Setup:Release Notes: Difference between revisions

No edit summary
Tag: 2017 source edit
No edit summary
Tag: 2017 source edit
Line 133: Line 133:
=== <span class="mw-headline">Notable changes</span> ===
=== <span class="mw-headline">Notable changes</span> ===

Revision as of 15:32, 30 September 2022

Download latest version

©2022 by Hallo Welt! GmbH,


BlueSpice 4.2.1 is a patch release. This is a stable release.

  • XSS vulnerability in BlueSpiceDiscovery (#29419)
BlueSpiceDiscovery skin had a XSS vulnerability.
  • XSS vulnerability in BlueSpiceFoundation (#29426)
BlueSpiceFoundations extension had a XSS vulnerability.
  • XSS vulnerability in BlueSpiceUserSidebar (#29429)
The BlueSpiceUserSidebar extension had a XSS vulnerability.
  • XSS vulnerability in BlueSpiceCustomMenu (#29430)
BlueSpiceCustomMenu extension had a XSS vulnerability.
  • XSS vulnerability in BlueSpiceBookshelf (#29431)
BlueSpiceBookshelf extension had a XSS vulnerability.
  • BlueSpicePageTemplates - Option "Force target namespace" doesn't offer all templates (#18435)
The option “Force target namespace” didn't offer all existing templates, but only the templates in the target namespace. Now all existing templates are available.
  • BlueSpiceSocialBlog - Teaser text does not display links (#25409)
When creating a new blog post, links in the teaser text were not clickable.
  • BlueSpiceUEModuleTable2Excel - Exported file breaks if additional columns are selected (#26345)
If a user wanted to export a list from the UserManager and selected one of the additional columns, the exported file broke.
  • BlueSpiceEchoConnector - Translation issues for workflow notifications and mails (#27250)
There were some incorrect translations in workflow notifications and mails.
  • BlueSpiceFoundation - Wrong toast notification is shown after logout (#27511)
After a user logged out, the wrong notification was displayed, which said “You are now logged in”.
  • BlueSpicePageTemplates - Inconsistent behavior for creating new pages via URL (#28411)
Although PageTemplates were disabled in a namespace, the templates were offered when a new page was created via URL.
  • BlueSpiceInsertCategory - Top category is not selectable in the category editor (#28865)
It was not possible to select the top category in the category editor.
  • BlueSpicePermissionManager - Switching between the settings transfers permissions (#29081)
If a user changed from a private or protected wiki to the custom preset, the settings of the previous permission concept were adopted.
  • BlueSpiceSocial - Answer with spaces or breaks only is allowed in blog (#29103)
It was possible to create an answer that contained only spaces or breaks in the blog.
  • BlueSpiceReminder - Invalid dates can be set (#29105)
It was possible to set invalid dates for the reminder.
  • BlueSpiceCategoryManager - Nesting of the categories is displayed incorrectly (#29106)
The nesting in the CategoryManager was displayed incorrectly. Top categories were displayed below sub categories or disappeared completely as soon as they were expanded.
  • BlueSpiceDistributionConnector - Workflow Trigger can be saved without initial data (#29115)
Workflow triggers based on events or semantic properties could be saved without specifying the initial data for the workflow.
  • BlueSpiceExtendedSearch - Autocomplete is cut off when 'Use simple autocomplete' is enabled (#29132)
If the option “Use simple autocomplete” in the ConfigManager was enabled, the autocomplete in the search war was cut off.
  • BlueSpiceSocial - Cursor in the editor of the blog not visible (#29280)
The cursor in the editor of the blog was not visible.
  • BlueSpiceFlaggedRevsConnector - SMW property is not updated via approval workflow (#29281)
After approving a page via approval workflow the semantic property “QM state” was not updated properly.
  • BlueSpiceDiscovery - Using __HIDETITLE__ causes the VE toolbar to disappear (#29350)
If __HIDETITLE__ was used, the VE toolbar was not visible in edit mode.
  • BlueSpiceWhoIsOnline - Online status of authors not announced (#29473)
The online status of authors was not announced by screenreaders.
  • BlueSpiceSocial - Styling issues on Special:Watchlist (#29512)
On the page Special:Watchlist, the alignment of the blue dots has been corrected as well as the adjustment of spaces between the “Social entities” checkbox and the “Show” button.
  • BlueSpiceDiscovery - Wrong z-index responsible for displaying the dropdown behind VE toolbar (#29580)
A wrong z-index causes the dropdown to be displayed behind the VE toolbar.
  • BlueSpiceInsertCategory - Using __HIDDENCAT__ doesn't work (#29633)
When using __HIDDENCAT__ the categories were still displayed on the corresponding page.
  • BlueSpiceCategoryManager - Allow deselection of categories in the CategoryManager (#29658)
For better handling, it is now possible to both deselect and select categories in the CategoryManager.
  • BlueSpiceWhoIsOnline - Pop does not show up (#29666)
When using the magic word WhoIsOnlinePopup, the popup didn't show up.
  • BlueSpiceDiscovery - Approve button cannot be activated with keyboard (#29480)
It wasn't possible to approve a page by openeing the link to the approve dialog with the keyboard.
  • Hard deprecate RepoGroup::singleton and remove a release later (T249020 )


BlueSpice 4.2 is a minor release. This is a stable release. It is the second public release of the BlueSpice 4 major line.


Notable changes

  • Word Import
    • New extension "ImportOfficeFiles"
    • Enables the import of a word file as a wiki page
    • Includes the following features:
      • Import: easy import via "New" button
      • Split content: creating subpages based on the heading level in the word file
      • Preview: the structure, content and the image files to be imported can be previewed
      • Page collection: creation of an overview page with all generated wiki pages, which can be used for creating a book
  • New Page Templates
    • Now BlueSpice includes useful page templates for a variety of use cases
    • It is possible to customize or disable them if required
  • Improved Upload
    • New extension "EnhancedUpload"
    • Enables easier uploading
    • Includes the following features:
      • Files can now be dragged and dropped directly onto a wiki page without any further intermediate step
        • Images are embedded as a thumbnail
        • Documents are embedded as a link
      • A list of files can be included anywhere on a wiki page using an <attachments /> tag directly from the visual editor
        • This feature replaces the previous attachments area at the bottom of the page
      • The special page for uploading was overwritten and redesigned with focus on user-friendliness
        • Much leaner and modern design based on the Discovery skin
        • Bundles the functionality of multiupload
  • Advanced Blog permissions
    • Now it is possible to assign more precise permissions in a blog
    • The creation and reading of blog entries as well as comments can be restricted to specific user groups
  • Workflow Triggers and advanced activities
    • Workflows have been enhanced with the following features:
      • Workflow Triggers: Workflows can be triggered automatically according to various criteria, e.g. after a page is created, edited or by date
      • Activity "SetTemplateParams": Template parameters can be edited by workflows
      • Activity "EditPage": Wiki pages can be edited via workflow
  • New dialog for PDF export
    • Refactoring of the already existing export options of a wiki page
    • For better maintainability of the functions
  • Navigation Menu Editor
    • Graphical user interface allows editing of the left sidebar as well as the user menu via drag and drop
    • Allows to embed the name of a wiki page, external links as well as interwiki links
  • Tag Inspectors
    • Dialogs for tags are now offered in the Visual Editor
    • Previously only possible via source code editor

Extensions added

  • mw:Extension:CodeMirror (#28500)
    • Enables highlighting wikitext syntax in the source code editor of a wiki page
  • mw:Extension:HeaderFooter (#27822)
    • Enables to insert a header or footer in the content area of a page (on page basis or on namespace basis)
  • ImportOfficeFiles (#27697, #27698)
    • Enables the import of a word file as wiki page
  • mw:Extension:InviteSignup (#27980)
    • Enables wiki users to be invited by an administrator
  • MenuEditor (#27548)
    • Enables editing of the main navigation via a graphical user interface
  • mw:Extension:OpenIDConnect (#28644)
    • Extends the PluggableAuth extension to provide authentication using OpenIDConnect
  • mw:Extension:SubpageList (#28620)
    • Enables the creation of subpage lists on wiki pages
  • EnhancedUpload (#27559, #27558, 27833)
    • Enables better upload functionalities as well as multiupload

Extensions removed

  • Bootstrap (#28141)
    • Removed as part of the BlueSpice 3 "Calumma" skin
  • BlueSpiceCalumma (#28141)
    • BlueSpice 3 standard skin (Chameleon-Skin)
  • BlueSpiceLatexRenderer (#26056, #27460)
    • Replaced by mw:Extension:Math
  • BlueSpiceNamespaceCSS (#27821)
    • Namespace-specific CSS is no longer defined separately via individual CSS pages
    • Using the namespace CSS class, styles are defined directly in the MediaWiki:Common.css global stylesheet
  • BlueSpiceSocialWikiPage (#27508, 27833)
    • BlueSpiceSocialWikiPage provided function to create page attachments
    • Has been replaced by the <attachments /> tag from the extension EnhancedUpload
  • BlueSpiceServiceCenter (#28679)
    • Formerly bundled TagSearch and a few templates, that have been integrated in other extensions

Changes in BlueSpice 4.2 free

  • Remove BlueSpicePrivacy from BlueSpice free (#28722)
    • BlueSpicePrivacy extension is only available in BlueSpice pro
  • Remove PluggableAuth from BlueSpice free (#28721)
    • PluggableAuth extension is only available in BlueSpice pro
  • Remove SimpleSAML.php from BlueSpice free (#28721)
    • SimpleSAML.php extension is only available in BlueSpice pro

Changes and bugfixes

  • Workflows - Missing data for workflows overview (#27247)
    • The overview of the workflows has been improved. From now on, all workflows are listed, which can now also be sorted and filtered.
  • Workflows - User "BSMaintenance" is quite confusing (#27796)
    • If an approval workflow was successfully completed, the user "BSMaintenance" was entered as the final approver. This turned out to be very confusing, which is why the behaviour was changed at this point. Now the "Single User Approval" workflow will use the assigned user to approve the page and "Expert Document Control" workflow will use the last user to approve the page.
  • Workflows - Implement overview "Workflows related to this page" in all actions (#28184)
    • The overview of all workflows that are executed on a page and all workflows that are active on a specific page is already implemented. This information should be more easily accessible, which is why it has also been implemented in "...all actions".
  • InviteSignUp - Implement InviteSignUp in FREE and make it usable (#28260)
    • Through a feature request it was decided to offer this cloud feature also in the BlueSpice free version. In addition the functionality has been revised again.
  • Forms - Add "Send email" functionality (#28286)
    • The functionality "Send email" was added to the forms editor, which allows to create forms with mail function.
  • BlueSpicePageTemplaes - Use styling of MyTasks for PageTemplates (#28418)
    • The card styling, which is already known from the page "MyTasks", has now also been adopted for the selection of PageTemplates.
  • [bug] BlueSpiceReminder - Emails are not sent (#24760)
    • No reminder emails were sent after a reminder was created. This is now fixed.
  • [bug] BlueSpiceCategoryManager - Original category name still exists after renaming (#28179)
    • After renaming a category in the CategoryManager, the original category still existed. This is now fixed since the original category name is deleted and a redirect is created for the former category page.
  • [bug] BlueSpicePageAssignments - Set page assignments in book manager doesn't work (#28324)
    • In the book manager a user was not able to set page assignments. This is now fixed.
  • [bug] BlueSpiceDiscovery - Anonymous page editor is shown as "System user" in title section (#28384)
    • If a page was edited by an anonymous user, the title section shows "Last edited by system user". This is now fixed.
  • [bug] BlueSpiceDiscovery - Category page produce heading "orphans" in Discovery (#28417)
    • Category pages produced heading "orphans" in Discovery skin. This is now fixed.
  • [bug] BlueSpiceVisualEditorConnector - "Inline-Style-Inspector" in Visual Editor is fragile (#28424)
    • The inline style inspector didn't show up sometimes when using the "double click". The behavior seemed to be very fragile, which is now fixed.
  • [bug] BlueSpiceVisualEditorConnector - Table needs more padding (#28768)
    • Tables with standard wikitable design looked very compressed, which made them hard to read. This is now fixed.
  • [bug] BlueSpiceDiscovery - "View deleted edits" link is shown twice (#28792)
    • The "View deleted edits" link was shown twice in Discovery skin. This is now fixed.
  • [bug] Workflows - Widget details in workflow details dialog are cut off (#28832)
    • The widget details in the workflow details dialog were too narrow and cut off. This is now fixed.
  • [bug] BlueSpiceBookshelf - Text nodes in book navigation are not shown (#28928)
    • If some text was linked in a book of a wiki page, then the navigation panel of the book navigation was broken and showed "<" instead. This is now fixed.
  • [bug] BlueSpiceVisualEditorConnector - Changing table width from 100% to auto does not work (#28956)
    • If a table was set to 100% and the user changed it to auto, the changes were not displayed in the view mode. This is now fixed.
  • [bug] BlueSpiceBookshelf - Button for mass add not clickable (#29033)
    • When a user was editing a book and wanted to use the "Mass add" function, the button was disabled and therefore not clickable. This is now fixed.
  • [bug] BlueSpiceFlaggedRevsConnector - QualityManagementOverview doesn't display any data (#29176)
    • The special page "QualityManagementOverview" didn't show any data. This is now fixed.
  • [bug] BlueSpiceDiscovery - Scrolling leads to losing the position of the dropdown menu in the dialog (#28943)
    • If a dialog had a dropdown menu and the page was scrolled at the same time, the dropdown lost its position. This is now fixed.
  • [bug] BlueSpiceFoundation - UserCombo input in semantic forms does not work (#19054)
    • There were some issues when using bs-usercombos in a form. This is now fixed.
  • [bug] BlueSpiceFlaggedRevsConnector - Changed resources are not displayed (#27232)
    • When an embedded resource was changed in an approved page, the status banner did not show details about the changed resource. This is now fixed.
  • [bug] BlueSpiceDiscovery - "Subpage" linklist breaks for certain page names (#28425)
    • If a user created a sub-page via a link list, it broke at certain page names. This is now fixed.
  • [bug] BlueSpiceFlaggedRevsConnector - Users with edit rights can approve a page via approval workflow (#25657)
    • A user with edit rights was able to approve a page via approval workflow. This is now fixed.


  • [security] PHP library guzzle has vulnerability (#28715)
Bumped version of PHP library guzzle to version 6.5.6 due to a potential Cross-domain cookie leakage. (CVE-2022-29248)
  • BlueSpiceDiscovery - Heading entrypoints is always displayed regardless of settings (#27701)
The heading “Entrypoints” was always displayed in the left sidebar. Now, if there are no entrypoint links, the heading is not shown.
  • BlueSpiceUserSidebar - Unknown language displayed for en-gb (#27901)
If the language en-gb was selected, entries from an unknown language appeared.This is now fixed.
  • BlueSpiceDiscovery - Missing arrangement of footer links when using mobile (#27922)
When using mobile, the footer links looked a bit shifted and not arranged correctly. Now they align correctly.
  • BlueSpiceDiscovery - Redlink turns blue after visiting the non-existing page (#27968)
A redlink became a blue link after visiting the non-existing page. Now redlinks stay red.
  • BlueSpiceVisualEditorConnector - Page jumps to the top after saving an edit (#27971)
After editing a long page, the position jumped to the top of the page after saving. This is now fixed.
  • BlueSpiceNamespaceManager - Enable `$wgExtraSignatureNamespaces` for all content namespaces (#27987)
It was not always possible to insert the signature from the editor toolbar. Now signatures can be inserted in all namespaces.
  • BlueSpiceSocial - Dropdown menu looks cut off (#28026)
In BlueSpiceSocial, there were some styling issues where dropdown menus were cut off. The menus display correctly now.
  • BlueSpiceDiscovery - `Data after content` visible if empty (#28226)
“Data after content” was visible in form of an empty box. The empty box is no longer shown.
  • BlueSpiceDiscovery - Overlay dropdown shows odd behavior on scroll (#28246)
The dropdown of a dialog didn't stay in the same position when scrolling. This is now fixed.
  • BlueSpiceDiscovery - Flickering during scrolling (#28261)
While scrolling a page, flickering occured at a specific size. Flickering should no longer appear in any window size.
  • BlueSpiceFoundation - Editors are allowed to restore deleted content (#28325)
In BlueSpice 4, editors were allowed to restore deleted pages, Now only admin users can do this..
  • BlueSpiceDiscovery - Proper sizing of table columns necessary (#28421)
Table columns were sometimes too narrow. Now they get appropriate adjustment based on column content.
  • BlueSpiceDiscovery - Dialog `...all actions` does not open anymore (#28423)
The dialog "…all actions" in the right sidebar could no longer be opened. This is now fixed.
  • BlueSpiceEchoConnector - Possible issues with opening links (#28426)
Customized skins based on Discovery didn't work properly. Links like “Alerts” and “Notices” couldn't be opened by a simple click. This is now fixed.
  • BlueSpiceDiscovery - Images are not responsive when using mobile (#28533)
Images did not behave responsively on smaller screens. Now they resize appropriately.
  • BlueSpiceUniversalExport - Existing page is not exported (#28574)
An existing page was not exported. Instead, an error message was shown referring to an outdated link to the version history of an already deleted page. The export now works.
  • BlueSpiceFoundation - `Forgot your password` link is missing when logging in (#28578)
The “Forgot your password?” link was missing on the login screen. This is now fixed.
  • BlueSpicePrivacy - First login for LDAP users not possible due to missing button when accepting privacy policy (#28808)
With LDAP enabled, the terms of service and the privacy policy could not be confiremd. Now, the button to confirm accepting those is visible.
  • Workflows - Fix styling of popup in workflow details dialog (#28457)
The popup in the workflow details dialog was broken and needed some adjustment regarding the styling. This is now fixed.
  • BlueSpiceDiscovery - Setting table width to 100% is not applied (#28461)
If the table width was set to 100%, the setting was not applied correctly. This is now fixed.
  • BlueSpiceExtendedSearch - Enable searching for original title in AC (#28653)
In the autocomplete search, pages appeared only by their page name. Now both the display title (if set) and the page name are provided.
  • Workflows - User names are not case sensitive (#28571)
The initials of usernames are not case sensitive, but workflow tasks weren't assigned if the case of the initial letter didn't match the casing in the user manager. Now the spelling of the initial letter works either way.
  • BlueSpiceMultiUpload - Upload dialog for file attachments is not namespace sensitive (#28862)
The uplaod dialog provided different default options for a namespace selection depending on context. Now the upload dialog behaves consistently.


  • XSS attack vector in mwstake/mediawiki-component-commonuserinterface (#28224)
This release contains an important security fix for a "reflected XSS" attack. The corresponding CVE entry is still pending and will be published soon. It is highly recommended that all users update their installation of BlueSpice 4 as soon as possible.
  • BlueSpiceFlaggedRevsConnector - Change permissions requirement for special page "Quality management overview" (#25845)
User needed at least the reviewer permission to view “Special:Qualitymanagementoverview”. Now, all wiki users are able to view this page since they only need the reader permission.
  • BlueSpiceCustomMenu - menu doesn't allow other protocols besides http(s) (#26446)
The custom menu didn't allow other protocols besides http(s). Now, if they are defined via $wgUrlProtocols, they can be used in the custom menu.
  • BlueSpiceRating - Missing data for Special:Recommendations (#27230)
When viewing the page Special:Recommendations, no data was shown. This is now fixed.
  • BlueSpiceBookshelf - in context of the contentmodel, book template links are not updated (#28243)
There was an issue with template links in the context of the content model book. This is now fixed.
  • BlueSpiceFlaggedRevsConnector - Script doesn't work properly (#28273)
The script for accepting drafts or pending changes in a namespace didn't work properly. This is now fixed.


  • BlueSpiceConfigManager - Some configuration variables do not have descriptions (#9662)
Some configuration variables in the ConfigManager didn't have descriptions. The missing tooltips have been added.
  • BlueSpiceNamespaceManager - Check for pseudo-namespaces (#18570)
When adding or renaming a pseudo-namespace (= namespace alias), no cross-check was made by the system to see if a namespace with the same name already exists. Now it is not possible to add a namespace alias with the same name as an existing namespace.
  • BlueSpiceFlaggedRevsConnector - Performance of Special:Quality management overview is unacceptable (#25088)
The performance of Special:Quality management overview was poor. The performance has been improved.
  • BlueSpiceSocial - Comment on a discussion topic disappears after reload (#26648)
There was an issue in the discussion area that caused the comment on a discussion topic to disappear. Now, the content of resolved topics is consistently hidden and can be made visible again by "lifting" a discussion topic.
  • BlueSpiceFlaggedRevsConnector - PDF export shows FlaggedRevs notice (#27185)
When using the PDF export, an unexpected FlaggedRevs notice was shown on the page. This message has been removed.
  • BlueSpiceEchoConnector - Missing setting for notifications on minor edits (#27327)
A missing setting led to a flood of notifications for minor changes. Now notifications are sent only for major changes.
  • BlueSpiceDiscovery - Doubled banner and edit icon leads to wrong version (#27453)
When clicking on the edit icon in the page history, the current version was always opened. Also, there were two banners with the same information. This is now fixed.
  • BlueSpiceDiscovery - Main navigation is visible without login (#27470)
Anonymous user were able to see the main navigation, which may contain critical information. Now only authorized users can see these links.
  • BlueSpiceDiscovery - VisualEditor bar is displayed in the media dialog (#27495)
The VisualEditor bar was displayed in the media dialog. It has been removed.
  • BlueSpicePageTemplates - Edit icon doesn't work (#27510)
When a user came to a page that didn't exist yet, the edit icon did not work. This is now fixed.
  • BlueSpiceSocial - Timestamps from the server do not have proper offset (#27556)
Timestamps in the timeline weren't calculated with a timezone offset. The timestamps now work correctly.
  • BlueSpiceDiscovery - VisualEditor's toolbar is displaced (#27570)
The VisualEditor toolbar was displaced when using mobile (android). Now it is positioned correctly.
  • BlueSpiceConfigManager - Add ConfigManager excludelist for Special:Log (#27588)
Since the exclude list was not configurable, a lot of data was logged that were not related to the changes. This is now fixed.
  • BlueSpiceDiscovery - Button shows external webpage icon (#27616)
Buttons to external web pages have shown the arrow icon. The needed "plainlist" css styles have been added.
  • BlueSpiceDiscovery - Styling for toggle button missing (#27674)
The toggle button in the left sidebar missed some styling. The styling has been added.
  • BluesSpiceConfigManager - Not possible to save settings (#27677)
Saving changed settings in ConfigManager was not possible. This is now fixed.
  • BlueSpiceInsertCategory - Category tree is missing in BlueSpiceDiscovery (#27678)
The category tree was missing for adding categories to a page. Now it is available when adding categories in view mode.
  • BlueSpiceExpiry - Values for semantic properties are displayed incorrectly (#27681)
The values for the semantic properties “expiration date” and “expiration status” were displayed incorrectly when clicking on "Browse properties". This is now fixed.
  • BlueSpiceUniversalExport - <bs:uenoexport> does not exclude semantic tables from PDF export (#27682)
Using the "<bs:uenoexport>" tag didn't exclude semantic tables from the PDF export. Now these contents are excluded.
  • BlueSpiceBookshelf - Book content model does not create entries in templatelinks table (#27688)
The book content model didn't create entries in templatelinks table if a template was used in the book source. Now the class for the book model is derived from class WikitextContent instead of TextContent because TextContent does not support templatelinks.
  • BlueSpiceFlaggedRevs - Drawio editor doesn't respect FlaggedRevs (#27738)
When creating PNGs with the Drawio editor, the latest version was shown on approved pages. Now, a changed PNG is shown as a resource change on a draft version.
  • BlueSpiceDiscovery - Cannot open left sidebar when using mobile (#27757)
When using mobile, it wasn't possible to toggle the left sidebar. This is now possible.
  • BlueSpiceCustomMenu - Missing top level causes wiki to crash (#27779)
If the top level was not present in the custom menu or was removed by the user, the wiki crashed. Now links without a heading level or headings without a link level are simply ignored.
  • BlueSpiceArticlePreview - Preview images not created in farm environment (#27800)
Too many cookies broke the image preview in farm wikis. Unnecessary cookies are now filtered out to not exceed the Base64 encoded cookieJar allowed length of a CLI argument.
  • BlueSpiceReminder - Filter for "reminders for this page" not working (#27802)
When using the option “Reminders for this page” in the dialog for creating a reminder, the filter didn't work properly on Special:Reminder. This is now fixed.
  • BlueSpicePageAssignments - Add page assignments to page information dialog (#27816)
The page information dialog did not show the page assignments. This info has now been added.
  • BlueSpiceBookshelf - Cannot create source (#27876)
Clicking on “Edit source” when creating a new book did not allow to edit the book source. Now source editing is possible.
  • BlueSpiceUEModulePDF - Different font sizes in pdf for templates and forms (#27886)
There was an issue with different font sizes in PDF files for templates and forms. This is now fixed.
  • BlueSpiceSocial - Styling of comment button is broken (#27894)
The social media comments button did not display correctly. Adjusting the button height fixed this issue.
  • BlueSpiceSocialWikipage - "__NOSTASH____NOSTASH__" doesn't work (#27932)
The magic word had no effect__NOSTASH__Now it hides the attachments section on a page as expected.xed.
  • Simplify string|array argument type for ParserOutput::addModules()/::addModuleStyles()/::addJsConfigVars() (T296123 )
  • LocalFileMoveBatch's $logger parameter to protected to enable NSFileRepo extension to continue to work (T301688 )
  • BlueSpiceFlaggedRevsConnector - When checking permission of the users to see draft pages, pages might get falsely blocked (#28054)
When a user accesses a page, a check returns to determine if the user can see the draft page. This mechanism blocked some users from seeing drafts, even though they are supposed to. This is fixed now.


BlueSpice 4.1.1 is a patch release. This is a stable release.

  • Social - Discussion profil loading shadows need some adjustment (#21608)
The loading shadows from the profile discussion needed some adjustments regarding their margin and padding. This is now fixed.
  • Only show relevant groups in managers and dialogs (#26299)
When working with groups, there were system groups which weren't useful or recommended to use. Now a set of standard groups and custom groups are available to choose from.
  • Special:Log - add ConfigManager changes to Special:Log (#26460)
The page Special:Log didn't  contain a log for the ConfigManager. A log has been added.
  • BlueSpiceCategoryCheck - fix aria when categories are set (#26614)
When categories were set, there was an issue with the aria label. This is now fixed.
  • VisualEditor - cannot find title when searching for "§" (#26922)
There were some issues with the VisualEditor when searching for titles with special charakters like “§”. This is now fixed.
  • Notifications - german message for login is missing (#27071)
Although the wiki content language was set to German, the login notification was displayed in English. This is now fixed.
  • ConfigManager - config "Show book chapter pager" not working (#27102)
When using the Discovery skin, the "Show book chapter pager after/before content" configuration option for books no longer worked. This is now fixed.
  • Show related articles in social entities (#27126)
Related articles were not shown or clickable in social entities. This is now possible.
  • Discovery - VE action is set instead of edit action when editing forms (#27239)
When editing forms, “veaction=edit” was set instead of “action=edit”. This is now fixed.
  • Footer - external links do not open in a new tab (#27240)
The external links in the footer were not opened in a new tab, but in the same tab. This is now fixed.
  • Workflows - check i18n for log entries for workflows (#27246)
There were some missing messages for workflows and the log entries in page Special:Log. The messages now exist
  • Timeline - flyout is displaced when creating a new post (#27254)
When adding a new post to the timeline, the "create new post" flyout was misplaced. The layout has been adjusted.
  • Personal menu - internal links open in a new tab (#27262)
Internal links in the personal menu opened in a new tab, which is similiar to the behavior for external links. This is now fixed.
  • Interwikilinks - links get `&action=view` appended (#27271)
Interwikilinks got “&action=view” appended automatically. This is now fixed.
  • Table breaks page layout (#27286)
The layout of tables and images caused the page layout to break. Their behavior is now as expected.
  • Breadcrumbs - creating a subpage with an underscore leads to broken breadcrumb (#27292)
Creating a subpage with an underscore led to a broken breadcrumb. This is now fixed.
  • Breadcrumbs - subpage structure is displayed although subpages are disabled for namespace (#27295)
When subpages were disabled for a namespace, the breadcrumb still showed the subpage structure even though no actual subpage existed. Now the subpage structure is only shown when needed.
  • NamespaceManager - delete icon is not displayed (#27296)
In the namespace manager, the delete icon was not displayed, only a tooltip. Now, the icon is displayed on hover.
  • Extension:Math does not support `texvc` anymore (#27319)
The Extension:Math doesn't support “texvs” anymore but is now possible with SVG.
  • Multiupload - doesn't work correctly in DE language installations (#27347)
The MultiUpload didn't work when using the “New” button or the link which can be found in the global actions. All upload links now allow multi-upload.
  • FlaggedRevs - image preview breaks when activating FlaggedRevs in namespace "File" (#27350)
Activating FlaggedRevs in namespace “File” caused to break the image preview. This is now fixed.
  • Booknavigation - creating a redirect to a book page doesn't show the book navigation on the target page (#27353)
When a redirect to a book page was created, the book navigation wasn't shown on the target page. Now the book navigation is displayed as expected.
  • Anonymous user can see the edit link from drawio (#27354)
Anonymous user were able to see the edit link from drawio. This link is no longer available.
  • BlueSpice3 logo shows up in BlueSpice4 (#27365)
In BlueSpice 4, the logo of BlueSpice 3 was delivered and displayed. Now the correct logo is applied.
  • Workflows - starting a single user approval workflow gives an error message (#27403)
When starting a single user approval workflow, an error message was displayed. This is now fixed.
  • Fatals due to missing notification title (#27448)
There was a fatal due to a missing notification title. This is now fixed.
  • SECURITY: XSS attack vector in Search Center (#27481)
Users were able to inject arbitrary HTML (XSS) on Special:SearchCenter, using the search term. This is now fixed.
  • Simplify string|array argument type for ParserOutput::addModules()/::addModuleStyles()/::addJsConfigVars() (T296123 )
  • SECURITY: Update to latest version of DPL Users were able to perform a ReDOS attack through Extension:DynamicPageList3. This is now fixed. (#27454)


BlueSpice 4.1.0 is a minor release. This is a stable release. It is the first public release of the BlueSpice 4 major line.

Notable changes

  • New skin "BlueSpiceDiscovery"
    • Modern lightweight skin
    • Focus on neutral design and usability
    • Independent, since it's still possible to use BlueSpiceCalumma
  • FlexiSkin
    • Customize logo, skin colors and font settings within minutes directly in the wiki
    • Even more options than before
  • Workflows
    • Redesigned from scratch
    • Workflows now run on the basis of BPMN, which is the leading standard for creating business processes
    • Easier customization of workflows possible
    • Four workflows are delivered by default
  • My tasks
    • New extension "UnifiedTaskOverview"
    • Overview page, which allows users to view and work through all pending reviews and read confirmations
  • BPMN diagrams via CognitiveProcessDesigner
    • New extension "CognitiveProcessDesigner"
    • Create business processes in BPMN format directly in the wiki
    • Diagrams can be exported as a XML file or in SVG format
    • Import of XML files or SVG files is also possible
  • Two-factor-authentification (2FA)
    • Logins can be configured by using
      • additional one-time passwords or
      • physical security key (fido stick)

Extensions added

  • DataTransfer (#25428)
    • Allows users to import and export data to as well as from the wiki
    • Exporting in XML format
    • Importing in XML, CSV and some spreadsheet formats.
  • EventBus (#25809)
    • Provides state changes (edit, move, delete, revision visibility, etc.) to a RESTful event service
    • Provides users of the service the ability to track changes of MediaWiki content
  • Forms (#23467)
    • New form function
    • Allows formatting a wikipage as a form
  • Loops (#25809)
    • Parser functions to perform loops
  • OATHAuth (#25920)
    • Enabled by default in BlueSpice pro (previously only in BlueSpice Cloud)
  • PageCheckout (#25911)
    • Allows exclusive rights on a page
  • PageHeader (#25780)
    • Provides an additional user interface before page content
  • RevisionSlider (#18545)
    • Adds a slider interface to the Diff view
    • Allows to easily switch between revisions to compare them
  • SecureLinkFixer (T257180 )
    • Automatically rewrites URLs to HTTPS if the domain requires HTTPS
    • Uses the Mozilla HSTS preload list for the list of domains
  • StandardDialogs (#23082)
    • Provides dialog user interfaces for common page actions
  • WebAuthn (#25430)
    • Provides authentication support via the WebAuthn protocol

Extensions removed

  • BlueSpiceBookshelfUI (#21137)
    • removed since BlueSpice 3.2
  • BlueSpiceEditNotifyConnector (#19985)
    • removed since BlueSpice 3.2
    • integrated in BlueSpiceEchoConnector
  • BlueSpiceReview (#26137)
    • replaced by extension Workflows
  • BluespiceSocialArticleActions (#21134)
  • BlueSpiceTagSearch (#13371)
    • removed since BlueSpice 3.2
    • integrated in BlueSpiceExtendedSearch
  • BlueSpiceUserMergeConnector(#16839)
  • BlueSpiceVisualDiff (#24098)
    • replaced by RevisionSlider
  • CookieWarning (#25431)
    • integrated in BlueSpicePrivacy
  • Duplicator (#23526)
    • replaced by copy function in extension StandardDialogs
  • EditNotify (#19985)
    • removed since BlueSpice 3.2
    • integrated in BlueSpiceEchoConnector
  • Quiz (#22163)
  • PageSchemas (#18542)
  • SemanticInternalObjects(#18543)

Changes in BlueSpice 4.1 free

  • Move LDAP-Stack extensions from BlueSpice free to BlueSpice pro (#25947)
    • LDAP-Stack extensions are only available in BlueSpice pro
  • BlueSpicePermissionManager: Disable "Custom" permission preset for BlueSpice free (#25948)
    • "Custom" permission preset is only availabe in BlueSpice pro

Changes and bugfixes

  • [bug] Privacy: Cookies are set although they are not accepted by the user (#24473)
Some cookies were set although they weren't accepted by the user. This is now fixed.
  • [bug] [privacy] Change cookie acceptance for convenience cookies from "on by default" to "off by default" (#24612)
The default settings for cookies needed to be changed to a more "privacy-friendly" setup. Therefore, convenience cookies are now turned off by default.
  • Page expiries are not trackable (#21148)
Page expiries weren't trackable in any way. Now, a special log exists for page expiries.
  • [bug] Never exclude admin user from pageaccess and use warning for read-only instead (#20238)
Using the magic word "pageaccess" sometimes locked out even admin users and no user could remove the restriction. Now, admin users can always access protected pages.
  • [privacy] Improvements Cookie-Consent-Layer (#26564,#26945, #27004)
Some improvements for the cookie-consent-layer have been made. This concerns descriptions of the cookies collected and restricted accessibility without accepting cookies.
  • [bug] Creating new pages does not trigger page templates (#21652)
Creating a new page didn't trigger page templates. Now, if PageTemplates are activated in the namespace settings, adding a new page leads to a view where the user can choose from available page templates.
  • Force HTML mail on watchlist changes (#23143)
If a page on the watchlist is changed, an HTML mail should be sent. This is now implemented.
  • FlaggedRevs: Remove FREEZE option from GUI (#24741)
The option FREEZE was removed from the ConfigManager due to missing longterm support.
  • Remove "external avatars image" functionality (#25875)
The functionality to use external images for an avatar was removed.
  • BreadcrumbNav refinement (#26566)
Some refinement regarding the breadcrumb navigation has been done. If a mainpage for the corresponding namespaces exists, the breadcrumb links to its mainpage. If a mainpage for the corresponding namespace doesn't exist, the breadcrumb links to "Special:AllPages".
  • [bug] Double book title in navigation (#22826)
The book title was shown twice in the chapter navigation after adding the navigation buttons. This is now fixed.
  • [bug] PDFTemplates - Margins for #runningheaderfix and #runningfooterfix not correct (#21785)
Within PDF templates, the margins for #runningheaderfix and #runningfooterfix were not correct. This is now fixed.
  • [bug] Check "return to " url on SearchCenter when coming from tag search (#22027)
The "return to" link was missing on the SearchCenter when coming from the TagSearch. This is now fixed.
  • [bug] InviteSignup - invited users cannot signup (#22222)
After clicking on the email link to sign up, users were not able to see the sign-up form, but were asked to sign in. This is now fixed.
  • Remove duplicator feature (#23526)
The duplicator feature was removed from BlueSpice 4. It is replaced by the copy function of the extension StandardDialogs.
  • [bug] Template:User is used on automatically created user page, but does not exist (#20815)
Descprition: By using the Template:User, the user page was not created automatically. This is now fixed.
  • [bug] Bookexport - links in exported PDF not working (#23557)
The links in exported PDFs (via bookexport) didn't work correctly. This is now fixed.
  • [bug] User:MediaWiki default should be excluded from usercount (#23255)
The user "User:MediaWiki" was included in the user count. This is now fixed.
  •  [bug] Link "Privacy Policy" in footer isn´t working (#23524)
The link "Privacy Policy" in the footer led to "Special:PrivacyPolicy", which didn't exist. This is now fixed.
  • NSFileRepo changed file paths after migration (#24568)
The NSFileRepo changed file paths after migration. This is now fixed.
  • [bug] Exception at SemanticMediawiki -> rebuildData in context with UserGroupManager (#25367)
There was an exception at SemanticMediaWiki. This is now fixed by running rebuildData in context with the UserGroupManager.
  • [bug] VE "Insert link to file" converts spaces in file name to "+" signs (#22674)
Spaces in URLs were converted to "+" signs. This is now fixed.
  • [bug] Permission issue - not allowed to view drafts vs no read permissions in cloud wikis (#24999)
There was a permission issue due to different settings. Now, only groups which are selected in the ConfigManager are able to see drafts.
  • [bug] Issue in PdfHandler extension (#25731)
The wildcard didn't work in the PDF handler so that results were not shown. This is now fixed.
  • [bug] FlaggedRevs: Approved page and same page with url-param stable=1 show different ressources (#24740)
An approved page and also the same page with url-param stable=1 showed different ressources. This is now fixed.
  • [bug] Problems on first edit of tables and linking files (#23783)
There were issues with the first edit of tables and also with file links. A user wasn't able to edit individual cells in tables and also didn't get the option "link to file". This is now fixed.
  • [bug] Early page break in PDF export when using br-tags(#20301)
When using <br />-tags the page break in exported PDF files was too early. This is now fixed.
  • Add extension EventBus (#25809)
EventBus is a "webhook" system which allows a user to react to actions in the wiki. This extension is now implemented.
  • [bug] Indicator doesn't disappear despite there are no tasks (#27015)
When a user finished his tasks, the indicator still got displayed in the personal menu. This is now fixed.
  • Incompatibility with MW 1.35 (#26960)
There were some incompatibility issues with MediaWiki 1.35. This is now fixed.
  • [bug] Wikiexplorer column "Assignments" has formatting issue (#22208)
The "Assignments"-column of the WikiExplorer had some formatting issues. This is now fixed.
  • Disable PageSchemas in minor and remove in major (#18542)
The extension PageSchemas was removed in BlueSpice 4.
  • UX Review of BlueSpiceSocial (#19714)
BlueSpiceSocial was reviewed in the context of the new skin.
  • Major database change breaks various extensions (#19353)
Due to changes in the database scheme some extensions broke within the cloud build. This is now fixed.
  • Remove SocialActions from Editions (#21134)
SocialActions were removed and page edits aren't producing social entities anymore.
  • [bug] Error due to wrong type of image file conversion (#9179)
There was an image file conversion error. This is now fixed since uploading files with the same format works.
  • Improve integration of FlaggedRevs and Semantic MediaWiki (#14846)
There is a new security feature that restricts the reading of semantic data in FlaggesRevs namespaces. This is now implemented.
  • Add Extension:Loops (#21179)
The extension Loops provides parser functions to performloops. This extension is now implemented.
  • [bug] ConfigManager MenuTagMultiselectWidget removing items when using ENTER (#25701)
When adding a new item to the BlueSpiceFlaggedRevsConnector, items which can be found in the ConfigManager under "Quality Assurance" were deleted. This is now fixed.
  • Check revision slider (#18545)
The revision slider adds a slider to the Diff view and allows switching between revisions easily. This is now implemented.
  • Make page title fixed on scroll (#26568)
When scrolling down a wikipage, the page title should have a fixed position. This is now implemented.
  • Page history styling (#26586)
Some styling of the page history was necessary due to missing alignment and arrows, which were in another row. This is now fixed.
  • [bug] Add to book leads to title with underscores instead of spaces (#26609)
If a page was added to a book via "add to book" dialog, the title of the page was displayed with underscores instead of spaces. This is now fixed.
  • Remove MediaWiki help links which are not necessary (#26597)
Some MediaWiki help links where displayed, where they weren't needed. This is now fixed.
  • PageStatusSentence - Remove "No status information" sentence (#26632)
If a wiki didn't use namespaces with FlaggedRevs activated, all pages showed the status sentence "No status information", which is useless in this case. Now, the status sentence is only shown if status information is available.
  • Extension PageCheckout (#26251)
For workflows a feature was needed which allows to lock a specific page if certain activities are executed. This is now implemented with the extension PageCheckout.
  • [bug] ConfigManager - remove setting which is not needed anymore (#26697)
Some settings in the ConfigManager weren't needed anymore. This is now fixed.
  • [bug] Tables - config options are sometimes not active (#26349)
Some settings for tables were not active, like width, table style, filterable and exportable. This is now fixed.
  • [bug] "Filterable" property for tables not working (#26738)
The filterable setting for tables didn't work. This is now fixed.
  • Styling improvements for Special:Workflows overview needed (#26583)
The page Special:Workflows needed some styling improvements since it was not obvious that a user can get further information there. This is now fixed.
  • Sort global actions (#26584)
Some sorting of the global actions was needed and also the implementation of the Special:Workflows into the global actions menu. This is now implemented.
  • [bug] Clicking on "create new attachment area" switches into edit mode (#26660)
If a user wanted to add an attachment to a books page, clicking on "create new attachment area" switched into edit mode. This is now fixed.
  • [bug] Email notification sends wrong pagelinks (#26668)
If a page was outside of the main namespace, email notification sent wrong pagelinks because the namespace prefix was missing. This is now fixed.
  • Implement CognitiveProcessDesigner (#25763)
The extension CognitiveProcessDesigner allows user to create business processes in BPMN format directly in the wiki. This extension is now implemented.
  • Implement CPD into magic words (#26702)
For an easier and faster use, the CognitiveProcessDesigner extension shall be available as a tag in the magic words. The bpmn tag is now implemented.
  • [bug] Link "Edit book" leads to source code, instead of action=editbook (#27055)
The link "Edit book" which can be found in the left sidebar has led to the source code instead of "action=editbook". This is now fixed.
  • Backlink to page missing (#27058)
After uploading an attachment a backlink was displayed, where a user got back to a page. This link is gone for BlueSpice 4 but is replaced by the navigation via the breadcrumbs.
  • Directly jump into edit-mode when there's no page template (#26939)
The common behavior while creating a new page is directly jumping into the edit mode except there's a template available. If a template is available an overview is given where a user can choose between using it or creating an empty page. This is now implemented.
  • Consolidate menu items (#22818)
There were some duplicate menu items and also a rearrangement of the logical grouping was necessary. This is now implemented.
  • Fix URLs in Discovery left sidebar (#26641)
Some links in the left sidebar were absolute URLs and external links didn't open in a new tab. This is now fixed.
  • [bug] Users can log in without cookie consent (#27004)
Despite the cookie consent overlay was active, users were able to login "behind" the overlay. This is now fixed.
  • Change dialog position of "save changes" (#27192)
    • The save changes dialog should be detached from the edit bar. This is now implemented since the save changes dialog opens in the center of the page.
  • Shorten the duration of "You are logged in" (#26693)
The duration of the "You are logged in" noctice should be shortened. This is now implemented.
  • Extension UnifiedTaskOverview (#25210)
There should be an overview page, which allows users to view and work through all pending reviews and read confirmations. Therefore the extension UnifiedTaskOverview is now implemented.
  • Activate UserFunctions (#24717)
Pages in the navigation area should only be shown to users with corresponding permissions. This is now implemented.
  • Display all authors if several are working on a page (#10240)
If a page is edited by several authors at the same time, all of them should be displayed in the info banner.
  • Only show relevant groups in managers and dialogs (#26299)
Many system groups were not useful. Now there are standard groups and custom groups implemented, which can be used in the corresponding extensions.
  • NamespaceManager: check for pseudo-namespaces (#18570)
When creating or renaming a namespace, it should be checked if a pseudo-namespace already exists, and if so, the created namespace should be rejected. This is now implemented.
  • [bug] PermissionManager - consistent behavior in color scheme for an better overview of permissions set (#25662)
When setting permissions in PermissionManager, there was an inconsistency regarding the color scheme. This is now fixed.