==== New external libraries ====
* Added wikimedia/password-blacklist 0.1.4.
+* Added guzzlehttp/guzzle 6.3.3.
* …
-* Added guzzlehttp/guzzle 6.3.3 and dependents:
- * guzzlehttp/promises 1.3.1
- * guzzlehttp/psr7 1.5.0
- * psr/http-message 1.0.1
- * ralouphie/getallheaders 2.0.5
==== Changed external libraries ====
* Updated wikimedia/xmp-reader from 0.6.0 to 0.6.1.
* …
=== Bug fixes in 1.33 ===
+* (T164211) Special:UserRights could sometimes fail with a
+ "conflict detected" error when there weren't any conflicts.
* …
=== Action API changes in 1.33 ===
returns the same information in a more useful format.
* For Linker::generateTOC() and Linker::tocList(), passing strings or booleans
as the $lang parameter was deprecated. The same applies to DummyLinker.
+* The PasswordPolicy 'PasswordCannotBePopular' has been deprecated. To
+ follow best practices, it is reccommended to use 'PasswordNotInLargeBlacklist'
+ instead which blacklists 100,000 commonly used passwords.
+* (T208862) Action::requiresUnblock() is now called from
+ Title::getUserPermissionsErrors() and Title::userCan(). Previously, the method
+ was only called in Action::checkCanExecute(). Actions should ensure that their
+ requiresUnblock() returns the proper result (the default is `true`).
* …
=== Other changes in 1.33 ===