= MediaWiki 1.34 =
-== MediaWiki 1.34.0-PRERELEASE ==
-
-THIS IS NOT A RELEASE YET
-
-MediaWiki 1.34 is an alpha-quality development branch, and is not recommended
-for use in production.
+== MediaWiki 1.34.1 ==
+
+This is a security and maintenance release of the MediaWiki 1.34 branch.
+
+=== Changes since MediaWiki 1.34.0 ===
+* (T211450) User: better error message when getActorId fails.
+* (T241340) Don't redefine MW_ENTRY_POINT in thumb.php if already defined.
+* (T236444) User: Allow newSystemUser() to create over anonymous actors.
+* (T238483) Fix NewPagesPager "hide registered users" option.
+* (T245072) mediawiki.language: Rename languageData back to languageNames.
+* Use proper SemVer comparison in CheckComposerLockUpToDate.
+* (T212738) Add the MW_VERSION constant, global $wgVersion is soft deprecated.
+* (T246127) Fix error when initialising updateCollation.php.
+* Update comment about PHP versions supported by The PHP Group.
+* (T247215) Fix output of RecountCategories::doWork().
+* Add check for page existence to view.php maintenance script.
+* (T245149) Fix fetching login token from action=query&meta=tokens on private
+ wikis.
+* (T236509) SECURITY: Fix HTML escaping in UserGroupMembership::getLink().
+* (T232932) SECURITY: User content can redirect the logout button to different
+ URL.
+* (T246602) SECURITY: jquery.makeCollapsible allows applying event handler to
+ any CSS selector.
+
+== MediaWiki 1.34.0 ==
+
+=== Changes since MediaWiki 1.34.0-rc.1 ===
+* $wgDiffEngine (T237049) – This configuration can be used to specify which
+ difference engine to use. MediaWiki continues to default to automatically
+ choosing the first of $wgExternalDiffEngine, wikidiff2, or php that is
+ usable.
+* (T231866) SqlBlobStore no longer needs Language object.
+* (T236735) WikiExporter: Remove unnecessary check for SCHEMA_COMPAT_WRITE_OLD
+ flag.
+* (T231673) Set MCR migration stage to SCHEMA_COMPAT_NEW.
+* (T229601) Make sure DBLoadBalancerFactory service is not disabled.
+* (T232866) Fix support for HTTP/2 in MultiHttpClient.
+* (T231866) LocalisationCache: Don't instantiate ResourceLoader.
+* (T227461) Stop calling deprecated Redis delete functions.
+* (T239561) Mark options as requiring parameters in addSite.php.
+* (T232866) Mimic CURLOPT_POST in GuzzleHttpRequest.
+* (T239734) Replace deprecated lSize with lLen in Redis code.
+* (T192134) SECURITY: Do not allow user scripts on Special:PasswordReset.
+* (T239428) ApiEditPage: Test for bad redirect targets.
+* (T233342) rdbms: Log debug message traces as 'exception.trace' instead of
+ 'trace'.
+* (T226751) media: Log and fail gracefully on invalid EXIF coordinates.
+* (T240924) NewPagesPager: Fix namespace query conditions.
+* (T212067) Tests for an old PHP bug in parse_url.
+
+== MediaWiki 1.34.0-rc.1 ==
+
+=== Changes since MediaWiki 1.34.0-rc.0 ===
+* (T231742) rdbms: Restore debug toolbar "Queries" feature.
+* (T231366) The ProfilerOutputDb class, 'profiling' table, and profileinfo.php
+ entry point had been deprecated.
+* (T234361) localisation: Add debug message for backend of MessageCache.
+* (T234361) session: Add debug message for the used store class.
+* (T235559) Fix example Kask configuration in RESTBagOStuff class comment.
+* (T235137) Don't apply styling for Special:Contributions on other pages.
+* Upgrade mediawiki-codesniffer from 26.0.0 to 28.0.0 (dev-only).
+* (T219604) The "jquery.ui.*" and "jquery.effects.*" modules are now
+ deprecated as aliases for the "jquery.ui" module.
+* (T235392) Deprecate setting Parser::mTitle to null.
+* Supporting commits for T235392 were also backported to prevent divergence
+ from master (MediaWiki 1.35).
+* (T234581) The 'jquery.tabIndex' module is deprecated.
+* Fix docs for GetUserBlock hooks.
+* Parser: Hard deprecate getConverterLanguage.
+* (T236810) A number of public methods of Parser were exposed only for
+ historical reasons and have been deprecated: doMagicLinks,
+ doDoubleUnderscore, doHeadings, doAllQuotes, replaceExternalLinks,
+ replaceInternalLinks, replaceInternalLinks2, getVariableValue,
+ initialiseVariables, formatHeadings, testPst, testPreprocess, testSrvus,
+ areSubpagesAllowed, maybeDoSubpageLink, splitWhitespace, createAssocArgs,
+ armorLinks, makeKnownLinkHolder, getImageParams, parseLinkParameter,
+ stripAltText, replaceLinkHolders, replaceLinkHoldersText, armorLinks,
+ makeKnownLinkHolder, getImageParams, parseLinkParameter, stripAltText.
+* (T30798) $wgServer must now always be set in LocalSettings.php. This is most
+ likely the case already for any wiki installed after 1.18. The autodetection
+ system was informally deprecated since 1.18 and vulnerable to cache poisoning
+ attacks. Older wikis may need to update their LocalSettings.php file.
+* (T232169) Hard deprecate $wgSysopEmailBans.
+* (T236628) Fix for ArticleRevisionViewCustom hook in DifferenceEngine.php.
+* (T181658) Do not insert page titles into querycache.qc_value.
+* ParamValidator has been flagged as unstable.
+* Hard deprecate Parser::disableCache().
+
+== MediaWiki 1.34.0-rc.0 ==
== Upgrading notes for 1.34 ==
1.34 has several database changes since 1.33, and will not work without schema
Some specific notes for MediaWiki 1.34 upgrades are below:
-* …
+* MediaWiki now requires PHP 7.2.9 or above.
+* MediaWiki no longer supports HHVM.
For notes on 1.33.x and older releases, see HISTORY.
redirects in their userspace unless the target of the redirect is also in
their userspace. By default, this right is given to everyone.
* (T226733) Add rate limiter to Special:ConfirmEmail.
+* $wgDiffEngine (T237049) – This configuration can be used to specify which
+ difference engine to use. MediaWiki continues to default to automatically
+ choosing the first of $wgExternalDiffEngine, wikidiff2, or php that is
+ usable.
==== Changed configuration ====
* $wgUseCdn, $wgCdnServers, $wgCdnServersNoPurge, and $wgCdnMaxAge – These four
containing some HTML markup in metadata. As a result, the $wgAllowTitlesInSVG
setting is no longer applied and is now always true. Note that MSIE 7 may
still be able to misinterpret certain malformed PNG files as HTML.
+* (T30798) $wgServer must now always be set in LocalSettings.php. This is most
+ likely the case already for any wiki installed after 1.18. The autodetection
+ system was informally deprecated since 1.18 and vulnerable to cache poisoning
+ attacks. Older wikis may need to update their LocalSettings.php file.
* Introduced $wgVerifyMimeTypeIE to allow disabling the MSIE 6/7 file type
detection heuristic on upload, which is more conservative than the checks
that were changed above.
+* $wgExternalDiffEngine — Setting this to a string value of 'wikidiff',
+ 'wikidiff2', or 'wikidiff3' will no longer work. This legacy behaviour was
+ deprecated in MediaWiki 1.27, 1.32, and 1.27, respectively.
* $wgSkipSkin — Setting this instead of $wgSkipSkins, deprecated in 1.23, is now
hard-deprecated.
* $wgLocalInterwiki — Setting this instead of $wgLocalInterwikis, deprecated in
an array with IP addresses as the values, or a string path to a file
containing one IP address per line.
* $wgCookieSetOnAutoblock and $wgCookieSetOnIpBlock are now enabled by default.
-* …
==== Removed configuration ====
* $wgWikiDiff2MovedParagraphDetectionCutoff — If you still want a custom change
* (T222388) API modules can now be specified as an ObjectFactory spec,
allowing the construction of modules that require services to be injected
in their constructor.
+* (T117736) The function signature of SpecialContributions::getForm::filters
+ has changed. It now expects definitions of additional filter fields as array
+ rather than string.
=== External library changes in 1.34 ===
-==== New external libraries ====
-* …
-
==== Changed external libraries ====
* Updated Mustache from 1.0.0 to v3.0.1.
* Updated OOUI from v0.31.3 to v0.34.0.
* Updated OOjs from v2.2.2 to v3.0.0.
* Updated composer/semver from 1.4.2 to 1.5.0.
* Updated composer/spdx-licenses from 1.4.0 to 1.5.1 (dev-only).
-* Updated mediawiki/codesniffer from 25.0.0 to 26.0.0 (dev-only).
+* Updated mediawiki/codesniffer from 25.0.0 to 28.0.0 (dev-only).
* Updated cssjanus/cssjanus from 1.2.1 to 1.3.0.
* Updated wikimedia/at-ease from 1.2.0 to 2.0.0.
* Updated wikimedia/remex-html from 2.0.1 to 2.1.0.
* Updated wikimedia/timestamp from 2.2.0 to 3.0.0.
* Updated wikimedia/xmp-reader from 0.6.2 to 0.6.3.
* Updated mediawiki/mediawiki-phan-config from 0.6.0 to 0.6.1 (dev-only).
-* …
+* Updated wikimedia/avro from 1.8.0 to 1.9.0 (dev-only).
==== Removed external libraries ====
* The jquery.async module, deprecated in 1.33, was removed.
-* …
=== Bug fixes in 1.34 ===
* (T222529) If a log entry or page revision is recorded in the database with an
'mime', 'mediadtype', 'bitdepth'.
Clients that process these fields should first check if 'filemissing' is
set. Fields that are supported even if the file is missing include:
- 'canonicaltitle', ''archivename' (deleted files only), 'descriptionurl',
+ 'canonicaltitle', 'archivename' (deleted files only), 'descriptionurl',
'descriptionshorturl'.
* The 'blockexpiry' result property in list=users and list=allusers will now be
returned in the same format used by the rest of the API: ISO 8601 for
* User::setNewpassword(), deprecated in 1.27 has been removed.
* The ObjectCache::getMainWANInstance and ObjectCache::getMainStashInstance
functions, deprecated since 1.28, have been removed.
+* Language::$dataCache has been removed (without prior deprecation, for
+ practical reasons). Use MediaWikiServices instead to get a LocalisationCache.
=== Deprecations in 1.34 ===
* The MWNamespace class is deprecated. Use NamespaceInfo.
* The Profiler::setTemplated and Profiler::getTemplated methods have been
deprecated. Use Profiler::setAllowOutput and Profiler::getAllowOutput
instead.
+* The ProfilerOutputDb class, 'profiling' table, and profileinfo.php entry
+ point had been deprecated (T231366).
* The Preprocessor_DOM implementation has been deprecated. It will be
removed in a future release. Use the Preprocessor_Hash implementation
instead.
* IDatabase::bufferResults() has been deprecated. Use query batching instead.
* MessageCache::singleton() is deprecated. Use
MediaWikiServices::getMessageCache().
+* ObjectCache::getWANInstance() is deprecated. Use
+ MediaWikiServices::getMainWANObjectCache() instead.
+* ObjectCache::newWANCacheFromParams() is deprecated. Use
+ MediaWikiServices::getMainWANObjectCache() instead.
* Constructing MovePage directly is deprecated. Use MovePageFactory.
* TempFSFile::factory() has been deprecated. Use TempFSFileFactory instead.
* wfIsBadImage() is deprecated. Use the BadFileLookup service instead.
* Specifying a SpecialPage object for the list of special pages (either through
the SpecialPage_initList hook or by adding to $wgSpecialPages) is now
deprecated.
+* The 'jquery.tabIndex' module is deprecated.
+* WebInstaller::getInfoBox(), getWarningBox() and getErrorBox() are deprecated.
+ Use Html::errorBox() or Html::warningBox() instead.
* Use of ActorMigration with 'ar_user', 'img_user', 'oi_user', 'fa_user',
'rc_user', 'log_user', and 'ipb_by' is deprecated. Queries should be adjusted
to use the corresponding actor fields directly. Note that use with
$wgGroupPermissions['sysop']['blockemail'] = true;
* ApiQueryBase::showHiddenUsersAddBlockInfo() is deprecated. Use
ApiQueryBlockInfoTrait instead.
+* PasswordReset is now a service, its direct instantiation is deprecated.
+* RESTBagOStuff users should specify either "JSON" or "PHP" serialization type.
+* The global function wfIsHHVM() is deprecated and will now always return false
+ regardless of the runtime environment. This is part of the continuing work to
+ remove HHVM support from MediaWiki, which started in MediaWiki 1.31.
+* Language::getLocalisationCache() is deprecated. Use MediaWikiServices
+ instead.
+* The following Language methods are deprecated: isSupportedLanguage,
+ isValidCode, isValidBuiltInCode, isKnownLanguageTag, fetchLanguageNames,
+ fetchLanguageName, getFileName, getMessagesFileName, getJsonMessagesFileName.
+ Use the new LanguageNameUtils class instead. (Note that fetchLanguageName(s)
+ are called getLanguageName(s) in the new class.)
+* Using the Parser without initializing its $mTitle property to non-null has
+ been deprecated. In a future release Parser::getTitle() will throw a
+ TypeError if $mTitle is uninitialized.
+* A number of public methods of Parser were exposed only for historical
+ reasons and have been deprecated: doMagicLinks, doDoubleUnderscore,
+ doHeadings, doAllQuotes, replaceExternalLinks, replaceInternalLinks,
+ replaceInternalLinks2, getVariableValue, initialiseVariables, formatHeadings,
+ testPst, testPreprocess, testSrvus, areSubpagesAllowed, maybeDoSubpageLink,
+ splitWhitespace, createAssocArgs, armorLinks, makeKnownLinkHolder,
+ getImageParams, parseLinkParameter, stripAltText, replaceLinkHolders,
+ replaceLinkHoldersText, armorLinks, makeKnownLinkHolder, getImageParams,
+ parseLinkParameter, stripAltText.
=== Other changes in 1.34 ===
-* …
+* Added option to specify "Various authors" as author in extension credits using
+ "..." as the only author name. If the "author" array contains more than one
+ entry and "..." is one of the entries in the array, "..." will be parsed as
+ "others" (version-poweredby-others i18n message) like previously.
+* (T232563) Browser support ("Grade C") for Internet Explorer 6 and 7
+ was discontinued. Basic content and security features may no longer
+ work correctly in these browsers.
== Compatibility ==
-MediaWiki 1.34 requires PHP 7.2.0 or later. Although HHVM 3.18.5 or later is
-supported, it is generally advised to use PHP 7.2.0 or later for long term
-support. It also requires the following PHP extensions:
+MediaWiki 1.34 requires PHP 7.2.9 or later, and the following PHP extensions:
* ctype
* dom
dépôts / lhc / web / wiklou.git / blobdiff