Foswiki 2014 / 2015 Update

Hello Foswiki Community,

As 2014 draws to a close, we are much closer to beta for Foswiki 1.2.0.  This release has been several years in the making, and has an extremely broad list of features.    There are 397 Tasks with checkins and 49 FeatureProposals merged. Everyone’s waited long enough for 1.2.0, and we hope to start the release process early in 2015.

You can see the complete list of major features at http://foswiki.org/Development/ReleasePlan#Release_1.2.   Some of the many accomplishments in 2014:

  • Foswiki source now resides on Github. It’s much easier to contribute to the project. https://github.com/foswiki
  • Major restructuring of the Foswiki Store has been completed.
    • Foswiki is now store-agnostic, and can use many different store backends as well as the current RCS.
    • Backends have been written for several database engines, including PostgreSQL, MySQL, SQL Server and MongoDB.
    • Foswiki will default to a new PlainFile store on new installations.
  • Configure has had a huge amount of remodeling and modernization.    It’s now lightweight, javascript / jsonrpc based, and includes a shell interface for configuration changes from the command line.
  • A new completely rewritten PageCache greatly improves performance.
  • There is a new Editor interface,  NatEdit, and an updated TinyMCE.
  • Several other extensions have been modernized.
  • Foswiki now “bootstraps” itself, and will work even with a missing LocalSite.cfg.   unzip and go!
  • Support for Nginx, Lighttpd and other FCGI web servers is all there.
  • We’ve gone through several rounds of security audits and a lot of behind-the-scenes work to make Foswiki more robust and secure.
  • The list of “real” release blockers is down to only a few minor issues:   http://foswiki.org/Tasks/MinorReleaseBlocker
  • The Foswiki developers have been holding release meetings generally bi-weekly,  minutes at http://foswiki.org/Development/ReleaseMeetings.  Everyone is welcome to attend!  Meetings resume on Monday January 12th at 1300Z
  • Or join an impromptu meeting on #foswiki anytime.

For stocking stuffers and New Year’s resolutions, we need help with several things:

  • There are a large number of tasks in status “New” that still need developer review.  We need help triaging tasks:
    • Assign a Component,   An extension or a core component, so we can find the tasks later
    • Set the status: Confirmed,   Waiting for Feedback,  or No Action Required.  Or a new status: Needs Developer
    • Please try not to leave tasks in status “New”
  • Life moves on,  people change jobs,  and work gets left incomplete / extensions get orphaned.   These are a great opportunity to get some experience in development.   Many of us started with Open Source to “scratch an itch”.  You don’t have to start big.  If you’ve locally patched a bug, please contribute it back.   Anyone can “fork a repository” on GitHub and submit patches with a pull request.
  • We need to reboot the Translation process.  As soon as we can get the translate software rebuilt we’ll be asking the translators to begin their work. If you’d like to be involved, please subscribe to the Foswiki-translations email list at: http://sourceforge.net/p/foswiki/mailman/   If your native language is other than English, we need your help.

In summary, Foswiki is looking forward to a major release in 2015, consolidating the platform for the future. Any open source project lives and breathes through it’s contributors, so please get involved today and help shape the future of this great project!

On behalf of the Foswiki Developers and the Foswiki Association, we wish you all a Happy New Year.

George.

Foswiki update May 2014

Hello Foswiki community, Time for an overdue update of the Foswiki project.   Read on for notes on the Foswiki Association meetings, the upcoming Foswiki 1.2 release,  Foswiki Translations,  the Foswiki Task Teams, and the Foswiki infrastructure and GitHub migration.

 

Enjoy community.

 

Foswiki Association

The Foswiki association held its Fifth General Assembly on .17th May 2014.   Oliver Krueger and Crawford Currie have stepped down from the board.  George Clark was reelected as a board member. Lynnwood Brown and Julian Levens were elected into the board. All three accepted their election. The “new” board consists of: Paul Harvey, Michael Daum, Lynnwood Brown, Julian Levens and George Clark. The Board of Directors met on 23rd May 2014.  Lynnwood Brown was elected as Chairman, and Julian Levens  as treasurer. The complete minutes of both meetings can be found at: FifthGeneralAssemblyMinutes and AssociationBoardMinutes20140523

Release 1.2

We are beginning the release process for Foswiki 1.2 and wanted to pass along the news. George Clark agreed to serve as the Release Manager for Foswiki 1.2. There has been a lot of excellent work done on Foswiki 1.2, and it’s time to get it out.   See Development.ReleasePlan for details of what’s in the release. We will be starting regular release meetings to drive forward the release process.   We are still in the early stages of picking a schedule for the meetings.  Given the time zones involved it appears that a weekday around 1200Z seems to be mostly waking hours for many of our developers.  Release meetings will be held in the #foswiki channel on IRC,  and we’ll start off with bi-weekly meetings. Meetings will be limited to 1 hour if possible. Check out your timezones. If you have any opinions regarding the proposed schedule, please speak up!   Everyone is welcome to participate in the release process.  Planned agenda for the meetings:

  • Release blocker review
  • Other task review
  • Testing and usability feedback
  • Feature request review (limited … we are in feature freeze)

In the meantime if you have a favorite task that has not seen much activity, please mark it urgent so it bubbles up to the top of the development effort.

Translations

We’ve established a new email list for the translators:  foswiki-translations@lists.sourceforge.net. We will use this new email list to keep the translators up to date with the efforts.   You can subscribe here:  https://lists.sourceforge.net/lists/listinfo/foswiki-translations.  Please pass along this information to anyone else in your organizations who might be willing to help in keeping Foswiki translations current.

Task Teams

In the annual meeting, the Foswiki Association decided to retire several of our Task Teams.  The Translation team is being split into the Infrastructure and Release task teams.   Translation is integral to each new Foswiki release.   You can see the current and past team information here: http://foswiki.org/Community/TaskTeam.If you can help with any of the teams, please let us know.

Foswiki Infrastructure

And last but not least, we have some critical decisions to make regarding the Foswiki infrastructure:

  • The infrastructure team is working on migrating from subversion to github as our primary repository.   We’ve been running github in parallel with svn for several years now and we hope to complete the migration to git prior to the branching of Foswiki 1.2 from trunk.
    • We are proposing making github the primary Foswiki repository under the “Foswiki” github account:
      • The current flow   svn -> (git-svn repo) -> github would be reversed.
      • Core + Default extensions would be in one github repository under the Foswiki account.
      • Each non-default extension will be in it’s own github repository under the Foswiki account
      • Users will also be able to release extensions from their own github accounts.
    • The Tasks web would still be used as our tracker for extensions in the Foswiki github account.
      • It is yet to be determined if we will make any effort to support extensions released from other non-Foswiki github accounts using the Tasks web, vs. using the github tracker.
    • We will still maintain a foswiki-owned repository but it will be a mirror of the github environment.
    • We are still working on a way to map the historical svn rev numbers into git commit identifiers.   Because of differences in how git and svn record a change, it’s possible for one svn checkin to result in multiple git commits,  so it’s not a 1:1 relationship.
    • We also need to work out a good mechanism for updating the tasks web with each github commit.
  • The Pootle server (http://translate.foswiki.org/) is down due to an issue encountered during a system upgrade, and we are taking this opportunity to review tools and decide if there might be a better alternative.
    • Pootle integration to scm tools like subversion or git has been difficult, and only translates one branch.
    • Weblate (http://weblate.org/) appears to be similar to Pootle, but has very tight github integration,  and can translate across multiple branches.
    • Other suggestions are welcome.
    • If anyone here has experience with Weblate and git integration, we need assistance in working though the integration requirements and implementation.

As you can see,  there is much to be done.  Please help if you can! Thanks, George Clark On behalf of the Foswiki Association Board.

Foswiki 1.1.9 Virtual Machine now available

The Foswiki Virtual Machine image, built for VMWare player, VirtualBox and other VM software has been updated to the latest OS and Foswiki.

  • Foswiki is is updated to 1.1.9, with some optional plugins
  • The FastCGIEngineContrib is installed, and mod_fcgid is  enabled on apache for improved performance.
  • The ImagePlugin is installed for improved graphics handling.
  • The OS has been refreshed and updated to Ubuntu 12.04.4 LTS

See Support.VirtualMachineImages for instructions, and Download.DownloadVirtualMachineImage for the downloads.

Foswiki 1.1.9 released

On behalf of the entire Foswiki community, I’m pleased to announce that Foswiki release 1.1.9 is available for download. 5 years ago, November 19th, 2008, the Foswiki name was announced. Since then, the project has made approximately 20 releases of Foswiki. This release builds upon the collective effort of many developers and sponsors across the 5+ year project history. Foswiki Release 1.1.9 is a security, performance and bug-fix release. It comes with 44 bug fixes relative to 1.1.8. For those of you that can’t wait to get their hands on it: head over to the download page http://foswiki.org/Download/FoswikiRelease01x01x09. Bugs can be reported on http://foswiki.org/Tasks/CreateNewTask Fos­wiki-1.1.9 will be the last re­lease on the 1.1.x branch hope­fully and work on the new 1.2.0 re­lease starts from now on. Fos­wiki-1.2.0 will have a cou­ple of im­por­tant fixes on board that didn’t make it into 1.1.9 but that’s an­other story. Stay tuned. And a special thanks to all the developers, testers, translators, bug reporters and everyone in the Foswiki community who made Foswiki 1.1.9 possible. On behalf of the Foswiki Association and the entire Foswiki Community: Please enjoy Foswiki 1.1.9 George Clark Release manager for 1.1.9

Highlights of Foswiki 1.1.9 release

 Security, Performance and Bug-fix Release

 For users:

  • 44 bug fixes relative to 1.1.8
  • Ships with jQuery 1.10.1, jQuery-2.0.2 and jQuery-ui-1.10.3.
  • JQuery 2.x is the fastest, lightest JQuery, for an improved user experience.

For administrators:

  • Fixes several code issues that would block migration to recent versions of perl and certain CPAN modules.
  • Resolves two important performance issues, accumulation of CSS by TablePlugin, and a major memory leak for certain search strings.
  • Security changes:
    • TOPICLIST macro no longer reveals names of view restricted topics
    • username and password URL params are restricted to POST to the login script
    • Additional sanitizing of the URL path is performed.

See the ReleaseNotes for details and other changes

Getting help & providing feedback

Don’t forget to use the upgrade or installation guides. If you need help, there are several options:

We want to hear from you! Especially if you have noticed a bug, have some ideas we could use, or just want to contribute:

Upgrade Instructions

Always remember to run configure and save the configuration after an upgrade to check for configuration changes.

Changes to login using URL parameters

All versions of foswiki previously allowed the username and password parameters to be provided on the URL. For ex: bin/view/Myweb/SomeTopic?username=JoeUser;password=SEcrET This has been changed to further restrict login.

  • username and password will only be accepted on POST type operations. a simple GET url with username and password will not accept the supplied credentials.
    • The previous behaviour can be restored by enabling $Foswiki::cfg{Session}{AcceptUserPwParamOnGET} in the configuration
  • username and password will only be accepted as login credentials on the view, viewauth and loginscripts.
    • Other scripts can be authorized by configuring $Foswiki::cfg{Session}{AcceptUserPwParam}

JQuery upgrade

This release ships with several upgraded versions of JQuery including:

  • jQuery 1.10.1,
  • jQuery-2.0.2
  • jQuery-ui-1.10.3

The default jQuery release is changed to version 1.8.3. The deprecated jQuery Tooltip plugin is replaced with the new jQuery UI::Tooltip. Before upgrade, determine if any topics or plugins JQREQUIRE “tooltip”.   Those topics or plugins need to be upgraded to use the new UI::Tooltip.  Upgraders should visit bin/configure and make the following changes to the JQuery configuration:

  • Update {JQueryPlugin}{JQueryVersion} to version 1.8.3
  • Disable {JQueryPlugin}{Plugins}{Tooltip}{Enabled} and
  • Enable {JQueryPlugin}{Plugins}{'UI::Tooltip'}{Enabled}

The following optional plugins:ClassificationPlugin, HarvestPlugin, ImagePlugin, NatSkin, SolrPlugin  are known to use tooltip and if installed, will require an upgrade to the latest version. You might also start using jquery-2.0.2 to get the best performance and configure jQuery-1.10.1 to be served to old Internet Explorers automatically:

  • Update {JQueryPlugin}{JQueryVersion} to version 2.0.2
  • Set {JQueryPlugin}{JQueryVersionForOldIEs} to version 1.10.1

Upgrade package includes the Sandbox.WebHome topic

The topic creator script was improved in 1.1.7, and the Sandbox topic was included in the upgrade package. Normally WebHome topics are never shipped in an upgrade package.

Module version strings and new module dependency since 1.1.6

The Foswiki and default extension version strings have been changed from a developer oriented string Foswiki-1.1.5, Tue, 10 Apr 2012, build 14595, to a simple perl version string – “v1.1.6″. The “RELEASE” string will continue to be more descriptive and can be displayed with a new macro %WIKIRELEASE%. This adds a new dependency on version 0.77 – the Perl module version class.

  • Sites using Perl 5.10.1 or newer have the correct version of version.
  • Sites on older versions of perl should install the latest version using CPAN or their system’s package manager.

Before upgrading, verify that the installed version of CPAN:version is at least version 0.77. If not, upgrade CPAN:version before attempting to upgrade Foswiki!
This is how to test your version of “version”:

perl -Mversion -e ‘print “$version::VERSION\n”‘

0.9901

New setting needed for PatternSkin

If PatternSkin is installed on an older Foswiki, or the Foswiki-upgrade package is used to upgrade an existing Foswiki system, there is a new required setting that must be added to Main.SitePreferences.

   * Set PATTERNSKIN_JQUERY_THEME = PatternSkinTheme

The new System.DefaultPreferences topic shipped with the upgrade package does have this setting, but if you have customized you DefaultPreferences, then this needs to be added. Also, you’ll need to go through one save cycle of configure to register the new JQuery pattern theme in the configuration. (If configure reports no changes, make a minor change and save again, and configure will merge in the changed settings). Or edit the LocalSite.cfg file by hand and add

$Foswiki::cfg{JQueryPlugin}{Themes}{PatternSkinTheme}{Url} = '$Foswiki::cfg{PubUrlPath}/$Foswiki::cfg{SystemWebName}/PatternSkinTheme/jquery-ui.css';
$Foswiki::cfg{JQueryPlugin}{Themes}{PatternSkinTheme}{Enabled} = 1;

Other important things to know.

Most extensions released since Foswiki 1.1.6 have converted to formal perl version strings. version->declare('v1.1.6'). The PatchFoswikiContrib must be installed on older versions of Foswiki before installing any of these extensions on older Foswiki versions. Note that they have not been tested on Foswiki 1.0

Installation

Please refer to the INSTALL.html which can be found the downloaded tgz/zip.

License

  • This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
  • This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
  • See the GNU General Public License for more details, published at http://www.gnu.org/copyleft/gpl.html

Release Details

Foswiki 1.1.8 released

While it’s been quiet in the blog lately, we’re back just in time for the latest release in the Foswiki 1.1 series, with a few general improvements but also a fixed security issue. In other words: you don’t want to miss the new Foswiki version! It’s available right now at http://foswiki.org/Download/FoswikiRelease01x01x08.

Be sure to pay attention to the upgrade instructions there, especially if you’re upgrading from Foswiki 1.1.5 or older.

In case you haven’t been following the release announcements elsewhere, I’ve included a brief description of the other releases you may have missed. If you want to know every last detail about all the changes in recent releases, look at the full release notes for the Foswiki 1.1 series.

Highlights of Foswiki 1.1.8 release

Security Release

Release 1.1.8 fixes a Critical Security Vulnerability. All previous releases of Foswiki are vulnerable to a security issue in Locale::Maketext. It is described further in SecurityAlert-CVE-2013-1666.  If your site runs with Internationalization enabled, you should upgrade to this release.

  • For users: 4 bug fixes relative to 1.1.7
  • For administrators: SSL Email works on newer versions of IO::Socket::SSL. (The prior fix in 1.1.7 was incomplete).

Highlights of Foswiki 1.1.7 release

Release 1.1.7 fixes a Critical Security Vulnerability. All previous releases of Foswiki are vulnerable to a security issue in Locale::Maketext. It is described further in SecurityAlert-CVE-2012-6329. A 2nd vulnerability in the Foswiki %MAKETEXT% macro was also discovered, and is described further in SecurityAlert-CVE-2012-6330 .

For users:

  • 20 bug fixes and 4 improvements relative to 1.1.6
  • WYSIWYG editor improves handling of WikiWord links. Changing the displayed WikiWord also updates the link target.
  • The default font has been restored to the attributes from 1.1.5. This prevents layout differences when upgrading to Foswiki 1.1.7

For administrators:

  • For sites using SSL accelerators and load balancers: A new expert configuration parameter {ForceDefaultUrlHost} can be enabled to force Foswiki to override the user entered URL with the {DefaultUrlHost} setting.
  • SSL Email works again on newer versions of IO::Socket::SSL
  • Pending registration requests now have a separate timer independent from the Session timer.
  • Removed undocumented dependency on updated HTML::TreeBuilder > 4.0

Highlights of Foswiki 1.1.6 release

For users:

  • More than 117 bug fixes and improvements relative to 1.1.5
  • TinyMCE has been updated to release 3.4.9
  • Markup within input fields is no longer rendered
  • The Chili syntax highlighter has been enabled by default

For administrators:

  • Duplicate email checks are applied to pending registrations.
  • Stale pending registrations are removed.
  • Configure makes a backup before saving configuration changes
  • Performance problems with Rename and Log Rotation have been addressed.