Tiki 29.0 will be released in September 2025.
It is a Standard Term Support (STS) version and will be supported until Tiki 30.1 is released as per the Tiki lifecycle policy
You can see the development page at : https://dev.tiki.org/Tiki29 and all the code commits here: https://gitlab.com/tikiwiki/tiki/-/commits/29.x/
If you use the WYSIWYG, please do extensive testing before you upgrade because https://github.com/summernote/summernote has replaced https://github.com/ckeditor/ckeditor4 (which is no longer Open Source)
The Cookie Consent Management for User Privacy Compliance has done undergone an overhaul so please also do extensive testing here.
(alphabetically sorted)
Adds automatic avatar generation using DiceBear SVG-based styles when users have no custom avatar uploaded.
Supports multiple styles and runs fully client-side or within Tiki, with admin controls for enabling and style selection.
Improves visual identity and personalization across user profiles without external API dependencies.
Adds a new action in Admin Menus to convert a menu directly into a module with prefilled assignment, streamlining navigation setup and reducing context switching.
Improves ease of use for new and existing admins managing menus and modules.
Forum mail-in now uses IMAP (with TLS) instead of the legacy POP3 protocol for retrieving posts from mailboxes. This improves security, works with modern email providers, and ensures encrypted access. POP3 support has been removed. Admins should review mailbox retention settings, as IMAP does not delete messages by default.
The Swiper package has been upgraded from version 3 to 11 and its installation has been migrated to npm modules.
The abandoned laminas/mail and laminas/mime packages have been replaced with the modern and actively maintained symfony/mailer ecosystem. This major migration improves long-term stability, modernizes email sending in Tiki, and introduces better compatibility with transactional email providers.
UI-predicate library used in Tiki Tracker Rules to Vue 3 has been upgraded, completing the migration of all Vue.js components within Tiki to Vue 3.
composer.lock are explicitly declared in the "platform" section of "composer.json". If a mismatch is detected or an extension is missing, Composer installation stops and provides troubleshooting help.
As part of a broader Composer cleanup and modernization effort, several third-party libraries have been upgraded to ensure compatibility with modern PHP versions, reduce technical debt, and improve security.|
(stevegrunwell/phpunit-markup-assertions) has been updated to version 2.0.
(alphabetically sorted)
Extended the Attribute Controller with new actions to set, get, and search attributes more effectively, including support for comments.
adds a floating “Back to Top” button using an Element Plus Vue component, which appears when users scroll down. Optionally customizable tooltip via the title attribute. Assignable via the Admin Modules panel.
The `if` function in Mathematical Calculation Tracker Fields now supports `elseif` and `else`, enabling clearer and more maintainable formulas without excessive nesting.
In Tiki28, the Changes Wizard was modified to be hidden on new installations while remaining visible during upgrades. However, it's been found out that this change would lead to issues, so in Tiki 29, the Changes Wizard behavior has been reverted to its original state — meaning it will once again appear for both new installations and upgrades.
New Console commands:
Adds a new command security:generate to create a "security.txt" file in the ".well-known/" directory. This file can include admin contact info, expiration dates, PGP links, and optional GPG signatures—streamlining responsible vulnerability disclosure practices.
A new console command — calendar:minical:migrate — enables the migration of calendar data from the legacy tiki-minical.php system into the modern Tiki private calendar infrastructure.
A new CLI command files:subgalleries-create allows administrators to migrate files stored in Tracker Files fields into per-item subgalleries automatically.
This helps when switching to the “store files per item” mode by creating subgalleries for each tracker item and moving files accordingly.
Reduces manual effort to reorganize file attachments and supports smoother gallery management.
A new command — database:convert — to convert the database engine, simplifying the migration from MyISAM to InnoDB.
Tiki now includes a built-in cookie consent system that aligns with privacy regulations such as GDPR.
Enhance the Tiki uploader interface, used in File Tracker fields, now supports drag-and-drop of entire folders or directories onto the upload area. When a directory is dropped, Tiki recursively uploads all files it contains and automatically creates the corresponding file gallery hierarchy.
This update replaces the legacy jQuery $.notify notification system with the modern and visually consistent Element Plus ElMessage component across the Tiki interface.
blueimp/jQuery-File-Upload has been replaced with the modern Element Plus Upload component for a more efficient and user-friendly file upload experience.
A new preference to expand or collapse all collapsible sections on a page with a single click has been added. Previously, content had to be manually toggled section by section, making navigation cumbersome—especially when searching for specific information.
A new option has been added to the Files tracker field type to allow automatic creation of a dedicated File Gallery per tracker item.
This improves file organization by associating uploads directly with individual items — useful for user profiles, articles, invoices, contracts, signatures, and more.
PhantomJS and CasperJS have been replaced with the Chrome-php library for headless browsing, improving performance, security, and maintainability while keeping CasperJS as a fallback. A new preference — Headless Browser Integration Type — allows switching between Chrome-php (default) and CasperJS. Key features like Wiki Diagrams export, search snapshots, and ChartJS export have been updated to use Chrome-php. Additionally, a configurable Chrome binary path has been introduced, and the implementation has been refactored for better maintainability.
Tiki now supports High Efficiency Image Format (HEIF/HEIC) by automatically converting HEIC files to JPEG. This allows users to upload HEIC images from modern devices, ensuring compatibility with Tiki's existing image processing system.
A new feature has been added to enhance password input fields with a hold-to-reveal mechanism. This UX-friendly enhancement introduces a subtle icon next to password fields (only when a value is entered), allowing users to temporarily reveal their password by pressing and holding the icon—ideal for preventing accidental exposure, especially during presentations or screen sharing.
A new lazyload option has been added to the userSelector and itemLink tracker fields. When enabled, the list of options is loaded dynamically based on user input—greatly improving performance for fields with large datasets (e.g., 10,000+ items).
Now you can specify which fields appear in marker popups and define custom HTML popup templates using field tags. Provides cleaner, context-specific displays when clicking on map markers.
The media recording tool has been improved to provide a preview before upload option. This allows users to review their recordings before submitting them, helping avoid accidental uploads and enhancing usability. A close button was also added for better interface control.
Pages blocked in robots.txt now include a noindex meta tag, improving alignment with modern SEO practices.
According to Google's guidelines, relying solely on robots.txt to block indexing is not sufficient. So, Tiki now adds a noindex meta tag to commonly excluded pages (e.g., tiki-editpage.php), helping prevent them from being indexed by search engines.
A new preference checks when the scheduler last ran and displays a visual warning if it hasn’t run recently.
Tiki now includes a password history management feature to enhance security by determining the number of password resets associated with a user account before the password can be reused.
Animate on Scroll Using anime.js
Adds a new {animeonscroll} plugin to trigger animations (fade, zoom, flip, slide, and more) as elements enter the viewport.
Uses anime.js (already bundled with Tiki) to provide lightweight, dependency-free AOS-like effects, with customizable options such as offset, threshold, and anchor placement.
Enables native scroll-triggered animations without embedding external libraries.
Default Users, Groups, and Dates Pre-Filling.
Adds new parameters `defaultusers` and `defaultdates` to the "convene" plugin, allowing pre-filling of participants and proposed dates using usernames, group names, or natural language date strings.
Improves meeting poll setup UX by providing sensible defaults that users can edit.
Custom class option to PluginFancyTable, allowing users to apply their own CSS classes for better styling flexibility. This enhancement ensures that tables can be customized to match specific design requirements.
PluginListExecute received various fixes and enhancements including:
This update refines how PluginListExecute handles partial reloads to make it more stable and reliable
Add truncateTextLength Parameter:
Adds a new `truncateTextLength` parameter to the "trackerfilter" plugin to uniformly truncate long text with ellipsis across all displayed fields.
Simplifies tabular reports and dashboard views by enabling quick, global text truncation without losing full data access.
This fix improves stability when using ListExecute inside templates or dynamically parsed content.
To help prevent incorrect URL generation in scheduled or console-executed tasks, a warning is now displayed if fallbackBaseUrl is not set:
PluginListPages now includes a noheader parameter, giving users more control over how page listings are displayed. This option allows the suppression of the default header section, making it more versatile for embedding within templates and other pages.
The PluginMediaPlayer now supports rendering text files directly within the media player interface. This expands the plugin’s functionality beyond audio and video playback, enabling users to view text-based content.
A new plugin PluginMermaid has been added to support rendering diagrams using Mermaid syntax directly within Tiki. This enables users to securely visualize structured diagrams (like ER diagrams) without needing to rely on external tools like mermaid.live, making it ideal for working with confidential data.
Tiki 29 introduces OEmbed support, allowing seamless integration of videos and media from platforms like PeerTube, Vimeo, and YouTube. This enables users to embed content effortlessly using the OEmbed protocol without manually copying iframe embed codes.
Key Highlights:
PluginRSS now supports direct URL configuration in wiki pages — no admin permissions required!
Previously, RSS feeds had to be pre-configured via tiki-admin_rssmodules.php, which required elevated permissions.
This allows more flexible, user-friendly integration of dynamic RSS content
PluginTracker has been improved to allow making a previously non-mandatory field mandatory based on evolving business needs. This update introduces the requiredFields attribute, ensuring that fields can be enforced dynamically during different stages of form submission.
Tiki has upgraded the PluginVue implementation to support Vue.js 3 and Single File Components (SFCs). This update allows users to leverage the latest Vue.js features while maintaining seamless integration with Tiki.
Introduced a new mechanism to warn users when a preference is set to a value that causes conflicts.
This helps administrators detect and correct configuration issues early.
First application:
session_storage preference: A warning is now displayed if it is set to db, which is not recommended for performance and stability reasons.
index:cleanup command now detects if search indexes are shared across multiple Tiki instances before deletion, preventing accidental data loss.
index_to_remove, --all , --dry-run ) provide more control over index management, alongside a refactored Elasticsearch handling for better performance and reliability.
Tiki now provides users with a clear view of password creation rules when they set or change their passwords. This ensures that users can easily comply with security requirements, reducing frustration and failed attempts.
Administrators can now seamlessly switch between multiple users without needing to return to their admin account each time.
Several bug fixes and enhancements have been added to Trackers such as:
Adds a tracker field for scanning and generating 1D and 2D barcodes (including QR codes), useful for logistics, inventory, attendance, and similar systems.
Improves validation for tracker fields by preventing empty permanent names and showing a warning when a permanent name is already used in another tracker. This helps maintain consistency and avoid conflicts across trackers.
The EmailFolder tracker field now allows setting email folders at the item level rather than globally.
This enables dynamic folder-specific email workflows (saving, archiving, routing) based on tracker item data, improving integration with Cypht email accounts.
A new setting lets folders be defined individually per item, useful for client-specific folder destinations or tighter Cypht integration.
https://gitlab.com/tikiwiki/tiki/-/merge_requests/7688
When uploading via drag‑and‑drop into a Files Tracker field, users can now rename the file before selecting it—improving usability and file organization.
Adds an “Allow Inline Editing” setting in individual tracker admin panels, enabling or disabling inline editing per tracker.
Overrides the previous global-only control (ajax_inline_edit_trackerlist) and applies to both tracker list views and "trackerlist" plugin output.
Provides administrators with finer control over editing behavior for different workflows.
Audio recording features have been enhanced to improve usability and integration within tracker items.
Better output for simple list and table templates. The actions are now translatable + new param button_label was added to allow custom submit button label (translatable too)
A new userlist search formatter has been introduced to better handle UserSelector fields that store real names separated by a custom string. This formatter automatically splits the values into a proper array of users, enabling cleaner display and easier filtering in search results.
Adds smart integration between Cypht Webmail and Tracker items by auto-suggesting relevant tracker items when sending emails.
Users can consent to move sent emails into tracker item folders, improving workflow traceability for support, client communication, and projects.
Includes manual search if suggestions don’t match and prepares groundwork for automatic reply routing via Email Folder field and Sieve rules.
Tiki29 introduces WebAuthn as a modern and secure authentication method.
Key Features:
Adds a “Duplicate” option to the “More” dropdown in individual wiki pages.
Renames the existing “Copy” action in the wiki page list (tiki-listpages) to “Duplicate” for consistency.
Makes duplication easier to access from the page view and standardizes terminology across the UI.
Requires appropriate wiki admin/edit permissions.
A new admin setting, wiki_page_actions_groups, allows you to control the visibility of the Wiki Page Actions button by user group. This gives more flexibility in managing the editing interface—showing the button only to relevant users and keeping the UI clean for others.
Tiki29 introduces Summernote as the new WYSIWYG editor in Tiki, replacing CKEditor 4. Summernote offers a Bootstrap-based, themable editor with a customizable toolbar, rich formatting tools, and functional CodeMirror integration.
To enhance flexibility, the new adminToolbar tool allows Summernote to operate independently of the legacy editor’s adminToolbar interface, streamlining the editing experience
Additionally, paste behavior in the HTML editor has been improved: styled content (e.g., bold, colored, or formatted text) now retains its formatting when converted into Tiki page, minimizing manual cleanup and improving compatibility with content pasted from word processors or web pages.
The legacy Tiki Accounting feature and related code, templates, preferences, and permissions have been fully removed. It was unmaintained, underused, and relied on obsolete dependencies. Existing data is preserved in the database and can be exported manually. Users are encouraged to use Dolibarr, which is actively maintained and part of the WikiSuite ecosystem.
Completely removes ADOdb support in favor of PHP PDO for all database interactions.
Eliminates adodb/adodb-php from dependencies, deletes all related files and calls (including dbversion_tiki and api_tiki), and cleans up related language strings.
Improves security, performance, and maintainability by standardizing on PDO-based access (TikiDb, TikiDb_Pdo, etc.).
Removes preferences feature_view_tpl, feature_edit_templates, and feature_editcss, which allowed viewing/editing templates and CSS via the web UI.
This improves security by closing risks related to arbitrary file access/editing through the browser.
Most admins edit templates and CSS externally now; these features were marked as endangered on dev.tiki.org.
This was part of the article features and practically it's not needed
As part of deprecating jQuery UI in Tiki, this change removes unused references to feature_jquery_ui. jQuery UI will be retained only where it's still required (e.g., elFinder), but all other dependencies are being phased out.
Replaced with GLightbox
Logging migrated to Monolog
Replaced with sortablejs
Removes legacy PHP package pear/db from Tiki’s co
This dependency became obsolete after the OpenID PHP library (which required it) was archived and removed from Tiki.
Forum Email Retrieval now uses IMAP
The "rubix/extras" repository has been archived (as of March 27, 2025) and was not used anywhere in Tiki. All its valuable features are now consolidated into RubixML, so the package has been removed.
Many mass cleanups (affecting 15+ files), typically to reduce technical debt. Because of the large number of affected files, it's tricky to tests all the features in all contexts. So, some bugs could have slipped through. If you encounter one, please report it and we will quickly address: