Release Notes for XWiki 11.6-rc-1
This is the release notes for XWiki Commons, XWiki Rendering and XWiki Platform. They share the same release notes as they are released together and have the same version.
This release brings new security features related to user authentication and management, a new way to see document changes closer to the WYSIWYG edition, and a new macro to define part of a document that should be asynchronously loaded for better performance.
New and Noteworthy (since XWiki 11.5)
Full list of issues fixed and Dashboard for XWiki 11.6RC1.
For Users
Visual Diff
You can now view how a page has changed visually from one version to another. The changes are computed on the rendered page content. You can click on the ellipsis to expand the context (to see the parts that have not changed). See the documentation for more information.
For Admins
Multiple login attacks protection
A new Authentication Security Module has been integrated to prevent attacks on user accounts. This module allows to perform different strategies in case of repeated authentication failures.
For now two strategies are provided:
- to ask user to answer a CAPTCHA challenge (default strategy)
- to disable user account (in which case an administrator would have to activate it back)
The strategy is triggered whenever a user repeatedly failed to login in a given time window. The number of failed attempts and the duration of the time window are configurable in Administration > Authentication. Default values are 3 failed attempts in 5 minutes would trigger a CAPTCHA challenge for users.
Enable/Disable user account
it is now possible to disable a user account and to enable it back from his/her profile. A disabled user is able to login but cannot perform any action once logged-in.
Miscellaneous
Check user inactive status by default: If you configured the registration page to enable the Use Email Verification, then new registered users are by default inactive until they fill a form. Starting with this release the active status is checked by default at login. The previous option to enable this in the Administration > Registration page, Authentication Active Check, has been removed.
Allow to disable the edit conflict mechanism: We introduced in XWiki 11.2 a mechanism that allows user to detect edition conflicts on a page and we are continuing to improving it. However this feature is still experimental and might have unwanted consequences on older extensions. So we added the possibility to completely disable the feature if needed, with a new property in xwiki.properties:
edit.conflictChecking.enabled = trueYou can set this property to false and restart the wiki in case of trouble. In that case, please let us know so we can improve our feature.
Tomcat 9 based Debian Package: Tomcat 9 is now the current stable branch of Tomcat so we provide a Debian Package of XWiki based on it.
For Developers
New Async macro
A new Async macro was introduce to make easy to execute asynchronous and/or cached wiki content. See Async Macro for more details.
HTML Diff Script Service
A new script service is available to compute the visual changes between two HTML fragments:
#set ($htmlDiff = $services.diff.html.unified($previousHTML, $nextHTML))
#if ($htmlDiff == '')
No changes.
#elseif ("$!htmlDiff" == '')
Failed to compute the changes.
#else
$htmlDiff
#end
</div>
Checkout the Diff Module's documentation for more information.
Add a new binding for wikimacro
A new binding has been introduced for Wikimacro, the different information of the wikimacro are then available through wikimacro. The old binding xcontext.macro remains but is considered as deprecated and shouldn't be used anymore.
One important change in this binding concerns the parameters: those are now available through wikimacro.parameters.xxx (instead of xcontext.macro.params.xxx), and their values are now automatically converted to the type given in the WikiMacroParameterClass.
Upgrades
The following runtime dependencies have been upgraded (they have a different release cycle than XWiki Commons, XWiki Rendering and XWiki Platform):
- CSS4J 1.0.0RC1
- commons-text 1.7
- commons-collections 4.4
- Woodstox 5.3.0
- Tika 1.21
- Solr 8.1.1
- Rome 1.12.1
- Protobuf Java 3.9.0
- Protobuf Java 3.8.0
- Plexus Utils 3.2.1
- Plexus Interpolation 1.26
- MChange Commons 0.2.16
- Joda-Time 2.10.3
- JavaMail 1.6.3
- Jackson 2.9.9.1
- JSqlParser 2.1
- JGroups 4.0.20
- Infinispan 9.4.15.Final
- Guava 28.0-jre
- Freefont 20120503
- Checker Qual 2.9.0
- Apache PDFBox 2.0.16
- PostgresSQL connector to 42.2.6
- CKEditor Integration 1.36
Translations
The following translations have been updated:
Tested Browsers & Databases
Here is the list of browsers we support and how they have been tested for this release:
Browser | Tests performed and results | |
---|---|---|
Google Chrome 75 | Not Tested | |
Mozilla Firefox 68 | Not Tested | |
Microsoft Edge 18 | New and Noteworthy Features + Jira Tickets Marked as Fixed in the Release Notes | |
Internet Explorer 11 | Not Tested | |
Safari 12 | Not Tested |
Here is the list of databases we support and how they have been tested for this release:
Database | Tests performed and results | |
---|---|---|
HyperSQL 2.5.0 | Not Tested | |
MySQL 5.7 | New and Noteworthy Features + Jira Tickets Marked as Fixed in the Release Notes | |
Oracle 12c | Not Tested | |
PostgreSQL 11 | Not Tested |
Here is the list of Servlet Containers we support and how they have been tested for this release:
Servlet Container | Tests performed and results | |
---|---|---|
Tomcat | Not Tested | |
Jetty (XWiki Standalone packaging) | New and Noteworthy Features + Jira Tickets Marked as Fixed in the Release Notes | |
Jetty | Not Tested |
Known issues
Backward Compatibility and Migration Notes
General Notes
- When upgrading make sure you compare and merge the following XWiki configuration files since some parameters may have been modified, removed or added:
- xwiki.cfg
- xwiki.properties
- web.xml
- hibernate.cfg.xml
- Add xwiki.store.migration=1 in xwiki.cfg so that XWiki will attempt to automatically migrate your current database to any new schema. Make sure you backup your Database before doing anything.
API Breakages
The following APIs were modified since XWiki 11.5:
- Not an API breakage (we replaced it with a generic get() method that can also be used to access $services.diff.display)
- Violation type:java.method.removed
- Code:## Old:
method org.xwiki.script.service.ScriptService org.xwiki.diff.script.DiffScriptService::getDisplay()
- Violation type:
Credits
The following people have contributed code and translations to this release (sorted alphabetically):
Alex Cotiugă
arcilli
Camelia Andrei
Catalin Scripcariu
Clément Aubin
Ecaterina Moraru (Valica)
Jarle Sandmo
Marius Dumitru Florea
NilRai
Pyungkyu Moon
Simon Urli
Thomas Mortagne
Vincent Massol
Vyacheslav Sukharnikov
xrichard
zon1002