X-Git-Url: https://git.heureux-cyclage.org/?a=blobdiff_plain;f=RELEASE-NOTES-1.27;h=7c50e4fd9fe3fbc435fe78022f870a953ef9bd66;hb=dad87efa5a431a06a4a379b606346cf93d85ae7d;hp=72d4b3885ef1588903011d668d70ea35abeda622;hpb=a0803c9bc551631c8a35bf2d99705a724cb62039;p=lhc%2Fweb%2Fwiklou.git diff --git a/RELEASE-NOTES-1.27 b/RELEASE-NOTES-1.27 index 72d4b3885e..7c50e4fd9f 100644 --- a/RELEASE-NOTES-1.27 +++ b/RELEASE-NOTES-1.27 @@ -13,6 +13,8 @@ HHVM 3.1. Additionally, the following PHP extensions are required: * json * mbstring * xml +The following PHP extensions are strongly recommended: +* openssl === Configuration changes in 1.27 === * $wgAllowMicrodataAttributes and $wgAllowRdfaAttributes were removed, @@ -114,6 +116,31 @@ HHVM 3.1. Additionally, the following PHP extensions are required: module should express a dependency on it. * Removed configuration option $wgCopyrightIcon (deprecated since 1.18). Use $wgFooterIcons['copyright']['copyright'] instead. +* If the openssl and mcrypt PHP extensions are both unavailable, secure + session storage (used for login) will raise an exception. This exception may + be bypassed by setting $wgSessionInsecureSecrets = true. +* Massive overhaul to authentication: +** AuthPlugin and AuthPluginUser are deprecated. +** LoginForm and associated templates are deprecated. Extensions which called + static LoginForm methods should be converted into authentication providers. +** The following hooks are deprecated: +*** AbortAutoAccount (create a MediaWiki\Auth\PreAuthenticationProvider instead) +*** AbortLogin (create a MediaWiki\Auth\PreAuthenticationProvider instead) +*** AbortNewAccount (create a MediaWiki\Auth\PreAuthenticationProvider instead) +*** AddNewAccount (use LocalUserCreated instead) +*** AuthPluginSetup (create a MediaWiki\Auth\PrimaryAuthenticationProvider instead) +*** ChangePasswordForm (use AuthChangeFormFields instead, or security levels) +*** LoginUserMigrated (create a MediaWiki\Auth\PreAuthenticationProvider instead) +*** UserCreateForm (create a MediaWiki\Auth\AuthenticationProvider of some type instead) +*** UserLoginForm (create a MediaWiki\Auth\AuthenticationProvider of some type instead) +** The following hooks are removed: +*** AbortChangePassword +*** LoginPasswordResetMessage +*** PrefsPasswordAudit +** The UserLoginComplete hook will no longer be called for all logins, only for + those via the web UI. Use UserLoggedIn if you need to do something on all + logins. +** $wgRequirePasswordforEmailChange is removed. === New features in 1.27 === * $wgDataCenterUpdateStickTTL was also added. This decides how long a user @@ -190,6 +217,30 @@ HHVM 3.1. Additionally, the following PHP extensions are required: is deprecated. * (T33313) Add a preference for watching uploads by default, also applies to API-based upload tools. +* $wgJpegPixelFormat was added to override chroma subsampling for JPEG image + thumbnails created via ImageMagick. Defaults to 'yuv420', providing bandwidth + savings versus the previous behavior on many files. +* MediaWiki\Auth infrastructure (called "AuthManager") allows for more flexible + configuration of multiple authentication pieces that was possible with + AuthPlugin. For example, it's now easy to plug in second-factor + authentication, or add additional checks to the login process, or to support + multiple login methods at once, or to support non-password-based login methods. +** Providers are configured via the global setting $wgAuthManagerConfig. +** A global, $wgDisableAuthManager, is temporarily available to disable + AuthManager until extensions are ready to support it. +** New hook, AuthChangeFormFields, to adjust the form fields on + AuthManager-related special pages. +** New hook, AuthManagerLoginAuthenticateAudit, for additional logging of + AuthManager-related authentication requests. +** New hook, ChangeAuthenticationDataAudit, for additional logging of + AuthManager-related authentication data changes. +** New hook, SecuritySensitiveOperationStatus, to work with the new mechanism + for requiring a recent login before taking security-sensitive operations + like changing a password. +** Two new globals, $wgChangeCredentialsBlacklist and $wgRemoveCredentialsBlacklist + can be used to prevent the web UI and the API changing certain authentication data. +* The file upload dialog (available if you install WikiEditor or VisualEditor) + can now be configured using $wgUploadDialog. === External library changes in 1.27 === @@ -231,6 +282,18 @@ HHVM 3.1. Additionally, the following PHP extensions are required: merely need to change the username and password used after setting up a bot password. * action=upload no longer understands statuskey, asyncdownload or leavemessage. +* Several changes when $wgDisableAuthManager is false: +** action=login is deprecated for uses other than bot passwords. +** list=users can now indicate if a missing username is creatable. +** action=createaccount is changed in a non-backwards-compatible manner. +** Added action=query&meta=authmanagerinfo. +** Added action=clientlogin to be used to log into the main account instead of + action=login. +** Added action=linkaccount. +** Added action=unlinkaccount. +** Added action=changeauthenticationdata. +** Added action=removeauthenticationdata. +** Added action=resetpassword. === Action API internal changes in 1.27 === * ApiQueryORM removed. @@ -263,6 +326,7 @@ HHVM 3.1. Additionally, the following PHP extensions are required: * ApiMain::addFormat() was removed (deprecated in 1.21). * ApiMain::getFormats() was removed (deprecated in 1.21). * ApiPageSet::finishPageSetGeneration() was removed (deprecated in 1.21). +* ApiCreateAccount is deprecated, and will be removed soon. === Languages updated in 1.27 === @@ -414,6 +478,64 @@ changes to languages because of Phabricator reports. * UserMailer::send() no longer accepts $replyto as the 5th argument and $contentType as the 6th. These must be passed in the options array now. * Title::newFromRedirectRecurse() was removed (deprecated in 1.21). +* Skin::accesskey was removed (deprecated since 1.21). +* Skin::blockLink was removed (deprecated since 1.21). +* Skin::buildRollbackLink was removed (deprecated since 1.21). +* Skin::emailLink was removed (deprecated since 1.21). +* Skin::formatComment was removed (deprecated since 1.21). +* Skin::formatHiddenCategories was removed (deprecated since 1.21). +* Skin::formatLinksInComment was removed (deprecated since 1.21). +* Skin::formatRevisionSize was removed (deprecated since 1.21). +* Skin::formatSize was removed (deprecated since 1.21). +* Skin::formatTemplates was removed (deprecated since 1.21). +* Skin::generateTOC was removed (deprecated since 1.21). +* Skin::getInternalLinkAttributes was removed (deprecated since 1.21). +* Skin::getInternalLinkAttributesObj was removed (deprecated since 1.21). +* Skin::getInterwikiLinkAttributes was removed (deprecated since 1.21). +* Skin::getInvalidTitleDescription was removed (deprecated since 1.21). +* Skin::getLinkColour was removed (deprecated since 1.21). +* Skin::getRevDeleteLink was removed (deprecated since 1.21). +* Skin::getRollbackEditCount was removed (deprecated since 1.21). +* Skin::makeBrokenImageLinkObj was removed (deprecated since 1.21). +* Skin::makeCommentLink was removed (deprecated since 1.21). +* Skin::makeExternalImage was removed (deprecated since 1.21). +* Skin::makeExternalLink was removed (deprecated since 1.21). +* Skin::makeHeadline was removed (deprecated since 1.21). +* Skin::makeImageLink was removed (deprecated since 1.21). +* Skin::makeMediaLinkFile was removed (deprecated since 1.21). +* Skin::makeMediaLinkObj was removed (deprecated since 1.21). +* Skin::makeSelfLinkObj was removed (deprecated since 1.21). +* Skin::makeThumbLink2 was removed (deprecated since 1.21). +* Skin::makeThumbLinkObj was removed (deprecated since 1.21). +* Skin::normaliseSpecialPage was removed (deprecated since 1.21). +* Skin::normalizeSubpageLink was removed (deprecated since 1.21). +* Skin::processResponsiveImages was removed (deprecated since 1.21). +* Skin::revComment was removed (deprecated since 1.21). +* Skin::revDeleteLink was removed (deprecated since 1.21). +* Skin::revDeleteLinkDisabled was removed (deprecated since 1.21). +* Skin::revUserLink was removed (deprecated since 1.21). +* Skin::revUserTools was removed (deprecated since 1.21). +* Skin::specialLink was removed (deprecated since 1.21). +* Skin::splitTrail was removed (deprecated since 1.21). +* Skin::titleAttrib was removed (deprecated since 1.21). +* Skin::tocIndent was removed (deprecated since 1.21). +* Skin::tocLine was removed (deprecated since 1.21). +* Skin::tocLineEnd was removed (deprecated since 1.21). +* Skin::tocList was removed (deprecated since 1.21). +* Skin::tocUnindent was removed (deprecated since 1.21). +* Skin::tooltip was removed (deprecated since 1.21). +* Skin::tooltipAndAccesskeyAttribs was removed (deprecated since 1.21). +* Skin::userTalkLink was removed (deprecated since 1.21). +* Skin::userToolLinksRedContribs was removed (deprecated since 1.21). +* wikidiff3 is now the default and only PHP diff engine. It provides improved diff + performance on complex changes. $wgExternalDiffEngine = 'wikidiff3' therefore + makes no difference now. Users are still recommended to use wikidiff2 if possible, + though. +* User::addNewUserLogEntry() was deprecated. +* User::addNewUserLogEntryAutoCreate() was deprecated. +* User::isPasswordReminderThrottled() was deprecated. +* Bot-oriented parameters to Special:UserLogin (wpCookieCheck, wpSkipCookieCheck) + were removed. == Compatibility ==