Drupal Association Journey: Pedro Cambra: Drupal Association elections open for 2021

Planet Drupal - Mon, 2021/09/20 - 6:25pm

The self-nomination period for the Drupal Association Board has already started. There are two At-Large positions on the board that are filled by an election process that used to be open to the community and since last year requires a Drupal Association membership to vote. One seat will be elected for the 2021-2023 period in October.

As the Elections page from the Drupal Association states:

Simply put, the At-large Director position is specifically designed to ensure community representation on the Drupal Association board.

The self-nomination period is open up to September 27th and you need to fill this Google form to be considered as a candidate. Please make sure you check the eligibility, legal stuff and responsibilities before running for the seat.

All the information and dates are available in this article: https://www.drupal.org/association/board/elections/election-2021-dates-and-candidates

As a personal note, I want to bring up that I wanted to move a vote to revert the election process to its previous form that didn’t require a Drupal Association membership to vote, but life comes at you fast. I want to keep bringing it the matter on next board meetings, as it seems that creating a task-force to open the communication with the community and review the issue could be on the table.



OpenSense Labs: An extensive study on Create Once, Publish Everywhere (COPE) with Drupal

Planet Drupal - Mon, 2021/09/20 - 12:46pm
An extensive study on Create Once, Publish Everywhere (COPE) with Drupal Maitreayee Bora Mon, 09/20/2021 - 16:16

People of the modern era have witnessed the impact of the digital revolution that has successfully connected the whole world through the medium of technology. Sitting at the cozy corner of your home you can explore the new cuisines added in your favourite restaurant nearby. How about going trekking this weekend? You can get an idea about the best treks with the help of information available over the internet. So, have you ever wondered how the digital content is maintained and made accessible to the large audience across various channels with every new update or information? Well it is made possible with the help of “create once and publish everywhere” (COPE) where you can just create the content once and publish the same in every digital format over multiple platforms, also enhancing the digital outreach. In this article, I will take you through the details of this significant term, C.O.P.E. with Drupal. 

What is meant by create once, publish everywhere (COPE)?

Create once, publish everywhere (COPE) is a strategy that helps in content creation and distribution. With COPE, instead of creating content multiple times over multiple pages, you can manage a single piece of content in one place and publish it in many different platforms for either the first time or the hundredth. Due to this unique facility, more organizations are seen adopting the COPE model that helps in managing their increasing demands over content creation and distribution. Let us look into an example for better understanding. Assume that you own a fashion house and it has a very exciting website. Now, it so happens that you plan to change your business hours which are present in every page of your website. If your website has got 25 pages, does that mean you will have to make changes in all the pages? Not really. Because with COPE you can form a panel or a block which holds your business hours and can instruct your content management system (CMS) that you want that particular block to appear in each page of your website. So, now when you change your business hours, you will only have to change that particular block, and it will get updated over all the pages of your website with just one click. 

COPE was first pioneered by National Public Radio (NPR) to make multimedia content sharing and publishing easy across various devices, email marketing, social media and many more. In regard to the significance of COPE, NPR states that with the growing need of digital content, the opportunities for content providers have increased massively. Therefore, to blow away the audience with amazing pieces of content, the content providers also require distribution platforms and APIs. But along with those, they essentially need to follow the philosophy of COPE which ensures content portability and modularity. Below is a diagram representing NPR’s content management pipeline and how it adopts the COPE principles. The diagram depicts the main principle that is to have content producers and ingestion scripts channel content into just one system or series of nearly tied systems. Also, it illustrates that regardless of content destinations, or its type, the distribution of all content can be done uniformly.  

Source: NPR

With the growing technology, the interaction between the customer and the brands are constantly changing. The users are no longer accustomed to the traditional way of using websites or applications. They are seen connecting to your brands via IoT devices, conversational UIs and wearables. With their exclusive requirements, the customers actively engage with the organization’s content and data over various platforms. Due to the increase in the different channels through which the content is shared, the marketing team felt the need of treating content more like data. The marketers started to conceptualize content in the form of html pages, however the page architecture cannot be applied to all of the content available today. So, here comes the need of adaptation towards the models of structured content. Treating the content like data helps the marketers to practice the approach of COPE across various channels, and  executing structured content enables in extending an organization’s reach at the same time. 

To get a better learning experience about “create once, and publish everywhere” (C.O.P.E) you can go through these informative sessions below.


Where can you find COPE?

Now, here comes the question, where do you find COPE? Basically, you’re running into such type of content over various websites you engage in. For example, Healthcare websites that are related to clinic locations, doctors. Retail websites where you can view products of your choice. News websites that are related to news or information. Entertainment websites where you can watch your favorite shows, movies and many more. Finally, to end with, recipe websites related to recipes and blog posts. 

Why shall you COPE?

By far in brief you got an idea what exactly is COPE. Now, it's very essential to know the reasons for implementing it. Since, it is a big initiative that requires time, technical resources and cooperation from various groups at your organization.

Provides scalability

As we know that publishing content is just not limited to the web. With growing times, the number of systems and devices which consume content is increasing. Companies are seen publishing everywhere their content through digital signage, mobile apps, televisions and wearable technology as well. There is a need to make your content ideally scalable as you will have no time to manage your content in a different place for every output. So, having the capacity to create and update content in one single place is the best way to ensure scalability for a long term, and which is undoubtedly provided by COPE.

Provides growth with less resources

One of the important benefits COPE provides is that even with less resources you get the opportunity to grow and develop. A lot of money and time can be saved by not having the burden of creating different content for different platforms. Some of the companies who allow members from non-marketing departments to create content find it difficult to get those professionals to deliver and update content as per requirements. By executing COPE, some of these problems can be resolved as the duplication of content can be eliminated for different platforms.

Provides wider audience reach

COPE allows your organization to circulate content to a growing number of channels. For example, you might post a piece of content to your newsroom and associate it with some particular keywords or categories. Then the content’s summary will automatically be shown up on the newsroom’s homepage, on the main website homepage, and also in category-specific RSS feeds. Additionally, a link to your content and a summary will be shared on social-media automatically, also the users of your mobile app will receive a notification of the accessibility of the new content that can be read by them on their Android phones, iPhones, iPads and tablets. So, with COPE you have the facility of publishing your content over different mediums, also enhancing your audience reach at the same time. 

Provides accessibility

With COPE you can make your content accessible to a wide range of platforms through various formats that allows the people with disabilities to consume content without facing any difficulty. Accessibility can be provided in various forms. This approach is just not providing content accessibility to vision impaired users but also to users who are reading impaired, hearing impaired, neurologically impaired and the ones who are technologically challenged i.e. having slow or no internet access at all. Therefore, all these issues can be solved with the help of this approach.

Provides easier redesign

The web design trends keep on changing frequently, so the organizations need to go through a comprehensive redesign of their sites within a few years or constantly get involved in making iterative changes to their websites. In cases like this, if you do not have the basic principle of COPE i.e. the separation of content completely from the presentation layer, then you will have to create the new design and then copy the existing content into the new templates manually which is so troublesome. But with COPE, by separating content from the design, you don’t have to be concerned about the migration process, since you have the option of applying a different presentation to your content.

Enhances content freshness and accuracy

Managing your content in multiple places can not just be dull and time consuming but it can degrade the quality of your content negatively. If you have to log into various systems to create the same content in just different formats, you might lack enthusiasm in creating fresh content which could bring a negative impact over your Search Engine Results Page Ranking (SERP). Additionally, handling different types of content in numerous places further makes it difficult to provide exact accuracy over all channels. So, all these risks can be handled well by the COPE approach. And the users will be enabled to enter content into structured fields that helps them to personalize specific sections for particular destinations and outputs. The content creation also can be increased by pulling in links to related content that is recently published. 

What does it take to execute COPE?

This section will give you an understanding of what exactly it takes to implement COPE. So, let’s find out.

Separate content and design

The complete separation of content from the presentation layer is one of the primary prerequisites of COPE as you will have to produce your content in any presentation. One important thing to emphasize upon is the need for the appropriate CMS as it works as content capturing tools that are very particular about where or how the content should be viewed, be it a mobile app, web page, TV etc to completely separate the content from the display. You will have to be careful from the content management systems that can distract your content contributors from prioritizing upon publishing quality and fresh content. 

Better structured content entry

Karen McGrane, a content strategist and website accessibility advocate explains the need for more structured content entry. She uses the terminology “dumb blobs versus smart chunks” in her talks around the world. So, dumb blobs are large pieces of content which are managed in one WYSIWYG editor that is similar to a Word document. With this there is a problem, it basically comprises your capacity to share content of different versions like condensed versions for a different website or a synopsis on a homepage. When it comes to executing COPE, content modularity is the key. It is the same as object-oriented programming that enables you to write your code in small, hugely reusable chunks. COPE essentially makes you understand that you need to be away from the dumb blobs and rather make your content entry forms even more smarter. You need to go beyond a monolithic WYSIWYG area by replacing it with much more structured data like content blocks, text fields and textareas, file choosers, pertinent metadata fields such as category, tags and keywords, summary and start and end date.

Cross-platform facility

Both proprietary and open source content management systems are seen struggling with cross-site sharing of content. You need to evaluate whether your CMS is capable enough to share content across sites and pages, and also inspect how it enables content sharing by non-technical users. In case, if you want to move to another system, then it is very important to carefully inspect and examine, also test how the ones which you are assessing supports the content sharing over websites and pages. While evaluating your present CMS, it is imperative to carefully analyze how to produce a single piece of content in as many different formats as you require without duplicating any content. You will have to figure out whether your CMS allows you to manage as many different websites as you require and also publish your content to limitless destinations. 

What are the challenges you face while coping?

Every coin has two sides, so with benefits also comes challenges. Here we will dive into the challenges you might face while coping.

Paradigm shift

For some of the organizations, executing COPE requires an extreme paradigm shift. Some of the contributors might be very protective about their content and hesitant to have it published beyond their control, while others might have a concern that the content which is irrelevant to their page may accidentally be pulled in. Additionally, COPE necessitates you to think differently about the content. For instance, rather than creating “big blobs” which do not allow you to share smaller chunks of content to various platforms, COPE suggests you break your content entry forms into various structured blocks and fields. And in result, it will be time consuming for your “WYSIWYG blob” lobby to get a proper understanding about how your organization and audience will be benefited by the shift.

Requires investment

Depending on your current infrastructure, you might need to make some investments. Let’s say, for example, all the content management systems do not support COPE, and executing a more new, more appropriate CMS also integrating it with other systems can be time consuming and require resources. Training all your content contributors also requires time, and considering that if you don’t go for a CMS switch, you will need to re-work your content entry forms to further allow users to enter content in a much more structured way to attain portability. Ultimately, you will have to ensure that you tend to separate the content from the presentation layer, also providing the contributors the facility to enter content in small chunks instead of big blobs via WYSIWYG editor. One more important aspect is the need to explain to the stakeholders about the requirements and benefits of COPE. With the help of examples of companies like NPR who have successfully executed COPE, you can convince your stakeholders to consider adopting the most essential COPE approach.

Too much COPE is troublesome

A very important thing to remember is that COPE doesn’t signify you to randomly push all content to all platforms. Excessive use of this approach will bring the risk of losing your audience as they will be provided with content that might not be relevant to them. Therefore, it is advisable to be very strategic and recognize which content is suitable to which platforms or channels. Content marketing tools and analytics can be used to understand in detail about the different elements of your target audience, also measure your content effectiveness and strategize your plan accordingly.

What is the right way to COPE?

We have now understood the significance of COPE with the above explanations but along with that we should also be knowing the right approach of COPE. So, this section will exactly guide you with it.

Understanding your users

Adopting a user-centred design approach will help you in preparing your content according to the mindsets and behavioural patterns of the users. By using proper research and testing of the users preferences, you can provide your audience a seamless multi-channel experience of useful and relevant content.

Reviewing your tech stack

There is a necessity for a strong technology infrastructure, and the right content strategy that enables in delivering at the right time, the right content to the right person in the right format. To provide such a seamless delivery there is a need for a very sophisticated content management system that can easily identify which device your website or applications are being viewed on and also adapt what’s displayed suitably. 

Refreshing your internal and external resources

One of the important aspects that mostly gets unnoticed is the internal culture and processes. If your teams are busy working in silos then you won’t be able to get a clear and complete picture of the content creation that would further lead to dissatisfied and disaffected customer experience. 

Getting in touch with your stakeholders

Stakeholders are a very important part of the project's success. You cannot afford to miss the opportunity to contact them at the early stage when you decide to adopt the COPE approach into your business. There is a need for transparency between you and the stakeholders where you can explain to them the significance of this approach and how hugely the business can be benefited by adopting COPE.

Establishing high-level goals

At the beginning it is important to recognize your analytics and know where you exactly want to head towards. Without making them your sole focus, you need to have a SMART that stands for ‘specific, measurable, achievable, relevant, and timely’ goal for your business.

Documenting your future plan

By hitting the ‘Publish’ button on your website, you do not finish your responsibility towards COPE. Since your work towards the web can never be finished. You will have to boost up your team by having frequent discussions where they can document all their plans, marketing strategies to meet the team goals and objectives. Things like identifying how and when the content shall be governed across the website needs to be looked after closely for better outcomes.

COPE with Drupal

It is well known to us that the digital networks consist of a variety of applications, and therefore all your organization’s can depend upon Drupal as the platform for content creation. So, by adopting an API-first architecture, Drupal can empower all your digital systems. Organizations are seen selecting a decoupled Drupal approach for various benefits. Headless Drupal or Decoupled Drupal uncouples the back-end which is accountable for presenting content, enabling Drupal to display content to other front-end systems, also allowing digital tools to utilize the tools of their convenience while sharing content over various channels. 

To execute a decoupled or headless Drupal architecture, organizations require a platform that enables developers to work with both traditional Drupal sites and decoupled Drupal projects as well.

Here, we will now look into how decoupled Drupal works. The developers with decoupled Drupal architecture gets the option of working with Drupal in the following modes.

  • With a completely decoupled Drupal approach, Drupal’s back-end serves as a decoupled CMS, managing and storing data, also availing it to the front-end systems of the developer’s preferences to deliver the content and communicate with Drupal via web service APIs.
  • Developers can choose a hybrid (progressively decoupled) Drupal approach, where a layer of JavaScript gets added to a webpage to provide a single block or component, or to build a communicative end-user experience.

More about the different options of decoupling Drupal here.

Drupal can be an excellent CMS for editors who need to have control over their content presentation and also be a rich headless CMS for developers building huge content ecosystems in one single package. With the help of the below diagram, you will get a clear understanding about the difference between a traditional Drupal site and a headless CMS.

The headless CMS steps back in the areas like in-context administration and in-place editing of content while Drupal focuses on allowing an editor to manage content and page structure in an interface beside a live preview instead of an interface that is entirely separate from the front-end user experience. Headless CMSes are unable to provide a full-fledged editorial experience which is integrated into the front ends to the ones they serve content. In order to make the marketers successful there is a need for a proper display and layout manipulation. But headless CMSes do not hold a strong opinion about display and layout settings and therefore fail to provide the required assistance to the marketers. Whereas one of the key features of Drupal is the capability to control where content appears in a layout structure. One more facility that editors and marketers want is the access to an easy preview system for the unpublished content. But in the headless CMS paradigm, developers will have to come into the picture to deliver a seamless preview by setting up a new API endpoint and deploying a distinct version of their application which issues requests against new ways. Therefore, headless CMS lacks in providing a seamless preview to the marketers and editors as there is an interference of the developers without whose assistance they cannot preview the content on their own. 

So, from the above discussion it is clear that the features provided by Drupal are simply unique in comparison to other headless CMSes. Therefore, Drupal is certainly the first choice for an editor and a developer who enthusiastically look forward to working hand-in-hand with the latest technology and trends.

Learn more about decoupled Drupal here:


If you want to sustain your content management for a long-term, then all you need to do is adopt the COPE framework. This approach will need you to change your perspective towards managing your content to make it available to a wide range of audiences through multiple platforms and channels. And implementing COPE with Drupal will be the best way to ensure your organization the route to success.

blog banner blog image Drupal Traditional Drupal Decoupled Drupal Headless CMS Decoupled CMS Blog Type Articles Is it a good read ? Off

Golems GABB: Configuring‌ ‌multilingual‌ ‌content‌ ‌Views‌ ‌in‌ ‌Drupal‌ ‌9‌

Planet Drupal - Mon, 2021/09/20 - 8:23am
Configuring‌ ‌multilingual‌ ‌content‌ ‌Views‌ ‌in‌ ‌Drupal‌ ‌9‌ Editor Mon, 09/20/2021 - 09:23

When Drupal 8 was released in November 2015, its list of new features was really impressive. Among lots of other things on the list, there were multilingual capabilities and the Views built into the Drupal core. Now that many websites have upgraded to Drupal 9, the Views and multilingual functionalities in Drupal have not changed much. Both remain highly popular among customers, website admins, developers, content editors — here is why:


robertroose.com: How to upgrade a Drupal 8 website to Drupal 9 when you're not a developer

Planet Drupal - Sun, 2021/09/19 - 7:26am

It’s called the easiest major Drupal upgrade in a decade. But for me, as a Drupal designer/site builder who doesn't know how to code, it was pretty damn hard. In this blog post I will outline the steps I took to upgrade a Drupal 8 website to Drupal 9.


Debug Academy: Would you rather: Early or late adopter of Drupal?

Planet Drupal - Sun, 2021/09/19 - 12:19am
Would you rather: Early or late adopter of Drupal?

What are the pros & cons of being an early adopter of a framework?

This can be a loaded question due to misaligned incentives. Projects need early adoption to be successful.

But what is best for your career and/or project? Let's discuss it honestly.

When is "early"?

In the context of software, "early adoption" has multiple meanings.

For the sake of this conversation, "early" specifically means at least one of the following is true:

  1. The software is not yet widely used (not many case studies)
  2. Best practices have not yet been established
  3. The software has not stabilized (alpha, beta, sometimes 1.0)

It's not always clear whether using software is early.

Let me give a few examples, one of which may be counter-intuitive:

ashrafabed Mon, 09/20/2021

LakeDrops Drupal Consulting, Development and Hosting: Event Condition Action - Business Process Modeling in Drupal 9+

Planet Drupal - Fri, 2021/09/17 - 1:24pm
Event Condition Action - Business Process Modeling in Drupal 9+ Richard Papp Fri, 09/17/2021 - 13:24 Our new module suite intends to replace the popular Drupal 7 Rules module for Drupal 8+. But not only Rules. Actually, it also provides features from other modules (e.g. Automatic Entity Label) and for form validation.

Lullabot: Lullabot Podcast: The End of the Road for Drupal 8, Many More Drupal 9 Beginnings

Planet Drupal - Fri, 2021/09/17 - 12:00am

It might feel like it's brand new, but Drupal 8 will reach its end-of-life on November 2, 2021. Matt and Mike get together with fellow Lullabots Cathy Theys, David Burns, and Matthew Tift who have each been involved with upgrading to Drupal 9 on various projects. They discuss what a site administrator should be doing about it now.


Drupal Association blog: Meet one of our 2021 Discover Drupal Students, Abokar Botan

Planet Drupal - Thu, 2021/09/16 - 6:15pm

The Discover Drupal 2021 recently began the next phase of their journey. This year we have eight students. After completing their prerequisite course in July, they have all started the course for their chosen pathway.  Each month we introduce a student, and this month, we welcome Abokar Botan!

Abokar was referred to the program by Genesys Works and is entirely new to Drupal. He currently resides in Minnesota.

Tell us a little about you. What are your hobbies and interests? My name is Abokar. I am majoring in computer science. One of my hobbies is coding. My interest is to become a Software Engineer.

What is your ultimate goal in learning Drupal? My ultimate goal is to learn front-end development.

What are you most excited about regarding this program? My most exciting thing in this program is having a mentor who listens to all your ideas and gives you great advice.

If you see Abokar online in Drupal Slack or at any upcoming Drupal events, please give him a warm welcome. His Slack user name is Abokar Botan.

Thank you to our Partners and Sponsors

We want to thank our founding partner, Kanopi Studios and especially Allison Manley for her hard work and dedication to the program. We also want to thank our platinum sponsors: Lullabot and Elevated Third for the financial support that has been instrumental in launching this program. Finally thank you to our excellent training partners, Drupal Easy, Evolving Web, Mediacurrent, and Drupalize.me.

If you’d like more information about the program or would like to become a supporting donor, please reach out to us a drupaltalent@association.drupal.org

File attachments:  IMG_2464 - ThinkFree Shopping.jpg

Nonprofit Drupal posts: September Drupal for Nonprofits Chat: Project Browser Initiative

Planet Drupal - Thu, 2021/09/16 - 4:27pm

Our normally scheduled call to chat about all things Drupal and nonprofits will happen TODAY, Thursday, September 16 at 1pm ET / 10am PT. (Convert to your local time zone.)

This month we'll be chatting about the Project Browser Initiative and anything else that might be on your minds at the intersection of Drupal and nonprofits. 

All nonprofit Drupal devs and users, regardless of experience level, are always welcome on this call.

Feel free to share your thoughts and discussion points ahead of time in our collaborative Google doc: https://nten.org/drupal/notes

This free call is sponsored by NTEN.org and open to everyone.

View notes of previous months' calls.


Specbee: An Easy Step-by-Step Guide to Writing Your Own Custom Drush 9 (and 10) Commands

Planet Drupal - Thu, 2021/09/16 - 2:57pm
An Easy Step-by-Step Guide to Writing Your Own Custom Drush 9 (and 10) Commands Santhosh Kumar 16 Sep, 2021 Top 10 best practices for designing a perfect UX for your mobile app

If you’re a Drupal professional, Drush needs no introduction. But if you’re just starting out as a Drupal developer or keen on learning about Drupal, you should know that Drush is something you just CANNOT ignore. Short for “Drupal + Shell”, Drush is a Command Line Interface (CLI) tool made exclusively for Drupal. With Drush, you can set up new Drupal websites quickly and easily work with the Drupal installations. It helps you streamline your development and administrative tasks thus improving your productivity.

Drush 9 and Drush 10 core comes shipped with tons of helpful commands that helps you interact with themes, modules, profiles, etc. Some useful commands include – SQL commands, exporting or importing configurations, updates, migrations, cron or clear cache, and much more. It is also extremely extensible, in that you can create your own custom commands. In this article, you will find more information about how to create custom Drush 9 and 10 commands in an easy step-by-step process. 

Note: Drupal 8.4 and higher support Drush 9, while Drupal 8.8 and above support Drush 10.

Drush and Drupal Console

Although Drush and Drupal Console are both super useful CLI tools that make developers’ work easier, they are often used in different scenarios. With Drupal Console being the most recent addition to the Drupal world, it is a very useful tool for new developers to cope up with Drupal’s infamous learning curve. However, our take would be to use both Drush and Drupal Console as when put together they can do so much more in speeding up development and boosting productivity. 

While Drupal Console lets you create custom modules, services, entities, boilerplate content, debugging and more, Drush lets you perform more basic but foundational tasks. These tasks include installing Drupal, interacting with the installation, exporting and importing configurations, download and update contributed modules, Caching, update the database, run cron jobs and much more. For more details on each of their features, please refer to this guide.

When would we need to Create Custom Drush commands?

Although there are many Drush 9 commands that are ready to use for various functionalities, there are always times when they’re not adequate. We create custom Drush commands for many database related processes like entity field value updates, DB updates, importing or exporting data to and from Drupal, and other bulk processes. Also, when we have secure methods to be called, we can opt for Drush command implementation. 

How to Create a Custom Drush Command

The previous versions of Drush the implementation of Drush custom code followed different models. It was based on the hook_drush_command() and made use of .inc files.

In Drush 9, we will no longer use the .inc files or the hook_drush_command(). Drush commands will now be based on Annotated command format. This changed the fundamental structure of custom Drush commands.

Step 1: Create a module

Create a .info.yml file

  Step 2: Create a service using services.yml

Create a .services.yml file

  Step 3: Create a Drush service class

Now let’s extend the DrushCommands base class.


Path to the class file should be: 



Under this class, each method can be a command function if it is properly annotated.

Step 4: Create annotated methods


Here are a few of the common annotated commands:


Step 5: Clear cache

Now let’s clear the cache to flush all caches with this command:

drush cr

Start using the new custom command you just created:

drush custom-message


Note: Multiple options added, as options is an array value.

The implementation of custom Drush commands will be useful in various scenarios like to run secure methods and bulk processes which exceed normal Drupal execution time and memory. For more complex and heavy processes, integrate Drupal batch API in the Drush command and execute it. If you found this useful, consider signing up to our newsletter to have our regular articles get delivered straight to your inbox.

Looking for assistance in building compelling Drupal websites that can deliver successful results? Get in touch with our Drupal experts today!

Drupal Drupal Development Drupal Module Drupal Tutorial Drupal 9 Drupal Planet Shefali ShettyApr 05, 2017 Subscribe to our Newsletter Now Subscribe

Leave us a Comment

  Shefali ShettyApr 05, 2017 Recent Posts Image An Easy Step-by-Step Guide to Writing Your Own Custom Drush 9 (and 10) Commands Image How Drupal Empowers Nonprofits in Achieving their Mission Image Content Personalization Made Easy with Drupal Want to extract the maximum out of Drupal? TALK TO US Featured Success Stories

A Drupal powered multi-site, multi-lingual platform to enable a unified user experience at SEMI.


Discover how our technology enabled UX Magazine to cater to their massive audience and launch outreach programs.


Discover how a Drupal powered internal portal encouraged the sellers at Flipkart to obtain the latest insights with respect to a particular domain.



Droptica: Drupal 8 vs Drupal 9. Is it Time to Upgrade?

Planet Drupal - Thu, 2021/09/16 - 2:10pm

The Drupal system can be classified as one of the safest CMSs on the market. It has a refined structure and a wide range of functions. In this text, we'll take a look at Drupal 8 first. We'll remind you when it was released and what changes it brought when compared to the previous versions. Next, we'll take a closer look at Drupal 9 and then compare both versions.

Drupal releases

Drupal 8 was released on 19 November 2015. Compared to the previous version, that is – Drupal 7, there were as many as 200 new built-in functions, the multilingualism of the platform was improved and, for example, the new page editor and the version for mobile pages were introduced (as a built-in function – no additional domain for the mobile version is required). In terms of differences from the previous version, we can also add the fact that Drupal 8 uses object-oriented programming, instead of the procedural approach used in the previous version. The new version of Drupal uses a different theme engine – Twig, which is based on PHP. This makes it easier for programmers creating new themes because of the simpler syntax.

Another additional feature in Drupal 8 is the ability to edit the content directly from the site's user interface. It's also worth mentioning that the newer version of Drupal has access to the views directly from several administration screens. There's no need to spend additional time on it anymore, as was the case with Drupal 7. Looking from the perspective of a person viewing the page, we can also notice that the page loading speed has significantly increased thanks to entity caching. In addition, the previously viewed content doesn't need to be reloaded because it remains in the system cache. Also, the JavaScript code isn't loaded until it's necessary. After updating Drupal to version 8, you should also pay attention to the new types of fields that can significantly simplify the work for programmers.

What's the difference between Drupal 8 and Drupal 9?

Drupal 9 was released on 3 June 2020. It was built on version 8, so the changelog is shorter and the update from version 8 to 9 is simpler. The most important differences are the removal of almost all deprecated functions. In version 9, they've been replaced by other ones, and those that remained will be removed in the next installment of Drupal. A list of deprecated functions is available at Drupal.org.

Also new in version 9 is the next version of Symfony. Drupal 8 used version 3, but now it's version 4. Additionally, the Twig theme engine version has been updated – has been changed from version 1 to 2. Another difference between Drupal 8 vs 9 is the fact that most of the jQuery UI library dependencies have been removed. In the case of performing tests, in the new version, we rely on the PHPUnit solution (previously, the SimpleTest framework could be used).

The next thing that was almost completely removed in Drupal 9 is the Simple Annotation Parser from Doctrine. However, the required elements were incorporated into the Drupal 9 core. We also need to pay attention to the Apache version, because in the case of Drupal 8 version 2.x was enough, but currently, Drupal 9 requires a min. version of 2.4.7. The situation is similar with PHP – this time a min. version of 7.3 is required, but version 7.4 and 8.0 are also supported (applies to Drupal 9.1.0). In terms of the database and the use of MySQL/Percona, Drupal 9 requires a min. version of 5.7.8; Drupal 8 worked with version 5.5.3. The same goes for using MariaDB and SQLite. These need to be min. versions of 10.3.7 and 3.26 respectively. The previous version of Drupal used version 5.5.20 for MariaDB and 3.6.8+ for SQLite.


According to the above description of the differences between Drupal 8 vs 9, we can certainly say that the newer CMS release is much better in terms of speed. Using a min. PHP version of 7.3 improved the page loading speed. We can see an example on the PHP Benchmarks page, where all PHP versions are listed – from 5.6 to 8.0. At the very first glance, we can already see that between Drupal 8 and 9 there was an increase in performance of over 10%. This is the perfect reason to consider an upgrade, as each new version of PHP causes an even bigger leap in performance.

The situation is similar with Symfony. Version 3 has been used so far, but Drupal 9 needs the newer, fourth version of the framework. Thanks to it, we can significantly reduce the working time the developers need to create a new module or improve an existing one. The results of comparing Symfony versions from 2 to 5 can be checked on the already mentioned PHP Benchmarks page.


Another point that we can refer to in the context of the performance comparison is the Twig version used. In the case of Drupal 9, the theme engine is about 15% faster than the one used in Drupal 8.


You may also be interested in: Why Drupal Is The Best Headless CMS?

Drupal 8 to Drupal 9 – upgrade

Upgrading Drupal 8 to Drupal 9 is much simpler and less time-consuming compared to the transition from version 7 to version 8. First, we need to verify that we are using the latest version of Drupal 8. It should also be noted that soon (November 2021) support for the older, eighth version of the described CMS will end, so soon we should carefully think over the update process and prepare for updating Drupal.

Once we are sure that we have the latest version of Drupal 8, we can start by updating all modules and skins. In this case, we also need to have their latest versions. At this step, we'll see that most of the modules already support Drupal 9. Next, it's worth using the tool provided by the authors of this CMS to prepare a checklist of things that need to be prepared, so that the update goes smoothly and without complications.

One of the last steps will be to check whether the server on which we plan to install Drupal 9 meets the requirements for PHP, Apache, and database engine versions. We've described the required versions in the previous paragraphs. At this point, we're one step away from using Drupal 9. It only takes a few clicks and some time to go through the entire update process.

Drupal 8 vs Drupal 9 – summary

Due to the upcoming end of support for Drupal 8, the significant increase in system performance, and the relatively simple means of updating to the latest version, we recommend that you complete this process as soon as possible. Thanks to this, you'll avoid any problems after support has ended and complications in the event of updating "real quick" in an environment that's not adapted to this. It's worth planning this process from start to finish and enjoy the much greater transparency of the code and the new possibilities offered by Drupal 9.

If you don't know how to properly update to the latest version, our experienced Drupal support team will be happy to help you.


Security advisories: Drupal core - Moderately critical - Access Bypass - SA-CORE-2021-010

Planet Drupal - Wed, 2021/09/15 - 5:25pm
Project: Drupal coreDate: 2021-September-15Security risk: Moderately critical 12∕25 AC:Basic/A:None/CI:Some/II:None/E:Theoretical/TD:DefaultVulnerability: Access BypassCVE IDs: CVE-2020-13677Description: 

Under some circumstances, the Drupal core JSON:API module does not properly restrict access to certain content, which may result in unintended access bypass.

Sites that do not have the JSON:API module enabled are not affected.

This advisory is not covered by Drupal Steward.


Install the latest version:

Versions of Drupal 8 prior to 8.9.x and versions of Drupal 9 prior to 9.1.x are end-of-life and do not receive security coverage.

Drupal 7 core does not include the JSON:API module and therefore is not affected.

Reported By: Fixed By: 

Security advisories: Drupal core - Moderately critical - Access bypass - SA-CORE-2021-009

Planet Drupal - Wed, 2021/09/15 - 5:23pm
Project: Drupal coreDate: 2021-September-15Security risk: Moderately critical 10∕25 AC:Basic/A:User/CI:Some/II:None/E:Theoretical/TD:DefaultVulnerability: Access bypassCVE IDs: CVE-2020-13676Description: 

The QuickEdit module does not properly check access to fields in some circumstances, which can lead to unintended disclosure of field data.

Sites are only affected if the QuickEdit module (which comes with the Standard profile) is installed.

This advisory is not covered by Drupal Steward.


Install the latest version:

Versions of Drupal 8 prior to 8.9.x and versions of Drupal 9 prior to 9.1.x are end-of-life and do not receive security coverage.

Drupal 7 core does not include the QuickEdit module and therefore is not affected.

Uninstalling the QuickEdit module will also mitigate the vulnerability. Site owners may wish to consider this option as the QuickEdit module will be removed from core in Drupal 10.

Reported By: Fixed By: 

Security advisories: Drupal core - Moderately critical - Access bypass - SA-CORE-2021-008

Planet Drupal - Wed, 2021/09/15 - 5:22pm
Project: Drupal coreDate: 2021-September-15Security risk: Moderately critical 11∕25 AC:Basic/A:None/CI:None/II:Some/E:Theoretical/TD:UncommonVulnerability: Access bypassCVE IDs: CVE-2020-13675Description: 

Drupal's JSON:API and REST/File modules allow file uploads through their HTTP APIs. The modules do not correctly run all file validation, which causes an access bypass vulnerability. An attacker might be able to upload files that bypass the file validation process implemented by modules on the site.

This vulnerability is mitigated by three factors:

  1. The JSON:API or REST File upload modules must be enabled on the site.
  2. An attacker must have access to a file upload via JSON:API or REST.
  3. The site must employ a file validation module.

This advisory is not covered by Drupal Steward.

Also see GraphQL - Moderately critical - Access bypass - SA-CONTRIB-2021-029 which addresses a similar vulnerability for that module.


Install the latest version:

Versions of Drupal 8 prior to 8.9.x and versions of Drupal 9 prior to 9.1.x are end-of-life and do not receive security coverage.

Drupal 7 core is not affected.

Reported By: Fixed By: 

Security advisories: Drupal core - Moderately critical - Cross Site Request Forgery - SA-CORE-2021-007

Planet Drupal - Wed, 2021/09/15 - 5:20pm
Project: Drupal coreDate: 2021-September-15Security risk: Moderately critical 14∕25 AC:Complex/A:None/CI:Some/II:Some/E:Theoretical/TD:DefaultVulnerability: Cross Site Request ForgeryCVE IDs: CVE-2020-13674Description: 

The QuickEdit module does not properly validate access to routes, which could allow cross-site request forgery under some circumstances and lead to possible data integrity issues.

Sites are only affected if the QuickEdit module (which comes with the Standard profile) is installed. Removing the "access in-place editing" permission from untrusted users will not fully mitigate the vulnerability.

This advisory is not covered by Drupal Steward.


Install the latest version:

Versions of Drupal 8 prior to 8.9.x and versions of Drupal 9 prior to 9.1.x are end-of-life and do not receive security coverage.

Drupal 7 core does not include the QuickEdit module and therefore is not affected.

Uninstalling the QuickEdit module will also mitigate the vulnerability. Site owners may wish to consider this option as the QuickEdit module will be removed from core in Drupal 10.

Reported By: Fixed By: 

Security advisories: Drupal core - Moderately critical - Cross Site Request Forgery - SA-CORE-2021-006

Planet Drupal - Wed, 2021/09/15 - 5:18pm
Project: Drupal coreDate: 2021-September-15Security risk: Moderately critical 10∕25 AC:Basic/A:User/CI:None/II:Some/E:Theoretical/TD:DefaultVulnerability: Cross Site Request ForgeryCVE IDs: CVE-2020-13673Description: 

The Drupal core Media module allows embedding internal and external media in content fields. In certain circumstances, the filter could allow an unprivileged user to inject HTML into a page when it is accessed by a trusted user with permission to embed media. In some cases, this could lead to cross-site scripting.

This advisory is not covered by Drupal Steward.

Also see Entity Embed - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2021-028 which addresses a similar vulnerability for that module.

Updated 18:15 UTC to clarify text.


Install the latest version:

Versions of Drupal 8 prior to 8.9.x and versions of Drupal 9 prior to 9.1.x are end-of-life and do not receive security coverage.

Drupal 7 core is not affected.

Reported By: Fixed By: 

robertroose.com: Design tips for Drupal developers

Planet Drupal - Wed, 2021/09/15 - 4:36pm

As a Drupal developer you don’t always have the time or resources to spend on designing the things you build. In this blog post I will share a few easy to follow guidelines that will make your work instantly look better.


Tag1 Consulting: Serenity Notes: End-to-End Encrypted Collaborative Notes

Planet Drupal - Wed, 2021/09/15 - 3:06pm

Serenity Notes is a new application that enables you to collaborate on Notes across devices, with multiple users, in real-time, using end-to-end encryption to keep all your data and info private and secure. It has a game changing SDK enabling the addition of e2e real-time collaboration to your applications, without the complicated underlying complexities. In this Tag1 Team Talk, Managing Director Michael Meyers interviews Nik Graf, the founder of Serenity Notes. Nik has worked for and with Tag1 on many occasions, and is a regular guest on our Tag1 Team Talks program. He’s also a regular contributor to open source projects, as an organizer of ReasonConf, a board member of the ReScript Language Association, and the co-creator of DraftJS Plugins, along with many other projects. For a transcript of this video, see Transcript: Serenity Notes - End-to-End Encrypted Collaborative Notes. ## Additional resources * matrix.org End-to-End Encryption implementation guide * https://www.reason-conf.com * ReScript Language Association * DraftJS Plugins * A Deep Dive Into End To End Encryption (E2EE) in Yjs - Part 1 * A Deep Dive Into End To End Encryption (E2EE) in Yjs - part 2 Photo by Kelly Sikkema...

Read more lynette@tag1co… Wed, 09/15/2021 - 06:06

ComputerMinds.co.uk: Get Hook-ed on Object-Oriented Programming

Planet Drupal - Wed, 2021/09/15 - 12:29pm

When writing a hook implementation, for example of hook_cron, there's often a tendency to write purely procedural code, like this:

function my_module_cron() { $entity_type_manager = \Drupal::entityTypeManager(); $node_storage = $entity_type_manager->getStorage('node'); // More code goes here. }

If you've got one or two easily understandable lines of code, fine, but frequently you'll end up with a little mini-application jammed into a hook implementation and it can be very easy to end up with something that's not particularly readable, let alone maintainable.

In several articles I've read they mention that you 'cannot' use Object-Oriented Programming code in a hook, and while sort of technically true, there's several easy ways to get back into the OOP world from a Drupal hook:

Static method

This is sort of one for people who simply don't feel right unless they are programming in a class because it doesn't bring all that many advantages over just writing your code in a function, but your hook implementation could look like this:

function my_module_cron() { \Drupal\my_module\Utility\MagicalCronApplication::run(); }

And then you'd have a simple class in src\Utility\MagicalCronApplication.php:

namespace Drupal\my_module\Utility; class MagicalCronApplication { public static function run() { $entity_type_manager = \Drupal::entityTypeManager(); $node_storage = $entity_type_manager->getStorage('node'); // More code goes here. } }

So that gets you into an OOP landscape, but it's a static method, so not all that different from the function implementing the hook, we can do better.

Create an instance

We could do a little refactor and make it so that our hook implementation instantiates a class and then calls a simple method on it, this would help our code look a little more familiar and indeed allow breaking up our little application into more methods to aid readability.

function my_module_cron() { $instance = new \Drupal\my_module\Utility\MagicalCronApplication(); $instance->runApplication(); }

And then you'd have a simple class in src\Utility\MagicalCronApplication.php:

namespace Drupal\my_module\Utility; class MagicalCronApplication { /** * The node storage instance. * * @var \Drupal\Core\Entity\EntityStorageInterface */ protected $nodeStorage; public function __construct() { $entity_type_manager = \Drupal::entityTypeManager(); $this->nodeStorage = $entity_type_manager->getStorage('node'); } public function runApplication() { // More code goes here. } }

We've got more code than ever before, but it's going to be simpler to split up our mini-application and tightly couple the methods together into a single class now.

We could also go a bit further and use the dependency injection pattern to get:

function my_module_cron() { $instance = new \Drupal\my_module\Utility\MagicalCronApplication(\Drupal::entityTypeManager()); $instance->runApplication(); }

And in src\Utility\MagicalCronApplication.php:

namespace Drupal\my_module\Utility; use Drupal\Core\Entity\EntityTypeManagerInterface; class MagicalCronApplication { /** * The node storage instance. * * @var \Drupal\Core\Entity\EntityStorageInterface */ protected $nodeStorage; public function __construct(EntityTypeManagerInterface $entity_type_manager) { $this->nodeStorage = $entity_type_manager->getStorage('node'); } public function runApplication() { // More code goes here. } } Class resolver

Dependency injection is a lovely programming pattern that allows nice things like easily passing in mocked objects and if nothing else explicitly listing out our code dependencies. But if you don't have a Dependency Injection Container around, it can make instantiating classes pretty tricky/verbose, thankfully Drupal does and it has also has a super nifty class that'll help us access services in the container too. (Technically this is dependency container injection into a factory method, but hey!)

So we can rework our code to be like this:

function my_module_cron() { \Drupal::service('class_resolver') ->getInstanceFromDefinition(\Drupal\my_module\Utility\MagicalCronApplication::class) ->runApplication(); }

And in src\Utility\MagicalCronApplication.php:

namespace Drupal\my_module\Utility; use Drupal\Core\Entity\EntityTypeManagerInterface; use Drupal\Core\DependencyInjection\ContainerInjectionInterface; use Symfony\Component\DependencyInjection\ContainerInterface; class MagicalCronApplication implements ContainerInjectionInterface { /** * The node storage instance. * * @var \Drupal\Core\Entity\EntityStorageInterface */ protected $nodeStorage; public function __construct(EntityTypeManagerInterface $entity_type_manager) { $this->nodeStorage = $entity_type_manager->getStorage('node'); } public static function create(ContainerInterface $container) { return new static( $container->get('entity_type.manager') ); } public function runApplication() { // More code goes here. } }

Now we can write code that's much more familiar to the rest of Drupal and much more importantly we can copy/paste code from other classes as we need without having to think too much or doing various gymnastics to get the services we need, we can just add them nicely to the constructor and factory and we're away!

This approach also allows calling this code from multiple places much more easily, say if you want to provide a Drush command that calls this code or even a button in the web UI that runs the exact same code. These things are now super simple.

Bonus: If we happen to not actually need any services from the container, then we can actually drop the create factory method and the implements and the class resolver will basically call new for us, but the day we do want those things we can pop them back and we don't have to go around worrying that usages of our class will break.

We could stop there...and we probably should...but.

A service

We're now not actually that far away from creating a full-blown service, which essentially is only different from the last example in that the class is also made available in the dependency injection container for other code to use too.

For that we could declare our service in a my_module.services.yml file like so:

services: my_module.magical_cron_service: class: Drupal\my_module\Utility\MagicalCronApplication arguments: ['@entity_type.manager']

And then our hook becomes:

function my_module_cron() { \Drupal::service('my_module.magical_cron_service') ->runApplication(); }

We can then drop the factory static method from our class:

namespace Drupal\my_module\Utility; use Drupal\Core\Entity\EntityTypeManagerInterface; class MagicalCronApplication { /** * The node storage instance. * * @var \Drupal\Core\Entity\EntityStorageInterface */ protected $nodeStorage; public function __construct(EntityTypeManagerInterface $entity_type_manager) { $this->nodeStorage = $entity_type_manager->getStorage('node'); } public function runApplication() { // More code goes here. } }

Aside from probably now being really badly named, a service allows some other fun things, like other code could swap out the actual class instantiated when the service is requested. If you did really want to do something like that I'd argue that you can actually swap out the hook implementation itself using a module_implements_alter hook implementation instead, which is probably clearer as to what's going on (it's still not very clear, obviously).

If you are declaring a service you should probably also give the class an interface and because you are advertising to the world that they can call your code you should expect that to happen. You might now have to think about what issues you might cause if you change that code in the future. You might end up supporting an entire ecosystem of modules off of your service, that's a lot of potential code to break.

It's possible that a hybrid approach might be appropriate, whereby you declare some service that contains small, useful functions that other code from other modules might want to call, but that you keep your hook implementations either simply calling the methods on those simple services or where a little bit more logic is required: having a tightly coupled utility class, like in the 'Class resolver' example, that can do the work in a more OOP way.

Wrapping up

I'd argue that unless your hook implementation is no more than two or three lines, you might as well spin up a quick utility class and use the class resolver to instantiate the class. The future you will be grateful that you put in the extra minute to make your codebase more consistent, more copy/pasteable, and more flexible.

Additionally, if your utility class ends up with a lot of useful code in it I'd strongly consider refactoring it into a service so that other code can use your useful code too, but probably don't reach for the services.yml every time you need instantiate an object. But equally, you can use Object-Oriented Programming to implement a hook, almost.

Photo by James Harrison on Unsplash