New in JSPWiki 2.11.3 - Released on 02/08/2022#

  • Engine Lifecycle Extensions
  • JSPWIKI-802 - Markdown support improvements
  • JSPWIKI-1075 - New CsrfProtectionFilter to protect POST requests from CSRF attacks
    • org.apache.wiki.api.core.Session gains new String antiCsrfToken() method
    • Custom templates must ensure that all <form> elements and the commonheader.jsp file contain a <wiki:CsrfProtection/> custom tag (like this and this)
  • JSPWIKI-1171 - Ensure Lucene indexes all pages and attachments, even when they don't fit in the cache
  • Fixed logout modal dialog not showing up
  • Add default application name on <title> elements to templates' templates, and Main as default frontpage is none is defined on default template
  • Upgraded bundled dependencies
    • Awaitility to 4.2.0
    • JUnit to 5.9.0
    • HSQLDB to 2.7.0
    • Log4J to 2.18.0
    • Lucene to 8.11.2
    • Mockito to 4.6.1
    • Selenide to 6.6.6
    • Tika to 2.4.1
    • Tomcat to 9.0.65
    • XStream to 1.4.19
  • Security Fixes
  • Devs only
    • JSPWiki memory footprint can be established by running mvn test -Dtest=MemoryProfiling on the jspwiki-main module
    • TestEngine#shutdown now cleans cache, wiki pages dir and their associated attachments, if any. This allows cleaning up a handful of tests
    • TestEngine#emptyWikiDir deletes both page and attachment directories
    • TestEngine is able to not clean up directories / ensure they have unique names if jspwiki.test.disable-clean-props wiki property is set to true

New in JSPWiki 2.11.2 - Released on 24/02/2022#

New in JSPWiki 2.11.1 - Released on 18/12/2021#

  • Fix for Log4J-CVE-2021-44228
  • Cache management moved to a new maven module, jspwiki-cache
    • Cache backend can now be overriden by providing a custom CachingManager via classmappings-extra.xml
    • Default cache manager remains ehcache-based, with default configuration file on classpath located at ehcache-jspwiki.xml
    • Tests wanting to invalidate cache(s) should call either Engine#shutdown() or Engine#getManager( CachingManager.class ).shutdown()
    • The jspwiki.cache.config-file setting on the jspwiki[-custom].properties file allows to use a custom ehcache configuration file, located elsewhere on classpath
    • Fixed JSPWIKI-873 - AttachmentManager#getAllAttachments() does not return more than exactly 1000 attachments
  • A few properties from jspwiki[-custom]-properties are being deprecated , they will continue to work, but they'll be removed on a future version
    • jspwiki.usePageCache -> jspwiki.cache.enable should be used instead
    • jspwiki.attachmentProvider -> jspwiki.attachment.provider should be used instead
    • jspwiki.attachmentProvider.adapter.impl -> jspwiki.attachment.provider.adapter.impl should be used instead
  • Upgraded bundled dependencies
    • Awaitility to 4.1.1
    • Log4J to 2.16.0
    • JUnit to 5.8.2
    • Mockito to 4.1.0
    • Selenide to 6.1.1
    • Tomcat to 9.0.56
  • Security Fixes

New in JSPWiki 2.11.0 - Released on 22/11/2021#

  • Added AWS Kendra as a Search Provider, contributed by Julien Masnada, thanks!
  • breaking change: New logging facade, Log4J2 (2.14.1), supersedes existing Log4J one
    • Although all Log4J (and SLF4J) calls are transparently routed to Log4J2, the log configuration inside jspwiki.properties has changed, so installations with customized logging configuration will need to be set up again.
    • Existing 3rd party plugins, filters and providers will continue to work as expected, as Log4J calls will be routed to Log4J2, but the use of Log4J2 should be preferred onwards.
    • By default, JSPWiki will configure Log4J2 from the jspwiki[-custom].properties files, expecting log configuration to be there using Log4J2 properties syntax
    • jspwiki.use.external.logconfig=true can still be used on jspwiki[-custom].properties files to bypass JSPWiki log re-configuration and rely directly on Log4J2 configuration mechanisms
    • IMPORTANT: if you're using a JSPWiki customized .war, please ensure that neither Log4J nor any SLF4J implementation end up in your customized .war.
  • JSPWIKI-1143 - SpamFilter now accepts the jspwiki.filters.spamfilter.allowedgroups property as a comma separated list of groups that will bypass the filter.
  • JSPWiki now takes the following properties sources:
    1. Default JSPWiki properties
    2. System environment
    3. JSPWiki custom property files
    4. JSPWiki cascading properties
    5. System properties
    • With the later ones taking precedence over the previous ones. To avoid leaking system information, only System environment and properties beginning with jspwiki (case unsensitive) are taken into account.
    • Also, to ease docker integration, System env properties containing _ are turned into .. F.ex., ENV jspwiki_fileSystemProvider_pageDir would be loaded as jspwiki.fileSystemProvider.pageDir.
  • JSPWIKI-1147 - The button "Clear user preferences" doesn't clear user preferences
  • JSPWIKI-1140 - Autogenerate changenote on page comments
  • Devs only
  • Upgraded bundled dependencies
    • Awaitility to 4.1.0
    • Commons IO to 2.11.0
    • Commons Lang to 3.12.0
    • EhCache to 2.10.9.2
    • Gson to 2.8.9
    • HSQLDB to 2.6.1
    • Jetty-all to 9.4.44.v20210927
    • JUnit to 5.8.1
    • Lucene to 8.11.0
    • Mockito to 4.0.3
    • Selenide to 6.0.3
    • SLF4J to 1.7.32
    • Tika to 2.1.0
    • Tomcat to 9.0.55
  • Security Fixes

New in JSPWiki 2.11.0.M8 - Released on 13/12/2020#

  • Lucene Index not updated on edits/new page - JSPWIKI-1131
    • Fixes problems with Searches and Workflows' persistence on disk introduced on 2.11.0.M7
  • Show only part of Weblog entry on the overview page - JSPWIKI-1114
    • Preview parameter cutting now only at newlines, patch suggested by Ulf Dittmer - thanks!
  • Ensure IndexPlugin works with non-blank page references.
  • Completed french and german (JSPWIKI-1134) translations - thanks to Ainara González Pérez and Dietrich Schmidt!
  • Devs only
    • Added functional tests for page edits and page searches.
    • Simplified generation of portable build native binaries
  • Upgraded bundled dependencies
    • Awaitility to 4.0.3
    • Commons IO to 2.8.0
    • Commons Lang to 3.11
    • Commons Text to 1.9
    • Flexmark to 0.62.2
    • Hsqldb to 2.5.1
    • JUnit to 5.7.0
    • Lucene to 8.7.0
    • Mockito to 3.6.28
    • Selenide to 5.16.2
    • Tika to 1.25
    • Tomcat to 9.0.40

New in JSPWiki 2.11.0.M7 - Released on 28/05/2020#

New in JSPWiki 2.11.0.M6 - Released on 17/12/2019#

  • Devs only
    • Official Dockerfile image
    • A couple of methods moved out of WikiEngine
    • TestEngine static builder methods
  • Small bug fixed (JSPWIKI-1120), contributed by Haris Adzemovic, thanks!
  • New javadoc doclet (i.e., compare #1 against #2)
  • Upgraded bundled dependencies
    • Flexmark to 0.50.44
    • Lucene to 8.3.1
    • Selenide to 5.5.1
    • SLF4J to 1.7.29
    • Tika to 1.23
    • Tomcat to 8.5.49

New in JSPWiki 2.11.0.M5 - Released on 18/09/2019#

Apache JSPWiki 2.11.0.M5 is the fifth release towards 2.11.0.

This release features, among other things:

  • Keyword support for JSPWiki pages - JSPWIKI-427
    • Use [{SET keywords=a,b,c}] to add keywords to a page. They will be shown in the info drop-down menu, and will be added as META tags to your page.
  • Show only part of Weblog entry on the overview page - contributed by Ulf Dittmer - JSPWIKI-1114
  • Security fixes - CVE-2019-10087, CVE-2019-10089, CVE-2019-10090, CVE-2019-12404 and CVE-2019-12407
  • Friendlier wiki page Lucene indexing when using custom analyzers - JSPWIKI-893
  • Upgraded bundled dependencies - JSPWIKI-1115
    • commons-lang to 3.9
      • dev-only breaking change: if you were using commons-lang transitively on your extension, you must declare it explicitly or migrate it to commons-lang 3
    • commons-text to 1.8
    • flexmark to 0.50.40
    • hsqldb to 2.5.0
    • jaxen to 1.2.0
    • jdom2 to 2.0.6
    • junit to 5.5.2
    • lucene to 8.2.0
    • selenide to 5.3.1
    • slf4j to 1.7.28
    • tika to 1.22
    • tomcat to 8.5.45
  • Devs only

New in JSPWiki 2.11.0.M4 - Released on 18/05/2019#

Apache JSPWiki 2.11.0.M4 is the fourth release towards 2.11.0.

This release features, among other things:

  • New TikaSearchProvider, to index a lot more of attachments - contributed by Ulf Dittmer - JIRA:469
  • LuceneSearchProvider now indexes all attachment filenames, whether their content is parsed or not, and also scans .md and .xml files
  • Security fixes - JSPWIKI-1107, JSPWIKI-1108 and JSPWIKI-1109
  • Haddock improvements
    • UserPreferences page has been extended to allow the users to view and delete page-based cookies
    • Attachment lists are now sortable on the attachment size field
  • InsertPagePlugin now also supports cookie based inserts, useful for one time page includes (i.e GDPR, welcome to this site, etc.) - JSPWIKI-1104
  • Adding the jspwiki.attachment.forceDownload property - JSPWIKI-1106
  • Wiki Markup enhacements and fixes
    • Add support for mixed css-class & css-style markup - JSPWIKI-1100
    • Improve rendering of inline preformatted text - JSPWIKI-1101
    • Added interwiki link for location links (google maps) eg: [Atomium|Location:Atomium, City of Brussels, Belgium]
  • Upgraded bundled dependencies - JSPWIKI-1110
    • commons-io to 2.6
    • flexmark to 0.42.6
    • jaxen to 1.2.0
    • jdom2 to 2.0.6
    • junit to 5.4.2
    • tomcat to 8.5.40
  • Devs only
    • New aggregated apidocs are available online, in addition to those available through maven repositories.

New in JSPWiki 2.11.0.M3 - Released on 25/03/2019#

Apache JSPWiki 2.11.0.M3 is the third release towards 2.11.0.

This release features, among other things:

  • Haddock improvements
    • Haddock Light appereance is enabled by default, as opposed to 2.11.0.M2
    • Drag & Drop capabilities added to the standard JSPWiki editor
    • Added Description meta-tag to improve on-page SEO
    • Added the Content-Security-Policy meta-tag to reduce the risk of XSS attacks
  • Removed unused top level JSP - JSPWIKI-1093
  • DefaultURLConstructor#getForwardPage( HttpServletRequest req ) now always returns Wiki.jsp - JSPWIKI-1095
  • Upgraded bundled dependencies - JSPWIKI-1096
    • flexmark to 0.40.24
    • lucene to 8.0.0
    • selenide to 5.2.2
    • slf4j to 1.7.26
    • tomcat to 8.5.39

New in JSPWiki 2.11.0.M2 - Released on 08/03/2019#

Apache JSPWiki 2.11.0.M2 is the second release towards 2.11.0.

This release features, among other things:

  • Haddock Dark appereance, enabled by default
    • if you want to keep the Light appereance by default, set jspwiki.defaultprefs.template.appearance to false on your jspwiki[-custom].properties file
  • Fixes related to Haddock being the default template as of 2.11.0.M1
    • Fixes for Reader view (JSPWIKI-1090), Diff view (JSPWIKI-1091) and WYSIWYG editor, which were incorrectly rendered
    • Fallback to default template if the requested template folder is not found - JSPWIKI-1088
      • this allows to 2.10 installations having set to haddock the jspwiki.templateDir property to keep that value, as opposed to 2.11.0.M1 behaviour
  • Fixed buggy header width in Fixed Page Layout - JSPWIKI-1074
  • Upgraded bundled dependencies - JSPWIKI-1092
    • flexmark to 0.40.16
    • gson to 2.8.5
    • junit to 5.4.0
    • lucene to 7.7.0
    • nekohtml to 1.9.22
    • stripes to 1.7.0-async (needed to test JSPWIKI-1088)
    • tomcat to 8.5.38
  • Devs only
    • classes on org.apache.wiki.util package have been moved to their own maven module, org.apache.jspwiki:jspwiki-util

New in JSPWiki 2.11.0.M1 - Released on 29/01/2019#

Apache JSPWiki 2.11.0.M1 is the first release towards 2.11.0.

This release features, among other things:

What does that M# mean anyway?#

M# releases are as production-ready as any other JSPWiki release, so you should not be concerned about its stability.

Please look at the VersioningProposal page to know how this label is used on Apache JSPWiki releases.


NewIn