v0.22-beta1
Pre-releaseHello and welcome to another beta release of Pepperminty Wiki! Check out the major new features:
- π Reading time estimations (on by default, toggle with the
readingtime_enabled
setting) - β
Similar page suggestions at the bottom of the page, powered by the search index (on by default, toggle with the
similarpages_enabled
/similarpages_count
settings) - π New syntax features: checkboxes, highlighted text, spoiler text, super/subscript, automatic table of contents - check the inbuilt help page for details
- π Uploaded PDFs can now be embedded into pages (older wikis make sure that
application/pdf
is present in theupload_allowed_file_types
setting) - πͺ Improved cookie security: PHP 7.3+ recommended
.....and lots of other bugfixes and new features! Check the full changelog at the bottom of these release notes for the full details.
Regarding the reading time and similar page suggestions, I'm still a little unsure about it. What to you think? Please fill out this strawpoll by Tuesday 11th August 2020 12pm GMT (after which I'll be looking to make final adjustments before making another beta release / the stable release) - it would be really helpful!
Notes for admins
Like the last stable release, there are a few things that admins should be aware of:
- If you're updating from before v0.21.1-hotfix1, please change your wiki secret. This is really important, as v0.21.1-hotfix1 fixes a critical security issue.
- I have a new policy: Only officially supported versions of PHP will be supported by Pepperminty Wiki. This just ensures that I have a clear line that I can draw on the subject.
- Speaking of PHP versions, PHP 7.3+ is highly recommended going forwards.
SameSite=Strict
is now set on all cookies to comply with the new cookie handling being introduced into browsers, but only in PHP 7.3+. - Some users have reported issues with the search engine after updating to this release. Rebuilding the search index may be required (use the CLI with
php index.php exec search rebuild
, or navigate to the master settings and hit the rebuild button) - Set the new
theme_colour
setting to enable extra coolness in some browsers and when generating embeds in places like Discord π
Have you updated to this release? Click this link to say hi!
This release also has an experimental GPG and SHA256 hashes file attached. My GPG key is C2F7843F9ADF9FEE264ACB9CC1C6C0BB001E1725
- please open an issue if you encounter any issues π
Updating
You can update to this release simply by grabbing an updated copy of index.php
and replacing the version in your current wiki (don't forget to take backups! I make every effort to squash as many bugs as possible, but you can never be too certain). You can get an updated copy of index.php
in a number of ways:
- By downloading the
index.php
file attached to this release - Using the online downloader offline
- Building your own from source
For more information on the last 2 methods, please see the documentation for more information.
Since v0.21.1-hotfix1
Make sure you have PHP 7.3+ when you update past this point! It isn't the end of the world if you don't, but it will make you more secure if you do.
Added
- [Module Api] Add new
search::invindex_term_getpageids
, andsearch::invindex_term_getoffsets
, andsearch::index_sort_freq
methods - [Module Api] Add new
ends_with
andfilepath_to_pagename
core functions - Added new syntax features to PeppermintParsedown, inspired by ParsedownExtreme (which we couldn't get to work, and it wasn't working before as far as I can tell)
- Checkboxes:
[ ]
and[x]
after a bullet point or at the start of a line - Marked / highlighted text:
Some text ==marked text== more text
- Spoiler text:
Some text >!spoiler!< more text
orSome text ||spoiler|| more text
- Superscript:
Some text^superscript^ more text
- Subscript:
Some text~subscript~ more text
- Checkboxes:
- Added automatic table of contents! (#155)
- Put
[__TOC__]
on a line by itself to insert an automatic table of contents - Note that the level of heading generated can be controlled (or even removed) by the new
parser_toc_heading_level
setting
- Put
- Add
<meta name="theme-color" content="value" />
support with the newtheme_colour
setting. More information: MDN, caniuse. Also used by some platforms to customise embed accents when generating a rich snippet (e.g. Discord). - Added reading time estimate to the top of wiki pages - control it with the new
readingtime_enabled
setting (#172)- The algorithm used to estimate reading times is the as the one used in Firefox's reader mode
- Added similar page suggestions between the bottom of the page content and the comments - control it with the new
similarpages_enabled
andsimilarpages_count
settings. - Added absolute redirect support - use it like this:
# REDIRECT [display text](INSERT_REDIRECT_URL_HERE)
- It's disabled by default due to potential security issues with untrusted editors - enable it with the new
redirect_absolute_enable
setting (default:false
)
- It's disabled by default due to potential security issues with untrusted editors - enable it with the new
- Added new settings to control various features more precisely
comment_enabled
controls whether anyone is allowed to comment at all or notcomment_hide_all
determines whether the commenting system displays anything at all (if disabled, it's (almost) like thefeature-comments
doesn't exist - consider using the downloader to exclude the commenting system instead of enabling this setting)avatars_gravatar_enabled
determines whether redirects to gravatar.com should be performed if a user hasn't yet uploaded an avatar (if disabled then a blank image is returned instead of a redirect).
- PDF previews now show the browser's UI when embedded in pages with the
![alt text](File/somefile.png)
syntax - [Rest API] Add new
typeheader
GET parameter toraw
action (ref Firefox bug 1319262)
Changed
- New policy: Only officially supported versions of PHP are officially supported by Pepperminty Wiki.
- Fiddled with Parsedown & ParsedownExtra versions
- Removed ParsedownExtreme, as it wasn't doing anything useful anyway
- Don't worry, we've absorbed all the useful features (see above)
- NOTE TO SELF: Don't forget to update wikimatrix.org when we next make a stable release! (if you are reading this in the release notes for a stable release, please get in touch)
- Enabled horizontal resize handle on sidebar (but it doesn't persist yet)
- [security]
SameSite=Strict
is now set on all cookies in PHP 7.3+- This prevents session-stealing attacks from third-party origins
- This complies with the new samesite cookies rules.
- A warning is generated in PHP 7.2 and below = please upgrade to PHP 7.3+! (#200)
- [security] The
Secure
cookie flag is now automatically added when clients use HTTPS to prevent downgrade-based session stealing attacks (control this with the newcookie_secure
setting) - Standardised prefixes to (most)
error_log()
calls to aid clarity in multi-wiki environments - Improved pageindex rebuilder algorithm to search for and import history revisions - this helps when converting data from another wiki format
- Improved spam protection when hiding email addresses. Javascript is now required to decode email addresses - please get in touch if this is a problem for whatever reason. I take accessibility very seriously.
- Bump weighting of title and tag matches in search results (delete the
search_title_matches_weighting
andsearch_tags_matches_weighting
settings to get the new weightings)
Fixed
- Squashed a warning when using the fenced code block syntax
- If a redirect page sends you to create a page that doesn't exist, a link back to the redirect page itself is now displayed
- Really fix bots getting into infinite loops on the login page this time by marking all login pages as
noindex, nofollow
with a robots<meta />
tag - Navigating to a redirect page from a page list or the recent changes list will no longer cause you to automatically follow the redirect
- Limited sidebar size to 20% of the screen width at most
- Fix the large blank space problem in all themes
- Squashed the text
\A
appearing before tags at the bottom of pages for some users (ref) - Fixed an issue causing uploaded avatars not to render
- Fixed an obscure bug in the search engine when excluding terms that appear both in a page's title and body
- Squashed a warning at the top of search results (more insight is needed though to squash the inconsistencies in the search index that creep in though)
- Removed annoying scrollbars when editing long pages
- Fixed an obscure warning when previewing PDFs (#202)
- Ensure that the parent page exists when moving a page to be a child of a non-existent parent (#201)
- Fixed templating (#203)
- Fixed warning from statistics engine during firstrun wizard