bug where the watchlist count without talk pages would be off by a
+ factor of two.
+* upgrade1_5.php uses insert ignore, allows to skip image info initialization
+* Fix namespaces in category list.
+* Add rebuildImages.php to update image metadata fields
+* Special:Ancientpages is expensive in new schema for now
+* (bug 2568) Fixed a logic error in the Special:Statistics code which caused
+ the displayed percentage of admins to be totally off.
+* (bug 2560) Don't show blank width/height attributes for missing size
+* Don't show bogus messages about watchlist notifications when disabled
+* Don't show old debug messages in watchlist
+* (bug 2576) Fix recording of transclusion links
+* (bug 2577) Allow sysops to enter non-standard block times
+* Fixed a bug where Special:Contributions wouldn't remember the 'invert'
+ status between next/previous buttons.
+* Move MonoBook printable link from tab to sidebar
+* (bug 2567) Fix HTML escaping on category titles in list
+* (bug 2562) Show rollback link for current revisions on diff pages
+* (bug 2583) Add --missinig option on rebuildImages.php to add db entries
+ for uploaded files that don't have them
+* (bug 2572) Fix edit conflict handling
+* (bug 2595) Show "Earlier" and "Latest" links on history go to the first/last
+ page in the article history pager.
+* Don't show empty-page text in 'Show changes' on new page
+* (bug 2591) Check for end, fix limits on Whatlinkshere
+* (bug 2584) Fix output of subcategory list
+* (bug 2597) Don't crash when undeleting an image description page
+* (bug 2564) Don't show "editingold" warning for recent revision
+* Various code cleanup and HTML escaping fixlets
+* Copy IRC-over-UDP update option from REL1_4
+* (bug 2548) Keep summary on 'show changes' of section edit
+* Move center on toc to title part to avoid breaking .toc style usage
+* HTML sanitizer: correct multiple attributes by keeping last, not first
+* (bug 2614) Fix section edit links on diff-to-current with oldid set
+ Also fix navigation links on current-with-oldid view.
+* (bug 2620) Return to prior behavior for some more things (such as
+ subpage parent links) on current-diff view.
+* (bug 2618) Fix regression from another fix; show initial preview for
+ categories only if the page does not exist.
+* (bug 2625) Keep group & user settings when paging in Listusers
+* (bug 2627) Fix regression: diff radio button initial selection
+* Copy fix for old search URLs with Lucene search plugin from REL1_4
+* (bug 619) Don't use incompatible diff3 executable on non-Linux systems.
+* (bug 2631) Fix Hebrew namespaces.
+* (bug 2630) Indicate no-longer-valid cached entries in BrokenRedirects list
+* (bug 2644, 2645) "cur" diff links in page history, watchlist and
+ recentchanges should specify current ID explicitly.
+* (bug 2609) Fix text justification preferenced with MonoBook skin.
+* (bug 2594) Display article tab as red for non-existent articles.
+* (bug 2656) Fix regression: prevent blocked users from reverting images
+* (bug 2629) Automatically capitalize usernames again instead of
+ rejecting lowercase with a useless error message
+* (bug 2661) Fix link generation in contribs
+* Add support for &preload=Page_name (load text of an existing page into
+edit area) and &editintro=Page_name (load text of an existing page instead
+of MediaWiki:Newpagetext) to &action=edit, if page is new.
+* (bugs 2633, 2672, 2685, 2695) Fix Estonian, Portuguese, Italian, Finnish and
+ Spanish numeric formatting
+* Fixed Swedish numeric formatting
+* (bug 2658) Fix signature time, localtime to match timezone offset again
+* Files from shared repositories (e.g. commons) now display with their
+ image description pages when viewed on local wikis.
+* Restore compatibility namespace aliases for French Wikipedia
+* Fix diff order on Enhanced RC 'changes' link
+* (bug 2650) Fix national date type display on wikis that don't support
+ dynamic date conversion.
+* FiveUpgrade: large table hacks, install iw_trans update before links
+* (bug 2648) Rename namespaces in Afrikaanse
+* Special:Booksources checks if custom list page exists before using it
+* (bug 1170) Fixed linktrail for da: and ru:
+* (bug 2683) Really fix apostrophe escaping for toolbox tips
+* (bug 923) Fix title and subtitle for rclinked special page
+* (bug 2642) watchdetails message in several languages used <a></a> instead of [ ]
+* (bug 2181) basic CSB language localisation by Tomasz G. Sienicki (thanks for the patch)
+* Fix correct use of escaping in edit toolbar bits
+* Removed language conversion support from Icelandic
+* (bug 2616) Fix proportional image scaling, giving correct height
+* (bug 2640) Include width and height attributes on unscaled images
+* Workaround for mysterious problem with bogus epoch If-Last-Modified reqs
+* (bug 1109) Suppress compressed output on 304 responses
+* (bug 2674) Include some site configuration info in export data:
+ namespaces definitions, case-sensitivity, site name, version.
+* Use xml:space="preserve" hint on export <text> elements
+* Make language variant selection work again for zh
+
+== Changes since 1.5beta2 ==
+
+* Escaped & correctly in Special:Contributions
+* (bug 2534) Hide edit sections with CSS to make right click to edit section work
+* (bug 2708) Avoid undefined notice on cookieless login attempt
+* (bug 2188) Correct template namespace for Greek localization
+* Fixed number formatting for Dutch
+* (bug 1355) add class noprint to commonPrint.css
+* (bug 2350) Massive update for Limburgish (li) language using Wikipédia
+* Massive update for Arab (ar) language using Wikipédia
+* (bug 1560) Massive update for Kurdish (ku) language using Wikipédia
+* (bug 2709) Some messages were not read from database
+* (bug 2416) Don't allow search engine robots to index or follow nonexisting articles
+* Fix escaping in page move template.
+* (bug 153) Discrepancy between thumbnail size and <img> height attribute
+
+== Changes since 1.5beta3 ==
+
+* Fix talk page move handling
+* (bug 2721) New language file for Vietnamese with the Vietnamese number notation
+* (bug 2749) &nbsp; would appear as a literal in image galleries for Cs, Fr, Fur, Pl and Sv
+* (bug 787) external links being rendered when they only have one slash
+* Fixed a missing typecast in Language::dateFormat() that would cause some
+ interesting errors with signitures.
+* (bug 2764) Number format for Nds
+* (bug 1553) Stop forcing lowercase in Monobook skin for German language.
+* (bug 1064) Implements Special:Unusedcategories
+* (bug 2311) New language file for Macedonian
+* Fix nohistory message on empty page history
+* Fix fatal error in history when validation on
+* Cleaned up email notification message formatting
+* Finally fixed Special:Disambiguations that was broke since SCHEMA_WORK
+* (bug 2761) fix capitalization of "i" in Turkish
+* (bug 2789) memcached image metadata now cleared after deletion
+* Add serialized version number to image metadata cache records
+* (bug 2780) Fix thumbnail generation with GD for new image schema
+* (bug 2791) Slovene numeric format
+* (bug 655) Provide empty search form when searching for nothing
+* Nynorsk numeric format fix
+* (bug 2825) Fix regression in newtalk notifications for anons w/ enotif off
+* (bug 2833) Fix bug in previous fix
+* With $wgCapitalLinks off, accept off-by-first-letter-case in 'go' match
+* Optional parameters for [[Special:Listusers]]
+* (bug 2832) [[Special:Listadmins]] redirects to [[Special:Listusers/sysop]]
+* (bug 785) Parser did not get out of <pre> with list elements
+* Some shared upload fixes
+* (bug 2768) section=new on nonexistent talk page does not add heading
+* support preload= parameter for section=new
+* show comment subject in preview when using section=new
+* use comment form when creating a new talk page
+* (bug 460) Properly handle <center> tags as a block.
+* Undo inconsistent editing behavior change
+* (bug 2835) Back out fix for bug 2802, caused regressions in category sort
+* PHP 4.1.2 compatibility fix: define floatval() equivalent if missing
+* (bug 2901) Number format for Catalan
+* Special:Allpages performance hacks: index memcached caching, removed
+ inverse checkbox, use friendlier relative offsets in index build
+* Bring back "Chick" skin for mobile devices. It needs testing.
+* Fix spelling of $wgForwardSearchUrl in DefaultSettings.php
+* Specify USE INDEX on Allpages chunk queries, sometimes gets lost
+ due to bogus optimization
+* (bug 275) Section duplication fix
+* Remove unused use of undefined variable in UserMailer
+* Fix notice on search index update due to non-array
+* (bug 2885) Fix fatal errors and notices in PHP 5.1.0beta3
+* (bug 2931) Fix additional notices on reference use in PHP 4.4.0
+* (bug 2774) Add three new $wgHooks to LogPage which enable extensions to add
+ their own logtypes, see extensions/Renameuser/SpecialRenameuser.php for an
+ example of this.
+* (bug 740) Messages from extensions now appear in Special:Allmessages
+* (bug 2857) fixed parsing of lists in <pre> sections
+* (bug 796) Trackback support
+* Fix 1.5 regression: weird, backwards diff links on new pages in enhanced RC
+ are now suppressed as before.
+* New skin: Simple
+* "uselang" and "useskin" URL parameters can now be used in the URL when
+ viewing a page, to change the language and skin of a page respectively.
+* Skins can now be previewed in preferences
+* (bug 2943) AuthPlugin::getCanonicalName() name canonicalization hook,
+ patch from robla
+* Wrap revision insert & page update in a transaction, rollback on late
+ edit conflict.
+* (bug 2953) 'other' didn't work in Special:Blockip when localized
+* (bug 2958) Rollback and delete auto-summary should be in the project's
+ content language
+* Removed useless protectreason message
+* Spelling fix: $wgUrlProtcols -> $wgUrlProtocols
+* Switch Moldovan local name to cyrillic
+* Fix typo in undefined array index access prevention
+* (bug 2947) Update namespaces for sr localization
+* (bug 2952) Added Asturian language file with translated namespaces
+* (bug 2676) Apply a protective transformation on editing input/output
+ for browsers that hit the Unicode blacklist. Patch by plugwash.
+* (bug 2999) Fix encoding conversion of pl_title in upgrade1_5.php
+* compressOld.php disabled, as it's known to be broken.
+
+
+=== Changes since 1.5beta4 ===
+
+* Fix Special:Allmessages under PHP 5
+* (bug 2911) Special:Watchlist allowed only one type of limit at a time
+* (bug 693) Special:Allmessages is excessively wide and redundant
+* (bug 3001) Updated and applied live hack for recentchanges-based watchlist
+* (bug 145) Finish 'exclude redirect' implementation in search form
+* Rearranged Special:Movepage form to reduce confusion between destination
+ title and reason input boxes
+* (bug 2527) Always set destination filename when new file is selected
+* (bug 3056) MySQL 3 compatibility fix: USE INDEX instead of FORCE INDEX
+* PHP 4.1 compatibility fix: don't use new_link parameter to mysql_connect
+ if running prior to 4.2.0 as it causes the call to fail
+* (bug 3117) Fix display of upload size and type with tidy on
+* (bug 1487) invalid html on empty list in banlist
+* (bug 3017) Hotkey conflict for delete and show changes
+* made pixel unit translateable and blocklistline now eats infiniteblock
+ and expiringblock
+* (bug 3092) Wrong numerical separator for big numbers in Serbian.
+* (bug 2855) Credit for a uniq author showed its realname even with
+ $wgAllowRealName=false.
+* New special page: SpecialMostlinked
+* (bug 2393) Fix MIME type for Atom feeds ( application/rss+atom )
+* Fix display of read-only lockfile message
+* Added a new hook, 'AddNewAccount', which is run after account creation
+* Update all stats fields on recount.sql
+* Include software-visible client IP address in Special:Version comment
+ as a proxy debugging aid
+* (bug 3162) Fix 'undefined property page_is_new' error on watchlist
+* (bug 1734) granting db permissions failed with db usernames containg '-'
+* (bug 3170) wikititlesuffix was removed, use pagetitle instead
+* (bug 3187) watchlist text refer to unexistent "Stop watching" action
+* (bug 3190) Added some date format choices for language sr
+* (bug 1334) LanguageGa.php update
+* (bug 1020) Changing user interface language does not work immediately
+* (bug 2753) Some namespaces were not translated in LanguageTa.php (Tamil)
+* (bug 3204) Fix typo breaking special pages in fy localization
+* (bug 3210) Fix Media: links with remote image URL path
+* (bug 3220) Fix escaping of block URLs in Recentchanges
+* (bug 3238): Updated LanguageNn.php for 1_5 branch
+* (bug 3192): properly check 'limit' parameter on Special:Contributions
+* (bug 3244) Fix remote image loading hack, JavaScript injection on MSIE
+* Fix URL sanitization in HTML attributes, which broke in this branch
+* (bug 3475) anon contrib links on Special:Newpages
+
+
+=== Changes since 1.5rc2 ===
+
+* Fix upgrade from 1.4 due to version number check breakage
+* Fix upgrade from 1.4 with no old revisions
+* (bug 2108) Sort entries when using category browser
+* XSS issue : now sanitize search query input
+
+
+=== Changes since 1.5rc3 ===
+
+* (bug 3280) Respect 'move' group permission on page moves
+* (bug 2885) More PHP 5.1 fixes: skin, search, log, undelete
+* Security fix for <math>
+* Security fix for tables
+
+
+=== Changes since 1.5rc4 ===
+
+* (bug 3292) Fix move-over-redirect test when current entries are not plaintext
+* (bug 2078) Don't hide watch tab on preview
+* (bug 3306) Document $wgLocalTZoffset
+* Support SVG rendering with rsvg
+* Cap arbitrary SVG renders to given image size or $wgSVGMaxSize pixels wide
+* (bug 3127) Render large SVGs at image page size correctly
+* (bug 3448) Set page_len on undelete
+* (bug 2800) Don't scale up small iamges on |thumb| without explicit size
+* Use the real file link instead of the default-size rasterized version for
+ large SVG images on image description page
+* Include the file name/type/size line for non-resized images
+* (bug 3412) Clean up date format handling so ~~~~-sigs work with default
+ format as designed. Documentation comments updated.
+* (bug 1423) LanguageJa.php update
+* (bug 3405) Don't use raw letters as aliases of MSGNW: and SUBST:
+* (bug 3485) Fix bogus warning about filename capitalization when off
+* (bug 2792) Update rebuildrecentchanges.inc for new schema
+* Special:Import/importDump fixes: report XML parse errors, accept <minor/>
+* (bug 3489) PHP 5.1 compat problem with captioned images
+* (bug 3350) Missing label for move talk page checkbox.
+* (bug 2570) Add 'watch this page' checkbox on uploads, watch uploads
+ by default when 'watchdefault' option is on
+* (bug 3182) Clear link cache during import to prevent memory leak
+* (bug 3573) Full Greek Translation
+* (bug 3595) Warn and abort if importDump.php called in read-only mode.
+* (bug 3598) Update message cache on message page deletion, patch by Tietew
+* Blacklist additional MSIE CSS safety tricks
+
+
+=== Changes since 1.5.0 ===
+
+* (bug 3629) Fix date & time format for Frisian
+* (bug 3641) Fix handling of unrecognized file uploads with known extensions
+* (bug 3643) Fix image page display of large images with resizing disabled
+* Fix meta robots tag on Special:Version again to avoid listing vulnerable
+ versions for convenient harvesting by automated worms
+* (bug 3684) Fix typo in fatal error backtraces in Hooks.php
+* Backport fix for reference usage notice in Special:Search on PHP 4.4.0
+* Backport database connect error display fix from HEAD
+* (bug 2773) Print style sheet no longer overrides RTL text direction
+* MonoBook skin top link id changed from "contentTop" to "top" (shared with
+ name attribute)
+* Wrap message page insertions in a transaction to speed up installation
+* Fix Special:MovePage invalid HTML attribute for reason textarea
+* Avoid notice warning on edit with no User-Agent header
+* (bug 3734) Swapped out obsolete recount.sql with initStats.php
+* (bug 3735) Fix to run under MySQL 5's strict mode
+* (bug 3786) Experimental support for MySQL 4.1/5.0 utf8 charset mode
+ NOTE: Enabling this may break existing wikis, and still doesn't
+ work for all Unicode characters due to MySQL limitations.
+* Sanitizer CSS comment processing order fix
+
+
+=== Changes since 1.5.1 ===
+
+* Fix Special:BrokenRedirects on MySQL 5.0
+* (bug 3809) Backport fix for detecting diff3 failure
+* MySQL 5.0 strict mode fix for moving unwatched pages
+* (bug 3782) Throw fatal installation warning if mbstring.func_overload on.
+ Why do people invent these crazy options that change language semantics?
+* (bug 3762) Define missing Special:Import UI messages
+* (bug 3771) Handle internal functions in backtrace in wfAbruptExit()
+* (bug 3649) Remove obsolete, broken moveCustomMessages script
+* (bug 3667) Add missing global in page move code
+* (bug 3761) Avoid deprecation warnings in Special:Import
+* (bug 2885) Remove unnecessary reference parameter which broke classic skin
+ talk notification on PHP 5.0.5
+* (bug 3845) Update attribute.php for 1.5 schema
+* Fix Parser::unstrip on PHP 4.4.1 and PHP 5.1.0RC4
+
+
+=== Changes since 1.5.2 ===
+
+* (bug 3612) Remove old broken version of maintenance/compressOld.php
+ The working version is in maintenance/storage/compressOld.php
+* (bug 2740) Accept image deletions on 'enter' submit from MSIE
+* (bug 3933) specify XML namespace for Atom 0.3 feeds
+* (bug 3939) Don't try to load text for interwiki redirect target
+* (bug 3948) Avoid notice warning in debug statement in bad search
+* Recognize Special:Search consistently so read whitelist works
+* (bug 4013) typo in fr
+* (bug 3996) Fix text for new entries in RC RSS/Atom feed
+* (bug 2894) Enhanced Recent Changes link fixes
+* (bug 3065) Update both watched namespaces when renaming pages
+* Move parentheses out of <a> link in Special:Contributions
+* (bug 4071) Generate passwords long enough for $wgMinimalPasswordLength
+* (bug 4035) Fix prev/next revision links on edit page
+* (bug 4165) Correct validation for user language selection (data taint)
+* Clearer message in DefaultSettings.php: edit LocalSettings.php instead
+
+
+=== Changes since 1.5.3 ===
+
+* (bug 3805) Clear 'new messages' flag properly in enotif mode
+ for usernames containing spaces
+* (bug 2714) Backlink from special:whatlinkshere was hard set as 'existing'
+* (bug 4249) Typo in entities2literals.pl
+* (bug 4233) Update for japanese language
+* (bug 4279) Small correction to LanguageDa.php
+* (bug 4267) Switch dv sd ug ks arc languages to RTL
+* (bug 3991) Allow the operation of wikicode on Protect move only text
+* Added AutoAuthenticate hook for external User object suppliers
+* Parser internal placeholder string now fully randomized for safety
+
+=== Changes since 1.5.4 ===
+
+* Maintenance script to delete unused user accounts
+* Added detection for WMF files (application/x-msmetafile), added this
+ MIME type to the default blacklist. Prevented inline display of images
+ which are not of known image types. This is in response to
+ http://en.wikipedia.org/wiki/Windows_Metafile_vulnerability
+
+=== Changes since 1.5.5 ===
+
+* (bug 4258) When installing under IIS, $wgArticlePath = "$wgScript?title=$1"
+ should be set
+* (bug 4510) Correct Barnes & Noble bookstore URLs
+* (bug 4504) Use site language for namespace name resolution
+* Installer fixes from HEAD backported; now uses a more sensible method of
+ establishing which mySQL user to use, which clears up bug 921 et al. Minor
+ changes to installer.
+* Fix problem reported on mailing list where re-initialising stats didn't work
+ (can't insert duplicate rows with the same id field)
+* (bug 1122) gray out 'older revision' when viewing first article revision.
+* Respect database prefix in dumpHTML.inc
+* Minor improvements to removeUnusedAccounts.php maintenance script
+* Fix for single-digit week numbers from {{CURRENTWEEK}}, broken by PHP 4.4.1
+* Removed read-only check from Database::query()
+* Added --conf option to command line scripts, allowing the user to specify a
+ different LocalSettings.php.
+
+=== Changes since 1.5.6 ===
+
+* Default main page content improved per bug 4690
+* Fix dependence on hardcoded UNIQ_PREFIX in LanguageConverter.php
+* Fixed Special:Unlockdb
+* Maintenance script to delete unused text records
+* Maintenance script to delete non-current revisions
+* Maintenance script to wipe a page and all revisions from the database
+* (bug 4768) Wrong Russian translation (typo)
+* Performance bugfix: propagate equality manually for Revision fetches
+* (bug 4773) PHP fatal error when invalid title passed to Special:Export
+* Added missing table defs. for transcache to installer schemas
+* (bug 4824) IE7 beta 2 broke compatibility with PNG logo workarounds,
+ and seems to work ok with other bits. No longer including the IE
+ workarounds JavaScript for IE 7 and above.
+* (bug 2532) Image directory structure migration bug
+* (bug 4881) Correction to the fix for 1487; Ipblocklist showed 'no blocks'
+ message at the end of the list even if there were blocks.
+* (bug 4805) Removed more wikipedia-references from LanguageUk.php
+* Introduce $wgWantedPagesThreshold per bug 5011; Special:Wantedpages will not
+ list pages with less than this number of links. Defaults to 1.
+* Allow customisation of paging limits for items in categories using the
+ $wgCategoryPagingLimit global, per bug 4970.
+* Improve "nogomatch" text to make it more obvious that a page can be created.
+* (bug 5113) Spelling error in French language file
+* Don't change the password of the MySQL root user.
+
+=== Changes since 1.5.7 ===
+
+* (bug 5180) User login page shows inappropriate email blurb
+* Add the "AbortNewAccount" hook on account creation; see hooks.txt for more info.
+* Update default "exporttext" to reflect that Special:Import exists
+* Add links to useful material to the default main page content
+* Fix fragment HTML injection
+
+=== Changes since 1.5.8 ===
+
+* Fixed obvious mistakes in Finnish (fi) translation
+* Fixed obvious mistakes in Kurdish (ku) translation
+* Merge two #p-search .pBody statements i monobook/main.css
+* (bug 5156) Update for Hebrew language (he) translation
+* Add the "UserRights" hook on user group changes; see hooks.txt for more info.
+* Translated "listingcontinuesabbrev" for German
+
+=== Caveats ===
+
+Some output, particularly involving user-supplied inline HTML, may not
+produce 100% valid or well-formed XHTML output. Testers are welcome to
+set $wgMimeType = "application/xhtml+xml"; to test for remaining problem
+cases, but this is not recommended on live sites. (This must be set for
+MathML to display properly in Mozilla.)
+
+----
+
+== MediaWiki 1.4.3 ==
+
+(released 2005-04-28)
+
+MediaWiki 1.4.3 is a bugfix release for the 1.4 stable release series.
+
+Chiefly, this fixes a compatibility problem with PHP 5 and a minor link
+table corruption bug on initial page save.
+
+
+== MediaWiki 1.4.2 ==
+
+(released 2005-04-20)
+
+MediaWiki 1.4.2 is a security and bug fix release for the 1.4 stable release
+series.
+
+A cross-site scripting injection vulnerability was discovered, which
+affects only MSIE clients and is only open if MediaWiki has been
+manually configured to run output through HTML Tidy ($wgUseTidy).
+
+Several other bugs are fixed in this release, see the changelog below.
+
+All new installations are highly recommended to use 1.4.2 instead of
+1.3.x; 1.3.x users should consider upgrading for bug fixes and new
+features. Ealier 1.4.x release and beta users should upgrade to this
+release for relevant bug fixes; see the changelog later in this file.
+
+
+If you have trouble, remember to read this whole file and the online FAQ page
+before asking for help:
+
+https://www.mediawiki.org/wiki/Manual:FAQ
+
+
+=== READ THIS FIRST: Upgrading ===
+
+If upgrading from an older release, see the notes in the file UPGRADE.
+There are a couple of minor database changes from the beta releases,
+and somewhat larger changes from 1.3.x.
+
+Upgrading from a previous 1.4.x stable release installation should
+generally only require copying the new files over the old ones.
+
+
+==== READ THIS FIRST, TOO: MySQL 4.1 AND 5.0 ====
+
+MySQL 5.0 is a beta release, not yet ready for production use. If you
+are using it, the notes below about 4.1 apply to you too.
+
+If you have the choice of MySQL 4.0 or MySQL 4.1 and don't need 4.1 for
+some other application, you should consider sticking with 4.0 for the
+moment. 4.1 may require you to do extra fiddling to get things to work
+due to changes that aren't fully backwards-compatible.
+
+MySQL 4.1 has changed the authentication protocol in an incompatible
+way; many PHP installations still use the older client libraries and
+CANNOT CONNECT TO THE SERVER WITH A PASSWORD without some changes.
+
+See: http://dev.mysql.com/doc/mysql/en/Old_client.html
+
+If MySQL is set with utf-8 as the default character set, installation
+may fail with "key too long" errors. Set the default charset to 'latin1'
+for installation and it should work.
+
+The mysqldump backup generator now applies an automatic conversion to
+UTF-8, which may irretrivably corrupt your data. Pass the -charset option
+with the original default charset (eg 'latin1') to skip the conversion.
+
+
+==== READ THIS FIRST IF RUNNING ON A WINDOWS SERVER ====
+
+MediaWiki is tested and deployed primarily under the Apache web server
+on Linux Unix systems. There are known to be problems running on
+Microsoft's IIS which are not fully resolved. If you have a choice,
+try running under Apache on Windows, or on a Unix/Linux box instead.
+
+If you're having trouble with blank pages on IIS and can't switch,
+try the workaround suggested in this bug report:
+http://bugzilla.wikimedia.org/show_bug.cgi?id=1763
+
+
+=== New features ===
+
+* 'Recentchanges Patrol' to mark new edits that haven't yet been viewed.
+* New, searchable deletion/upload/protection logs
+* Image gallery generation (Special:Newimages and <gallery> tag)
+* SVG rasterization support (requires external support tools)
+* Users can select from the available localizations to override the
+ default user interface language.
+* Traditional/Simplified Chinese conversion support
+* rel="nofollow" support to combat linkspam
+
+The current implementation adds this attribute to _all_ external URL
+links in wiki text (but not internal [[wiki links]] or interwiki links).
+To disable the attribute for _all_ external links, add this line to your
+LocalSettings.php:
+
+ $wgNoFollowLinks = false
+
+For background information on nofollow see:
+
+ http://www.google.com/googleblog/2005/01/preventing-comment-spam.html
+
+
+=== Installation and compatibility ===
+
+* The default MonoBook theme now works with PHP 5.0
+* Installation on systems with PHP's safe mode or other oddities
+ should work more reliably, as MonoBook no longer needs to
+ create a compiled template file for the wiki to run.
+* A table prefix may be specified, to avoid conflicts with other
+ web applications forced to share a database.
+* More thorough UTF-8 input validation; fixes non-ASCII uploaded
+ filenames from Safari.
+* Command-line database upgrade script.
+
+
+=== Customizability ===
+
+* Default user options can now be overridden in LocalSettings.
+* Skins system more modular: templates and CSS are now in /skins/
+ New skins can be dropped into this directory and used immediately.
+* More extension hooks have been added.
+* Authentication plugin hook.
+* More internal code documentation, generated with phpdoc:
+ https://doc.wikimedia.org/mediawiki-core/master/php/html/
+
+
+=== Optimization ===
+
+* For many operations, MediaWiki 1.4 should run faster and use
+ less memory than MediaWiki 1.3. Page rendering is up to twice
+ as fast. (Use a PHP accelerator such as Turck MMCache for best
+ results with any PHP application, though!)
+* The parser cache no longer requires memcached, and is enabled
+ by default. This avoids a lot of re-rendering of pages that
+ have been shown recently, greatly speeding longer page views.
+* Support for compiled PHP modules to speed up page diff and
+ Unicode validation/normalization. (Requires ability to compile
+ and load PHP extensions).
+
+
+=== What isn't ready yet ===
+
+* A new user/groups permissions scheme has been held back to 1.5.
+* An experimental SOAP interface will be made available as an extension
+* PostgreSQL support is largely working, minus search and the installer.
+ You can perform a manual installation.
+* E-mail notification of watched page changes and verification of
+ user-submitted e-mail addresses is not yet included.
+* Log pages are not automatically imported into the new log table
+ at upgrade time. A script to import old text log entries is
+ incomplete, but may be available in later point releases.
+* Some localizations are still incomplete.
+
+
+
+== Changelog ==
+
+=== Important security updates ===
+
+A security audit found and fixed a number of problems. Users of MediaWiki
+1.3.10 and earlier should upgrade to 1.3.11; users of 1.4 beta releases
+prior to 1.4rc1 should upgrade immediately.
+
+==== Cross-site scripting vulnerability ====
+
+XSS injection points can be used to hijack session and authentication
+cookies as well as more serious attacks.
+
+* Media: links output raw text into an attribute value, potentially
+ abusable for JavaScript injection. This has been corrected.
+* Additional checks added to file upload to protect against MSIE and
+ Safari MIME-type autodetection bugs.
+
+As of 1.3.10/1.4beta6, per-user customized CSS and JavaScript is disabled
+by default as a general precaution. Sites which want this ability may set
+$wgAllowUserCss and $wgAllowUserJs in LocalSettings.php.
+
+
+==== Cross-site request forgery ====
+
+An attacker could use JavaScript-submitted forms to perform various
+restricted actions by tricking an authenticated user into visiting
+a malicious web page. A fix for page editing in 1.3.10/1.4beta6 has
+been expanded in this release to other forms and functions.
+
+Authors of bot tools may need to update their code to include the
+additional fields.
+
+
+==== Directory traversal ====
+
+An unchecked parameter in image deletion could allow an authenticated
+administrator to delete arbitary files in directories writable by the
+web server, and confirm existence of files not deletable.
+
+
+==== Older issues ====
+
+Note that 1.4 beta releases prior to beta 5 include an input validation
+error which could lead to execution of arbitrary PHP code on the server.
+Users of older betas should upgrade immediately to the current version.
+
+
+Beta 6 also introduces the use of rel="nofollow" attributes on external
+links in wiki pages to reduce the effectiveness of wiki spam. This will
+cause participating search engines to ignore external URL links from wiki
+pages for purposes of page relevancy ranking.
+
+
+=== Misc bugs fixed in beta 1 ===
+
+* (bug 95) Templates no longer limited to 5 inclusions per page
+* New user preference for limiting the image size for images on image description
+ pages
+* (bug 530) Allow user to preview article on first edit
+* (bug 479) [[RFC 1234]] will now make an internal link
+* (bug 511) PhpTal skins shown bogus 'What links here' etc on special pages
+* (bug 770) Adding filter and username exact search match for Special:Listusers
+* (bug 733) Installer die if it can not write LocalSettings.php
+* (bug 705) Various special pages no more show the rss/atom feed links
+* (bug 114) use category backlinks in Special:Recentchangeslinked
+
+=== Beta 2 fixes ===
+
+* (bug 987) Reverted bogus fix for bug 502
+* (bug 992) Fix enhanced recent changes in PHP5
+* (bug 1009) Fix Special:Makesysop when using table prefixes
+* (bug 1010) fix broken Commons image link on Classic & Cologne Blue
+* (bug 985) Fix auto-summary for section edits
+* (bug 995) Close <a> tag
+* (bug 1004) renamed norsk language links (twice)
+* Login works again when using an old-style default skin
+* Fix for load balancing mode, notify if using old settings format
+* (bug 1014) Missing image size option on old accounts handled gracefully
+* (bug 1027) Fix page moves with table prefix
+* (bug 1018) Some pages fail with stub threshold enabled
+* (bug 1024) Fix link to high-res image version on Image: pages
+* (bug 1016) Fix handling of lines omitting Image: in a <gallery> tag
+* security fix for image galleries
+* (bug 1039) Avoid error message in certain message cache failure modes
+* Fix string escaping with PostgreSQL
+* (bug 1015) [partial] -- use comment formatter on image gallery text
+* Allow customization of all UI languages
+* use $wgForceUIMsgAsContentMsg to make regular UI messages act as content
+* new user option for zh users to disable language conversion
+* Defer message cache initialization, shaving a few ms off file cache hits
+* Fixed Special:Allmessages when using table prefixes
+* (bug 996) Fix $wgWhitelistRead to work again
+* (bug 1028) fix page move over redirect to not fail on the unique index
+
+=== Beta 3 fixes ===
+
+* Hide RC patrol markers when patrol is disabled or not allowed to patrol.
+* Fix language selection for upgraded accounts
+* (bug 1076) navigation links in QueryPage should be translated by wgContLang.
+* (bug 922) bogus DOS line endings in LanguageEl.php
+* Fix index usage in contribs
+* Caching and load limiting options for Recentchanges RSS/Atom feed
+* (bug 1074) Add stock icons for non-image files in gallery/Newimages
+* Add width and height attributes on thumbs in gallery/Newimages
+* Enhance upload extension blacklist to protect against vulnerable
+ Apache configurations
+
+=== Beta 4 fixes ===
+
+* (bug 1090) Fix sitesupport links in CB/classic skins
+* Gracefully ignore non-legal titles in a <gallery>
+* Fix message page caching behavior when $wgCapitalLinks is turned off
+ after installation and the wiki is subsequently upgraded
+* Database error messages include the database server name/address
+* Paging support for large categories
+* Fix image page scaling when thumbnail generation is disabled
+* Select the content language in prefs when bogus interface language is set
+* Fix interwiki links in edit comments
+* Fix crash on banned user visit
+* Avoid PHP warning messages when thumbnail not generated
+* (bug 1157) List unblocks correctly in Special:Log
+* Fix fatal errors in LanguageLi.php
+* Undo overly bright, difficult to read colors in Cologne Blue
+* (bug 1162) fix five-tilde date inserter
+* Add raw signatures option for those who simply must have cute sigs
+* (bug 1164) Let wikitext be used in Loginprompt and Loginend messages
+* Add the dreaded <span> to the HTML whitelist
+* (bug 1170) Fix Russian linktrail
+* (bug 1168) Missing text on the bureaucrat log
+* (bug 1180) Fix Makesysop on shared-user-table sites
+* (bug 1178) Fix previous diff link when using 'oldid=0'
+* (bug 1173) Stop blocked accounts from reverting/deleting images
+* Keep generated stylesheets cache-separated for each user
+* (bug 1175) Fix "preview on first edit" mode
+* Fix revert bug caused by bug 1175 fix
+* Fix CSS classes on minor, new, unpatrolled markers in enhanced RC
+* Set MySQL 4 boolean search back to 'and' mode by default
+* (bug 1193) Fix move-only page protection mode
+* Fix zhtable Makefile to include the traditional manual table
+* Add memcache timeout for the zh conversion tables
+* Allow user customization of the zh conversion tables through
+ Mediawiki:zhconversiontable
+* Add zh-min-man (back) to language names list
+* Ported $wgCopyrightIcon setting from REL1_3A
+* (bug 1218) Show the original image on image pages if the thumbnail would be
+ bigger than the original image
+* (bug 1213) i18n of Special:Log labels
+* (bug 1013) Fix jbo, minnan in language names list
+* Added magic word MAG_NOTITLECONVERT to indicate that the title of the page
+ do not need to be converted. Useful in zh:
+* (bug 1224) Use proper date messages for date reformatter
+* (bug 1241) Don't show 'cont.' for first entry of the category list
+* (bug 1240) Special:Preferences was broken in Slovenian locale when
+ $wgUseDynamicDates is enabled
+* Added magic word MAG_NOCONTENTCONVERT to supress the conversion of the
+ content of an article. Useful in zh:
+* write-lock for updating the zh conversion tables in memcache
+* recursively parse subpages of MediaWiki:Zhconversiontable
+* (bug 1144) Fix export for fy language
+* make removal of an entry from zhconversiontable work
+* (bug 752) Don't insert newline in link title for url with %0a
+* Fix missing search box contents in MonoBook skin
+* Add option to forward search directly to an external URL (eg google)
+* Correctly highlight the fallback language variant when the selected
+ variant is disabled. Used in zh: only for now.
+
+=== Beta 5 fixes ===
+
+* (bug 1124) Fix ImageGallery XHTML compliance
+* (bug 1186) news: in the middle of a word
+* (bug 1283) Use underlining and borders to highlight additions/deletions
+ in diff-view
+* Use user's local timezone in Special:Log display
+* Show filename for images in gallery by default (restore beta 3 behavior)
+* (bug 1201) Double-escaping in brokenlinks, imagelinks, categorylinks, searchindex
+* When using squid reverse proxy, cache the redirect to the Main_Page
+* (bug 1302) Fix Norwegian language file
+* (bug 1205) Fix broken article saving in PHP 5.1
+* (bug 1206) Implement CURRENTWEEK and CURRENTDOW magic keyword (will give
+ number of the week and number of the day).
+* (bug 1204) Blocks do not expire automatically
+* (bug 1184) expiry time of indefinite blocks shown as the current time
+* (bug 1317) Fix external links in image captions
+* (bug 1084) Fix logo not rendering centrally in IE
+* (bug 288) Fix tabs wrapping in IE6
+* (bug 119) Fix full-width tabs with RTL text in IE
+* (bug 1323) Fix logo rendering off-screen in IE with RTL language
+* Show "block" link in Special:Recentchanges for logged in users, too, if
+ wgUserSysopBans is true.
+* (bug 1326) Use content language for '1movedto2' in edit history
+* zh: Fix warning when HTTP_ACCEPT_LANGUAGE is not set
+* zh: Fix double conversion for zh-sg and zh-hk
+* (bug 1132) Fix concatenation of link lists in refreshLinks
+* (bug 1101) Fix memory leak in refreshLinks
+* (bug 1339) Fix order of @imports in Cologne Blue CSS
+* Don't try to create links without namespaces ([[Category:]] link bug)
+* Memcached data compression fixes
+* Several valid XHTML fixes
+* (bug 624) Fix IE freezing rendering whilst waiting for CSS with MonoBook
+* (bug 211) Fix tabbed preferences with XHTML MIME type
+* Fix for script execution vulnerability.
+
+=== Beta 6 fixes ===
+
+* (bug 1335) implement 'tooltip-watch' in Language.php
+* Fix linktrail for nn: language
+* (bug 1214) Fix prev/next links in Special:Log
+* (bug 1354) Fix linktrail for fo: language
+* (bug 512) Reload generated CSS on preference change
+* (bug 63) Fix displaying as if logged in after logout
+* Set default MediaWiki:Sitenotice to '-', avoiding extra database hits
+* Skip message cache initialization on raw page view (quick hack)
+* Fix notice errors in wfDebugDieBacktrace() in XML callbacks
+* Suppress notice error on bogus timestamp input (returns epoch as before)
+* Remove unnecessary initialization and double-caching of parser variables
+* Call-tree output mode for profiling
+* (bug 730) configurable $wgRCMaxAge; don't try to update purged RC entries
+* Add $wgNoFollowLinks option to add rel="nofollow" on external links
+ (on by default)
+* (bug 1130) Show actual title when moving page instead of encoded one.
+* (bug 925) Fix headings containing <math>
+* (bug 1131) Fix headings containing interwiki links
+* (bug 1380) Update Nynorsk language file
+* (bug 1232) Fix sorting of cached Special:Wantedpages in miser mode
+* (bug 1217) Image within an image caption broke rendering
+* (bug 1384) Make patrol signs have the same width for page moves as for edits
+* (bug 1364) fix "clean up whitespace" in Title:SecureAndSplit
+* (bug 1389) i18n for proxyblocker message
+* Add fur/Furlan/Friulian to language names list
+* Add TitleMoveComplete hook on page renames
+* Allow simple comments for each translation rules in MW:Zhconversiontable
+* (bug 1402) Make link color of tab subject page link on talk page indicate whether article exists
+* (bug 1368) Fix SQL error on stopword/short word search w/ MySQL 3.x
+* Translated Hebrew namespace names
+* (bug 1429) Stop double-escaping of block comments; fix formatting
+* (bug 829) Fix URL-escaping on block success
+* (bug 1228) Fix double-escaping on &amp; sequences in [enclosed] URLs
+* (bug 1435) Fixed many CSS errors
+* (bug 1457) Fix XHTML validation on category column list
+* (bug 1458) Don't save if edit form submission is incomplete
+* Logged-in edits and preview of user CSS/JS are now locked to a session token.
+* Per-user CSS and JavaScript subpage customizations now disabled by default.
+ They can be re-enabled via $wgAllowUserJs and $wgAllowUserCss.
+* Removed .ogg from the default uploads whitelist as an extra precaution.
+ If your web server is configured to serve Ogg files with the correct
+ Content-Type header, you can re-add it in LocalSettings.php:
+ $wgFileExtensions[] = 'ogg';
+
+=== RC1 fixes ===
+
+* Fix notice error on nonexistent template in wikitext system message
+* (bug 1469) add missing <ul> tags on Special:Log
+* (bug 1470) remove extra <ul> tags from Danish log messages
+* Fix notice on purge w/ squid mode off
+* (bug 1477) hide details of SQL error messages by default
+ Set $wgShowSQLErrors = true for debugging.
+* (bug 1430) Don't check for template data when editing page that doesn't exist
+* Recentchanges table purging fixed when using table prefix
+* (bug 1431) Avoid redundant objectcache garbage collection
+* (bug 1474) Switch to better-cached index for statistics page count
+* Run Unicode normalization on all input fields
+* Fix translation for allpagesformtext2 in LanguageZh_cn and LanguageZh_tw
+* Block image revert without valid login
+* (bug 1446) stub Bambara (bm) language file using French messages
+* (bug 1432) Update Estonian localization
+* (bug 1471) unclosed <p> tag in Danish messages
+* convertLinks script fixes
+* Corrections to template loop detection
+* XHTML encoding fix for usernames containing & in Special:Emailuser
+* (for zh) Search for variant links even when conversion is turned off,
+ to help prevent duplicate articles.
+* Disallow ISO 8859-1 C1 characters and "no-break space" in user names
+ on Latin-1 wikis.
+* Correct the name of the main page it LanguageIt
+* Allow Special:Makesysop to work for usernames containing SQL special
+ characters.
+* Fix annoying blue line in Safari on scaled-down images on description page
+* Increase upload sanity checks
+* Fix XSS bug in Media: links
+* Add cross-site form submission protection to various actions
+* Fix fatal error on some dubious page titles
+* Stub threshold displays correctly again
+
+
+=== 1.4.0 final fixes ===
+
+* (bug 65) Fix broken interwiki link encoding on Latin-1 wikis; force to UTF-8
+* (bug 563) Fix UTF-8 interwiki URL redirects via Latin-1 wikis
+* (bug 1536) Fix page info
+* Support os (Ossetic) as language code, using Russian localization base
+* (bug 1610) Support non (Old Norse) as language code, using Icelandic localization base
+* (bug 1618) Properly list custom namespaces in Special:Allpages
+* (bug 1622) Remove trailing' >' when using category browser
+* (bug 1570) Fix php 4.2.x error on conflict merging
+* (bug 1585) Fix page title on post-login redirection page
+* Run UTF-8 validation on old text in Recentchanges RSS diffs
+* (bug 1642) fix a mime type typo in img_auth.php
+* Automated interwiki redirects only for local interwikis
+* Respect read-only mode on block removals
+* Trim old illegal characters from syndication feeds
+* Reduce message cache outage recovery delay from 1 day to 5 minutes
+* (bug 1403) Update Finnish localization
+* (bug 1478) Punjabi localization
+* (bug 1667) Update script 5 second countdown.
+* (bug 1057) Fix logging table encoding (error on MySQL 4.1)
+* (bug 1680) Fix linktrail for fo
+* (bug 1653) Removing hardcoded messages in Special:Allmessages
+* (bug 1594) Render a hyphen in a formula as &minus; in HTML
+* (bug 1495) Fall back to default language MediaWiki: for custom messages
+* (bug 1617) Show different error messages for "user does not
+ exist" and "wrong password" when using AuthPlugin
+* (bug 1532), (bug 1544) Changed language names for
+ 'bn', 'bo', 'dv', 'dz', 'ht', 'ii', 'li', 'lo', 'ng', 'or', 'pa', 'si',
+ 'ti', 've'
+* Fix editing on non-Esperanto wiki with user language pref set to Esperanto
+* Make conversion table for zh-sg default to zh-cn, and zh-hk default to zh-tw
+* Fix PHP notice in MonoBook when counters disabled
+* (bug 1696) Update namespaces, dates in uk localization
+* (bug 551) Installer warns about magic_quotes_runtime and magic_quotes_sybase
+ instead of trying to install with corrupt table files
+* Installer no longer tries to move non-default MediaWiki: pages into Template:
+* User-to-user email disabled by default ($wgEnableUserEmail)
+
+
+=== 1.4.1 fixes ===
+
+* (bug 1720) fix genitive month names for uk
+* (bug 1704) fixed untranslateable string in Special:Log
+* (bug 1638) Added Belrusian language file
+* (bug 1736) typo in SpecialValidate.php
+* (bug 73) Upload doesn't run edit updates on description page (links,
+ search index and categories)
+* (bug 646) <math> fails to recognize \ll and \gg
+* (bug 926) \div element from TeX not supported in <math> element
+* (bug 1147) add \checkmark to whitelist in texutil.ml
+* (bug 937) \limits function from LaTeX not supported in <math> element
+* Support for manually converting article title to different Chinese
+ variants (for zh)
+* (bug 1488, bug 1744) Fix encoding for preferences, dates in Latin-1 mode
+* (bug 1042) Fix UTF-8 case conversion for PHP <4.3 with mbstring extension
+* Fix code typo that broke article credits display
+* Installation fixes for running under IIS
+* (bug 1556) login page tab order. "remember" checkbox now come after password.
+* SQL debug log fixlets
+* (bug 1815) Fix namespace in old revision display with mismatched title
+* (bug 1788) Fix link duplication when edit/upload comment includes newlines
+* Change default on $wgSysopUserBans and $wgSysopRangeBans to true
+* Fix link conversion for URL request
+* (bug 1851) Updated download URL for the SCIM packages used by zhtable
+* (bug 1853) Try stripping quotes from term for 'go' title match
+* Fix missing function in Latin1 mode
+* (bug 1860) Anchors of interwiki links did not get normalized
+* (bug 1847) accept lowercase x in ISBN, do not accept invalid A-W,Y,Z
+* Fix link conversion for URL request, hopefully without breaking the wiki
+* (bug 1849) New option allows to consider categorized images as used on
+ Special:Unusedimages
+* Localized category namespace for ka (Georgian)
+* (bug 1107) Work around includes problem in installer when parent dir is not
+ readable by the web server
+* (bug 1927) Incorrect escaping on wikitext message in Blockip
+
+
+=== 1.4.2 fixes ===
+
+* Fix math options in Finnish localization
+* Use in-process Tidy extension if available when $wgUseTidy is on
+* (bug 1933) Fix PATH_INFO usage under IIS with PHP ISAPI module
+* (bug 1188) <nowiki> in {{subst:}} includes fixed
+* (bug 1936) <!-- comments --> in {{subst:}} includes fixed
+* Fix a potential MSIE JavaScript injection vector in Tidy mode
+
+
+=== 1.4.3 fixes ===
+
+* (bug 1636) Refs like &#0355; were misinterpreted as octal in some places
+* (bug 1163) Special:Undelete showed oldest revision instead of newest
+* (bug 1938) Fix escaping of illegal character references in link text
+* (bug 1997) Fix for error on display of renamed items in Recentchanges on PHP5
+* (bug 1949) Profiling typo in rare error case
+* (bug 1963) Fix deletion log link when $wgCapitalLinks is off
+* (bug 1970) Don't show move tab for immobile pages
+* (bug 1770) Page creation recorded links from the 'newarticletext' message
+* Optional change to the site_stats table. When applied, this removes the need
+ for expensive queries in Special:Statistics.
+
+
+=== 1.4.4 fixes ===
+
+* (bug 725) Let dir="ltr" attribute work again in MonoBook on RTL languages
+* (bug 2024) Skip JavaScript error for custom skins where .js message not set
+* (bug 2025) Updated Indonesian localization
+* (bug 2039) Updated Lithuanian localization
+
+
+=== Caveats ===
+
+Some output, particularly involving user-supplied inline HTML, may not
+produce 100% valid or well-formed XHTML output. Testers are welcome to
+set $wgMimeType = "application/xhtml+xml"; to test for remaining problem
+cases, but this is not recommended on live sites. (This must be set for
+MathML to display properly in Mozilla.)
+
+
+For notes on 1.3.x and older releases, see HISTORY.
+
+
+=== Online documentation ===
+
+Documentation for both end-users and site administrators is currently being
+built up on MediaWiki.org, and is covered under the GNU Free Documentation
+License:
+
+ https://www.mediawiki.org/
+
+
+=== Mailing list ===
+
+A MediaWiki-l mailing list has been set up distinct from the Wikipedia
+wikitech-l list:
+
+ http://lists.wikimedia.org/mailman/listinfo/mediawiki-l
+
+A low-traffic announcements-only list is also available:
+ http://lists.wikimedia.org/mailman/listinfo/mediawiki-announce
+
+It's highly recommended that you sign up for one of these lists if you're
+going to run a public MediaWiki, so you can be notified of security fixes.
+
+
+=== IRC help ===
+
+There's usually someone online in #mediawiki on irc.freenode.net