1 MoinMoin Version History
2 ========================
4 Please note: Starting from the MoinMoin version you used previously, you
5 should read all more recent entries (or at least everything marked with HINT).
8 already better than the previous stable release. Our release policy is not
9 trying to make a "perfect release" (as that release might NEVER get released),
10 but to make progress and don't delay releases too much.
14 * The GUI WYSIWYG editor has still some issues and limitations.
15 If you can't live with those, you can simply switch it off by using:
17 editor_default = 'text' # internal default, just for completeness
22 * Fixed XSS issue in rst parser (CVE-2011-1058).
23 * PackagePages: avoid strange exception in zipfile.py for pre-1980
25 * revert action: Catch and display all SaveErrors when revert failed
26 * ldap_login: assign server early, it is used in exception handler
29 * None - we did not update system/help pages since the previous release,
30 so you do not need to update your underlay directory
33 Please note: this is the final 1.8.x version, there will be no more 1.8.x
34 security / bug fixes coming from moin developers from now on. You are advised
35 to upgrade to the latest moin 1.9.x release as soon as possible.
36 If you need help with that, please see there: http://moinmo.in/Support
42 * Fixed XSS in Despam action (CVE-2010-0828).
43 * wikiutil.clean_input: avoid crash if it gets str type
44 * Add RenderAsDocbook to actions_excluded if we have no python-xml
45 * AttachFile._build_filelist: verifies readonly flag for unzip file link
46 * attachUrl: fix wrongly generated tickets (e.g. for AttachList macro)
47 * MoinMoin.util.filesys.dc* (dircache can't work reliably):
48 * disable usage of dircache, deprecate dc* functions
49 * remove all calls to filesys.dc* (dclistdir, dcdisable)
50 * Fixed crash, see MoinMoinPatch/IncludeMacroWithDocBookFormatter
51 * Avoid hardly recoverable crashes if #format specification is invalid
52 * Fixed info action: AttachFile sub-actions that needed a ticket did not
56 * auth.ldap_login: add report_invalid_credentials param to control wrong
57 credentials error message (typically used when using multiple ldap
63 * Fixed major security issues in miscellaneous parts of moin.
64 HINT: if you have removed superuser configuration to workaround the issue
65 (following our security advisory), you may re-add it after installing this
66 moin release. If you don't need superuser capabilities often, it might be
67 wise to not have superusers configured all the time, though.
68 * Improved package security: cfg.packagepages_actions_excluded excludes
69 unsafe or otherwise questionable package actions by default now.
70 * wiki parser: fixed transclusion of (e.g. video) attachments from other
72 * Fixed edit locking for non-logged in editors and cfg.log_remote_addr=False.
74 * Process attachname in get/putAttachment similarly.
75 * revertPage: convert pagename to internal representation.
76 * Fixed config.umask usage for page packages.
77 * Fixed usage of i18n.wikiLanguages() on class level (moved to method),
78 failed when tools import the module (e.g. pydoc -k foo).
79 * SubProcess: fixed win32-specific parts, fixed imports (fixes calling of
80 external xapian index filters)
85 * Xapian indexing / indexing filters:
86 * fix deadlocks with well- and misbehaving external filters
87 * work around indexing run crashing when encountering encoding problems
88 with non-ascii filenames
89 * OpenOffice/OpenDocument filters: catch UnicodeDecodeErrors (happens
90 with password protected files)
91 * i18n: check if languages is not initialized yet, don't crash
92 * http_redirect: use 301 redirect for some cases
93 * do not use httponly session cookies, makes trouble with twikidraw and ACLs
94 * GetText2 macro: fix for named placeholder
95 * Fix SHA -> SSHA password hash upgrade for old user profiles.
96 * abort RenamePage if renaming of main page fails (do not try to rename
100 * search: improve search result ordering
101 * add MS Powerpoint indexing filter (needs catppt from catdoc package)
102 * migration scripts: make finding damaged edit-log entries easier
103 * SubscribeUser action: support username regexes and unsubscribing.
104 Usage (enter this into the input form field you get after invoking
105 SubscribeUser action from the "More Actions" menu:
106 [+|-][re:]username[,username,...]
108 +username: subscribes user <username> (+ is optional/default)
109 -username: unsubscribes user <username>
110 +re:username_re: subscribes users who match <username_re> regex.
111 -re:username_re: unsubscribes users who match <username_re> regex.
116 * Attachment links: fix processing of attributes (e.g. 'target', 'title')
117 * Upgrade FCKeditor from 2.6.4 to 2.6.4.1.
118 * PDF embedding: fix html, works better with PDF browser plugins now.
119 * Fix typo in rightsidebar CSS.
120 * Action revert: avoids reverting to a deleted current revision.
121 * Action diff: enable prev/next button only in the range of given revisions.
122 * Add a Auto-Submitted: auto-generated header to generated mails.
123 * Include comment in email notifies.
124 * mailimport: fix endless looping while trying to import a forwarded mail.
125 * fuid: keep same fake_mtime for intervals of max_staleness duration.
126 * Fixes a bug with empty list items in the GUI editor.
127 * Improve filesys.rename compatibility code (win32).
128 * Fix locking for CacheEntry.
129 * Xapian indexing: catch exception when a bad zip file is encountered.
130 * openidrp / botbouncer: fix param count for CancelLogin().
133 * Added CAS authentication.
134 * Added httponly cookie support and use it for session cookie.
137 * HTTP auth: added debug logging.
138 * Minor LDAP auth improvements.
139 * Data browser widget:
140 * Add (h)column<idx> css class to make it styleable.
141 * Include only necessary autofilter options.
142 * moin maint cleancache purges now drafts, too.
143 * Add gopher and apt protocols to url_schemas.
144 * Add .csv, .flv, .swf to MIMETYPES_MORE.
149 * ACL security: fix bug in hierarchical ACL processing, more restrictive
150 sub page ACLs did not work if the current user name did not give a match
151 within the sub page ACL (instead, the less restrictive parent page ACL
153 Non-hierarchical ACL processing (the default) is NOT affected.
154 * Creole parser: fix spaces in multiline elements.
155 * Use msie.css only for Internet Explorer older than version 8, fixes
156 e.g. the double rendering of link icons.
157 * http auth: do auth_type comparisons case-insensitively (spec-compliant)
160 * EmbedObject macro: changed default width value for PDF files to 100%
161 (use a recent Adobe Reader to make this work).
162 * CopyPage action: added a TextCha for it
165 * Creole parser: Add second license: BSD
169 * AttachFile XSS fixes: move escaping to error_msg / upload_form
170 * AttachFile move: add more escaping (maybe not XSS exploitable though)
171 * email attachments import with xapian indexing enabled: fix AttributeError
172 * fix wrong links in attachment notifications
173 * AttachFile do=view: quote filename and pagename params for EmbedObject
175 * AttachFile: fix exception when someone just clicks on upload, without
177 * ldap_login: use None as default value for ssl certs/keys (using '' for
178 the pathes lets it fail with Connect Error)
179 * release edit lock if someone saves an unchanged page
180 * fix sendmail.encodeAddress (do not [QP] encode blanks, do not un-
181 necessarily use [QP] encoding for pure ascii mail addresses)
182 * Fixed docs bug: see HINT about secrets configuration at version 1.8.0
183 (1.8.0 Other changes).
184 * backup action: add 'self' dummy argument for backup_exclude function
185 * login action: fix formatting of error messages
186 * unsubscribe action: add msg types so icons get displayed
187 * fix quoting for pagehits stats (info action) - was not working for pagenames with blanks
191 * added modernized_cms theme
192 * use url_prefix_fckeditor if you don't want to use the builtin FCKeditor
193 of moin, but a separate one at some specific url
194 * action.Load: added textcha feature
195 * add mumble protocol (nice and good quality F/OSS VOIP conference chat sw)
196 * ldap auth: new name_callback param to create a custom wiki username (not
197 the ldap login username).
200 * add compatibility code for set to xapwrap.index (fix py 2.6 warnings)
201 * wikiutil: MIMETYPES_MORE extended for .md5 as text/plain
206 * Fix AttachFile and antispam XSS issues.
207 * Modernized, modern and rightsidebar themes: make nonexistent or
208 badinterwiki links gray also when they are already visited.
209 * Fix anchor parsing for interwiki links and #redirect processing
211 * user.apply_recovery_token: key must be of type string (for Python 2.6).
213 * Fix autofilter javascript breakage caused by including a databrowser
215 * Use per-wiki i18n cache (fixes wrong links to other farm wikis).
216 * Made cfg.interwikiname and cfg.user_homewiki unicode objects (str only
217 worked for ascii names).
218 * Xapian search: fixed historysearch.
219 * Xapian search indexing:
220 * Fix index updating for trivial changes.
221 * With history search enabled and in update mode, do not try to re-index
222 old page revisions again.
223 * With history search enabled, index page attachments only once.
224 * Fix last modified time of xapian index (shown on SystemInfo page).
225 * Make logging handlers defined in logging.handlers work (e.g.
226 class=handlers.RotatingFileHandler)
227 * Jabber notifications:
228 * Use an RFC compliant message type.
229 * Fix user creation notifications.
230 * OpenID: Compatibility fix for python-openid 2.x.x (also works with
231 1.x.x), fixes crash when trying to associate moin user to OpenID.
232 * Have a wikiserverconfig.py in wiki/server/ so setup.py copies it.
233 * Fixed inconsistent handling of fragments / anchor IDs:
234 * Fixed creole and wiki parser, other parsers might need similar fixes.
235 * IDs with blanks, non-ASCII chars etc. are now sanitized in the same way
236 for links as well as for link targets, so the user editing a page won't
237 have to bother with it.
238 E.g. [[#123 foo bar]] will link to:
239 * <<Anchor(123 foo bar)>> (moin) or {{#123 foo bar}} (creole)
240 * headline = 123 foo bar = (moin / creole)
241 Simple rule: if the link and the target are consistent, it should work.
242 * The creole wiki parser created non-human-readable sha1 heading IDs
243 before 1.8.2, now it creates same (sometimes readable) heading IDs as
244 the moin wiki parser.
245 * TitleIndex/WordIndex now also use IDs sanitized in that way internally.
246 HINT: if you manually worked around the inconsistencies/bugs before, you
247 likely have to remove those workarounds now. Same thing if you used
248 creole's sha1 heading IDs or IDs on TitleIndex/WordIndex.
251 * Updated FCKeditor to 2.6.4 (== many bug fixes in the GUI editor).
252 * Enhanced privacy by a new setting: cfg.log_remote_addr (default: True),
253 it controls whether moin logs the remote's IP/hostname to edit-log and
254 event-log. Use log_remote_addr = False to enhance privacy.
255 * Streamline attachment_drawing formatter behaviour.
256 * Search results: only redirect to a single search result for titlesearch
257 (fuzzy goto functionality), but not for fulltext search results.
262 * Workaround win32 locking problems (caused by spurious access denied
263 exceptions on that platform).
264 * Fix unicode errors that happened when password checker failed a password
265 * WikiConfig/WikiConfigHelp: fixed wrong language table headings
266 * Themes: make the margins around trail line work properly
267 * "modernized" theme:
268 * make broken links gray
269 * add new right/center/left/justify css classes
271 * Standalone server: be more specific when catching socket exceptions,
272 treat socket errors in http header emission in the same way.
274 * Fix heading levels when inserting new headings.
275 * Fix headers already sent exception when using e.g. edit LOCKing.
276 * Xapian indexing: fixed missing import for execfilter (only happened on
277 non-posix platforms like win32)
281 * Make the TOC shrinkwrap, add white background to navigation macro.
282 The table of contents looked bad spanning the whole width of the page.
283 It's made to shrinkwrap now, so it will only get as wide, as the longest
284 heading. We use display:inline-table, so this won't work in MS IE6,
285 which still displays it the old way.
286 Navigation macro now has a white background, to make it more readable
287 when it's floating over a pre block or TOC.
288 * Make the numbers in lists in table of contents right-aligned.
289 * Refactored and extended theme.html_stylesheets() to make alternate
290 stylesheets possible. Stylesheet definitions now can either be:
291 2-tuples: (media, href) # backwards compatibility
293 3-tuples: (media, href, title) # new, for defining alternate stylesheets
294 This works within themes as well as in the wiki config.
295 See also: http://www.w3.org/Style/Examples/007/alternatives.html
299 Note: This is a reduced CHANGES, ommitting details from rc/beta test and
300 also less interesting minor changes and fixes. It shows changes
301 relative to 1.7.2 release.
302 If you want to see full detail, read it there:
303 http://hg.moinmo.in/moin/1.8/file/6130eab15936/docs/CHANGES
305 New Features: ==============================================================
306 * HINT: New "modernized" theme - if you use "modern" [default], try:
307 theme_default = 'modernized'
308 If you find problems with "modernized", please report them because we
309 want to use it as default theme in future.
311 * upgraded to use FCKEditor version 2.6.3
312 * user can insert and modify various types of MoinMoin links
313 * New plugin_dirs setting to allow multiple plugin pathes (additional to
314 the automatically configured plugin_dir [default: data_dir/plugin]).
315 * @EMAIL@ expands to a MailTo macro call with the obfuscated email address
317 * New macros "WikiConfig" and "WikiConfigHelp".
318 * Per-parser quickhelp, 'quickhelp' class variable of parser class.
319 * Secure session cookies for https (see cfg.cookie_secure).
320 * Added left/center/right/justify css classes to builtin themes.
323 this content is justified....
326 Removed Features: ==========================================================
327 * HINT: url_prefix setting (use url_prefix_static or just use the default)
328 * traceback_log_dir setting (we just use logging.exception)
329 * editor_quickhelp setting (replaced by per-parser quickhelp)
330 * Restoring backups with the backup action and related settings (while
331 creating backups is no big issue and should work OK, restoring them
332 had fundamental issues related to overwriting or not-overwriting of
333 existing files - thus we removed the "restore" part of the action and
334 recommend that you just contact the wiki server admin in case of trouble,
335 give him your wiki backup file and let him carefully restore it.)
336 * Removed unmaintained DesktopEdition (moin 1.5.x style) and phpwiki
337 migration scripts from contrib/ directory.
339 Bug Fixes: =================================================================
340 * GUI Editor - fixed lots of bugs.
341 * Fixing https detection for servers using HTTPS=1 and also for WSGI
342 servers not using HTTPS/SSL_ environment, but just wsgi.url_scheme.
343 * Search results: link to 'view' rendering of found attachments.
344 * Standalone server: fix serverClass and interface argument processing,
345 announce used serverClass in log output.
346 * mointwisted: fixed Twisted start script.
348 * Use logging framework for messages emitted by warnings module (e.g.
349 DeprecationWarning), silence some specific warnings.
350 * Removed superfluous linefeeds in timing log output.
352 * Fixed editbar hidden comment link cosmetics for sidebar themes (hide the
353 complete list element).
355 action, if the wiki does not run in the root url of the site)
356 * Fixed backup action configuration (broke on win32).
358 * SyncPages: add workaround for callers calling log_status with encoded
360 * Fixed dbw_hide_buttons javascript.
361 * HINT: Jabber bot can now be configured to use an authentication realm
362 which is different from the server's hostname; the xmpp_node
363 configuration parameter can now contain a full JID and the xmpp_resource
364 parameter is no longer supported.
366 Other Changes: =============================================================
367 * HINT: new configuration for misc. secrets, please use either:
368 secrets = "MySecretLooongString!" # one secret for everything
371 'xmlrpc/ProcessMail': 'yourmailsecret', # for mailimport
372 'xmlrpc/RemoteScript': 'yourremotescriptsecret',
373 'action/cache': 'yourcachesecret', # unguessable cache keys
374 'wikiutil/tickets': 'yourticketsecret', # edit tickets
375 'jabberbot': 'yourjabberbotsecret', # jabberbot communication
377 Secret strings must be at least 10 chars long.
378 Note: mail_import_secret setting is gone, use
379 secrets["xmlrpc/ProcessMail"] instead of it.
380 Note: jabberbot secret setting is gone, use
381 secrets["jabberbot"] instead of it.
382 * HINT: user_autocreate setting was removed from wiki configuration and
383 replaced by a autocreate=<boolean> parameter of the auth objects that
384 support user profile auto creation.
385 * moin import irclog: use irssi parser to format logs, mapped .irc
386 extension to text/plain mimetype.
387 * HINT: backup action: backup_exclude (default: "do not exclude anything")
388 is now a function f(filename) that tells whether a file should be
389 excluded from backup.
390 You can get the old regex exclusion functionality by using:
391 backup_exclude = re.compile(your_regex).search
392 Be careful with your regex, you might need to use re.escape() to escape
393 characters that have a special meaning in regexes (e.g.: \.[] etc.).
394 If in doubt, maybe just leave backup_exclude at the default and don't
396 * Speed up javascript comments processing on IE by getElementsByClassName()
397 * Added sk (slovak) i18n, updated i18n.
402 * Secure session cookies for https, see cfg.cookie_secure.
403 * Add left/center/right/justify classes to builtin themes.
406 * Python 2.3 compatibility fixes.
407 * Fixed https detection for servers using HTTPS=1 and also for wsgi servers
408 not using HTTPS/SSL_ environment, but just wsgi.url_scheme.
410 * Fix crash when editing a page with non-ASCII pagename and inserting a link
411 * Fix "headers already sent exception" with edit LOCKs.
412 * i18n.__init__: Bug fix for wiki language not installed.
413 * Fixed URLs given by sitemap action, if the wiki does not run at / URL.
414 * Search results: link to 'view' rendering of found attachments
416 * Removed superfluous linefeed in timing log output.
417 * Use logging framework for messages emitted by warnings module (e.g.
418 DeprecationWarning), silence some specific warnings.
419 * Fix dbw_hide_buttons javascript.
421 * fix serverClass argument processing
422 * fix --interface="" argument processing
424 * added missing pidFile parameter
425 * better use Config.name for pidFile to avoid conflicts and keep same
426 behaviour as in the past
427 * Jabber bot can now be configured to use an authentication realm which
428 is different from the server's hostname
433 * Fix leakage of edit-log file handles (leaked 1 file handle / request!).
435 * Wiki parser: avoid IndexError for empty #! line
436 * MonthCalendar macro: fix parameter parsing / url generation
437 * Xapian indexing filters (MoinMoin/filter/ or data/plugin/filter/):
438 Some indexing filter scripts (e.g. for MS Word documents or PDF files)
439 failed on windows because of the single-quote quoting we used (that
440 works on Linux and other Posix systems). The fix introduces platform-
441 dependant automatic quoting, using double-quotes on win32 and single-
443 HINT: if you use own filter plugins based on execfilter, you have to
444 update them as the filename quoting (was '%s') is now done automatically
445 and must not be part of the command string any more (now just use %s).
446 See MoinMoin/filter/ for some up-to-date code (esp. the PDF filter).
447 * Prevent CategoryTemplate being listed as a category (it is a Template,
448 but matched also the category regex) - added to sample wikiconfig.
449 * LDAP auth: fix processing of TLS options
450 * UpdateGroup xmlrpc server side: fix wrong arg count error
451 * UpdateGroup client: use multicall / auth_token, refactor code so that
452 updateGroup function is reusable.
453 * Improve Python 2.3 compatibility, add notes where 2.4 is required.
458 * New 'cache' action (see developer notes).
461 * Security fix: XSS fix for advanced search form
462 * Avoid creation of new pagedirs with empty edit-log files by just
463 accessing a non-existant page. If you used 1.7 before, you likely have
464 quite some trash pagedirs now and you can clean them up by using:
465 moin --config-dir=... --wiki-url=... maint cleanpage
466 This will output some shell script (please review it before running!)
467 that can be used to move trash pages into some trash/ directory and also
468 moves deleted pages into some deleted/ directory. Maybe keep a copy of
469 those directories for a while just for the case.
470 * Server specific fixes:
471 * standalone (wikiserver.py): fix --pidfile and --group option, fix
472 operation without a wikiserverconfig.py (use builtin defaults).
473 * mod_python: work around mod_python 3.3.1 problems with file uploads.
474 Note: if you are still using mod_python, we strongly recommend you
475 try out mod_wsgi (in daemon mode) - it has less bugs, better
476 security, better separation, WSGI is a Python standard, and moin
477 developers also use WSGI. See HelpOnInstalling/ApacheWithModWSGI.
478 * revert action: fixed for deleted pages.
480 * Xapian indexing: Removed crappy "hostname" tokenization.
482 Also tokenize CamelCase parts of non-wikiwords.
483 * Make query parser reject more invalid input.
484 * If query parsing raises a BracketError, at least tell what the problem
485 is (and not just raise empty ValueError).
486 * Category search: ignore traling whitespace after ----
488 * Fixed sort() usage in UnitArgument to be Python 2.3 compatible.
491 * TableOfContents: skip outer-most <ol> levels when page isn't using
495 * OpenID RP: make it compatible to python-openid 2.2.x
496 * PackagePages.collectpackage: removed encoding from file name of zipfile
497 * Surge protection: exclude localnet no matter whether user is known or not.
499 * Script moin account create/disable/resetpw: checks for already existing
503 * Prevent CategoryTemplate being listed as a category (it is a Template)
504 by changing the default page_category_regex.
507 * New MoinMoin.action.cache - can be used to cache expensively rendered
508 output, e.g. generated images). Once put into the cache, moin can emit
509 a http response for that content very fast and very efficient (including
510 "304 not changed" handling.
511 * New file-like API in MoinMoin.caching (good for dealing with medium
512 to large files without consuming lots of memory).
513 * wikiutil.importPlugin supports getting the whole plugin module object
514 by giving function=None.
518 Note: This is a reduced CHANGES, ommitting details from rc/beta test and
519 also less interesting minor changes and fixes. It shows changes
520 relative to 1.6.3 release.
521 If you want to see full detail, read it there:
522 http://hg.moinmo.in/moin/1.7/file/76265568e8d3/docs/CHANGES
524 New Features: ==============================================================
525 * HINT: we added generic UPDATE instructions as docs/UPDATE.html.
527 * HINT: Standalone server usage changed:
528 * Standalone server can now be started via the "moin" script command,
529 optionally backgrounding itself.
530 See: moin server standalone --help
531 * In the toplevel dir, we have renamed moin.py to wikiserver.py (it was
532 often confused with the moin scripting command).
534 * wikiserver.py - to start the standalone server
535 * wikiserverconfig.py - to configure the standalone server
536 * wikiserverlogging.conf - to configure logging for it (default config
537 is ok for all day use, but can easily be modified for debugging)
538 * wikiconfig.py - to configure the wiki engine
539 * Removed old moin daemonizing script (replaced by moin server standalone
541 * We now provide the "moin" script command also for people not using
542 setup.py, see wiki/server/moin.
545 * New powerful and flexible logging, please see wiki/config/logging/ -
546 HINT: you have to upgrade your server adaptor script (e.g. moin.cgi)
547 and load a logging configuration that fits your needs from there, or
548 alternatively you can also set MOINLOGGINGCONF environment variable
549 to point at your logging config file.
550 If you use some of our sample logging configs, make sure you have a
551 look INTO them to fix e.g. the path of the logfile it will use.
552 * Moin now logs the path from where it loaded its configuration(s).
554 * Authentication / Sessions:
555 * HINT: New authentication plugin system, see HelpOnAuthentication. If
556 you do not use the builtin default for 'auth' list, you likely have to
557 change your configuration. See wiki/config/snippets/ for some samples.
558 * HINT: New session handling system (no moin_session any more, now done
559 internally and automatically), see HelpOnSessions for details.
560 * Added OpenID client and server support.
561 See: HelpOnAuthentication and HelpOnOpenIDProvider.
562 * cfg.trusted_auth_methods is a list of auth methods that put an
563 authenticated user into the "Trusted" ACL group.
565 * User profiles / password recovery / notification:
566 * New newacount action for creating new user accounts/profiles. If you
567 don't want users creating new accounts on their own, you can add this
568 action to actions_excluded list.
569 * New recoverpass action for password recovery:
570 If you forgot your password, recoverpass sends you an email with a
571 password recovery token (NOT the encrypted password) that is valid
573 * New moin account resetpw script for resetting a user's password by
575 * New preferences plugin system, see MoinMoin/userprefs/__init__.py.
576 * New notification system with an optional jabber notification bot, see
577 HelpOnNotification. HINT: wiki users have to check their notification
578 settings, esp. if they want to receive trivial update notifications.
580 * The diff action now has navigation buttons for prev/next change and also
581 a revert button to revert to the revision shown below the diff display.
582 * ThemeBase: support Universal Edit Button, see there for details:
583 http://universaleditbutton.org/
584 * ?action=info&max_count=42 - show the last 42 history entries of the page.
585 max_count has a default of default_count and a upper limit of
586 limit_max_count - you can configure both in your wiki config:
587 cfg.history_count = (100, 200) # (default_count, limit_max_count) default
588 * The CSV parser can sniff the delimiter from the first CSV line so other
589 delimeters than ";" can be used.
590 * Admonition support. Added styling for tip, note, important, warning
591 and caution in the modern theme. For more info see HelpOnAdmonitions.
593 * supports HTML entities like → and ☃
594 * supports the FootNote macro
595 * supports bulletless lists
596 * support for admonitions
597 * will export the wiki page's edit history as the generated article's
598 revision history. Doesn't add history of included pages.
599 * supports for the MoinMoin comment element, though only inline comments
600 are likely to be valid since the DocBook remark is an inline element.
601 * New Hits macro: shows the total hits for the page it is used on.
603 Removed Features: ==========================================================
604 * HINT: Removed attachments direct serving (cfg.attachments - this was
605 deprecated since long!). Use AttachFile action to serve attachments.
606 * Duplicated file attachment upload code was removed from Load action (just
607 use AttachFile action to deal with attachments).
608 * Removed 'test' action. If you like to run unit tests, use py.test.
609 * Removed Login macro.
611 Bug Fixes: =================================================================
612 * Better handling of ImportErrors (farmconfig, macros, wikiserverconfig).
613 * Fix failure of detection of on-disk cache updates.
614 * Fix traceback in filesys.py on Mac OS X when "import Carbon" fails.
616 * AttachFile action / file up- and download / zip support:
617 * WSGI: use wsgi.file_wrapper (or a builtin simple wrapper). Fixes memory
618 consumption for sending of large file attachments.
619 * FastCGI: flush often. Fixes memory consumption for sending of large
621 * Use the open temporary file for receiving file attachment uploads
622 (fixes big memory consumption for large file uploads).
623 * Catch runtime errors raised by zipfile stdlib modules when trying to
624 process a defective zip.
625 * When unzipping member files, decode their filenames from utf-8 and
626 replace invalid chars.
627 * Make error msg less confusing when trying to overwrite a file attachment
628 without having 'delete' rights.
630 * HINT: page_*_regex processing had to be changed to fix category search.
631 If you don't use the builtin (english) defaults, you will have to change
633 old (default): page_category_regex = u'^Category[A-Z]'
634 new (default): page_category_regex = ur'(?P<all>Category(?P<key>\S+))'
635 As you see, the old regex did work for detecting whether a pagename is
636 a category, but it could not be used to search for a category tag in the
637 page text. The new regex can be used for both and identifies the complete
638 category tag (match in group 'all', e.g. "CategoryFoo") as well as the
639 category key (match in group 'key', e.g. "Foo") by using named regex
640 groups. \S+ means the category key can be anything non-blank.
641 If you like to simultaneously support multiple languages, use something
642 like this: ur'(?P<all>(Kategorie|Category)(?P<key>\S+))'
643 HINT: after changing your configuration, please rebuild the cache:
645 * moin ... maint cleancache
647 If you don't do this, your groups / dicts will stop working (and also
648 your ACLs that use those groups). You better do a test whether it works.
650 * Xapian search / indexing / stemming:
651 * Use text/<format> as mimetype for pages.
652 * Index also major and minor for mimetypes, so it will find 'text' or
653 'plain' as well as 'text/plain'
654 * Fix searching for negative terms.
655 * Improve result list ordering.
656 * Index filters: redirect stderr to logging system.
657 * Remove crappy num regex from WikiAnalyzer, improve tokenization.
658 * Fix AttributeError that happened when trying to access an attribute only
659 used with xapian search (but regex search is not done by xapian)
660 * Fix IndexErrors happening when pages are renamed/nuked after the index
662 * Fixed indexing of WikiWords (index "WikiWords", "Wiki" and "Words").
663 * Fix crash if default language is un-stemmable.
664 * xapian_stemming: removed some strange code (fixes search
665 title:lowercaseword with xapian_stemming enabled)
666 * Fixed category indexing (index CategoryFoo correctly as CategoryFoo, not
667 Foo - for all languages, see page_*_regex change above).
668 * Builtin search: support mimetype: search for pages for the builtin search
669 engine (using text/<format>).
672 * Wiki: fix subscript parsing (was broken for cases like 'a,,1,2,,').
673 * Docbook: fixed detection of WikiWords.
674 * All: Add ssh protocol to url_schemas for ssh:... URLs.
677 * Fix xmlrpc request.read() call to use content-length, if available,
678 fixes hangs with wsgiref server.
679 * Wiki xmlrpc getPageInfoVersion() fixed:
680 * works correctly now for old page versions (was unsupported)
681 * works correctly now for current page version (reported wrong
682 data when a page had attachment uploads after the last page
684 * returns a Fault if it did not find a edit-log entry
686 Other Changes: =============================================================
687 * Using better ACLs and comments on system/help pages now, just taking
688 away 'write' permission, but using default ACLs for everything else.
689 * HINT: If you want to use xapian based indexed search, you need to have
690 Xapian >= 1.0.0 (and you can remove PyStemmer in case you have installed
691 it just for moin - we now use the stemmer built into Xapian as it
692 supports utf-8 since 1.0.0).
693 * Changed default value of cfg.search_results_per_page to 25.
694 * Surge Protection: If a user is authenticated by a trusted authentication
695 (see also cfg.auth_methods_trusted) then he/she won't trigger surge
696 protection, but moin will just log a INFO level log msg with the user's
697 name so you can find the culprit in case he/she is overusing ressources.
698 * HINT: Added MyPages and CopyPage to actions_excluded because MyPages
699 doesn't work without special SecurityPolicy anyway and CopyPage has
700 questionable behaviour.
701 * Load action now just creates a new revision of the target page, the
702 target pagename defaults to the current page name and can be edited.
703 If the target pagename is empty, moin tries to derive the target pagename
704 from the uploaded file's name.
705 Load tries to decode the file contents first using utf-8 coding and, if
706 that fails, it forces decoding using iso-8859-1 coding (and replacing
708 * HINT: cfg.show_login is gone, see code in theme/__init__.py, this may
710 * HINT: a new userprefs/ plugin directory will be created by the usual
711 "moin migration data" command.
713 * generates a valid DOCTYPE
714 * table support has been improved
715 * handling of definitions and glossaries is more robust
716 * supports program language and line numbering in code areas
717 * HINT: ldap_login behaves a bit different now:
718 In previous moin versions, ldap_login tended to either successfully
719 authenticate a user or to completely cancel the whole login process in
720 any other case (including ldap server down or exceptions happening).
721 This made subsequent auth list entries rather pointless.
722 Now it behaves like this:
723 * user not found in LDAP -> give subsequent auth list entries a
724 chance to authenticate the user (same happens if it finds multiple
725 LDAP entries when searching - it logs an additional warning then).
726 * user found, but wrong password -> cancel login
727 * ldap server not reachable or other exceptions -> give subsequent
728 auth list entries a chance
729 So please make sure that you really trust every auth list entry you have
730 configured when upgrading or it might maybe change behaviour in a
731 unexpected or unwanted way.
732 * ldap_login now supports failover: if it can't contact your LDAP server
733 (e.g. because it is down or unreachable), it will just continue and
734 try to authenticate with other authenticators (if there are any in
735 cfg.auth list). So if you have some mirroring LDAP backup server, just
736 put another authenticator querying it there:
737 ldap_auth1 = LDAPAuth(server_uri='ldap://mainserver', ...)
738 ldap_auth2 = LDAPAuth(server_uri='ldap://backupserver', ...)
739 auth = [ldap_auth1, ldap_auth2, ]
741 Developer notes: ===========================================================
742 * Page.last_edit() is DEPRECATED, please use Page.edit_info().
743 * Page._last_edited() is GONE (was broken anyway), please use
744 Page.editlog_entry().
745 * New request.send_file() call, making it possible to use server-specific
747 * getText's (aka _()) 'formatted' keyword param (default: True in 1.6 and
748 early 1.7) was renamed/changed: it is now called 'wiki' and defaults to
749 False. Example calls:
750 _('This will NOT get parsed/formatted by MoinMoin!')
751 _('This will be parsed/formatted by MoinMoin!', wiki=True)
752 _('This will be used as a left side of percent operator. %s',
753 wiki=True, percent=True)
754 * Page.url 'relative' keyword param (default: True in 1.6 and early 1.7)
755 was changed to default False).
756 * The themedict no longer contains 'page_user_prefs' and 'user_prefs',
757 this may affect custom themes.
758 * The rst-parser's admonition class names are no longer prepended with
759 "admonition_". Instead the class names are now for example "note"
760 and not "admonition_note".
765 * Security fix: a check in the user form processing was not working as
766 expected, leading to a major ACL and superuser priviledge escalation
767 problem. If you use ACL entries other than "Known:" or "All:" and/or
768 a non-empty superuser list, you need to urgently install this upgrade.
769 * Security fix: if acl_hierarchic=True was used (False is the default),
770 ACL processing was wrong for some cases, see
772 * For {{transclusion_targets}} we checked the protocol to be http(s),
773 this check was removed (because file: and ftp: should work also) and
774 it's not moin's problem if the user uses silly protocols that can't
775 work for that purpose.
776 * Fixed TableOfContents macro for included pages.
777 * server_fastcgi: added Config.port = None. If you want to use some port
778 (not a fd), you can set it now in your Config, e.g. port = 8888.
779 * category: search matches categories even if there are comment lines
780 between the horizontal rule and the real categories, e.g.:
781 ... some page text ...
783 ## optionally some comments, e.g. about possible categories:
784 ## CategoryJustACommentNotFound
785 CategoryTheRealAndOnly
787 Note: there might be multiple comment lines, but all real categories
788 must be on a single line either directly below the ---- or
789 directly below some comment lines.
792 * Added 'notes' to config.url_schemas, so you can use notes://notessrv/...
793 to invoke your Lotus Notes client.
794 * After creating a new user profile via UserPreferences, you are logged
795 in with that user (no need to immediately enter the same name/password
796 again for logging in).
801 * Security fix: check the ACL of the included page for the rst parser's
803 * Potential security/DOS fix: we removed cracklib / python-crack support
804 in password_checker as it is not thread-safe and caused segmentation
805 faults (leading to server error 500 because the moin process died).
806 * Fix moin_session code for auth methods other than moin_login (e.g. http).
807 If you have worked around this using moin_anon_session, you can remove
808 this workaround now (except if you want anon sessions for other reasons).
809 * Fix moin_session code to delete invalid session cookies and also create
810 a new session cookie if it got a valid user_obj at the same time.
811 * Fix xmlrpc applyAuthToken: give good error msg for empty token.
812 * Fixed category search, use category:CategoryFoo as search term.
813 * xapian_stemming = False (changed default) to workaround some problems
814 in the code enabled by it. Fixes the problems when searching for
815 lowercase or numeric titles or word fragments with the builtin search.
816 * Fix trail for anon users without a session, do not show a single page.
818 * Wiki parser: fixed strange insertion of unwanted paragraphs.
819 * Wiki parser: fix interwiki linking:
820 Free interwiki links did not change since 1.5 (they still require to match
821 [A-Z][A-Za-z]+ for the wikiname part, i.e. a ASCII word beginning with an
823 Bracketed interwiki links now behave similar to how they worked in 1.5:
824 Moin just splits off the part left of the colon - no matter how it looks
825 like. It then tries to find that in the interwiki map. If it is found,
826 a interwiki link gets rendered. If it is not found, moin will render a
827 link to a local wiki page (that has a colon in the pagename). It will
828 also render a local wiki page link if there is no colon at all, of course.
830 [[lowercasewikiname:somepage]] does an interwiki link (if in the map).
831 [[ABC:n]] does a local link to page ABC:n (if ABC is NOT in the map).
832 * Wiki parser: fix interwiki linking for the case that there are query args
833 in the interwiki map entry and you give additional query args via link
834 markup (uses correct query arg separator now), e.g.:
835 [[Google:searchterm|search this|&foo=bar]]
836 * Creole parser: fixed bug that prevents images inside links.
837 * Python parser: catch indentation error.
838 * PageEditor: fixed copyPage for write restricted pages.
839 * GUI editor: fixed javascript error with too complex word_rule regex,
841 * Fixed FCKeditor dialog boxes for FireFox3.
842 * NewPage macro/newpage action: fixed for non-ascii template pagenames.
844 * EmbedObject macro: bug fix for image mimetype
846 * fix TWikiDraw saving a drawing by also evaluating the query args.
847 * work around unpythonic WSGI 1.0 read() API, fixing broken xmlrpc
848 putPage with mod_wsgi
850 * Fix logfile code for EACCESS errors.
851 * Removed the "logging initialized" log messages because it was issued once
855 * Show "Comments" toggling link in edit bar only if the page really
857 * Made default configuration of surge protection a bit more forgiving,
858 especially for edit action which is currently also used for previews.
859 * Updated i18n, system/help pages, added Macedonian system text translation.
860 * Improved moin xmlrpc write command's builtin docs and auto-append
861 ?action=xmlrpc2 to the target wiki url given.
866 * Improved params for [[target|label|params]]:
867 Added accesskey link tag attribute, e.g.: [[target|label|accesskey=1]].
868 Additionally to specifying link tag attributes (like class=foo), you can
869 now also specify &key=value for getting that into the query string of
871 The "&" character is important, don't forget it or it won't get into the
873 E.g. for an attachment, you can use:
874 [[attachment:foo.pdf|Direct download of foo.pdf|&do=get]]
875 E.g. for linking to some specific diff, you can use:
876 [[SomePage|see that diff|&action=diff,&rev1=23,&rev2=42]]
877 See also the updated HelpOnLinking page!
878 * AdvancedSearch: make multipe categories/languages/mimetype selections possible
879 * Added a configuration directive to only do one bind to the LDAP server.
880 This is useful if you bind as the user the first time.
881 ldap_bindonce = False # default
884 * Fix XSS issue in login action.
885 * Fix wrong pagename when creating new pages on Mac OS X - that was a big
886 showstopper for moin 1.6.0 on Mac OS X.
887 * Fixed 1.6 migration script:
888 Make sorting python 2.3 compatible.
889 Just skip corrupted event log lines.
890 Fix link conversion by using data.pre160 as data_dir.
891 Fix bad /InterWiki pagenames when encountering interwiki links with bad
893 Improve ImageLink conversion by using its argument parser code.
894 Added STONEAGE_IMAGELINK (default: False) switch to wiki markup converter,
895 toggle it if you had a very old ImageLink macro in production and the
896 converter output has target and image interchanged.
897 Fixed UnicodeDecodeError for wrongly encoded attachment filenames.
899 Fix parsing of link/transclusion description and params.
900 Fix relative attachment targets.
901 Fix supported URL schemes (some got lost since 1.5.8).
902 Showing an upload link for non-existing non-text/non-image transclusions
903 now (like e.g. *.pdf).
904 * RST parser: fix attachment: and drawing: processing
905 * Fix quickhelp when editing RST markup pages.
906 * Fix Despam action: editor grouping was broken, increase time interval
908 * Fix AdvancedSearch domain:system search crashing.
909 * Only switch off xapian search if we didn't use it because of missing index.
910 * Fix saving twikidraw drawings by removing 'java' from spider regex.
911 * Fix classic theme's unsubscribe icon's action link.
912 * Fix AttachFile action: don't show unzip for packages, only show install
914 * Fix "su user" troubles on UserPreferences.
915 * Removed unit tests from ?action=test (due to changes in our test
916 environment, using py.test now, this was broken).
917 * Duplicated the top directories' moin.py to wiki/server/moin.py so it gets
918 installed by setup.py.
926 * I18n texts, system and help pages updated, please update your underlay
927 directory (see wiki/underlay/...).
928 * Improved "moin" script help, invoke it with "moin ... package command --help".
929 * Added some .ext -> mimetype mappings missing on some systems (like Mac OS X).
930 * Removed ImageLink macro, as this can be easily done with moin wiki link
931 syntax now - see HelpOnMacros/ImageLink (the 1.6 migration scripts convert
932 all ImageLink calls to moin wiki link syntax).
933 * Updated EmbedObject macro.
937 * This is a reduced CHANGES, ommitting details from rc/beta test and also
938 less interesting minor changes and fixes. If you want to see full detail,
939 read it there: http://hg.moinmo.in/moin/1.6/file/640f21787334/docs/CHANGES
941 It took MoinMoin development a lot of work and time to implement all the new
942 and fixed stuff, so please, before asking for support:
943 * take the time to read all the stuff below
944 * read the new help pages (copy them from wiki/underlay/ directory)
946 * HINT: If you are upgrading from a older moin version and want to keep your
947 existing data directory, it is essential that you read and follow
948 README.migration because the wiki markup and user profiles changed significantly.
949 See also more HINTs below...
951 New features: ==============================================================
953 User interface: ------------------------------------------------------------
954 * Removed "underscore in URL" == "blank in pagename magic" - it made more
955 trouble than it was worth. If you still want to have a _ in URL, just
956 put a _ into pagename.
957 * Discussion pages, see FeatureRequests/DiscussionAndOrCommentPages.
958 * cfg.password_checker (default: use some simple builtin checks for too
959 easy passwords and, if available, python-crack).
960 Use password_checker = None to disable password checking.
961 * We now have a drafts functionality (no */MoinEditorBackup pages any
963 * If you edit a page and cancel the edit, use preview or save, a draft
964 copy gets saved for you to a internal cache area (data/cache/drafts/).
965 * If it is a save what you did and it succeeds, the draft copy gets
966 killed right afterwards.
967 * If you accidentally used cancel or your browser or machine crashes
968 after you used preview, then just visit that page again and edit it.
969 the editor will notify you that there is a draft of this page and you
970 will see a "Load draft" button. Click on it to load the draft into the
971 editor and save the page.
972 * The draft storage is per user and per page, but only one draft per page.
973 * cfg.quicklinks_default and cfg.subscribed_pages_default can be used to
974 preload new user profiles with configurable values.
975 * attachment links for non-existing attachments look different now:
976 the note about the non-existing attachment moved to the link title,
977 the link is shown with nonexistent class (grey).
978 * attachment embeddings for non-existing attachments show a grey clip
979 * The list of InterWiki sites is editable in the wiki (page InterWikiMap),
980 it is getting reloaded every minute.
981 * We support some new languages and also have new underlay pages, thanks
982 to all translators and people helping with the docs!
984 Actions: -------------------------------------------------------------------
985 * Synchronisation of wikis using the SyncPages action.
986 * Xapian (see http://xapian.org/) based indexed search code.
988 * Install xapian-core and xapian-bindings on your machine.
989 We used 0.9.4, but newer code should hopefully work, too.
990 * cfg.xapian_search = True
991 * Execute this to build the index:
992 $ moin ... index build # indexes pages and attachments
993 $ moin ... index build --files=files.lst # same plus a list of files
994 You should run those commands as the same user you use for your wiki,
995 usually this is the webserver userid, e.g.:
996 $ sudo -u www-data moin --config=... --wiki-url=wiki.example.org/ \
997 index build --files=files.lst
999 - LanguageSearch: language:de
1000 - CategorySearch: category:Homepage
1001 - MimetypeSearch: mimetype:image/png (for attachments/files)
1002 - DomainSearch: domain:underlay or domain:standard
1003 - History Search: available in advanced ui
1004 Note: Some currently only available when Xapian is used.
1005 * New config options and their defaults:
1006 xapian_search False enables xapian-powered search
1007 xapian_index_dir None directory for xapian indices
1008 (can be shared for wiki farms)
1009 xapian_stemming True toggles usage of stemmer, fallback
1010 to False if no stemmer installed
1011 search_results_per_page 10 determines how many hits should be
1012 shown on a fullsearch action
1013 xapian_index_history False indexes all revisions of pages to
1014 allow searching in their history
1015 * Speeded up linkto search by avoiding read locks on the pagelinks file.
1017 * The action menu now calls the actions for the revision of the page you
1018 are currently viewing. If you are viewing the current page revision, you
1019 get the same behaviour as in moin 1.5, but if you are viewing an old
1020 page revision, action "raw" will now show you the raw text of this OLD
1021 revision (not of the current revision as moin 1.5 did it).
1022 Note that not every action does evaluate the rev=XX parameter it gets.
1023 Also please note that the edit, info, ... links in the editbar do NOT
1024 use the rev parameter, but operate on the latest page revision (as
1025 they did in moin 1.5).
1026 * Info action lost the links for "raw", "print" and "revert" actions,
1027 because you can now just view an old revision and select those actions
1028 from the menu there.
1030 * ?action=sitemap emits a google sitemap (XML), listing all your wiki pages
1031 and the wiki root URL.
1032 Page Priority / Frequency / Last modification
1033 --------------------------------------------------------------------
1034 / 1.0 / hourly / <now>
1035 cfg.page_front_page 1.0 / hourly / page last edit
1036 TitleIndex,RecentChanges 0.9 / hourly / <now>
1037 content pages 0.5 / daily / page last edit
1038 system/help pages 0.1 / yearly / page last edit
1040 * Action DeletePage and RenamePage can now be used for subpages of a page, too.
1041 * Added Action CopyPage so you can use now an existing page or page hierarchy
1042 as template for a new page, see FeatureRequests/CloneOrCopyPages.
1043 * "Package Pages" action supports attachments now.
1044 * Added SisterPages support:
1045 * action=sisterpages will generate a list of url pagename lines for all
1046 pages in your moin wiki.
1047 * action=pollsistersites will poll all sister sites listed in
1048 cfg.sistersites = [(wikiname, fetchURL), ...]
1049 The fetch URL for the sistersites depends on the wiki engine, e.g.:
1051 ('MoinExample', 'http://moin.example.org/?action=sisterpages')
1052 # oddmuse based wiki:
1053 ('EmacsWiki', 'http://www.emacswiki.org/cgi-bin/test?action=sisterpages')
1054 # JspWiki based wiki:
1055 ('JspWiki', 'http://www.jspwiki.org/SisterSites.jsp')
1056 * If the current page exists on some sister wiki, a link to it will be
1057 added to the navibar.
1058 You can use sister wikis for adding another dimension to your wiki UI: use
1059 it for simple multi language support, or for comments, or anything else
1061 TODO: add sistersites_force with sister sites we link to even if they do not
1062 have the page yet (will work only for moin as we don't know
1063 pagename>url transformation of other wikis)
1064 * showtags action that lists all tags related to a page.
1065 * action=view does use mimetypes of EmbedObject too and text files will be shown
1066 by using their colorized parsers
1068 Macros: --------------------------------------------------------------------
1070 * If a change has happened after your bookmark, the updated/new/renamed
1071 icon links to the bookmark diff.
1072 * If a page does not exist any more (because it was deleted or renamed),
1073 we link the deleted icon to the diff showing what was deleted (for the
1074 delete action). For the rename action, we just show the deleted icon.
1075 * Conflict icon in RecentChanges is shown if a edit conflict is detected.
1076 * Enhanced SystemAdmin's user browser, so a SuperUser can enable/disable
1078 * Included EmbedObject macro for embedding different major mimetypes:
1079 application, audio, image, video, chemical, x-world.
1080 You are able to change the defaults of allowed mimetypes in the config
1081 var mimetypes_embed. The config var mimetypes_xss_protect is used to deny
1082 mimetypes. The order of both variables is Allow, Deny (mimetypes_embed,
1083 mimetypes_xss_protect).
1084 * Added support for @SELF to the NewPage macro.
1085 * GetText2 macro that allows to translate messages that contain data.
1086 * Make the FootNote macro filter duplicates and display a list of numbers
1087 instead of a list of identical footnotes. Thanks to Johannes Berg for the
1090 Parsers: -------------------------------------------------------------------
1091 * Moin Wiki parser: Changed markup for links, images and macros, see these
1092 wiki pages: HelpOnLinking, HelpOnMacros
1093 * New wiki markup for /* inline comments */ - they get rendered as a span
1094 with class="comment", see next item:
1095 * There is a new item in the edit bar: "Comments". If you click it, the
1096 visibility of all class "comment" tags will be toggled. There is a user
1097 preferences item "show_comments" to set if the default view shows them or not.
1098 * The wiki parser can be used with css classes now:
1100 This will render output within a div with class "comment".
1101 You can use any wiki markup as usual.
1103 You can also combine multiple css classes like this:
1104 {{{#!wiki red/dotted/comment
1105 This will render a red background, dotted border comment section.
1107 The same thing will work for any other css classes you have.
1108 If the css classes contain the word "comment", they will trigger some
1109 special feature, see next item:
1110 * Wiki nested parser/pre sections work now, using this syntax:
1111 a) just use more curly braces if you have 3 closing in your content:
1113 }}} <- does not terminate the section!
1115 b) use {{{ + some magic string:
1117 }}} <- does not terminate the section!
1119 c) {{{whatever#!python
1122 Pitfall: stuff like below does not work as it did in 1.5:
1130 * Added support for ircs: URLs (secure IRC).
1131 * New text/creole parser that allows you to use WikiCreole 1.0 markup,
1133 * HTML parser (called "html") that allows you to use HTML on the page.
1134 Thanks to the trac team for the nice code.
1135 * Added the diff parser from ParserMarket, thanks to Emilio Lopes, Fabien
1136 Ninoles and Juergen Hermann.
1138 XMLRPC: --------------------------------------------------------------------
1139 * actions_excluded now defaults to ['xmlrpc'] - this kind of disables the
1140 built-in wiki xmlrpc server code (not completely: it will just answer
1141 with a Fault instance for any request). If you want to use xmlrpc v1 or
1142 v2, you have to remove 'xmlrpc' from the actions_excluded list (for
1143 example if you want to use wikisync, mailimport or any other feature
1144 using xmlrpc). If you enable xmlrpc, it will be possible that someone
1145 changes your wiki content by using xmlrpc (it will of course honour ACLs).
1146 * New XMLRPC methods (see doc strings for details):
1148 * system.multicall -- multicall support
1149 * Authentication System: getAuthToken/appyAuthToken
1150 * getDiff -- method to get binary diffs
1151 * mergeDiff -- method to local changes remotely
1152 * interwikiName -- method to get the IWID and the interwiki moniker
1153 * getAllPagesEx -- method to get the pagelist in a special way (revnos,
1154 no system pages etc.)
1155 * getAuthToken -- make and authentication token by supplying username/password
1156 * applyAuthToken -- set request.user for following xmlrpc calls (within the
1158 * getUserProfile -- method to get user profile data for request.user
1159 * Added XMLRPC methods for attachment handling. Thanks to Matthew Gilbert.
1160 * XMLRPC putPage method adjusted to new AuthToken, config vars
1161 xmlrpc_putpage_enabled and xmlrpc_putpage_trusted_only removed.
1163 Scripts / Commandline interface: -------------------------------------------
1164 * moin export dump now better conforms to the theme guidelines.
1165 * Added a --dump-user option to the moin export dump command.
1166 Thanks to Oliver O'Halloran.
1168 Security / Auth / AntiSpam / etc.: -----------------------------------------
1169 * Hierarchical ACLs are now supported, i.e. pages inheriting permissions
1170 from higher-level pages. See HelpOnAccessControlLists.
1171 * If you have "#acl" (without the quotes) on a page, this means now:
1172 "this page has own (empty) ACLs, so do not use acl_rights_default here"
1173 Please note that this is COMPLETELY DIFFERENT from having no ACL line at
1174 all on the page (acl_rights_default is used in that case).
1175 * Antispam master url is now configurable via cfg.antispam_master_url.
1176 The default is to fetch the antispam patterns from MoinMaster wiki.
1177 * Antispam now checks the edit comments against BadContent also.
1178 * TextCHAs (text-form CAPTCHAs).
1179 Due to increasingly annoying wiki spammers, we added the option to use
1180 TextCHAs (for page save (not for preview!), for attachment upload, for
1181 user creation (not for profile save)).
1182 This function is disabled by default. If you run a wiki that is editable
1183 by anonymous or non-approved users from the internet (i.e. All: or Known:
1184 in ACL terms), you should enable it in your wiki config by:
1185 textchas = { # DO NOT USE EXACTLY THESE QUESTIONS!!!
1187 u'H2O is ...': u'water', # bad: too common
1188 u'2 apples and three bananas makes how many fruits?': ur'(five|5)', # good
1189 u'2 apples and three pigs makes how many fruits?': ur'(two|2)', # good
1190 u'2+3': ur'5', # bad: computable
1193 'de': { # for german users
1194 u'H2O ist ...': u'wasser',
1197 This means that english users will get some random question from the 'en'
1198 set, german users will get some from the 'de' set. If there is no 'de'
1199 set configured, moin will fallback to language_default and then to 'en',
1200 so make sure that you at least have a 'en' set configured (or whatever
1201 you have set as language_default).
1202 You need to use unicode for the questions and answers (see that u"...").
1203 For the answer, you need to give a regular expression:
1204 * In the easiest case, this is just some word or sentence (first en
1205 example). It will be matched in a case-insensitive way.
1206 * For more complex stuff, you can use the power of regular expressions,
1207 e.g. if multiple answers are correct (second en example). Any answer
1208 matching the regular expression will be considered as correct, any
1209 non-matching answer will be considered as incorrect.
1211 Tipps for making it hard to break for the spammers and easy for the users:
1212 * Use site-specific (not too common) questions.
1213 * Don't use too hard questions (annoys legitimate users).
1214 * Don't use computable questions.
1215 * Don't reuse textchas from other sites.
1217 textchas_disabled_group = None # (default)
1218 Set this to some group name and noone in this group will get textchas.
1219 E.g.: textchas_disabled_group = u'NoTextChasGroup'
1221 * The login page gives now the possibility to recover a lost password, thanks to
1222 Oliver Siemoneit. This is especially useful for wikis where access to user
1223 preferences is restricted by acl.
1224 * Session handling for logged-in users and (not by default due to expiry
1225 problems) anonymous users.
1226 * Updated the ldap_login code from 1.5 branch, supports TLS now.
1227 See MoinMoin/config/multiconfig.py for supported configuration options
1228 and their defaults (and please just change what you need to change,
1229 in your wikiconfig).
1230 * Interwiki auth: You need to define cfg.trusted_wikis and
1231 cfg.user_autocreate to use it. Logging in works by entering:
1232 Name: RemoteWikiName RemoteUserName
1233 Password: remotepass
1234 Then moin contacts RemoteWikiName after looking it up in the interwiki
1235 map and tries to authenticate there using RemoteUserName and remotepass.
1236 If it succeeds, the remote wiki will return the remote user profile items
1237 and your local moin will autocreate an account with these values.
1239 Server / Network / Logging: ------------------------------------------------
1240 * The standalone server script moved to the toplevel directory. This makes
1241 it possible to directly start moin.py without additional configuration
1242 to run a MoinMoin DesktopEdition like wiki setup.
1243 Be careful: DesktopEdition uses relaxed security settings only suitable
1244 for personal and local use.
1245 * Added TLS/SSL support to the standalone server. Thanks to Matthew Gilbert.
1246 To use TLS/SSL support you must also install the TLSLite library
1247 (http://trevp.net/tlslite/). Version 0.3.8 was used for development and
1250 * cfg.log_reverse_dns_lookups [default: True] - you can set this to False
1251 if rev. dns lookups are broken in your network (leading to long delays
1252 on page saves). With False, edit-log will only contain IP, not hostname.
1253 * Added support for "304 not modified" response header for AttachFile get
1254 and rss_rc actions - faster, less traffic, less load.
1256 * Added logging framework, using stdlib's "logging" module. Just do
1257 import logging ; logging.debug("your text"). Depending on configuration
1258 in the server Config class, your stuff will be written to screen (stderr),
1259 to a moin logfile, to apache's error.log, etc.:
1260 logPath = None # 'moin.log'
1261 loglevel_file = None # logging.DEBUG/INFO/WARNING/ERROR/CRITICAL
1262 loglevel_stderr = None # logging.DEBUG/INFO/WARNING/ERROR/CRITICAL
1263 NOTE: this is NOT in wikiconfig, but e.g. in moin.cgi or moin.py or ...
1265 * Added some experimental and disabled code, that uses x-forwarded-for
1266 header (if present) to get the right "outside" IP before a request
1267 enters our chain of trusted (reverse) proxies.
1268 This code has the problem that we can't configure it in wikiconfig, so
1269 if you want to use it / test it, you have to edit the moin code:
1270 MoinMoin/request/__init__.py - edit proxies_trusted (near the top).
1271 We will try to make this easier to configure, but there was no time left
1272 before 1.6.0 release for doing bigger code refactorings needed for that.
1274 Mail: ----------------------------------------------------------------------
1275 * You can send email to the wiki now (requires xmlrpc), see:
1276 FeatureRequests/WikiEmailIntegration, HelpOnConfiguration/EmailSupport
1278 * Mail notifications contain a link to the diff action so the user
1279 can see the coloured difference more easily. Thanks to Tobias Polzin.
1281 Other changes: =============================================================
1282 * HINT: please copy a new version of your server script from the wiki/server/
1283 directory and edit it to match your setup.
1284 * HINT: instead of "from MoinMoin.multiconfig import DefaultConfig" you
1285 need to use "from MoinMoin.config.multiconfig import DefaultConfig" now.
1286 You need to change this in your wikiconfig.py or farmconfig.py file.
1287 See MoinMoin/multiconfig.py for an alternative way if you can't do that.
1288 * HINT: you need to change some imports (if you have them in your config):
1289 Old: from MoinMoin.util.antispam import SecurityPolicy
1290 New: from MoinMoin.security.antispam import SecurityPolicy
1291 Old: from MoinMoin.util.autoadmin import SecurityPolicy
1292 New: from MoinMoin.security.autoadmin import SecurityPolicy
1293 * HINT: you need to change your auth stuff, the new way is:
1294 from MoinMoin.auth import moin_login, moin_session
1295 from MoinMoin.auth.http import http
1296 auth = [http, moin_login, moin_session]
1297 Do it in a similar way for other auth methods.
1298 * HINT: you need to change your url_prefix setting in 2 ways:
1299 1. The setting is now called url_prefix_static (to make it more clear
1300 that we mean the static stuff, not the wiki script url).
1301 2. The strongly recommended (and default) value of it is '/moin_static160'
1302 for moin version 1.6.0 (and will be ...161 for moin 1.6.1). It is
1303 possible and recommended to use a very long cache lifetime for static
1304 stuff now (Expires: access plus 1 year), because we require to change
1305 the URL of static stuff when the static stuff changes (e.g. on a
1306 version upgrade of moin) to avoid problems with stale cache content.
1307 Your moin will be faster with lower load and traffic because of this.
1308 For standalone server, we use 1 year expiry for static stuff now.
1309 For Apache, Lighttpd and other "external" servers, you have to care
1310 for configuring them to use a long expiry and change url_prefix_static
1311 related configuration on upgrade.
1312 HINT: if you run standalone or Twisted server, the easiest way to get a
1313 working configuration (with server configuration matching wiki
1314 configuration) is to NOT set url_prefix_static at all. Moin will
1315 use matching configuration defaults in this case.
1316 * url_prefix_action ['action'] was introduced for lowering load and traffic
1317 caused by searchengine crawlers. Up to now, crawlers where causing a high
1318 load in internet moin wikis because they tried to get about everything,
1319 including all actions linked from the user interface.
1320 Known crawlers only get 403 for most actions, but nevertheless they first
1321 tried. There was no means keeping them away from actions due to the rather
1322 braindead robots.txt standard. You can only disallow pathes there, but
1323 moin's actions were querystring based, not path based (this would need
1324 regex support in robots.txt, but there is no such thing).
1325 This changed now. Moin is able to generate action URLs you can handle in
1326 robots.txt, like /action/info/PageName?action=info. So if you don't want
1327 bots triggering actions, just disallow /action/ there. Keep in mind that
1328 attachments are handled by /action/AttachFile, so if you want attached
1329 files and pictures indexed by search engine, don't disallow
1330 /action/AttachFile/ in your robots.txt. In order to use this feature,
1331 set url_prefix_action in your wikiconfig to e.g. "action".
1332 * We use (again) the same browser compatibility check as FCKeditor uses
1333 internally, too. So if GUI editor invocation is broken due to browser
1334 compatibility issues or a wrong browser version check, please file a bug
1335 at FCKeditor development or browser development.
1336 * HINT: We removed Lupy based indexed search code. If you were brave enough
1337 to use cfg.lupy_search, you maybe want to try cfg.xapian_search instead.
1339 Developer notes: ===========================================================
1340 * We moved the IE hacks to theme/css/msie.css that gets included after all
1341 other css files (but before the user css file) using a conditional
1342 comment with "if IE", so it gets only loaded for MSIE (no matter which
1343 version). The file has some standard css inside (evaluated on all MSIE
1344 versions) and some * html hacks that only IE < 7 will read.
1345 HINT: if you use custom themes, you want to update them in the same way.
1346 * autofilters for databrowser widget. Thanks to Johannes Berg for the patch.
1347 * changed formatter.attachment_link call (it is now more flexible,
1348 because you can render the stuff between link start and link end yourself)
1349 * Page.url() does not escape any more. You have to use wikiutil.escape()
1350 yourself if you want to write the URL to HTML and it contains e.g. &.
1351 * The testing wikiconfig moved to tests/wikiconfig.py, the testing wiki
1352 is now created in tests/wiki/...
1353 * HINT: Killed "processors" (finally), formatter method changed to:
1354 formatter.parser(parsername, lines)
1355 * Refactored some actions to use ActionBase base class.
1356 * Moved "test" action from wikiaction to MoinMoin/action/
1357 (and use ActionBase).
1358 * Moved MoinMoin/config.py to MoinMoin/config/__init__.py.
1359 * Moved MoinMoin/multiconfig.py to MoinMoin/config/multiconfig.py.
1360 * Moved "SystemInfo" macro from wikimacro to MoinMoin/macro/.
1361 * Moved wikiaction.py stuff to MoinMoin/action/__init__.py.
1362 * Moved wikimacro.py stuff to MoinMoin/macro/__init__.py.
1363 * Moved wikirpc.py stuff to MoinMoin/xmlrpc/__init__.py.
1364 * Moved wikitest.py stuff to action/test.py (only used from there).
1365 * Moved formatter/base.py to formatter/__init__.py (FormatterBase).
1366 * Moved util/ParserBase.py to parser/ParserBase.py.
1367 * Moved / splitted request.py into MoinMoin/request/*.
1368 Most stuff will be broken, please help fixing it (usually some imports
1369 will be missing and the adaptor script will need a change maybe):
1370 Tested successfully: CGI, CLI, STANDALONE, FCGI, TWISTED
1371 * Moved security.py to security/__init__.py.
1372 * Moved wikiacl.py to security/__init__.py.
1373 * Moved logfile/logfile.py to logfile/__init__.py.
1374 * Moved mailimport.py to mail/mailimport.py.
1375 * Moved util/mail.py to mail/sendmail.py.
1376 * Moved auth.py to auth/__init__.py.
1377 Moved util/sessionParser.py to auth/_PHPsessionParser.py.
1378 teared auth code into single modules under auth/* - moin_session handling
1379 and the builting moin_login method are in auth/__init__.py.
1380 * Added wikiutil.MimeType class (works internally with sanitized mime
1381 types because the official ones suck).
1382 * Renamed parsers to module names representing sane mimetypes, e.g.:
1383 parser.wiki -> parser.text_moin_wiki
1384 * Added thread_monitor debugging aid. It can be activated using:
1385 from MoinMoin.util import thread_monitor; thread_monitor.activate_hook()
1386 and then triggered by requesting URL ...?action=thread_monitor - please
1387 be aware that monitoring threads has a big performance impact on its own,
1388 so you only want to temporarily enable this for debugging.
1389 By default, it dumps its output to the data_dir as tm_<timestamp>.log,
1390 you can change this at bottom of action/thread_monitor.py if you want to
1391 see output in your browser.
1392 * Introduced scope parameter to CacheEntry() - if you specify 'farm', it
1393 will cache into a common directory for all wikis in the same farm, if you
1394 specify 'wiki', it will use a cache directory per wiki and if you specify
1395 'item', it will use a cache directory per item (== per page).
1396 Creating a CacheEntry without explicit scope is DEPRECATED.
1397 * Smileys moved from MoinMoin.config to MoinMoin.theme.
1398 * Removed all _ magic in URLs and filenames.
1399 * request.action now has the action requested, default: 'show'.
1400 * Cleaned up duplicated http_headers code and DEPRECATED this function
1401 call (it was sometimes confused with setHttpHeaders call) - it will
1402 vanish with moin 1.7, so please fix your custom plugins!
1404 request.emit_http_headers(more_headers=[])
1405 This call pre-processes the headers list (encoding from unicode, making
1406 sure that there is exactly ONE content-type header, etc.) and then
1407 calls a server specific helper _emit_http_headers to emit it.
1408 Tested successfully: CGI, STANDALONE, FCGI, TWISTED
1409 * setResponseCode request method DEPRECATED (it only worked for Twisted
1410 anyway), just use emit_http_headers and include a Status: XXX header.
1411 Method will vanish with moin 1.7.
1412 * cfg.url_prefix is DEPRECATED, please use cfg.url_prefix_static.
1413 * d['title_link'] is not supported any more. You can easily make that link
1414 on your own in your theme, see example in MoinMoin/theme/__init__.py,
1416 * There is a new Page method called Page.get_raw_body_str that returns
1417 the encoded page body. This is useful if you just deal with byte data
1418 (e.g. while generating binary diffs).
1419 * The TagStore/PickleTagStore system is used to store the syncronisation tags.
1420 * XMLRPC functions may return Fault instances from now on
1421 * Moin got multicall support, including a module that makes it usable on the
1422 client-side without requiring Python 2.4
1423 * Added no_magic to text_html formatter to disable tag autoclosing.
1424 * MOIN_DEBUG can be set in the environment to let MoinMoin ignore exceptions
1425 that would lead to a traceback in the browser. Thanks to Raphael Bossek.
1426 * There is a new MoinMoin.Page.ItemCache class now with automatic cache
1427 invalidation based on global edit-log. We currently use it to cache page
1428 acls, speedup Page.get_rev and reading the page local edit-log.
1429 * Added wikiutil.renderText parse and format raw wiki markup with all page elements.
1430 * The user file format has changed, old files will be read correctly but
1431 will silently be upgraded to the new format so old versions will not
1432 read the new files correctly (this only affects 'subscribed_pages' and
1433 'quicklinks' which will be lost when downgrading.)
1438 * Added timing.log to help performance debugging. Use cfg.log_timing = True
1439 to update <data_dir>/timing.log (default is False, meaning no logging).
1441 Example log entries:
1444 Timestamp PID Timing Flag action URL
1445 -----------------------------------------------------------------------------
1446 20070512 184401 22690 vvv None moinmoin.wikiwikiweb.de/RssFeeds
1447 20070512 184401 22690 0.267s - show moinmoin.wikiwikiweb.de/RssFeeds
1449 Timestamp: YYYYMMDD HHMMSS (UTC)
1450 PID: the process ID of the moin process
1451 Timing: when action starts, it will be "vvv"
1452 when it ends, it logs the total time it needed for execution
1453 Flag (some are only logged at end of action):
1455 - Page does not exist
1456 B user agent was recognized as bot / spider
1457 !x! Action took rather long (the higher the x, the longer it took - this
1458 makes it easy to grep for problematic stuff).
1459 Action: action name (None is when no action was specified, moin assumes
1460 "show" for that case)
1461 URL: the requested URL
1463 For more information about tuning your moin setup, see:
1464 http://moinmoin.wikiwikiweb.de/PerformanceTuning
1465 * Added support for ircs, webcal, xmpp, ed2k and rootz protocols - we
1466 moved all protocols to config.url_schemas, so this is not empty any more.
1467 It is possible to use these protocols now on wiki pages and in the
1468 navi_bar. We just generate the URLs, it is up to your browser what it
1469 does when clicking on those links.
1470 * cfg.traceback_show (default: 1) can be used to disable showing tracebacks.
1471 cfg.traceback_log_dir (default: None) can be used to set a directory
1472 that is used to dump traceback files to. Your users will get a notice to
1473 which (random) file in that directory the traceback was been written.
1474 NOTE: while you can feel free to set traceback_show = 0 and
1475 traceback_log_dir = None, we will also feel free to reject bug reports
1476 when you (or your site's users) don't give us enough information (like a
1477 traceback file) to debug the problem. If you set traceback_show = 0,
1478 we recommend pointing traceback_log_dir to a directory with reasonable
1479 free space and putting a page onto your wiki that describes who has to
1480 get contacted (usually the wiki server admin) in case a traceback happens.
1481 The admin can then locate the traceback file and submit it to moin
1483 Of course we will also need all the other details of a bug report, not
1484 only the traceback file.
1487 * Updated spider agents list.
1488 * Reduce bot/spider cpu usage for SystemInfo, OrphanedPages, WantedPages,
1489 PageHits, PageSize, WordIndex macros (we just return nothing for bots).
1492 * XSS fixes, see http://secunia.com/advisories/24138/ (item 1 and 2).
1493 * ACL security fixes:
1494 * MonthCalendar respects ACLs of day pages now.
1495 * Check the ACL for the rst markup include directive.
1496 * Fixed cleaning of edit comments (control chars in there could damage
1498 * Fixed in-process caching of antispam patterns (didn't update the cache
1499 for multi-process, persistent servers).
1500 * Correct encoding/decoding for surge-log data, fixes leftover
1501 surge-logXXXXXXX.tmp files in data/cache/surgeprotect.
1502 * Fixed mode of cache files (mkstemp creates them with 0600 mode).
1503 * Symbolic entities with numbers (like ²) did not work, fixed.
1504 * We open data/error.log earlier now and we also use it for FastCGI.
1505 * Fixed unicode cfg.page_group_regex.
1506 * Fixed moin.spec to use english date format.
1507 * GUI converter: fixed conversion of relative wiki links.
1508 * Fixed NewPage macro button label to not be formatted as wiki text.
1512 * added url_prefix_local which is used for stuff that must be loaded from
1513 same site as the wiki engine (e.g. FCKeditor GUI editor applet), while
1514 url_prefix can be a remote server serving the static files (css/img).
1515 If not set (or set to None), url_prefix_local will default to the value
1517 * We save some CPU and disk I/O by having EditTemplates and LikePages macro
1518 (both used on MissingPage) check whether the requesting entity was
1519 identified as a spider (e.g. search engine bot) and do nothing in that
1520 case. Normal users won't see any difference.
1521 * For AttachFile, you can now choose to overwrite existing files of same
1522 name (nice for updating files).
1526 * fixed unescaped page info display.
1527 * fixed unescaped page name display in AttachFile, RenamePage and
1528 LocalSiteMap actions
1529 * WantedPages listed existing pages that are not readable for the user,
1530 but are linked from pages that ARE readable for the user (so this is NOT
1531 a privacy/security issue). We now don't list those pages any more as it
1532 is pointless/confusing, the user can't read or edit there anyway.
1535 * GUI editor/converter:
1536 * ignore <col>/<colgroup>/<meta> elements
1537 * support <a> within blockquote
1538 * Remove generated=... attribute from pagelink html output (this attr is
1539 for internal use only). w3c validator is now happier again.
1540 * Fixed css class "userpref" (not: "userprefs") of the Login form.
1541 * Fixed the version number check in the xslt parser for 4suite >= 1.0.
1542 * We reset the umask to the wanted value every request. This should fix
1543 wrong file modes when used with Twisted (twistd uses a hardcoded 0077
1544 umask in daemonize()).
1545 * Avoid trouble when saving pages with antispam function when MoinMaster
1546 wiki is having troubles (catch xmlrpc Fault).
1549 * Standalone server does not do reverse DNS lookups any more (this is a
1550 standard feature of BaseHTTPServer stdlib module, but we override this
1551 now and just print the IP).
1552 * We moved the IE hacks to theme/css/msie.css that gets included after all
1553 other css files (but before the user css file) using a conditional
1554 comment with "if IE", so it gets only loaded for MSIE (no matter which
1555 version). The file has some standard css inside (evaluated on all MSIE
1556 versions) and some * html hacks that only IE < 7 will read.
1557 HINT: if you use custom themes, you want to update them in the same way.
1558 * Improved ldap auth:
1559 * cfg.ldap_name_attribute was removed because of new cfg.ldap_filter.
1560 If you had ldap_name_attribute = 'sAMAccountName' before, just use
1561 ldap_filter = '(sAMAccountName=%(username)s)' now.
1562 * New cfg.ldap_filter used for the ldap filter string used in the ldap
1563 search instead of the rather limited, partly hardcoded filter we used
1564 before. This is much more flexible:
1565 ldap_filter = '(sAMAccountName=%(username)s)'
1566 You can also do more complex filtering expressions like:
1567 '(&(cn=%(username)s)(memberOf=CN=WikiUsers,OU=Groups,DC=example,DC=org))'
1568 * Added some processing to filter out result entries with dn == None.
1569 * We set REFERRALS option to 0 before initializing the ldap server
1570 connection (this seems to be needed for Active Directory servers).
1571 * We support self-signed ssl certs for ldaps - completely untested.
1572 * New cfg.ldap_surname_attribute (usually 'sn'), was hardcoded before.
1573 * New cfg.ldap_givenname_attribute (usually 'givenName'), hardcoded before.
1574 * New cfg.ldap_aliasname_attribute (usually 'displayName') - if this
1575 attribute is not there or empty (in the results of the ldap lookup for
1576 the user), we just make up the aliasname from surname and givenname
1578 * We only request the attributes we need from ldap (was: all attrs).
1579 * We deny user login (and break out of auth chain) for the following cases:
1580 * if a user is not found by ldap lookup
1581 * if we find more than one matching entry
1582 * if the password is empty or incorrect
1583 * if some exception happens
1584 * Please note that there is an updated ldap sample config in directory
1585 wiki/config/more_samples/.
1586 * Added experimental LDAP SSL/TLS support (untested, please help testing),
1587 see also the sample config.
1588 * Work around a IE7 rendering problem with long pages getting more and
1589 more narrow. We just applied the same "fix" as we used for IE6, using
1590 "display: none" for span.anchor for IE browsers.
1592 * We used to emit a <link> tag for the action=rss_rc RSS feed on any
1593 page. This was changed, we now emit that link only on RecentChanges and
1594 the current user's language translation of RecentChanges.
1595 This was changed because Google Toolbar requests the RSS feed linked
1596 by such a link tag every time it sees one. Thus, if you used the wiki
1597 normally, it requested the RSS feed every few seconds and caused
1598 problems due to surge protection kicking in because of that.
1599 * HINT for custom theme users: if your theme code calls
1600 rsslink(), then you need to change that to rsslink(d) for 1.5.7+.
1604 A general security notice:
1605 Check your Python version, there was a buffer overflow issue in Python
1606 recently! Details: http://moinmoin.wikiwikiweb.de/PythonUnicodeEscapeBug
1609 * Fix AttributeError traceback with Standalone server (if_modified_since)
1610 * Fix AttachFile "304 not modified" and redirect status code for Twisted
1611 * http auth: we now decode username and password to unicode (using
1612 config.charset == utf-8). Same for SSL client cert auth and CN.
1613 * Avoid infinite recursion in Page.parsePageLinks.
1614 * Fixed standalone server failing to shutdown if interface == "".
1615 * Now MoinMoin does not think anymore that every page links to various user
1617 * Made the irssi parser more tolerant (Thanks to "TheAnarcat").
1618 * Now multiple formatters can be used per request, the send_page code was
1619 not reentrant to this regard. Fixes "empty" search results.
1620 * Fixed problem with "=" in ImageLink macro links.
1621 * Not a moin bug, but a silly stdlib os.tempnam function made trouble to
1622 some people because it lets you override the path given in the code
1623 by setting the environment variable TMP(DIR). We now use a different
1624 function to avoid renaming trouble when TMP(DIR) points to a different
1626 * Fixed antispam update on every save (Thanks to "TheAnarcat").
1627 * GUI converter: don't throw away rowclass for tables.
1628 * GUI editor formatter: allow height for table cells.
1629 * GUI editor formatter: comment texts are output using the formatter now.
1632 * Mail notifications contain a link to the diff action so the user
1633 can see the coloured difference more easily. Thanks to Tobias Polzin.
1634 * FeatureRequests/MoveAttachments - you can move attachments from one
1635 page to another (and also rename the attachment at the same time).
1636 Thanks to Reimar Bauer.
1637 * Added support for linking to attachment: and inline: URLs with ImageLink.
1638 * Added UNIX socket support for FastCGI, just set the port to some (socket)
1640 * [[Attachlist(pagename,mimetype)]] lists attachments of pagename (default:
1641 current page) with optional mimetype restriction (default: all).
1642 Thanks to Reimar Bauer.
1645 * Minor performance improvements (might be noticeable if you have many
1646 custom navi_bar entries and high server load).
1647 * Avoid usage of no-cache because it breaks attachment download on IE6.
1648 This is a IE bug, not a moin bug.
1649 * Added XHTML to the unsafe list.
1650 * Changed the rst parser to be compatible to the new docutils interface
1652 * Updated EmbedObject macro.
1657 * fixed ticket creation to only use constant values
1660 HINT: read docs/README.migration.
1661 HINT: there was NO change in the underlay/ pages since 1.5.4.
1662 HINT: If you experience problems with the reStructured Text (rst) parser,
1663 please downgrade docutils to "0.4" because there were major interface
1664 breaking API refactorings on the docutils trunk.
1670 * Not a moin bug, but it severely annoyed IE users and also was less
1671 comfortable for users of other browser: since about 1.5.4, we served
1672 attachments with Content-Disposition: attachment - so that the user has
1673 to save them to disk. This was to fix a possible XSS attack using attached
1674 HTML files with Javascript inside for stealing your moin cookie or doing
1675 other nasty things. We improved this by using different behaviour depending
1676 on the potential danger the attached file has when served inline:
1677 mimetypes_xss_protect = ['text/html', 'application/x-shockwave-flash', ]
1678 This is the default value. If you know more dangerous stuff, please just
1679 add the mimetypes there to protect your users and file a bug report
1680 telling us what we missed.
1683 * Make tickets used for some actions more safe.
1686 * edit_ticketing [True] - we protect page save by a ticket (same stuff we
1687 already use for DeletePage and RenamePage action).
1688 NOTE: If you don't use your browser for editing, but some tool like
1689 "editmoin" or "MoinMoin plugin for jEdit", you'll need an update
1690 of them supporting the ticket.
1691 Alternatively, you can use edit_ticketing = False setting - this
1692 is not recommended for internet wikis as it will make spamming them
1694 * If we detect some spammer, we kick him out by triggering surge protection
1695 (if surge protection is not disabled).
1700 * Fixed gui editor converter confusing of `` and {{{}}} markup.
1701 * Fixed emission of HTTP headers (esp. Vary: Cache-Control:).
1702 * Fixed a bad crash that happens (on ANY page!) when you put a *Dict
1703 page's name as a member into a *Group page.
1704 * Fix MyPages action title to use an unformatted string.
1705 * Fix double quoted-printable encoding in generated emails (note: this is
1706 not a moin bug - this just works around bugs in python stdlib).
1707 * Fix mode of drawing files (use config.umask).
1708 * Fix trouble with /?action= urls by dropping getPageNameFromQueryString
1710 * Fixed sre unpickle issues seen on some machines by avoiding to pickle
1712 * Fix Clock code, add more timers.
1713 * Worked around FastCGI problem on Lighttpd: empty lines in the error log.
1714 * Fix (add) locking for caching's .remove() call, small fixes to lock code.
1715 * Print error message when --target-dir=path is missing from moin export
1719 * Added support for "304 not modified" response header for AttachFile get
1720 and rss_rc actions - faster, less traffic, less load.
1721 * Limit rss with full diffs to 5 items.
1722 * Allow surge_action_limits = None to disable surge protection.
1723 * moin.fcg improved - if you use FastCGI, you must use the new file:
1724 * can self-terminate after some number of requests (default: -1, this
1725 means "unlimited lifetime")
1726 * the count of created threads is limited now (default: 5), you can use
1727 1 to use non-threaded operation.
1728 * configurable socket.listen() backlog (default: 5)
1729 * Added indonesian i18n (id).
1730 * Some measures against spammers trying to brute force their spam into moin.
1731 * EmbedObject macro: added mov, mpg and midi support
1732 * moin ... export dump --target-dir=PATH --page=PAGENAME_REGEX
1733 You must specify --target-dir (where dump will write the html files to)
1734 and you may specify --page and either a page name or a regex used to
1735 match all pages you want to export. Default is to export all pages.
1739 * more efficient locking code on POSIX platforms, we do much less I/O
1741 * removed most chmod calls in favour of a single os.umask call
1742 * Improved Python 2.5 compatibility. Note: if you think that MoinMoin
1743 is using too much RAM, you might want to look at Python 2.5 because
1744 of its improved memory management.
1745 * Throw away SAVE comments longer than 200 chars (you can't enter those by
1746 the user interface, so only spammer using automatic POSTs do them).
1747 * Updated spider user agent list.
1748 * BadContent and LocalBadContent now get noindex,nofollow robots header,
1750 * Standalone opens it logfile unbuffered from now on, thanks to
1752 * Avoid trouble when request.write() data contains None, just skip it -
1753 thanks to Juergen Hermann.
1754 * Instead of showing a ConfigurationError, moin now emits "404 Not found"
1755 http headers and a hint about what could be wrong. This won't fill up
1756 your logs just because of typos and spiders still trying old URLs.
1760 HINT: read docs/README.migration.
1761 Version 1.5.4-current:
1762 * increased maxlength of some input fields from 80 to 200
1764 Version 1.5.current:
1766 * We switched to Mercurial SCM, see here for more infos:
1767 http://moinmoin.wikiwikiweb.de/MoinDev/MercurialGuide
1770 * fix MonthCalendar macro for non-ASCII pagenames (thanks to Jonas Smedegaard)
1771 * remove 'search' and 'google' from bot user agent list and add some more
1773 * Fix the forgotten password email login URL and also properly encode the
1774 email body. Thanks to Robin Dunn for the patch.
1775 * Applied a patch by Matthew Gilbert for increased compatiblity with
1781 * Added CSS classes for TableOfContents macro.
1784 * GUI editor / GUI editor converter:
1785 * Fixed missing GUI editor link in edit bar.
1786 * Fixed table/row/cell style spaces.
1787 * Changed <p> generation for macros.
1788 * Fixed handling of subpages.
1789 * Fixed processing of complex list elements (thanks to Craig Markwardt).
1790 * Fixed processing of html \n (thanks to Craig Markwardt).
1791 * Fixed joining of comment lines with text below them.
1792 * Fixed table height attribute crash.
1793 * Fixed sslclientcert auth.
1794 * Added some missing files to i18n processing, translatable strings more
1796 * Change <p> generation from self-closing (<p />) to auto-closing (only
1797 emit <p>, let browser find place for </p>).
1798 * Fix eating of newline before tables.
1799 * Fixed incorrect login hint for not logged-in users trying a disallowed
1801 * Fixed nasty missing or double </a> formatter bug (mostly happening when
1802 user has enabled questionmarks for nonexisting pages).
1805 * We catch and ignore html to wiki conversion errors in case of hitting
1806 the cancel button, so you can get out of the error screen.
1810 * Modified SystemInfo macro to give human readable units and disk usage
1811 * cfg.editor_quickhelp makes the quick help below the editor configurable
1812 (at least as far as the default_markup is concerned). If set to None,
1813 it doesn't display any quickhelp. Thanks to Seth Falcon for the patch.
1816 * Fixed double class attribute for nonexistent links
1817 * Fixed double </a> with qm_noexist option
1818 * Fixed table xxx="yyy" style attribute parsing
1819 * If not (editor_force and editor_default == 'text') then display GUI mode
1820 switch button (this is only a partial fix, but enough to deny the GUI
1821 mode to your users completely)
1822 * Fixed XSS issue which could lead to cookie theft etc.
1823 * Fixed definition list "same level" indenting.
1824 * Fixed pagename in log for PackagePages action.
1825 * Made <p> self-closing and line-anchors more well-behaved, thanks to
1826 Martin Wilck for the patch. I didn't apply the <ol> patch, because this
1827 is no real problem, just a problem of a bad standard.
1828 * Fixed gui editor *bgcolor crash.
1829 * Support/Fix tableclass attr with gui editor.
1832 * Moved back UserPreferences action link from menu to top of page (renaming
1833 it to "Preferences"), added "Cancel" button to make it possible to return
1834 to the previous page without saving preferences.
1835 * Removed formatter.url "attrs" keyword arg that took premade html, we use
1836 separate kw args per attribute now.
1837 * Moved broken tests to MoinMoin/_tests/broken (= disabling them).
1838 All "active" tests run ok now.
1839 If you want to compare, I included the output of this test run:
1840 $ make test >tests/make_test.out
1846 * HINT: please read README.migration
1847 * Login and Logout are actions now, therefore you stay on the page where
1849 * UserPreferences is also an action now and moved from top border (in
1850 modern theme) to the "more actions" dropdown menu. You also stay on the
1852 * There is also a [[Login]] macro now. You can put it on any page you want
1853 and if the user is not logged in, it renders the login form. If the user
1854 is logged in, it doesn't render anything.
1855 * We check cfg.superuser to be a list of user names (as documented) and
1856 deny superuser access if it is not. This avoids security issues by
1857 wrong configuration.
1858 * auth methods changed:
1859 HINT: if you wrote own auth methods, please change them as you see in
1860 MoinMoin/auth.py and test them again before relying on them.
1861 * now get a user_obj kw argument that is either a user object returned
1862 from a previous auth method or None (if no user has been made up yet).
1863 The auth method should either return a user object (if it has
1864 determined one) or what it got as user_obj (being "passive") or None
1865 (if it wants to "veto" some user even if a previous method already has
1866 made up some user object).
1867 * return value of continue_flag is now True in most cases (except if
1868 it wants to "veto" and abort).
1869 * moin_cookie auth method now logs out a user by deleting the cookie and
1870 setting user_obj.valid = 0. This makes it possible to still get the
1871 user's name in subsequent auth method calls within the same request.
1872 * added ldap_login and smb_mount auth methods, see MoinMoin/auth.py and
1873 wiki/config/more_samples/ldap_smb_farmconfig.py
1874 * MonthCalendar now takes an additional argument for specifying a template
1875 to use to directly invoke the page editor when clicking on non-existing
1877 * Added ImageLink macro. Thanks to Jeff Kunce, Marcin Zalewski, Reimar
1878 Bauer and Chong-Dae Park for working on it.
1879 * Lupy stuff (still experimental, partly broken and disabled by default):
1880 * Attachment search using lupy (lupy_search = 1 in your config)
1881 Title search will also search attachment filenames.
1882 Full text search will also search attachment contents.
1884 Some filters depend on external converters that might not be available
1885 for any platform (see Depends: line in filter plugin).
1886 Feel free to contribute more filter plugins, especially if you wrote
1887 some nice platform independant filter in Python for some popular file
1888 format! Filters implemented so far (depending on):
1889 MS Word, RTF, MS Excel (antiword, catdoc)
1891 OpenOffice.org XML based data formats (-)
1894 JPEG's EXIF data (-)
1896 * As you might know, Lupy is "retired" (that means it isn't developped
1897 by its authors any more). We are currently evaluating Xapian as new
1898 indexing search engine in moin.
1899 If we succeed, we will replace Lupy stuff by some Xapian interface
1901 But: the filters will likely stay, as we also need them with Xapian.
1903 * A new MoinMoin script interface was introduced:
1905 Syntax: moin [options] <cmdmodule> <cmdname> [options]
1908 moin --config-dir=/my/cfgdir --wiki-url=wiki.example.org/ \
1909 export dump --page=WikiSandBox
1911 This will call the "moin" script, which will use the --config-dir and
1912 --wiki-url options to initialize, then it will go to MoinMoin.script
1913 module, import the export.dump module from there and run it, providing
1914 the additional --page value to it.
1916 The old scripts that have not been migrated to this new interface can
1917 still be found in MoinMoin/script/old/ - including the old migration
1919 * moin ... account create --name=JoeDoe --email=joe@doe.org
1920 * moin ... account disable --name=JoeDoe
1921 * moin ... acount check <-- this is what usercheck script was before
1922 * moin ... maint cleancache <-- this is what cachecleaner script was
1923 * moin ... maint cleanpage <-- this is what pagescleaner script was
1926 * cookie_lifetime didn't work comfortable for low values. The cookie was
1927 created once on login and never updated afterwards. So you got logged
1928 out cookie_lifetime hours later, no matter whether you were active at
1929 that time or not. This has been changed, we update the cookie expiry now
1930 on every request, so it will expire cookie_lifetime after your last
1931 request (not after login).
1932 * Fixed logout problems when using cfg.cookie_path.
1933 * Fixed cookie_path for root url wikis.
1934 * Lupy search now behaves a bit less funky. Still no guarantees...
1935 * We lowered the twisted server timeout to 2 minutes now (was: 10) because
1936 it just used up too many files (open TCP connections until it timeouts)
1938 * The algorithm used for processing the farmconfig.wikis list was changed
1939 to work for big farms (>= 50 wikis), too. This works around the python
1940 "re" module limitation of having a maximum of 100 named groups in a RE.
1941 * Fixed a TypeError which occurred for formatters that dislike None values.
1943 * Fixed GUI editor converter error for https:... image URLs.
1944 * ThemeBase (use by modern/rightsidebar): removed duplicate AttachFile from
1945 actions menu (we already have it in editbar).
1946 * Speedup group/dicts scanning for persistent servers.
1947 * Implemented HEAD requests for standalone server, this should fix some of
1948 the strange effects happening when using "Save as" on attachments.
1949 * Not a moin bug, but rather a workaround for non-standard non-ASCII DNS
1950 hostnames: we just use the IP instead of crashing now.
1951 * Spurious cyclic usage error in i18n fixed.
1952 * Fixed antispam for python 2.5a xmlrpclib.
1953 * I18n for linenumber toggle in listings.
1954 * All action menu entries are translatable now.
1957 * Added css classes for the rst admonitions. Thanks to TiagoMacambira!
1962 * Added FullSearchCached macro which is statically cached.
1963 Use it if you do not depend on fresh search results but prefer raw speed.
1964 * Added surge protection, see HelpOnConfiguration/SurgeProtection.
1965 * Allow hex and symbolic entities.
1966 * If there is a user with empty password, we just generate a random one
1967 when he requests it getting sent by mail. Thanks to Reimar Bauer.
1968 * The superuser now can switch to another user using UserPreferences -
1969 nice to help your users when they forgot their password or need other
1970 help. You need to logout/relogin to use your own userid afterwards.
1971 This function only works correctly if you use moin_cookie authentication.
1972 Thanks to Reimar Bauer.
1973 * Add new markup for bulletless lists: just use a "." instead of "*".
1976 * Added "voyager" to bot useragent list.
1977 * Added locking for caching subsystem.
1978 * Deron Meranda's formatter API cleanup.
1979 * Added div and span to formatter API.
1980 * Removed old unfinished form and export code.
1984 * Fixed table attribute parsing.
1985 * Fixed cookie handling wrt properties adherance.
1986 * The new "." list markup makes it possible to have a bulletless list with
1987 elements on the same level. Before this change and only using indentation
1988 with blanks, that would get merged into a single paragraph.
1989 * It is possible now to have multiple paragraphs in the same list element,
1990 just leave an empty line in between the paragraphs.
1991 * Fixed GAP processing for ordered lists.
1992 * Fix text_gedit formatter's invalid list nesting.
1993 * Fixed hr crash in blockquote (but needs more work).
1994 * Fixed FootNote's formatter usage.
1995 * Fixed rst's headline levels.
1998 * Fixed that macros were followed by a wrong <p>.
1999 * Added <blockquote> to the block elements in the text_html formatter,
2000 so it does not close it erratically when you close a inner <p>.
2001 * GUI editor converter now also accept http: urls without // (relative or
2003 * Fixed the DocBook parser in cases where the pagename was non-ascii.
2010 * Fixed rst parser docutils version check
2011 * Repaired attachment unzipping feature.
2012 * Fixed the AddRevision command of the PackageInstaller.
2013 * improved the migration scripts (used to migrate pre-1.3 wikis to 1.3+):
2014 * do not crash on empty lines in event log
2015 * fix edit log format for very old moin data (like 0.11)
2016 * workaround for an ugly win32 operating system bug leading to wiki text
2017 file mtime not matching edit logs timestamp values if there was some
2018 timezone change since last edit (e.g. a daylight saving tz switch),
2019 but differing 3600s.
2020 This affected pre-1.3 moin wiki servers running on win32 OS only.
2021 We now try to correct those inconsistencies in mig05 by fuzzy matching.
2022 * fixed bracketed link scheme icon (css class)
2023 * we included a modified copy of Python 2.4.2's copy.py as some previous
2024 python versions seem to have problems (2.3.x, x < 5 and also 2.4[.0]),
2026 Our own copy.py was slightly modified to run on 2.3.x and 2.4.x.
2027 * Fixed the problem of not being able to change the date/time format back
2028 to "Default" (UserPreferences).
2029 * We generate the GUI editor footer now the same way as the text editor
2031 * Include a CSS workaround for yet another IE bug, see:
2032 MoinMoinBugs:InternetExplorerPeekABooBugInRightSideBar
2033 * classic theme: added GUI editor link
2034 * classic theme: added pagename header to editor screen
2035 * the "mail enabled" check now also checks whether mail_from is set
2038 * Updated FCKeditor to current CVS (2006-01-08 == 2.2+)
2039 * Split up show_hosts into show_hosts and show_names
2040 * attachment:file%20with%20spaces.txt in attachment list
2041 * added support for file:// in GUI editor link dialogue, see also:
2043 * cfg.mail_smarthost now supports "server:port" syntax, the default port
2045 * removed unused kwargs showpage/editable/form from wikiutil.send_footer
2046 * updated i18n (translation texts, additional languages)
2047 * removed interwiki:pagename from print view's top of page, added it to
2048 the "lasted edited" line at bottom right.
2052 HINT: 1.5.0 uses the same data/pages format as 1.3.x. The only thing you want
2053 to check is whether the 1.5.x version you are upgrading to has NEW mig
2054 scripts compared to the version you are running now (e.g. in 1.3.5 we
2055 added some scripts that fixed some small problems).
2056 See the MoinMoin/scripts/migration/ directory.
2057 You must run every mig script in sequence and only ONCE ever.
2059 * Fix <x=y> table attributes parsing. Thanks to Reimar Bauer.
2060 * Fixed a few bugs in the reStructured text parser. Note that you
2061 need to install docutils 0.3.10 or newer (snapshot from December 2005
2062 or newer) to make reStructuring parsing work:
2063 * Case preservation for anonymous links
2064 * MoinMoin links get the appropriate CSS class
2065 * Images do not get special CSS markup anymore
2066 Thanks to Matthew Gilbert.
2067 * Fixed a bug in the WSGI code which led to incorrect exception handling.
2068 * Removed all nationality flags. They used to be used for indicating some
2069 specific language (NOT nationality) and this was simply wrong and a bad
2071 * Fixed some header rendering issues (CSS).
2072 * SystemAdmin macro now checks against cfg.superuser list.
2075 * Added turkish i18n. To be considered as alpha as it got in last minute.
2079 This is the first release candidate of MoinMoin 1.5.0.
2082 * fixed broken logs when a DeletePage (maybe also RenamePage) comment
2083 contained CR/LF characters (could happen when using copy&paste)
2084 * fixed GUI editor MoinEditorBackup page containing HTML instead of wiki
2086 * fixed invalid HTML in FootNotes
2087 * fixed HTML source in EditorBackup after canceling GUI editor
2088 * Footnotes of included pages are not shown at the bottom of the including page.
2089 * Bug in Dict handling that often breaks first entry
2093 * Added SSO module for PHP based apps. Currently supported: eGroupware 1.2.
2094 No need to login in two systems anymore - MoinMoin will read the PHP session
2098 * Improved rendering of bullet lists and external links in Restructured text.
2099 Thanks to Matthew Gilbert.
2100 * Fixed modern theme rendering, including some fixes and workarounds for
2102 * When checking for email uniqueness, do not compare with disabled user
2104 * Fix sending of HTTP headers for Despam action.
2105 * Add some margin left and right of the link icons.
2108 * Made it easier for auth methods needing a user interface (like ldap or
2109 mysql stuff). Unlike http auth, they usually need some "login form".
2110 We made UserPreferences login form values (name, password, login, logout)
2111 available as kw args of the auth method, so it is easy and obvious now.
2112 * Make login and logout show at the same place. Is only shown when
2113 show_login is True (default).
2114 * Disabled login using &uid=12345.67.8910 method. Please use name/password.
2115 * Made builtin moin_cookie authentication more modular: the cookie is now
2116 touched by MoinMoin.auth.moin_cookie only, with one minor discomfort:
2117 When creating a user, you are not automatically logged in any more.
2118 * We now use the packager for additional help and system pages in all other
2119 languages except English. The packages are attached to SystemPagesSetup
2120 page and can be installed from there after getting "superuser" powers.
2121 The "extra" package contains a collection of orphan pages not listed on
2122 some SystemPagesIn<Language>Group page.
2127 * Fixed a minor user interface bug: it showed RenamePage and DeletePage
2128 actions in the menu if you only had write rights and then complained
2129 when you really tried when you had no delete rights additionally.
2130 * We don't remove RenamePage and DeletePage from menu any more if user is
2131 unknown. This stuff is only driven by ACLs now.
2132 * Some fixes to Despam action.
2133 * Fixed moin_dump (broken by some recent theme init change).
2134 * Fixed a few tests by moving the theme init from moin_dump to RequestCLI.
2135 * removed old_onload reference from infobox.js
2136 * Fixed MoinMoin logo for IE.
2137 * search: fixed whitespace handling in linkto: search terms
2138 * Increased stability of the tests system by outputting results to sys.stdout
2139 instead of request. Note that this changes the semantics for e.g. mod_py or
2141 * Fixed packaging system in the case of AddRevision that does not alter the page.
2142 * Fixed a few bugs in the XML formatters (dom_xml, text_xml, xml_docbook).
2143 * Fixed link icons. We now just use a.xxx.before where xxx is the link scheme,
2144 e.g. a.http.before. See theme's common.css.
2145 * Hopefully fixed some issue with non-ASCII attachment filenames.
2146 * Workaround for Opera 8.5 making silly "No addition" categories.
2147 * Do not show GUI editor for non-wiki format pages, because we only have a
2148 converter from html to wiki right now.
2149 * Fix the modern CSS issues for editbar, when it shifted content far right.
2150 Also removed the absolute height value that never was right.
2151 * Fix mod_python adaptor bugs failing to handle Location correctly.
2152 See: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=339543
2155 * Added irc:// to the builtin supported link schemas. You can remove it
2156 from config.url_schemas in case you have patched it in there.
2157 * Added cfg.user_autocreate (default: False). Use True to enable user
2158 profile autocreation, e.g. when you use http authentication, so your
2159 externally authenticated users don't need to create their moin profile
2160 manually. The auth method (see cfg.auth list) must check this setting
2161 if it supports auto creation.
2162 * Added user_autocreate support for auth.http and auth.sslclientcert.
2163 * Added "." and "@" to allowed characters in usernames. This is needed
2164 e.g. when using mod_pubcookie for authentication. mod_pubcookie returns
2165 userids like "geek@ANDREW.CMU.EDU" (e.g. the Kerberos domain is part of
2166 the id). Thanks to Brian E. Gallew for his patch, which we used for
2167 inspiration for user autocreation changes.
2168 * Changed auth method to return a tuple (user_obj, continue_flag), see
2169 comments in auth.py.
2170 * auth methods now create user objects with kw args auth_method and
2171 auth_attribs, so that moin knows later how the user was authenticated
2172 and which user object attributes were determined by the auth method.
2173 * Added MoinMoin/scripts/import/IrcLogImporter.py to import supybot's
2174 IRC logs into a moin wiki. We use MonthCalendar compatible page names,
2175 so you can use the calendar for showing / navigating the logs.
2176 * Removed packager binary from FCKeditor (fixing a Debian policy problem).
2177 * Worked around .png transparency bugs of IE with the new logo. We ship
2178 two logos: moinmoin.png without an alpha channel (IE compatible) and
2179 moinmoin_alpha.png which has an alpha channel and looks better on
2180 browsers with full .png support.
2181 * Allow a .zip file to have a directory in it if it is the only one.
2185 * use <span class="anchor"> instead of <a> for line-xxx anchors, this
2186 fixes some rendering problems on IE
2187 * Fixed the ReStructured text parser when it was used with non-HTML
2188 formatters. Increased compatiblity with new docutils code.
2189 (Thanks to Matt Gilbert.)
2191 * cfg.stylesheets = [] (default). You can use this on wiki or farm level
2192 to emit stylesheets after the theme css and before the user prefs css.
2193 The list entries must be ('screen', '/where/ever/is/my.css') style.
2194 * Added sample code for auth using an external cookie made by some other
2195 program. See contrib/auth_externalcookie/*. You need to edit it to
2196 fit whatever cookie you want to use.
2200 * fixed editor preview throwing away page content for new pages
2201 * require POST for userform save and create* action
2202 * use request.normalizePagename() while collecting pagelinks
2203 * do not offer gui editor for safari
2205 * tell user if account is disabled
2206 * added support for linking to .ico and .bmp
2207 * attachment methods for the text_xml and xml_docbook formatters
2209 * updated i18n (fixed nl, did nobody notice this?) and underlay
2210 * changed show_interwiki default to 0
2215 * fix gui editor (converter) crash on save
2218 * Avoid destroying existing page content if editor is called with
2219 template parameter for an existing page.
2220 * fix countdown javascript for browser status line in editor
2221 * added page title display for editor
2222 * added header div for classic theme
2224 Authentication and related:
2225 * Added a WhoAmI.py wiki xmlrpc plugin to check whether auth works
2226 correctly for xmlrpc. There is a counterpart script WhoAmI.py that
2227 uses http auth when calling the xmlrpc plugin, so you can use it to
2231 * Requirements changed to require Python >= 2.3. We recommend that
2232 you use the latest Python release you can get. The reason we
2233 dropped 2.2.2 support is because no developer or tester uses this
2234 old version any more, so incompatibilities crept in the code
2235 without anybody noticing. Using some recent Python usually is no
2236 real problem, see there for some hints in case you still run an
2237 old python: http://moinmoin.wikiwikiweb.de/NewPythonOnOldLinux
2238 The hint also does apply to other POSIX style operating systems,
2240 * We recommend you use MoinMoin/scripts/cachecleaner.py to clean the
2241 wiki's cache (see comments at top of the script).
2242 The cache will automatically be rebuilt (some operations may take
2243 some time when first being used, e.g. linkto: search, so be patient!).
2246 * there is a file CHANGES.config with just the recently changed stuff
2249 * page_front_page old: u"FrontPage" new: u"HelpOnLanguages"
2250 please just read the help page in case you see it :)
2251 * bang_meta old: 0 new: 1
2252 * show_section_numbers old: 1 new: 0
2253 * some regexes that used to be [a-z]Uxxxx$ are now [a-z0-9]Uxxxx$
2254 * navi_bar has no page_front_page as first element any more
2255 * removed settings and code [new behaviour]:
2257 * allow_extended_names [1]
2258 * allow_numeric_entities [1]
2260 * allow_subpages [1]
2262 * cfg.mail_sendmail = "/usr/sbin/sendmail -t -i" can be used if sending
2263 via SMTP doesn't work on your server. Default is None and that means
2265 * language_default replaces the old default_lang setting (just renamed).
2266 * language_ignore_browser = True can be used to let moin ignore the
2267 user's browser settings (e.g. if you run a local-language only wiki
2268 and your users use misconfigured or buggy browsers often). Default is
2269 False. Don't forget to set language_default when using this.
2271 * Wiki Editor changes / new WYSIWYG editor
2272 * fully imported the javascript based LGPLed FCKeditor (many thanks
2273 to Fred CK for his great work). See http://fckeditor.net/ for details.
2274 * config for FCKeditor is at wiki/htdocs/applets/moinfckeditor.js
2275 * added cfg.interwiki_preferred (default = []) to set a list of wikis to
2276 show at the top of the wiki selection list when inserting an
2277 interwiki link (just use the same wiki name as in interwiki
2278 map). If the last list item is None, then the preferred wikis
2279 will not be followed by the entries of the interwiki map.
2280 * moved save/preview/... buttons to the top so that they can be
2282 * reduced edit_rows default to 20 lines
2283 * Added support for edit by doubleclick in the diff view
2285 * Improved wiki farm support
2286 * make user files sharable between several wikis in a farm
2287 * allow/use interwiki subscriptions
2288 * use interwiki links in page trail
2289 * save bookmark per wiki name
2290 * cfg.cookie_domain can be used to set a cookie valid for a complete
2291 domain (default: None == only for this host). If you use '.domain.tld',
2292 the cookie will be valid for all hosts *.domain.tld - good for host
2294 * cfg.cookie_path can be used to set a cookie valid for a wiki farm under
2295 some base path (default: None == only for this wiki's path). If you use
2296 '/wikifarm', the cookie will be valid for all wikis
2297 server.tld/wikifarm/* - good for path based wiki farms.
2298 * Interwiki user homepage (if you have MANY users)
2299 Generated links for usernames are interwiki now, use cfg.user_homewiki
2300 (default: 'Self') to specify in which wiki the user home pages are
2301 located. Note: when pointing this to another wiki, the /MoinEditorBackup
2302 functionality will be disabled.
2303 @SIG@ also uses interwiki when needed.
2305 * Authentication, ACLs and related
2306 * Modular authentication: cfg.auth is a list of functions that return a
2307 valid user or None, use it like this:
2308 from MoinMoin.auth import http, moin_cookie
2309 auth = [http, moin_cookie]
2310 * cfg.auth_http_enabled was removed, please use cfg.auth instead.
2311 * http auth now supports "Negotiate" scheme, too
2312 * Added sslclientcert auth method (Apache: untested, Twisted: not
2313 implemented, IIS: no idea). See MoinMoin/auth.py for details.
2314 Submit a patch if you have improvements.
2315 * cfg.superuser is a list of unicode usernames. It is used by some
2316 critical operations like despam action or PackageInstaller.
2317 * removed allowed_actions, we now use actions_excluded only and it
2318 defaults to [], that means, no action is excluded, everything is
2319 allowed (limited by ACLs). In case of RenamePage and DeletePage,
2320 this shouldn't be a problem as both can be reverted. In case you
2321 did not allow attachments, you now have to use:
2322 actions_excluded = ['AttachFile']
2323 * special users (All, Known, Trusted) in Groups are now supported
2324 * MoinMoin.security.autoadmin SecurityPolicy added
2325 When using this security policy, a user will get admin rights on his
2326 homepage (where pagename == username) and its sub pages. This is needed
2327 for the MyPages action, but can also get used for manual ACL changes.
2328 It can also be used for Project page auto admin functionality, see the
2329 comments in the script for details.
2330 Further it can automatically create the user's group pages when the
2331 user saves his homepage.
2332 * there is a UpdateGroup xmlrpc call, see MoinMoin/xmlrpc/UpdateGroup.py -
2333 you can use this to update your *Group pages e.g. when generating them
2334 from an external group database.
2336 * UserPreferences changes
2337 * Alias name: is used for display purposes, when "name" is cryptic. It is
2338 shown e.g. in the title attribute of userid links (displayed when
2339 moving the mouse over it).
2340 * "Publish my email (not my wiki homepage) in author info" - use this
2341 if you don't have a wiki homepage, but if you want to be contactable
2342 by email. When you edit a page, your email address will be published
2343 as mailto: link on RecentChanges, at bottom of page (last editor) and
2344 in page info. If the wiki runs publically on the internet, be careful
2345 using this or your email address might be collected by spammers.
2346 * Preferred Editor: whether you want to use the text editor (as in
2347 previous moin versions), the gui editor (new!) or both (you will get
2348 2 edit links in that case).
2349 * a user can add/remove the current page to/from his quicklinks with an
2350 appropriate action now
2351 * if cfg.user_email_unique = False, we don't require user's email
2352 addresses to be unique
2353 * removed show_fancy_links user preferences setting to simplify code and
2354 caching. Displaying those icons is now done by CSS styles (see
2355 common.css). Maybe needs fixing for non-standard themes and RTL langs.
2358 * added strikethrough markup: --(striked through text here)--
2359 * @ME@ expands to just the plain username (no markup added) on save
2362 * when a user accesses his own non-existing homepage (pagename ==
2363 username), the wiki will present the MissingHomePage system page
2364 content, explaining what a user homepage is good for and offer
2365 one-click editing it with content loaded from HomepageTemplate
2366 * creation of homepage subpages is assisted by the MyPages action, which
2367 offers rw, ro page creation (and a related group) or creation of private
2368 pages. If you are not in the user_homewiki, you will get redirected
2371 Other changes/new features:
2372 * Added PackageInstaller and unzipping support (see wiki page
2373 HelpOnActions/AttachFile for further details). PackageInstaller requires
2374 the user to be in cfg.superuser list.
2375 * Added an PackagePages action to simplify the package creation.
2376 * Added location breadcrumbs - when you are on some subpage, the page
2377 title parts link to the corresponding parent pages, the last part does
2378 the usual reverse linking.
2379 * added WSGI server support, thanks to Anakim Border, see:
2380 wiki/server/moinwsgi.py (moin as WSGI app, uses the flup WSGI server,
2381 see http://www.saddi.com/software/flup/)
2382 MoinMoin/server/wsgi.py (adaptor code)
2383 * added a "Despam" action to make de-spamming a wiki easy (mass revert
2384 bad changes done by a single author or bot). You need to be in
2385 cfg.superuser to use it.
2386 * Better diffs with links to anchors to the changed places
2387 * Enhanced table support in the DocBook formatter.
2388 * Added 'moin' daemon script, that let you run moin standalone
2389 server as daemon and control the server with simple command line
2390 intreface: moin start | stop | restart | kill
2391 * Add 'restart' option to mointwisted script
2392 * Add properties option to standalone server config. Allow
2393 overriding any request property like in other server types.
2394 * Add support for running behind proxy out of the box with out
2396 See HelpOnConfiguration/IntegratingWithApache
2397 * added a WikiBackup action, configure it similar to this:
2398 data_dir = "/path/to/data"
2399 backup_include = [data_dir, ] # you can add other dirs here
2400 backup_users = ["BackupUserName", ] # only TRUSTED users!
2401 You usually don't need to change the default backup_exclude setting.
2402 The default backup_include list is EMPTY and so will be your
2403 backup in case you don't configure it correctly.
2404 If you put your data_dir there, the backup will contain private
2405 user data like email addresses and encrypted passwords.
2406 * Added a SubscribeUser action which allows the administrator to subscribe users to the
2408 * Added thread count to SystemInfo macro.
2409 * Added Petr's newest patch against the DocBook code. It allows you to use macros (esp. the include macro) in DocBook pages in order to build larger documents.
2410 * Added a RenderAsDocbook action which redirects to the DocBook formatter.
2411 * Added searching for wiki-local words lists under <data_dir>/dict/.
2412 They are used additionally to the global lists in MoinMoin/dict/.
2413 * moin_dump now also dumps attachments referenced from the page.
2414 It doesn't dump stuff that is just attached, but not referenced!
2415 * On RecentChanges we now force the comment to be breakable, this improves
2416 rendering of over-long words or on narrow browser windows - especially
2417 for themes with limited content width like rightsidebar.
2418 * We now have the "new" icon on RecentChanges clickable, just links to the
2420 * Print view now shows "interwikiname: pagename" (for show_interwiki = 1).
2422 International support:
2423 * mail_from can be now a unicode name-address
2424 e.g u'Jürgen wiki <noreply@jhwiki.org>'
2427 * logo_string is now should be really only the logo (img).
2428 If you included your wiki's name in logo_string you maybe want to remove
2429 it now as it is shown as part of the location display now anyway (if
2430 you set show_interwiki = 1).
2431 * You maybe want to remove page_front_page from your navi_bar - we link to
2432 that page now from the logo and (new, if you set show_interwiki = 1) from
2433 the interwiki name displayed in location display, so you maybe don't need
2434 it in navi_bar, too.
2435 * If you have a custom theme, you should / may:
2436 * sync modern/css/screen.css #pagelocation #pagetrail stuff to your
2437 screen.css or pagelocation display (title()) will look strange (like a
2439 * remove "#title h1 ..." CSS (or any other CSS assuming h1 is a page
2440 title and not just a first level heading), it is not used any more.
2441 * we now render = heading = as <h1> (was <h2> before 1.5),
2442 == heading == as <h2> (was <h3>), etc.
2443 * maybe move both title() and trail() to header area, like the builtin
2445 * there is a new interwiki() base theme method that optionally (if
2446 show_interwiki = 1) shows the interwiki name of this wiki and links to
2447 page_front_page. The css for it is #interwiki.
2450 * Plugin API was improved. When plugin module is missing,
2451 wikiutil.PluginMissingError is raised. When trying to import a
2452 missing name from a plugin module, wikiutil.PluginMissingError is
2453 raised. You must update any code that use wikiutil.importPlugin.
2454 Errors in your plugin should raise now correct tracebacks. See
2455 http://moinmoin.wikiwikiweb.de/ErrorHandlingInPlugins
2456 * pysupport.importName was changed, it does not check for any
2457 errors when trying to import a name from a module. The calling
2458 code should check for ImportError or AttributeError. Previous
2459 code used to hide all errors behind None.
2460 * Its easier now to customize the editbar by overriding
2461 editbarItems() in your theme, and returning a list of items to
2462 display in the editbar. To change a single editbar link, override
2463 one of the xxxLink methods in your theme.
2466 * request.formatter (html) is available for actions now
2467 * theme API's d['page_home_page'] is gone (sorry) and replaced by
2468 d['home_page'] which is either None or tuple (wikiname,pagename).
2469 It is better to use the base classes function for username/prefs anyway.
2470 * introduced cfg.hacks for internal use by development, see comment in
2471 multiconfig.py and file HACKS.
2472 * added IE7 (v0.9) from Dean Edwards (see http://dean.edwards.name/IE7/) -
2473 that should fix quite some IE bugs and annoyances (on Win32).
2474 * for enabling IE7, use cfg.hacks = { 'ie7': True }
2475 * reducewiki now also copies all attachments (we use that to make underlay
2476 directory from moinmaster wiki's data_dir)
2479 * Fixed a typo in xslt.py which led to a traceback instead of an
2480 error message in case of disabled XSLT support.
2481 * Fixed crash in twisted server if twisted.internet.ssl is not
2483 * Fixed wrong decoding of query string, enable wiki/?page_name urls
2484 with non ascii page names.
2485 * Fixed wrong display of non ascii attachments names in
2486 RecentChanges and page revision history.
2487 * Fixed a crash when trying to run standalone server on non posix os.
2488 * Fixed highlight of misspelled words in Check Spelling action.
2489 * Fixed case insensitivity problems on darwin (Mac OS X). See
2491 * Added RecentChanges (only the english one) to the pages getting
2492 html_head_index headers
2493 * text_html cache files written with this code will invalidate themselves
2494 if they detect to be older than the wikiconfig. Note: you should remove
2495 all old text_html cache files once after upgrading, they will then be
2496 rebuilt automatically with the new code.
2498 * Fixed the word_rule: a word like AAAbbAbb isn't teared into two parts
2499 any more (was: AA<link>AbbAbb</link>)
2500 * Fixed false positive InterWiki markup for languages like Finnish.
2501 InterWiki links are only rendered if the left side has an appropriate
2502 entry in the interwiki map, otherwise it is rendered as simple text.
2503 * Fixed unicode error when uploding non-ascii file name using mod
2505 * Fixed error handling of wikirpc requests, should give more
2506 correct errors and prevent no error output and blocking the
2507 client in some cases.
2508 * Fixed the "lost password" mail processing. If a user entered some email
2509 address unknown to the system, he was not notified of this, but just got
2510 a useless mail with no account data in it. Now the system directly tells
2511 the user that he entered an unknown email address.
2512 * Fixed SystemInfo, it now also lists parsers in data/plugin/parser dir.
2513 * Fix error handling on failure, improved error display
2514 * Fix error handling when importing plugins or importing modules
2515 dynamically. The fix is not backward compatible with older plugins.
2516 * Fix chart action, returns a page with error message when chart
2518 * Fixed formatter usage in the ShowSmileys macro.
2519 * Fixed updating pagelinks cache for [:page:text] or [wiki:Self:page text],
2520 fixes display of LocalSiteMap and rendering of such links.
2521 * Hopefully fixed urllib problems (esp. with py 2.4.2, but also before) by
2522 using our own urllib wrapper that handles encoding/decoding to/from
2523 unicode, see wikiutil.py. Also made a similar fix for making and parsing
2525 * Fixed MonthCalendar tooltips when containing special chars like quotes.
2526 * Added html escaping for diff text for RSS feed with diff=1.
2527 * The distance between page content beginning and the first = heading =
2528 was much too much. Fixed.
2532 We used that version number for an internal and early development version
2533 for what will be called moin 2.0 at some time in the future.
2534 There will never be a 1.4.x release.
2537 Version 1.3.5 (2005-08-04, Revision moin--main--1.3--patch-883)
2540 * small CSS fix for rightsidebar theme
2541 * applied some Debian patches (thanks to Jonas!):
2542 * de i18n spelling fixes
2543 * AttachFile fix, we strip CR in .draw files now
2544 * when loading spellcheck dictionaries, we want utf-8, but we make
2545 a 2nd try with iso-8859-1 encoding.
2549 * enabled using https with the Twisted server:
2550 You need to use port 443, have PyOpenSSL (+ ssl libs it depends on)
2551 installed and have some site key and certificate PEM files configured in
2552 your twistedmoin.py file:
2553 sslcert = ('/whereever/cert/sitekey.pem', '/whereever/cert/sitecert.pem')
2556 Version 1.3.5rc1 (2005-07-31, Revision moin--main--1.3--patch-865)
2560 * Fixed security bug when acl of deleted page was ignored. See:
2562 * AttachFile did not display the original filename plus there
2563 was a confusion in input field labelling ('Rename to').
2564 * Fixed shortcut link non-existent page detection.
2565 * Fixed non-working bookmark function on python 2.2.x.
2566 * Fixed wikirpc getPageInfo call on python 2.2.x.
2567 * Fixed the failing import of plugins from the data/plugin/
2568 directories if run in zipimport environments.
2569 * Fixed traceback which occurred on negated searches.
2570 * Fixed crash when trying to render error message on twisted, fast
2572 * Fixed error message with modpy, used to show wrong errors below
2574 * Fixed search and goto text fields for better compatibility with
2575 dark themes and better control through css.
2576 * Show an edit link if MissingPage is missing and a warning in the
2578 * Fixed missing footer in the editor.
2579 * Fixed indented (invalid) headings with broken links in table of
2581 * Fixed crash when file name is too long, show standard error message.
2582 * Save trail file in a safe way, should be enough for normal use.
2583 * Fixed remember_last_visit user preferences option when show_trail
2585 * Fixed the tests for Standalone, Twisted, FastCGI and Mod_Python.
2586 Run with ?action=test from any page.
2587 * Fixed rare bug when wrong search type was performed when pasting
2588 search term in Safari.
2589 * Fixed crash for custom formatters and dom_xml (which occurred if
2590 smileys were in the page).
2591 * Editor opens on double click in pages with single quote in the
2592 name, like "Ben's Wiki".
2593 * '/.' in page names are not replaced any more by '/(2e)'
2594 * Fixed the long delays while saving pages using RequestCLI.
2595 * Fixed variable expanding for users with non WikiName.
2596 * Fixed MonthCalendar's calculation of "today" to use the user's
2598 * Fixed moin_dump script, use same configuration options as other
2600 * Fixed url_mappings to work in proxied setups and sent mails
2601 again. Also fixed for image links. Thanks to JohannesBerg.
2602 * Fixed page shown after saving a drawing (esp. when saved from a
2603 sub page). Fixed help link for drawings.
2604 * Fixed mig10 script to run on Python < 2.3.
2605 * The twisted server defaulted to a socket timeout of 12 hours!
2606 We reduced that to a more sane 10 minutes, that should still be more
2607 than enough. This fixed the "too many open files" problem we
2608 encountered quite often recently. Thanks to Helmut Grohne!
2613 * Added cz, pt and pt-br i18n.
2614 * We send a 404 http status code for nonexisting wiki pages now,
2615 maybe this will repell some search engines from requesting gone
2616 pages again and again. The wiki user still sees the MissingPage
2617 wiki stuff, so a user usually won't notice this change.
2618 * Return 500 error code on failure and exceptions.
2619 * Added some more bot / leech tool user agent strings.
2620 * Prevent page floating elements from floating out of the page over
2621 the footer, in modern, rightsidebar and classic themes.
2622 * Encode URLs in a safer way
2623 * We allow usernames with ' character in them now (like Tim O'Brian).
2624 * Added support for the new security flags in docutils 0.3.9.
2625 * @MAILTO@ expands now to safer [[MailTo()]] macro.
2626 * Clarified and i18ned lost password mails.
2627 * Added 'TitleIndex' and 'SiteNavigation' (+ translation) to the
2628 list of pages that use html_head_index (so that robots
2629 "index,follow"). Please make sure to have either FindPage,
2630 TitleIndex or SiteNavigation in your navi_bar or in your
2631 page_front_page content if you want search engines to find all
2633 * Make it possible to send account data when being logged in (for
2634 future reference or whatever purpose).
2635 * Speed up when running with persistent servers, the wiki config
2636 does only get loaded once and misc. stuff is being cached between
2638 * The unit tests are disabled when using multi threading, because
2639 the wiki configuration is shared between diffrent threads.
2640 * The main code path (using standalone server) of MoinMoin runs on
2642 * Formatters do automatically transform HTML to plain text if they are
2643 called with raw HTML code.
2644 * Using larger socket backlog on Standalone and FastCGI servers
2645 should be more reliable on high load.
2646 * We now strip leading path from attachments uploaded by IE (this is
2647 a bug in IE, not in MoinMoin). Better use a sane browser, like Firefox.
2648 * added "teleport" to the user agent blacklist
2652 * Integrated Lupy indexer for better search performance. It is disabled
2653 by default as of 1.3.5 as it still has known issues.
2654 See multiconfig.py if you want to test it.
2655 * Integrated MonthCalendar 2.1, with some new features:
2656 * a mouseover bubble that shows first level headlines of the linked
2658 * all calendars with same pagename move when using cal navigation,
2659 thanks to Oliver Graf
2660 * included AnnualMonthlyCalendar patch of Jonathan Dietrich
2661 (use [[MonthCalendar(Yearly,,,+1,,6,1)]] syntax for birthdays and
2662 other annually repeating stuff)
2663 Make sure you remove old MonthCalendar.* from data/plugin/macro so that
2664 moin will use the new code in MoinMoin/macro/MonthCalendar.py.
2665 Maybe also clear the text_html cache.
2666 * Added the new XSLT parser and the DocBook parser. This should increase
2667 the 4suite compatiblity. See HelpOnXmlPages for details.
2668 It now should run on 4suite 1.0a4 and 1.0b1. Thanks to Henry Ho!
2669 * Added the DocBook formatter. This will let you generate DocBook markup
2670 by writing simple wiki pages. It needs PyXML.
2671 * It is now possible to customize parts of the UserPreferences page in
2672 your wikiconfig (changing defaults, disabling fields, removing fields):
2673 * Use user_checkbox_* for the checkboxes.
2674 * Use user_form_* for other fields.
2675 * See MoinMoin/multiconfig.py for the built-in defaults.
2676 * New standalone server classes: ThreadPoolServer using pool of
2677 threads, ThreadingServer with thread limit and ForkingServer.
2678 * New standalone server configuration options: serverClass,
2679 threadLimit, requestQueueSize.
2680 * Use "PythonOption Location" in mod_python setup to solve script_name
2685 * Theme can now override maxPagenameLength() method to control page
2687 * A search Match now provides access to the full re match via
2688 the re_match attribute (use to access groups of the match)
2689 * Underlay is not managed by arch any more. The tree contains an
2690 underlay tarball, and you should untar after you update from main.
2691 * "make update-underlay" will untar underlay
2692 * "make merge" will star-merge main into your tree
2693 * "make test" will now create and run in a fresh testwiki instace
2694 * "make clean" options added
2695 * _tests module does not have a global request any more. To refer to
2696 the current request in a test, use self.request.
2697 * _tests.TestConfig class require a request in the constructor.
2698 * "python tests/runtests.py test_module" will run only test_module
2699 * request.cfg stays between requests (for persistent servers).
2702 Version 1.3.4 (2005-03-13, Revision moin--main--1.3--patch-666)
2706 * Fixed ACL check in LikePages macro that caused links to unreadable
2708 * Fixed ACL check in newpage action.
2709 * Fixed a security problem when admin policy defined in a custom
2710 SecurityPolicy class was ignored.
2711 * Fixed ACL check in action=show so that a user who may not read a page
2712 also can't find out WHEN the protected page was updated.
2713 * Workaround on Windows 95, 98, ME in order to clear the dircache.
2714 This fixes some bugs related to an outdated page list and newly created
2715 pages that did not appear immediately.
2716 * Fixed decoding issues of page names on Windows, finally.
2718 * Fixed traceback on IIS.
2720 * Fixed wikirpc for standalone server.
2721 * Other fixes (encoding and str/unicode data type related) to wikirpc
2722 server, fixing some non-ascii issues hopefully.
2723 * Fixed broken query strings for Standalone installations.
2724 * Fixed backlinks - the result did not always show all links, often it
2726 * Fixed the acceptance of the show_hosts setting. Now you should be able
2727 to hide any IP or host name from being published by MoinMoin by enabling
2729 * Fixed wrong line endings on email messages.
2731 * Fixed crash when trail file is missing.
2732 * Fixed a traceback when searching for single ( or ).
2733 * Added mig10 script to fix crashes with uncoverted edit-locks and file
2734 attachments. Just use it as you did with mig1..mig9 before.
2735 * Added mig11 script to add __init__.py files to data/plugin (and below).
2736 * added some fixes for the xslt parser (thanks to fanbanlo), it might be
2737 still broken, but someone with deeper knowledge about xslt should fix it.
2738 * Replaced image link with W3C's "html 4.01 compliance" icon by a simple
2739 text link to avoid https: or config trouble.
2740 * Catch OverflowError backtrace when illegal date strings (e.g. <1970 or
2741 >2038) are fed to moinmoin's time routines. It will just output current
2742 date / time in those cases.
2743 * UserPreferences now also set a date_fmt preference and Date macro
2744 honours it. You may have to reset your UserPreferences value for that.
2745 * Fixed free parent and subpage links in interwiki notation.
2747 * Fixed a traceback for invalid ReST markup.
2748 * Fixed UnicodeError in SystemAdmin's Attachment Browser.
2752 * Optimized the IRC parser.
2753 * Support for zipimport of the MoinMoin package. This allows you to use
2754 py2exe and similar programs.
2755 * Show the editor's name in the mail subject.
2756 * Added the pragmas description and keywords. They will add <meta> headers
2758 * Added MoinMoin/scripts/xmlrpc-tools/putPageTest.py example script, useful
2759 as a starting point for importing data using wiki xmlrpc.
2760 * Optimised display on Opera browser.
2764 * The search modifier "linkto:" was introduced. You can use it to search
2766 * The NewPage macro now can take a PageTemplate parameter, see HelpOnMacros.
2767 * New config settings (so you don't need to edit wikirpc.py any more):
2768 xmlrpc_putpage_enabled = 0 (if 1, enables writing to arbitrary page names)
2769 xmlrpc_putpage_trusted_only = 1 (if 0, doesn't require users to be
2770 authenticated by http auth - DANGEROUS, DO NOT SET TO 0!!!)
2771 * Added support for Digest and NTLM authentication with CGI (e.g. if you
2772 use those Apache modules)
2773 * The datetime string accepted by Date and DateTime macros was extended to
2774 accept a timezone specification, so now +/-HHMM is also valid, e.g.:
2775 2005-03-06T15:15:57Z (UTC, same as +0000)
2776 2005-03-06T15:15:57+0000 (UTC)
2777 2005-03-06T16:15:57+0100 (same time given as local time for time zone
2778 with offset +0100, that is CET, e.g. Germany)
2779 2005-03-06T10:15:57-0500 (same time given as local time for time zone
2780 with offset -0500, EST, US Eastern Std. Time)
2781 The values given as macro argument will be transformed to UTC internally
2782 and then adapted again according to viewing user's UserPreferences, so
2783 the user will see the same moment in time but shown in his local time
2784 zone's time (at least if he set his UserPreferences correctly and didn't
2785 forget changing them twice a year for DST and non-DST).
2786 * Readded (now optional) editlink footer to Include macro. Add
2787 ',editlink' to call to enable this.
2788 * star "smileys" e.g. {*}{*}{*}{o}{o}
2791 Version 1.3.3 (2005-01-24, Revision moin--main--1.3--patch-595)
2795 * fixed ACL security problem in search
2796 * fix for IIS with CGI allowing page names that contain chars
2797 that are not in the system code page
2798 * fixed MoinEditorBackup revisions to start with 1 now
2799 * improved page locking ('current' file)
2800 * Unittests (normally shown at end of action=test output) are currently
2801 disabled for everything except CGI, because they only work reliably with
2802 CGI, giving wrong results for other request methods.
2805 Version 1.3.2 (2005-01-23, Revision moin--main--1.3--patch-587)
2809 * ACL bugfix for deleted pages with ACL protection.
2810 * ACL bugfix for "Default" acl.
2811 * Fixed updating of groups and dicts
2812 * Python 2.2.x related fixes (worked on 2.3+)
2813 * Fixed traceback in RecentChanges.
2814 * Fixed traceback with links browser.
2815 * Fixed 0 revision display in 'Show changes'.
2816 * Fixed traceback in Antispam which occurred when it could not connect
2817 to MoinMaster. Log the errors to stderr or error.log.
2818 * Fixed bug in Page init (no date, use rev). Fixes problem with
2820 * Fixed empty lists in empty search results.
2821 * Cosmetic fix for modern theme (when viewed with Internet Explorer).
2822 * Fixed migration 9 script, do not drop newline, do not drop error.log,
2823 note about missing error.log.
2824 * Fixed repair_language.py script, keep ending newline on revisions.
2825 * Show headings and macro content in correct direction when mixing content
2826 in several directions in the same page and using caching.
2827 * Fixed bug in standalone re farmconfig.
2828 * Fixed DOS condition in antispam code.
2829 * Use smaller margin in print mode to get better results with
2831 * Fixed some user input escaping issues.
2832 * Fixed a problem when one wiki plugin override other wikis plugins in
2834 * Fixed some broken tests.
2835 * Fixed recursive include in pstats.
2836 * Fixed bug in standalone - HTTP result code was 200 even when the access
2838 * Fixed traceback when trying to login with non-ascii password.
2839 * Fixed traceback when xml is not available, reported on Python 2.2.?
2840 * Fixed slideshow to show slides in sorted order again.
2841 * Fixed serving multiple wikis on same IP/different ports with twisted and
2843 * It is possible to run with data_underlay_dir = None for special
2844 application, but be aware that the wiki won't be usable unless you have
2845 at least some of the system pages from underlay/ available.
2846 * Files with Unicode characters in their filename are possible now.
2847 * Bugfix for broken [:page#anchor:text] links.
2848 * Workaround an instability of the gdchart module leading to
2849 stalled servers etc.
2850 * Fixed some event-log decoding issues that affect charts rendering.
2854 * Major speed improvement over 1.3.1. Many times faster title search,
2855 creating new page, opening page editor and any operation that list pages.
2856 See http://moinmoin.wikiwikiweb.de/MoinBenchmarks
2857 * Improved README.migration.
2858 * Cleaner design for login/register interface, login is always the default
2859 button when the user click Enter.
2860 * If there are problems found in the configuration, log the error
2861 and display helpful error messages in the browser.
2862 * More forgiving unicode configuration policy, you must use the u'string'
2863 format only for unicode values.
2864 * Added profiling to CGI.
2865 * The content of farmconfig.py is similar to wikiconfig.py now.
2866 * Unexpected errors while loading cache files are logged.
2867 * i18n for icon ALT tags.
2868 * Include request initialization code in the profile in standalone server.
2869 * When creating new theme, style sheets are inherited correctly, no need
2870 to override style sheets just to get them working.
2871 * Many times faster plugin system. Typical pages are about 35% faster,
2872 pages with many plugins can be many times faster.
2873 * Spiders are allowed to fetch attachments.
2874 * Old user files containing password hash encoded in pre 1.3 charset
2875 are auto repaired on first login.
2876 * data_dir defaults to './data', underlay_data_dir to './underlay' now.
2877 It is a good idea to replace those by absolute pathes in wikiconfig.py.
2878 * Renamed "Refresh" to "Delete Cache" - it was misused by users. The action
2879 was also moved into the action menu in the modern and rightsidebar themes.
2880 * Added a workaround for TableOfContents missing some links by making it
2881 uncacheable via a "time" dependency.
2882 * Removed interwiki icon and title attribute for wiki:Self:... links.
2883 * Unittests (normally shown at end of action=test output) are currently
2884 disabled because they worked unreliably, giving wrong results sometimes.
2888 * Create new pages easily using configurable interface and page templates
2889 with the new NewPage macro.
2890 * ReStructuredText (rst) support is built-in now. See HelpOnParsers.
2891 * New experimental feature in mointwisted.py - each interface may
2892 specify a port: '12.34.56.78:80'. Without a port, the port option
2898 * wikiutil.importPlugin's first argument is now a wiki config instance
2899 (request.cfg) and there is no path keyword.
2900 * Wiki plugins always override MoinMoin plugins. wikiutil.importPlugin
2901 implements this override.
2902 * util.pysupport.importName does not accept path - you should call
2903 it with correct module name, e.g 'wikiconfig.plugin.parser.wiki' for
2904 wiki plugins, or 'MoinMoin.parser.wiki'.
2905 * wikiutil.extensionPlugin was renamed to wikiPlugins and it gets config
2906 instance instead of path.
2907 * New function wikiutil.importWikiPlugin used to import wiki plugins
2908 using a cache in a thread safe way.
2909 * New config option config.use_threads is used to activate thread
2911 * New keyword arguments for getPageList, enable 10X faster operation
2912 for common cases by controlling page filtering.
2913 * New up to 100X times faster getPageCount
2916 Version 1.3.1 (2004-12-13, Revision moin--main--1.3--patch-434)
2920 * Fixed "Error Cyclic usage" crash when user had Italian (it), Korean
2921 (ko), Serbian (sr) or Vietnamese (vi) as user interface language.
2922 * Fall back to en (instead of crashing) when user uses a language moin
2923 does not support / does not support any more (like pt,sv,fi,sr).
2924 * In 1.3.0, people accidentally put iso-8859-1 chars into wiki configs,
2925 but those where expected to be pure utf-8 and thus it crashed.
2926 Fixed by using unicode strings (varname = u'whatever'), a matching
2927 encoding setting (see top of script comment) and, when decoding strings,
2928 using decode to ASCII with replace mode (this replaces non-ASCII chars,
2929 but at least it won't crash - and you get a warning to better use
2931 * Fixed long time broken table formatting. ||<style="see css spec" a||b||
2932 Now even generates valid HTML! The old markup for align, valign, width,
2933 bgcolor still works, but synthesizes style attribute data.
2934 * SystemAdmin macro shows attachments of ALL pages now.
2935 * Users without write acl rights will be able to see attachments again and
2936 also have AttachFile action in menu.
2937 * Fixed wrong match count in search results, find all matches in page
2938 titles, show all matches in contents in some rare cases.
2939 * Run about 200% faster with long running processes (standalone, Twisted),
2940 about 20% faster with cgi, by better internal data handling in wikidicts.
2941 * On SF, the dict files use utf-8 encoding now. We included them also in
2942 distribution, see contrib/dict/.
2943 * Fixed permissions to shared template stuff.
2944 * Speeded up search, fixed wrong match counts.
2945 * Speeded up internal data handling (wikidicts).
2946 * Fixed rare unicode error after deleting a page (reported only on SuSE
2947 Linux 9.0 / Python 2.3.0).
2948 * Fixed file permissions of files in the data dir.
2949 * Fixed some cosmetic problems in migration scripts and use sys.path.insert
2950 to get latest moin code when executing them.
2954 * Improved docs, system and help pages.
2955 * Updated translation files.
2959 * Internet Explorer renders our HTML/CSS in a suboptimal way.
2961 Workaround: use a non-broken browser like FireFox / Mozilla.
2962 Fixed in MoinMoin 1.3.2.
2963 * Passwords using non-ascii do not work.
2965 * The TOC macro is broken partly.
2968 * See also: http://moinmoin.wikiwikiweb.de/MoinMoinBugs
2971 Version 1.3.0 (2004-12-06, Revision moin--main--1.3--patch-400)
2973 As you see from the length of the 1.3 changes below, 1.3 is a major(!)
2974 upgrade. We could have also named it "2.0", but we decided against.
2975 So take the time for reading the informations thoroughly and do the
2976 migration exactly as we tell you - this is no 5 minutes upgrade!
2978 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
2979 !!! We heavily changed configuration, data encoding, dir layout: !!!
2980 !!! * the default encoding changed to utf-8. !!!
2981 !!! * also, we changed the escaping for special chars to %XX%YY in !!!
2982 !!! URL and (xxyy) in file system. !!!
2983 !!! * layout of data dir changed completely !!!
2984 !!! If you upgrade an existing wiki, you must run the migration !!!
2985 !!! scripts or you will get data corruption or other problems. !!!
2986 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
2988 HINT: Upgrading your wiki - critical information
2990 If you are NOT starting from scratch, you MUST convert your existing
2991 data - see README.migration for details.
2993 If you use ##language: xx comments on your OWN pages, you should also run
2994 repair_language script. Not needed for help/system pages as we already
2995 have done that for you.
2997 MoinMoin uses Unicode internally now (UCS-2 with 16 bits or UCS-4 with
2998 32 bits, depending on your Python installation). The encoding used
2999 for page files and html output is set by config.charset.
3001 Moin 1.3 uses utf-8 encoding only, there is NO SUPPORT for using a
3002 charset different from utf-8 with 1.3. If you try, you are on your own.
3006 Directory layout was heavily changed. Each page now is a directory,
3007 containing page revisions, attachments, cache files and edit-log.
3009 You can delete a page or move a page from one wiki to another
3010 easily. Look at the wiki/data directory to see.
3013 old: data/text/FrontPage
3014 new: data/pages/FrontPage/revisions/00000042
3015 data/pages/FrontPage/current (contains: 00000042)
3016 old: data/backup/FrontPage.xxxxxxxx
3017 new: data/pages/FrontPage/revisions/00000023
3019 For cleaning up cache files, use MoinMoin/scripts/cachecleaner.py
3020 (see comments in script).
3024 * For using RSS, you need to have PyXML installed:
3025 Python 2.4* -> PyXML 0.8.4 (cvs version)
3026 Python 2.3.x -> PyXML 0.8.3
3027 Python 2.2.2+ -> ???
3028 This will also make "Live Bookmarks" of Mozilla Firefox working.
3029 New: if you don't have PyXML installed, the RSS icon on RecentChanges
3030 will not be displayed any more. Python with no PyXML installed
3031 generates invalid RSS XML.
3035 * Handling of special characters in file names changed from _xx format
3037 * In URLs, moin now uses %xx%yy quoting, (because this is supported by
3038 browsers), and sub pages use "/" instead of the ugly "_2f".
3039 * Underscore character "_" is used now as a space character " " both
3040 in file names and URLs. " " and "_" will be handled equivalent at most
3041 places in the future (represented as "_", rendered as " ").
3042 * To prevent wiki abuse and user typing errors, page names are normalized
3043 in URLs, query strings, the "go" box and when renaming pages. This
3044 include leading, trailing and multiple slashes and white space. Certain
3045 invisible unicode characters are removed from page names.
3046 * Group page names are restricted even more, any non unicode alpha-numeric
3047 character is removed. This is done to enable changing acl syntax in
3048 the future. The restriction might be loosen on future versions.
3049 * You can edit config.page_invalid_chars_regex to control which characters
3050 are allowed in page names (Changing it is not supported).
3051 * When you enter page name, it is normalized and you are redirected to
3052 the normalized page, or if nothing left (e.g '/////'), to FrontPage.
3053 * When renaming a page to a name that can be normalized to an empty string,
3054 the new page name will be "EmptyName" and the user will not get an
3059 * Pages (especially system and help pages) are now located in an underlay
3060 directory (data_underlay_dir). You will see the pages there if they are
3061 NOT covered (overlayed) by a page in the normal pages directory
3062 (as set using data_dir).
3063 MAKE SURE THAT data_underlay_dir IS CORRECT OR YOU WILL SEE MANY EMPTY
3064 PAGES ONLY IN A NEW WIKI.
3065 * If you edit a page that is shown from underlay directory, it will be
3066 copied to the normal page directory on save (copy-on-write).
3067 * You can use one copy of the underlay directory shared by many
3068 wiki instances. Each wiki will then have only your local, self-made
3069 wiki pages in its data directory, and only system and help pages in the
3070 single, shared underlay directory - this simplifies upgrades a lot.
3071 * It is recommended to keep your underlay system and help pages immutable
3072 using acl, so you can upgrade your wiki easily. The default help and
3073 system pages already have those ACLs (using MoinPagesEditorGroup).
3074 * Do not forget to remove your old help and system pages after migrating
3075 your wiki. We don't provide a script for that as that would be
3076 dangerous for edited pages. Just use some file manager (e.g. mc) to
3077 clean the data/pages/ directory. As soon as you have removed the
3078 system pages there, you will see the new pages in the underlay dir.
3079 See the EditedSystemPages page for a list of pages that exist in both
3080 data and underlay directory (use this page as admin!).
3082 When updating from 1.2 or lower to 1.3 or higher, you will want to
3083 clean out the copies of the system pages in your {{{wiki/data}}}
3084 directory. All of these pages will now reside in the underlay
3085 directory. If you have system pages from 1.2 or lower in your
3086 wiki/data/ directory, they will overshadow the more up-to-date
3087 documentation. This can be done using the following manual procedure:
3088 1. You have just converted from 1.2 or lower to post-1.3.
3089 2. Go to your wiki's EditedSystemPages.
3090 3. Find all the pages that are MoinMoin system or help pages. You will
3091 know if it is one of those pages because it is not your page.
3092 4. Check if it is okay to delete by either:
3093 1. Using the this page "info" link and check the Revision History to
3094 see if it is greater than 1. If so, there are modifications, so do
3095 not delete the page and evaluate the modifications to see if they
3097 2. Using your file browser (Windows Explorer, etc) to go to your
3098 wiki/data/<<systemPage>>/revisions/ directory and to see if there
3099 are no modifications. If there are, do not delete the page and
3100 evaluate the modifications to see if they are necessary.
3101 5. Delete that wiki/data/<<systemPage>> using your file browser.
3105 * New file name quoting method allow 50% longer page names in languages
3106 that use more than one byte per character, like Hebrew, Korean etc.
3107 * Configuration file uses 'utf-8' encoding now. Certain values that are
3108 marked with [Unicode] can use any character in your language. Examples
3109 are page names in navi_bar, page types regular expressions and site name.
3110 * For configuration examples adopted to your language, check ConfigMarket
3111 in the MoinMoin wiki.
3112 * The system and help pages that come with moin are now in utf-8.
3113 * MissingPage system page localized, should display in your language.
3114 * We did many i18n (translation) updates.
3115 * CSS file use utf-8 encoding. User css is also expected to be utf-8.
3116 This is relevant only if you use non-ASCII values in the CSS file.
3117 * config.upperletters and config.lowerletters were removed.
3118 We now use a pre-made ucs-2 spanning set and you usually don't have to
3119 change it. See MoinMoin/util/chartypes.py if you're interested.
3120 * ACL works with any user name or group name in any language, even names
3122 * Now you can use any charset in config.charset. Note: only utf-8 is
3123 a supported configuration!
3124 * Improved url handling, now creating pages directly from the browser
3125 url box with non-ascii names works in most cases, even when
3126 config.charset is not utf-8.
3127 * When using non-utf-8 config.charset, characters in URLs that does
3128 fit in the charsets are replaced with "?" (instead of crashing).
3129 * All themes and most macros and actions are Right to Left friendly.
3130 Full RTL support planned for 1.3 release.
3131 * If page language is specified with #language processing instruction
3132 the page is displayed in the correct direction. Pages without
3133 language are displayed using the wiki default_lang.
3135 Multiple configurations
3137 * You can run multiple wikis from the same wiki directory or server.
3138 For example, you can run one Twisted server that serve multiple wikis,
3139 instead of running multiple servers. Samples of the new configuration
3140 are supplied in wiki/config/*.
3141 * You can't just use your old moin_config.py file. It is now called
3142 wikiconfig.py and the config variables now have to be in a class
3143 "Config" and that class must inherit from
3144 MoinMoin.multiconfig.DefaultConfig - see the provided wikiconfig.py
3146 This is very useful, e.g. you could derive a GermanConfig from
3147 DefaultConfig. After that, you can derive configs for wikiA and wikiB
3148 from that GermanConfig.
3149 * farmconfig.py contains a mapping attribute called "wikis" with pairs of
3150 wikiconfig module name and regular expression. The regular expression
3151 is matched against the URL of the request and the first matching entry
3152 determines the config module to be imported by MoinMoin.
3153 * If you use farmconfig.py's "wikis" mapping, then any wiki has a private
3154 config module, named after the wiki - e.g. wiki named moinmoin would
3156 * If you only have a single wiki, you do not need farmconfig.py. just make
3157 a wikiconfig.py and it will be used no matter what URL is requested.
3158 * There is one common global "config" that holds sitewide settings (like
3159 umask or charset) - you do not need to change settings there.
3160 This file is located in the MoinMoin code: MoinMoin/config.py.
3162 General configuration
3164 * SecurityPolicy now uses "write" instead of "edit" (so it is may.write
3165 now). This is to get it in sync with ACLs.
3166 * SecurityPolicy now automatically can use everything in acl_rights_valid.
3167 * There is a new config option "config_check_enabled". It will warn about
3168 any unknown variable name (probably typo) to stderr or error.log.
3169 If something doesn't work at all and changing the config does no
3170 difference, switch it on and look at the error message.
3171 * The sample config file comes with config_check_enabled = 1. If you
3172 introduce additional variables yourself, you definitely want to switch
3173 that check off or it will fill your log.
3174 * If you define "page_front_page" variable, this name will show in the
3175 navigation bar now, instead of the default "FrontPage".
3179 * Full text and title search do support multiple search terms now -
3180 see HelpOnSearching for details.
3181 * Regular expressions are still supported but have to be turned on per
3182 search term. Search terms in macros using regular expressions will have
3184 * The URL interface of the search engine has also changed. Links that
3185 point directly to search actions may be broken.
3189 * User names can not use group names, even if ACLs are not enabled.
3190 This will prevent error later, if you start to use acl in the future
3191 (acl is going to be mandatory in 1.5).
3192 * User names are not restricted any more to only CamelCase.
3193 * To prevent imposing as other users, leading, trailing and multiple
3194 whitespace in user names is not allowed. Only Unicode alpha numeric
3195 characters are allowed, with optional one space character between
3197 * When a user name with a group name or "bad" name is trying to
3198 access the wiki, he is redirected to the UserPreferences page and
3199 asked to create a new account.
3200 * When trying to login or create a new account with a bad name,
3201 correct error message is displayed in all cases.
3205 * You can not use your old moin.cgi file, as we removed cgimain.py
3206 (was deprecated since 1.2). Copy the new file from the server dir.
3208 Moin servers - Twisted and standalone
3210 * Configuration self checking on startup. Will raise an error in case
3211 of bad configuration or non-accessible directories.
3212 * Both use shorter and identical configuration options.
3213 * Server scripts contain detailed comments and examples.
3214 * Configuration defaults changed to fit most users.
3215 * There is memory profiler option for debugging, switched off by default.
3216 * If you perform a standard install, server scripts should run out
3217 of the box or with minimal change.
3221 * All code moved into the new server package, the server script
3222 contains only configuration options.
3223 * Listen to more than one interface with "interfaces" list.
3224 * Code updated to new Twisted API.
3225 * Use mointwisted script to start and stop the server, using
3226 "mointwisted start" and "mointwisted stop".
3227 * The Twisted server runs as daemon by default.
3228 * All moin Twisted files are called now mointwisted instead of
3230 * Fixed getting username from Twisted request (http auth)
3234 * Configuration moved from moin_config.py to moin.py.
3235 * If run as root, you can set both user and group for the server.
3236 * Can use logfile instead of logging to stderr.
3237 * Fixed missing unquoting of query string (caused problems in rare cases).
3241 * moin_modpy server files renamed to moinmodpy.
3245 * '''strong''', ''em'' and __underline__ have now paragraph scope. You can
3246 set these attributes on words level. For multiple paragraphs, wrap each
3248 * If you leave unclosed ''', '' and __ markup, its is closed when the
3253 * Due to many changes in CSS files, the wiki may look "broken" until
3254 your reload once or twice, or empty your browser cache.
3255 * The "Send mail notification" checkbox is replaced by "Trivial change"
3256 checkbox. The default behavior did not change - regular edit is not
3257 a trivial change, and mail will be sent to subscribes. If you check
3258 trivial change, mail will be sent only to users who selected to
3259 get trivial changes in their user preferences.
3260 * New theme "modern" has been added, and used as default theme.
3261 * classic and rightsidebar improved.
3262 * viewonly theme removed, as any theme can be use now as viewonly
3263 by using #acl All:read in the wikiconfig.
3264 * All themes use new navibar, displaying both wiki links, user links
3265 and the current page.
3266 * navibar and pagetrail use now shortened page names, so very long
3267 names does not break the interface visually.
3268 * All themes have improved search interface at the top of the window.
3269 * Only avaiable actions are displayed, so most situations when a user
3270 try to do something he can't do are prevented.
3271 * When creating a new page, no action is available until the page
3272 is created. You can't attach files to non-existing page any more.
3273 * Non registered users get a "login" link. Registered uses get
3274 "username" link to their home page, and "user preferences" link.
3275 * Messages more clear using bold type, designed by css.
3276 * Few useless messages removed (but there are many more)
3277 * Default wiki logo uses the wiki name instead of the MoinMoin troll
3280 Other fixes and changes
3282 * Most generated html code is valid "html 4 strict". There are still
3283 some problems that still have to be fixed, mainly macros, table
3284 attributes, and inline markup crossing (<a><b></a></b>).
3285 * WantedPages can include and exclude system pages, which makes it
3287 * Fixed a bug in TitleIndex where not all system pages are excluded.
3288 * RenamePage action now renames everything, including backups, page
3289 history, attachments. It does not change toplevel editlog, though.
3290 After you rename a page, you are redirected to the new page.
3291 * Syntax colorization supports more languages (Java, C++, Pascal)
3292 * Inline: display of attachments was extended. A Parser now knows which
3293 extensions it can handle.
3294 * TableOfContents and Include macros now cooperate a bit better. There
3295 are still problems with multiple Includes of the same page.
3296 * Excluded actions at bottom of page are not displayed any more.
3297 * Editor: removed the columns size setting, just using 100% of browser
3298 window width (it didn't work because of that anyway). Also removed that
3299 "reduce editor size" link at top of editor as you would lose your
3300 changes when using it.
3301 * Removed the option to choose text smileys instead of images, this made
3302 more trouble than it was worth. The text version is still given in ALT
3304 * Moved stuff from contribution/ to MacroMarket page on MoinMoin wiki
3305 * Some nasty people try to use a running moin as a proxy (at least they
3306 did on moinmaster.wikiwikiweb.de:8000, maybe due to the magic port
3307 number). We changed the code to check for that and just return 403
3308 in that case. Moin can not be used as a proxy anyway.
3309 * moin.cgi?test was removed in favor of a new buildin test
3310 action. It works for all deployments, just use ?action=test.
3311 * Sending mail does use tls if server supports it.
3313 3rd party developer notes
3315 * Themes should be now sub class of MoinMoin.theme.ThemeBase. Sub
3316 classes will get automatically all new improved user interface
3318 * Theme authors should update their theme for 1.3. Some keys removed
3319 from them dict. See ThemeBase class in MoinMoin/theme/__init__.py.
3320 * Actions writers should call request.setContentLangauge with the
3321 correct language used by the action. This enable themes and other
3322 code to use correct direction.
3323 * The Formatter interface was changed. Formatters and parsers using
3324 the formatter interface have to be adjusted.
3325 * started deprecation of Processors: they are still recognized, but
3326 implementors should start to rewrite their Processors as Parsers.
3327 A processor with the same name as a parser in a pre #! section is
3328 currently preferred. This will change in the next release.
3332 * Processors are deprecated, see section above.
3334 * Using the cookie (or the login url with ID) only and not setting (or
3335 setting and not remembering) your email/password in UserPreferences
3336 is DEPRECATED. Those quite unsecure methods will likely be dropped
3337 in next moin version.
3339 * Operating with acl_enabled = 0 is also DEPRECATED. Due to some other
3340 improvements planned, we will have to operate with ACLs enabled ONLY
3341 in a future moin version, so this setting will likely be dropped.
3342 So clean up your user accounts (see moin_usercheck.py) and switch ACLs
3344 There are no drawbacks, so you will like it. Having ACLs enabled
3345 doesn't mean you really have to USE them on wiki pages...
3347 * allow_extended_names = 0 is deprecated (default was/is 1).
3348 Future versions will be able to use extended names (aka free links) in
3349 any case and the config setting will be removed.
3351 * allow_subpages = 0 is deprecated (default was/is 1).
3352 Future versions will be able to use subpages in any case and the config
3353 setting will be removed.
3355 * attachments = {...} - we would like to remove that setting because of
3357 * when not being extremely careful, this can easily lead to security
3358 problems (like when uploading a .php exploit and then executing it
3359 by accessing it directly via web server)
3360 * makes code more complicated - code that we want to change completely
3362 If you need that feature, speak up now and tell us your reasons WHY you
3366 Version 1.2.4 (2004-10-23, Revision 1.187)
3368 This will probably be the last 1.2.x release as we are soon doing release
3369 candidates for 1.3 release (with big internal changes) and are expecting
3370 release 1.3 in december 2004.
3373 * fixed "None" pagename bug in fullsearch/titlesearch
3374 * fixed projection CSS usage
3375 * the compiled page is removed when a page is deleted, so no ghost page
3376 appears after deletion
3377 * fixed AbandonedPages day-break problem
3378 * fixed [[GetVal(WikiDict,key)]]
3379 * the msg box is now outside content div on PageEditor, too
3380 * privacy fix for email notifications: you don't see other email addresses
3381 in To: any more. mail_from is now also used for To: header field, but
3382 we don't really send email to that address.
3383 * privacy fix for /MoinEditorBackup pages that were made on previews of
3384 pages that were not saved in the end
3385 * fix double content div on PageEditor preview
3388 * workaround for broken Microsoft Internet Explorer, the page editor now
3389 stops expanding to the right (e.g. with rightsidebar theme).
3390 Nevertheless it is a very good idea to use a non-broken and more secure
3391 browser like Mozilla, Firefox or Opera!
3393 * from MoinMoin.security.antispam import SecurityPolicy in your
3394 moin_config.py will protect your wiki from at least the known spammers.
3397 * xmlrpc plugin for usage logging, currently used for antispam accesses
3399 * (re-)added configurable meta tags:
3400 * html_head_queries = '''<meta name="robots" content="noindex,nofollow">\n'''
3401 * html_head_posts = '''<meta name="robots" content="noindex,nofollow">\n'''
3402 * html_head_index = '''<meta name="robots" content="index,follow">\n'''
3403 * html_head_normal = '''<meta name="robots" content="index,nofollow">\n'''
3405 * i18n updates/fixes
3407 * New UserPreferences switch:
3408 you may subscribe to trivial changes (when you want to be notified about ALL
3409 changes to pages, even if the author deselected to send notifications).
3411 * New AttachList and AttachInfo macros - thanks to Nigel Metheringham and
3414 Version 1.2.3 (2004-07-21, Revision 1.186)
3417 * fixed NameError "UnpicklingError" in user.py
3418 * fixed version number in moin.spec
3419 * reverts done by bots or leechers
3420 There was a bad, old bug that triggered if you did not use ACLs. In that
3421 case, moin used some simple (but wrong and incomplete) function to
3422 determine what a user (or bot) may do or may not do. The function is now
3423 fixed to allow only read and write to anon users, and only delete and
3424 revert to known users additionally - and disallow everything else.
3425 * avoid creation of unneccessary pages/* directories
3426 * removed double content divs in general info and history info pages
3427 * fixed wiki xmlrpc getPageHTML
3428 * fixed rightsidebar logout URL, also fixed top banner to link to FrontPage
3429 * use config.page_front_page and .page_title_index for robots meta tag
3430 (whether it uses index,follow or index,nofollow), not hardcoded english
3432 * ACL security fix for PageEditor, thanks to Dr. Pleger for reporting
3433 * default options for new users are same as for anon users
3435 Version 1.2.2 (2004-06-06, Revision 1.185)
3439 * own copy of difflib removed
3440 Until moin 1.2.1 we had our own copy of python 2.2.3's difflib coming
3441 with moin. This was to work around some problems with broken older 2.2
3442 python installations. We removed this now because if you have py 2.3,
3443 there is even a better difflib coming with python (and that fixes an
3444 extremely slow diff calculation happening in some rare cases).
3445 So the good news is that when you run python 2.3, you don't need to do
3446 anything and it will run great. If you run python 2.2.3, it will mostly
3447 work good and you also don't need to do anything. The bad news is that
3448 if you run an old and broken 2.2 installation (2.2.1, maybe 2.2.2) you
3449 will have to fix it on your own (just copy difflib.py from python 2.2.3
3450 over to your python 2.2.x installation).
3451 But better upgrade to python 2.3 (for debian woody, there's a backport),
3452 as 2.3 generally runs better and faster than 2.2.
3453 * scripts changed to use #!/usr/bin/env python (not /usr/bin/python2.2)
3455 * user accounts and ACLs:
3456 * we now require the user to specify a password for a new account (you
3457 were not able to login without a password anyway)
3458 * it is not allowed any more to create user accounts with user names
3459 matching config.page_group_regex - please check manually that you do
3460 not already have such users existing (like a user named "AdminGroup"):
3461 cd data/user ; grep name=.*Group * # there should be no output!
3462 * subscription email sending now honours ACLs correctly
3464 * markup / rendering / user interface fixes:
3465 * fixed merging multiple lines indented by the same amount of blanks
3466 * ## comments don't break tables in two parts
3467 * added a "remove bookmark" link to RecentChanges
3468 * fixed action=titleindex (added \n after each entry)
3471 * non-ASCII characters should work now
3472 * RSS feed (Recentchanges?action=rss_rc) gives UTC timestamps now
3473 * removed attribute breaking RSS feed on RecentChanges
3475 * better email generation:
3476 * if you use python >=2.2.2, we add a Message-ID header to emails
3477 * if you use python 2.2.1, there is no email.Header. Instead of crashing
3478 (like previous moin 1.2.x releases), we just use the subject "as is" in
3479 that case. If it is not ASCII, this is not standards compliant.
3480 * If you have >=2.2.2 it will use email.Header to make standards compliant
3482 * use config.mail_from as sender address when sending "lost my password"
3486 * fixed for standalone server
3487 * attachment URLs (when handled by moin) don't include server name
3488 * fixed some wrong &amp; in html src
3490 * better themeability:
3491 * some entries in dict "d" where only present in header theme calls, some
3492 only in footer theme calls. Now almost all is present in both calls.
3493 * added some missing "content" divs so sidebar themes look better
3495 * fixed some crashes producing backtraces:
3496 * no IOError when diffing against deleted page
3497 * no backtrace in xml footnote generation
3498 * no SystemInfo crash when no editlog exists in new wikis
3499 * xmlrpc.getRecentChanges fixed
3501 * MoinMoin.util.filesys.rename is now a wrapper around os.rename that
3502 fixes os.rename on broken win32 api semantics
3505 * saving traffic and load by improved robot meta tag generation:
3506 * "noindex,nofollow" on queries and POSTs
3507 * "index,follow" on FrontPage and TitleIndex (give robots a chance ;))
3508 * "index,nofollow" on all other pages (hopefully saving lots of senseless
3509 requests for page?action=...)
3510 * removed config.html_head_queries (was used for same stuff)
3511 * added russian i18n (utf-8)
3512 * misc. other translation updates / fixes
3513 * added rightsidebar theme
3514 * TitleIndex now folds case, so "APage" and "anotherPage" are both under
3516 * added macro/PageHits.py - it calculates the hits each page gets since
3517 beginning of logging
3520 * Full text and title search do now support multiple search terms -
3521 see HelpOnSearching for details
3523 * The Formatter interface was changed. Formatter and parser using
3524 the formatter interface have to be adjusted.
3526 Version 1.2.1 (2004-03-08, Revision 1.184)
3529 * minimum requirement to run moin 1.2/1.2.1 is python 2.2.2
3530 * not: 2.2(.0), as this does not have True/False
3531 * not: 2.2.1, as this does not have email.Header. You maybe can work
3533 * getting the python 2.2.x (x>=2) /usr/lib/python2.2/email directory
3534 * putting it into directory 'x' (whereever you like)
3535 * doing a sys.path[0:0] = ['x'] in moin.cgi [or other appropriate place]
3536 No guarantee, this is untested.
3537 * Twisted: the http headers missed the charset data, fixed
3538 * mod_python: fixes for mod_python 2.7
3539 * wiki/data/plugin/__init__.py added - fixes not working plugin modules
3540 * plugin processors work now, too
3541 * fixed displaying non-existent translations of SiteNavigation in footer
3542 * fixed zh-tw iso name (wrong zh_tw -> correct zh-tw)
3543 * fixed reversed diffs in RecentChanges RSS
3544 * fixed "last change" info in footer (wasn't updated)
3545 * fixed event.log missing pagename (and other) information
3546 * fixed horizontal line thickness >1
3547 * fixed setup.py running from CVS workdir
3548 * fixed crash when doing action=info on first revision of a page
3549 * fixed hostname truncation in footer
3551 * fixed clear msg links (they missed quoting, leading to strange page
3552 names when you click on some of them)
3553 * fixed python colorizer processor
3554 * fixed quoting of stats cache filenames
3555 * catched "bad marshal data" error when switching python versions
3558 * updated danish (da) i18n
3559 * updated japanese (ja) i18n
3560 * added serbian (sr) i18n
3561 * added chinese (zh) i18n
3562 * added a simple "viewonly" theme based on classic theme - you can use
3563 this as default theme, so anonymous users won't get the usual wiki stuff,
3564 but a far simpler (and less powerful) user interface.
3565 It also displays the navibar at the left side.
3566 * added moin.spec for building RPMs
3567 * included MoinMoin/i18n/* into distribution archive (nice for translators)
3568 * included some stuff under MoinMoin/scripts - xmlrpc-tools and account
3569 checking stuff. removed some version control clutter from the dist
3572 * code colorization was refactored and some new languages (Java, C++,
3573 Pascal) where added.
3574 * inline: display of attachments was extended. A Parser now knows which
3575 extensions it can handle.
3577 Version 1.2 (2004-02-20, Revision 1.183)
3580 * MoinMoin now requires Python >=2.2.2., we recommend to use Python >=2.3.2
3581 (with 2.3.x, MoinMoin runs about 20-30% faster).
3582 * by refactoring request processing, we made it possible to run moin under
3583 persistent environments:
3584 * twisted-web (http://twistedmatrix.com)
3585 * httpdmain.py (use moin.py for starting this mini server)
3588 Of course, CGI is still possible.
3589 * wiki pages will be compiled to bytecode now (by default), so no need for
3590 slow parsing/formatting on every view ("WASP", see caching_formats)
3591 * when using a persistent environment (like twisted) and WASP, you get up
3592 to 20x speed - compared to CGI and moin 1.1
3593 * added support for diffs between arbitrary revisions.
3594 * removed requirement of the external diff utility
3595 * config.auth_http_enabled (defaults to 0) - use this to enable moin
3596 getting your authenticated user name from apache (http basic auth,
3597 htpasswd) - if you enable this, your basic auth username has to be the
3598 same as your wiki username.
3599 Should work with CGI, FCGI and maybe even with mod_python.
3600 Does not change behaviour of moin under twisted or standalone server.
3601 * config.tz_offset = 0.0 sets a default timezone offset (in hours
3603 * config.cookie_lifetime (int, in hours, default 12) sets the lifetime of
3605 == 0 --> cookie will live forever (no matter what user has configured!)
3606 > 0 --> cookie will live for n hours (or forever when "remember_me")
3607 < 0 --> cookie will live for -n hours (forced, ignore "remember_me"!)
3608 * added themeing and some themes (if you improve the existing themes or
3609 make nice new ones, please contribute your stuff!). The default theme is
3610 set by config.theme_default (and defaults to 'classic').
3611 * now supporting plugin directory for parsers, processors, themes, xmlrpc.
3612 * action=info now defaults to showing page revision history again
3613 * all actions accessing the logfile (as RecentChanges or history) are now
3615 * #refresh processing instruction, config.refresh
3616 * config.refresh = (minimum_delay, target_allowed)
3617 * minimum delay is the minimum waiting time (in seconds) allowed
3618 * target_allowed is either 'internal' or 'external', depending on
3619 whether you want to allow only internal redirects or also
3620 external ones. For internal redirects, just use the Wiki pagename,
3621 for external, use http://... url.
3622 * #refresh 3 == refresh this page every 3 seconds
3623 * #refresh 5 FrontPage == internal redirect to FrontPage in 5s
3624 * #refresh 5 http://google.com/ == redirect to google in 5s
3625 Use very carefully! Allowing a low minimum_delay and putting a #refresh
3626 on RecentChanges might slow down your wiki significantly, when some
3627 people just let their browser refresh and refresh again. Also, it does
3628 cause quite some traffic long-term. So better do not use this without
3629 good reason! Default is None (switched off).
3630 * hide most UserPreferences options before user has logged in, less
3631 confusing for new users
3632 * "config.page_dict_regex" defines what pages are dictionary definitions
3633 Currently dictionaries are used for UserHomePage/MyDict where you can
3634 define key:: value pairs that get processed like @DATE@ expansion when
3635 saving a page. The 2 "@" will be added to your keys automatically.
3636 Please do not use @xxx@ strings on the right side (value), results may
3638 You can also access wiki dictionaries by using the internal macro
3639 [[GetVal(page,key)]]" - that will go to page "page" and return the
3640 value (right side) corresponding to "key".
3641 Implementation note: groups are a subset of the dictionary functionality.
3642 * standalone server should work now (see server/moin.py), so you don't
3643 need to setup apache or twisted for a local personal wiki, you only need
3644 python and moin for that now, no additional stuff any more!
3645 * if you run your wiki with charset = "utf-8" (the default is still
3646 iso8859-1), you might want to have a look at contributions/utf8-pages/
3647 to see if there are already translated system pages for your language.
3650 * new importPlugin routine (the old one didn't work correctly)
3651 * removed 0xA0 characters breaking utf-8
3652 * system page recognition now uses wiki groups (see AllSystemPagesGroup),
3653 fixing the long-time broken system page exclusion on TitleIndex.
3654 * mostly HTML 4.01 Strict compliant HTML
3655 * design is done by CSS now, HTML is semantic markup only
3656 * removed target attribute from links, also [^NewWindow] markup - this
3657 is a HTML 3.2 feature and not valid in HTML 4.01
3658 * updated TWikiDrawPlugin to 20021003 version, with further modifications
3659 including source. It can draw imagemaps now and saves PNG. On display a
3660 GIF will be searched if no PNG is found. We recommend changing all GIFs
3661 to indexed PNGs cause this fallback might disappear in later versions.
3663 Sample code using bash and ImageMagick (be sure you know what you do):
3664 for draw in `find /path/to/wiki/data -name \*.draw`; do
3665 file=`dirname $draw`/`basename $draw .draw`
3666 if [ -e "${file}.gif" ]; then
3667 echo "Converting ${file}.gif to ${file}.png"
3668 convert "${file}.gif" "${file}.png"
3672 * fixed email headers and encoding
3673 * Changed moin-usercheck to adhere to scripting standards; no
3674 proprietary config changes needed any more (added --config);
3675 --wikinames is now part of the usage message.
3676 * config.umask now defaults to 0770 - if you give world r/w access, ACLs
3677 could be rather pointless...
3679 Removed config variables:
3680 * external_diff (not needed any more, we have internal diff now)
3681 * shared_metadb (wasn't implemented for long - we will re-add it, when it is)
3682 * title1/2 (please use page_header1/2)
3685 Changed config variables:
3686 * changed_time_fmt (removed some html and brackets around time from default)
3687 * html_head (default is empty string now)
3688 * page_footer1/2 (default is empty string now)
3689 * page_icons (is now a list of icon names, not html any more)
3690 * umask (default is 0770 now, not world r/w any more == more secure)
3692 New config variables (see MoinMaster:HelpOnConfiguration):
3701 * page_license_enabled
3708 * lots of internal code refactoring and optimization
3709 * began moving src code documentation to epydoc, see "make epydoc"
3710 * the URL for the RecentChanges RSS feed changed. It now only works with
3714 * theme support is neither complete (although covering most important
3715 stuff) nor perfect - work on that will continue...
3716 * we removed some html from system messages (the boxes at top of page you
3717 get after some actions), so it currently looks less nice than before.
3718 * html is not completely validating and it is not xhtml - this will be
3719 fixed as soon as we have the infrastructure for that (other parser, DOM)
3720 * problems with rtl (right-to-left) languages, will be fixed in 1.3
3721 * if you change moin_config or switch themes, moin will still use already
3722 cached page content. For the config this can be fixed by touching
3723 MoinMoin/version.py (or simply deleting everything in
3724 data/cache/Page.py). If you get more annoyed by this than pleased by
3725 caching speedup, you can also switch off caching (see docs on
3728 Themeing and HTML/CSS cleanup:
3729 * Browsers with completely broken CSS support (like e.g. Netscape 4.x) are
3730 no longer supported. If you still need to support them, do not upgrade to
3731 moin 1.2. If you still use these browsers, we recommend that you upgrade
3732 your browser first (Mozilla 1.5 has nice and standards compliant HTML and
3733 CSS support and is available as Free Software for Windows, Linux and Mac).
3734 * If you changed any html in code or by config you will have to check if it
3735 still works. For the usual stuff, look into `MoinMoin/theme/classic.py`
3736 and `classic/css/screen.css`. For config defaults of the html fragments,
3737 read `MoinMoin/config.py`. If you want to modify a theme, don't simply
3738 change classic, but copy or subclass it under a new theme name.
3739 * because of the new theme support the layout of the `htdocs` directory
3741 * Instead of using icons under `img/` and css under `css/`, there will
3742 be an additional `themename/` directory in between, e.g. `classic/img/`
3743 and `classic/css/`. If you added own icons, you may have to copy them
3744 to the themes directory.
3745 * The filename of the CSS file has changed to the media type, so the
3746 normal one used for screen output has changed name from `moinmoin.css`
3747 to `screen.css`. There also were quite some changes and enhancements to
3748 the CSS files, so better use the new ones.
3749 * config.css_url was removed
3752 * we use a new plugin loader that requires a correct `__init__.py` file in
3753 the plugin directories. See the directory `wiki/data/plugin/` in the
3754 distribution archive and just copy it over to your wiki's plugin directory.
3757 Version 1.1 (2003-11-29, Revision 1.178)
3759 Version 1.1 requires Python 2.0 or higher, we recommend to use Python 2.2
3760 (version 2.2.2 if that is available on your host) or even better >= 2.3.2
3761 (with 2.3.x, MoinMoin runs about 20-30% faster).
3765 * config.default_lang lets you set a default language for users not
3766 having specified language in their browser or UserPreferences
3767 * "config.page_category_regex" defines what pages are categories
3768 * replaced `config.page_template_ending` by a more flexible setting
3769 named `config.page_template_regex`
3770 * the same with config.page_form_regex (was: page_form_ending)
3771 * "config.page_group_regex" defines what pages are group definitions
3772 Currently groups are used for "user groups" (see ACLs) and "page
3773 groups" (see AllSystemPagesGroup).
3774 * robot exclusion from all pages except the standard view action,
3775 via the config.ua_spiders regex (reduces server load)
3776 * "maxdepth" argument for the TableOfContents macro
3777 * config.title1, config.title2, config.page_footer1,
3778 config.page_footer2 can now be callables and will be called with
3779 the "request" object as a single argument (note that you should
3780 accept any keyword arguments in order to be compatible to future
3782 * "config.html_pagetitle" allows you to set a specific HTML page
3783 title (if not set, it defaults to "config.sitename")
3784 * navi_bar / quicklinks can now contain free-form links, i.e.
3785 entries of the form "[url linktext]" just like in wiki pages
3786 * if a quick link starts with '^', it opens in a new window; help
3787 now opens in a new window also
3788 * `config.smileys` for user-defined smileys (default: `{}`) - a dict
3789 with the markup as the key and a tuple of width, height, border, image
3791 * `config.hosts_deny` to forbid access based on IP address
3792 * `config.mail_login` can be set to username and password separated by
3793 a space, e.g. "username userpass", if you need to use SMTP AUTH
3794 * `config.edit_locking` can be set to None (old behaviour, no
3795 locking), 'warn <timeout mins>' (warn about concurrent edits, but
3796 do not enforce anything), or 'lock <timeout mins>' (strict locking)
3797 * optionally showing a license text on editor page, use:
3798 config.page_license_enabled = 1
3799 Optionally use these to customize what is shown there:
3800 config.page_license_text = "... your text ..."
3801 config.page_license_page = "MyLicensePage"
3802 See the default values in MoinMoin/config.py for details and
3803 override them in moin_config.py, if needed.
3804 * `config.shared_intermap` can be a list of filenames (instead of a
3806 * If you have added your own `SecurityPolicy`, the class interface for
3807 that has changed (see `security.py`).
3809 Authenticaton / Authorization:
3810 * added ACL support, written by Gustavo Niemeyer of Conectiva and
3811 Thomas Waldmann. See HelpOnAccessControlLists for more infos.
3812 You should use MoinMoin/scripts/moin_usercheck.py before activating
3813 ACLs or some users with bad or duplicate accounts might get into
3815 * A user account can be disabled using moin_usercheck.py or
3816 UserPreferences page. Disabling, but keeping it is good for edit
3818 * changed security default: deletion only available to known users
3819 * support for Basic authentication (Apache style: AUTH_TYPE="Basic",
3820 REMOTE_USER="WikiUserName"). If authentication is there, user
3821 will be in ACL class "Trusted".
3822 * support for username / password login
3823 The username / password login will ONLY work, if you define a
3824 password. With an empty password, username / password login is not
3825 allowed due to security reasons. Passwords are stored encrypted
3826 (format similar to Apache SHA) and can also be entered in the
3827 UserPreferences form in this format. When requesting login
3828 information by email, the password is also sent in this encrypted
3829 format (use copy&paste to fill it in the form).
3830 ...?action=userform?uid=<userid> is still possible, so if you have
3831 bookmarks, they will still work). The input field for the ID was
3833 NOTE: using the userid for login purposes is DEPRECATED and might
3834 be removed for better security soon.
3835 * after logging in, you will get a cookie valid until midnight.
3836 The next day, the cookie will expire and you will have to login
3837 again. If you don't want this, you can check the "remember me
3838 forever" option in UserPreferences.
3839 * if the page file is read-only, you get a message (i.e. you can now
3840 protect pages against changes if you're the wiki admin).
3841 Note: you can do that easier using ACLs.
3843 Markup / Macros / Actions:
3844 * RandomQuote macro (and even parses Wiki markup now)
3845 * `[[Navigation]]` macro for slides and subpage navigation
3846 * [[ShowSmileys]] displays ALL smileys, including user-defined ones
3847 * the Include macro has new parameters (from, to, sort, items) and
3848 is able to include more than one page (via a regex pattern)
3849 * `MailTo` macro for adding spam-safe email links to a page
3850 * if a fancy link starts with '^' (i.e. if it has the form
3851 "[^http:... ...]"), it's opened in a new window
3852 * because of that, the NewWindow macro was removed from contrib
3853 * "#pragma section-numbers 2" only displays section numbers for
3854 headings of level 2 and up (similarly for 3 to 6)
3855 * ../SubPageOfParent links
3859 * Page creation shows LikePages that already exist
3860 * editor shows the current size of the page
3861 * editor returns to including page when editing an included page
3862 * Visual indication we're on the editor page (new CSS style)
3863 * selection to add categories to a page in the editor (use preview
3864 button to add more than one category)
3865 * if user has a homepage, a backup of save/preview text is saved as
3866 a subpage UsersHomePage/MoinEditorBackup
3867 * added "revert" link to PageInfo view (which makes DeletePage more
3868 safe in public wikis, since you can easily revive deleted pages
3870 * Selection for logged in users (i.e. no bots) to extend the listing
3871 of recent changes beyond the default limits
3872 * Activated display of context for backlinks search
3873 * Subscriber list shown on page info
3874 * LikePages shows similar pages (using difflib.get_close_matches)
3875 * last edit action is stored into "last-edited" file, and
3876 displayed in the page footer
3877 * reciprocal footnote linking (definition refers back to reference)
3878 * "Ex-/Include system pages" link for title index
3879 Note: system/help pages algorithm is still mostly broken.
3880 * list items set apart by empty lines are now also set apart
3881 visually (by adding the CSS class "gap" to <li>)
3882 * "save" check for security.Permissions
3883 * Added Spanish, Croatian and Danish system texts
3884 * Added flag icons for the languages supported in "i18n"
3885 * updated help and system pages, more translations, see also
3887 * there was quite some work done on wiki xmlrpc v1 and v2 - it
3888 basically works now.
3890 Tools and other changes:
3891 * moin-dump: New option "--page"
3892 * there are some scripts MoinMoin/scripts/* using wiki xmlrpc for
3893 backup and wiki page copying applications
3894 * Updated the XSLT parser to work with 4Suite 1.0a1
3895 * more infos in cgi tracebacks
3896 * UPDATE.html is a HTML version of MoinMaster:HelpOnUpdating
3898 Unfinished or experimental features:
3899 * user defined forms
3900 * XML export of all data in the wiki
3901 * RST parser (you need to install docutils to use this)
3905 * do not use / display user's email address in public places
3908 * Removed two cross-site scripting vulnerabilities reported by "office"
3911 * Bugfix for PageList when no arguments are given
3912 * Disallow full-text searches with too short search terms
3913 * [ 566094 ] TitleIndex now supports grouping by Hangul Syllables
3914 * fix for multibyte first char in TitleIndex
3915 * Footnotes were not HTML escaped
3916 * Numbered code displays are now in a table so that you can cut the
3917 code w/o the numbers
3918 * Bugfix for wrong mail notifications
3919 * Create unique anchors for repeated titles
3920 * [ 522246 ] Transparently recode localized messages
3921 * [ 685003 ] Using "preview" button when editing can lose data
3922 * use gmtime() for time handling
3923 * fixed negative gmtime() arguments
3924 * [[Include]] accepts relative page names
3925 * fixed ||NotInterWiki:||...||
3927 -----------------------------------------------------------------------------
3928 Version 1.0 (2002-05-10, Revision 1.159)
3930 THIS IS THE LAST RELEASE WITH PYTHON 1.5.2 SUPPORT! If severe bugs
3931 should occur, a maintenance release will fix them.
3933 Some optional features (like statistics) already require Python 2.0.
3936 * security fix: "allow_xslt" has to be set to 1 in order to enable
3937 XSLT processing; note that this defaults to 0 because XSLT is able
3938 to insert arbitrary HTML into a wiki
3939 * "action=content" for transclusion into static web pages; emits the
3940 pure page content, without any <html>, <head>, or <body> tags
3941 * "?action=links&mimetype=text/plain" works like MeatBall:LinkDatabase
3942 * "Preferred language" and "Quick links" user settings
3943 * Added "processor" concept, processors work on the data in "code
3944 displays" and are called by a bangpath in the first line of data
3945 * Processors: Colorize, CSV (see HelpOnProcessors)
3946 * New icons: "{OK}", "(./)", "{X}", "{i}", "{1}", "{2}" and "{}"
3948 * FullSearch now displays context information for search hits
3949 * DeletePage offers a textentry field for an optional comment
3950 * Email notifications are sent in the user's language, if known from
3952 * @PAGE@ is substituted by the name of the current page (useful
3955 Unfinished features:
3956 * user defined forms
3957 * XML export of all data in the wiki
3958 * RST parser (you need to install docutils to use this)
3962 * Syntax warning with Python 2.2 fixed
3963 * Macro-generated pagelinks are no longer added to the list of links
3964 * error codes returned by "diff" are reported
3965 * fix for attachments on pages with non-USASCII names
3966 * correct handling of spaces in attachment filenames and URLs
3968 -----------------------------------------------------------------------------
3969 Version 0.11 (2002-03-11, Revision 1.151)
3971 Most important new features: file attachments, definition list markup
3972 (glossaries), change notification via email, variable substitution when
3973 saving pages, edit preview, and improved documentation.
3975 Note that the RSS features require a recent PyXML (CVS or 0.7) due to
3976 bugs in the namespace handling of xml.sax.saxutils in earlier versions.
3977 This is (hopefully) automatically detected on every installation.
3979 Statistical features are NOT designed to work with Python 1.5.2 and
3980 require Python 2.0 or higher. Overall, MoinMoin 0.11 is not explicitely
3981 tested for 1.5.2 compatibility.
3984 * XML formatting now (most often) produces well-formed, and, depending
3985 on proper layout of the wiki page, valid StyleBook XML
3986 * Headers are now automatically numbered, unless you set the config
3987 item 'show_section_numbers' to 0
3988 * "#pragma section-numbers off" (or "0") switches that off explicitely,
3989 and "on" or "1" enables numbering
3990 * Added a "contributions" directory for 3rd party extensions
3991 * AttachFile action, contributed by Ken Sugino; note that you have
3992 to enable this action because of the possibility of DoS attacks
3993 (malicious uploads), by adding this to your moin_config:
3994 allowed_actions = ['AttachFile']
3995 * "attachment:" URL scheme allows access to attachments, to get files
3996 from other pages use "attachment:WikiName/filename.ext".
3997 * New macros: Date(unixtimestamp) and DateTime(unixtimestamp) to
3998 display a timestamp according to system/user settings
3999 * Variable substitution when a page is saved, note that saving
4000 template pages does NOT expand variables. Supported are:
4001 @DATE@ Current date in the system's format
4002 @TIME@ Current date and time in the user's format
4003 @USERNAME@ Just the user's name (or his domain/IP)
4004 @USER@ Signature "-- loginname"
4005 @SIG@ Dated Signature "-- loginname date time"
4006 @MAILTO@ A fancy mailto: link with the user's data
4007 * Copied some new emoticons from PikiePikie
4008 || {{{ :-? }}} || :-? || tongue.gif ||
4009 || {{{ :\ }}} || :\ || ohwell.gif ||
4010 || {{{ >:> }}} || >:> || devil.gif ||
4011 || {{{ %) }}} || %) || eyes.gif ||
4012 || {{{ @) }}} || @) || eek.gif ||
4013 || {{{ |) }}} || |) || tired.gif ||
4014 || {{{ ;)) }}} || ;)) || lol.gif ||
4015 * AbandonedPages macro
4016 * Added definition list markup: {{{<whitespace>term:: definition}}}
4017 * Added email notification features contributed by Daniel Sa� * SystemInfo: show "Entries in edit log"
4018 * Added "RSS" icon to RecentChanges macro and code to generate a
4019 RecentChanges RSS channel, see
4020 http://www.usemod.com/cgi-bin/mb.pl?UnifiedRecentChanges
4022 * Added config.sitename and config.interwikiname parameter
4023 * Better WikiFarm support:
4024 * <datadir>/plugin/macro and <datadir>/plugin/action can be used
4025 to store macros and actions local to a specific wiki instance
4026 * config.shared_intermap can contain a pathname to a shared
4027 "intermap.txt" file (i.e. one stored outside the datadir)
4028 * added `backtick` shortcut for {{{inline literal}}} (has to be
4029 enabled by "backtick_meta=1" in the config file); note that ``
4030 is then a shorter replacement for '''''' escaping
4031 * added inline search fields (at the bottom of each page)
4032 * Added preview to the editor, including spell checking
4033 * New languages: Chinese (Changzhe Han) and Portuguese (Jorge
4034 Godoy), updated French (Lucas Bruand), added Korean (Hye-Shik
4035 Chang) and Italian (Lele Gaifax)
4036 * New SystemAdmin macro
4037 * `[[Anchor(anchorname)]]` macro to insert anchors into a page,
4038 and [#anchorname Anchor Links].
4039 * User option to open editor view via a double-click
4040 * Added commentary field to editor, recent changes and page info
4041 * Page trails (user option)
4042 * UserPreferences: checkboxes for double-click edit, page trail,
4043 fancy links, emoticons, jump to last page visited, and some
4044 other yes/no options
4045 * "config.nonexist_qm" is now the default for a user setting
4046 * `[[GetText(text)]]` macro loads I18N texts (mainly intended
4047 for use on Help pages)
4048 * table attributes via "||<attrlist> ... ||", more details on
4049 http://purl.net/wiki/moin/HelpOnTables
4050 * PythonFaq interwiki tag and support for $PAGE placeholder
4051 * event logging, as the basis for future statistics
4052 * "moin-dump" command line tool to create a static copy of
4054 * "config.external_diff" allows to set an exact path to the
4055 command, or change the name to for example "gdiff" if GNU
4056 diff is not a native command in your UNIX flavour
4057 * `[[PageSize]]` macro
4058 * the interwiki name "Self" now always points to the own wiki
4059 * config.title1 and config.title2 are inserted into the output
4060 right before and after the system title html code (title1
4061 is right after the <body> tag and normally undefined, title2
4062 defaults to the "<hr>" above the page contents)
4063 * Additional link on diff pages to ignore whitespace changes
4064 * Subpages (config.allow_subpages, config.page_icons_up)
4065 * super^script^, sub,,script,, and __underline__ markup
4066 * `[[FootNote]]` macro
4067 * many other new config options, see HelpOnConfiguration for
4069 * [[StatsChart(type)]] shows statistical charts (currently
4070 defined types: hitcounts, pagesize, useragents)
4071 * 'inline:' scheme works like 'attachment:', but tries to
4072 inline the content of the attachment into the page;
4073 currently knows about "*.py" sources and colorizes them
4074 * support for Java applet "TWikiDrawPlugin" via
4075 drawing:<drawingname> URL scheme (you need to activate
4076 the AttachFile action if you want drawings)
4077 * numeric entities (&#nnnnn;) are now optionally NOT escaped,
4078 which allows you to insert more characters into a Latin-1
4079 page, especially the Euro symbol
4080 * navi_bar is now a list of page names which should be linked
4082 * test.cgi is now rolled into moin.cgi, and can be called
4083 by adding "?test" to the wiki base URL. Also, as a security
4084 feature, the server's environment is only shown for requests
4085 local to the web server.
4087 Unfinished features:
4088 * user defined forms
4089 * XML export of all data in the wiki
4092 * extended the online help ("Help*" pages)
4093 * German help pages (thanks to Thomas Waldmann)
4096 * #425857: python Parser bug on the second call
4097 * #424917: Caching control
4098 * #465499: Two HTTPS problems
4099 * #491155: FrontPage hardcoded
4100 * Handling of inbound UTF-8 encoded URIs (only with Python >= 2.0)
4101 * Fix for subtle changes in "re" of Python 2.2
4102 * User-provided URLs are now never URL-escaped, which allows appending
4103 #anchors and using %20 for spaces in InterWiki links
4105 -----------------------------------------------------------------------------
4106 Version 0.10 (2001-10-28, Revision 1.134)
4108 This version is still Python 1.5.2 compatible, but it's not extensively
4109 tested for that version and some parts of the system might not work
4110 there, especially seldom used macros and actions. Bug reports welcome!
4113 * "#deprecated" processing instruction
4114 * config entry "SecurityPolicy" to allow for customized permissions
4115 (see "security.py" for more)
4116 * added distutils support
4117 * though not extensively tested, the standalone server now does POST
4118 requests, i.e. you can save pages; there are still problems with
4119 persistent global variables! It only works for Python >= 2.0.
4120 * "bang_meta" config variable and "!NotWikiWord" markup
4121 * "url_mappings" config variable to dynamically change URL prefixes
4122 (especially useful in intranets, when whole trees of externally
4123 hosted documents move around)
4124 * setting "mail_smarthost" and "mail_from" activates mailing
4125 features (sending login data on the UserPreferences page)
4126 * very useful for intranet developer wikis, a means to view pydoc
4127 documentation, formatted via a XSLT stylesheet, for details see
4128 http://purl.net/wiki/python/TeudViewer?module=MoinMoin.macro.TeudView
4129 or MoinMoin/macro/TeudView.py
4130 * "LocalSiteMap" action by Steve Howell <showell@zipcon.com>
4131 * Added FOLDOC to intermap.txt
4134 * Full config defaults, import MoinMoin now works w/o moin_config.py
4135 * Better control over permissions with config.umask
4136 * Bugfix for a UNIX time billenium bug (affecting RecentChanges
4137 sorting and page diffs)
4138 * data paths with directory names containing dots caused problems
4140 -----------------------------------------------------------------------------
4141 Version 0.9 (2001-05-07)
4144 * XML page input (pages that start with "<?xml") and XSLT formatting
4145 * Page caching, for now limited to XSLT processing (where it's
4146 absolutely needed); new code & API to add the "RefreshCache" link
4147 * Selection of common date/time formats in UserPreferences
4148 * New action "titleindex" to support wiki introspection (MetaWiki);
4149 see the new links below the index bar in "TitleIndex"
4150 * UserPreferences: editable CSS URL for personal styles
4151 * PageInfo: the editor's name or IP is shown for each change
4152 * WantedPages: a new macro that lists links to non-existent pages
4153 * OrphanedPages: a new macro that lists pages no other page links to
4154 * Extensions to the FullSearch macro (see HelpOnMacros)
4155 * Python syntax highlighting
4156 * "DeletePage" action (has to be activated, see MoinMoinFaq)
4157 * "Remove trailing whitespace from each line" option in the editor
4158 * I18N (currently German and Swedish)
4159 * Config option "url_schemas" to extend the supported URL types
4160 * Improved tracebacks by using Ka-Ping's "cgitb"
4163 * The editor now sends a "no-cache" HTTP header
4164 * "PageList" results are now sorted
4165 * New config parameter "html_head_queries": send additional header
4166 for all pages EXCEPT the "normal" view; main usage is to have
4167 only the normal pages indexed by a spider, not the edit, print,
4168 etc. views (which cause multiple hits on the same information)
4169 * Store the modification time of the page file in the editlog, not
4170 the current time when the log entry is created
4172 -----------------------------------------------------------------------------
4173 Version 0.8 (2001-01-23)
4176 * Page templates (create a new page using a template page, by Richard)
4177 * Pluggable actions (by Richard)
4178 * Added "diff since bookmark"
4179 * Only "normal" URLs (outside of brackets) are converted to inline images
4180 * Show number of backups in SystemInfo macro
4181 * Show info on installed extension macros and actions
4182 * New macro: [[BR]] for line breaks
4183 * New action "LikePages" (again, Richard)
4184 * Highlighting of search results, and of bad words when spellchecking
4185 * Support for "file:" URLS
4186 * "SpellCheck" action (Richard, me, and Christian)
4187 * [[Include]] macro (you guessed it, Richard)
4190 * Update bookmark with load time, not click time
4191 * Changed CSS styles to better suit Netscape's broken handling of CSS
4193 -----------------------------------------------------------------------------
4194 Version 0.7 (2000-12-06)
4197 * RecentChanges bookmarking
4201 * Non-greedy extended WikiNames
4203 -----------------------------------------------------------------------------
4204 Version 0.6 (2000-12-04)
4207 * [[UserPreferences]] macro and associated functions
4208 * [[TableOfContents]] macro
4209 * Mechanism for external macros (user extensions)
4210 * Numbered list types and start offsets
4213 * Search dialogs did not work on the FrontPage
4214 * Add newline to text if last line has none (better diffs)
4216 -----------------------------------------------------------------------------
4217 Version 0.5 (2000-11-17)
4220 * Major refactoring: code is now broken up into modules within the
4222 * Diagnosis of installation via a "test.cgi" script
4224 * "#format" processing instruction
4226 * [[RandomPage]] and [[RandomPage(number)]] macro
4227 * configurable footer ("page_footer1" and "page_footer2")
4228 * "#redirect" processing instruction
4231 * Bugfix for broken CGI environment of IIS/4.0
4232 * URLs and InterWiki links are now less greedy (punctuation at the end
4233 is excluded, and "<" ends them, too)
4235 -----------------------------------------------------------------------------
4236 Version 0.4 (2000-11-01)
4239 * Table markup "||a||b||c||"
4240 * Headlines "= H1 =", "== H2 ==", and so on up to H5
4241 * [[PageCount]] macro
4242 * Added [[Icon(image)]] macro and macro arguments
4243 * [[PageList(title-regex)]] macro
4244 * New help system (set of help pages describing all features)
4247 * Create complete URL for "Clear message" link
4248 * Inline code spans needed cgi.escape
4249 * Better fix for Python 1.6 "re" problems
4250 * Fix for uppercase extensions in inline images ("foo.JPG")
4251 * Fixed colspan in RecentChanges
4252 * HR size is now limited to 8
4253 * "}" ends an URL pattern (fixes URLs right at the end of code displays)
4255 -----------------------------------------------------------------------------
4256 Version 0.3 (2000-10-25)
4259 * Check for inline images with InterWiki links (Spam:eggs.gif)
4260 * New config variable "allow_extended_names", which enables markup for
4261 wiki names containing ANY character like this: ["any chars"]
4262 * New config variable "html_head"
4263 * New macro [[SystemInfo]]
4264 * Added inline code ("{{{" and "}}}" on the same line)
4265 * Support for new config variable "max_macro_size"
4268 * Don't treat sequences with a double colon (CPP::Namespace) as an
4270 * The local part of InterWiki links is now correctly URL-escaped
4271 * Quickfix for a bug in 1.6's regular expressions
4272 * Fixed "SpamSpamSpam" bug (multiple entries in word list)
4273 * Anchor names get quoted in WordIndex and TitleIndex
4274 * Filtering of filenames in page_list() corrected
4275 * Escape &, <, > when sending the editor
4276 * Final(?) fix for japanese wiki names
4278 -----------------------------------------------------------------------------
4279 Version 0.2 (2000-08-26)
4282 * When saving, a datestamp saved in the form and that of the file are
4283 compared now; so, accidently saving over changes of other people is
4284 not possible anymore (saving still needs file locking though, for
4286 * if the directory "backup" exists in the data dir, pages are saved
4287 there before a new version is written to disk
4288 * Removed the "Reset" button from EditPage
4289 * Added "Reduce editor size" link
4290 * Added Latin-1 WikiNames (JürgenHermann ;)
4291 * Speeded up RecentChanges by looking up hostnames ONCE while saving
4292 * Show at most 14 (distinct) days in RecentChanges
4293 * Added icons for common functions, at the top of the page
4294 * Added a printing preview (no icons, etc.)
4295 * Added bracketed (external) URLs
4296 * Added support for quoted URLs ("http://...")
4297 * Added styles for :visited links to CSS
4298 * Embed image if an URL ends in .gif/.jpg/.png
4299 * No markup detection in code sections
4300 * Grey background for code sections
4301 * Added handling for numbered lists
4302 * the edit textarea now grows in width with the browser window
4303 (thanks to Sebastian Dau�for that idea)
4304 * Added page info (revision history) and viewing of old revisions
4305 * Added page diff, and diff links on page info
4306 * Added InterWiki support (use "wiki:WikiServer/theirlocalname"; the list
4307 of WikiServers is read from "data/intermap.txt")
4308 * Added "normal" InterWiki links
4309 * Added "action=raw" to send the raw wiki markup as text/plain (e.g. for
4310 backup purposes via wget)
4313 * Removed an exception when saving empty pages
4314 * Fixed bold nested into emphasis ('''''Bold''' Italic'')
4316 -----------------------------------------------------------------------------
4317 Version 0.1 (2000-07-29)
4319 Improvements over PikiPiki 1.62:
4320 * Moved configuration to "moin_config.py"
4321 * Added "edit_rows" setting
4322 * Added navigation bar
4323 * Improved HTML formatting
4324 * Added timing comment (page created in xx secs)
4325 * ISO date and time formats by default
4326 * Formatted RecentChanges with HTML tables
4327 * Uppercase letters for the index pages
4328 * Added PythonPowered logo
4331 * Javadoc comments now get formatted properly in {{{ }}} sections
4332 * Remove \r from submitted pages (so we get PORTABLE wiki files)
4333 * chmod(0666) eases manual changes to the data dir
4335 -----------------------------------------------------------------------------