-Change notes from older releases. For current info see RELEASE-NOTES-1.33.
+Change notes from older releases. For current info see RELEASE-NOTES-1.34.
+
+= MediaWiki 1.33 =
+
+=== Upgrading notes for 1.33 ===
+1.33 has several database changes since 1.32, and will not work without schema
+updates. Note that due to changes to some very large tables like the revision
+table, the schema update may take quite long (minutes on a medium sized site,
+many hours on a large site).
+
+Don't forget to always back up your database before upgrading!
+
+See the file UPGRADE for more detailed upgrade instructions, including
+important information when upgrading from versions prior to 1.11.
+
+Some specific notes for MediaWiki 1.33 upgrades are below:
+
+* Some external link searches will not work correctly until update.php (or
+ refreshExternallinksIndex.php) is run. These include searches for links using
+ IP addresses, internationalized domain names, and possibly mailto links.
+* If you ran migrateActors.php using an older version of MediaWiki and want to
+ run your wiki with $wgActorTableSchemaMigrationStage SCHEMA_COMPAT_READ_OLD,
+ note that log_search rows needed to find revision deletions by target user
+ were incorrectly deleted. See T215464 for details.
+* If revision deletions were performed when the wiki was configured with
+ $wgActorTableSchemaMigrationStage SCHEMA_COMPAT_WRITE_BOTH and without
+ migrateActors.php having been run, the log_search table may contain rows with
+ empty values for "target_author_actor" which will prevent log searches for
+ revision deletions by target user from finding those log entries. These rows
+ may be corrected by (re-)running migrateActors.php.
+
+For notes on 1.32.x and older releases, see HISTORY.
+
+== MediaWiki 1.33.0 ==
+
+=== Changes since MediaWiki 1.33.0-rc.0 ===
+* (T225558) Update installer link to PHP intl.
+* (T225901) Only attempt to deduplicate if there is data in archive and revision
+ tables.
+* (T225564) Fetch tag ID before calling undefineTag().
+* (T225496) Detect APC for MainCacheType in CLI installer.
+* Call unpack() with correct parameters in MimeAnalyzer.php for PHP 7.0 support.
+* (T212613) Style change tags correctly on Special:Newpages.
+* (T202211) Fix SQLite patch-(page|template)links-fix-pk.sql column order.
+
+== MediaWiki 1.33.0-rc.0 ==
+
+=== Configuration changes for system administrators in 1.33 ===
+==== New configuration ====
+* $wgEnablePartialBlocks – This enables the Partial Blocks feature, which gives
+ accounts with block permissions the ability to block users, IPs, and IP ranges
+ from editing specific pages, while allowing them to edit the rest of the wiki.
+ It is a temporary setting for gradual enablement, current default to `false`,
+ and will be set to `true` and then removed once initial development completes.
+
+==== Changed configuration ====
+* $wgChangeTagsSchemaMigrationStage (T193868) — This temporary setting, added in
+ MediaWiki 1.32, now defaults to MIGRATION_NEW instead of MIGRATION_WRITE_BOTH.
+* $wgPasswordPolicy – There is a new password policy to check that the account's
+ password is not in the large blacklist. This is enabled by default for the
+ built-in user groups bureaucrat, sysop, interface-admin, and bot. To configure
+ this for other user groups, set the `PasswordNotInLargeBlacklist` flag `true`.
+* $wgPasswordDefault – There is a new password type configuration using Argon2
+ password hashing (which requires PHP 7.2 and above). It's designed to resist
+ timing attacks, and (on systems with PHP 7.3+) GPU hacking; if you configure
+ argon2 to be used, by default, it will automatically choose the best available
+ algorithm depending on which version of PHP you have available. To use this,
+ you can set `$wgPasswordDefault = 'argon2';`.
+* $wgActorTableSchemaMigrationStage now defaults to reading the new schema.
+ update.php will back-populate the new database fields due to the changed
+ setting, which may take some time on large wikis. You can avoid downtime by
+ following a process like that described in T188327.
+
+==== Removed configuration ====
+* $wgTagStatisticsNewTable (T199334) — This temporary setting, added in
+ MediaWiki 1.32, has now been removed. When loading Special:Tags, MediaWiki
+ will now always use the `change_tag_def` instead of the `change_tag` table.
+* $wgUseTidy, $wgTidyBin, $wgTidyConf, $wgTidyOpts, $wgTidyInternal, and
+ $wgDebugTidy – These options, all deprecated since 1.26, have now all been
+ removed, as MediaWiki now always tidies user output. The $wgTidyConfig setting
+ remains only for experimental features and debugging, and should not be used.
+* $wgEnableParserCache – This setting has been deprecated since 1.26, has now
+ been removed. If you still desire to disable the parser cache, instead you can
+ set `$wgParserCacheType = CACHE_NONE;`.
+* $wgCommentTableSchemaMigrationStage – This temporary migration setting has now
+ been removed. Code finding it unset should treat it as being MIGRATION_NEW.
+* $wgAuth – This old setting, deprecated in 1.27, has been removed as part of
+ the removal of AuthPlugin.
+* $wgSitesCacheFile – This configuration was introduced in 1.25 with the intent
+ to allow sites to configure a file in which to cache the SiteStore database
+ table, but it was never used. SiteStore already caches its information by
+ default using BagOStuff (e.g. Memcached or APC).
+* $wgClockSkewFudge – This setting was used by User.php to let sites adjust by
+ how much MediaWiki would fudge when trying to minimize the chances of a
+ user.user_touched database update to the "current" timestamp being before the
+ value already there (e.g. due to clock skew between different servers). This
+ is no longer a problem, because the code now ensures the timestamp is always
+ higher than the previous one. The writes are guarded with CAS logic (check
+ and set), which prevents updates that would overlap.
+* $wgDBmysql5 (T196185) - This experimental setting, deprecated in 1.31, has
+ been removed.
+
+=== New user-facing features in 1.33 ===
+* (T96041) __EXPECTUNUSEDCATEGORY__ on a category page causes the category
+ to be hidden on Special:UnusedCategories.
+* (T210814) SVGs are now by default displayed in wiki language on image
+ pages.
+* Special:CreateAccount now warns the user if their chosen username has to be
+ normalized.
+* (T205040) Multilingual images are now be displayed in the current parse
+ language where available.
+* Special:ActiveUsers will no longer filter out users who became inactive since
+ the last time the active users query cache was updated.
+* (T215675) RecentChange and ManualLogEntry implement new Taggable interface.
+* (T215675) Added a hook, ManualLogEntryBeforePublish, to allow extensions
+ to modify (example: add tags) log entries.
+
+=== New developer features in 1.33 ===
+* The AuthManagerLoginAuthenticateAudit hook has a new parameter for
+ additional information about the authentication event.
+* TextContent::getText() was introduced as a replacement for
+ Content::getNativeData() for text-based content models.
+* (T214706) LinksUpdate::getAddedExternalLinks() and
+ LinksUpdate::getRemovedExternalLinks() were introduced.
+* (T213893) Added 'MaintenanceUpdateAddParams' hook
+* (T219655) The MarkPatrolled hook has a new parameter for the tags
+ associated with this entry in the patrol log.
+* (T212472) Extensions can now specify platform abilities they require to work,
+ limited to shell access for now.
+
+
+=== External library changes in 1.33 ===
+==== New external libraries ====
+* Added wikimedia/password-blacklist 0.1.4.
+* Added guzzlehttp/guzzle 6.3.3.
+
+==== Changed external libraries ====
+* Updated OOUI from v0.29.2 to v0.31.3.
+* Updated OOjs Router from pre-release to v0.2.0.
+* Updated moment from v2.19.3 to v2.24.0.
+* Updated wikimedia/xmp-reader from 0.6.0 to 0.6.2.
+* Updated wikimedia/scoped-callback from 2.0.0 to 3.0.0.
+* Updated jquery-client from 2.0.1 to 2.0.2.
+* Updated pear/net_smtp from 1.8.0 to 1.8.1.
+* Updated cssjanus/cssjanus from 1.2.0 to 1.3.0.
+* Updated wikimedia/php-session-serializer from 1.0.6 to 1.0.7.
+
+==== Removed external libraries ====
+* (T219403) jquery.ui.spinner, deprecated since 1.31, was removed.
+
+
+=== Developer library changes in 1.33 ===
+==== New developer libraries ====
+* Added jakub-onderka/php-console-highlighter 0.3.2 explicitly (dev-only).
+* Added mediawiki/mediawiki-phan-config 0.5.0 (dev-only).
+
+==== Changed developer libraries ====
+* Updated wikimedia/ip-set from 1.3.0 to 2.0.1.
+ * The deprecated IPSet\IPSet alias was removed, Wikimedia\IPSet must be
+ used instead.
+* Updated psy/psysh from 0.9.6 to 0.9.9 (dev-only).
+* Updated nikic/php-parser from 3.1.3 to 3.1.5 (dev-only).
+* Updated mediawiki/mediawiki-codesniffer from 22.0.0 to 25.0.0 (dev-only).
+* Updated qunitjs from 2.6.2 to 2.9.1.
+
+==== Removed developer libraries ====
+* The jetbrains/phpstorm-stubs repository was removed in favour of the minimal
+ stubs we need, which are kept in the new `.phan/internal_stubs` directory
+ (dev-only).
+
+
+=== Bug fixes in 1.33 ===
+* (T164211) Special:UserRights could sometimes fail with a
+ "conflict detected" error when there weren't any conflicts.
+* (T216029) Chrome redirects to Special:BadTitle after editing a section with
+ a non-Latin name on a page with non-Latin characters in title.
+* (T222385) resourceloader: Use AND instead of OR for upsert conds in
+ saveFileDependencies().
+
+=== Action API changes in 1.33 ===
+* (T198913) Added 'ApiOptions' hook.
+* The JSON formatversion=2 is no longer experimental.
+* Internal API errors (those with code beginning "internal_api_error") will
+ include the exception class name in a data field named "errorclass".
+ * Class names are not guaranteed to remain stable, and in particular database
+ exceptions will now include the "Wikimedia\Rdbms\" prefix in the class name.
+ * The code including an exception class name is deprecated. In the future,
+ all internal errors will use code "internal_api_error".
+* (T212356) When using action=delete on pages with many revisions, the module
+ may return a boolean-true 'scheduled' and no 'logid'. This signifies that the
+ deletion will be processed via the job queue.
+* action=setnotificationtimestamp will now update the watchlist asynchronously
+ if entirewatchlist is set, so updates may not be visible immediately
+* Block info will be added to "blocked" errors from more modules.
+* (T216245) Autoblocks will now be spread by action=edit and action=move.
+* action=query&meta=userinfo has a new uiprop, 'latestcontrib', that returns
+ the date of user's latest contribution.
+* (T25227) action=logout now requires to be posted and have a csrf token.
+
+=== Action API internal changes in 1.33 ===
+* A number of deprecated methods for API documentation, intended for overriding
+ by extensions, are no longer called by MediaWiki, and will emit deprecation
+ notices if your extension attempts to use them:
+ * ApiBase::getDescription() (deprecated in 1.25)
+ * ApiBase::getParamDescription() (deprecated in 1.25)
+ * ApiBase::getExamples() (deprecated in 1.25)
+ * ApiBase::getDescriptionMessage() (deprecated in 1.30)
+ Additionally, the 'APIGetDescription' and 'APIGetParamDescription' hooks have
+ been removed, as their only use was to let extensions override values returned
+ by getDescription() and getParamDescription(), respectively.
+* API error codes may only contain ASCII letters, numbers, underscore, and
+ hyphen. Methods such as ApiBase::dieWithError() and
+ ApiMessageTrait::setApiCode() will throw an InvalidArgumentException if
+ passed a bad code.
+* ApiBase::checkTitleUserPermissions() now takes an options array as its third
+ parameter. Passing a User object or null is deprecated.
+* The api-feature-usage log channel now has log context. The text message is
+ deprecated and will be removed in the future.
+
+=== Languages updated in 1.33 ===
+MediaWiki supports over 350 languages. Many localisations are updated regularly.
+Below only new and removed languages are listed, as well as changes to languages
+because of Phabricator reports.
+
+* (T203908) Added language support for Eastern Pwo (kjp).
+* (T213717) Fixed a translation error on Goan Konkani (gom-deva) translations
+ for NS_TEMPLATE.
+* (T212221) Added $digitTransformTable for Santali (sat).
+* (T216479) Added language support for Saisiyat (xsy).
+* (T219728) Added support for new Japanese era name "Reiwa"
+
+=== Breaking changes in 1.33 ===
+* The parameteter $lang in DifferenceEngine::setTextLanguage must be of type
+ Language. Other types are deprecated since 1.32.
+* Skin::doEditSectionLink requires type Language for the parameter $lang.
+ The parameters $tooltip and $lang are mandatory. Omitting the parameters is
+ deprecated since 1.32.
+* Language::truncate(), deprecated in 1.31, has been removed.
+* UtfNormal, deprecated in 1.25, was removed. Use UtfNormal\Validator directly
+ instead.
+* (T197179) In OOUI HTMLForm fields, the parameters 'notice', 'notice-messages',
+ and 'notice-message', which were deprecated in 1.32, were removed. Instead,
+ use 'help', 'help-message', and 'help-messages'.
+* (T197179) HTMLFormField::getNotices(), deprecated in 1.32, was removed.
+* The "Parsoid v1" compatibility mappings in ParsoidVirtualRESTService and
+ RestbaseVirtualRESTService, deprecated since 1.26, have been removed.
+ Use the RESTBase v1 or Parsoid v3 API instead.
+* ParserOptions defaults 'tidy' to true now, since the untidy modes of the
+ parser are being deprecated and ParserOptions::getCanonicalOverrides()
+ has always been true at any rate.
+* Support for disabling tidy and external tidy implementations has been removed.
+ This was deprecated in 1.32. The pure PHP Remex tidy implementation is now
+ used and no configuration is necessary.
+* A number of deprecated methods for API documentation, intended for overriding
+ by extensions, are no longer called by MediaWiki, and will emit deprecation
+ notices if your extension attempts to use them:
+ * ApiBase::getDescription() (deprecated in 1.25)
+ * ApiBase::getParamDescription() (deprecated in 1.25)
+ * ApiBase::getExamples() (deprecated in 1.25)
+ * ApiBase::getDescriptionMessage() (deprecated in 1.30)
+ Additionally, the 'APIGetDescription' and 'APIGetParamDescription' hooks have
+ been removed, as their only use was to let extensions override values returned
+ by getDescription() and getParamDescription(), respectively.
+* The authentication hooks 'AbortAutoAccount' 'AbortNewAccount', 'AbortLogin',
+ 'LoginUserMigrated', 'UserCreateForm', and 'UserLoginForm', all deprecated by
+ the creation of AuthManager in 1.27, have been removed. This also means that
+ the FakeAuthTemplate and LoginForm classes are removed, that FakeAuthTemplate
+ is no longer passed into LoginSignupSpecialPage->getFieldDefinitions(), and
+ that LoginSignupSpecialPage->getBCFieldDefinitions() is removed.
+* The 'jquery.localize' module, deprecated in 1.32, has been removed. Instead,
+ use 'jquery.i18n'.
+* The hooks LanguageGetSpecialPageAliases and LanguageGetMagic, deprecated since
+ 1.16, have now been removed. Instead, use $specialPageAliases or $magicWords
+ respectively in a $wgExtensionMessagesFiles file.
+* The following methods of the Preferences class, deprecated in 1.31, have been
+ removed:
+ * getSaveBlacklist()
+ * loadPreferenceValues()
+ * getOptionFromUser()
+ * profilePreferences()
+ * skinPreferences()
+ * filesPreferences()
+ * datetimePreferences()
+ * renderingPreferences()
+ * editingPreferences()
+ * rcPreferences()
+ * watchlistPreferences()
+ * searchPreferences()
+ * miscPreferences()
+ * generateSkinOptions()
+ * getDateOptions()
+ * getImageSizes()
+ * getThumbSizes()
+ * validateSignature()
+ * cleanSignature()
+ * getTimezoneOptions()
+ * filterIntval()
+ * filterTimezoneInput()
+ * getTimeZoneList()
+* mw.util.jsMessage(), deprecated in 1.20, was removed. Use mw.notify instead.
+* (T61113) User::EDIT_TOKEN_SUFFIX was removed. It was deprecated since 1.27.
+* The 'mediawiki.api' module aliases, deprecated in 1.32, have been removed.
+ Specifically: mediawiki.api.category, mediawiki.api.edit,
+ mediawiki.api.login, mediawiki.api.options, mediawiki.api.parse,
+ mediawiki.api.upload, mediawiki.api.user, mediawiki.api.watch,
+ mediawiki.api.messages, and mediawiki.api.rollback.
+* The 'jquery.byteLimit' module alias for 'jquery.lengthLimit',
+ deprecated in 1.31, was removed.
+* Revision::fetchRevision(), deprecated in 1.28, was removed.
+* Class SquidUpdate, deprecated in 1.27, was removed.
+* Title->getSquidURLs(), deprecated in 1.27, was removed. Instead, use
+ Title->getCdnUrls().
+* Title::escapeFragmentForURL(), deprecated in 1.30, was removed. Use
+ Sanitizer::escapeIdForLink() or escapeIdForExternalInterwiki() instead.
+* Title->canTalk(), deprecated in 1.30, was removed. Instead, use
+ Title->canHaveTalkPage().
+* Title's methods for site and user page related to CSS and JS, deprecated in
+ 1.31, were removed:
+ * Title->isCssOrJsPage() — Use Title->isSiteConfigPage()
+ * Title->isCssJsSubpage() – Use Title->isUserConfigPage()
+ * Title->getSkinFromCssJsSubpage() – Use Title->getSkinFromConfigSubpage()
+ * Title->isCssSubpage() – Use Title->isUserCssConfigPage()
+ * Title->isJsSubpage() – Use Title->isUserJsConfigPage()
+* SiteSQLStore, deprecated in 1.27 and whose only method, ::newInstance(),
+ would return the global SiteStore instance, has been removed. You can get to
+ this via MediaWiki\MediaWikiServices::getInstance()->getSiteStore() directly.
+* Linker::formatSize, deprecated in 1.28, has been removed (with DummyLinker's).
+ Instead, use Language->formatSize() with the relevant Language object.
+* Linker::formatTemplates, deprecated in 1.28, has been removed (along with the
+ version in DummyLinker). You can use TemplatesOnThisPageFormatter directly.
+* EventRelayerGroup::singleton(), deprecated in 1.27, has been removed. You can
+ use MediaWikiServices::getInstance()->getEventRelayerGroup() directly.
+* LinkCache->addLink(), deprecated in 1.27, has been removed. It is thought to
+ be unused, and is distinct from OutputPage->addLink(), which remains.
+* JsonContent->getJsonData(), deprecated in 1.25, has been removed. Instead, use
+ JsonContent->getData().
+* MWExceptionHandler::getLogId(), deprecated in 1.27, has been removed, as the
+ exception ID is the same as the request ID, from WebRequest::getRequestId().
+* SearchEngine::getNearMatchResultSet(), deprecated in 1.27, has been removed.
+ You can use SearchEngine::getNearMatcher() instead.
+* EmailNotification::updateWatchlistTimestamp, deprecated in 1.27, has been
+ removed. Instead, use WatchedItemStore::updateNotificationTimestamp directly.
+* User::getGroupName() and ::getGroupMember(), both deprecated in 1.29, have
+ been removed. Instead, please use UserGroupMembership::getGroupName() and
+ UserGroupMembership::getGroupMemberName().
+* Backwards compatibility for setting wgSessionsInObjectCache to false or using
+ wgSessionHandler, both of which were deprecated in 1.27 with the introduction
+ of SessionManager, has been removed.
+* SessionManager::autoCreateUser, deprecated in 1.27, has been removed. Use
+ MediaWiki\Auth\AuthManager::autoCreateUser instead.
+* The mw.libs.jpegmeta property, deprecated in 1.31, was removed.
+ Use require( 'mediawiki.libs.jpegmeta' ) instead.
+* The mw.user.stickyRandomId() method, deprecated in 1.32, was removed.
+ Use mw.user.getPageviewToken() instead.
+* Removed deprecated class property WikiRevision::$importer.
+* ResourceLoaderFileModule::readStyleFiles() now requires its $context
+ parameter.
+* The ChangeList::insertArticleLink() method, that was deprecated in 1.27, has
+ been removed.
+* MessageBlobStore::__construct() now requires its $rl parameter.
+* Second parameter to Sanitizer::escapeIdReferenceList() (deprecated in 1.31)
+ has been removed.
+* The 'jquery.xmldom' module has been removed.
+* The 'jquery.mockjax' module has been removed.
+* The 'jquery.hidpi' module, deprecated in 1.32, has been removed.
+* AuthPlugin and related code, deprecated in 1.27, has been removed. Extensions
+ should instead use AuthManager. The following no longer exist:
+ * The AuthPlugin class itself and the related AuthPluginUser class and i18n
+ * The AuthPluginSetup and AuthPluginAutoCreate hooks
+ * The transitional wrapper classes AuthPluginPrimaryAuthenticationProvider,
+ AuthManagerAuthPlugin, and AuthManagerAuthPluginUser.
+ * The $wgAuth configuration setting and its use in Setup.php and unit tests
+* (T217772) The 'wgAvailableSkins' mw.config key in JavaScript, was removed.
+* Language::markNoConversion, deprecated in 1.32, has been removed. Use
+ LanguageConverter::markNoConversion instead.
+* BagOStuff::modifySimpleRelayEvent() method has been removed.
+* ParserOutput::getLegacyOptions, deprecated in 1.30, has been removed.
+ Use ParserOutput::allCacheVaryingOptions instead.
+* CdnCacheUpdate::newSimplePurge, deprecated in 1.27, has been removed.
+ Use CdnCacheUpdate::newFromTitles() instead.
+* Handling of multiple arguments by the Block constructor, deprecated in 1.26,
+ has been removed.
+* The translation of main page in Sardinian (sc) was changed from "Pàgina Base"
+ to "Pàgina printzipale". Existing wikis using this content language need to
+ move the main page or change the name through MediaWiki:Mainpage page.
+* wfSplitWikiID(), deprecated in 1.32, has been removed.
+* MessageBlobStore::getBlob(), deprecated in 1.27, has been removed.
+ Use ::getBlobs() instead.
+* The .background-size() LESS mixin, deprecated in 1.27, has been removed.
+* ReadOnlyMode::clearCache() and ConfiguredReadOnlyMode::clearCache() have been
+ removed. Use MediaWikiTestCase::overrideMwServices() instead.
+
+=== Deprecations in 1.33 ===
+* The configuration option $wgUseESI has been deprecated, and is expected
+ to be removed in a future release.
+* The configuration option $wgSquidPurgeUseHostHeader has been deprecated,
+ and is expected to be removed in a future release.
+* The configuration options $wgFixArabicUnicode and $wgFixMalayalamUnicode,
+ introduced in MW 1.17, have been deprecated. These fixes will always be
+ applied for Arabic and Malayalam in the future. Please enable these on
+ your local wiki (if you have them explicitly set to false) and run
+ maintenance/cleanupTitles.php to fix any existing page titles.
+* The LegacyHookPreAuthenticationProvider class, deprecated since its creation
+ in 1.27 as part of the AuthManager re-write, now emits deprecation warnings.
+ This will help identify the issue if you added it to $wgAuthManagerConfig.
+* wfSplitWikiId() is now deprecated. Cache key generation should have the wiki
+ domain ID as a key component and use makeGlobalKey().
+* (T202094) Title::getUserCaseDBKey() is deprecated; instead, please use
+ Title::getDBKey(), which doesn't vary case.
+* User::getPasswordValidity() is now deprecated. User::checkPasswordValidity()
+ returns the same information in a more useful format.
+* For Linker::generateTOC() and Linker::tocList(), passing strings or booleans
+ as the $lang parameter was deprecated. The same applies to DummyLinker.
+* The PasswordPolicy 'PasswordCannotBePopular' has been deprecated. To
+ follow best practices, it is reccommended to use 'PasswordNotInLargeBlacklist'
+ instead which blacklists 100,000 commonly used passwords.
+* (T208862) Action::requiresUnblock() is now called from
+ Title::getUserPermissionsErrors() and Title::userCan(). Previously, the method
+ was only called in Action::checkCanExecute(). Actions should ensure that their
+ requiresUnblock() returns the proper result (the default is `true`).
+* (T211608) The MediaWiki\Services namespace has been renamed to
+ Wikimedia\Services. The old name is still supported, but deprecated.
+* (T155582) Content::getNativeData has been deprecated. Please use model-
+ specific getters, such as TextContent::getText().
+* The class WebInstallerOutput is now marked as @private.
+* (T209699) The jquery.async module has been deprecated. JavaScript code that
+ needs asynchronous behaviour should use Promises.
+* Password::equals() is deprecated, use verify().
+* BaseTemplate::msgWiki() and QuickTemplate::msgWiki() will be removed. Use
+ other means to fetch a properly escaped message string or Message object.
+* (T126091) The 'ResourceLoaderTestModules' hook, which lets you declare QUnit
+ testing code for your JavaScript modules, is deprecated. Instead, you can now
+ use the new extension registration key 'QUnitTestModule'.
+* (T213426) The jquery.throttle-debounce module has been deprecated. JavaScript
+ code that needs this behaviour should use OO.ui.debounce/throttle.
+* The mw.language.specialCharacters property from the
+ 'mediawiki.language.specialCharacters' module has been deprecated.
+ Use require( 'mediawiki.language.specialCharacters' ) instead.
+* ChangeTags::purgeTagUsageCache() has been deprecated, and is expected to be
+ removed in a future release.
+* Passing a User object or null as the third parameter to
+ ApiBase::checkTitleUserPermissions() has been deprecated. Pass an array
+ [ 'user' => $user ] instead.
+* (T211578) Block::prevents is deprecated. Use Block::isEmailBlocked,
+ Block::isCreateAccountBlocked and Block::isUsertalkEditAllowed to get and set
+ block properties; use Block::appliesToRight and Block::appliesToUsertalk to
+ check block behaviour.
+* The api-feature-usage log channel now has log context. The text message is
+ deprecated and will be removed in the future.
+* The FileBasedSiteLookup class has been deprecated. For a cacheable SiteLookup
+ implementation, use CachingSiteStore instead.
+* Language::viewPrevNext function is deprecated, use
+ SpecialPage::buildPrevNextNavigation instead
+* ManualLogEntry::setTags() is deprecated, use ManualLogEntry::addTags()
+ instead. The setTags() method was overriding the tags, addTags() doesn't
+ override, only adds new tags.
+* Block::isValid is deprecated, since it is no longer needed in core.
+* Calling Maintenance::hasArg() as well as Maintenance::getArg() with no
+ parameter has been deprecated. Please pass the argument number 0.
+* ResourceLoaderContext::expandModuleNames has been deprecated.
+ Use ResourceLoader::expandModuleNames instead.
+
+=== Other changes in 1.33 ===
+* (T201747) Html::openElement() warns if given an element name with a space
+ in it.
+* The implementation of buildStringCast() in Wikimedia\Rdbms\Database has
+ changed to explicitly cast. Subclasses relying on the base-class
+ implementation should check whether they need to override it now.
+* BagOStuff::add is now abstract and must explicitly be defined in subclasses.
+* LinksDeletionUpdate is now a subclass of LinksUpdate. As a consequence,
+ the following hooks will now be triggered upon page deletion in addition
+ to page updates: LinksUpdateConstructed, LinksUpdate, LinksUpdateComplete.
+ LinksUpdateAfterInsert is not triggered since deletions do not cause
+ insertions into links tables.
+* Category::newFromID( $id )->getID() will now return $id without any
+ validation, to avoid a mostly unnecessary DB query.
+* On Special:Version, the name for an extension can no longer be arbitrary
+ html when no link is specified.
+
= MediaWiki 1.32 =
+== MediaWiki 1.32.3 ==
+
+This is a maintenance release of the MediaWiki 1.32 branch.
+
+=== Changes since MediaWiki 1.32.2 ===
+* (T225558) Update installer link to PHP intl.
+* (T225496) Detect APC for MainCacheType in CLI installer.
+* (T226766) Remove jetbrains/phpstorm-stubs from composer dev dependancies.
+* (T202211) Fix SQLite patch-(image|page|template)links-fix-pk.sql column order.
+
+== MediaWiki 1.32.2 ==
+
+This is a security and maintenance release of the MediaWiki 1.32 branch.
+
+=== Changes since MediaWiki 1.32.1 ===
+* (T204423) Backport support for hyphenated DB names in JobQueueGroup.
+* (T216968) Return pageid as int in both list=iwbacklinks and
+ list=langbacklinks.
+* (T215169) Fix for Database::update() with IGNORE option fails on PostgreSQL.
+* (T199474) Fix typo in rebuildrecentchanges.php resulting in rogue flags.
+* (T218608) SECURITY: Fix an issue that prevents Extension:OAuth working when
+ $wgBlockDisablesLogin is true.
+* (T216029) Chrome redirects to Special:BadTitle after editing a section with
+ a non-Latin name on a page with non-Latin characters in title.
+* Unbreak language related maintenance scripts that use StaticArrayWriter.
+* (T219728) Added support for new Japanese era name "Reiwa".
+* (T25227) SECURITY: action=logout now requires to be posted and have a csrf
+ token.
+* Updated cssjanus/cssjanus from 1.2.0 to 1.3.0.
+* (T221045) Remove orphaned code from ConfigRepository.
+* (T222385) resourceloader: Use AND instead of OR for upsert conds in
+ saveFileDependencies().
+* (T224374) Fix message parameters so that the message that says SQLite is
+ out of date makes sense.
+* (T200471) Prevent LBFactorySimple breaking ExternalStorage, when trying to
+ connect to external server with local database name.
+* (T197279) SECURITY: Fix reauth in Special:ChangeEmail.
+* (T208881) SECURITY: blacklist CSS var().
+* (T209794) SECURITY: rate-limit and prevent blocked users from changing email.
+* (T199540) SECURITY: API: Respect $wgBlockCIDRLimit in action=block.
+* (T212118) SECURITY: Fix cache mode for (un)patrolled recent changes query.
+* (T222036, T222038) SECURITY: Add permission check for user is permitted to
+ view the log type.
+* (T221739) SECURITY: resources: Patch jQuery 3.3.1 for CVE-2019-11358.
+
== MediaWiki 1.32.1 ==
=== Changes since MediaWiki 1.32.0 ===
= MediaWiki 1.31 =
+== MediaWiki 1.31.3 ==
+
+This is a maintenance release of the MediaWiki 1.31 branch.
+
+=== Changes since MediaWiki 1.31.2 ===
+* (T225558) Update installer link to PHP intl.
+* (T225496) Detect APC for MainCacheType in CLI installer.
+* (T226766) Remove jetbrains/phpstorm-stubs from composer dev dependancies.
+* (T202211) Fix SQLite patch-(image|page|template)links-fix-pk.sql column order.
+
+== MediaWiki 1.31.2 ==
+
+This is a security and maintenance release of the MediaWiki 1.31 branch.
+
+Required PHP version has been increased from 7.0.0 to 7.0.13.
+
+=== Changes since MediaWiki 1.31.1 ===
+* (T204729) WatchedItemStore::countVisitingWatchersMultiple() shouldn't query
+ all titles when asked for none.
+* (T205967) Fix syntax error typo in postgres database upgrade file.
+* (T200254) Add pear/Net_SMTP 1.7.3 to composer dependencies.
+* (T206765) Load installer i18n when running update.php.
+* (T109121) Remove deprecated pear/mail_mime-decode from composer suggested
+ libraries.
+ [Also in the bundled composer /vendor directory.]
+* Various PHP 7.2 and 7.3 compatibility fixes:
+ * (T200595, T206974) Fix PHP 7.3 warnings of using "continue" in some
+ scenarios instead of "break".
+ * (T206976, T206977) Also in the bundled LocalisationUpdate and
+ ParserFunctions extensions.
+ * (T206979) Fix PHP 7.3 warnings of using "compact()" when some variables may
+ not be set.
+ * (T215632) FormatMetadata and UploadStash regexes fixed to be PHP
+ 7.3-compatible.
+ * Fix PHP warnings "preg_replace(): [...] invalid range in character class.
+ * Avoid PHP 7.2 warnings in DBConRefTest about count() on non-Countable.
+ * Suppress "Headers already sent" in PHP 7.2 too.
+ * (T206476) Output only to stderr in unit tests.
+ * (T207112) Add session_write_close() calls to SessionManager tests.
+ * oyejorge/less.php replaced with our fork wikimedia/less.php
+ * (T209756) Updated wikimedia/ip-set from 1.2.0 to 1.3.0.
+ * (T213489) Avoid session double-start in Setup.php.
+ * (T206975) Switch to our fork of less.php.
+* (T207540) Include IP address in "Login for $1 succeeded" log entry.
+* (T201781) Database: Allow selectFieldValues() to accept SQL fragments.
+* (T205765) installer: Don't link to the obsolete "Extension Matrix" page.
+* (T206013) Update ImportableUploadRevisionImporter for interwiki usernames.
+* (T207541) Pass an email address, not a MailAddress, to mail().
+* (T207603) SECURITY: User JS may no longer be loaded with mime type
+ text/javascript if there is no account associated with the username.
+* (T112937, T113042) SECURITY: Do not allow loading pages raw with a
+ text/javascript MIME
+ type if non-admins can edit the page.
+* (T17491) <ins>/<del> elements can be phrasing or flow.
+* (T200827) RemexCompatMunger: Don't call endTag() in case B/b
+* (T207088) Upgrade wikimedia/remex-html to 2.0.1.
+ [Also in the bundled composer /vendor directory.]
+* (T194052) Updated wikimedia/base-convert from 1.0.1 to 2.0.0.
+ [Also in the bundled composer /vendor directory.]
+* (T199494) Fix notices in maintenance/removeUnusuedAccounts.php.
+* Require ext-fileinfo in composer.json, per PHPVersionCheck.
+* (T176390) Bundled LocalisationUpdate extension: Handle exceptions from
+ GitHubFetcher.
+* (T208255) Completion search should not change the search query.
+* (T209870) Fix SQL syntax error in MS-SQL initialisation file for new wikis.
+* (T185049) LogFormatter: Fail softer when trying to link an invalid titles.
+* (T210998) Properly set $wgLanguageCode in the generated LocalSettings.php
+ if --lang is used with the command-line installer (install.php).
+* (T211061) ImageListPager: Actor migration for buildQueryConds().
+* (T209335) Clarify the default sidebar 'Help' link is about MediaWiki itself.
+* Fix addition of ug_expiry column to user_groups table on MSSQL.
+* (T204767) Add join conditions to ActiveUsersPager.
+* (T210621) User: Bypass repeatable-read when creating an actor_id.
+* (T204531) rdbms: reduce LoadBalancer replication log spam.
+* (T195525) Fix db error outage page.
+* (T208871) The hard-coded Google search form on the database error page was
+ removed.
+* (T176097) Fix flaky MessageBlobStoreTest assertion failures.
+* (T209423) Update required PHP version to 7.0.13.
+* (T209885) Prevent populateSearchIndex.php from breaking once actor migration
+ has been started.
+* (T216968) Return pageid as int in both list=iwbacklinks and
+ list=langbacklinks.
+* (T215169) Fix for Database::update() with IGNORE option fails on PostgreSQL.
+* (T204423) Backport support for hyphenated DB names in JobQueueGroup.
+* (T199474) Fix typo in rebuildrecentchanges.php resulting in rogue flags.
+* (T218608) SECURITY: Fix an issue that prevents Extension:OAuth working when
+ $wgBlockDisablesLogin is true.
+* (T216029) Chrome redirects to Special:BadTitle after editing a section with
+ a non-Latin name on a page with non-Latin characters in title.
+* (T219728) Added support for new Japanese era name "Reiwa".
+* (T25227) SECURITY: action=logout now requires to be posted and have a csrf
+ token.
+* Updated cssjanus/cssjanus from 1.2.0 to 1.3.0.
+* (T222385) resourceloader: Use AND instead of OR for upsert conds in
+ saveFileDependencies().
+* (T224374) Fix message parameters so that the message that says SQLite is out
+ of date makes sense.
+* SpecialPage::checkLoginSecurityLevel() will now preserve POST data when
+ reauthenticating.
+* FormSpecialPage::execute() will now call checkLoginSecurityLevel() if
+ getLoginSecurityLevel() returns non-false.
+* (T197279) SECURITY: Fix reauth in Special:ChangeEmail.
+* (T208881) SECURITY: blacklist CSS var().
+* (T209794) SECURITY: rate-limit and prevent blocked users from changing email.
+* (T199540) SECURITY: API: Respect $wgBlockCIDRLimit in action=block.
+* (T212118) SECURITY: Fix cache mode for (un)patrolled recent changes query.
+* (T222036, T222038) SECURITY: Add permission check for user is permitted to
+ view the log type.
+* (T221739) SECURITY: resources: Patch jQuery 3.2.1 for CVE-2019-11358.
+
== MediaWiki 1.31.1 ==
This is a security and maintenance release of the MediaWiki 1.31 branch.
= MediaWiki 1.30 =
+== MediaWiki 1.30.2 ==
+
+This is a security and maintenance release of the MediaWiki 1.30 branch.
+
+=== Changes since MediaWiki 1.30.1 ===
+* (T204729) WatchedItemStore::countVisitingWatchersMultiple() shouldn't query
+ all titles when asked for none.
+* (T109121) Remove deprecated pear/mail_mime-decode from composer suggested
+ libraries.
+* (T207540) Include IP address in "Login for $1 succeeded" log entry.
+* (T205765) Don't link to the obsolete "Extension Matrix" page in installer.
+* (T207603) SECURITY: User JS may no longer be loaded with mime type
+ text/javascript if there is no account associated with the username.
+* (T113042) SECURITY: Do not allow loading pages raw with a text/javascript MIME
+ type if non-admins can edit the page.
+* (T207541) Pass email address to mail().
+* Fix addition of ug_expiry column to user_groups table on MSSQL.
+* (T204531) rdbms: reduce LoadBalancer replication log spam.
+* (T213489) Avoid session double-start in Setup.php.
+* (T195525) Fix db error outage page.
+* (T208871) The hard-coded Google search form on the database error page was
+ removed.
+* (T216968) Return pageid as int in both list=iwbacklinks and
+ list=langbacklinks.
+* (T218608) SECURITY: Fix an issue that prevents Extension:OAuth working when
+ $wgBlockDisablesLogin is true.
+* (T25227) SECURITY: action=logout now requires to be posted and have a csrf
+ token.
+* (T222385) resourceloader: Use AND instead of OR for upsert conds in
+ saveFileDependencies().
+* (T224374) Fix message parameters so that the message that says SQLite is out
+ of date makes sense.
+* SpecialPage::checkLoginSecurityLevel() will now preserve POST data when
+ reauthenticating.
+* FormSpecialPage::execute() will now call checkLoginSecurityLevel() if
+ getLoginSecurityLevel() returns non-false.
+* (T197279) SECURITY: Fix reauth in Special:ChangeEmail.
+* (T208881) SECURITY: blacklist CSS var().
+* (T209794) SECURITY: rate-limit and prevent blocked users from changing email.
+* (T199540) SECURITY: API: Respect $wgBlockCIDRLimit in action=block.
+* (T212118) SECURITY: Fix cache mode for (un)patrolled recent changes query.
+* (T222036, T222038) SECURITY: Add permission check for user is permitted to
+ view the log type.
+* (T221739) SECURITY: resources: Patch jQuery 1.11.3 for CVE-2019-11358.
+
== MediaWiki 1.30.1 ==
This is a security and maintenance release of the MediaWiki 1.30 branch.
= MediaWiki 1.27 =
+== MediaWiki 1.27.7 ==
+
+This is a maintenance release of the MediaWiki 1.27 branch.
+
+=== Changes since MediaWiki 1.27.6 ===
+* Add missing `use MediaWiki\MediaWikiServices;` to LogEventsList.php.
+* Remove broken tests from ApiBlockTest.php.
+
+== MediaWiki 1.27.6 ==
+
+This is a security and maintenance release of the MediaWiki 1.27 branch.
+
+=== Changes since MediaWiki 1.27.5 ===
+* (T204729) WatchedItemStore::countVisitingWatchersMultiple() shouldn't query
+ all titles when asked for none.
+* (T109121) Remove deprecated pear/mail_mime-decode from composer suggested
+ libraries.
+* (T207241) Augment precision of updatelist time.
+* (T207540) Include IP address in "Login for $1 succeeded" log entry.
+* (T205765) Don't link to the obsolete "Extension Matrix" page in installer.
+* (T207603) SECURITY: User JS may no longer be loaded with mime type
+ text/javascript if there is no account associated with the username.
+* (T113042) SECURITY: Do not allow loading pages raw with a text/javascript MIME
+ type if non-admins can edit the page.
+* (T207541) Pass email address to mail().
+* (T209335) Clarify the default sidebar 'Help' link is about MediaWiki itself.
+* (T213359) Update mediawiki/mediawiki-codesniffer to 0.8.1.
+* (T208871) The hard-coded Google search form on the database error page was
+ removed.
+* (T216968) Return pageid as int in both list=iwbacklinks and
+ list=langbacklinks.
+* (T218608) Fix an issue that prevents Extension:OAuth working when
+ $wgBlockDisablesLogin is true.
+* (T219728) Added support for new Japanese era name "Reiwa".
+* (T25227) SECURITY: action=logout now requires to be posted and have a csrf
+ token.
+* SpecialPage::checkLoginSecurityLevel() will now preserve POST data when
+ reauthenticating.
+* FormSpecialPage::execute() will now call checkLoginSecurityLevel() if
+ getLoginSecurityLevel() returns non-false.
+* (T197279) SECURITY: Fix reauth in Special:ChangeEmail.
+* (T208881) SECURITY: blacklist CSS var().
+* (T209794) SECURITY: rate-limit and prevent blocked users from changing email.
+* (T199540) SECURITY: API: Respect $wgBlockCIDRLimit in action=block.
+* (T212118) SECURITY: Fix cache mode for (un)patrolled recent changes query.
+* (T222036, T222038) SECURITY: Add permission check for user is permitted to
+ view the log type.
+* (T221739) SECURITY: resources: Patch jQuery 1.11.3 for CVE-2019-11358.
+
== MediaWiki 1.27.5 ==
This is a security and maintenance release of the MediaWiki 1.27 branch.
dépôts / lhc / web / wiklou.git / blobdiff