# Changelog This file holds the changelog for Pepperminty Wiki. This is the master list of things that have changed (second only to the commit history!) - though the information for any particular release can also be found in the description of it's page for every release made on GitHub too. ## v0.22-dev ### Added - [Module Api] Add new `search::invindex_term_getpageids`, and `search::invindex_term_getoffsets`, and `search::index_sort_freq` methods - Added new syntax features to PeppermintParsedown, inspired by ParsedownExtreme (which we couldn't get to work, and it wasn't working before as far as I can tell) - Checkboxes: `[ ]` and `[x]` after a bullet point or at the start of a line - Marked / highlighted text: `Some text ==marked text== more text` - Spoiler text: `Some text >!spoiler!< more text` or `Some text ||spoiler|| more text` - Superscript: `Some text^superscript^ more text` - Subscript: `Some text~subscript~ more text` - Added automatic table of contents! (#155) - Put `[__TOC__]` on a line by itself to insert an automatic table of contents - Note that the level of heading generated can be controlled (or even removed) by the new `parser_toc_heading_level` setting - Add `` support with the new `theme_colour` setting. More information: [MDN](https://developer.mozilla.org/en-US/docs/Web/HTML/Element/meta/name/theme-color), [caniuse](https://caniuse.com/#feat=meta-theme-color). Also used by some platforms to customise embed accents when generating a rich snippet (e.g. Discord). - Added reading time estimate to the top of wiki pages - control it with the new `readingtime_enabled` setting (#172) - The algorithm used to estimate reading times is the as the one used in Firefox's reader mode - Added similar page suggestions between the bottom of the page content and the comments - control it with the new `similarpages_enabled` and `similarpages_count` settings. ### Changed - Fiddled with Parsedown & ParsedownExtra versions - Removed ParsedownExtreme, as it wasn't doing anything useful anyway - Don't worry, we've absorbed all the useful features (see above) - NOTE TO SELF: Don't forget to update wikimatrix.org when we next make a stable release! ### Fixed - Squashed a warning when using the fenced code block syntax - If a redirect page sends you to create a page that doesn't exist, a link back to the redirect page itself is now displayed - Really fix bots getting into infinite loops on the login page this time by marking all login pages as `noindex, nofollow` with a robots `` tag - Navigating to a redirect page from a page list will no longer cause you to automatically follow the redirect ## v0.21 ### Fixed - Make `PEPPERMINT_THEME` environment variable work again when compiling on the command line - Fixed invalid HTML that was causing layout issues on the master settings page ## v0.21-beta1 ### Added - Watchlists! A new addition has been added to the more menu to add the current page to your personal watchlist - An email will be sent to all users watching a page when an edit is saved to it (uses the PHP `mail()` function internally, via the [`email_user()`](https://starbeamrainbowlabs.com/labs/peppermint/docs/ModuleApi/#method_email_user) internal Pepperminty Wiki utility function) - Email address verification - Enabled by default. In order to receive emails users now need to verify their email address - This is done via a verification email that's sent when you change your email address (even if your email address is the same when you change your preferences and you haven't yet verified it) - A new `email_verify_addresses` setting has been added to control the functionality - Added dark theme to the [downloader](https://starbeamrainbowlabs.com/labs/peppermint/download.php) (will be updated at the next stable release) - Added initial mobile theme support to the default theme - There's still a bunch of work to do in this department, but it's a bit of a challenge to do so without breaking desktop support - Added autocomplete for tags when editing pages, powered by [Awesomplete](https://leaverou.github.io/awesomplete/) - The new `editing_tags_autocomplete` setting - enabled by default - toggles it, but why would you want to turn it off? :P - It should be reasonably accessible, judging from all the aria tags I'm seeing - Get in touch if you experience performance issues with fetching tag lists from your wiki - A command-line interface! - Wiki administrators with terminal/console access can now make use of a brand-new CLI by executing `php ./index.php` (warning: strange things will happen if the current working directory is not the directory that contains index.php and peppermint.json) - Added new `anoncomments` setting to control whether anonymous users are allowed to make comments (disabled by default) - thanks to @SeanFromIT for suggesting it in #181 - Added markdown support for media captions (#184) - Finally: *Experimental* didyoumean support. Ever made a typo in a search query? The new didyoumean engine can correct query terms that are up to 2 characters out! - It's disabled by default (check out the new `search_didyoumean_enabled` setting), as it enabling it comes with a significant performance impact when typos are corrected (~0.8s-ish / typo is currently observed) - Uses the words in the search index as a base for corrections (so if you have a typo on a page, then it will correct it to the typo) - The index does _not_ currently update when you edit a page - this feature is still _very_ experimental (please report any issues) - A typo is a search query term that is both not a stop word and not found in the search index ### Fixed - Fixed weighted word support on search query analysis debug page - Added missing apostrophes to stop words in search system. Regenerating your search index will now yield a slightly smaller index - Fixed link loop when logging in for crawlers - [security] Bugfix: Don't leak the PHP version in emails when expose_php is turned off - Fixed handling of Unicode characters when emailing users - added new `email_subject_utf8` and `email_body_utf8` settings to control the new behaviour - Add new `email_debug_dontsend` setting for debugging emails sent by Pepperminty Wiki - Fixed pressing alt + enter to open a search in a new tab - it should no longer fail and briefly prompt to allow pop-ups - Squashed a bug in the new upgraded get/set_array_simple search optimisation - Updated Parsedown to squash warning in PHP 7.4+ - Trailing commas in the tags box will no longer result in empty tags being added to pages. - Minor UI fixes - Multiple tags in search results and on page lists now have a margin between them - Newline characters (`\r` and `\n`) are now replaced with spaces in internal links (#186, thanks @SeanFromIT!) - Inbuilt help documentation corrections (#185, thanks @SeanFromIT!) - Fixed a warning message when a file fails to upload (thanks for the test file, @SeanFromIT) - Really fix the dot problem from v0.20.3-hotfix3 that @SeanFromIT reported ### Changed - Improved the search indexing system performance - again - Another search index rebuild is required - Optimisation: Don't generate the list of pages for the datalist if it isn't going to be displayed (especially noticeable on wikis with lots of pages) - Optimisation: Don't load the statistics index if it's not needed (also esp. noticeable on wikis with lots of pages) - Optimisation: Refactor `stas_split()` to be faster (informal testing shows ~18% faster → 4% total time) - [Module Api] Optimisation: Remove `search::transliterate` because it has a huge overhead. Use `search::$literator->transliterate()` instead. - [Module Api] Add new `absolute` and `html` optional boolean arguments to `render_timestamp()` - [Module Api] `search::extract_context()` and `search::highlight_context()` now take in a _parsed_ query (with `search::stas_parse()`), not a raw string ### Known bugs - Wow, a new section! Haven't seen one of these before. Hopefully we don't see it too often..... - The didyoumean search query typo correction engine does not currently update it's index when you save an edit to a page (the typo correction engine is still under development). ## v0.20.3-hotfix3 - Squash password-based warning (#182, thanks, @SeanFromIT!) - Fix double-dot issue in uploaded files (#182, thanks, @SeanFromIT!) ## v0.20.2-hotfix2 - Update Parsedown to squash warnings in PHP 7.4 - Update the docs about how to get a copy ## v0.20.1-hotfix1 - Fixed logic error in peppermint.json access checker (thanks, @nivex! #179) ## v0.20 _Just 1 change since the previous beta release._ - Add optional "say hi" button to first-run setup wizard - You don't _have_ to click it, but it would be cool if you did :-) ## v0.20-beta1 ### Added - Added automatic dark mode to default theme using [`prefers-color-scheme`](https://starbeamrainbowlabs.com/blog/article.php?article=posts%2F353-prefers-color-scheme.html) - [Module API] Added new `minify_css` module API function by refactoring the page renderer - [Module API] Change `page_renderer::is_css_url()` to require an argument - Added theme gallery, which can be accessed through a link in the master settings (if the new `feature-theme-gallery` module is present) - Theme gallery URLs can be added to the `css_theme_autoupdate_url` setting - A graphical interface can be used to switch between available themes from the galleries - No external HTTP requests will be made without consent - Themes from galleries auto-update every week by default (adjustable/disable-able with the `css_theme_autoupdate_interval` setting) - Added mega-menu support to the `nav_links_extra` setting - the default value for the `nav_links_extra` setting has now changed (delete/rename it in your `peppermint.json` file to get the new version) - An object can now be used to define groups of items in the more menu - Hopefully it now looks less cluttered :P - Headings now have an automatic id if you don't specify one (part of #141) - Server-side diagramming support! See the [`parser_ext_renderers`](https://starbeamrainbowlabs.com/labs/peppermint/peppermint-config-info.php#config_parser_ext_renderers_enabled) setting for more information on how to configure it - It hooks into external programs such as [nomnoml](http://nomnoml.com), [plantuml](http://plantuml.com/), and `abcm2ps` ([ABC musical notation](https://abcnotation.com/) rendering) - It's generic enough to allow you to hook into any program that takes an input of some source text, and output some form of image ### Fixed - Fixed a bug in the search query performance metrics - Fill out the statistics help text - Added table of contents to help page - Squashed the large blank space that appears at the bottom of the page editor page when editing long pages - Accessibility improvements - thanks, Firefox developer tools :D (if you're a screen reader / accessibility tool user and have feedback or any better ideas, please [get in touch](https://github.com/sbrl/Pepperminty-Wiki/issues/new)) - Marked the user avatar on the top navigation bar as hidden for screen readers - Added aria label to user preferences button - Hide site logo from screen readers - Lists of pages that have a specific tag will now be sorted alphabetically (Unicode characters should be handled correctly too) - Support Unicode characters when sorting. If it's a list of something, then it's now sorted correctly (e.g. includes pages, tags, etc). - Squashed a bunch of warnings about a non-static method in the page renderer - Fixed a warning message in the `peppermint.json` access checker - Fixed footnote rendering (thanks again, @SeanFromIT!) ### Changed - Made `build.sh` build script more robust, especially when generating the documentation. - Vastly improved search engine performance - A new SQLite-based index format is now used, so search indexes will need to be rebuilt (migrating would probably take longer than a rebuild :-/) - New search query syntax - When making remote requests, Pepperminty Wiki will now correctly set the user agent string - The server's `expose_php` setting is respected - if it's disabled, then the PHP version will not be exposed. - Pepperminty Wiki _shouldn't_ make remote requests without you asking it to - see above and the theme gallery - Improved peppermint.json.compromised error message - if it's still unclear, please let me know - Fiddled with the extra data extractor, as it seems that some people were experiencing strange issues with `stream_get_meta_data()` - [Module API] Refactored the `errorimage()` function into core, added automatic image size calculation, and multi-line support ## v0.19.4-hotfix4 - Fixed page revision id incrementing if you don't have a page called `history` on your wiki (thanks @SeanFromIT!) ## v0.19.3-hotfix3 - Improve error messages in the extra data unpacker - Change the extra data unpacker to us `tempnam()` instead of `tmpfile()`, since some people appeared to be having issues with the other approach - Squash a deprecation warning caused by a typo (thanks, @SeanFromIT!) ## v0.19.2-hotfix2 - Patched another crazy bug in the extra data system in the downloader ## v0.19.1-hotfix1 - Patched [the downloader](https://starbeamrainbowlabs.com/labs/peppermint/download.php) which was throwing warnings when packing downloads ## v0.19 _(No changes have been made since the last beta release.)_ ## v0.19-beta2 ### Changed - Updated the theme of the new documentation - Revised the writing modules section of the documentation ## v0.19-beta1 > The update that changed the world! Turn everything upside-down. ### Fixed - Fixed double-escaping of rendered HTML when nesting templates - Squashed a warning if the search index doesn't exist yet - Fixed a crash in the stats updater if no pages in the system have tags yet - Consolidated `email` and `emailAddress` fields into the latter in the user table (#167) - Fixed a crash when trying to access the user table when not logged in as an administrator. - Fixed help text for the file upload module - Squashed a warning when uploading a file ### Added - [Module API] Added new extra data system. See `parser-parsedown` and `page-edit` for an example. - Extra data is packed into a zip archive, which is packed into `index.php` via [`__halt_compiler();`](https://devdocs.io/php/function.halt-compiler) - See the `parser-parsedown` and `page-edit` modules for examples on how to use it. - [Module API] Added new `delete_recursive()` function. - Added a new obvious link to the user table at the top of the master settings page. - Added a new first-run wizard to help new users set up the basics of their wiki. - It also checks to ensure that access to `peppermint.json` is blocked correctly (coming soon as a one-time check to pre-existing wikis) - Pre-existing wikis will not see this first-run wizard - a new `firstrun_complete` setting has been added that's automatically set to true if Pepperminty Wiki does a settings upgrade - Default to allowing lossless flac and ogg audio files to be uploaded - Added new `minify_pageindex` setting, which defaults to `true` and causes the page index to be minified when saved. Improves performance slightly (especially on larger wikis as the page index grows), but makes debugging and ninja-edits more awkward. - [Module API] Added new `save_pageindex()` function which respects the above setting. - Added PDF preview using your browser's default PDF viewer! - Added download button for unsupported file types ### Changed - Core sharding: split `core.php` into multiple files - Big update to the backend Markdown parser _Parsedown_ - Use Parsedown's new untrusted feature for comments - Added new `all_untrusted` setting to allow treating *everything* as untrusted (default: false) - turn it on if your wiki allows anonymous edits - Switch to [nightdocs](https://gitlab.com/sbrl/nightdocs) instead of [docpress](https://docpress.github.io/) (the [official docs](https://starbeamrainbowlabs.com/labs/peppermint/_docpress/) will update & change URL on the next stable release) - Add moar [badges](https://shields.io/) to the README & docs :D ### Removed Not often I have a removed section! - [Module API] Remove remote file system in favour of the new extra data system. No more first-run downloads! They are all done at compile-time now. ## v0.18 _(No changes have been made since the last beta release.)_ ## v0.18-beta1 ### Added - Added inter-wiki link support via the new `feature-interwiki-links` module - Added `interwiki_index_location` setting to control the location of the interwiki index (which is a CSV file that is documented in the main _Pepperminty Wiki_ documentation), which has to be specified in order for it to activate - Provides new module api functions: `interwiki_pagename_parse`, `interwiki_pagename_resolve`, `interwiki_get_pagename_url`, and `is_interwiki_link` - Added new formats to the `recent-changes` action (append `&format=XXX` to the url) - Added CSV support (`csv`) - Added Atom 1.0 feed support (`atom`) - All alternative formats for this action are advertised in via a `` in the `
` now - Added `count` and `offset` GET parameters to `recent-changes` action. - Added new `find_revisionid_timestamp()` function to `feature-recent-changes` module. - Added new parser output caching system! - Saves to `._cache` in the data directory (alongside the pages themselves) - 2 new settings have been added: `parser_cache` and `parser_cache_min_size` - Uses a hash of the content, the _Pepperminty Wiki_ version, and the parser name as the cache id - so it should never serve stale content (unless you're actively working on particular areas of _Pepperminty Wiki_'s codebase of course) - Useful for longer pages - `parser_cache_min_size` may need tuning for your specific installation (lower it if you regularly use features that are slow to parse; raise if it's the opposite) - Internal links now show the page name on hover (inter-wiki links are also supported here) ### Changed - Completely reworked the README to refactor out the documentation to its [own static site](https://starbeamrainbowlabs.com/labs/peppermint/_docpress/) - Updated the `{{{@}}}` templating variable to output a message if no parameters were specified instead of not parsing it at all - [Module API] Refactored the main `page_renderer` class - All static methods now have a consistent naming scheme - Added `page_renderer::add_header_html()` ### Fixed - Squashed a warning in the history revision system when creating new pages (thanks @tspivey for spotting this!) - Standardise line endings to `\n` (linux) - Enhanced setup instructions in README. - Long lines in code blocks now wrap correctly. - The `export` action now correctly includes uploaded files alongside their descriptions ## v0.17.1 ### Fixed - Corrected default passwords. If you were having issues, try updating to this release, deleting `peppermint.json` and trying again (thanks for spotting this, @tspivey!) ## v0.17 ### Fixed - Removed stray debugging output - Tweaked css to make new search context generation look better ## v0.17-beta2 ### Fixed - Fixed the cost-climbing bug in the last beta release ## v0.17-beta1 ### Added - [Module API] Added `save_settings()` convenience method - [Rest API] Add `user-add` and `set-password` moderator actions - Added `random_page_exclude_redirects` setting that prevents the `random` action from returning redirect pages. - Added link to user table on the credits page - Added history reversion via the `history-revert` action - Added `history_max_revisions` setting to allow control of the maximum number of revisions stored for a page - Takes effect every time a page revision is added - Added page restore system - A previous page revision can be restored with a single click from the page history page - Added a new `history_revert_require_moderator` setting to control whether moderator privileges are required to use the functionality (regardless of setting a user must be logged in) - [HTTP/2.0 Server Push](https://www.smashingmagazine.com/2017/04/guide-http2-server-push/) support! - You'll need to make sure your web server has support turned on - The CSS file specified in the `css` setting (url path must begin with a forward-slash) and the favicon (must not be a `data:` url) are automatically pushed when rendering pages - 2 new settings have been added: `http2_server_push` for turning it on and off (defaults to on), and `http2_server_push_items` for specifying custom resources to push (in case you design your own theme and want to push down the associated resources) - More information about `http2_server_push_items` in particular is available on the [configuration info page](https://starbeamrainbowlabs.com/labs/peppermint/peppermint-config-info.php) (when this release is out, of course. Until then, check out the description in `peppermint.guiconfig.json`) - Added `` tag to all pages ### Fixed - Updated the search system to transliterate characters to better support searching pages that are written in other languages. - You'll want to rebuild your search index via the button in the configuration panel, or the `invindex-rebuild` action. - [Security] Made the site secret generator cryptographically secure. If you created your wiki before this change, you might want to change your site secret in `peppermint.json` to something more secure with a site like [random.org](https://www.random.org/). - The PHP function `openssl_pseudo_random_bytes()` was being used before, but [apparently that's not cryptographically secure](https://paragonie.com/blog/2015/07/how-safely-generate-random-strings-and-integers-in-php). - [Module API] Fix `full_url()` logic - [Module API] Make `email_user()` correctly return email sending failures - Squashed a warning in the search redirector - The search redirector will now check both the specified page name and the page name in Title Case - Improve help text description of image captions displayed alongside images - Fixed the page history page - it should now display all page revisions in valid HTML - Fixed another bug in the search context generator - Display an ellipsis at the beginning of a search context if it doesn't start at the beginning of a page - Semicolons are no longer automatically included in greedy internal links. - Pressing enter in the tag box now correctly previews instead of performing a smart restore ### Changed - Password hashing has been overhauled! A totally new-and-different system is being used now, so you'll need to rehash all your passwords. - The `hash` action supports the new password hashing scheme. - Added `password_cost`, `password_cost_time`, and `password_cost_time_interval` settings - `password_cost` is recalculated automatically every week by default (it keeps track of this via the `password_cost_time_lastcheck` 'setting') - The `css` setting will now keep a value of auto, even when `peppermint.json` is automatically updated by _Pepperminty Wiki_. - Optimised the search system a lot (#157 - ~2800ms searches now take ~450ms O.o) - Tuned the default value for `search_characters_context` down to 75 (this won't be the case for existing wikis, so you'll need to adjust it manually) - Added new `search_characters_context_total` setting to control the maximum characters in a search context - The `index` action's output should now be formatted nicely. - Restyled "matching tags" in the search results in the default stylesheet - Added moar icons to the nav / more menus. Delete the appropriate entries in `peppermint.json` to get the updated ones! ## v0.16 _(No changes since v0.16-beta1)_ ## v0.16-beta1 ### Added - Add json support to the search action :D - Added page moves to the recent changes page (#151) - Hyperlinked image preview on file pages to the original image (#153) - Added the commit hash Pepperminty Wiki was built against to the master settings configuration page, and the debug action - Added user count statistic - Added redirect page count statistic - Add orphan pages statistic - Add most linked-to pages statistic - [Rest API] Added support for the `mode` parameter to the `random` action - [Rest API] Added `format` parameter to `recentchanges` action - [Rest API] Added `comments-fetch` action to return a page's comments as JSON - [Rest API] Added `acquire-edit-key` action to allow scripts and other automated services (e.g. bots and [mobile apps](https://github.com/sbrl/Pepperminty-Wiki-Client-Android)) to fetch an edit key for a specified page name. - [Rest API] Added extra headers to `save` action on failure to aid identification by automated services ### Fixed - Fixed various issues with both the module api & the rest api docs. - Properly escaped content of short code box on file pages - Display a more meaningful message to a logged in user if editing is disabled - Fixed fetching the size of SVGs in some cases - Fixed image captions in some cases (let me know if you still get warnings) - Squashed warnings when you do a search with a forward slash (`/`) in your query - Fixed that age-old warning in the search results if you have pages with special characters! I learnt a _lot_ about utf8 whilst fixing this one.... (#114) - You'll need to rebuild your search index for this fix to fully take effect (call the `invindex-rebuild` action as a mod or better) - Normalise utf8 text to avoid duplicate ids and missing search results. - Improved handling of mime types in some places in the API. - [Rest API] Added `minified` option to `status` action to reduce data usage slightly - Fixed floating images that have captions - [Rest API] Fix `checklogin` action documentation - Fix link on credits page - Made rebuild search index progress bar fill completely up when done & neatened up UI placement ### Changed - Disallow uploads if editing is disabled. Previously files could still be uploaded even if editing was disabled - unless `upload_enabled` was set to `false`. - Added `x-login-required: yes` header to responses that redirect to the login page for easy detection by machines - Added `x-login-success: (yes|no)` header to login responses for easier machine parsing - Enhance the longest pages statistic rendering ### Removed - [Module API] Removed `accept_contains_mime`, as it's both unstable and currently unnecessary. Contributions for a better version are welcome! ## v0.15.1 ### Added - Added an input box with auto-generated short markdown embed code with copy button to file pages ### Changed - Added 1920 as a preset image size on file pages ### Fixed - Fix saving edits to pages with an ampersand in their name (#99) - [Security] Fixed an authenticated denial-of-service attack when uploading a malicious SVG (ref XXE billion laughs attack, #152) ## v0.15 _(No changes since v0.15-beta2)_ ## v0.15-beta2 ### Added - Added "restore locally saved content" button to page editor - [module api] Documented the remainder of the members of the `search` class ### Fixed - Moving a page will now move all the comments associated with it - The page names on the page move success page are now encoded correctly to avoid html and url issues - Clicking _Login to post a comment_ will now take you back to the comments section of the page you were on upon completing the login process instead of the top of the page ## v0.15-beta1 ### Added - Statistics! (#97) - Added a new statistics engine, which you can add your own statistic calculators to with `statistic_add` - Added action `stats` to view the calculated statistics - Statistics are automagically recalculated every day - this can be controlled with the `stats_update_interval` and `stats_update_processingtime` settings - Added new "« Parent Page" to subpages so that you can easily visit their parent pages - Users can now delete their own comments, and users logged in as a moderator or better can delete anyone's comments. - Added new `comment-delete` action - Comments are deleted entirely if they have no replies - otherwise the username & message are wiped - The `history` action now supports `format=json` and `format=CSV` - Added tags next to the names of pages in the search results - Added new `random_page_exclude` setting that allows you to exclude pages from the random action with a (PHP) regular expression - [module api] Added new `get_page_parent($pagename)` method. - [module api] Added new remote file system to download additional required files. Use it with `register_remote_file` ### Fixed - Fixed invalid opensearch description. - When deleting a page, if `feature-comments` is installed, all the comments attached to the page are deleted too - Fixed paths when generating previews in certain environments - Fixed handling of pages and tags with single quotes in the name - Fixed weirdness on some pages rendered by the Pepperminty Wiki core - Fixed a few minor usability issues on the upload file page. - Removed some extra space at the bottom of some pages. - The `raw` action now sends a 404 if the request page doesn't exist on the wiki. ### Changed - Make `invindex-rebuild` admin-only, but allow access if the POST param `secret` is set to your secret in `peppermint.json` - Improved the wording of the deletion confirmation and error pages - Search now searches matching tags as well as pages - Updated the search ranking algorithm to put more weight against longer words than shorter ones. ## v0.14 ### Changed - Improve the look of the downloader a bit. More work is needed here, apparently - I haven't touched it in _ages_! ## v0.14-beta1 ### Added - Commenting! You'll need to update any custom themes you've created if you're including the commenting module in your build. - Added stacked bar to help you visualise what's taking up all the space in your wiki - Added link to edit master settings in the credits - Initial open search support! - After visiting your wiki once, you'll be able to press `