New in JSPWiki 2.11.3 - Released on 02/08/2022#

• Engine Lifecycle Extensions
• JSPWIKI-802 - Markdown support improvements
  • Plain editor now understands different wiki syntaxes, with initial support for Markdown
  • org.apache.wiki.markdown.migration.WikiSyntaxConverter to convert from JSPWiki syntax to markdown
• JSPWIKI-1075 - New CsrfProtectionFilter to protect POST requests from CSRF attacks
  • org.apache.wiki.api.core.Session gains new String antiCsrfToken() method
  • Custom templates must ensure that all <form> elements and the commonheader.jsp file contain a <wiki:CsrfProtection/> custom tag (like this and this)
• JSPWIKI-1171 - Ensure Lucene indexes all pages and attachments, even when they don't fit in the cache
• Fixed logout modal dialog not showing up
• Add default application name on <title> elements to templates' templates, and Main as default frontpage is none is defined on default template
• Upgraded bundled dependencies
  • Awaitility to 4.2.0
  • JUnit to 5.9.0
  • HSQLDB to 2.7.0
  • Log4J to 2.18.0
  • Lucene to 8.11.2
  • Mockito to 4.6.1
  • Selenide to 6.6.6
  • Tika to 2.4.1
  • Tomcat to 9.0.65
  • XStream to 1.4.19
• Security Fixes
  • CVE-2022-27166
  • CVE-2022-28730
  • CVE-2022-28731
  • CVE-2022-28732
  • CVE-2022-34158
• Devs only
  • JSPWiki memory footprint can be established by running mvn test -Dtest=MemoryProfiling on the jspwiki-main module
  • TestEngine#shutdown now cleans cache, wiki pages dir and their associated attachments, if any. This allows cleaning up a handful of tests
  • TestEngine#emptyWikiDir deletes both page and attachment directories
  • TestEngine is able to not clean up directories / ensure they have unique names if jspwiki.test.disable-clean-props wiki property is set to true

New in JSPWiki 2.11.2 - Released on 24/02/2022#

• JSPWIKI-802 - Markdown support improvements
  • Added support for WYSIWYG editor
  • Added Attributes, Definition, Tables and TOC extension extensions
• Upgraded bundled dependencies
  • Awaitility to 4.1.1
  • Log4J to 2.17.1
  • Lucene to 8.11.1
  • Mockito to 4.3.1
  • Selenide to 6.3.3
  • SLF4J to 1.7.36
  • Tika to 2.3.0
  • Tomcat to 9.0.58
• Security Fixes
  • CVE-2022-24947
  • CVE-2022-24948

New in JSPWiki 2.11.1 - Released on 18/12/2021#

• Fix for Log4J-CVE-2021-44228
• Cache management moved to a new maven module, jspwiki-cache
  • Cache backend can now be overriden by providing a custom CachingManager via classmappings-extra.xml
  • Default cache manager remains ehcache-based, with default configuration file on classpath located at ehcache-jspwiki.xml
  • Tests wanting to invalidate cache(s) should call either Engine#shutdown() or Engine#getManager( CachingManager.class ).shutdown()
  • The jspwiki.cache.config-file setting on the jspwiki[-custom].properties file allows to use a custom ehcache configuration file, located elsewhere on classpath
  • Fixed JSPWIKI-873 - AttachmentManager#getAllAttachments() does not return more than exactly 1000 attachments
• A few properties from jspwiki[-custom]-properties are being deprecated , they will continue to work, but they'll be removed on a future version
  • jspwiki.usePageCache -> jspwiki.cache.enable should be used instead
  • jspwiki.attachmentProvider -> jspwiki.attachment.provider should be used instead
  • jspwiki.attachmentProvider.adapter.impl -> jspwiki.attachment.provider.adapter.impl should be used instead
• Upgraded bundled dependencies
  • Awaitility to 4.1.1
  • Log4J to 2.16.0
  • JUnit to 5.8.2
  • Mockito to 4.1.0
  • Selenide to 6.1.1
  • Tomcat to 9.0.56
• Security Fixes
  • Log4J-CVE-2021-44228

New in JSPWiki 2.11.0 - Released on 22/11/2021#

• Added AWS Kendra as a Search Provider, contributed by Julien Masnada, thanks!
• breaking change: New logging facade, Log4J2 (2.14.1), supersedes existing Log4J one
  • Although all Log4J (and SLF4J) calls are transparently routed to Log4J2, the log configuration inside jspwiki.properties has changed, so installations with customized logging configuration will need to be set up again.
  • Existing 3rd party plugins, filters and providers will continue to work as expected, as Log4J calls will be routed to Log4J2, but the use of Log4J2 should be preferred onwards.
  • By default, JSPWiki will configure Log4J2 from the jspwiki[-custom].properties files, expecting log configuration to be there using Log4J2 properties syntax
  • jspwiki.use.external.logconfig=true can still be used on jspwiki[-custom].properties files to bypass JSPWiki log re-configuration and rely directly on Log4J2 configuration mechanisms
  • IMPORTANT: if you're using a JSPWiki customized .war, please ensure that neither Log4J nor any SLF4J implementation end up in your customized .war.
• JSPWIKI-1143 - SpamFilter now accepts the jspwiki.filters.spamfilter.allowedgroups property as a comma separated list of groups that will bypass the filter.
• JSPWiki now takes the following properties sources:
  1. Default JSPWiki properties
  2. System environment
  3. JSPWiki custom property files
  4. JSPWiki cascading properties
  5. System properties
  • With the later ones taking precedence over the previous ones. To avoid leaking system information, only System environment and properties beginning with jspwiki (case unsensitive) are taken into account.
  • Also, to ease docker integration, System env properties containing _ are turned into .. F.ex., ENV jspwiki_fileSystemProvider_pageDir would be loaded as jspwiki.fileSystemProvider.pageDir.
• JSPWIKI-1147 - The button "Clear user preferences" doesn't clear user preferences
• JSPWIKI-1140 - Autogenerate changenote on page comments
• Devs only
  • JSPWiki Docker image available on Docker Hub
  • JSPWIKI-1160 - JSPWiki is built using JDKs 8, 11 and 17
• Upgraded bundled dependencies
  • Awaitility to 4.1.0
  • Commons IO to 2.11.0
  • Commons Lang to 3.12.0
  • EhCache to 2.10.9.2
  • Gson to 2.8.9
  • HSQLDB to 2.6.1
  • Jetty-all to 9.4.44.v20210927
  • JUnit to 5.8.1
  • Lucene to 8.11.0
  • Mockito to 4.0.3
  • Selenide to 6.0.3
  • SLF4J to 1.7.32
  • Tika to 2.1.0
  • Tomcat to 9.0.55
• Security Fixes
  • CVE-2021-40369
  • CVE-2021-44140

New in JSPWiki 2.11.0.M8 - Released on 13/12/2020#

• Lucene Index not updated on edits/new page - JSPWIKI-1131
  • Fixes problems with Searches and Workflows' persistence on disk introduced on 2.11.0.M7
• Show only part of Weblog entry on the overview page - JSPWIKI-1114
  • Preview parameter cutting now only at newlines, patch suggested by Ulf Dittmer - thanks!
• Ensure IndexPlugin works with non-blank page references.
• Completed french and german (JSPWIKI-1134) translations - thanks to Ainara González Pérez and Dietrich Schmidt!
• Devs only
  • Added functional tests for page edits and page searches.
  • Simplified generation of portable build native binaries
• Upgraded bundled dependencies
  • Awaitility to 4.0.3
  • Commons IO to 2.8.0
  • Commons Lang to 3.11
  • Commons Text to 1.9
  • Flexmark to 0.62.2
  • Hsqldb to 2.5.1
  • JUnit to 5.7.0
  • Lucene to 8.7.0
  • Mockito to 3.6.28
  • Selenide to 5.16.2
  • Tika to 1.25
  • Tomcat to 9.0.40

New in JSPWiki 2.11.0.M7 - Released on 28/05/2020#

• JSPWiki Public API (Devs only - JSPWIKI-120, JSPWIKI-303, JSPWIKI-806)
  • Starting point for custom extensions
  • How to write a plugin
  • How to write a filter
  • How to write a page provider
  • Versioning proposal
• Workflows' state now survive between restarts (JSPWIKI-304)
• Improved russian translation (PR13) - contributed by Kideath, thanks!
• Upgraded bundled dependencies
  • Commons Lang to 3.10
  • Flexmark to 0.61.32
  • JUnit to 5.6.2
  • Lucene to 8.5.1
  • Mockito 3.3.3, introduced as a mock testing library
  • Selenide to 5.11.1
  • SLF4J to 1.7.30
  • Tika to 1.24
  • Tomcat to 9.0.35

New in JSPWiki 2.11.0.M6 - Released on 17/12/2019#

• Devs only
  • Official Dockerfile image
  • A couple of methods moved out of WikiEngine
  • TestEngine static builder methods
• Small bug fixed (JSPWIKI-1120), contributed by Haris Adzemovic, thanks!
• New javadoc doclet (i.e., compare #1 against #2)
• Upgraded bundled dependencies
  • Flexmark to 0.50.44
  • Lucene to 8.3.1
  • Selenide to 5.5.1
  • SLF4J to 1.7.29
  • Tika to 1.23
  • Tomcat to 8.5.49

New in JSPWiki 2.11.0.M5 - Released on 18/09/2019#

Apache JSPWiki 2.11.0.M5 is the fifth release towards 2.11.0.

This release features, among other things:

• Keyword support for JSPWiki pages - JSPWIKI-427
  • Use [{SET keywords=a,b,c}] to add keywords to a page. They will be shown in the info drop-down menu, and will be added as META tags to your page.
• Show only part of Weblog entry on the overview page - contributed by Ulf Dittmer - JSPWIKI-1114
• Security fixes - CVE-2019-10087, CVE-2019-10089, CVE-2019-10090, CVE-2019-12404 and CVE-2019-12407
• Friendlier wiki page Lucene indexing when using custom analyzers - JSPWIKI-893
• Upgraded bundled dependencies - JSPWIKI-1115
  • commons-lang to 3.9
    • dev-only breaking change: if you were using commons-lang transitively on your extension, you must declare it explicitly or migrate it to commons-lang 3
  • commons-text to 1.8
  • flexmark to 0.50.40
  • hsqldb to 2.5.0
  • jaxen to 1.2.0
  • jdom2 to 2.0.6
  • junit to 5.5.2
  • lucene to 8.2.0
  • selenide to 5.3.1
  • slf4j to 1.7.28
  • tika to 1.22
  • tomcat to 8.5.45
• Devs only
  • dev-only breaking change: Removed @Deprecated code
  • Switch Sonar instance to sonarcloud.io - INFRA-18845

New in JSPWiki 2.11.0.M4 - Released on 18/05/2019#

Apache JSPWiki 2.11.0.M4 is the fourth release towards 2.11.0.

This release features, among other things:

• New TikaSearchProvider, to index a lot more of attachments - contributed by Ulf Dittmer - JIRA:469
• LuceneSearchProvider now indexes all attachment filenames, whether their content is parsed or not, and also scans .md and .xml files
• Security fixes - JSPWIKI-1107, JSPWIKI-1108 and JSPWIKI-1109
• Haddock improvements
  • UserPreferences page has been extended to allow the users to view and delete page-based cookies
  • Attachment lists are now sortable on the attachment size field
• InsertPagePlugin now also supports cookie based inserts, useful for one time page includes (i.e GDPR, welcome to this site, etc.) - JSPWIKI-1104
• Adding the jspwiki.attachment.forceDownload property - JSPWIKI-1106
• Wiki Markup enhacements and fixes
  • Add support for mixed css-class & css-style markup - JSPWIKI-1100
  • Improve rendering of inline preformatted text - JSPWIKI-1101
  • Added interwiki link for location links (google maps) eg: [Atomium|Location:Atomium, City of Brussels, Belgium]
• Upgraded bundled dependencies - JSPWIKI-1110
  • commons-io to 2.6
  • flexmark to 0.42.6
  • jaxen to 1.2.0
  • jdom2 to 2.0.6
  • junit to 5.4.2
  • tomcat to 8.5.40
• Devs only
  • New aggregated apidocs are available online, in addition to those available through maven repositories.

New in JSPWiki 2.11.0.M3 - Released on 25/03/2019#

Apache JSPWiki 2.11.0.M3 is the third release towards 2.11.0.

This release features, among other things:

• Haddock improvements
  • Haddock Light appereance is enabled by default, as opposed to 2.11.0.M2
  • Drag & Drop capabilities added to the standard JSPWiki editor
  • Added Description meta-tag to improve on-page SEO
  • Added the Content-Security-Policy meta-tag to reduce the risk of XSS attacks
• Removed unused top level JSP - JSPWIKI-1093
  • Fixes CVE-2019-0224
• DefaultURLConstructor#getForwardPage( HttpServletRequest req ) now always returns Wiki.jsp - JSPWIKI-1095
  • Fixes CVE-2019-0225
• Upgraded bundled dependencies - JSPWIKI-1096
  • flexmark to 0.40.24
  • lucene to 8.0.0
  • selenide to 5.2.2
  • slf4j to 1.7.26
  • tomcat to 8.5.39

New in JSPWiki 2.11.0.M2 - Released on 08/03/2019#

Apache JSPWiki 2.11.0.M2 is the second release towards 2.11.0.

This release features, among other things:

• Haddock Dark appereance, enabled by default
  • if you want to keep the Light appereance by default, set jspwiki.defaultprefs.template.appearance to false on your jspwiki[-custom].properties file
• Fixes related to Haddock being the default template as of 2.11.0.M1
  • Fixes for Reader view (JSPWIKI-1090), Diff view (JSPWIKI-1091) and WYSIWYG editor, which were incorrectly rendered
  • Fallback to default template if the requested template folder is not found - JSPWIKI-1088
    • this allows to 2.10 installations having set to haddock the jspwiki.templateDir property to keep that value, as opposed to 2.11.0.M1 behaviour
• Fixed buggy header width in Fixed Page Layout - JSPWIKI-1074
• Upgraded bundled dependencies - JSPWIKI-1092
  • flexmark to 0.40.16
  • gson to 2.8.5
  • junit to 5.4.0
  • lucene to 7.7.0
  • nekohtml to 1.9.22
  • stripes to 1.7.0-async (needed to test JSPWIKI-1088)
  • tomcat to 8.5.38
• Devs only
  • classes on org.apache.wiki.util package have been moved to their own maven module, org.apache.jspwiki:jspwiki-util

New in JSPWiki 2.11.0.M1 - Released on 29/01/2019#

Apache JSPWiki 2.11.0.M1 is the first release towards 2.11.0.

This release features, among other things:

• Haddock as new default template - JSPWIKI-1083
  • if you need to revert to the 2.10 default template, you should set the jspwiki.templateDir property to 210 on your jspwiki[-custom].properties file
  • 2.10.X users: haddock is not a valid jspwiki.templateDir value anymore, so if you have set it to this value, you should change it to default
  • added the following pages to the core pages' bundles, as they enable some more haddock functionality
    • CSSBackgroundGradients: see Background Gradients
    • CSSBackgroundPatterns: see Background Patterns
    • CSSInstagramFilters: see Instagram Filters
    • CSSPrettifyThemeTomorrowNightBlue: see Prettify Theme Tomorrow Night Blue
    • CSSPrettifyThemeTomorrowPrism: see Prettify Theme Prism
    • CSSRibbon: see Ribbon
    • CSSStripedText: see Striped Text
    • CSSThemeCleanBlue: see Clean Blue Theme
    • CSSThemeDark: see Dark Theme
• Default locale can now be set server-side through the jspwiki.preferences.default-locale property on your jspwiki[-custom].properties file - JSPWIKI-1085
• Fix for JSPWIKI-932: Failed to start managers. java.util.ConcurrentModificationException
• Third-party plugin jars are loaded as much as possible, instead of the all-or-nothing approach on 2.10 - JSPWIKI-1080
• New requirements - JSPWIKI-1076
  • Java 8 needed to run JSPWiki
  • Servlet 3.1 / JSP 2.3 compliant JEE server (i.e., Tomcat 8.5 and onwards)
• Upgraded bundled dependencies - JSPWIKI-1087
  • commons-fileupload to 1.4
  • ehcache to 2.10.6
  • flexmark to 0.40.12
  • junit to 5.3.2
  • lucene to 7.6.0
    • 2.10.X users: when upgrading, Lucene index must be rebuilt in order to get the search going; to do so you'll have to delete the jspwiki.workDir/lucene directory
  • tomcat to 8.5.37
• Devs only:
  • New JSPWiki jar maven coordinates: org.apache.jspwiki:jspwiki-main - JSPWIKI-1081
  • At least JDK 8 and Maven 3.5.0 needed to build JSPWiki - JSPWIKI-1076
  • JUnit 5 is now used for testing - JSPWIKI-1078
  • Functional tests now use Selenide instead of Selenium - JSPWIKI-1086
  • Backwards API incompatible changes: https://jspwiki.apache.org/japicmp/2.11.0.M1/

What does that M# mean anyway?#

M# releases are as production-ready as any other JSPWiki release, so you should not be concerned about its stability.

Please look at the VersioningProposal page to know how this label is used on Apache JSPWiki releases.