This is the release notes for XWiki Commons, XWiki Rendering and XWiki Platform. They share the same release notes as they are released together and have the same version.

This release provides 2 new features: a dedicated UI to see what's new in XWiki ecosystem directly in XWiki instances, and a new macro to allow display easily icons in XWiki pages. Besides those features, it also includes a lot of bug fixes and some fixes for important security vulnerabilities. Don't forget to check out the migration notes as it comes with few backward compatibility breakage.

New and Noteworthy (since XWiki 15.1)

Full list of issues fixed and Dashboard for XWiki 15.2-rc-1.

For Users

Icon Macro

 
A new icon macro has been introduced. It supports displaying an icon from the current or a chosen icon set and can thus be used to display icons that are consistent with XWiki's UI.

What's New in XWiki

 
Displays news about XWiki and its ecosystem, directly into your XWiki instance.

For Admins

No changes!

For Developers

• Add parameters to the CKEditor html conversion request: A new xwiki:ckeditor:convertHTML event is send before a request to convert some content to HTML is sent by CKEditor. Listeners can add new request parameters by add properties on the data object send with the event. The example below show how to add an example parameter with value 1.

  $(document).on('xwiki:ckeditor:convertHTML', function(event, data) {
      data.example = 1;
  });

• Allow to chose conflict fallback version when merging: The storage merge API have been improved in order to allow consumers of the API to define what should be the fallback versions to use in case of merging conflicts: by default the version is still the current version element, but it's now also possible to chose the next version element.

Upgrades

The following runtime dependencies have been upgraded (they have a different release cycle than XWiki Commons, XWiki Rendering and XWiki Platform):

• dompurify 3.0.0
• jsTree 3.3.15
• node v18.14.0
• paged.js 0.4.1
• Logback 1.3.6
• Netty 4.1.90.Final
• JGroups 5.2.13
• Byte Buddy 1.14.2
• Rome 1.19.0
• Rome 2.1.0
• Groovy 3.0.16
• Plexus Utils 3.5.1
• log4j API 2.20.0
• jsoup 1.15.4
• Docker Java to 3.3.0
• Hibernate 5.6.15
• Tika 2.7.0
• PostgresSQL connector 42.5.3
• Protostream 4.6.1.Final
• commons-fileupload 1.5
• Closure Compiler v20230206
• Closure Compiler v20230228
• JAXB Runtime 2.3.8
• Commons CSV 1.10.0
• Maven to 3.9.0 and Resolver to 1.9.7
• Protobuf Java 3.22.2
• Infinispan 14.0.7
• JFFI 1.3.11
• Liquibase 4.20.0
• Checker Qual 3.32.0
• Caffeine 3.1.5
• Plexus Archiver 4.6.2
• JSqlParser 4.6
• Snakeyaml 2.0

Translations

The following translations have been updated: 

• German
• Dutch

Tested Browsers & Databases

Here is the list of browsers we support and how they have been tested for this release:

	Browser	Tested on:
	Mozilla Firefox 111	Jira Tickets Marked as Fixed in the Release Notes
	Google Chrome 112	Tests run and results
	Microsoft Edge 111	Not Tested
	Safari 16	Not Tested

Here is the list of databases we support and how they have been tested for this release:

	Database	Tested on:
	HyperSQL 2.7.1	Not Tested
	MariaDB 10.11	Jira Tickets Marked as Fixed in the Release Notes
	MySQL 8	Not Tested
	PostgreSQL 15	Tests run and results
	Oracle 19c	Not Tested

Here is the list of Servlet Containers we support and how they have been tested for this release:

	Servlet Container	Tested on:
	Tomcat 9.0.73	Jira Tickets Marked as Fixed in the Release Notes Tests run and results
	Jetty 10.0.12 (XWiki Standalone packaging)	Not Tested
	Jetty 10.0.12	Not Tested

Known issues

• Bugs we know about

Backward Compatibility and Migration Notes

General Notes

• When upgrading make sure you compare and merge the following XWiki configuration files since some parameters may have been modified, removed or added:
  • xwiki.cfg
  • xwiki.properties
  • web.xml
  • hibernate.cfg.xml
• Add xwiki.store.migration=1 in xwiki.cfg so that XWiki will attempt to automatically migrate your current database to any new schema. Make sure you backup your Database before doing anything.

Issues specific to XWiki 15.2-rc-1

HTML Cleaning behaviour changed

To fix a security vulnerability, restricted HTML cleaning now removes form-related HTML elements (in particular, form, input, select, textarea, and button). This should only affect HTML and raw macros that are authored by users without script right. In case of any issues, they can be allowed again by adding them to the xml.htmlElementSanitizer.extraAllowedTags configuration option in xwiki.properties.

New restrictions on document revisions

Old or deleted revisions of documents are displayed in a restricted mode that prevents the execution of script macros. This also affects the rendered diff. This may lead to unexpected errors, a warning for this is displayed for advanced users or if there is an actual error in the output. The same applies to the edit action if the request is not verified with a form token - the standard ways for creating documents shouldn't be affected by this but custom implementations might need to be adapted to avoid being affected by this change. In case you're using a lot of script macros in regular content, you could consider creating and using wiki macros instead that cover your most-used script features.

API Breakages

The following APIs were modified since XWiki 15.1:

Real breakages

Real backward compatibility breakages that we have unwillingly accepted to do for the reasons mentioned in each violation below.

• Change needed to provide a merge operation taking into account the configuration: we cannot provide a default method as it would wrongly give the feeling that the operation succeeded. We consider this breaking change acceptable since it's unlikely anyone directly implements this interface.
  • Violation type:
    java.method.addedToInterface
  • Code:
    ## Old:
    
    
    ## New:
    method org.xwiki.store.merge.MergeManagerResult<com.xpn.xwiki.objects.ElementInterface, java.lang.Object> com.xpn.xwiki.objects.ElementInterface::merge(com.xpn.xwiki.objects.ElementInterface, com.xpn.xwiki.objects.ElementInterface, com.xpn.xwiki.doc.merge.MergeConfiguration, com.xpn.xwiki.XWikiContext)

Unstable APIs

Not real backward compatibility breakages since they were done on APIs marked @Unstable (a.k.a Young APIs). Thus it's part of the contract that they can be broken until they become stable. They're listed purely for reference in case you decided to still use them (and thus agreed to be broken).

• Young API
  • Violation type:
    java.method.addedToInterface
  • Code:
    ## Old:
    
    
    ## New:
    method int java.lang.Comparable<T>::compareTo(T) @ org.xwiki.whatsnew.NewsSourceItem

Credits

The following people have contributed code and translations to this release (sorted alphabetically):

• Alex Cotiugă 
• Jesse Veentjer 
• Manuel Leduc 
• Marius Dumitru Florea 
• Michael Hamann 
• Oana-Lavinia Florean 
• Sereza7 
• Simon Urli 
• Simpel 
• Thomas Mortagne 
• Vincent Massol 
• dependabot[bot]