DrupalEasy: DrupalEasy Podcast 226 - Tearyne Almendariz (empowering volunteers), Albert Hughes (Memphis Grizzlies), Chris Weber (The Change Notice)

Planet Drupal - Sun, 2020/03/22 - 4:03pm

Direct .mp3 file download.

We talk with Tearyne Almendariz, Frontend developer for Lullabot about empowering volunteers, Albert Hughes, Sr. Manager of Marketing Technology for Memphis Basketball, LLC the parent company of the Memphis Grizzlies, and Chris Weber is back with another episode of The Change Record.

Drupal is a box of opportunity. URLs mentioned DrupalEasy News Sponsors Subscribe

Subscribe to our podcast on iTunes, Google Play or Miro. Listen to our podcast on Stitcher.

If you'd like to leave us a voicemail, call 321-396-2340. Please keep in mind that we might play your voicemail during one of our future podcasts. Feel free to call in with suggestions, rants, questions, or corrections. If you'd rather just send us an email, please use our contact page.

Categories:

groups.drupal.org frontpage posts: Drupal 9.0.0-beta1 has been released!

Planet Drupal - Fri, 2020/03/20 - 9:39pm

Huge thanks for responding to our call for contributors posted at the beginning of the month. All must-have beta requirements have been completed, so, we've released Drupal 9.0.0-beta1! Drupal 8.9.0-beta1 will be released next week (the week of March 23).

The release of the first betas is a firm deadline for all feature and API additions. Even if an issue is pending in the Reviewed & Tested by the Community (RTBC) queue when the commit freeze for the beta begins, it will be committed to the next minor release only.

  • Developers and site owners can begin testing the betas after their release.

  • Sites must be on 8.8 or later to update to 9.0.0-beta1. Therefore, we will also provide bugfix releases of 8.8 and 8.7 that resolve known upgrade path criticals, so sites that have not been able to update to 8.8 can test the upgrade.

  • Once 8.9.0-beta1 is released, the 9.1.x branch of core will open for development. This branch is where feature and API additions should be made. All outstanding issues filed against 8.9.x will be automatically migrated to 9.1.x.

  • Alpha experimental modules have been removed from the 8.9.x and 9.0.x codebases (so their development will continue in 9.1.x only).

  • Additional fixes will be committed to 9.0.x under the beta allowed changes policy through the end of the beta phase on April 28.

  • The release candidate phase will begin the week of May 4th.

See the summarized key dates in the release cycle, allowed changes during the Drupal 8 and 9 release cycle, and Drupal 8 and 9 backwards compatibility and internal API policy for more information.

Drupal 9.0.0 and Drupal 8.9.0 are both scheduled to be released on June 3, 2020.

Bugfixes and security support of Drupal 8.8 and 8.7

Drupal 8.8 will receive additional bugfix releases through May 4, 2020, and it has security coverage through December 2, 2020. Drupal 8.7 has security coverage until the release of 8.9.0 on June 3.

Categories:

Drupal blog: Drupal 9.0.0 will be released on June 3, 2020; first beta available now!

Planet Drupal - Fri, 2020/03/20 - 9:05pm

Drupal 9.0.0-beta1 is available now. This release includes all the dependency updates, updated platform requirements (web server, PHP, and database versions), stable APIs, and features that will ship with Drupal 9. The stable Drupal 9.0.0 release is scheduled for June 3, 2020!

The beta release marks Drupal 9 as API-complete, so now is a great time to start getting your projects ready for Drupal 9. Most projects need a few small changes. A single project release can now be compatible with Drupal 8 and 9 at the same time, so you don't even need to release a new branch of your project to support Drupal 9.

Drupal 8.9.0 will also be released on June 3, 2020. It will contain the same features as Drupal 9.0.0 while keeping backwards compatibility with Drupal 8. This final minor version of Drupal 8 will receive long-term support, with bug fixes and security coverage until November 2021. Meanwhile, Drupal 9 will continue to receive new features in Drupal 9.1 (out in December, 2020) and beyond.

Categories:

Lullabot: Fostering Inclusion in Tech: Hiring Inclusively

Planet Drupal - Fri, 2020/03/20 - 6:05pm

In the previous article of this series, we talked about how fostering diversity, equity, and inclusion (DEI) in an organization is no easy feat. However, there are steps you can take to help get you on your way. When it comes to the hiring process specifically, it's important to hire in the spirit of openness, transparency, accountability, and have a shared vision of what constitutes success for the new position.

Categories:

Lullabot: Lullabot Podcast: DrupalCon Europe

Planet Drupal - Fri, 2020/03/20 - 1:07pm

Mike and Matt talk with organizers of DrupalCon Europe about the organization of the conference, COVID-19, and differences between it and DrupalCon North America.

Categories:

Centarro: Supporting the Drupal Association in a pandemic

Planet Drupal - Fri, 2020/03/20 - 9:18am

The Drupal Assocation is the company dedicated to supporting the Drupal community. It provides the infrastructure and creates the meeting space for us to gather, learn from one another, hack on code together, and generally advance the cause of the open web together through Drupal. Drupal Camps and DrupalCons have been the avenues for growth as contributors for most of our team, myself included.

Periods of economic uncertainty like the current pandemic create challenges for non-profit organizations like the Drupal Association, and they're even more challenging when the majority of an organization's revenue comes from a springtime conference like the upcoming Drupalcon Minneapolis originally planned for May. Heather Rocker and the team have made the commitment to only "gather the Drupal community when it's safe to do so," and it's no surprise that such a commitment creates stress on the organization as it upends its financial forecast for the year.

Centarro has been in business as a major contributor to Drupal (as Commerce Guys first via Ubercart then our Commerce modules) since DrupalCon D.C. in 2009, and our sponsorship and investment in the project has only grown with time. Even as a small team, we contribute 3,200+ hours / year through our modules and core initiatives and spend upwards of $30,000 annually in conference sponsorship / partnership fees that contribute directly to the Drupal Association's operating costs and those of our various local Drupal communities.

Read more
Categories:

ARREA-Systems: Drupal Landing Page - part 2

Planet Drupal - Fri, 2020/03/20 - 12:49am
Drupal Landing Page - part 2 Arrea Systems Fri, 03/20/2020 - 08:00 There is no easy way to build a simple landing page in Drupal. This is how we built ours. In this article we look at the custom module.
Categories:

Drupal blog: Is Open Source recession-proof?

Planet Drupal - Thu, 2020/03/19 - 7:47pm

This blog has been re-posted and edited with permission from Dries Buytaert's blog.

The world is experiencing a scary time right now. People feel uncertain about the state of the world: we're experiencing a global pandemic, the OPEC is imploding, the trade war between the US and China could escalate, and stock markets around the world are crashing. Watching the impact on people's lives, including my own family, has been difficult.

People have asked me how this could impact Open Source. What is happening in the world is so unusual, it is hard to anticipate what exactly will happen. While the road ahead is unknown, the fact is that Open Source has successfully weathered multiple recessions.

While recessions present a difficult time for many, I believe Open Source communities have the power to sustain themselves during an economic downturn, and even to grow.

Firstly, large Open Source communities consist of people all around the world who believe in collective progress, building something great together, and helping one another. Open Source communities are not driven by top-line growth -- they're driven by a collective purpose, a big heart, and a desire to build good software. These values make Open Source communities both resilient and recharging.

Secondly, during an economic downturn, organizations will look to lower costs, take control of their own destiny, and strive to do more with less. Adopting Open Source helps these organizations survive and thrive.

Open Source continues to grow despite recessions

I looked back at news stories and data from the last two big recessions — the dot-com crash (2000-2004) and the Great Recession (2007-2009) — to see how Open Source fared.

According to an InfoWorld article from 2009, 2000-2001 (the dot-com crash) was one of the largest periods of growth for Open Source software communities.

Twenty years ago, Open Source was just beginning to challenge proprietary software in the areas of operating systems, databases, and middleware. According to Gartner, the dot-com bust catapulted Linux adoption into the enterprise market. Enterprise adoption accelerated because organizations looked into Open Source as a way to cut IT spending, without compromising on their own pace of innovation.

Eight years later, during the Great Recession, we saw the same trend. As Forrester observed in 2009, more companies started considering, implementing, and expanding their use of Open Source software.

Red Hat, the most prominent public Open Source company in 2009, was outperforming proprietary software giants. As Oracle's and Microsoft's profits dropped in early 2009, Red Hat's year-over-year revenue grew by 11 percent.

Anecdotally, I can say that starting Acquia during the Great Recession was scary, but ended up working out well. Despite the economic slump, Acquia continued to grow year-over-year revenues in the years following the Great Recession from 2009 to 2011.

I also checked in with some long-standing Drupal agencies and consultancies (LullabotPhase2 and Palantir.net), who all reported growing during the Great Recession. They attribute that growth directly to Drupal and the bump that Open Source received as a result of the recession. Again, businesses were looking at Open Source to be efficient without sacrificing innovation or quality.

Why Open Source will continue to grow and win

Fast forward another 10 years, and Open Source is still less expensive than proprietary software. In addition, Open Source has grown to be more secure, more flexible, and more stable than ever before. Today, the benefits of Open Source are even more compelling than during past recessions.

Open Source contribution can act as an important springboard for individuals in their careers as well. Developers who are unemployed often invest their time and talent back into Open Source communities to expand their skill sets or build out their resumes. People can both give and get from participating in Open Source projects.

That is true for organizations as well. Organizations around the world are starting to understand that contributing to Open Source can give them a competitive edge. By contributing to Open Source, and by sharing innovation with others, organizations can engage in a virtuous and compounding innovation cycle.

No one wants to experience another recession. But if we do, despite all of the uncertainty surrounding us today, I am optimistic that Open Source will continue to grow and expand, and that it can help many individuals and organizations along the way.

Categories:

Hook 42: So long, and thanks for all the fish!

Planet Drupal - Thu, 2020/03/19 - 6:41pm
So long, and thanks for all the fish! Lindsey Gemmill Thu, 03/19/2020 - 17:41
Categories:

Dries Buytaert: Is Open Source recession-proof?

Planet Drupal - Thu, 2020/03/19 - 5:12pm

The world is experiencing a scary time right now. People feel uncertain about the state of the world: we're experiencing a global pandemic, the OPEC is imploding, the trade war between the US and China could escalate, and stock markets around the world are crashing. Watching the impact on people's lives, including my own family, has been difficult.

People have asked me how this could impact Open Source. What is happening in the world is so unusual, it is hard to anticipate what exactly will happen. While the road ahead is unknown, the fact is that Open Source has successfully weathered multiple recessions.

While recessions present a difficult time for many, I believe Open Source communities have the power to sustain themselves during an economic downturn, and even to grow.

Firstly, large Open Source communities consist of people all around the world who believe in collective progress, building something great together, and helping one another. Open Source communities are not driven by top-line growth -- they're driven by a collective purpose, a big heart, and a desire to build good software. These values make Open Source communities both resilient and recharging.

Secondly, during an economic downturn, organizations will look to lower costs, take control of their own destiny, and strive to do more with less. Adopting Open Source helps these organizations survive and thrive.

Open Source continues to grow despite recessions

I looked back at news stories and data from the last two big recessions — the dot-com crash (2000-2004) and the Great Recession (2007-2009) — to see how Open Source fared.

According to an InfoWorld article from 2009, 2000-2001 (the dot-com crash) was one of the largest periods of growth for Open Source software communities.

Twenty years ago, Open Source was just beginning to challenge proprietary software in the areas of operating systems, databases, and middleware. According to Gartner, the dot-com bust catapulted Linux adoption into the enterprise market. Enterprise adoption accelerated because organizations looked into Open Source as a way to cut IT spending, without compromising on their own pace of innovation.

Eight years later, during the Great Recession, we saw the same trend. As Forrester observed in 2009, more companies started considering, implementing, and expanding their use of Open Source software.

Red Hat, the most prominent public Open Source company in 2009, was outperforming proprietary software giants. As Oracle's and Microsoft's profits dropped in early 2009, Red Hat's year-over-year revenue grew by 11 percent.

Anecdotally, I can say that starting Acquia during the Great Recession was scary, but ended up working out well. Despite the economic slump, Acquia continued to grow year-over-year revenues in the years following the Great Recession from 2009 to 2011.

I also checked in with some long-standing Drupal agencies and consultancies (Lullabot, Phase2 and Palantir.net), who all reported growing during the Great Recession. They attribute that growth directly to Drupal and the bump that Open Source received as a result of the recession. Again, businesses were looking at Open Source to be efficient without sacrificing innovation or quality.

Why Open Source will continue to grow and win

Fast forward another 10 years, and Open Source is still less expensive than proprietary software. In addition, Open Source has grown to be more secure, more flexible, and more stable than ever before. Today, the benefits of Open Source are even more compelling than during past recessions.

Open Source contribution can act as an important springboard for individuals in their careers as well. Developers who are unemployed often invest their time and talent back into Open Source communities to expand their skill sets or build out their resumes. People can both give and get from participating in Open Source projects.

That is true for organizations as well. Organizations around the world are starting to understand that contributing to Open Source can give them a competitive edge. By contributing to Open Source, and by sharing innovation with others, organizations can engage in a virtuous and compounding innovation cycle.

No one wants to experience another recession. But if we do, despite all of the uncertainty surrounding us today, I am optimistic that Open Source will continue to grow and expand, and that it can help many individuals and organizations along the way.

Categories:

Joachim's blog: Base fields versus config fields, and how to handle the latter in tests

Planet Drupal - Thu, 2020/03/19 - 3:07pm

All fields are equal in Drupal 8! Back in Drupal 7 we had two different systems for data on entities, which worked fairly differently: entity properties that were defined as database fields and controlled by hardcoded form elements, and user-created fields on entities that had widgets and formatters. But now in Drupal 8, every value on an entity is a field, with the same configuration in the UI, access to the widgets and formatters, and whose data is accessed in the same way.

Is this the end of the story? No, not quite. For site builders, everything is unified, and that's great. For code that consumes data from entities, everything is unified, and that's great too. But for the developer actually working with those fields, whether a field is a base field or a config field still makes a big difference.

Config fields are easier...

Config fields are manipulated via a UI, and that makes them simple to work with.

Setup

Config fields win easily here: a few clicks in the UI to create the field, a few options to choose in dropdowns for the widget and formatter options and you're set. Export to config, commit: done!

Base fields are more fiddly here. You need to be familiar with the Entity system, and understand (or copy-pasta!) the base field definitions. Then, knowing the right widget and formatter to use and how to set their options requires close reading of the relevant plugin classes.

Update

Config fields win again: change in the UI, export to config, deploy!

For base fields, you once again need to know what you're doing with the code, and you now need a hook_update_N() to make the change to the database (now that entity updates are longer done automatically).

Removal

This is maybe a minor point, but while removing a config field is again just a UI click and a config export, removing a base field will again require a hook_update_N() to tell the Entity API to update the database tables.

...but base fields are more robust

Given the above, why bother with base fields? Well, if your field just sit there holding data, you can stop reading. But if your fields are involved in your custom code, as a developer, this should give you an unpleasant feeling: your code in modules/custom/mymodule is dependent on configuration that lives in the site's config export.

Robustness

The fact that config fields are so easy to change in the UI is now a mark against them. Another developer could change a field without a full understanding of the code that works with it. The code might expect a value to always be there, but the field is now non-required. The code might expect certain options, but the field now has an extra one.

Instead of this brittle dependency, it feels much safer to have base fields defined closer to the code that makes use of them: in the same module.

Tests

The solution to the dependency problem is obviously tests, which would pick up any change that breaks the code's expectations of how the fields behave. But now we hit a big problem with config fields: your test site doesn't have those fields!

My first attempt at solving this problem was to use the Configuration development module. This allows you to export config from the site to a module's /config/install folder. A test that installs that module then gets those config items imported.

It's a quick and simple approach: when a test crashes because of a missing field, find it in the config folder, add it to the right module's .info.yml file, do drush cde MODULE and commit the changes and the newly created files.

This approach also works for all other sorts of config your test might need: taxonomy vocabularies, node types, roles, and more!

But now you have an additional maintenance burden because your site config is now in three places: the site itself, the config export, and now also in module config. And if developers who change config forget to also export to module config, your test is now no longer testing how the site actually works, and so will either fail, or worse, won't be actually covering what you expect any more.

Best of both worlds: import from config

To summarize: we want the convenience of config fields, but we want them to be close to our code and testable. If they're testable, we can maybe stand to forego the closeness.

My best solution to this so far is simple: allow tests to import configuration direct from the site config sync folder.

Here's the helper method I've been using:

/** * Imports config from a real local site's config folder. * * TODO: this currently only supports config entities. * * @param string $site_key * The site key, that is, the subfolder in /config in which to find the * config files. * @param string $config_name * The config name. This is the same as the YML filename without the * extension. Note that this is not checked for dependencies. * * @throws \Exception * Throws an exception if the config can't be imported. */ protected function importSiteConfig(string $site_key, string $config_name) { $storage = $this->container->get('config.storage.sync'); // Code cribbed from Config Devel module's ConfigImporterExporter. $config_filename = "../config/{$site_key}/{$config_name}.yml"; if (!file_exists($config_filename)) { throw new \Exception("Unable to find config file $config_filename to import from."); } $contents = @file_get_contents($config_filename); $data = $storage->decode($contents); if (!$data) { throw new \Exception("Failed to import config $config_name from site $site_key."); } // This assumes we only ever import entities from site config for tests, // which so far is the case. $entity_type_id = $this->container->get('config.manager')->getEntityTypeIdByName($config_name); if (empty($entity_type_id)) { throw new \Exception("Non-entity config import not yet supported!"); } $entity = $this->container->get('entity_type.manager')->getStorage($entity_type_id)->create($data); $entity->save(); }

Use it in your test's setUp() or test methods like this:

// Import configuration from the default site config files. $this->importSiteConfig('default', 'field.storage.node.field_my_field'); $this->importSiteConfig('default', 'field.field.node.article.field_my_field');

As you can see from the documentation, this so far only handles config that is entities. I've not yet had a use for importing config that's not an entity (and just about all config items are entities except for the ones that are a collection of a module's settings). And it doesn't check for dependencies: you'll need to import them in the right order (field storage before field) and ensure the modules that provide the various things are enabled in the test.

I should mention for the sake of completeness that there's another sort of field, sort of: bundle fields. These are in code like base fields, but limited to a particular bundle. They also have a variety of problems as the system that support them is somewhat incomplete.

Finally, it occurs to me that another way to bridge the gap would be to allow editing base fields in the UI, and then export that back to code consisting of the BaseFieldDefinition calls. But hang on... haven't I just reinvented Drupal 7-era Features?

Categories:

MD Systems blog: Drupal 9 beta release and module compatibility status

Planet Drupal - Thu, 2020/03/19 - 10:45am
Drupal 9 is expected to be released on time in June 2020. Are the most popular modules ready? How are we at MD Systems helping in the D9 readiness effort?
Categories:

PreviousNext: Preparing your site for Drupal 9

Planet Drupal - Thu, 2020/03/19 - 6:06am

Drupal 9 is just around the corner. Here's what you need to do to ensure a smooth upgrade.

by Kim Pepper / 19 March 2020 Changes from Drupal 8 to Drupal 9

Unlike the Drupal 7 → 8 update, which required a rebuild and migrate, Drupal 9 is a simple incremental update from Drupal 8.

Third-party Dependencies

Drupal 8 is built upon 30+ third-party libraries. In order to keep Drupal stable, these have been kept at major version numbers throughout the Drupal 8 release cycle. Some of these will be end-of-life in coming years, so Drupal 9 is bumping these to newer versions in order to maintain long-term support coverage. The major dependency changes are:

  • Symfony 3.4.x  → 4.4.x
  • Twig 1.x → 2.x

In addition, Drupal 9 requires Drush 10.x or later.

Deprecated Code Removal

Drupal 8 introduced a backwards compatibility policy that required public APIs to remain stable while new features or improvements were added. The old APIs were marked as deprecated, but kept in place for backwards compatibility. This gives developers fair warning that code will be removed in future versions of Drupal giving them time to move to the new APIs.

Drupal 9 removes all deprecated code that has built up during the Drupal 8 release cycle.

Platform requirement changes

In addition, platform requirements have changed. Most importantly, this includes new minimum versions of:

  • PHP 7.3 or later
  • MySQL 5.7 or later
Getting Your Site Ready

Fortunately, there are only a few steps you need to follow in order to get your site ready for Drupal 9.

Update Contributed Modules to their Latest Version

Drupal 9 will work with modules that worked on Drupal 8, so there are no major rewrites required. This means the current module version naming scheme (e.g. 8.x-1.0) doesn't make much sense any more. It will gradually be replaced with a semantic versioning scheme (e.g. 2.1.0) as new module releases are published.

If you are a site builder, the easiest way to ensure your site is compatible with Drupal 9 is to keep your contributed modules up to date. You can check the status of your contributed modules using Acquia's Drupal 9 Deprecation Status page.

Replace Deprecated API Usage

Of course, many Drupal sites include custom modules. In order to get your own modules ready, you need to:

  • replace any usages of deprecated API usage
  • specify core version requirement to include Drupal 9

To automatically find usages of deprecated API usage, there is the excellent Drupal Check tool by Matt Glaman. Follow the installation instructions, then from the command line, run it against your custom module:

drupal-check web/modules/contrib/address

Almost all Drupal deprecations have handy instructions on the newer alternative API methods to use as well as a link to the change record that describes it in more details. For example:

drupal_set_message() is deprecated in Drupal 8.5.0 and will be removed before Drupal 9.0.0. Use \Drupal\Core\Messenger\MessengerInterface::addMessage() instead. See https://www.drupal.org/node/2774931

Reading the change notice, we just need to change:

drupal_set_message("example message");

to:

\Drupal::messenger()->addMessage("example message")

You can run drupal-check again and again until you have no more deprecation messages.

If you aren't comfortable with the command line, there is the excellent Upgrade Status module that you install to give you a user friendly report of what needs updating. There is also Drupal 8 Reactor which can automate some of this for you.

Specify Core Version Requirement

The last step is to specify your modules core compatibility. As per the change record there is a new key to add you your module info.yml file:

core_version_requirement: ^8 || ^9

This new key allows you to use composer-style version constraints and tells Drupal your module is compatible with Drupal 8 and 9.

Summary

That's it! There aren't many steps required to get your site ready for Drupal 9, and the best news is you can do it now and be ready the day Drupal 9 is released.

 

Tagged Drupal 9
Categories:

myDropWizard.com: Drupal 6 security update for CKEditor module

Planet Drupal - Wed, 2020/03/18 - 9:22pm

As you may know, Drupal 6 has reached End-of-Life (EOL) which means the Drupal Security Team is no longer doing Security Advisories or working on security patches for Drupal 6 core or contrib modules - but the Drupal 6 LTS vendors are and we're one of them!

Today, there is a Moderately Critical security release for the CKEditor module to fix a Cross Site Scripting (XSS) vulnerability.

The CKEditor module provides one way to integrate CKEditor into Drupal.

Due to the usage of the JavaScript eval() function on non-filtered data in the admin section, it was possible for a user with permission to create content visible in the admin area to inject specially crafted malicious script.

The problem existed in CKEditor module for Drupal, not in JavaScript libraries with the same names, however, it's highly recommended that you update to the latest version of the CKEditor JavaScript library as well, because it also recently fixed some XSS vulnerabilities.

See the security advisory for Drupal 7 for more information.

Here you can download the Drupal 6 patch or the full release.

If you have a Drupal 6 site using the CKEditor module, we recommend you update immediately! We have already deployed the patch for all of our Drupal 6 Long-Term Support clients. :-)

If you'd like all your Drupal 6 modules to receive security updates and have the fixes deployed the same day they're released, please check out our D6LTS plans.

Note: if you use the myDropWizard module (totally free!), you'll be alerted to these and any future security updates, and will be able to use drush to install them (even though they won't necessarily have a release on Drupal.org).

Categories:

Lullabot: Using Drupal in a Pandemic

Planet Drupal - Wed, 2020/03/18 - 7:51pm

One of the founders of Lullabot and former CEO, Jeff Robbins, used to joke that Lullabot has "built-in disaster recovery" because the employees are accustomed to working from just about anywhere. Lullabot, one of the first Drupal consulting companies, started in 2006 after Matt Westgate and Jeff Robbins met on Drupal.org. Drupal has been at the heart of Lullabot's work for more than 14 years, and the core of what Jeff suggested could apply similarly to the Drupal community.

Categories:

MidCamp - Midwest Drupal Camp: MidCamp Thursday (March 19) Schedule

Planet Drupal - Wed, 2020/03/18 - 7:34pm
MidCamp Thursday (March 19) Schedule

MidCamp is almost here!  We’re thrilled to kick-off sessions tomorrow (3/19) and have a full line-up from 9:00am - 3:45pm CDT. We’re leveraging a virtual format for the first time, so each session page has a direct link to join the presentation via Zoom. We encourage you to share the following schedule with colleagues and look forward to having you join us!  No need to register – the more, the merrier!

How will it work?

Each session page has a direct link to join the presentation via Zoom. The rooms will open shortly before the first presentation each day and stay open throughout the day.

Here’s what you need to attend the sessions: 

  • Any device that can run Zoom (computer, phone, tablet)
  • Headphones (recommended)
  • Good internet/wifi
  • Zoom - downloaded on your device
Thursday's Schedule

9:00am - 9:30 am CDT

  • Welcoming Words

9:45am - 10:45am CDT

  • Build it better, stupid:  Using design systems for scalability
  • Live Captioning:  Make your next event accessible for everyone
  • Your data model is terrible! Let me show you why
  • Battle for online privacy
  • Caching Large Navigation Menus in Drupal

9:45am - 12:00pm CDT

  • [Half-day] Getting started with Drupal 8

11:00am - 12:00pm CDT

  • MUDdying the waters:  Creating text-based adventure games using Drupal and Slack
  • Scope in CSS with and without JavaScript
  • When there’s not a module for that
  • Maximum PhpStorm

1:15pm - 1:45pm CDT

  • Embracing usability and accessibility:  a Pace case study
  • Surviving the Drupal learning curve
  • Decoupling Drupal commerce to multiple and scale the front-end
  • How content editors use the layout builder:  What the user research shows

2:00pm - 2:30pm CDT

  • Bringing chart-making out of the back-end
  • Custom Drupal data migration: a Georgia GovHub story
  • Preparing custom and contributed code for Drupal 9

2:45pm - 3:45pm CDT

  • Planning for personalization:  Tips for Dev, Design, and I&A
  • Taking maximum advantage of Drupal core’s composer template
  • Automate Drupal 9 upgrades:  Addressing deprecated code as a community
  • From squiggles to straight lines:  Sketch to make decisions & get on with it

To join any of these presentations, you can check out our Thursday session schedule and click the Zoom link.
 

Volunteers needed!

Be a part of something BIG! Help MidCamp go virtual by volunteering! We have plenty of space for those who want to contribute. We need room monitors and hosts to keep the Zoom presentations running smoothly! After all, there are many ways to give back to #Drupal besides code. Fill out our volunteer survey if you're interested. We'll have a training at 4PM CDT today, and it will be recorded for folks who aren't able to join. Check #volunteers in the MidCamp Slack for more info.

Virtual game night sponsored by Palantir.net

Don’t forget to join us tomorrow (3/19) evening, from 6-9pm CDT, to take part in a gaming session group. There will be digital adaptations of tabletop games available directly from your web browser. Look forward to gaming with you!

Categories:

Drudesk: Automatic website updates in Drupal: finally there!

Planet Drupal - Wed, 2020/03/18 - 6:26pm

Automatic website updates are incredibly convenient, whatever CMS your site is built on. Unfortunately, the automation of Drupal website updates used to be impossible. But now we have great news for all Drupal 7 and Drupal 8 website owners — automatic website updates are already there! Read on to discover more details.

Categories:

Security advisories: Drupal core - Moderately critical - Third-party library - SA-CORE-2020-001

Planet Drupal - Wed, 2020/03/18 - 6:07pm
Project: Drupal coreVersion: 8.8.x-dev8.7.x-devDate: 2020-March-18Security risk: Moderately critical 13∕25 AC:Complex/A:User/CI:Some/II:Some/E:Proof/TD:DefaultVulnerability: Third-party libraryDescription: 

The Drupal project uses the third-party library CKEditor, which has released a security improvement that is needed to protect some Drupal configurations.

Vulnerabilities are possible if Drupal is configured to use the WYSIWYG CKEditor for your site’s users. When multiple people can edit content, the vulnerability can be used to execute XSS attacks against other people, including site admins with more access.

The latest versions of Drupal update CKEditor to 4.14 to mitigate the vulnerabilities.

Solution: 

Install the latest version:

Versions of Drupal 8 prior to 8.7.x have reached end-of-life and do not receive security coverage.

The CKEditor module can also be disabled to mitigate the vulnerability until the site is updated.

Note for Drupal 7 users

Drupal 7 core is not affected by this release; however, users who have installed the third-party CKEditor library (for example, with a contributed module) should ensure that the downloaded library is updated to CKEditor 4.14 or higher, or that CDN URLs point to a version of CKEditor 4.14 or higher. Disabling all WYSIWYG modules can mitigate the vulnerability until the site is updated.

Categories:

Tag1 Consulting: What's ahead on Claro's roadmap and how you can get involved - part 4

Planet Drupal - Wed, 2020/03/18 - 4:59pm
Drupal has seen a range of administrative experiences over its history, starting with early Drupal mainstays like the Garland theme and Seven, perhaps the most recognizable iteration of Drupal's editorial experience in its history. Recently, another administration theme joined the pantheon of administration themes in Drupal core that have had an outsized influence on how users interact with Drupal not only for the first time but for countless times afterwards. The Claro administration theme is a new theme for Drupal 8, now available in Drupal core, which offers a more modern user experience thanks to its emphasis on usability and accessibility during the design and development process.Read more preston Wed, 03/18/2020 - 08:59
Categories:

Promet Source: Words Matter: Communication in a Time of Crisis

Planet Drupal - Wed, 2020/03/18 - 12:35am
Current realities are rapidly shifting for all of us. What to do now? What can we expect?  During a time of crisis, the quality of communications can have a huge impact, and not just in the moment. The effects of what is said and what is not said will linger, and reveal much about the organization, its leadership, and individuals involved. 
Categories: