Drupal News

This is all about Drupal

  • Drupal Planet

    Community Working Group posts: 2019 Aaron Winborn Award Winner: Leslie Glynn

    17 hours 44 minutes ago

    During the opening plenary at DrupalCon Seattle, the members of the Drupal Community Working Group announced the winner of the 2019 Aaron Winborn Award, Leslie Glynn (leslieg).

    The award is named after a long-time Drupal contributor who lost his battle with ALS in 2015. This award recognizes an individual who, like Aaron, demonstrates personal integrity, kindness, and an above-and-beyond commitment to the Drupal project and community. Previous winners of the award are Cathy Theys, Gabór Hojtsy, Nikki Stevens, and Kevin Thull. Current CWG members, along with previous winners, selected the winner based on nominations submitted by Drupal community members.

    This year, there were 18 individuals nominated for the award. In the coming weeks, the CWG will be contacting all nominees to let them know of their nomination and thank them for their continued work in the community.

    In addition to the physical award presented to Leslie during the announcement, Leslie was also provided with a free ticket to DrupalCon Seattle as well as travel expenses. 

    Leslie has over 30 years experience in the software development field and has been working with Drupal since 2011. She has been involved in Drupal project management, site building, and client support. She has organized and mentored Drupal sprints, has offered trainings at Drupal camps and DrupalCons, and has volunteered at - as well as help organize - many camps across the United States especially in New England.

    Multiple people nominated Leslie for this award. One of them wrote, “If you have ever attended a North American Drupalcon, BADCamp, NYCCamp, NEDCamp, Design4Drupal, or any other major North American Drupal event, then you have seen Leslie. She is a constant inspiration of how our community, and each one of us, should work and act."

    Another one of her nominators wrote, “Leslie is a dependable, passionate, kind, and giving individual and the Drupal community is extremely fortunate to have her."

    Nominations for the 2020 award will open in early 2020.

    Mass.gov Digital Services: Our DrupalCon 2019 Recap

    18 hours 37 minutes ago
    DrupalCon 2019 RecapWhat we learned from our fellow Drupalists

    On April 7th, our team packed up our bags and headed off to Seattle for one of the bigger can’t miss learning events of the year, DrupalCon.

    “Whether you’re C-level, a developer, a content strategist, or a marketer — there’s something for you at DrupalCon.” -https://events.drupal.org/

    As you may have read in one of our more recent posts, we had a lot of sessions that we couldn’t wait to attend! We were very excited to find new ideas that we could bring back to improve our services for constituents or the agencies we work with to make digital interactions with government fast, easy, and wicked awesome. DrupalCon surpassed our already high expectations.

    GovSummit

    At the Government Summit, we were excited to speak with other state employees who are interested in sharing knowledge, including collaborating on open-source projects. We wanted to see how other states are working on problems we’ve tried to solve and to learn from their solutions to improve constituents’ digital interactions with government.

    One of the best outcomes of the Government Summit was an amazing “birds of a feather” (BOF) talk later in the week. North Carolina’s Digital Services Director Billy Hylton led the charge for digital teams across state governments to choose a concrete next step toward collaboration. At the BOF, more than a dozen Massachusetts, North Carolina, Georgia, Texas, and Arizona digital team members discussed, debated, and chose a content type (“event”) to explore. Even better, we left with a meeting date to discuss specific next steps on what collaborating together could do for our constituents.

    Session Highlights

    The learning experience did not stop at the GovSummit. Together, our team members attended dozens of sessions. For example, I attended a session called “Stanford and FFW — Defaulting to Open” since we are starting to explore what open-sourcing will look like for Mass.gov. The Stanford team’s main takeaway was the tremendous value they’ve found in building with and contributing to Drupal. Quirky fact: their team discovered during user testing among high-school students that “FAQ” is completely mysterious to younger people: they expect the much more straightforward “Questions” or “Help.”

    Another session I really enjoyed was called “Pattern Lab: The Definitive How-to.” It was exciting to hear that Pattern Lab, a tool for creating design systems, has officially merged its two separate cores into a single one that supports all existing rendering engines. This means simplifying the technical foundation to allow more focus on extending Pattern Lab in new and useful ways (and less just keeping it up and running). We used Pattern Lab to build Mayflower, the design system created for the Commonwealth of Massachusetts and implemented first on Mass.gov. We are now looking at the best ways to offer the benefits of Mayflower — user-centeredness, accessibility, and consistent look and feel — to more Commonwealth digital properties. Some team members had a chance to talk later to Evan Lovely, the speaker and one of the maintainers of Pattern Lab, and were excited by the possibility of further collaboration to implement Mayflower in more places.

    There were a variety of other informative topics. Here are some that my peers and I enjoyed, just to name a few:

    A Day in the Exhibit HallOur exhibit hall booth at DrupalCon 2019Talking to fellow Drupalists at our booth

    On Thursday we started bright and early to unfurl our Massachusetts Digital Service banner and prepare to greet fellow Drupalists at our booth! We couldn’t have done it without our designer, who put all of our signs together for our first time exhibiting at DrupalCon (Thanks Eva!)

    It was remarkable to be able to talk with so many bright minds in one day. Our one-on-one conversations took us on several deep dives into the work other organizations are doing to improve their digital assets. Meeting so many brilliant Drupalists made us all the more excited to share some opportunities we currently have to work with them, such as the ITS74 contract to work with us as a vendor, or our job opening for a technical architect.

    We left our table briefly to attend Mass.gov: A Guide to Data-Informed Content Optimization, where team members Julia Gutierrez and Nathan James shared how government agencies in Massachusetts are now making data-driven content decisions. Watch their presentation to learn:

    1. How we define wicked awesome content
    2. How we translate indicators into actionable metrics
    3. The technology stack we use to empower content authors
    The Splash Awards

    To cap it off, Mass.gov, with partners Last Call Media and Mediacurrent, won Best Theme for our custom admin theme at the first-ever Global Splash awards (established to “recognize the best Drupal projects on the web”)! An admin theme is the look and feel that users see when they log in. The success of Mass.gov rests in the hands of all of its 600+ authors and editors. We’ve known from the start of the project that making it easy and efficient to add or edit content in Mass.gov was key to the ultimate goal: a site that serves constituents as well as possible. To accomplish this, we decided to create a custom admin theme, launched in May 2018.

    A before-and-after view of our admin theme

    Our goal was not just a nicer looker and feel (though it is that!), but a more usable experience. For example, we wanted authors to see help text before filling out a field, so we brought it up above the input box. And we wanted to help them keep their place when navigating complicated page types with multiple levels of nested information, so we added vertical lines to tie together items at each level.

    Last Call Media founder Kelly Albrecht crosses the stage to accept the Splash award for Best Theme on behalf of the Mass.gov Team.All the Splash award winners!

    It was a truly enriching experience to attend DrupalCon and learn from the work of other great minds. Our team has already started brainstorming how we can improve our products and services for our partner agencies and constituents. Come back to our blog weekly to check out updates on how we are putting our DrupalCon lessons to use for the Commonwealth of Massachusetts!

    Interested in a career in civic tech? Find job openings at Digital Service.
    Follow us on Twitter | Collaborate with us on GitHub | Visit our site

    Our DrupalCon 2019 Recap was originally published in Massachusetts Digital Service on Medium, where people are continuing the conversation by highlighting and responding to this story.

    Specbee: Is Drupal 8 the secret weapon for your Multilingual Website?

    1 day 7 hours ago
    As the internet continues to grow, more people around the world are getting familiar with it, and this means just one thing. If you need to internationalize your business for better revenue, you need to go multilingual! For most of the CMS tools, non CMS languages and frameworks, creating a multilingual website is a challenging task with numerous pain points. However, thankfully, this is not the case with Drupal CMS. 

    Duo Consulting: Accessibility Lessons from DrupalCon Seattle

    1 day 20 hours ago

    In the Drupal community, the annual DrupalCon show is the biggest event of the year. Held in a different city each year, the event brings Drupal users together for a week of sessions and networking.

    With so many people and agencies committed to Drupal in attendance, DrupalCon is the perfect opportunity to provide training and guidance. This year’s show, DrupalCon Seattle, dedicated its first two days to community summits and full-day training sessions. One of these summits tackled one of the most prevalent issues of the year for Drupal: Accessibility. Through a combination of keynotes, panels and breakout sessions, the summit’s organizers gave attendees actionable insights and new perspectives on front-end accessibility.

    The day kicked off with a keynote from OpenConcept’s Mike Gifford, who spoke about his agency’s work with the Canadian National Institute of the Blind (CNIB). For the organization’s 100-year anniversary, the CNIB sought a rebrand and redesign with an emphasis on making their site’s content more accessible. As OpenConcept learned, creating an accessible platform is easier said than done. To illustrate how difficult the process can be, Gifford wryly offered this Donald Rumsfeld quote:

    There are known knowns; there are things we know we know. We also know there are known unknowns; that is to say we know there are some things we do not know. But there are also unknown unknowns — the ones we don't know we don't know.

    In the context of web development, accessibility is often an “unknown unknown.” Without extensive testing, programmers won’t know that any given element won’t limit access for certain users. As such, one of the major lessons that Gifford shared was the importance of manual testing.

    “Automated accessibility testing will only get you 25 percent of the way there,” Gifford said. “Manual testing is essential, and this mostly comes down to getting rid of your mouse and tabbing through a site."

    As Gifford and speakers from subsequent panels noted, the best method for testing a site’s accessibility is to actually use it. While a lot of problems can be found by, as Gifford said, unplugging your mouse and using the “tab” key to navigate, this approach can still miss blind spots that able-bodied users wouldn’t consider. Alternatively, hiring disabled users to perform QA testing on a given site is often the best solution. 

    This ethos is especially true when building mobile sites. Another keynote speaker, Gian Wild of AccessibilityOz, covered the mobile accessibility testing process in detail. Manual testing on real devices can root out common traps, like if a site’s buttons are too small to be navigated with a finger or if links aren’t underlined. For more common errors, Wild’s slide deck can be found here.

    As important as manual testing is, though, automated accessibility tools are a vital element of the accessible design arsenal. Though pervasive and subtle errors still require hands-on QA testing, automated solutions will identify many more thousands of minor issues in a fraction of the time. As such, using these tools in coordination with manual testing will ensure that your site is as accessible as can be.

    During the final breakout session of the summit, attendees shared which tools they think work best for rooting out accessibility issues, many of which conveniently come in the form of browser extensions. Some commonly mentioned tools included:

    We’ve previously profiled several accessibility tools, and you see which one is best for you here.

    As challenging as accessibility testing can be, the reward of expanding your audience is well worth it. Fortunately, the Drupal platform helps ensure out-of-the-box accessibility features. During his keynote, Gifford pointed out that Drupal design patterns have already been tested, known bugs are listed transparently, and the development community actually cares about the issue. In fact, OpenConcept’s work for CNIB produced several fixes and modules that can now be utilized by any Drupal user. These contributions and further info about the CNIB redesign can be found on Gifford’s slide deck here

    With a senior-level team of designer and developers, Duo can apply these lessons to sites across industries. Our commitment to accessibility means that every site we build will be open to all users. To learn more about our process and values, reach out to our team today!

    OpenSense Labs: Changing Businesses Using Artificial Intelligence and Drupal

    2 days 12 hours ago
    Changing Businesses Using Artificial Intelligence and Drupal Shankar Thu, 04/18/2019 - 07:17

    Advancements in artificial intelligence (AI) are opening up a plenitude of possibilities in different industries. Efforts like Robotics at Google, for instance, are showing the world the way forward. Google is working on machines that may not be as eye-catching as humanoid robots but will have subtly more advanced technology inside them. The idea is to let them learn skills on their own and sort through a bin of unfamiliar objects or navigate a warehouse that is filled with unexpected obstacles. And in the healthcare sector, while the doctors are already using AI for diagnosing and treating medical conditions, Dr. Eric Topol, in his book called Deep Medicine, says that AI can do much more than that. AI can save doctors from performing tasks like jotting down notes and reading scans and allow them to spend more time connecting with their patients. The AI’s influence in different fields will make for an endless list.


    It is true that AI is growing at a fast clip. But, currently, it is still dependable on human intelligence. Nevertheless, AI is here to stay and will only get better with time.

    In the web landscape, too, AI has the provision for a superabundance of use cases. Drupal, as one of the leading content management frameworks, has been a pioneer when it comes to giving a push to digital innovation. Drupal, replete with modules for implementing AI, can lay the groundwork for a more AI-centric future for your digital business.

    Unwrapping artificial intelligence

    The term ‘Artificial Intelligence’ was coined by Dartmouth professor John McCarthy in the summer of 1956 when he invited a small group to spend some weeks musing on how to enable machines to do things like use language. He pinned high hopes on the breakthrough of human-level machines. Since then, artificial intelligence has come a long way and will undergo a lot of research and development in the coming years.

    AI can emulate human performance by learning from it.

    Gartner states that “AI applies advanced analysis and logic-based techniques, including machine learning, to interpret events, support and automate decisions, and take actions”. Commonly, definitions of AI emphasise on automation. But AI can emulate human performance by learning from it. This can come very handy as it gives a plethora of opportunities to IT and business leaders.

    Adopting AI in businesses

    When it comes to adoption of AI in the business workflow, organisations need a well-planned strategy to measure their firm against the AI maturity model, states Gartner.

    Source: Gartner

    AI maturity model can help in identifying where your firm is on the potential growth curve and decide what steps should be taken by discussing it with the management. Some organisations can be doing conversations about AI and are in an Awareness stage. There can be firms in the Active stage who may be including AI in proofs of concept and pilot projects. Organisations can be termed to be in the Operational stage when at least one of their AI projects has moved to production. Business organisations can be said to be in the Systematic stage when they, at least, start considering AI for all of their new digital projects. Once you figure out what stage you are in, you can aim for reaching the Transformational stage and make AI a part of your DNA with the help of top-notch, adaptive strategy and by giving more room for experimentation.
     
    As you start implementing AI in your business, it is important to identify the right use cases i.e. the key business hurdles that can be resolved by the capabilities of AI. And there is no dearth of what AI has to offer as can be seen in the figure below.


    A combo of AI and Drupal

    AI has made its foray into different industries and has opened up new opportunities for improving business workflow. Web development is one of the areas where artificial intelligence can be leveraged to a great extent. Some of the examples of how Drupal can be of great use to leverage artificial intelligence are:

    Chatbots

    Artificial intelligence can be of great help in imbibing cognitive computing abilities, that simulates human thought processes in a computerised model, in a website. This can be done in the form of chatbots. Drupal’s Chatbot API module can offer fantastic conversational experiences. Chatbot API gives you a common flexible additional layer that comes in between Drupal, your Natural Language Processing (NLP) and your several chatbots and personal assistants thereby making your website chatbot-friendly. This assists in avoiding the need for writing new code whenever you have to translate conversational experience from one interface to another.

    Web personalisation

    Personalisation of the web content is done on the basis of a person’s digital persona. Content can be recommended to the users based on their profile or past activities. For instance, if they are searching for a blue shirt, something like this would work - “Here are more blue shirts”. Or, if a user is reading about futuristic technologies, then something like this may work - “Read more articles like this”. Artificial intelligence can improve even further.


    A session at DrupalCon Baltimore 2017 talked about personalising web content using machine learning (a subset of AI). They demonstrated Deep Feeling, a proof-of-concept project, that leverages machine learning techniques to enhance content recommendations to the users. They utilised Instagram API for accessing a user’s stream-of-consciousness and filtered their feeds via a computer vision API. This was, then, used to detect and learn subtle themes about the user’s predilections. On getting a notion about the sort of experiences the user thinks are worth sharing, user’s characteristics were matched against their own databases. The proof-of-concept involved Acquia lift service and Drupal 8.

    Multilingual platform

    “In keeping with our deep integrations to Web Content Management, Content Management Systems, and Marketing Automation platforms, our Drupal 8 connector is the latest example of Cloudwords building integrations that speed and scale a company’s global marketing engagements with personalized experiences in any language”, said Richard Harpham, former CEO at Cloudwords Inc.
     
    Cloudwords for Multilingual Drupal module offers a superfast and efficacious way of governing the process of making your site multilingual. On installing this module, your content can be served in multiple languages to the market. Its powerful workflow automation and project management capabilities enable you to choose the content that you want to localise and the rest of the process is taken care of by Cloudwords. Its CAT tool utilises artificial intelligence and machine learning for enhancing productivity.

    Deriving insights from your images

    Google’s artificial intelligence capabilities can be applied for solving the obstacles of content management at scale. A session held at Badcamp 2018 exhibited how can content editors keep up with reviews during a continuous stream of content submissions.


    For this, Google Cloud Vision API was utilised. Google Vision API offers image labelling as it detects an object automatically and even provides data about objects such as its position within the image. It can also detect text within the images. It can assess your image and identify if it contains adult content, violence and so on. Google Cloud Vision API can be configured with Drupal via the Drupal module. This enables you o automatically add metadata to uploaded media and allow explicit content detection on image fields.

    Conclusion

    We can do so much with artificial intelligence just as there is much that we have done with the wheel. But to consider AI as an outright replacement for human intelligence is not the right thing to do. AI can improve our lives and it is important to figure how to leverage it for our betterment.
     
    Drupal, a catalyst giving importance to digital innovation and emerging technologies, can be used in combination with AI to build futuristic solutions.
     
    We have been working towards the provision of better digital experience and offer a suite of services. Let us know at hello@opensenselabs.com how you want us to be part of your digital transformation endeavours.

    blog banner blog image Blog Type Articles Is it a good read ? On

    Tandem's Drupal Blog: Transparency in Picking a Digital Partner

    2 days 14 hours ago
    April 18, 2019 Why we use services like Clutch.co to help you pick a digital partner faster. Picking a digital partner is hard. What firm can understand your strategy, translate that into conversion-increasing design, and then develop a website on your chosen technology platform? After reading multiple proposals and sifting through digital agenc...

    myDropWizard.com: Drupal 6 core security update for SA-CORE-2019-006

    2 days 17 hours ago

    As you may know, Drupal 6 has reached End-of-Life (EOL) which means the Drupal Security Team is no longer doing Security Advisories or working on security patches for Drupal 6 core or contrib modules - but the Drupal 6 LTS vendors are and we're one of them!

    Today, there is a Moderately Critical security release for Drupal core to fix a vulnerability in jQuery. You can learn more in the security advisory:

    Drupal core - Moderately Critical - Third-party Libraries - SA-CORE-2019-006

    Here you can download the Drupal 6 patch to fix, or a full release ZIP or TAR.GZ.

    If you have a Drupal 6 site, we recommend you update immediately! We have already deployed the patch for all of our Drupal 6 Long-Term Support clients. :-)

    FYI, there was another Drupal core security release made today (SA-CORE-2019-005) but that one doesn't affect Drupal 6, because Drupal 6 doesn't depend on Symfony.

    If you'd like all your Drupal 6 modules to receive security updates and have the fixes deployed the same day they're released, please check out our D6LTS plans.

    Note: if you use the myDropWizard module (totally free!), you'll be alerted to these and any future security updates, and will be able to use drush to install them (even though they won't necessarily have a release on Drupal.org).

    Security advisories: Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2019-006

    2 days 18 hours ago
    Project: Drupal coreDate: 2019-April-17Security risk: Moderately critical 10∕25 AC:Complex/A:Admin/CI:Some/II:Some/E:Theoretical/TD:UncommonVulnerability: Cross Site ScriptingDescription: 

    The jQuery project released version 3.4.0, and as part of that, disclosed a security vulnerability that affects all prior versions. As described in their release notes:

    jQuery 3.4.0 includes a fix for some unintended behavior when using jQuery.extend(true, {}, ...). If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype. This fix is included in jQuery 3.4.0, but patch diffs exist to patch previous jQuery versions.

    It's possible that this vulnerability is exploitable with some Drupal modules. As a precaution, this Drupal security release backports the fix to jQuery.extend(), without making any other changes to the jQuery version that is included in Drupal core (3.2.1 for Drupal 8 and 1.4.4 for Drupal 7) or running on the site via some other module such as jQuery Update.

    Solution: 

    Install the latest version:

    Versions of Drupal 8 prior to 8.5.x are end-of-life and do not receive security coverage.

    Also see the Drupal core project page.

    Additional information

    All advisories released today:

    Updating to the latest Drupal core release will apply the fixes for all the above advisories.

    Reported By: Fixed By: 

    Security advisories: Drupal core - Moderately critical - Multiple Vulnerabilities - SA-CORE-2019-005

    2 days 18 hours ago
    Project: Drupal coreDate: 2019-April-17Security risk: Moderately critical 14∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:DefaultVulnerability: Multiple Vulnerabilities Description: 

    This security release fixes third-party dependencies included in or required by Drupal core.

    • CVE-2019-10909: Escape validation messages in the PHP templating engine. From that advisory:

      Validation messages were not escaped when using the form theme of the PHP templating engine which, when validation messages may contain user input, could result in an XSS.

    • CVE-2019-10910: Check service IDs are valid. From that advisory:

      Service IDs derived from unfiltered user input could result in the execution of any arbitrary code, resulting in possible remote code execution.

    • CVE-2019-10911: Add a separator in the remember me cookie hash. From that advisory:

      This fixes situations where part of an expiry time in a cookie could be considered part of the username, or part of the username could be considered part of the expiry time. An attacker could modify the remember me cookie and authenticate as a different user. This attack is only possible if remember me functionality is enabled and the two users share a password hash or the password hashes (e.g. UserInterface::getPassword()) are null for all users (which is valid if passwords are checked by an external system, e.g. an SSO).

    Solution: 

    Install the latest version:

    Versions of Drupal 8 prior to 8.5.x are end-of-life and do not receive security coverage.

    Also see the Drupal core project page.

    Additional information

    All advisories released today:

    Updating to the latest Drupal core release will apply the fixes for all the above advisories.

    Reported By: Fixed By: 

    Lullabot: Rocket Ship Fast Jobs in CircleCI by Preinstalling the Database

    2 days 20 hours ago

    CircleCI is great at enabling developers defining a set of images to spin up an environment for testing. When dealing with a website with a database, the usual build process involves downloading a database dump, installing it, and then performing tests. Here is a sample job that follows this approach. Notice where the majority of the time is allocated:

    WeKnow: Drupalcon Seattle 2019 Recap

    2 days 20 hours ago
    Drupalcon Seattle 2019 Recap

    DrupalCon Seattle 2019 was my second Drupal Conference. Everybody enjoys travel, and everybody should enjoy learning while at it! This year I had the opportunity to do both, taking benefit of the Professional Development Program that weKnow offers as well as taking my family on vacation.

    The Washington State Convention Center

     

    In my first hours in Seattle, I joined my teammates, got my credentials and the full information about the event... I was surprised by the variety of sessions available! One difference compared to Nashville 2018, this year there were only 2 days for room conferences, but the quantity looks similar. In fact, I did attend more sessions this year than in 2018.

    dsabolo Wed, 04/17/2019 - 17:42

    Aten Design Group: Placing Components with Drupal's Extra Fields

    2 days 21 hours ago

    One of the challenges front-end developers face is adding new components to entity templates that exist outside of what is defined in the Field API; or in other words, adding dynamic components that aren’t really fields. Often this can be easily done by throwing the custom markup in a .html.twig file and calling it a day. But if you’re working on something that needs to be reusable, or if you’re collaborating with a site builder who doesn’t write code, the custom template route can be limiting.

    Enter hook_entity_extra_field_info().

    Content Moderation: A “Pseudo-Field” in Core

    Drupal’s documentation says this hook “exposes ‘pseudo-field’ components on content entities.” You can see this hook in action with the Content Moderation module in core. All moderation-enabled entities can have an option box, placed via that entity’s Manage Display page, that contains a widget to update an entity’s moderation state in place rather than clicking through to the edit page.

    The moderation option isn’t a real field. Rather, it’s what Drupal calls a “Pseudo Field.” But by using hook_entity_extra_field_info(), you wouldn’t know the difference. The moderation option can be moved around and configured for various display modes, just like “real” fields.

    Using hook_entity_extra_field_info in a Custom Module

    On a recent project, we needed to integrate a newer commenting service called Coral Talk. After searching, we learned that no module existed to integrate this service in Drupal. This presented a perfect use case for an Extra Field, and only needed two hooks for the bulk of the work:

    /** * Implements hook_entity_extra_field_info(). */ function coral_talk_entity_extra_field_info() { // Load commenting configuration. $config = \Drupal::config(coral_talk.settings'); $extra = [];   // Loop over the content types configured to have comments // and get their bundle name. foreach ($config->get('content_types') as $bundle) { if ($bundle) { // Add info for Extra Field to nodes only, specific to configured // content types. This determines what shows on Manage Display. $extra['node'][$bundle]['display'][‘coral_talk_comments'] = [ 'label' => t(‘Coral Talk Comments'), 'description' => t('Place commenting on the page.'), 'weight' => 100, 'visible' => TRUE, ]; } }   // Return our new extra field. return $extra; }

    After a cache clear, this new field will appear on the configured content types’ Manage Display page and can be placed on the content type along with the other fields for that content type. Now that the field is defined, it needs some info for what should be rendered to the page. This is handled by Drupal’s hook_ENTITY_TYPE_view() hook.

    /** * Implements hook_ENTITY_TYPE_view(). */ function coral_talk_node_view( array &$build, \Drupal\Core\Entity\EntityInterface $entity, \Drupal\Core\Entity\Display\EntityViewDisplayInterface $display, $view_mode ) { // 1. Check to see if our new field should be rendered on the entity display. // 2. Determine whether the user has permission to add comments. $condition = ( $display->getComponent(‘coral_talk_comments') && \Drupal::currentUser()->hasPermission('create coral comment') );   if ($condition) { $config = \Drupal::config(coral_talk.settings');   // Add the new field to the $build array with a call to a custom theme // hook to render the comments. Pass necessary config into comment // settings. $build[‘coral_talk_comments'] = [ '#theme' => 'coral_talk_comments', '#domain' => $config->get('domain') ?? '', ]; } }

    After another cache clear, we’ll now see our comments being rendered to our content types in whichever view mode they’re enabled on. The moves setup of comments outside of code and into a place that’s more accessible and flexible for various users.

    This approach is great for simple scenarios. One drawback, however, is that it’s not possible to define any custom configuration options for these pseudo fields. Each extra field is identical, and any configuration has to be hard coded in these hooks. This presents challenges for site builders, who might want to configure comments differently per content type however. Fortunately, there is a solution in contrib that changes how Extra Fields are defined and allows for developers to add configuration to each field. In the next post, we’ll explore the Extra Field Settings Provider module.

    Hook 42: Speaker Notes: Attending DrupalCon as a Presenter

    3 days ago

    DrupalCon 2019 was a bit different for me. I have attended previous DrupalCons, usually sitting in the back of the room just taking in all that I could from experts around the world. This year, however, I had the opportunity to be a speaker. Not only was I afforded the opportunity to speak, but I had two separate sessions accepted.

    OPTASY: What Makes the End-User Experience in Drupal 8 Stand Out?

    3 days 7 hours ago
    What Makes the End-User Experience in Drupal 8 Stand Out? adriana.cacoveanu Wed, 04/17/2019 - 07:30

    What makes Drupal a great choice from a UX standpoint? What features are responsible for the enhanced end-user experience in Drupal 8? Those features that enable you to easily create an intuitive and enjoyable visitor experience on your own Drupal-based website/application.

    And to constantly improve it...

    Is it all those performance enhancements that it ships with? Or maybe its “responsive out-of-the-box” nature? Or rather its multilingual capabilities?
     

    1. But First: 7 Evergreen Ways to Improve Your Website's UX

    It goes without saying that, in order to create an enjoyable, rich user experience on your Drupal 8 website, you'll need to:
     

    Amazee Labs: DrupalCon Seattle Recap - A week to remember

    3 days 20 hours ago
    DrupalCon Seattle Recap - A week to remember

    I was so excited about going to DrupalCon Seattle, I started packing one week in advance. Granted, I decided to travel light, so my carry-on suitcase quickly showed the task wouldn’t take long.

    Maria Comas Tue, 04/16/2019 - 20:04

    Every DrupalCon I have been lucky enough to attend has been special in their own way. This was my first time going back to the States after moving out almost two years ago, so after an airport hiccup (protip: make sure to apply for a new ESTA if you happen to renew your passport after you felt very accomplished getting it ready so much time in advance) I was happy to set my regular-sized foot onto its northwest corner.  

    The week started very nicely, with some time to explore the city and enjoy a selection of its fine food. As there weren’t any sessions on until Wednesday, Tuesday was mostly hanging out with teammates and other friendly faces in the contribution room.

     Anyone else noticed how in the US bathroom stall’s doors never quite make it to the edge?

    After a delicious and fun dinner where all Amazees gathered, it was party time. One of the highlights of the week was getting to attend the Museum of Pop Culture at Pantheon’s party, which featured some awesome exhibits. My favourite part was a sound lab where one could learn how to play real instruments (Louie Louie anyone?).

    “Next DrupalCon we need a setlist."

    Wednesday and Thursday were packed with brain-revving sessions. Gatsby, data-fetching strategies, and front-end performance were a few of the topics that got a lot of circulation on the printed schedule. But it was diversity and inclusion that rightfully took the main stage at the keynotes. Dries Buytaert began his speech acknowledging that Open Source is not a meritocracy, and Marcy Sutton and Nythia Ruff closed with essential insights on how to use our collective power to build inclusive communities and products.

    All in all, there were many moments that made this past week remarkable. Many involved spending time with the team, others meeting new people. Some were expected, like the Women in Drupal luncheon. Others were not, like the Movement BoF that got me walking as if I was auditioning for the Ministry of Silly Walks.

    One remarkable moment was definitely getting to give my (first ever) presentation at a DrupalCon (I can confirm, the Speakers-only room has special catering!). All of these moments made me once more very grateful for being able to be a part of this. I’m looking forward next time I get to play suitcase Tetris and find out what will make the next DrupalCon a one-of-a-kind experience.

    Checked
    9 hours 48 minutes ago
    Drupal.org - aggregated feeds in category Planet Drupal
    Subscribe to Drupal Planet feed
    Category
  • Dries

    State of Drupal presentation (April 2019)

    5 days ago

    Last week, many Drupalists gathered in Seattle for DrupalCon North America, for what was the largest DrupalCon in history.

    As a matter of tradition, I presented my State of Drupal keynote. You can watch a recording of my keynote (starting at 32 minutes) or download a copy of my slides (153 MB).

    Making Drupal more diverse and inclusive

    DrupalCon Seattle was not only the largest, but also had the most diverse speakers. Nearly 50% of the DrupalCon speakers were from underrepresented groups. This number has been growing year over year, and is something to be proud of.

    I actually started my keynote by talking about how we can make Drupal more diverse and inclusive. As one of the largest and most thriving Open Source communities, I believe that Drupal has an obligation to set a positive example.

    I talked about how Open Source communities often incorrectly believe that everyone can contribute. Unfortunately, not everyone has equal amounts of free time to contribute. In my keynote, I encouraged individuals and organizations in the Drupal community to strongly consider giving time to underrepresented groups.

    Improving diversity is not only good for Drupal and its ecosystem, it's good for people, and it's the right thing to do. Because this topic is so important, I wrote a dedicated blog post about it.

    Drupal 8 innovation update

    I dedicated a significant portion of my keynote to Drupal 8. In the past year alone, there have been 35% more sites and 48% more stable modules in Drupal 8. Our pace of innovation is increasing, and we've seen important progress in several key areas.

    With the release of Drupal 8.7, the Layout Builder will become stable. Drupal's new Layout Builder makes it much easier to build and change one-off page layouts, templated layouts and layout workflows. Best of all, the Layout Builder will be accessible.

    Drupal 8.7 also brings a lot of improvements to the Media Library.

    We also continue to innovate on headless or decoupled Drupal. The JSON:API module will ship with Drupal 8.7. I believe this not only advances Drupal's leadership in API-first, but sets Drupal up for long-term success.

    These are just a few of the new capabilities that will ship with Drupal 8.7. For the complete list of new features, keep an eye out for the release announcement in a few weeks.

    Drupal 7 end of life

    If you're still on Drupal 7, there is no need to panic. The Drupal community will support Drupal 7 until November 2021 — two years and 10 months from today.

    After the community support ends, there will be extended commercial support for a minimum of three additional years. This means that Drupal 7 will be supported for at least five more years, or until 2024.

    Upgrading from Drupal 7 to Drupal 8

    Upgrading from Drupal 7 to Drupal 8 can be a lot of work, especially for large sites, but the benefits outweigh the challenges.

    For my keynote, I featured stories from two end-users who upgraded large sites from Drupal 7 to Drupal 8 — the State of Georgia and Pegasystems.

    The keynote also featured quietone, one of the maintainers of the Migrate API. She talked about the readiness of Drupal 8 migration tools.

    Preparing for Drupal 9

    As announced a few months ago, Drupal 9 is targeted for June 2020. June 2020 is only 14 months away, so I dedicated a significant amount of my keynote to Drupal 9.

    Making Drupal updates easier is a huge, ongoing priority for the community. Thanks to those efforts, the upgrade path to Drupal 9 will be radically easier than the upgrade path to Drupal 8.

    In my keynote, I talked about how site owners, Drupal developers and Drupal module maintainers can start preparing for Drupal 9 today. I showed several tools that make Drupal 9 preparation easier. Check out my post on how to prepare for Drupal 9 for details.

    Thank you

    I'm grateful to be a part of a community that takes such pride in its work. At each DrupalCon, we get to see the tireless efforts of many volunteers that add up to one amazing event. It makes me proud to showcase the work of so many people and organizations in my presentations.

    Thank you to all who have made this year's DrupalCon North America memorable. I look forward to celebrating our work and friendships at future events!

    Dries

    How to prepare for Drupal 9

    1 week 1 day ago

    With Drupal 9 targeted to be released in June of 2020, many people are wondering what they need to do to prepare.

    The good and important news is that upgrading from Drupal 8 to Drupal 9 should be really easy — radically easier than upgrading from Drupal 7 to Drupal 8.

    The only caveat is that you need to manage "deprecated code" well.

    If your site doesn't use deprecated code that is scheduled for removal in Drupal 9, your upgrade to Drupal 9 will be easy. In fact, it should be as easy as a minor version upgrade (like upgrading from Drupal 8.6 to Drupal 8.7).

    What is deprecated code?

    Code in Drupal is marked as "deprecated" when it should no longer be used. Typically, code is deprecated because there is a better alternative that should be used instead.

    For example, in Drupal 8.0.0, we deprecated \Drupal::l($text, $url). Instead of using \Drupal::l(), you should use Link::fromTextAndUrl($text, $url). The \Drupal::l() function was marked for removal as part of some clean-up work; Drupal 8 had too many ways to generate links.

    Deprecated code will continue to work for some time before it gets removed. For example, \Drupal::l() continues to work in Drupal 8.7 despite the fact that it was deprecated in Drupal 8.0.0 more than three years ago. This gives module maintainers ample time to update their code.

    When we release Drupal 9, we will "drop" most deprecated code. In our example, this means that \Drupal::l() will not be available anymore in Drupal 9.

    In other words:

    • Any Drupal 8 module that does not use deprecated code will continue to work with Drupal 9.
    • Any Drupal 8 module that uses deprecated code needs to be updated before Drupal 9 is released, or it will stop working with Drupal 9.

    If you're interested, you can read more about Drupal's deprecation policy at https://www.drupal.org/core/deprecation.

    How do I know if my site uses deprecated code?

    There are a few ways to check if your site is using deprecated code.

    If you work on a Drupal site as a developer, run drupal-check. Matt Glaman (Centarro) developed a static PHP analysis tool called drupal-check, which you can run against your codebase to check for deprecated code. I recommend running drupal-check in an automated fashion as part of your development workflow.

    If you are a site owner, install the Upgrade Status module. This module was built by Acquia. The module provides a graphical user interface on top of drupal-check. The goal is to provide an easy-to-use readiness assessment for your site's migration to Drupal 9.

    If you maintain a project on Drupal.org, enable Drupal.org's testing infrastructure to detect the use of deprecated code. There are two complementary ways to do so: you can run a static deprecation analysis and/or configure your existing tests to fail when calling deprecated code. Both can be set up in your drupalci.yml configuration file.

    If you find deprecated code in a contributed module used on your site, consider filing an issue in the module's issue queue on Drupal.org (after having checked no issue has been created yet). If you can, provide a patch to fix the deprecation and engage with the maintainer to get it committed.

    How hard is it to update my code?

    While there are some deprecations that require more detailed refactoring, many are a simple matter of search-and-replace.

    You can check the API documentation for instructions on how to remedy the deprecation.

    When can I start updating my code?

    I encourage you to start today. When you update your Drupal 8 code to use the latest and greatest APIs, you can benefit from those improvements immediately. There is no reason to wait until Drupal 9 is released.

    Drupal 8.8.0 will be the last release to deprecate for Drupal 9. Today, we don't know the full set of deprecations yet.

    How much time do I have to update my code?

    The current plan is to release Drupal 9 in June of 2020, and to end-of-life Drupal 8 in November of 2021.

    Contributed module maintainers are encouraged to remove the use of deprecated code by June of 2020 so everyone can upgrade to Drupal 9 the day it is released.

    Drupal.org project maintainers should keep the extended security coverage policy in mind, which means that Drupal 8.8 will still be supported until Drupal 9.1 is released. Contributed projects looking to support both Drupal 8.8 and Drupal 9.0 might need to use two branches.

    How ready are the contributed modules?

    Dwayne McDaniel (Pantheon) analyzed all 7,000 contributed module for Drupal 8 using drupal-check.

    As it stands today, 44% of the modules have no deprecation warnings. The remaining 56% of the modules need to be updated, but the majority have less than three deprecation warnings.

    Dries

    The privilege of free time in Open Source

    1 week 2 days ago

    In Open Source, there is a long-held belief in meritocracy, or the idea that the best work rises to the top, regardless of who contributes it. The problem is that a meritocracy assumes an equal distribution of time for everyone in a community.

    Open Source is not a meritocracy

    I incorrectly made this assumption myself, saying: The only real limitation [to Open Source contribution] is your willingness to learn.

    Today, I've come to understand that inequality makes it difficult for underrepresented groups to have the "free time" it takes to contribute to Open Source.

    For example, research shows that women still spend more than double the time as men doing unpaid domestic work, such as housework or childcare. I've heard from some of my colleagues that they need to optimize every minute of time they don't spend working, which makes it more difficult to contribute to Open Source on an unpaid, volunteer basis.

    Or, in other cases, many people's economic conditions require them to work more hours or several jobs in order to support themselves or their families.

    Systemic issues like racial and gender wage gaps continue to plague underrepresented groups, and it's both unfair and impractical to assume that these groups of people have the same amount of free time to contribute to Open Source projects, if they have any at all.

    What this means is that Open Source is not a meritocracy.

    Free time is a mark of privilege, rather than an equal right. Instead of chasing an unrealistic concept of meritocracy, we should be striving for equity. Rather than thinking, "everyone can contribute to open source", we should be thinking, "everyone deserves the opportunity to contribute".

    Time inequality contributes to a lack of diversity in Open Source

    This fallacy of "free time" makes Open Source communities suffer from a lack of diversity. The demographics are even worse than the technology industry overall: while 22.6% of professional computer programmers in the workforce identify as women (Bureau of Labor Statistics), less than 5% of contributors do in Open Source (GitHub). And while 34% of programmers identify as ethnic or national minorities (Bureau of Labor Statistics), only 16% do in Open Source (GitHub).

    It's important to note that time isn't the only factor; sometimes a hostile culture or unconscious bias play a part in limiting diversity. According to the same GitHub survey cited above, 21% of people who experienced negative behavior stopped contributing to Open Source projects altogether. Other recent research showed that women's pull requests were more likely to get accepted if they had a gender-neutral username. Unfortunately, examples like these are common.

    Taking action: giving time to underrepresented groups

    While it's impossible to fix decades of gender and racial inequality with any single action, we must do better. Those in a position to help have an obligation to improve the lives of others. We should not only invite underrepresented groups into our Open Source communities, but make sure that they are welcomed, supported and empowered. One way to help is with time:

    • As individuals, by making sure you are intentionally welcoming people from underrepresented groups, through both outreach and actions. If you're in a community organizing position, encourage and make space for people from underrepresented groups to give talks or lead sprints about the work they're interested in. Or if you're asked to, mentor an underrepresented contributor.
    • As organizations in the Open Source ecosystem, by giving people more paid time to contribute.

    Taking the extra effort to help onboard new members or provide added detail when reviewing code changes can be invaluable to community members who don't have an abundance of free time. Overall, being kinder, more patient and more supportive to others could go a long way in welcoming more people to Open Source.

    In addition, organizations within the Open Source ecosystem capable of giving back should consider financially sponsoring underrepresented groups to contribute to Open Source. Sponsorship can look like full or part-time employment, an internship or giving to organizations like Girls Who Code, Code2040, Resilient Coders or one of the many others that support diversity in technology. Even a few hours of paid time during the workweek for underrepresented employees could help them contribute more to Open Source.

    Applying the lessons to Drupal

    Over the years, I've learned a lot from different people's perspectives. Learning out in the open is not always easy, but it's been an important part of my personal journey.

    Knowing that Drupal is one of the largest and most influential Open Source projects, I find it important that we lead by example.

    I encourage individuals and organizations in the Drupal community to strongly consider giving time and opportunities to underrepresented groups. You can start in places like:

    When we have more diverse people contributing to Drupal, it will not only inject a spark of energy, but it will also help us make better, more accessible, inclusive software for everyone in the world.

    Each of us needs to decide if and how we can help to create equity for everyone in Drupal. Not only is it good for business, it's good for people, and it's the right thing to do.

    Special thanks to the Drupal Diversity and Inclusion group for discussing this topic with me.

    Dries

    Supporting Girls Who Code at DrupalCon

    1 week 3 days ago

    For most people, today marks the first day of DrupalCon Seattle.

    Open Source communities create better, more inclusive software when diverse people come to the table. Unfortunately, there is still a huge gender gap in Open Source, and software more broadly. It's something I'll talk more about in my keynote tomorrow.

    One way to help close the gender gap in the technology sector is to give to organizations that are actively working to solve this problem. During DrupalCon Seattle, Acquia will donate $5 to Girls Who Code for every person that visits our booth.

    Dries

    How to remove YouTube tracking

    3 weeks 3 days ago

    I don't use Google Analytics or any other web analytics service on dri.es. Why not? Because I don't desire to know how many people visit my site, where they come from, or what operating system they use.

    Because I don't have a compelling reason to track my site's visitors, I don't have to bother anyone with a "cookies consent" popup either. That is a nice bonus because the web is littered with those already. I like that dri.es is clutter-free.

    This was all well and good until a couple of weeks ago, when I learned that when I embed a YouTube video in my blog posts, Google sends an HTTP cookie to track my site's visitors. Be damned!

    After some research, I discovered that YouTube offers a privacy-enhanced way of embedding videos. Instead of linking to youtube.com, link to youtube-nocookie.com, and no data-collecting HTTP cookie will be sent. This is Google's way of providing GDPR-compliant YouTube videos.

    -nocookie.com/embed/video-id" frameborder="0">

    So I went ahead and updated all blog posts on dri.es to use youtube-nocookie.com.

    In addition to improving privacy, this change also makes my site faster. I used https://webpagetest.org to benchmark a recent blog post with a YouTube video.

    Before:

    When embedding a video using youtube.com, Google uses DoubleClick to track your users (yellow bar). A total of 22 files were loaded, and the total time to load the page was 4.4 seconds (vertical blue line). YouTube makes your pages slow, as the vast majority of requests and load time is spent on loading the YouTube video.

    After:

    When using youtube-nocookie.com, Google no longer uses DoubleClick to track your users. No HTTP cookie was sent, "only" 18 files were loaded, and the total page load time was significantly faster at 2.9 seconds (vertical blue line). Most of the load time is still the result of embedding a single YouTube video.
    Dries
    Checked
    9 hours 48 minutes ago
    Subscribe to Dries feed
    Category