Tiki 28.0 will be released in November or December 2024.

It is a Standard Term Support (STS) version and will be supported until Tiki 29.1 is released as per the Tiki lifecycle policy

You can see the development page at: https://dev.tiki.org/Tiki28 and all the code commits here: https://gitlab.com/tikiwiki/tiki/-/commits/28.x/ once it will be created (in 2024-10).

(alphabetically sorted)

Reduced the size of the element-plus-ui.js bundle by refactoring and streamlining the implementation of the Transfer component in element-plus-ui

Happy DOM has been upgraded to version 15.11.0

Is replaced by InnoDB FULLTEXT
https://gitlab.com/tikiwiki/tiki/-/merge_requests/5297
Unified Index Comparison

PHPUnit has been updated to version 10.5.26

JavaScript and CSS libraries have been moved to the new Build System.

A validation mechanism has been introduced to ensure that the correct version of Composer is used with Tiki Manager, addressing potential issues caused by pre-installed or incompatible versions of Composer on the system.

• https://gitlab.com/tikiwiki/tiki/-/merge_requests/5995

InnoDB FULLTEXT replaces MyISAM FULLTEXT
https://gitlab.com/tikiwiki/tiki/-/merge_requests/5297
Unified Index Comparison

This preference sets default value for the "add a user tracker item for this user" checkbox in the registration form when adding new user by the admin. This is to avoid having to check the said checkbox every time on next users creation if your policy is that you want to add a tracker item in the user tracker when creating a new user

• https://gitlab.com/tikiwiki/tiki/-/merge_requests/5366

A new feature allows users to include a text note when responding to calendar invitations and view notes on incoming confirmations, similar to functionality in other systems like Roundcube within KolabNow.

The Changes Wizard will no longer appear on fresh installations of Tiki. It will only be shown during upgrades to help site administrators review and apply changes.

• https://gitlab.com/tikiwiki/tiki/-/merge_requests/6441

New Console commands:

A new command - log:delete - has been added to help manage and clean up old system logs. Users can now easily delete outdated logs or retain only the most recent entries, improving performance and keeping systems tidy.

• https://gitlab.com/tikiwiki/tiki/-/merge_requests/6440

The database:update command has been enhanced to notify administrators when a database update is required, which could potentially block cron jobs like console.php scheduler:run.

Key Features:

• Email Notifications for Cron Jobs:
  The database:update command now sends email alerts to administrators when it detects that a database update is required.
• Monitoring System Integration:
  The command is compatible with tools like Zabbix, enabling administrators to configure alerts for required database updates.
• Prevention of Cron Job Disruption:
  Ensures that administrators are informed of database update requirements before they block scheduled tasks.

• https://gitlab.com/tikiwiki/tiki/-/merge_requests/6336

Tiki now includes a new index:cleanup command to simplify index management and prevent filesystem bloat. This feature helps administrators maintain an optimized and clean search indexing environment by removing unused or outdated indexes.

• https://gitlab.com/tikiwiki/tiki/-/merge_requests/6366

Several enhancements and bug fixes have been added to Cypht:

• Turn an email into a tracker item
  • https://gitlab.com/tikiwiki/tiki/-/merge_requests/4937

Element Plus has been chosen for multi-select boxes in Tiki in replacement for jQuery's Select2 element.

• https://gitlab.com/tikiwiki/tiki/-/merge_requests/5866
• https://gitlab.com/tikiwiki/tiki/-/merge_requests/5856
• https://gitlab.com/tikiwiki/tiki/-/merge_requests/5706

To enhance administrative account security, Tiki now supports email-based two-factor authentication (2FA) as an alternative to Google 2FA. This additional verification step ensures that only authorized users can access admin-level accounts.

Key Features:

• Email-Based 2FA Functionality:
  • Generates a random 6-character token sent to the user’s registered email address.
  • Tokens are securely hashed before being stored in the database.
  • Configurable token TTL (time-to-live) to set expiration durations.
  • Ensures only one active token per user by invalidating previous tokens.
  • Implements a rate limiter to prevent excessive token resend requests (minimum 1-minute interval).
• Preferences and Configuration:
  • New preference to select the type of 2FA (Google 2FA or Email 2FA).
  • Token length and TTL are configurable through new settings in the administration panel.
• Enhanced Application Flows:
  • Authentication Flow:
    • Detects if email-based 2FA is enabled, generates and emails a token, and redirects the user to a 2FA confirmation form.
  • Token Confirmation Flow:
    • Verifies the entered token and handles invalid attempts gracefully.
  • Token Resend Flow:
    • Allows users to request a new token with appropriate rate limiting.
  • Failsafe Mechanism:
    • A new command, php console.php 2fa:disable, disables 2FA in case of misconfigurations or access issues.
• https://gitlab.com/tikiwiki/tiki/-/merge_requests/6420

This creates a data-driven diagram to illustrate the components and relationships in a typical Tiki App (Trackers, Wiki pages, and their connections via plugins)

Tiki now supports IoT integration with enhanced tools for managing and designing workflows.

• https://gitlab.com/tikiwiki/tiki/-/merge_requests/4178

A new enhancement has been introduced to streamline the categorization and uncategorization of objects within Tiki. The categorize_object action in List Execute offers increased flexibility for managing object categories efficiently.

• https://gitlab.com/tikiwiki/tiki/-/merge_requests/5972

To improve the user experience and reduce disruptions during maintenance or re-indexing operations, Tiki Manager now includes a robust Maintenance Warning System.

• https://gitlab.com/tikiwiki/tiki/-/merge_requests/6119

A new feature allows users to preview PDF versions of wiki pages in real time during the editing process. This enhancement leverages mPDF for PDF generation and provides a seamless, AJAX-based preview experience.
Key Features:

• Real-Time PDF Previews:
  • Users can generate a PDF preview of the current content directly from the editor, reflecting all unsaved changes.
  • Ensures that the final PDF format meets user expectations before saving edits.
• AJAX Integration:
  • Provides a smooth, dynamic preview experience without requiring a full page refresh.
• Editable Content Preview:
  • Only the content in the editor is used to generate the preview, ensuring accurate representation of pending changes.
• https://gitlab.com/tikiwiki/tiki/-/merge_requests/5960

Several bug fixes and enhancements have been added to Tiki28 for Markdown such as:

• Editor settings dialog fix of the Save button which was randomly disappearing
  • https://gitlab.com/tikiwiki/tiki/-/merge_requests/5324

Tiki now supports a new user preference allowing individuals to receive email notifications for their own comments, or when editing a page.
This preference is designed to help users stay informed about ongoing discussions, especially in workflows where follow-up on personal contributions is essential.

• https://gitlab.com/tikiwiki/tiki/-/merge_requests/5475

Tiki has introduced enhanced transparency and security measures for scenarios where administrators switch to user accounts.
So, this introduces:

• User Notifications:
  When an admin uses the Switch User feature, the affected user is notified of the activity.
• Customizable Preference:
  Administrators can activate or deactivate this feature based on organizational security policies.
• https://gitlab.com/tikiwiki/tiki/-/merge_requests/5632

SQL Query Logging Using PDO
The SQL logging mechanism in Tiki has been revamped to utilize the PHP PDO extension, replacing the previous reliance on ADODB.

• https://gitlab.com/tikiwiki/tiki/-/merge_requests/5879

• Enhanced Flexibility for Recording Storage.

This enhancement provides greater flexibility for storing recordings made with RecordRTC, addressing various use cases and improving integration with trackers and file galleries.

• https://gitlab.com/tikiwiki/tiki/-/merge_requests/5950

• The RecordRTC package is now bundled directly within Tiki, eliminating the need to fetch it as an external dependency. This change simplifies the installation process, reduces reliance on external sources, and ensures RecordRTC is always available for Tiki deployments.
  Key Changes:
  - Bundling RecordRTC: Added RecordRTC to Tiki’s npm build system, enabling it to be compiled and deployed as part of the Tiki codebase.
  - Deprecating External RecordRTC Package: Marked the external RecordRTC package as deprecated in the Tiki packages configuration with a note that it is now bundled with Tiki.

• https://gitlab.com/tikiwiki/tiki/-/merge_requests/6323

The search index rebuild process now includes the total time taken for the rebuild in all relevant outputs, making it easier to monitor and analyze performance.

Key Features:

• Console Output:
  When running php console.php index:rebuild --log, the total time taken for the rebuild is displayed at the end of the process.
• Web Report Integration:
  The web interface report for index rebuilds now includes the total rebuild duration, providing clear insights into the time spent on the operation.
• Log File Updates:
  Log entries now record the total time taken for the index rebuild, allowing administrators to track performance trends over time.
• https://gitlab.com/tikiwiki/tiki/-/merge_requests/6405

To improve the accuracy and user experience of search functionality, Tiki now introduces spelling suggestions and fuzzy search capabilities across multiple search engines.
Key Features:

• "Did You Mean?" Suggestions:
  • Provides spelling corrections for search queries, offering alternative suggestions when no exact matches are found.
  • Helps users refine their search queries for better results.
• Fuzzy Search Enhancements:
  • Improves search tolerance for typographical errors or slight variations in user input.
  • Matches results even when the search term is not an exact match.
• Multi-Engine Support:
  • Manticore Integration:
    • Fully supports "Did You Mean?" functionality with real-time suggestions.
    • Uses Manticore’s advanced features as outlined in their official demos and guides.
    • https://gitlab.com/tikiwiki/tiki/-/merge_requests/5705
  • MySQL:
    • Adds "Did You Mean?" capability to MySQL-based searches, enhancing the search experience for simpler setups.
    • https://gitlab.com/tikiwiki/tiki/-/merge_requests/6093
  • Elastic Search:
    • Implements fuzzy search and spelling suggestions, leveraging Elastic's robust query capabilities.
    • https://gitlab.com/tikiwiki/tiki/-/merge_requests/6229

Tiki 28 introduces sensible default scheduled tasks to streamline system maintenance. These tasks are automatically configured on new installations or upgrades, ensuring that essential maintenance actions "just work" without manual intervention.
Key Features:

• Pre-configured Default Tasks:
  The following tasks are included by default:
  • mail-queue:send: Send queued emails every minute.
  • sitemap:generate: Generate a sitemap daily at 02:00.
  • preferences:rebuild-index: Rebuild preferences index weekly at 02:30 on Sundays.
  • index:rebuild: Rebuild search index weekly at 02:45 on Sundays.
  • tokens:clear: Clear expired tokens weekly at 03:00 on Sundays.
• Automatic Initialization:
  Default tasks are created during the first interaction with the scheduler system (e.g., opening the admin interface, running the scheduler script, or setting up a cron job).
• Customizable Defaults:
  Administrators can modify or disable these defaults as needed, allowing flexibility while maintaining sensible defaults for typical setups.
• Version Tracking:
  A new preference, scheduler_default_tasks_version, ensures that default tasks are updated or created only when necessary, avoiding redundant reconfigurations.
• https://gitlab.com/tikiwiki/tiki/-/merge_requests/6067

Shoelace Color Picker has been added to all editors using a color picker and presents many advantages such as improving the presentation of the set of predefined colors

• https://gitlab.com/tikiwiki/tiki/-/merge_requests/5400

This enhancement supports the creation of temporary users for streamlined testing and access scenarios.

• https://gitlab.com/tikiwiki/tiki/-/merge_requests/5986

• New toolbar element added to make it easier to refer to a file in a comment on a tracker item by creating a link to the attached file
  • https://gitlab.com/tikiwiki/tiki/-/merge_requests/5379
• New button added to launch the list of all plugins
  • https://gitlab.com/tikiwiki/tiki/-/merge_requests/5242

Several bug fixes and enhancements have been added to Trackers:

• A migration has been applied that updates the configuration related to unified_trackerfield_keys. The option fieldId has been replaced by permName (Permanent Name). This change affects any tracker fields or configurations that previously used fieldId.
  If your system was relying on the fieldId configuration (from older versions), this will no longer be valid after the migration.
  All references to fieldId have been updated to use permName.

• https://gitlab.com/tikiwiki/tiki/-/merge_requests/5824
• Use of Sortable.js library to make it possible to drag and drop fields on mobile touch devices
  • https://gitlab.com/tikiwiki/tiki/-/merge_requests/5462
• Offline trackers as part of PWA feature
  • https://gitlab.com/tikiwiki/tiki/-/merge_requests/4654
• Redirect param to insert item
  • https://gitlab.com/tikiwiki/tiki/-/merge_requests/5149

With this new feature, site administrators can enforce 2FA for specific users, user groups, or even all users. This enhancement adds flexibility and security, particularly for high-permission users.

• New Preferences Added:

1. Force all users to use 2FA (twoFactorAuthAllUsers): Mandatory activation of 2FA for every user.
2. Force users in indicated groups to enable 2FA (twoFactorAuthIncludedGroup): Require users in specified groups to activate 2FA.
3. Force indicated users to enable 2FA (twoFactorAuthIncludedUsers): Mandate 2FA for specific users.
4. Do not force users in the indicated groups to enable 2FA (twoFactorAuthExcludedGroup): Exceptions for users in selected groups.
5. Do not force indicated users to enable 2FA (twoFactorAuthExcludedUsers): Exceptions for selected users

• https://gitlab.com/tikiwiki/tiki/-/merge_requests/5956

Several major updates to Unified Admin Backend, issues fixed, and enhancements made:

• Make the UAB CSS and layout work on the other admin and management pages: https://gitlab.com/tikiwiki/tiki/-/merge_requests/6081

This preference sets the "user must change password at next login" option (user_must_change_password_set_default_on) as checked by default, ensuring new users are prompted to update their admin-assigned password on first login.

• https://gitlab.com/tikiwiki/tiki/-/merge_requests/5424

Comments UX + Notifications Revamp.
This enhancement improves the user experience for comments and notifications in collaborative team settings, in such a way that:

• When creating or saving a comment, or making changes to a wiki page, tracker item, or ticket, the confirmation info bubble now indicates who is monitoring the page/item and who was notified of the change.
• It adds transparency within teams, reducing the need to manually notify others through external channels (e.g., chat)
• https://gitlab.com/tikiwiki/tiki/-/merge_requests/5318

Significant updates have been made to the Activity Stream feature to provide better control and user feedback regarding its usage and configuration.

• https://gitlab.com/tikiwiki/tiki/-/merge_requests/6275

A new enhancement to the PluginEvent introduces the ability to display a list of attendees for events directly within the plugin.

• https://gitlab.com/tikiwiki/tiki/-/merge_requests/6210