Tiki30
Tiki 30.0 LTS will be released in February 2026.
It is a Long Term Support (LTS) version and will be supported until February 2031 as per the Tiki lifecycle policy. This release is more about refining features than major changes. After this release, there will be major changes in Tiki31.
You can see the development page at : https://dev.tiki.org/Tiki30 and all the code commits here: https://gitlab.com/tikiwiki/tiki/-/commits/30.x/ once it will be created (in 2026-01).
1. Infrastructure
(alphabetically sorted)
1.1. Asset Caching & Headers Improvements
Tiki now sets precise HTTP caching headers for files served via its PHP download mechanism.
- Public assets can be cached with an admin-configurable max-age
- Restricted assets are explicitly marked as non-cacheable (`private, no-store, no-cache`)
This enhancement improves performance for anonymous users while maintaining strict access controls.
1.2. BigBlueButton
Tiki’s integration with BigBlueButton now uses the official bigbluebutton-api-php package, replacing legacy custom code and modernizing the connection to support future interoperability features more reliably.
1.3. Dependency Upgrades
Composer and JavaScript libraries were upgraded to support modern PHP and JS environments, reduce technical debt, and enhance security.
- The Converse.js library has been upgraded to version 11 to improve security and address issues flagged by `npm audit`.
- HTML Purifier Migration to HTML5-Compatible Fork: This migration ensures cleaner and standards-compliant output in Tiki.
- html2canvas Upgrade, Upgraded from version "1.0.0-RC.5" (release candidate) to "~1.4" (stable release).
- mohlsen/check-engine replaced deprecated check-engines package
- Plotly.js upgraded from "1.58.5" to "3.0.3", this update ensured compatibility with the newer Plotly API and resolved
npm auditwarnings related to "Plotly 1.x"
1.4. MediaAlchemyst Package Migration
The abandoned "media-alchemyst/media-alchemyst" Composer package has been replaced with the official Tiki-maintained fork "tikiwiki/media-alchemyst".
All package references, runtime checks, and CI configuration have been updated to ensure continued support for document preview and OCR features. This migration secures long-term compatibility and stability for media processing in Tiki.
2. Enhancements
(alphabetically sorted)
2.1. Blending Permission Scope System
A new preference has been added for permission scope handling, giving administrators more flexibility.
- Traditional strict scope: the nearest defined scope wins
- Blending scope: permissions are merged from nearest to farthest using an additive operation
This enhancement provides more granular control over permission inheritance and enforcement.
2.2. Console
New Console commands:
- ExportPDF:
A new ListExecute action and console command (php console.php page:print "PageName") have been introduced to export wiki pages as PDF.
2.3. Cypht Calendar Invitations – Archive Confirmed Emails
When a calendar invitation received by email is confirmed and added to the Calendar, the original email is now archived instead of being discarded.
This ensures the invitation and its attachments remain available for reference alongside the calendar event.
2.4. File Galleries – Flexible Rules for Display Names
Tiki now offers flexible control over how file display names are generated upon upload, replacing the previous "one-size-fits-all approach". This new system allows administrators to set rules both globally and on a per-gallery basis.
This enhancement introduces a two-level preference system:
- New Global Default: A new site-wide preference has been added, with the default behavior now set to preserve original filenames exactly as they are uploaded.
- Per-Gallery Rules: Administrators can override the global setting for any individual gallery. This allows for different rules based on context.
For example, a 'Marketing Photos' gallery can be configured to use Title Case for a uniform look, while a 'Technical Documents' gallery can be set to Preserve the original, precise filenames.
2.5. Improves overall navigation usability
- Accessibility – Support for Prefers-Reduced-Motion: Tiki now honors the prefers-reduced-motion OS setting, removing cosmetic animations site-wide while preserving user-initiated interactions, improving accessibility for users with motion sensitivity and benefiting those on low-end devices or with limited battery.
- Dropdown Menu Dynamic Opening Direction: Submenus now automatically adjust their opening direction based on available screen space.
- File Gallery List Display: The file gallery listing now displays the category assigned to each file.
- Sidebar Behavior on Small Screens: The sidebar display has been improved to respect user preferences, resolving an issue where collapsed sidebars could render incorrectly on smaller viewports. This update enhances consistency across split-screen and responsive layouts.
2.6. Plugins
2.6.1. PluginImg Reflection Update
Image reflections can now be enabled directly through PluginImg options, using a modern CSS-based reflection feature.
2.6.2. RSS Plugin
The RSS plugin now fully supports the max, sortBy, and sortOrder parameters for URL-based feeds.
- max: Control the number of feed items displayed.
- sortBy: Define the field used for sorting feed items.
- sortOrder: Specify the sorting direction (ascending or descending).
This enhancement works directly with URL-based feeds, not just database-stored items.
2.7. Scheduler – Improved Notifications and Reliability
The scheduler notification system has been improved with the following changes::
- Consolidating preferences,
- Introducing an admin notification option,
- Adding a stalled jobs banner with filtering, and
- Fixing issues with
scheduler_users_to_notify_on_stalledto ensure alerts reach only intended recipients.
2.8. Tiki API
The Tiki API now supports uploading new versions of files while respecting the file gallery archive limit, preventing uncontrolled growth and enabling reliable use in IoT and high-frequency update scenarios.
2.9. Tracker
2.9.1. "Display as Password" Option for Text Fields
A new option has been added to tracker Text Fields to securely handle passwords or other sensitive data.
When the "Display as password" parameter is enabled:
- The input field is rendered as a password field with a show/hide toggle
- Stored values are masked (****) in item views
- Values are excluded from the search index, preventing accidental exposure via plugins like trackerlist
If the user sets the Validation Type to "Password", the "Display as password" option is automatically enabled for convenience
2.9.2. Import-Export Formats: Multi-Table Joins with Remote ODBC
The import-export system now supports joining multiple tables with remote ODBC sources, allowing users to map columns across tables for flexible external data integration. This update also introduces an ItemLink sort option to improve data handling.
2.9.3. Tracker Calendar Auto-Sync Improvements
The Tracker Calendar plugin now supports automatic synchronization of event dates with tracker fields, including the ability to use multiple calendar item fields per tracker item. This allows managing different expiry dates or variations within a single item.
This update also improves:
- Handling of date vs. datetime fields.
- Respect for all-day event settings.
2.9.4. Tracker Import-Export – Multiple Format Sync
Trackers can now be synchronized to multiple formats simultaneously, expanding flexibility for data exchange by supporting parallel syncing and improving import/export workflows.
2.9.5. Tracker Items List – Field Visibility for Non-Admins
Non-admin users can now customize which tracker fields are visible in the items list. Checkboxes have been added for all visible fields, and user preferences are stored in the Tiki database. This ensures that each user's view is personalized without affecting others.
2.9.6. Trackers Listing: Make Categories Column Items Hyperlinks
The tracker list interface now converts entries in the Categories column into clickable hyperlinks, allowing users to navigate directly from a tracker item to its associated category.
2.10. SAML Authentication
Previously, when SAML was enabled as the authentication method, only the admin user could log in using Tiki’s default authentication. Now, all users with Admin privileges can access the fallback Tiki authentication, maintaining a secure login flow while offering greater flexibility and simplifying access for administrators.
3. Removals
- check-engines: Replaced deprecated package with the actively maintained "mohlsen/check-engine"
- Plotly.d3 and d3-color: Replaced with native DOM methods
This ensures long-term compatibility with the new Plotly.js API. - HTML Purifier: Replaced with an actively maintained, HTML5-compatible fork
- jQuery Reflection Plugin : Replaced with native CSS-based reflections in PluginImg.
4. Mass cleanups
Mass cleanups across 15+ files reduced technical debt. Some bugs may have slipped through—please report any issues for prompt resolution.
- https://gitlab.com/tikiwiki/tiki/-/merge_requests/8336
- https://gitlab.com/tikiwiki/tiki/-/merge_requests/8259
- https://gitlab.com/tikiwiki/tiki/-/merge_requests/8273
- https://gitlab.com/tikiwiki/tiki/-/merge_requests/8260
- https://gitlab.com/tikiwiki/tiki/-/merge_requests/8249
- https://gitlab.com/tikiwiki/tiki/-/merge_requests/8246
- https://gitlab.com/tikiwiki/tiki/-/merge_requests/8194
- https://gitlab.com/tikiwiki/tiki/-/merge_requests/8158