This is where announcements of new releases, features, and other news are posted. IkiWikiUsers are recommended to subscribe to this page's RSS feed.
ikiwiki 3.20160728 released with these changes
- Explicitly remove current working directory from Perl's library search path, mitigating CVE-2016-1238 (see Debian bug #588017)
- wrappers: allocate new environment dynamically, so we won't overrun the array if third-party plugins add multiple environment variables.
- Standards-Version: 3.9.8 (no changes required)
News for ikiwiki 3.20160506:
To mitigate CVE-2016-3714 and similar ImageMagick security vulnerabilities,
[[!img ]] directive is now restricted to these common web formats by
- JPEG (
- PNG (
- GIF (
- SVG (
(In particular, by default resizing PDF files is no longer allowed.)
Additionally, resized SVG files are displayed in the browser as SVG instead of being converted to PNG.
If all users who can attach images are fully trusted, this restriction can be removed with the new img_allowed_formats setup option. See img for more details.
ikiwiki 3.20160506 released with these changes
- [ Simon McVittie ]
- HTML-escape error messages, in one case avoiding potential cross-site scripting (CVE-2016-4561, OVE-20160505-0012)
- Mitigate ImageMagick vulnerabilities such as CVE-2016-3714:
- img: force common Web formats to be interpreted according to extension, so that "allowed_attachments: '*.jpg'" does what one might expect
- img: restrict to JPEG, PNG and GIF images by default, again mitigating CVE-2016-3714 and similar vulnerabilities
- img: check that the magic number matches what we would expect from the extension before giving common formats to ImageMagick
- d/control: use https for Homepage
- d/control: add Vcs-Browser
- [ Joey Hess ]
- img: Add back support for SVG images, bypassing ImageMagick and simply passing the SVG through to the browser, which is supported by all commonly used browsers these days. SVG scaling by img directives has subtly changed; where before size=wxh would preserve aspect ratio, this cannot be done when passing them through and so specifying both a width and height can change the SVG's aspect ratio.
- loginselector: When only openid and emailauth are enabled, but passwordauth is not, avoid showing a "Other" box which opens an empty form.
- [ Amitai Schlair ]
- mdwn: Process .md like .mdwn, but disallow web creation.
- [ Florian Wagner ]
- git: Correctly handle filenames starting with a dash in add/rm/mv.
ikiwiki 3.20160121 released with these changes
- [ Amitai Schlair ]
- [ Joey Hess ]
- emailauth: Added
page.tmplto to set html
dir=when values have been specified for them, which the does.
- emailauth: Added
- [ Simon McVittie ]
.git/config. This resolves commit errors in versions of git that require a non-trivial committer identity.
: if no committer identity is known, set it to
- inline, trail: rename
feedlimit(with backwards compatibility)
- pagestats: add
showoption to show meta fields. Thanks, Louis
- inline: force RSS
<comments>to be a fully absolute URL as required by the W3C validator. Please use Atom feeds if relative URLs are desirable on your site.
- inline: add
<atom:link rel="self">to RSS feeds as recommended by the W3C validator
- inline: do not produce links containing
- syslog: accept and encode UTF-8 messages
- syslog: don't fail to log if the wiki name contains
- Change dependencies from transitional package perlmagick to libimage-magick-perl (Closes: #789221)
- debian/copyright: update for the rename of
- d/control: remove leading article from Description (lintian: description-synopsis-starts-with-article)
- d/control: Standards-Version: 3.9.6, no changes required
- Wrap and sort control files (
- Silence "used only once: possible typo" warnings for variables that are part of modules' APIs
- Run autopkgtest tests using autodep8 and the pkg-perl team's infrastructure
- Add enough build-dependencies to run all tests, except for non-git VCSs
- tests: consistently use
t/img.t: do not spuriously skip
- img test: skip testing PDFs if unsupported
- img test: use the right filenames when testing that deletion occurs
- : if no committer identity is known, set it to
ikiwiki 3.20150614 released with these changes
- inline: change default sort order from age to "age title" for determinism, partially fixing deterministic build for git-annex, ikiwiki-hosting etc. (Closes: #785757)
- img: avoid ImageMagick misinterpreting filenames containing a colon
- img test: set old timestamp on source file that will change, so that the test will pass even if it takes less than 1 second
ikiwiki-hosting is an interface on top of Ikiwiki to allow easy management of lots of ikiwiki sites. I developed it for Branchable, an Ikiwiki hosting provider. It has a powerful, scriptable command-line interface, and also includes special-purpose ikiwiki plugins for things like a user control panel.
To get a feel for it, here are some examples:
ikisite create foo.ikiwiki.net --admin http://joey.kitenet.net/ ikisite branch foo.ikiwiki.net bar.ikiwiki.net ikisite backup bar.ikiwiki.net --stdout | ssh otherhost 'ikisite restore bar.ikiwiki.net --stdin'
The ikiwiki.info domain has been moved to a new server. If you can see this, your DNS has already caught up and you are using the new server. By the way, the new server should be somewhat faster. --Joey
Ikiwiki has reached version 3.0 and entered a new phase in its development cycle.
The 3.0 release of ikiwiki changes several defaults and finishes some transitions. You will need to modify your wikis to work with ikiwiki 3.0. A document explaining the process is available in upgrade to 3.0.
The highlights of the changes in version 3.0 include:
- Support for uploading attachments.
- Can rename and remove pages and files via the web.
- Web based setup.
- Blog-style comments as an alternative to Discussion pages.
- Many other new plugins including htmlbalance, format, progress, color, autoindex, cutpaste, hnb, creole, txt, amazon s3, pinger, pingee, edittemplate
- The RecentChanges page is compiled statically, not generated from the CGI.
- Support for additional revision control systems: bzr, monotone
- Support for untrusted git push.
- A new version (3.00) of the plugin API, exporting additional
commonly used functions from
- Nearly everything in ikiwiki is now a plugin, from WikiLinks to page editing, to RecentChanges.
- Far too many bug fixes, features, and enhancements to list here.
Thanks to the many contributors to ikiwiki 3.0, including:
Jelmer Vernooij, Recai Oktaş, William Uther, Simon McVittie, Axel Beckert, Bernd Zeimetz, Gabriel McManus, Paweł Tęcza, Peter Simons, Manoj Srivastava, Patrick Winnertz, Jeremie Koenig, Josh Triplett, thm, Michael Gold, Jason Blevins, Alexandre Dupas, Henrik Brix Andersen, Thomas Keller, Enrico Zini, intrigeri, Scott Bronson, Brian May, Adeodato Simó, Brian Downing, Nis Martensen. (And anyone I missed.)
Also, thanks to the users, bug submitters, and documentation wiki editors. Without you, ikiwiki would just be a little thing I use for my home page.
I've produced a code_swarm visualization of the first 2+ years of ikiwiki's commit history.
PS, while I'm posting links to videos, here's a video of a lightning talk about ikiwiki.
Interesting things to watch for:
- Initial development of ikiwiki to the point it was getting web edits. (First 2 seconds of video!)
- Introduction to plugin support, and later, plugin changes dominating code changes.
- Introduction of openid support and the resulting swarm of openid commenters.
- Switch to git, my name in the logs changes from "joey" to "Joey Hess", and there are more code commits directly from others.
Getting the commit log was tricky because every web commit is in there too, so it has to deal with things like IPs and openids. The code swarm log.pl script will munge the log to handle these, and it was configured with code swarm.config.
Video editing by kino, ffmpeg, ffmpeg2theora, and too many hours of pain.
Audio by the Punch Brothers.
I was asked a good question today: How can a company find someone to work on ikiwiki? To help answer this question, I've set up a consultants page. If you might be interested in being paid to work on ikiwiki, please add your information to the page. --Joey
And here's the first company looking for an ikiwiki developer that I am aware of:
The TOVA Company, a small medical software and hardware company in Portland, Oregon, is looking for developers to add functionality to ikiwiki. We're looking for developers who are already familiar with ikiwiki development, including plugins, and who would be willing to work on a part-time, non-employee, project-based basis for each of the small features that we want. The features we're interested in would obviously be GPL'd, and released to the community (if they'll have them ). Please contact Andrew Greenberg (andrew@thetovacompany) if you're interested. Thanks!
I've gone ahead and moved ikiwiki.info to the faster box mentioned on server speed. Most poll respondants felt the old box was fast enough, but it's getting a bit overloaded with other stuff.
If you can see this, you're seeing the new server. If not, your DNS server hasn't caught up yet. I'll keep the old server up for a while too and merge any changes across since git makes that bog-easy.
Please report any problems..
ikiwiki.info has upgraded to the not yet released ikiwiki 2.30. This version of ikiwiki drops support for subscribing to commit mail notifications for pages. The idea is that you can subscribe to the new RecentChanges feed instead. (Or create your own custom feed of only the changes you're interested in, and subscribe to that.)
So if you were subscribed to mail notifications on here, you'll need to change how you keep track of changes. Please let me know if there are any missing features in the RecentChanges feeds.
Statically building the RecentChanges also has performance implications, I'll keep an eye on server speed..
I've put together a short screencast that covers approximatly the first half of the setup document, and includes a demo of setting up a blog using ikiwiki.
.. And now I've added a second screencast. Note that this uses a script that is only available in the as yet unreleased ikiwiki version 2.15.
Ikiwiki has reached version 2.0 and entered a new phase in its development cycle.
With the 2.0 release of ikiwiki, some major changes have been made to the default configuration:
usedirssetting is enabled by default. This will break all URLs to wikis that did not have
usedirsturned on before, unless you follow the procedure described at switching to usedirs or edit your setup file to turn
usedirs => 0,
- OpenID logins are now enabled by default, if the
Net::OpenID::Consumer perl module is available. Password logins
are also still enabled by default. If you like, you can turn either OpenID
or password logins off via the
An overview of changes in the year since the 1.0 release:
- New improved URLs to pages via
- OpenID support, enabled by default.
- Plugin interface added, with some 60 plugins available, greatly expanding the capabilities of ikiwiki.
- Tags, atom feeds, and generally full-fledged blogging support.
- Fully working utf8.
- Optimisations, approximately 3.5 times as fast as version 1.0.
- Improved scalability to large numbers of pages.
- Improved scalable logo.
- Support for additional revision control systems besides svn: git, tla, mercurial.
- Some support for other markup languages than markdown: rst, textile.
- Unit test suite, with more than 300 tests.
Integrated issue tracking with Ikiwiki by Joey Hess is now available on LinuxWorld.com. (LinuxWorld's author contract also allows this article to become part of the project's documentation.) Learn how to use Ikiwiki inlining and PageSpecs for lightweight workflow. Joey also explains how having the BTS and docs in the project's revision control system can help users of distributed revision control systems keep bug tracking info in sync with code changes.
Quick poll: Do you feel that ikiwiki is fast enough on this server, or should I move it to my much beefier auxiliary server?
It's fast enough (80%)
It's too slow! (12%)
No opinion (8%)
Total votes: 50
If you have specifics on performance issues, you might mention them on the discussion page.
Ikiwiki is now hosted at Branchable.
Ikiwiki now has an IRC channel:
#ikiwiki on irc.oftc.net
The channel features live commit messages for CIA for changes to both ikiwiki's code and this wiki. Plus occasional talk about ikiwiki.
Thanks to JoshTriplett for making this happen.
Ikiwiki has its own domain now, ikiwiki.info. Update your links.
Ikiwiki in svn now has support for using OpenID, a decentralized authentication mechanism that allows you to have one login that you can use on a growing number of websites.
Traditional password-based logins are still supported, but I'm considering switching at least ikiwiki.info over to using only OpenID logins. That would mean blowing away all the currently registered users and their preferences. If you're active on this wiki, I suggest you log out and log back in, try out the OpenID signup process if you don't already have an OpenID, and see how OpenID works for you. And let me know your feelings about making such a switch. --Joey
Accept only OpenID for logins (51%)
Accept only password logins (14%)
Accept both (33%)
Total votes: 149
Some people may consider ikiwiki's default look to be a bit plain. Someone on slashdot even suggested perhaps it uses html 1.0. (Yes, an ikiwiki site has survived its first slashdotting. With static html, that's not very hard..) While the default style is indeed plain, there's more fine-tuning going on than you might think, and it's actually all done with xhtml and style sheets.
Stefano Zacchiroli came up with the idea of adding a css market page where IkiWikiUsers can share style sheets that you've come up with for ikiwiki. This is a great idea and I encourage those of you who have customised stylesheets to post them.
I'm also always looking for minimalistic yet refined additions to the default style sheet, and always appreciate suggestions for it.