= MediaWiki 1.34 =
-THIS IS NOT A RELEASE YET
-
-MediaWiki 1.34 is an pre-release testing branch, and is not recommended
-for use in production.
+== MediaWiki 1.34.1 ==
+
+This is a security and maintenance release of the MediaWiki 1.34 branch.
+
+=== Changes since MediaWiki 1.34.0 ===
+* (T211450) User: better error message when getActorId fails.
+* (T241340) Don't redefine MW_ENTRY_POINT in thumb.php if already defined.
+* (T236444) User: Allow newSystemUser() to create over anonymous actors.
+* (T238483) Fix NewPagesPager "hide registered users" option.
+* (T245072) mediawiki.language: Rename languageData back to languageNames.
+* Use proper SemVer comparison in CheckComposerLockUpToDate.
+* (T212738) Add the MW_VERSION constant, global $wgVersion is soft deprecated.
+* (T246127) Fix error when initialising updateCollation.php.
+* Update comment about PHP versions supported by The PHP Group.
+* (T247215) Fix output of RecountCategories::doWork().
+* Add check for page existence to view.php maintenance script.
+* (T245149) Fix fetching login token from action=query&meta=tokens on private
+ wikis.
+* (T236509) SECURITY: Fix HTML escaping in UserGroupMembership::getLink().
+* (T232932) SECURITY: User content can redirect the logout button to different
+ URL.
+* (T246602) SECURITY: jquery.makeCollapsible allows applying event handler to
+ any CSS selector.
+
+== MediaWiki 1.34.0 ==
+
+=== Changes since MediaWiki 1.34.0-rc.1 ===
+* $wgDiffEngine (T237049) – This configuration can be used to specify which
+ difference engine to use. MediaWiki continues to default to automatically
+ choosing the first of $wgExternalDiffEngine, wikidiff2, or php that is
+ usable.
+* (T231866) SqlBlobStore no longer needs Language object.
+* (T236735) WikiExporter: Remove unnecessary check for SCHEMA_COMPAT_WRITE_OLD
+ flag.
+* (T231673) Set MCR migration stage to SCHEMA_COMPAT_NEW.
+* (T229601) Make sure DBLoadBalancerFactory service is not disabled.
+* (T232866) Fix support for HTTP/2 in MultiHttpClient.
+* (T231866) LocalisationCache: Don't instantiate ResourceLoader.
+* (T227461) Stop calling deprecated Redis delete functions.
+* (T239561) Mark options as requiring parameters in addSite.php.
+* (T232866) Mimic CURLOPT_POST in GuzzleHttpRequest.
+* (T239734) Replace deprecated lSize with lLen in Redis code.
+* (T192134) SECURITY: Do not allow user scripts on Special:PasswordReset.
+* (T239428) ApiEditPage: Test for bad redirect targets.
+* (T233342) rdbms: Log debug message traces as 'exception.trace' instead of
+ 'trace'.
+* (T226751) media: Log and fail gracefully on invalid EXIF coordinates.
+* (T240924) NewPagesPager: Fix namespace query conditions.
+* (T212067) Tests for an old PHP bug in parse_url.
+
+== MediaWiki 1.34.0-rc.1 ==
=== Changes since MediaWiki 1.34.0-rc.0 ===
* (T231742) rdbms: Restore debug toolbar "Queries" feature.
* (T235392) Deprecate setting Parser::mTitle to null.
* Supporting commits for T235392 were also backported to prevent divergence
from master (MediaWiki 1.35).
+* (T234581) The 'jquery.tabIndex' module is deprecated.
+* Fix docs for GetUserBlock hooks.
+* Parser: Hard deprecate getConverterLanguage.
+* (T236810) A number of public methods of Parser were exposed only for
+ historical reasons and have been deprecated: doMagicLinks,
+ doDoubleUnderscore, doHeadings, doAllQuotes, replaceExternalLinks,
+ replaceInternalLinks, replaceInternalLinks2, getVariableValue,
+ initialiseVariables, formatHeadings, testPst, testPreprocess, testSrvus,
+ areSubpagesAllowed, maybeDoSubpageLink, splitWhitespace, createAssocArgs,
+ armorLinks, makeKnownLinkHolder, getImageParams, parseLinkParameter,
+ stripAltText, replaceLinkHolders, replaceLinkHoldersText, armorLinks,
+ makeKnownLinkHolder, getImageParams, parseLinkParameter, stripAltText.
+* (T30798) $wgServer must now always be set in LocalSettings.php. This is most
+ likely the case already for any wiki installed after 1.18. The autodetection
+ system was informally deprecated since 1.18 and vulnerable to cache poisoning
+ attacks. Older wikis may need to update their LocalSettings.php file.
+* (T232169) Hard deprecate $wgSysopEmailBans.
+* (T236628) Fix for ArticleRevisionViewCustom hook in DifferenceEngine.php.
+* (T181658) Do not insert page titles into querycache.qc_value.
+* ParamValidator has been flagged as unstable.
+* Hard deprecate Parser::disableCache().
== MediaWiki 1.34.0-rc.0 ==
redirects in their userspace unless the target of the redirect is also in
their userspace. By default, this right is given to everyone.
* (T226733) Add rate limiter to Special:ConfirmEmail.
+* $wgDiffEngine (T237049) – This configuration can be used to specify which
+ difference engine to use. MediaWiki continues to default to automatically
+ choosing the first of $wgExternalDiffEngine, wikidiff2, or php that is
+ usable.
==== Changed configuration ====
* $wgUseCdn, $wgCdnServers, $wgCdnServersNoPurge, and $wgCdnMaxAge – These four
containing some HTML markup in metadata. As a result, the $wgAllowTitlesInSVG
setting is no longer applied and is now always true. Note that MSIE 7 may
still be able to misinterpret certain malformed PNG files as HTML.
+* (T30798) $wgServer must now always be set in LocalSettings.php. This is most
+ likely the case already for any wiki installed after 1.18. The autodetection
+ system was informally deprecated since 1.18 and vulnerable to cache poisoning
+ attacks. Older wikis may need to update their LocalSettings.php file.
* Introduced $wgVerifyMimeTypeIE to allow disabling the MSIE 6/7 file type
detection heuristic on upload, which is more conservative than the checks
that were changed above.
'mime', 'mediadtype', 'bitdepth'.
Clients that process these fields should first check if 'filemissing' is
set. Fields that are supported even if the file is missing include:
- 'canonicaltitle', ''archivename' (deleted files only), 'descriptionurl',
+ 'canonicaltitle', 'archivename' (deleted files only), 'descriptionurl',
'descriptionshorturl'.
* The 'blockexpiry' result property in list=users and list=allusers will now be
returned in the same format used by the rest of the API: ISO 8601 for
testPst, testPreprocess, testSrvus, areSubpagesAllowed, maybeDoSubpageLink,
splitWhitespace, createAssocArgs, armorLinks, makeKnownLinkHolder,
getImageParams, parseLinkParameter, stripAltText, replaceLinkHolders,
- replaceLinkHoldersText.
+ replaceLinkHoldersText, armorLinks, makeKnownLinkHolder, getImageParams,
+ parseLinkParameter, stripAltText.
=== Other changes in 1.34 ===
* Added option to specify "Various authors" as author in extension credits using
dépôts / lhc / web / wiklou.git / blobdiff