Changes Report
ClassLoader name
The ClassLoaders associated to namespace are now implementing ClassLoader#getName() so you don't need to cast it to NamespaceURLClassLoader to access the namespace anymore.
Add concept of image to What's New API
In preparation for displaying images in the What's New UI for news items, the What's New API has been updated to support getting images for news items.
@Named("xwikiblog")
private NewsSourceFactory factory;
@Inject
@Named("xwikiblog")
private NewsConfiguration configuration;
...
List<NewsSourceDescriptor> descriptors = this.configuration.getNewsSourceDescriptors();
NewsSourceDescriptor descriptor = descriptors.get(0);
List<NewsSourceItem> items = this.factory.create(descriptor.getParameters())
.forUser(...)
.forCategories(...)
.build()
String imageURL = items.get(0).getImageURL().get();
...
Configuration modifications
There's now a setProperty() API to modify a single ConfigurationSource property.
Improved the visibility of the focus state of the "Create", "Edit" and "more actions" buttons found on the top right of every page content.
Anchor in EntityResourceReference
The anchor metadata has been added to EntityResourceReference, to align it with other entity reference-related APIs. The general goal is to be able to support anchors (a.k.a URL fragments) in references to resources.
Block attributes
Rendering Blocks now have the concept of attributes. The main difference between Block parameters and block attributes is that attributes are not meant to be parser/serialized, the point is to use them as internal metadata associated to a block. The current main use case is to store the result of pre-executed macros.
Component role type priority
It's now possible to indicate the priority of a component among its role type siblings when it's retrieved through APIs like ComponentManager#getInstanceList and ComponentManager#getInstanceMap. In a Java component declaration, this is done through the standard javax.annotation.Priority annotation.
Note that component priority can also be used to sort event listeners.
Pre-edit document check
It is now possible for extensions to define a pre-edit document check, similar to what already exists for locked pages, or pages owned by extensions.
TOC macro numbered property
The numbered property of the Table of Content macro is now marked as advanced and is only proposed in the "more" section of the macro configuration dialog. This is because we're now offering a Numbered Content Application covering the numbering use case in a better way.
Users can be filtered based on first name and last name in the rights UI
The rights UI now allows filtering based on the user first name last name and username. This is particularily helpful in cases where usernames do not contain any character from the user first name or last name (for example, uuid-based usernames).
Improved contrast of the autosave text when disabled.
Restricted context macro
A new restricted parameter has been introduced in the context macro to allow executing content in a restricted content. See Context Macro for more details.
Change viewer UI update
Improved the layout and added icons in the version comparison UI.
Common User Name Differentiator
It's now possible to configure an user property to be used as differentiator (hint) when displaying users in compact mode, in order to better identify users that have common or similar names. You can use an existing user property, like address, or a custom user property that you need to add first (e.g. the position inside the organization). This can be done from xwiki.properties file:
#-# [Since 15.5RC1]
#-# When displaying an user in a compact mode we usually rely only on the user avatar and their full name. If this is
#-# not enough to properly identify the user then this configuration can be used to display additional information.
#-#
#-# The name of the user property to be used as qualifier (hint) when displaying the user in a compact mode. This
#-# configuration is not set by default, which means no additional information is displayed:
# user.display.qualifierProperty =
For instance:
At the moment this configuration is taken into account only by the user picker, and is not set by default, meaning that we don't show any differentiator by default. Check out the User Module documentation for more information.
New script service for HTML operations
A new HTML script service has been introduced allowing to use the recently introduced HTMLElementSanitizer in scripts. It can be used in velocity with $services.html.xxx.
Added links towards documentation under the videos in the Help section.
Home page change
The Youtube video located on the XWiki Standard flavor's home page has been removed (for privacy reasons and also for increased usability, as the underlying markup was complex to understand for users).
Extension plan in isolation
It's now much easier to run extension jobs isolated from the current instance. The following two new properties has been added to ExtensionRequest:
- coreExtensionRepository: a custom repository to use to find available core extension
- installedIgnored: true if already-installed extensions should not be taken into account while resolving the install plan
#displayUser and #displayGroup now allow displaying a link to the profile
The standard velocity macros #displayUser and #displayGroup can now be configured to display a link to the user or group profile with the parameter displayLink. The parameter defaults to true.
Empty Line Placeholder
A placeholder text is now displayed on currently focused empty lines. By default it indicates the type of content block that holds the caret (e.g. paragraph, heading, list item, etc.), but it could also show tips on how to use the editor in that particular context. This is for instance used to advertise the Quick Actions shortcut (slash). Checkout the CKEditor Integration documentation for more information.
Tags are hidden when there are none
When there aren't any tags assigned to a page, the text “Tags:” is no longer displayed at the bottom of the page unless the user has edit rights.
Required Rights
The Required Rights Application analysis is deactivated by default as the analysis is still incomplete and the presentation needs to be improved to more clearly show what's wrong. Still, the analysis can already provide useful warnings and this is a good opportunity to provide feedback as this feature will be activated by default in a future version of XWiki. It can be activated by setting the security.requiredRights.protection to warning.
#-# Indicates how documents are protected by required rights.
#-#
#-# The possible choices are:
#-# * none (the default): no required rights check
#-# * warning: a warning is presented to the user when trying to edit a document with required rights issues
# security.requiredRights.protection=none
Mail Deletion
It's now possible to delete a single mail from the Admin UI, by clicking on the "Delete" button next to the mail in the Mail Status screen.
The tabulator order in the page creation Location breadcrumb now matches the visuals, going from left to right as expected.
The rights livetables display user first name and last name
User first name and last name are now displayed in the rights UI using the standard user and group displayers.
Fixed tabulator order for the quick search feature. Now only visible elements will get focus via keyboard.
What's New API
New experimental API to gather external news related to XWiki.
Example to get news items from a xwikiblog source, for a given user, filtered by a category:
@Named("xwikiblog")
private NewsSourceFactory factory;
@Inject
@Named("xwikiblog")
private NewsConfiguration configuration;
...
List<NewsSourceDescriptor> descriptors = this.configuration.getNewsSourceDescriptors();
NewsSourceDescriptor descriptor = descriptors.get(0);
List<NewsSourceItem> items = this.factory.create(descriptor.getParameters())
.forUser(...)
.forCategories(...)
.build()
NewsContent content = items.get(0).getDescription().get();
String itemDescription = content.getContent();
Syntax itemSyntax = content.getSyntax();
...
Added autocompletion to the login page and the register form.
Common User Name Differentiator
The user picker can now be configured to show additional information about the listed users (e.g. the user address or user position within the organisation) in order to help you distinguish between users with similar names. Check out the User Module documentation for more information.
The administration right buttons now have a proper text alternative. It can be displayed on hover.
Improved contrast of the metadata display on the change viewer.
PDF Export Size Limit
The default PDF export size limit has been increased from 100KB to 5MB and is now applied only when exporting multiple wiki pages. Checkout the PDF Export Application documentation for more information.
Refactored tips panel extension point
The tips panel extension point has been refactored to be safer and easier to use. See the "Add Tip to Tips Panel" extension point for more details on how to define a tip in 15.1+. Note that any custom tip you may have will continue to work as is, but we encourage you to move the tip definitions from the UIXP parameter to the UIXP content as the old way is now deprecated and will be removed one day (and it's also safer to use the new way).
Tour Application in platform
The Tour Application is now part of xwiki-platform and the contrib extension has been moved to the attic.
Improved Security Vulnerabilities scanner
On XWiki 15.5 the Security Vulnerabilities Application was limited to installed extensions. The scan now includes core extensions as well as dependencies provided by the environment (e.g., the servlet engine).
Environment vulnerabilities are listed in a separate tab.
Limit parameter in tag cloud
The tag cloud macro supports a new parameter to limit the number of tags to the n most occurring tags.
Extensions Security Vulnerabilities Application
After some forum discussions we agreed that the extension is current not useful to fix security vulnerabilities, and is at risk of presenting false-positive. Until those issues are fixed, we decided to stop bundling it as part of the standard distribution.
Security Vulnerabilities name display
The display of the extension names on the extension security vulnerabilities is now improved to take into account the limited horizontal space of the administration.
The location picker breadcrumb icons now have a proper text alternative displayed on hover to assist in the understanding of their use.
Improved contrast on the "Excluded page" None element, in the Look & Feel -> Navigation Panels administration subsection.
Velocity macro for sanitizing URLs
A new velocity macro has been provided to allow getting sanitized URLs from request parameters to be used in HTML.
Set email grouping strategy per scheduler
The email grouping strategy can be defined at different levels (per wiki, and per user) and is specific for a given scheduler, using a new dedicated XObject XWiki.Notifications.Code.NotificationEmailGroupingStrategyPreferenceClass.
So an admin can add one or severals xobjects in XWiki.XWikiPreferences for defining the different strategies for each scheduler, at wiki level: the xobject needs to contain the name of the strategy to use, and the name of scheduler (hourly, daily, weekly or live).
This value can be overridden by a user if they perform adding the same type of xobject in their own user profile.
More required rights analyzers
Even more required rights analyzers have been added in XWiki 15.10, now analyzing HTML Macros, translation documents, gadgets, icon sets, and configurable sections.
Improved contrast for the "Decline" button in invitations.
Filter for testing for restricted HTML cleaning
A new filter for HTML cleaning allows testing if HTML content would be affected by restricted cleaning, allowing to determine automatically if HTML content could also be used with restricted cleaning without risking any breakage.
More robust security cache
The security cache has been made robust against the disposal of structurally important entries by storing them also outside the cache as long as they're still needed by entries in the cache to avoid cascading disposal of large parts of the cache. If you've had problems with users seeing access denied sometimes, this might be the improvement you've been looking forward to. Also, if you've configured a very high size for the security cache to avoid these problems, it should be possible to reduce these limits now. The documentation provides some hints how to choose a reasonable security cache size. However, as with every change to code that is critical to performance and security, there is a risk for regressions even though we have extensive tests. In particular if you're maintaining a larger instance of XWiki, it is advised to monitor memory usage and performance after the upgrade to see if there are any irregularities. Also, please check that access restrictions are still working, in particular, if they involve nested groups. As always, please open a bug report or create a forum post if you're noticing anything unusual.
Pre-edit check can be cached
It is now possible to define a caching strategy for pre-edit checks, allowing to define when to re-display the results of a check to the user if they have been previously forced.
The Application panel has been improved for low width displays.
Added keyboard support to the drawer. The focus will not go in the drawer when it's closed. The drawer can be closed by pressing `Escape` and a new button is added to make it easy to close the drawer.
Improved contrast on the App Within Minute application creation wizard for the active (green) and already finished steps (light grey).
New API for macro required rights analyzers
A new API for required rights analyzers for macros has been introduced that makes it simpler to introduce a required rights analyzer for a macro. Such an analyzer is necessary for all macros that support wiki syntax outside the content (e.g., in a parameter) or any kind of script or other content that uses the author's rights.
Added keyboard support for the rich select used to pick a page template at page creation.
Pre-edit check can be cached
When editing a page, once a pre-edit check result is presented to the user, it will not be presented again unless something changed. For instance, once a user chooses to edit a page owned by an extension, he or she will not be warned again. However, if a page is locked twice by different users, they will be warned at each edit attempt.
Increasing contrast
The info button of the Flamingo Theme is now increased to conform to the minimum contrast defined in the Web Content Accessibility Guidelines.
New API to safely evaluate XObject properties
A new API to provide safe evaluation of XObject properties has been introduced to allow developers to control which properties from which XClasses should be evaluable, and how they should be evaluated. For XObjects that have assigned evaluators, the evaluated properties can be recovered in scripts through the new evaluate() method.
Forced default image style
The default image style can now be forced, meaning that it will be used by default and a style must be selected.
Add parameters to the CKEditor html conversion request
A new xwiki:ckeditor:convertHTML event is send before a request to convert some content to HTML is sent by CKEditor. Listeners can add new request parameters by add properties on the data object send with the event. The example below show how to add an example parameter with value 1.
data.example = 1;
});
Groups can be filtered by their title in groups livetables
It is now possible to filter groups by their title in the groups livetables or the access rights livetables. This is particularly helpful in case a group has a “pretty name” that is more user-friendly than the name of the group document.
Allow to chose conflict fallback version when merging
The storage merge API have been improved in order to allow consumers of the API to define what should be the fallback versions to use in case of merging conflicts: by default the version is still the current version element, but it's now also possible to chose the next version element.
Table of content entries customization
It is possible to decorate the Table of Content entries by providing a component with the TocEntryExtension role.
Suggestions for the wiki macro parameter type
It's now easier to decide what value to set in the wiki macro parameter type as suggestions are proposed: "Unknown" (the default), and "Wiki" for a parameter containing wiki markup. It's still possible to explicitly set the Java type to use.
Velocity AST caching
VelocityEngine API now expose helpers to much easier to compile and cache the Velocity AST.
Livedata colors now properly use the color theme variables. This fixes the display of livedata on color themes different from Iceberg. This difference is especially important on dark colorthemes.
Added accessibility test overview
Now, builds with the property xwiki.test.ui.wcag property activated will create overview reports of the accessibility results. These reports will generate whatever the results are, and will contain statistics about the tests in the test suite.
Dynamic registration of rendering listeners
It is now possible to declare a rendering listener dynamically from an extension.