* (T156983) $wgRateLimitsExcludedIPs now accepts CIDR ranges as well as single IPs.
* $wgDummyLanguageCodes is deprecated. Additional language code mappings may be
added to $wgExtraLanguageCodes instead.
+* (T161453) LocalisationCache will no longer use the temporary directory in it's
+ fallback chain when trying to work out where to write the cache.
+* The user right 'editusercssjs' (deprecated in 1.16) was removed. Use
+ 'editusercss' and 'edituserjs' in $wgGroupPermissions and elsewhere instead.
=== New features in 1.29 ===
* (T5233) A cookie can now be set when a user is autoblocked, to track that user
* Completely new user interface for the RecentChanges page, which
structures filters into user-friendly groups. This has corresponding
changes to how filters are registered by core and extensions.
+* The edit form now uses pretty OOjs UI buttons, checkboxes and summary input.
+ Because this change can cause problems for extensions and on-wiki
+ scripts depending on the exact HTML, the old version is still available
+ and can be used by setting $wgOOUIEditPage = false; in LocalSettings.php.
+ This will be removed later and OOjs UI will become the only option.
+ To make testing easier, users can also force either mode by adding
+ &ooui=true or &ooui=false to the action=edit URL.
=== External library changes in 1.29 ===
* Updated monolog from v1.18.2 to 1.22.1.
* Updated wikimedia/composer-merge-plugin from v1.3.1 to v1.4.0.
* Updated OOjs from v1.1.10 to v2.0.0.
+* Updated jQuery from v1.11.3 to v3.2.1 (including jQuery Migrate v3.0.0).
==== New external libraries ====
* Added wikimedia/timestamp v1.0.0.
* (T157035) "new mw.Uri()" was ignoring options when using default URI.
* Special:Allpages can no longer be filtered by redirect in miser mode.
* (T160519) CACHE_ANYTHING will not be CACHE_ACCEL if no accelerator is installed.
+* (T109140) (T122209) SECURITY: Special:UserLogin and Special:Search allow redirect
+ to interwiki links.
+* (T144845) SECURITY: XSS in SearchHighlighter::highlightText() when
+ $wgAdvancedSearchHighlighting is true.
+* (T125177) SECURITY: API parameters may now be marked as "sensitive" to keep
+ their values out of the logs.
+* (T150044) SECURITY: "Mark all pages visited" on the watchlist now requires a CSRF
+ token.
+* (T156184) SECURITY: Escape content model/format url parameter in message.
+* (T151735) SECURITY: SVG filter evasion using default attribute values in DTD
+ declaration.
+* (T161453) SECURITY: LocalisationCache will no longer use the temporary directory
+ in it's fallback chain when trying to work out where to write the cache.
+* (T48143) SECURITY: Spam blacklist ineffective on encoded URLs inside file inclusion
+ syntax's link parameter.
+* (T108138) SECURITY: Sysops can undelete pages, although the page is protected against
+ it.
=== Action API changes in 1.29 ===
* Submitting sensitive authentication request parameters to action=login,
various methods now take a module path rather than a module name.
* ApiMessageTrait::getApiCode() now strips 'apierror-' and 'apiwarn-' prefixes
from the message key, and maps some message keys for backwards compatibility.
+* API parameters may now be marked as "sensitive" to keep their values out of
+ the logs.
=== Languages updated in 1.29 ===
ca ↔ oc; hsb ↔ dsb; io → eo; mdf → ru; pnt → el; roa-tara → it; rup → ro;
sh → bs, sr-el, hr.
* (T137376) New language support: Atikamekw (atj).
+* (T163600) New language support: Dinka (din).
* (T155957) Talk Namespaces for Javanese language (jv) have been updated.
==== No fallback for Ukrainian ====
rather than <strong> tags. The old class name, "selflink", was deprecated
and will be removed in a future release. (T160480)
* (T156184) $wgRawHtml will no longer apply to internationalization messages.
-* Browser support for non-ES5 JavaScript browsers, including Android 2, Opera 12,
- and Internet Explorer 9, was lowered from Grade A to Grade C.
+* Browser support for non-ES5 JavaScript browsers, including Android 2,
+ Opera <12.10, and Internet Explorer 9, was lowered from Grade A to Grade C.
+* Removed wikibits global methods deprecated since MediaWiki 1.17 (T122755):
+ is_gecko, is_chrome_mac, is_chrome, webkit_version, is_safari_win, is_safari,
+ webkit_match, is_ff2, ff2_bugs, is_ff2_win, is_ff2_x11, opera95_bugs,
+ opera7_bugs, opera6_bugs, is_opera_95, is_opera_preseven, is_opera,
+ ie6_bugs, clientPC, changeText, killEvt, addHandler, hookEvent,
+ addClickHandler, removeHandler, getElementsByClassName, getInnerText,
+ setupCheckboxShiftClick, addCheckboxClickHandlers, mwEditButtons,
+ mwCustomEditButtons, injectSpinner, removeSpinner, escapeQuotes,
+ escapeQuotesHTML, jsMsg, addPortletLink, appendCSS, tooltipAccessKeyPrefix,
+ tooltipAccessKeyRegexp, updateTooltipAccessKeys.
+* The ID of the <li> element containing the login link has changed from
+ 'pt-login' to 'pt-login-private' in private wikis.
+* The old, neglected "bulletin board style toolbar" in the edit form is now
+ deprecated (T30856). This old code dates from 2006, and was replaced in the
+ MediaWiki release tarball and in Wikimedia production by the WikiEditor
+ extension in 2010. It is only shown to users if no other editor was
+ installed, and leads to confusion.
== Compatibility ==
MediaWiki 1.29 requires PHP 5.5.9 or later. There is experimental support for
HHVM 3.6.5 or later.
-MySQL is the recommended DBMS. PostgreSQL or SQLite can also be used, but
-support for them is somewhat less mature. There is experimental support for
+MySQL/MariaDB is the recommended DBMS. PostgreSQL or SQLite can also be used,
+but support for them is somewhat less mature. There is experimental support for
Oracle and Microsoft SQL Server.
The supported versions are:
table, the schema update may take quite long (minutes on a medium sized site,
many hours on a large site).
-If upgrading from before 1.11, and you are using a wiki as a commons
-repository, make sure that it is updated as well. Otherwise, errors may arise
-due to database schema changes.
-
-If upgrading from before 1.7, you may want to run refreshLinks.php to ensure
-new database fields are filled with data.
-
-If you are upgrading from MediaWiki 1.4.x or earlier, you should upgrade to
-1.5 first. The upgrade script maintenance/upgrade1_5.php has been removed
-with MediaWiki 1.21.
-
Don't forget to always back up your database before upgrading!
-See the file UPGRADE for more detailed upgrade instructions.
+See the file UPGRADE for more detailed upgrade instructions, including
+important information when upgrading from versions prior to 1.11.
For notes on 1.28.x and older releases, see HISTORY.