Release Notes for XWiki 15.10

Last modified by Ilie Andriuta on 2024/01/04

This is the release notes for XWiki Commons, XWiki Rendering and XWiki Platform. They share the same release notes as they are released together and have the same version.

This release adds improvements for the recently added Required Rights Analysis feature. The analysis report has been improved and more rights analyzers have been added, so the feature is now enabled by default. There are also improvements on the What's New Application side, for better accessibility. For developers, it's now possible to define a caching strategy for pre-edit checks. As usual, this release comes with a bunch of bugs and security fixes.

The following regressions were introduced in this release (and found after it was released). Please check them out and if they impact you we recommend waiting to upgrade to a version where they are fixed.

New and Noteworthy (since XWiki 15.9)

Full list of issues fixed and Dashboard for 15.10.

For Users

Improved Display of What's New

 
The display of the What's New Application has been improved to allow an easier differentiation between the different news items and better accessibility.

Improved required rights reporting

 
The reporting presented by the required rights analyzer is now just a summary of the impacted rights first, with the possibility to expand the details. This is done to prevent showing technical items to users by default.

Miscellaneous

  • More required rights analyzers: More required rights analyzers have been implemented, warning about rights required for UI extensions, HTML via the raw macro and correctly analyzing the content and parameters for the context and cache macro.

  • More required rights analyzers: Even more required rights analyzers have been added in XWiki 15.10, now analyzing HTML Macros, translation documents, gadgets, icon sets, and configurable sections.

  • Pre-edit check can be cached: When editing a page, once a pre-edit check result is presented to the user, it will not be presented again unless something changed. For instance, once a user chooses to edit a page owned by an extension, he or she will not be warned again. However, if a page is locked twice by different users, they will be warned at each edit attempt.

For Admins

  • Required rights enabled by default: The required rights check before editing is now enabled by default. It can still be disabled by changing the required rights configuration in case it is not desired or there should be any issues.

For Developers

  • Filter for testing for restricted HTML cleaning: A new filter for HTML cleaning allows testing if HTML content would be affected by restricted cleaning, allowing to determine automatically if HTML content could also be used with restricted cleaning without risking any breakage.

  • Pre-edit check can be cached: It is now possible to define a caching strategy for pre-edit checks, allowing to define when to re-display the results of a check to the user if they have been previously forced.

  • New API for macro required rights analyzers: A new API for required rights analyzers for macros has been introduced that makes it simpler to introduce a required rights analyzer for a macro. Such an analyzer is necessary for all macros that support wiki syntax outside the content (e.g., in a parameter) or any kind of script or other content that uses the author's rights.

Upgrades

The following runtime dependencies have been upgraded (they have a different release cycle than XWiki Commons, XWiki Rendering and XWiki Platform):

Translations

The following translations have been updated: 

Tested Browsers & Databases

Here is the list of browsers we support and how they have been tested for this release:

 BrowserTested on:
Firefox30.pngMozilla Firefox 121Jira Tickets Marked as Fixed in the Release Notes
Chrome30.pngGoogle Chrome 119Not Tested
Edge30.pngMicrosoft Edge 119Not Tested
Safari30.pngSafari 17Not Tested

Here is the list of databases we support and how they have been tested for this release:

 DatabaseTested on:
hypersql.pngHyperSQL 2.7.2Not Tested
mariadb.pngMariaDB 11.1Not Tested
mysql.pngMySQL 8.2Not Tested
postgresql.pngPostgreSQL 16Jira Tickets Marked as Fixed in the Release Notes
oracle.pngOracle 19cNot Tested

Here is the list of Servlet Containers we support and how they have been tested for this release:

 Servlet ContainerTested on:
tomcat-icon.pngTomcat 9.0.84Jira Tickets Marked as Fixed in the Release Notes
jetty-icon.pngJetty 10.0.18 (XWiki Standalone packaging)Not Tested
jetty-icon.pngJetty 10.0.18Not Tested

Security Issues

Security issues are not listed in issue lists or dashboards to avoid disclosing ways to use them, but they will appear automatically in them once they're disclosed. See the XWiki Security Policy for more details.

Accessibility

We are working towards WCAG 2.1 level AA compliance.

Current status (based on build #389 of XWiki Environment Tests for master):

  • A total of 285853 automated tests are run.
  • 99.07% of our automated WCAG tests are passing. There are 1205 warnings left in the tests to fix (0.42%) and 1431 incomplete tests (0.50%), i.e. they need manual validation.
    • Note that the automated WCAG tests have 2 limitations: WCAG tests are executed only for UIs for which we have automated functional tests available, and the underlying library we use for testing (Axe Core) estimates that it catches only about 50% of WCAG issues. In the future we plan to also run manual WCAG tests once we've fixed all the issues we can catch automatically.
  • Remaining accessibility violations can be seen on this filter result table.
  • The progress of fixing accessibility issues vs raising them can be seen on this status chart.

Known issues

Backward Compatibility and Migration Notes

General Notes

  • When upgrading make sure you compare and merge the following XWiki configuration files since some parameters may have been modified, removed or added:
    • xwiki.cfg
    • xwiki.properties
    • web.xml
    • hibernate.cfg.xml
  • Add xwiki.store.migration=1 in xwiki.cfg so that XWiki will attempt to automatically migrate your current database to any new schema. Make sure you backup your Database before doing anything.

Issues specific to XWiki 15.10

Removal of deprecated Registration settings

Some settings in Administration > Registration page were removed:

  • The default field okay message setting (see the vote here): if needed, this can be customized by creating a new translation for core.validation.valid.message. Note that this setting was already not used anymore since XWiki 11.9.
  • The enable javascript field validation setting (see the vote here): this setting was already not having any effect anymore since XWiki 11.9.

API Breakages

The following APIs were modified since XWiki 15.9:

No breakage!

Credits

The following people have contributed code and translations to this release (sorted alphabetically):

  • Anca Luca 
  • Dorian OUAKLI 
  • Gunter Ohrner 
  • Manuel Leduc 
  • Marius Dumitru Florea 
  • Michael Hamann 
  • Nelson Osacky 
  • Nikita Petrenko 
  • Oana-Lavinia Florean 
  • Pierre Jeanjean 
  • RaphaĆ«l Jakse 
  • Sereza7 
  • Simon Urli 
  • Simpel 
  • Thomas Mortagne 
  • Vincent Massol 
  • pjeanjean 
  • raphj 
Tags:
   

Get Connected